Rev 6 | Rev 67 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
6 | magnus | 1 | ******************************** |
2 | * SHOULD YOU USE THIS PACKAGE? * |
||
3 | ******************************** |
||
4 | |||
5 | Since version 4.50, Exim has the content-scanning extension formerly |
||
6 | known as "exiscan" built-in. It has a number of advantages and |
||
7 | disadvantages compared to SA-Exim. |
||
8 | |||
9 | Advantages of built-in content-scanning interface: |
||
10 | |||
11 | * One less configuration file to edit. |
||
12 | * Spam control policy integrates better with Exim's ACL system. |
||
13 | * It's possible to tell SA which user to scan for (the -u parameter of |
||
14 | spamc). SA-Exim can't do that (yet). |
||
15 | * Finer control over the mail header is possible, but not in a clean |
||
16 | way (it involves putting all header fields you might possibly want |
||
17 | to add in the report template, and using rather complicated |
||
18 | expansion expressions to extract the wanted ones from |
||
19 | $spam_report). At any rate, you can choose a prefix different from |
||
20 | "X-Spam-". |
||
21 | |||
22 | Advantages of SA-Exim: |
||
23 | |||
24 | * It is possible to use the report_safe feature, which turns mail |
||
25 | deemed to be spam into a message/rfc822 attachment of a report |
||
26 | message. (Note however that if you do, then any X-SA-* fields added |
||
27 | to help the greylisting module can't be removed.) |
||
28 | * All the add_header and rewrite_header options in |
||
29 | /etc/spamassassin/local.cf will be obeyed. In other words, |
||
30 | everything will be *almost* as if you filtered the mail through |
||
31 | spamassassin on the command line. |
||
32 | * So-called teergrubing ("tarpitting") is possible in a way that |
||
33 | isn't possible with exiscan (I'm not in any way saying that it |
||
34 | works as a counterattack against spammers). |
||
35 | * You can simply add the sa-exim package to a standard exim4 |
||
36 | installation and it should, in principle, instantly work (except |
||
37 | you have to uncomment one line in sa-exim.conf). |
||
38 | |||
39 | Both alternatives enable you to defer, greylist, reject, and blackhole |
||
40 | mail, optionally saving copies, at configurable score levels. |
||
41 | |||
1 | magnus | 42 | ***************** |
43 | * CONFIGURATION * |
||
44 | ***************** |
||
45 | |||
46 | This version of the sa-exim package defaults to placing a configuration |
||
47 | sniplet in /etc/exim4/conf.d/. Depending on what you have answered to the |
||
48 | DebConf questions while configuring Exim4, the module will be loaded |
||
49 | automatically, or human intervention is required. |
||
50 | |||
6 | magnus | 51 | To find out what configuration file Exim4 is using, issue: |
1 | magnus | 52 | |
53 | $ exim4 -bV | tail -1 |
||
54 | Configuration file is /path/to/configfile |
||
55 | |||
56 | If /path/to/configfile shows: |
||
57 | |||
58 | - /etc/exim4/exim4.conf |
||
6 | magnus | 59 | You are using the hand-crafted configuration file. |
60 | See the 'HAND-CRAFTED' section below. |
||
1 | magnus | 61 | |
62 | - /var/lib/exim4/config.autogenerated |
||
6 | magnus | 63 | You are using the debianized configuration scheme - with either |
64 | 'split' or 'unsplit' configuration file. |
||
65 | See the 'DEBIANIZED' section below. |
||
1 | magnus | 66 | |
67 | |||
6 | magnus | 68 | HAND-CRAFTED |
69 | ------------ |
||
1 | magnus | 70 | |
71 | Use 'grep "local_scan_path" /etc/exim4/exim4.conf" to see if the sa-exim |
||
72 | line is included in the configuration. If grep returns something, check |
||
73 | if it matches the following line. If grep returns nothing, you have to |
||
74 | manually add the following line to the exim4.conf file and restart exim4. |
||
75 | |||
76 | local_scan_path = /usr/lib/exim4/local_scan/sa-exim.so |
||
77 | |||
78 | Change or add the line above and manually restart exim4 by issuing |
||
6 | magnus | 79 | 'invoke-rc.d exim4 reload' or '/etc/init.d/exim4 reload' as root. |
1 | magnus | 80 | |
81 | |||
6 | magnus | 82 | DEBIANIZED |
83 | ---------- |
||
1 | magnus | 84 | |
6 | magnus | 85 | Use 'grep "local_scan_path" /var/lib/exim4/config.autogenerated' to |
86 | see if the sa-exim line is included in the configuration. If grep |
||
87 | returns something, you're set and already using the sa-exim module. If |
||
88 | grep returns nothing, we need to figure out a few things: |
||
1 | magnus | 89 | |
90 | Issue: |
||
91 | $ grep "use_split_config" /etc/exim4/update-exim4.conf.conf |
||
92 | dc_use_split_config='true' |
||
93 | |||
6 | magnus | 94 | If your result shows 'false' where mine shows 'true', then you're |
95 | using the unsplit configuration, generated from |
||
96 | /etc/exim4/exim4.conf.template. If you haven't customized that file |
||
97 | you could edit /etc/exim4/update-exim4.conf.conf by hand, change the |
||
98 | 'false' to 'true' and issue 'update-exim4.conf' as root. Then, check |
||
99 | again if the sa-exim module line is included. It should. If it still |
||
100 | isn't: mail me. If it is, restart exim4 by issuing 'invoke-rc.d exim4 |
||
101 | restart' or '/etc/init.d/exim4 restart' as root. If you *have* |
||
102 | customized /etc/exim4/exim4.conf.template, then you'd better stick |
||
103 | with the unsplit configuration scheme and add the local_scan_path |
||
104 | setting by hand, like with the hand-crafted configuration file. |
||
1 | magnus | 105 | |
106 | Next, read all about greylisting and sa-exim: |
||
107 | |||
108 | *************** |
||
109 | * GREYLISTING * |
||
110 | *************** |
||
111 | Notes on greylisting with sa-exim. |
||
112 | |||
113 | If you use SpamAssassin 3.0 or better, you do not need to patch it, you |
||
114 | can just use the Greylisting module shipped with sa-exim. |
||
115 | The only thing you need to do to enable it, is to copy the 4 lines below |
||
116 | loadplugin in the greylisting README, and adjust the score if you wish (see |
||
46 | magnus | 117 | README.Greylisting for details). |
1 | magnus | 118 | |
46 | magnus | 119 | *********************************** |
120 | * PROBLEMS WITH BAYES AUTO-EXPIRY * |
||
121 | *********************************** |
||
1 | magnus | 122 | |
46 | magnus | 123 | When scanning mail during the SMTP dialogue there is somewhat limited |
124 | time before the remote host gives up, even if they should wait for at |
||
125 | least ten minutes. To avoid Exim returning a temporary error status, |
||
126 | or the remote host giving up prematurely and in some cases for good, |
||
127 | SA-Exim overrides Exim's timeout handler and accepts the message if |
||
128 | SpamAssassin takes too long, by default 240 seconds. |
||
1 | magnus | 129 | |
46 | magnus | 130 | Using SpamAssassin's Bayesian learning module means that it will |
131 | automatically expire old tokens when its database has grown too large. |
||
132 | That can take several minutes. If it takes too long, SA-Exim will |
||
133 | abort it, meaning that SpamAssassin will run auto-expiry again next |
||
134 | time, and be aborted, and so on... |
||
1 | magnus | 135 | |
46 | magnus | 136 | If this happens, you have a few remedies: |
1 | magnus | 137 | |
46 | magnus | 138 | 1) Set SAtimeout to a higher value in /etc/exim4/sa-exim.conf. |
1 | magnus | 139 | |
46 | magnus | 140 | 2) Run sa-learn --force-expire periodically. How you run it depends on |
141 | how you've configured SpamAssassin. Running it as Debian-exim may |
||
142 | be sufficient. |
||
1 | magnus | 143 | |
46 | magnus | 144 | 2 a) In addition, you can add |
1 | magnus | 145 | |
46 | magnus | 146 | bayes_auto_expire 0 |
1 | magnus | 147 | |
46 | magnus | 148 | to /etc/spamassassin/local.cf. This may not be a good idea if |
149 | SpamAssassin, for whatever reason, is also used as a more |
||
150 | traditional filter from e.g. .procmailrc, as all users will need to |
||
151 | run sa-learn --force-expire then. |
||
1 | magnus | 152 | |
46 | magnus | 153 | 2 b) If you get a lot of mail, consider adding |
6 | magnus | 154 | |
46 | magnus | 155 | bayes_learn_to_journal 1 |
6 | magnus | 156 | |
46 | magnus | 157 | to local.cf. See the Mail::SpamAssassin::Conf(3) manual page for |
158 | more information. |
||
159 | |||
6 | magnus | 160 | ********************************** |
161 | * NOTICE ABOUT SPAMC CONFIG FILE * |
||
162 | ********************************** |
||
163 | |||
164 | Recent versions of spamc can read command-line parameters and switches |
||
165 | from a configuration file called /etc/spamassassin/spamc.conf. If that |
||
166 | file specifies conflicting options, it will prevent SA-Exim from |
||
167 | working. For now, you'll have to make sure that it doesn't. |
||
46 | magnus | 168 | |
169 | -- Magnus Holmgren <holmgren@debian.org>, Tue, 24 Jun 2008 14:27:59 +0200 |