Re: SpamAssassin Integration
Martin Gregorie-2 wrote: How are you assembling the message? About the best you can do is to grab it as a text string when the message is ready to be sent to the mail server. At thius point it should contain the headers your program has added and the assembled MIME format body, The string can then be written to spamc's stdin and its output read from stdout. Run spamc with the -R option: this will cause it to output a formatted report about the message preceeded with a line reading n/m (n=score, m=spam threshhold). If your mail client is written in Java you're probably using JavaMail. In this case the message will probably have been assembled in a MimeMessage object. When that's complete, i.e. just before you call the Transport.send() method to send the message, call MimeMessage.writeTo(OutputStream) and copy everything read from the OutputStream to spamc's stdin as described above. Hi Martin, Your recommended/suggested solution of assembly message exactly meets my use case requirement. Thanks for letting me know the existence of the method MimeMessage.writeTo(OutputStream). That's great! Thanks once again for that valuable solution. Regards, Gnanam -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28922585.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
Jari Fredriksson wrote: You need to prepare a valid looking email message from the text the web app produces. It needs all the required headers before the actual body of text to work. You may need to study SMTP RFC's to get it right, the simple looking headers like Date: and Received: need to be carefully crafted after the standards. The just use ProcessBuilder in your Java app to connect to spamc and pass the message for it, and read the results. -- http://www.iki.fi/jarif/ I use PGP. If there is an incompatibility problem with your mail client, please contact me. Is it not possible to test spam score for only the email content part of the email message with SpamAssassin? That means, I just want to test spam score of .html, .txt file extension types only. In case if I want to prepare a valid looking email message, as you had suggested, with simple looking headers, etc., can you share me relevant documentation links on the same? BTW, what does PGP mean that I found from your signature? -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28910744.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
Frank Heydlauf-2 wrote: Would this really help? Could you tell us a bit more about your problem itself? The reason I ask is: the mailbody is a very small part of what is commonly used for antispam measures. Header is added afterwards, IP is not yet known, HELO is not known, no reputation, no RBLs, no phyzor/razor/... It's not easy to get a SA score 5 if anything else is OK (IP reputation/RBLs, DNS, Header, HELO, ...) - just try yourself (spamassassin -t testmail). So - in my eyes - body-testing will give you little benefit - at least as long you are not developing a spam toolkit. More about my problem: Recently our application Users have started complaining that mails sent from our application are reaching recipient's Junk E-mail folder instead of Inbox. That is rate of false positives is high. We've also verified other anti-spam measures from our side like whether our server IP address is blacklisted with any anti-spam websites (Spamhaus, SORBS, etc.) but it was not the case. Then we found that least we can do from application context is by allowing Users to test spam score of their email content before they actuall send emails. I agree with you that mailbody is one of the part of what is commonly used for antispam measures but still we want to advise/allow our application Users to test spam score of their email body/content. Reason I'm saying this is that since the entire email body/content is composed by Users, atleast by running spam score test, spam triggering properties within email content can be avoided. Hope this clarifies the situation. Can SpamAssassin be used to test spam score of .html, .txt file extension types, that is email body/content part of the email message? -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28911147.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
On Thu, Jun 17, 2010 at 12:17:10AM -0700, Gnanam wrote: Can SpamAssassin be used to test spam score of .html, .txt file extension types, that is email body/content part of the email message? that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. btw: http://lmgtfy.com/?q=PGP -- Regards Frank
Re: SpamAssassin Integration
Frank Heydlauf-2 wrote: that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. How do I create a complete mail with header, etc.? Is there any standard/rule for creating a complete email message that is compliant with SA? Relevant links, documentation, etc. for the same are appreciated? -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28913486.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
Frank Heydlauf-2 wrote: that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. On 17.06.10 05:02, Gnanam wrote: How do I create a complete mail with header, etc.? Is there any standard/rule for creating a complete email message that is compliant with SA? Relevant links, documentation, etc. for the same are appreciated? very hardly. It would be nice if the server SW showed how it came to conclution that the mails are spammy... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Where do you want to go to die? [Microsoft]
Re: SpamAssassin Integration
On 6/17/2010 8:02 AM, Gnanam wrote: Frank Heydlauf-2 wrote: that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. How do I create a complete mail with header, etc.? Is there any standard/rule for creating a complete email message that is compliant with SA? Relevant links, documentation, etc. for the same are appreciated? The best docs would be the RFC standards: RFC 2822 Internet Message Format RFC 822 (obsoleted by above, but sometimes useful for understanding the history of the format, making intent clearer.)
Re: SpamAssassin Integration
On Thu, 2010-06-17 at 05:02 -0700, Gnanam wrote: Frank Heydlauf-2 wrote: that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. How do I create a complete mail with header, etc.? Is there any standard/rule for creating a complete email message that is compliant with SA? Relevant links, documentation, etc. for the same are appreciated? How are you assembling the message? About the best you can do is to grab it as a text string when the message is ready to be sent to the mail server. At thius point it should contain the headers your program has added and the assembled MIME format body, The string can then be written to spamc's stdin and its output read from stdout. Run spamc with the -R option: this will cause it to output a formatted report about the message preceeded with a line reading n/m (n=score, m=spam threshhold). If your mail client is written in Java you're probably using JavaMail. In this case the message will probably have been assembled in a MimeMessage object. When that's complete, i.e. just before you call the Transport.send() method to send the message, call MimeMessage.writeTo(OutputStream) and copy everything read from the OutputStream to spamc's stdin as described above. Martin
Re: SpamAssassin Integration
At 05:18 17-06-10, Matt Kettler wrote: The best docs would be the RFC standards: RFC 2822 Internet Message Format RFC 822 (obsoleted by above, but sometimes useful for understanding the history of the format, making intent clearer.) RFC 2822 obsoleted by RFC 5322. Regards, -sm
Re: SpamAssassin Integration
On 17.6.2010 9:19, Gnanam wrote: BTW, what does PGP mean that I found from your signature? http://en.wikipedia.org/wiki/Pretty_Good_Privacy -- http://www.iki.fi/jarif/ I use PGP. If there is an incompatibility problem with your mail client, please contact me. O, it is excellent To have a giant's strength; but it is tyrannous To use it like a giant. -- Shakespeare, Measure for Measure, II, 2 signature.asc Description: OpenPGP digital signature
SpamAssassin Integration
Hi, I want to integrate SpamAssassin in my web-based application to test spam score of the email content that our application User's wish to send in mail composing page itself - even before sending. When I say mail composing page here, it is not an email client like Outlook, Outlook Express, etc. but rather it is a regular/normal web-based form with HTML editor. How do I integrate SpamAssassin for my Use Case explained above? Relevant documentation links on the same are appreciated. Regards, Gnanam -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28903365.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
On 16.6.2010 17:18, Gnanam wrote: Hi, I want to integrate SpamAssassin in my web-based application to test spam score of the email content that our application User's wish to send in mail composing page itself - even before sending. When I say mail composing page here, it is not an email client like Outlook, Outlook Express, etc. but rather it is a regular/normal web-based form with HTML editor. How do I integrate SpamAssassin for my Use Case explained above? Relevant documentation links on the same are appreciated. You need to prepare a valid looking email message from the text the web app produces. It needs all the required headers before the actual body of text to work. You may need to study SMTP RFC's to get it right, the simple looking headers like Date: and Received: need to be carefully crafted after the standards. The just use ProcessBuilder in your Java app to connect to spamc and pass the message for it, and read the results. -- http://www.iki.fi/jarif/ I use PGP. If there is an incompatibility problem with your mail client, please contact me. Exercise caution in your daily affairs. signature.asc Description: OpenPGP digital signature
Re: SpamAssassin Integration
On Wed, 16 Jun 2010, Gnanam wrote: I want to integrate SpamAssassin in my web-based application to test spam score of the email content... If this is your own custom web software, then it is as simple as adding a call to spamassassin (or spamc) in the same area of the script that validates things like the format of e-mail addresses. You can keep it simple and just report spamassassin's exit code, or you could parse the results from SA and pass them back to your user, so that they know what rules were triggered, and how to correct their e-mail. If your web interface is pre-packaged piece of software, then it likely sends mail via your local SMTP server by calling 'sendmail' or an equivalent function that mimics that command. As long as the web client handles SMTP rejections and notifies users of problems sending, you should be able to run spamassassin normally in the context of your outgoing mail server. - Charles
Re: SpamAssassin Integration
Hi, On Wed, Jun 16, 2010 at 07:18:57AM -0700, Gnanam wrote: I want to integrate SpamAssassin in my web-based application to test spam score of the email content that our application User's wish to send in mail composing page itself - even before sending. When I say mail composing page here, it is not an email client like Outlook, Outlook Express, etc. but rather it is a regular/normal web-based form with HTML editor. Would this really help? Could you tell us a bit more about your problem itself? The reason I ask is: the mailbody is a very small part of what is commonly used for antispam measures. Header is added afterwards, IP is not yet known, HELO is not known, no reputation, no RBLs, no phyzor/razor/... It's not easy to get a SA score 5 if anything else is OK (IP reputation/RBLs, DNS, Header, HELO, ...) - just try yourself (spamassassin -t testmail). So - in my eyes - body-testing will give you little benefit - at least as long you are not developing a spam toolkit. -- Regards Frank
Re: SpamAssassin Integration
If this is your own custom web software, then it is as simple as adding a call to spamassassin (or spamc) in the same area of the script that validates things like the format of e-mail addresses. I want to do spam score test for only the email content part of the email message. In that case, is it possible to call spamassassin or spamc? Based on spamc documentation here http://spamassassin.apache.org/full/3.1.x/doc/spamc.html, it accepts only email message as it command-line argument. Is it possible to pass .html, .txt extension file types, since I want to get spam score of the email content part only and not the entire email message itself? If your web interface is pre-packaged piece of software, then it likely sends mail via your local SMTP server by calling 'sendmail' or an equivalent function that mimics that command. As long as the web client handles SMTP rejections and notifies users of problems sending, you should be able to run spamassassin normally in the context of your outgoing mail server. Mine is our own custom web software except that we've signed-up with a third-party SMTP service provider to send emails, so this SMTP server is completely managed and maintained by this third-party. Yes, as you rightly said, spamassassin is already running/integrated with this third-party SMTP mail service provider. What we want to achieve in our application is that before actually sending mails, Users themselves can run spam score test on one portion of their email message, that is their email content part. -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28910672.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Postfix/SpamAssassin Integration
Gary W. Smith wrote: In master.cf we have: smtp inet n - n - - smtpd -o content_filter=filter: filterunix - n n - - pipe flags=Rq user=filter argv=/etc/mail/spamassassin/filter.sh -f ${sender} -- ${recipient} filter.sh: spamc -u filter -d 10.0.13.28,10.0.14.22,10.0.13.31 | sendmail -i $@ This is very similiar to what I do now, execpt you use an external script for piping the email to spamc and then to sendamil.. So in your configuration what occurs when spamc cannot connect to spamd? My guess and tests show that it just gets passed to sendmail without getting scanned. Is that what occurs for you? Alternatively you can defer it yourself. Nothing says you have to re-inject it back to sendmail. There is some pseudo code that we do in dev. Tee -a sometmpfile | spamc -params-you-see-fix | sometmpfile.sa Check for sa flag in sometmpfile.sa or return codes, etc If there is, cat sometmpfile.sa, unlink original Else Move tmpfile to your queue directory get some caffine as you will need to write a crontab retests those queued email if that job works, reinject into sendmail I would really like to keep away from dealing with this type of method. Any other thoughts? - James
Re: Postfix/SpamAssassin Integration
On Freitag, 7. April 2006 14:09 James Keating wrote: Any other thoughts? I just found this: http://wiki.apache.org/spamassassin/IntegratePosfixViaSpampd mfg zmi -- // Michael Monnerie, Ing.BSc- http://it-management.at // Tel: 0660/4156531 .network.your.ideas. // PGP Key: lynx -source http://zmi.at/zmi3.asc | gpg --import // Fingerprint: 44A3 C1EC B71E C71A B4C2 9AA6 C818 847C 55CB A4EE // Keyserver: www.keyserver.net Key-ID: 0x55CBA4EE pgpFFgiZkaHIg.pgp Description: PGP signature
Re: Postfix/SpamAssassin Integration
Michael Monnerie wrote: On Freitag, 7. April 2006 14:09 James Keating wrote: Any other thoughts? I just found this: http://wiki.apache.org/spamassassin/IntegratePosfixViaSpampd mfg zmi I have already tried this script and it was very close to what I was wanting, but it does not connect to spamd in any manner. It actually uses the perl libraries to interact with spamassassin in it's own manner, plus it is not designed to use per user preferences/bayes/awl. Thanks anyway Michael. - James
Re: Postfix/SpamAssassin Integration
Michael Monnerie wrote: I just found this: http://wiki.apache.org/spamassassin/IntegratePosfixViaSpampd mfg zmi I have already tried this script and it was very close to what I was wanting, but it does not connect to spamd in any manner. It actually uses the perl libraries to interact with spamassassin in it's own manner, plus it is not designed to use per user preferences/bayes/awl. Thanks anyway Michael. - James
Re: Postfix/SpamAssassin Integration
Attached is what I use, found it on a webpage about installing SA when I was going through it. Customized slightly for my local usernames and ways of doing things. When spamd dies, all mail continues to come through, it just doesn't get analyzed by SA until spamd gets restarted. Here's my config bits: Postfix: master.cf: smtp inet n - n - - smtpd -o content_filter=spamchk:dummy spamchk unix - n n - 20 pipe flags=Rq user=spamfilter argv=/usr/local/bin/spamchk -f ${sender} -- ${recipient} attached files: spamchk - the filter script that gets called, pushes messages over to spamc... note I commented out the bottom half of the script snice I don't use that functionality currently, but may on other boxes in the future so I left it there for reference. spamdcheck.sh - wrote this scruipt to run every 5 minutes to check to see if spamd is running. I've had instances where spamd just dies in the middle of the night, but leaves the pidfile there, so I wrote this to check and restart... might be crude, if anyone has suggestions on bettering it, please do (also it monitors the number of spamd children to tell me if I need to adjust child parameters if I'm running too many processes). Any questions, let me know. -Gary On Fri, 7 Apr 2006, James Keating wrote: Michael Monnerie wrote: On Freitag, 7. April 2006 14:09 James Keating wrote: Any other thoughts? I just found this: http://wiki.apache.org/spamassassin/IntegratePosfixViaSpampd mfg zmi I have already tried this script and it was very close to what I was wanting, but it does not connect to spamd in any manner. It actually uses the perl libraries to interact with spamassassin in it's own manner, plus it is not designed to use per user preferences/bayes/awl. Thanks anyway Michael. - James #!/bin/sh # # SpamAssassin Spamd checking script # # # # Original script written by Gary Margiotta ([EMAIL PROTECTED]) 3/2006 # # # # Run the check to see if spamd is running by running a ps and checking the number of # # lines returned. If the test returns with less then 3 process lines, assume that # # spamd is not running, since there should be no less than 6 processes active at# # any given time. In that case, check for a stale pidfile, remove it and then restart # # spamd with the usual startup parameters, and mail the output to the admin to let them # # know the process died and was restarted automatically. # # # # PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export PATH; DATE=`date +%Y%m%d%H%M` SPAMDHOME=/data/home/spamd LOGFILE=/tmp/spamdrestart-${DATE}.txt PIDFILE=spamd.pid PSCHECK=`ps -ax | grep spamd | wc -l` PSLOG=/tmp/pschecksa.log # Running the check and outputting to logfile for testing purposes if [ -f ${PSLOG} ]; then rm -f ${PSLOG} fi echo ${PSCHECK} ${PSLOG} # # As an aside, check to see whether we need to adjust the number of child # processes running. # if [ ${PSCHECK} -gt 16 ]; then echo ${DATE} ${LOGFILE} echo ${LOGFILE} echo spamd children exceeded 15, consider bumping max ${LOGFILE} echo ${LOGFILE} cat ${LOGFILE} | mail [EMAIL PROTECTED] exit 0 fi # Here's the meat of it if [ ${PSCHECK} -le 5 ]; then echo ${DATE} ${LOGFILE} echo ### ${LOGFILE} echo # # ${LOGFILE} echo # spamd doesn't appear to be running, attemping restart # ${LOGFILE} echo # # ${LOGFILE} echo ### ${LOGFILE} # # Checking for an existing pidfile # if [ -f ${SPAMDHOME}/${PIDFILE} ]; then echo ${LOGFILE} echo Old pidfile found, removing... ${LOGFILE} rm -f ${SPAMDHOME}/${PIDFILE} echo ${SPAMDHOME}/${PIDFILE} removed. ${LOGFILE} echo ${LOGFILE} fi echo ${LOGFILE} echo Restarting spamd... ${LOGFILE} spamd --daemonize --username spamd --max-children=20 --min-spare=5 --pidfile ${SPAMDHOME}/${PIDFILE}
RE: Postfix/SpamAssassin Integration
Quoting Gary W. Smith [EMAIL PROTECTED]: James, Timeout is 600 seconds. If spamd doesn't have respond in that amount of time them there is something else is wrong. I suppose that if all of the spamd threads are clogged then you might find a waiting list but 600 seconds is a lifetime. That is the point :-) If spamd crashes for some reason (I haven't seen this personally, but no program is perfect), can spamc defer the message back into postfix's queue? Gary - What method do you use for invocating spamassassin? - James
Postfix/SpamAssassin Integration
Dear Sirs/Madams, I have been attempting to properly integrate SpamAssassin into Postfix and have not found the solution that I am looking for. Currently I have Spamassassin running as a daemon (spamd, version 3.1.0a-2) which uses MySQL to store Bayes, AWL, user preferences and stats. Postfix is currently configured to connect to spamd using a pipe setup inside master.cf. Here is the current configuration: smtp inet n - - - 50 smtpd -o content_filter=spamassassin spamassassin unix - n n - 50 pipe user=nobody argv=/usr/bin/spamc -u ${recipient} -d localhost -e /usr/lib/sendmail -oi -f ${sender} ${recipient} This setup appears to work properly but I am concerned about what happens when/if spamc cannot communicate properly with spamd. Currently if spamd is not functioning or is dead, the message is passed through to sendmail, instead of being deferred and placed back into the queue until spamc can connect to spamd. I have modified the spamc flags to contain -x (which is supposed to stop the graceful fall back), but sendmail is still passed the message and it is delivered to the user. I have already tried amavisd-new, spampd, qpsmtpd and a simple shell script for connecting to spamassassin. None of these allow me to fully use spamassassin's per user preferences and get proper fall back when/if spamd is dead. I am hoping there is another option that I have not tried yet. Any input would be greatly anticipated. Thanks, James
Re: Postfix/SpamAssassin Integration
James Keating wrote: Dear Sirs/Madams, I have been attempting to properly integrate SpamAssassin into Postfix and have not found the solution that I am looking for. Currently I have Spamassassin running as a daemon (spamd, version 3.1.0a-2) which uses MySQL to store Bayes, AWL, user preferences and stats. Postfix is currently configured to connect to spamd using a pipe setup inside master.cf. Here is the current configuration: smtp inet n - - - 50 smtpd -o content_filter=spamassassin spamassassin unix - n n - 50 pipe user=nobody argv=/usr/bin/spamc -u ${recipient} -d localhost -e /usr/lib/sendmail -oi -f ${sender} ${recipient} This setup appears to work properly but I am concerned about what happens when/if spamc cannot communicate properly with spamd. Currently if spamd is not functioning or is dead, the message is passed through to sendmail, instead of being deferred and placed back into the queue until spamc can connect to spamd. I have modified the spamc flags to contain -x (which is supposed to stop the graceful fall back), but sendmail is still passed the message and it is delivered to the user. I have already tried amavisd-new, spampd, qpsmtpd and a simple shell script for connecting to spamassassin. None of these allow me to fully use spamassassin's per user preferences and get proper fall back when/if spamd is dead. I am hoping there is another option that I have not tried yet. Any input would be greatly anticipated. Thanks, James Is this a high volume mail server? If it is not, you could call spamc/spamd procmail, check the email to see if it has spamassassin results, and if it does not, run it through spamassassin instead This is dangerous if your mail server is high volume because spamassassin chews a lot more resources then spamc/spamd Something like this should do the trick (this is off the cuff, and just a reference, you will have to modify for your exact setup). master.cf spamassassin unix - n n - 50 pipe argv=/usr/bin/procmail -m /path to procmailrc/procmailrc ${sender} ${recipient} :0 * 512000 { :0fw | spamc :0fw * !^X-SPAM-STATUS: | spamassassin } :0 ! -f $@
Re: Postfix/SpamAssassin Integration
[EMAIL PROTECTED] wrote: Is this a high volume mail server? Yes it is rather high volume server, I don't have any estimates on # of messages. Something like this should do the trick (this is off the cuff, and just a reference, you will have to modify for your exact setup). master.cf spamassassin unix - n n - 50 pipe argv=/usr/bin/procmail -m /path to procmailrc/procmailrc ${sender} ${recipient} Procmail really isn't an option in this case, the server is in a tiered setup in which it forwards the mail on to another server which completes delivery. - James
RE: Postfix/SpamAssassin Integration
James, Timeout is 600 seconds. If spamd doesn't have respond in that amount of time them there is something else is wrong. I suppose that if all of the spamd threads are clogged then you might find a waiting list but 600 seconds is a lifetime. We had a misconfigured DNS once that slowed all threads down causing them to take 60 seconds per email and still haven't experienced the problem you have mentioned. -Original Message- From: James Keating [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 05, 2006 6:55 PM To: [EMAIL PROTECTED] Cc: users@spamassassin.apache.org Subject: Re: Postfix/SpamAssassin Integration [EMAIL PROTECTED] wrote: Is this a high volume mail server? Yes it is rather high volume server, I don't have any estimates on # of messages. Something like this should do the trick (this is off the cuff, and just a reference, you will have to modify for your exact setup). master.cf spamassassin unix - n n - 50 pipe argv=/usr/bin/procmail -m /path to procmailrc/procmailrc ${sender} ${recipient} Procmail really isn't an option in this case, the server is in a tiered setup in which it forwards the mail on to another server which completes delivery. - James