Re: SpamAssassin Integration
Martin Gregorie-2 wrote: How are you assembling the message? About the best you can do is to grab it as a text string when the message is ready to be sent to the mail server. At thius point it should contain the headers your program has added and the assembled MIME format body, The string can then be written to spamc's stdin and its output read from stdout. Run spamc with the -R option: this will cause it to output a formatted report about the message preceeded with a line reading n/m (n=score, m=spam threshhold). If your mail client is written in Java you're probably using JavaMail. In this case the message will probably have been assembled in a MimeMessage object. When that's complete, i.e. just before you call the Transport.send() method to send the message, call MimeMessage.writeTo(OutputStream) and copy everything read from the OutputStream to spamc's stdin as described above. Hi Martin, Your recommended/suggested solution of assembly message exactly meets my use case requirement. Thanks for letting me know the existence of the method MimeMessage.writeTo(OutputStream). That's great! Thanks once again for that valuable solution. Regards, Gnanam -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28922585.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
Jari Fredriksson wrote: You need to prepare a valid looking email message from the text the web app produces. It needs all the required headers before the actual body of text to work. You may need to study SMTP RFC's to get it right, the simple looking headers like Date: and Received: need to be carefully crafted after the standards. The just use ProcessBuilder in your Java app to connect to spamc and pass the message for it, and read the results. -- http://www.iki.fi/jarif/ I use PGP. If there is an incompatibility problem with your mail client, please contact me. Is it not possible to test spam score for only the email content part of the email message with SpamAssassin? That means, I just want to test spam score of .html, .txt file extension types only. In case if I want to prepare a valid looking email message, as you had suggested, with simple looking headers, etc., can you share me relevant documentation links on the same? BTW, what does PGP mean that I found from your signature? -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28910744.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
Frank Heydlauf-2 wrote: Would this really help? Could you tell us a bit more about your problem itself? The reason I ask is: the mailbody is a very small part of what is commonly used for antispam measures. Header is added afterwards, IP is not yet known, HELO is not known, no reputation, no RBLs, no phyzor/razor/... It's not easy to get a SA score 5 if anything else is OK (IP reputation/RBLs, DNS, Header, HELO, ...) - just try yourself (spamassassin -t testmail). So - in my eyes - body-testing will give you little benefit - at least as long you are not developing a spam toolkit. More about my problem: Recently our application Users have started complaining that mails sent from our application are reaching recipient's Junk E-mail folder instead of Inbox. That is rate of false positives is high. We've also verified other anti-spam measures from our side like whether our server IP address is blacklisted with any anti-spam websites (Spamhaus, SORBS, etc.) but it was not the case. Then we found that least we can do from application context is by allowing Users to test spam score of their email content before they actuall send emails. I agree with you that mailbody is one of the part of what is commonly used for antispam measures but still we want to advise/allow our application Users to test spam score of their email body/content. Reason I'm saying this is that since the entire email body/content is composed by Users, atleast by running spam score test, spam triggering properties within email content can be avoided. Hope this clarifies the situation. Can SpamAssassin be used to test spam score of .html, .txt file extension types, that is email body/content part of the email message? -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28911147.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
On Thu, Jun 17, 2010 at 12:17:10AM -0700, Gnanam wrote: Can SpamAssassin be used to test spam score of .html, .txt file extension types, that is email body/content part of the email message? that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. btw: http://lmgtfy.com/?q=PGP -- Regards Frank
Re: SpamAssassin Integration
Frank Heydlauf-2 wrote: that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. How do I create a complete mail with header, etc.? Is there any standard/rule for creating a complete email message that is compliant with SA? Relevant links, documentation, etc. for the same are appreciated? -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28913486.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
Frank Heydlauf-2 wrote: that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. On 17.06.10 05:02, Gnanam wrote: How do I create a complete mail with header, etc.? Is there any standard/rule for creating a complete email message that is compliant with SA? Relevant links, documentation, etc. for the same are appreciated? very hardly. It would be nice if the server SW showed how it came to conclution that the mails are spammy... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Where do you want to go to die? [Microsoft]
Re: SpamAssassin Integration
On 6/17/2010 8:02 AM, Gnanam wrote: Frank Heydlauf-2 wrote: that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. How do I create a complete mail with header, etc.? Is there any standard/rule for creating a complete email message that is compliant with SA? Relevant links, documentation, etc. for the same are appreciated? The best docs would be the RFC standards: RFC 2822 Internet Message Format RFC 822 (obsoleted by above, but sometimes useful for understanding the history of the format, making intent clearer.)
Re: SpamAssassin Integration
On Thu, 2010-06-17 at 05:02 -0700, Gnanam wrote: Frank Heydlauf-2 wrote: that will not give you the output you'd expect. Just create a complete mail with header and mime-encoded multipart etc and feed this into SA. How do I create a complete mail with header, etc.? Is there any standard/rule for creating a complete email message that is compliant with SA? Relevant links, documentation, etc. for the same are appreciated? How are you assembling the message? About the best you can do is to grab it as a text string when the message is ready to be sent to the mail server. At thius point it should contain the headers your program has added and the assembled MIME format body, The string can then be written to spamc's stdin and its output read from stdout. Run spamc with the -R option: this will cause it to output a formatted report about the message preceeded with a line reading n/m (n=score, m=spam threshhold). If your mail client is written in Java you're probably using JavaMail. In this case the message will probably have been assembled in a MimeMessage object. When that's complete, i.e. just before you call the Transport.send() method to send the message, call MimeMessage.writeTo(OutputStream) and copy everything read from the OutputStream to spamc's stdin as described above. Martin
Re: SpamAssassin Integration
At 05:18 17-06-10, Matt Kettler wrote: The best docs would be the RFC standards: RFC 2822 Internet Message Format RFC 822 (obsoleted by above, but sometimes useful for understanding the history of the format, making intent clearer.) RFC 2822 obsoleted by RFC 5322. Regards, -sm
Re: SpamAssassin Integration
On 17.6.2010 9:19, Gnanam wrote: BTW, what does PGP mean that I found from your signature? http://en.wikipedia.org/wiki/Pretty_Good_Privacy -- http://www.iki.fi/jarif/ I use PGP. If there is an incompatibility problem with your mail client, please contact me. O, it is excellent To have a giant's strength; but it is tyrannous To use it like a giant. -- Shakespeare, Measure for Measure, II, 2 signature.asc Description: OpenPGP digital signature
SpamAssassin Integration
Hi, I want to integrate SpamAssassin in my web-based application to test spam score of the email content that our application User's wish to send in mail composing page itself - even before sending. When I say mail composing page here, it is not an email client like Outlook, Outlook Express, etc. but rather it is a regular/normal web-based form with HTML editor. How do I integrate SpamAssassin for my Use Case explained above? Relevant documentation links on the same are appreciated. Regards, Gnanam -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28903365.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: SpamAssassin Integration
On 16.6.2010 17:18, Gnanam wrote: Hi, I want to integrate SpamAssassin in my web-based application to test spam score of the email content that our application User's wish to send in mail composing page itself - even before sending. When I say mail composing page here, it is not an email client like Outlook, Outlook Express, etc. but rather it is a regular/normal web-based form with HTML editor. How do I integrate SpamAssassin for my Use Case explained above? Relevant documentation links on the same are appreciated. You need to prepare a valid looking email message from the text the web app produces. It needs all the required headers before the actual body of text to work. You may need to study SMTP RFC's to get it right, the simple looking headers like Date: and Received: need to be carefully crafted after the standards. The just use ProcessBuilder in your Java app to connect to spamc and pass the message for it, and read the results. -- http://www.iki.fi/jarif/ I use PGP. If there is an incompatibility problem with your mail client, please contact me. Exercise caution in your daily affairs. signature.asc Description: OpenPGP digital signature
Re: SpamAssassin Integration
On Wed, 16 Jun 2010, Gnanam wrote: I want to integrate SpamAssassin in my web-based application to test spam score of the email content... If this is your own custom web software, then it is as simple as adding a call to spamassassin (or spamc) in the same area of the script that validates things like the format of e-mail addresses. You can keep it simple and just report spamassassin's exit code, or you could parse the results from SA and pass them back to your user, so that they know what rules were triggered, and how to correct their e-mail. If your web interface is pre-packaged piece of software, then it likely sends mail via your local SMTP server by calling 'sendmail' or an equivalent function that mimics that command. As long as the web client handles SMTP rejections and notifies users of problems sending, you should be able to run spamassassin normally in the context of your outgoing mail server. - Charles
Re: SpamAssassin Integration
Hi, On Wed, Jun 16, 2010 at 07:18:57AM -0700, Gnanam wrote: I want to integrate SpamAssassin in my web-based application to test spam score of the email content that our application User's wish to send in mail composing page itself - even before sending. When I say mail composing page here, it is not an email client like Outlook, Outlook Express, etc. but rather it is a regular/normal web-based form with HTML editor. Would this really help? Could you tell us a bit more about your problem itself? The reason I ask is: the mailbody is a very small part of what is commonly used for antispam measures. Header is added afterwards, IP is not yet known, HELO is not known, no reputation, no RBLs, no phyzor/razor/... It's not easy to get a SA score 5 if anything else is OK (IP reputation/RBLs, DNS, Header, HELO, ...) - just try yourself (spamassassin -t testmail). So - in my eyes - body-testing will give you little benefit - at least as long you are not developing a spam toolkit. -- Regards Frank
Re: SpamAssassin Integration
If this is your own custom web software, then it is as simple as adding a call to spamassassin (or spamc) in the same area of the script that validates things like the format of e-mail addresses. I want to do spam score test for only the email content part of the email message. In that case, is it possible to call spamassassin or spamc? Based on spamc documentation here http://spamassassin.apache.org/full/3.1.x/doc/spamc.html, it accepts only email message as it command-line argument. Is it possible to pass .html, .txt extension file types, since I want to get spam score of the email content part only and not the entire email message itself? If your web interface is pre-packaged piece of software, then it likely sends mail via your local SMTP server by calling 'sendmail' or an equivalent function that mimics that command. As long as the web client handles SMTP rejections and notifies users of problems sending, you should be able to run spamassassin normally in the context of your outgoing mail server. Mine is our own custom web software except that we've signed-up with a third-party SMTP service provider to send emails, so this SMTP server is completely managed and maintained by this third-party. Yes, as you rightly said, spamassassin is already running/integrated with this third-party SMTP mail service provider. What we want to achieve in our application is that before actually sending mails, Users themselves can run spam score test on one portion of their email message, that is their email content part. -- View this message in context: http://old.nabble.com/SpamAssassin-Integration-tp28903365p28910672.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Postfix/SpamAssassin Integration
Gary W. Smith wrote:
In master.cf we have:
smtp inet n - n - - smtpd -o
content_filter=filter:
filterunix - n n - - pipe flags=Rq
user=filter argv=/etc/mail/spamassassin/filter.sh -f ${sender} --
${recipient}
filter.sh:
spamc -u filter -d 10.0.13.28,10.0.14.22,10.0.13.31 | sendmail -i $@
This is very similiar to what I do now, execpt you use an external
script for piping the email to spamc and then to sendamil.. So in your
configuration what occurs when spamc cannot connect to spamd? My guess
and tests show that it just gets passed to sendmail without getting
scanned. Is that what occurs for you?
Alternatively you can defer it yourself. Nothing says you have to
re-inject it back to sendmail.
There is some pseudo code that we do in dev.
Tee -a sometmpfile | spamc -params-you-see-fix | sometmpfile.sa
Check for sa flag in sometmpfile.sa or return codes, etc
If there is,
cat sometmpfile.sa,
unlink original
Else
Move tmpfile to your queue directory
get some caffine as you will need to write a crontab retests
those queued email
if that job works, reinject into sendmail
I would really like to keep away from dealing with this type of method.
Any other thoughts?
- James
Re: Postfix/SpamAssassin Integration
On Freitag, 7. April 2006 14:09 James Keating wrote: Any other thoughts? I just found this: http://wiki.apache.org/spamassassin/IntegratePosfixViaSpampd mfg zmi -- // Michael Monnerie, Ing.BSc- http://it-management.at // Tel: 0660/4156531 .network.your.ideas. // PGP Key: lynx -source http://zmi.at/zmi3.asc | gpg --import // Fingerprint: 44A3 C1EC B71E C71A B4C2 9AA6 C818 847C 55CB A4EE // Keyserver: www.keyserver.net Key-ID: 0x55CBA4EE pgpFFgiZkaHIg.pgp Description: PGP signature
Re: Postfix/SpamAssassin Integration
Michael Monnerie wrote: On Freitag, 7. April 2006 14:09 James Keating wrote: Any other thoughts? I just found this: http://wiki.apache.org/spamassassin/IntegratePosfixViaSpampd mfg zmi I have already tried this script and it was very close to what I was wanting, but it does not connect to spamd in any manner. It actually uses the perl libraries to interact with spamassassin in it's own manner, plus it is not designed to use per user preferences/bayes/awl. Thanks anyway Michael. - James
Re: Postfix/SpamAssassin Integration
Michael Monnerie wrote: I just found this: http://wiki.apache.org/spamassassin/IntegratePosfixViaSpampd mfg zmi I have already tried this script and it was very close to what I was wanting, but it does not connect to spamd in any manner. It actually uses the perl libraries to interact with spamassassin in it's own manner, plus it is not designed to use per user preferences/bayes/awl. Thanks anyway Michael. - James
Re: Postfix/SpamAssassin Integration
Attached is what I use, found it on a webpage about installing SA when I
was going through it. Customized slightly for my local usernames and ways
of doing things.
When spamd dies, all mail continues to come through, it just doesn't get
analyzed by SA until spamd gets restarted.
Here's my config bits:
Postfix:
master.cf:
smtp inet n - n - - smtpd
-o content_filter=spamchk:dummy
spamchk unix - n n - 20 pipe
flags=Rq user=spamfilter argv=/usr/local/bin/spamchk -f ${sender}
-- ${recipient}
attached files:
spamchk - the filter script that gets called, pushes messages over to
spamc... note I commented out the bottom half of the script snice I don't
use that functionality currently, but may on other boxes in the future so
I left it there for reference.
spamdcheck.sh - wrote this scruipt to run every 5 minutes to check to see
if spamd is running. I've had instances where spamd just dies in the
middle of the night, but leaves the pidfile there, so I wrote this to
check and restart... might be crude, if anyone has suggestions on
bettering it, please do (also it monitors the number of spamd children to
tell me if I need to adjust child parameters if I'm running too many
processes).
Any questions, let me know.
-Gary
On Fri, 7 Apr 2006, James Keating wrote:
Michael Monnerie wrote:
On Freitag, 7. April 2006 14:09 James Keating wrote:
Any other thoughts?
I just found this:
http://wiki.apache.org/spamassassin/IntegratePosfixViaSpampd
mfg zmi
I have already tried this script and it was very close to what I was wanting,
but it does not connect to spamd in any manner. It actually uses the perl
libraries to interact with spamassassin in it's own manner, plus it is not
designed to use per user preferences/bayes/awl.
Thanks anyway Michael.
- James
#!/bin/sh
#
# SpamAssassin Spamd checking script
#
#
#
# Original script written by Gary Margiotta ([EMAIL PROTECTED]) 3/2006
#
#
#
# Run the check to see if spamd is running by running a ps and checking the
number of #
# lines returned. If the test returns with less then 3 process lines, assume
that #
# spamd is not running, since there should be no less than 6 processes active
at#
# any given time. In that case, check for a stale pidfile, remove it and then
restart #
# spamd with the usual startup parameters, and mail the output to the admin to
let them #
# know the process died and was restarted automatically.
#
#
#
#
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin;
export PATH;
DATE=`date +%Y%m%d%H%M`
SPAMDHOME=/data/home/spamd
LOGFILE=/tmp/spamdrestart-${DATE}.txt
PIDFILE=spamd.pid
PSCHECK=`ps -ax | grep spamd | wc -l`
PSLOG=/tmp/pschecksa.log
# Running the check and outputting to logfile for testing purposes
if [ -f ${PSLOG} ];
then
rm -f ${PSLOG}
fi
echo ${PSCHECK} ${PSLOG}
#
# As an aside, check to see whether we need to adjust the number of child
# processes running.
#
if [ ${PSCHECK} -gt 16 ];
then
echo ${DATE}
${LOGFILE}
echo ${LOGFILE}
echo spamd children exceeded 15, consider bumping max ${LOGFILE}
echo ${LOGFILE}
cat ${LOGFILE} | mail [EMAIL PROTECTED]
exit 0
fi
# Here's the meat of it
if [ ${PSCHECK} -le 5 ];
then
echo ${DATE}
${LOGFILE}
echo ###
${LOGFILE}
echo # #
${LOGFILE}
echo # spamd doesn't appear to be running, attemping restart #
${LOGFILE}
echo # #
${LOGFILE}
echo ###
${LOGFILE}
#
# Checking for an existing pidfile
#
if [ -f ${SPAMDHOME}/${PIDFILE} ];
then
echo ${LOGFILE}
echo Old pidfile found, removing... ${LOGFILE}
rm -f ${SPAMDHOME}/${PIDFILE}
echo ${SPAMDHOME}/${PIDFILE} removed. ${LOGFILE}
echo ${LOGFILE}
fi
echo ${LOGFILE}
echo Restarting spamd... ${LOGFILE}
spamd --daemonize --username spamd --max-children=20 --min-spare=5
--pidfile ${SPAMDHOME}/${PIDFILE}
RE: Postfix/SpamAssassin Integration
Quoting Gary W. Smith [EMAIL PROTECTED]: James, Timeout is 600 seconds. If spamd doesn't have respond in that amount of time them there is something else is wrong. I suppose that if all of the spamd threads are clogged then you might find a waiting list but 600 seconds is a lifetime. That is the point :-) If spamd crashes for some reason (I haven't seen this personally, but no program is perfect), can spamc defer the message back into postfix's queue? Gary - What method do you use for invocating spamassassin? - James
Postfix/SpamAssassin Integration
Dear Sirs/Madams,
I have been attempting to properly integrate SpamAssassin into
Postfix and have not found the solution that I am looking for.
Currently I have Spamassassin running as a daemon (spamd, version
3.1.0a-2) which uses MySQL to store Bayes, AWL, user preferences and
stats. Postfix is currently configured to connect to spamd using a pipe
setup inside master.cf. Here is the current configuration:
smtp inet n - - - 50 smtpd -o
content_filter=spamassassin
spamassassin unix - n n - 50 pipe
user=nobody argv=/usr/bin/spamc -u ${recipient} -d localhost -e
/usr/lib/sendmail -oi -f ${sender} ${recipient}
This setup appears to work properly but I am concerned about what
happens when/if spamc cannot communicate properly with spamd. Currently
if spamd is not functioning or is dead, the message is passed through to
sendmail, instead of being deferred and placed back into the queue until
spamc can connect to spamd. I have modified the spamc flags to contain
-x (which is supposed to stop the graceful fall back), but sendmail is
still passed the message and it is delivered to the user.
I have already tried amavisd-new, spampd, qpsmtpd and a simple shell
script for connecting to spamassassin. None of these allow me to fully
use spamassassin's per user preferences and get proper fall back when/if
spamd is dead. I am hoping there is another option that I have not
tried yet. Any input would be greatly anticipated.
Thanks,
James
Re: Postfix/SpamAssassin Integration
James Keating wrote:
Dear Sirs/Madams,
I have been attempting to properly integrate SpamAssassin into
Postfix and have not found the solution that I am looking for.
Currently I have Spamassassin running as a daemon (spamd, version
3.1.0a-2) which uses MySQL to store Bayes, AWL, user preferences and
stats. Postfix is currently configured to connect to spamd using a
pipe setup inside master.cf. Here is the current configuration:
smtp inet n - - - 50 smtpd -o
content_filter=spamassassin
spamassassin unix - n n - 50 pipe
user=nobody argv=/usr/bin/spamc -u ${recipient} -d localhost -e
/usr/lib/sendmail -oi -f ${sender} ${recipient}
This setup appears to work properly but I am concerned about what
happens when/if spamc cannot communicate properly with spamd.
Currently if spamd is not functioning or is dead, the message is
passed through to sendmail, instead of being deferred and placed back
into the queue until spamc can connect to spamd. I have modified the
spamc flags to contain -x (which is supposed to stop the graceful fall
back), but sendmail is still passed the message and it is delivered to
the user.
I have already tried amavisd-new, spampd, qpsmtpd and a simple shell
script for connecting to spamassassin. None of these allow me to fully
use spamassassin's per user preferences and get proper fall back
when/if spamd is dead. I am hoping there is another option that I
have not tried yet. Any input would be greatly anticipated.
Thanks,
James
Is this a high volume mail server?
If it is not, you could call spamc/spamd procmail, check the email to
see if it has spamassassin results, and if it does not, run it through
spamassassin instead This is dangerous if your mail server is high
volume because spamassassin chews a lot more resources then spamc/spamd
Something like this should do the trick (this is off the cuff, and just
a reference, you will have to modify for your exact setup).
master.cf
spamassassin unix - n n - 50 pipe
argv=/usr/bin/procmail -m /path to procmailrc/procmailrc ${sender}
${recipient}
:0
* 512000
{
:0fw
| spamc
:0fw
* !^X-SPAM-STATUS:
| spamassassin
}
:0
! -f $@
Re: Postfix/SpamAssassin Integration
[EMAIL PROTECTED] wrote:
Is this a high volume mail server?
Yes it is rather high volume server, I don't have any estimates on # of
messages.
Something like this should do the trick (this is off the cuff, and just
a reference, you will have to modify for your exact setup).
master.cf
spamassassin unix - n n - 50 pipe
argv=/usr/bin/procmail -m /path to procmailrc/procmailrc ${sender}
${recipient}
Procmail really isn't an option in this case, the server is in a tiered
setup in which it forwards the mail on to another server which completes
delivery.
- James
RE: Postfix/SpamAssassin Integration
James,
Timeout is 600 seconds. If spamd doesn't have respond in that amount of
time them there is something else is wrong. I suppose that if all of
the spamd threads are clogged then you might find a waiting list but 600
seconds is a lifetime.
We had a misconfigured DNS once that slowed all threads down causing
them to take 60 seconds per email and still haven't experienced the
problem you have mentioned.
-Original Message-
From: James Keating [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 05, 2006 6:55 PM
To: [EMAIL PROTECTED]
Cc: users@spamassassin.apache.org
Subject: Re: Postfix/SpamAssassin Integration
[EMAIL PROTECTED] wrote:
Is this a high volume mail server?
Yes it is rather high volume server, I don't have any estimates on #
of
messages.
Something like this should do the trick (this is off the cuff, and
just
a reference, you will have to modify for your exact setup).
master.cf
spamassassin unix - n n - 50 pipe
argv=/usr/bin/procmail -m /path to procmailrc/procmailrc ${sender}
${recipient}
Procmail really isn't an option in this case, the server is in a
tiered
setup in which it forwards the mail on to another server which
completes
delivery.
- James
