296 lines
10 KiB
Text
296 lines
10 KiB
Text
|
# =============== MailScanner: spam.assassin.prefs.conf ===============
|
||
|
# Version 2.13.1
|
||
|
|
||
|
# SpamAssassin preferences for MailScanner users should be placed in
|
||
|
# this file to avoid being overwritten by a SpamAssassin upgrade.
|
||
|
# For a complete listing of configurable parameters, please see:
|
||
|
|
||
|
# http://www.spamassassin.org/doc/Mail_SpamAssassin_Conf.html
|
||
|
|
||
|
# =============== SpamAssassin Preferences ===============
|
||
|
#
|
||
|
# the file installed by SpamAssassin:
|
||
|
|
||
|
# /etc/mail/spamassassin/local.cf
|
||
|
|
||
|
# Should be disabled
|
||
|
# typically use these commands:
|
||
|
|
||
|
# mv /etc/mail/spamassassin/local.cf \
|
||
|
# /etc/mail/spamassassin/local.cf.saved
|
||
|
|
||
|
# When running SpamAssassin or sa-learn from the command line,
|
||
|
# or a script, you should always specify that SpamAssassin use
|
||
|
# this file to load SpamAssassin preferences, i.e:
|
||
|
|
||
|
# sa-learn --ham -p /etc/MailScanner/spam.assassin.prefs.conf \
|
||
|
# --mbox ham_mbox
|
||
|
|
||
|
# spamassassin -D -p etc/MailScanner/spam.assassin.prefs.conf \
|
||
|
# --lint
|
||
|
|
||
|
# Additional SpamAssassin rule files should be placed in:
|
||
|
|
||
|
# /etc/mail/spamassasssin (default location)
|
||
|
|
||
|
# or in the directory specified in MailScanner.conf setting:
|
||
|
|
||
|
# SpamAssassin Local Rules Dir =
|
||
|
|
||
|
# dns_available { yes | test[: name1 name2...] | no } (default: test)
|
||
|
# By default, SpamAssassin will query some default hosts on the internet
|
||
|
# to attempt to check if DNS is working on not. The problem is that it can
|
||
|
# introduce some delay if your network connection is down, and in some
|
||
|
# cases it can wrongly guess that DNS is unavailable because the test
|
||
|
# connections failed. SpamAssassin includes a default set of 13 servers,
|
||
|
# among which 3 are picked randomly.
|
||
|
|
||
|
dns_available yes
|
||
|
|
||
|
|
||
|
# =============== White list and Black list addresses ===============
|
||
|
|
||
|
# While you can white list here but see below for a better place.
|
||
|
|
||
|
# White list addresses should be added in
|
||
|
|
||
|
# /etc/MailScanner/rules/spam.whitelist.rules
|
||
|
|
||
|
# Black list addresses should be added in
|
||
|
|
||
|
# /etc/MailScanner/rules/spam.blacklist.rules
|
||
|
|
||
|
# FSL Notes: we need to set the default rule for:
|
||
|
# Is Definitely Spam = no
|
||
|
# to:
|
||
|
# %rules-dir/spam.blacklist.rules
|
||
|
# and create a default rules-dir/spam.blacklist.rules file
|
||
|
|
||
|
|
||
|
# =============== OK Locales ===============
|
||
|
|
||
|
ok_locales en
|
||
|
|
||
|
# FSL Notes: we only support English this is unnecessary
|
||
|
|
||
|
|
||
|
|
||
|
# =============== Bayesian Filtering ===============
|
||
|
|
||
|
# By default, the Bayesian engine is used. This is a real CPU hog
|
||
|
# and uses a lot of system resources to work.
|
||
|
# On a small overloaded system, you might need to disable it.
|
||
|
|
||
|
# use_bayes 0
|
||
|
|
||
|
# If your root filesystem is filling up because SpamAssassin is putting
|
||
|
# large databases in /.spamassassin or /root/.spamassassin, you can
|
||
|
# move them using the following lines to point to their new locations.
|
||
|
# The last part of the path is not a directory name, but actually the
|
||
|
# start of the filenames. So with the settings below, the Bayes files
|
||
|
# will be created as /var/spool/spamassassin/bayes_msgcount, etc.
|
||
|
|
||
|
# FSL Note: we need to coordinate the Bayes File Placement
|
||
|
# With MailWatch
|
||
|
|
||
|
bayes_path /var/spool/MailScanner/spamassassin/bayes
|
||
|
# This is actually used as a mask, not a raw chmod setting.
|
||
|
# Thanks for Matt Kettler for spotting this one.
|
||
|
bayes_file_mode 0660
|
||
|
|
||
|
# Bump up SpamAssassin scores on the high and low end
|
||
|
# score BAYES_00 -15.0
|
||
|
# score BAYES_05 -5.0
|
||
|
score BAYES_95 5.0
|
||
|
score BAYES_99 15.0
|
||
|
|
||
|
# To disable bayes autolearn
|
||
|
# bayes_auto_learn 0
|
||
|
|
||
|
# For feeding spam and and ham for saved messages, mailboxes
|
||
|
# or directories:
|
||
|
|
||
|
# This MUST be customized for each site :(
|
||
|
|
||
|
# Change unconfigured-debian-site to match your %org-name% as
|
||
|
# set in MailScanner.conf
|
||
|
|
||
|
bayes_ignore_header ORG_NAME-MailScanner
|
||
|
bayes_ignore_header ORG_NAME-MailScanner-SpamCheck
|
||
|
bayes_ignore_header ORG_NAME-MailScanner-SpamScore
|
||
|
bayes_ignore_header ORG_NAME-MailScanner-Information
|
||
|
|
||
|
# When using the scheduled Bayes expiry feature, in MailScanner.conf
|
||
|
# you probably want to turn off auto-expiry in SpamAssassin as it will
|
||
|
# rarely complete before it is killed for taking too long.
|
||
|
# You will just end up with # MailScanner: big bayes_toks.new files
|
||
|
# wasting space.
|
||
|
|
||
|
# FSL Note: we run Bayes expire from a cron job
|
||
|
|
||
|
bayes_auto_expire 0
|
||
|
|
||
|
# If you are using a UNIX machine with all database files on local disks,
|
||
|
# and no sharing of those databases across NFS filesystems, you can use a
|
||
|
# more efficient, but non-NFS-safe, locking mechanism. Do this by adding
|
||
|
# the line "lock_method flock" to the /etc/mail/spamassassin/local.cf
|
||
|
# file. This is strongly recommended if you're not using NFS, as it is
|
||
|
# much faster than the NFS-safe locker.
|
||
|
|
||
|
lock_method flock
|
||
|
|
||
|
# The --auto-whitelist and -a options for "spamd" and "spamassassin" to
|
||
|
# turn on the auto-whitelist have been removed and replaced by the
|
||
|
# "use_auto_whitelist" configuration option which is also now turned on by
|
||
|
# default.
|
||
|
|
||
|
use_auto_whitelist 0
|
||
|
|
||
|
|
||
|
# =============== RBSL related items ===============
|
||
|
|
||
|
# By default, SpamAssassin will run RBL checks. If your ISP already
|
||
|
# does this, stop RBL checks in SpamAssassin by un-commenting the
|
||
|
# following line
|
||
|
# skip_rbl_checks 1
|
||
|
|
||
|
# paths to utilities
|
||
|
pyzor_path /usr/bin/pyzor
|
||
|
dcc_path /usr/bin/dccproc
|
||
|
|
||
|
# Uncomment the lines below to stop using the specific service
|
||
|
# To stop Razor2 checks, uncomment the following line
|
||
|
# use_razor2 0
|
||
|
# To stop DCC checks, uncomment the following line
|
||
|
# use_dcc 0
|
||
|
# To stop Pyzor checks, uncomment the following line
|
||
|
# use_pyzor 0
|
||
|
|
||
|
|
||
|
# The timeouts for blacklists and Razor are rather generous in the
|
||
|
# default state that SpamAssassin is shipped. Reducing these
|
||
|
# stops a lot of timeouts from removing SpamAssassin scores
|
||
|
# altogether.
|
||
|
|
||
|
rbl_timeout 20
|
||
|
razor_timeout 10
|
||
|
pyzor_timeout 10
|
||
|
|
||
|
|
||
|
# If you specify these scores, SpamAssassin will do RBL checks as well
|
||
|
# as MailScanner, which just wastes CPU power and network bandwidth.
|
||
|
# Either do them here by un-commenting the rules below
|
||
|
# (if you have paid for them) or else uncomment the "skip_rbl_checks" #
|
||
|
# line above and let MailScanner do the checks instead.
|
||
|
|
||
|
score RCVD_IN_BL_SPAMCOP_NET 4
|
||
|
# These next 3 will cost you money, see mailscanner.conf.
|
||
|
#score RCVD_IN_RBL 10
|
||
|
#score RCVD_IN_RSS 1
|
||
|
#score RCVD_IN_DUL 1
|
||
|
|
||
|
# =============== SpamAssassin Header Processing ===============
|
||
|
|
||
|
# SpamAssassin will attempt to discover the address used in the 'MAIL FROM:'
|
||
|
# phase of the SMTP transaction that delivered this message, if this data
|
||
|
# has been made available by the SMTP server. This is used in the EnvelopeFrom
|
||
|
# pseudo-header, and for various rules such as SPF checking.
|
||
|
|
||
|
# This should be explicitly set for MailScanner
|
||
|
envelope_sender_header X-MailScanner-From
|
||
|
|
||
|
# =============== Adding SpamAssassin Rules ===============
|
||
|
|
||
|
# Add your own customized scores for some tests below. The default
|
||
|
# scores are read from the installed "spamassassin.cf" file, but you
|
||
|
# can override or disable the here.
|
||
|
# To see the list of tests and their default scores, go to
|
||
|
# http://spamassassin.taint.org/tests.html
|
||
|
|
||
|
# These next 3 lines will add a local rule to SpamAssassin to help
|
||
|
# protect you from the friendlygreetings.com nasty-gram which will
|
||
|
# send lots of spam from your PC if you let it. Not really a virus,
|
||
|
# but you don't want your users all clicking on it.
|
||
|
|
||
|
header FRIEND_GREETINGS Subject =~ /you have an E-Card from/i
|
||
|
describe FRIEND_GREETINGS Nasty E-card from FriendGreetings.com
|
||
|
score FRIEND_GREETINGS 100.0
|
||
|
header FRIEND_GREETINGS2 Subject =~ /you have a greeting card from/i
|
||
|
describe FRIEND_GREETINGS2 Nasty E-card from FriendGreetings.com
|
||
|
score FRIEND_GREETINGS2 100.0
|
||
|
|
||
|
|
||
|
# =============== Disable SpamAssassin Rules ===============
|
||
|
|
||
|
# To disable a SpamAssassin rule simply add an uncommented
|
||
|
# line similar to:
|
||
|
# score SUBJ_ILLEGAL_CHARS 0.0
|
||
|
|
||
|
# =============== Change SpamAssassin Rules scores ===============
|
||
|
|
||
|
# To Change a SpamAssassin rule Score simply add an uncommented
|
||
|
# line similar to:
|
||
|
# score SUBJ_ILLEGAL_CHARS 2.1
|
||
|
|
||
|
|
||
|
# =============== Special Case Rules ===============
|
||
|
|
||
|
# IE explorer spoofing
|
||
|
uri IE_VULN /%([01][0-9a-f]|7f).*@/i
|
||
|
score IE_VULN 100.0
|
||
|
describe IE_VULN Internet Explorer vulnerability
|
||
|
|
||
|
|
||
|
# added Mon Jan 12 16:14:04 EST 2004 to stop the forgers of
|
||
|
# Not needed ins SA 3.0
|
||
|
# HABEAUS headers
|
||
|
# score HABEAS_SWE -2.0
|
||
|
#### Special Case Rules #####
|
||
|
|
||
|
# =============== Historic Rules ===============
|
||
|
|
||
|
# Osirusoft RBSL is dead
|
||
|
# score RCVD_IN_OSIRUSOFT_COM 0.0
|
||
|
# score X_OSIRU_OPEN_RELAY 0.0
|
||
|
# score X_OSIRU_DUL 0.0
|
||
|
# score X_OSIRU_SPAM_SRC 0.0
|
||
|
# score X_OSIRU_SPAMWARE_SITE 0.0
|
||
|
# score X_OSIRU_DUL_FH 0.0
|
||
|
|
||
|
|
||
|
|
||
|
# score RCVD_IN_RFCI 0.0
|
||
|
# score DNS_FROM_RFCI_DSN 0.0
|
||
|
|
||
|
# =============== Your Edits Go Here ===============
|
||
|
|
||
|
score RCVD_IN_RSL 0
|
||
|
|
||
|
# Steve@fsl.com edit Sun Jan 16 12:17:16 CST 2005
|
||
|
# disable the ALL_TRUSTED ruleset that comes with SA 3.x.
|
||
|
# It's generating too many false positives
|
||
|
|
||
|
# If you have problems where ALL_TRUSTED is matching external email,
|
||
|
# including spam, then SpamAssassin has become confused about which hosts are
|
||
|
# a part of your trusted_networks. The most common cause of this is having a
|
||
|
# gateway mail exchanger that has a reserved IP and gets NATed by your
|
||
|
# firewall. Fortunately the problem is easy to fix by manually declaring a
|
||
|
# trusted_networks setting. See man Mail::SpamAssassin::Conf for details.
|
||
|
# Once manually set, SA won't try to guess.
|
||
|
#
|
||
|
# If that does not fix your problem, the other possibility is you have an MTA
|
||
|
# that generates malformed Received: headers. If you've modified your
|
||
|
# Received: header format, please put it back to the standard format.
|
||
|
# SpamAssassin is quite tolerant of deviations from the RFC 2822 format, but
|
||
|
# there are some combinations it can't handle. If the malformed headers are
|
||
|
# being made by some form of network appliance that you can't fix, report a
|
||
|
# bug to your vendor, and as a short-term fix set the score of ALL_TRUSTED to
|
||
|
# 0. However, realize that other problems may occur as a result of the
|
||
|
# mis-parsed headers and the root cause does need fixing.
|
||
|
#
|
||
|
#score ALL_TRUSTED 0
|
||
|
|
||
|
pyzor_options --homedir /var/spool/postfix/
|
||
|
razor_config /var/spool/postfix/.razor/razor-agent.conf
|
||
|
|
||
|
trusted_networks 192.168.1.0/24 127.0.0.1
|