sa - Installing Spam Assassin

Published at: 2002.06.17 00:21:13 | Back to TOC

NAME

sa - Installing Spam Assassin

SYNOPSIS

This document describes the process of installing SpamAssassin on OS X. It assumes that you are using a POP mail server (it could be tweaked to work IMAP, but if you're using IMAP, the popread script won't work). It also assumes that you are using a mail client that can read from mailbox-format files.

I AM NOT ASSOCIATED WITH THE DEVELOPMENT OR SUPPORT OF SPAMASSASSIN. PLEASE DO NOT EMAIL ME WITH SUPPORT QUESTIONS.

INTRODUCTION

We're using SpamAssassin and Mail::Audit, the latter of which includes a Perl script called popread in its distribution. popread connects to your POP server, downloads your mail, filters it through SpamAssassin, then dumps it into a Unix mailbox-format file in /var/mail/username. The Mail.app program is then configured to read mail from /var/mail instead of directly from your POP account.

So... it kind of depends on what mail program you use, and whether it directly supports reading mailbox-format files. If it doesn't, you can always install imapd on your system, then connect to it through your mail program (which likely supports IMAP).

Also, keep in mind that there may be an easier way of setting this up. This happened to work for us. For example, maybe it's easier to set it up using procmail. That may very well be the case, but I don't like procmail. So we didn't use it.

Likewise, we are using popread instead of fetchmail because the former provides an all-in-one method: rather than fetching each piece of mail with fetchmail and starting up a new spamassassin process (which startup is fairly slow), we just start up SpamAssassin once, by loading the Mail::SpamAssassin libraries, then filter each message as it's downloaded.

We are not liable if you screw your computer up in any way by following (or not following, as the case may be) these instructions, nor are we liable for any email that you lose.

Anyway, here are the steps we took.

STEPS

  1. Download the Apple Developer Tools.

    These can be downloaded from http://developer.apple.com/

    You'll need to get a (free) developer ID. Actually, your normal Apple ID might work, if you already have one. The Developer Tools are free, and actually very cool--they come with an IDE, a GUI builder, etc. And gcc, which is needed for compiling Perl modules. And the Perl headers, also needed for compiling Perl modules.

  2. Install a bunch of Perl modules.

    To install each of these, you can just use the CPAN shell, which you'll first need to configure (the first time you use it, the setup process walks you through configuration).

    Get 2 Terminal windows open. In one, start up the CPAN shell:

    % perl -MCPAN -e shell
    

    In the other, open up your .cpan/build directory (which may not exist until after you've started up the CPAN shell and configured it):

    % cd .cpan/build
    

    Each of the modules below can be installed the same way. Download them like this:

    cpan> get <module name>
    

    then in the other Terminal window, open the directory for the module (the CPAN shell will tell you where it was downloaded), and do this:

    % perl Makefile.PL && make
    % sudo make install
    

    You'll need to type your password when you use sudo.

    (Note: I skipped the make test step above because one or more of these modules depends on new versions of Test::Harness and Test::More. If you want to run the test suites, you'll need to add Test::Harness and Test::More to the list below.)

    Here is the complete list of Perl modules that you'll need:

    The only one of these that isn't on CPAN is Razor::Client. It can be downloaded from http://prdownloads.sourceforge.net/razor/razor-agents-1.20.tar.gz?download This is version 1.20 of the Razor client libraries--version 2 is out now, but (AFAIK) SpamAssassin needs version 1.x of Razor.

  3. Set up your mailbox-format file.

    In the Terminal, type the following:

    % sudo touch /var/mail/<username>
    % sudo chown <username> /var/mail/<username>
    % chmod 600 /var/mail/<username>
    

    where <username> is your username.

  4. Set up popread.

    The popread script is in the Mail::Audit distribution you downloaded. Place the script in your home directory and set its permissions to 700:

    % cp ~/.cpan/build/Mail-Audit-2.1/popread ~
    % chmod 700 ~/popread
    

    Edit the script, and change the dummy account information at the top to your own POP server info.

    Then, at the bottom of the file, replace these lines:

    sub filter {
    my $folder ="$ENV{HOME}/mail/";
    my @data = @_;
    my $item = Mail::Audit->new(data => \@data, noexit => 1);
    
    #line 90 "a file which you should have edited"
    xxx xxx you_have_not_added_your_filter_here_yet
    }
    

    with these:

    use Mail::SpamAssassin;
    sub filter {
        my @data = @_;
        my $item = Mail::Audit->new(data => \@data, noexit => 1, nomime => 1);
        my $spam = Mail::SpamAssassin->new;
        my $status = $spam->check($item);
        if ($status->is_spam) {
            $status->rewrite_mail;
        }
        $item->accept;
    }
    

  5. Run popread.

    % ./popread
    

    It should connect to your POP host and download your mail, then delete the messages from the server, then filter the mail through SpamAssassin, then deposit the downloaded messages into /var/mail/<username>

  6. Configure your mail client.

    Now configure your Mail program to read mail from /var/mail/<username> rather than from your POP server.

    In other words, first turn off the checking of the POP account, then create a new account to read mail from the mailbox-format file.

    If you're using Mail.app, first create an empty mail directory:

    % mkdir ~/Library/Mail/maildir
    % chmod 700 ~/Library/Mail/maildir
    

    Mail.app doesn't actually put anything in this directory. But it needs it to exist.

    Then, go into Preferences, create a new account, make it a ``Unix account''. Fill in your details at the top, along with your SMTP info. Then fill in the Account Options tab, set the ``Account directory'' to ~/Library/Mail/maildir and leave the ``Incoming mail directory'' at /var/mail.

    Save the account.

  7. Check your email.

    Now try checking your mail through this new account.

    It should work. Messages recognized as spam by SpamAssassin will be tagged with *****SPAM***** in the Subject. There will also be a new mail header added to the spam messages called X-Spam-Status (I think that's right) describing (in short format) why the message was considered spam, as well as a report prepended to the body of the message describing (in report form) why the message was considered spam.

  8. Automate it.

    Now you just want to schedule popread to run periodically.

    Edit your crontab:

    % crontab -e
    

    which will launch your editor (vi, usually), and add this line:

    */5 * * * * /Users/<username>/popread >> /Users/<username>/popread.log
    

    Then save. If you're not familiar with vi, the exact keystrokes (assuming that you have the correct line already copied into your clipboard (is it still called that in OS X?)), are:

    i
    <cmd>-v
    <esc>
    :
    w
    q
    

    Note that those are individual *keystrokes*--you don't press return after each one. Just press each of those keys, in order.

    If you did it right, it will say ``crontab: installing new crontab''.

NOTES

  1. More information on SpamAssassin is available at http://spamassassin.org/

  2. More information on Razor (Vipul's Razor) is available at http://razor.sourceforge.net/

  3. I added a locking mechanism to my version of popread so that only one instance of the script will run at a time. This prevents the race condition where one instance of popread starts up, begins downloading messages, only to have another instance of popread start up and start downloading the same messages, which could result in duplicates.

AUTHOR

Benjamin Trott, ben@movabletype.org