Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-doc-cvs

From: Sven Vermeulen <swift@××××××××××××.org>
To: gentoo-doc-cvs@l.g.o
Subject: [gentoo-doc-cvs] cvs commit: mailfilter-guide.xml
Date: Tue, 20 May 2008 20:12:28
Message-Id: E1JyYC7-0005cY-Iu@stork.gentoo.org
1 swift 08/05/20 20:12:23
2
3 Modified: mailfilter-guide.xml
4 Log:
5 Coding style
6
7 Revision Changes Path
8 1.21 xml/htdocs/doc/en/mailfilter-guide.xml
9
10 file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml?rev=1.21&view=markup
11 plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml?rev=1.21&content-type=text/plain
12 diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml?r1=1.20&r2=1.21
13
14 Index: mailfilter-guide.xml
15 ===================================================================
16 RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml,v
17 retrieving revision 1.20
18 retrieving revision 1.21
19 diff -u -r1.20 -r1.21
20 --- mailfilter-guide.xml 3 Aug 2007 01:31:02 -0000 1.20
21 +++ mailfilter-guide.xml 20 May 2008 20:12:23 -0000 1.21
22 @@ -1,6 +1,6 @@
23 <?xml version='1.0' encoding='utf-8'?>
24
25 -<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml,v 1.20 2007/08/03 01:31:02 nightmorph Exp $ -->
26 +<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml,v 1.21 2008/05/20 20:12:23 swift Exp $ -->
27
28 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
29 <guide link="/doc/en/mailfilter-guide.xml">
30 @@ -36,7 +36,7 @@
31
32 <p>
33 This guide describe step by step how to install a spam and virus filtering mail
34 -gateway. It is quite simple to adopt this to a single server solution.
35 +gateway. It is quite simple to adopt this to a single server solution.
36 </p>
37
38 </body>
39 @@ -55,11 +55,11 @@
40 <p>
41 In this setup applications with good security records and readable
42 configuration files have been chosen. The email MTA is postfix which
43 -has a good security record and is fairly easy to setup right.
44 -Postfix will listen normally on port 25 for incoming mail. Upon reception it
45 -will forward it to Amavisd-new on port 10024. Amavisd-new will then filter
46 -the mail through different filters before passing the mail back to Postfix
47 -on port 10025 which in turn will forward the mail to the next mail server.
48 +has a good security record and is fairly easy to setup right.
49 +Postfix will listen normally on port 25 for incoming mail. Upon reception it
50 +will forward it to Amavisd-new on port 10024. Amavisd-new will then filter
51 +the mail through different filters before passing the mail back to Postfix
52 +on port 10025 which in turn will forward the mail to the next mail server.
53 </p>
54
55 <p>
56 @@ -67,7 +67,7 @@
57 virus filtering and spam filtering. In this setup we will be using two helper
58 applications one ClamAV for filtering virus mails and Spamassassin for filtering
59 spam. Spamassassin itself can function as yet another layer of content filtering
60 -framework and utilize the helper applications Vipul's Razor2 and DCC.
61 +framework and utilize the helper applications Vipul's Razor2 and DCC.
62 </p>
63
64 <p>
65 @@ -91,8 +91,8 @@
66 </ul>
67
68 <p>
69 -The first part (chapters 1 to 4) of the guide will describe the basic setup
70 -of a mailfiltering gateway. The next chapters can be implemented individually
71 +The first part (chapters 1 to 4) of the guide will describe the basic setup
72 +of a mailfiltering gateway. The next chapters can be implemented individually
73 with no dependence between each chapter. These chapters describe how to:
74 </p>
75
76 @@ -112,13 +112,13 @@
77 <note>
78 The IMAP folders will be using the maildir format. Having each mail in a
79 separate file makes handling much simpler. If you're using mbox I propose to
80 -give maildir a try. If you're not already using maildir emerge the necessary
81 +give maildir a try. If you're not already using maildir emerge the necessary
82 tools with <c>emerge courier-imap</c>.
83 </note>
84
85 <p>
86 A planned fifth part will contain various tips regarding performance and things
87 -you may want to know (running chrooted, postfix restrictions, etc.).
88 +you may want to know (running chrooted, postfix restrictions, etc.).
89 </p>
90
91 <note>
92 @@ -126,7 +126,7 @@
93 know and trust these third parties. In this setup only the decision to
94 quarantine virus mails are based on a single third party. Using Spamassassin's
95 scoring system the decision to stop spam mails are not made by a single
96 -authority except perhaps Spamassassins own static rules.
97 +authority except perhaps Spamassassins own static rules.
98 </note>
99
100 <warn>
101 @@ -137,7 +137,7 @@
102 link="http://www.geekcomix.com/cgi-bin/classnotes/wiki.pl?UNIX03/Realtime_Blackhole_Lists_Are_Bad">Realtime
103 Blackhole Lists Are Bad</uri> and <uri
104 link="http://theory.whirlycott.com/~phil/antispam/rbl-bad/rbl-bad.html">The Spam
105 -Problem: Moving Beyond RBLs</uri>
106 +Problem: Moving Beyond RBLs</uri>
107 </warn>
108
109 </body>
110 @@ -152,7 +152,7 @@
111 experienced with setting up Postfix it might quickly become too complicated if
112 all should be set up at once. If you need help you can find it in the excellent
113 <uri link="http://www.gentoo.org/doc/en/virt-mail-howto.xml">Virtual
114 -Mailhosting System with Postfix Guide</uri> in the Gentoo Documentation.
115 +Mailhosting System with Postfix Guide</uri> in the Gentoo Documentation.
116 </p>
117
118 </body>
119 @@ -165,8 +165,8 @@
120 <body>
121
122 <p>
123 -We start out by installing the most important programs: Amavisd-new,
124 -Spamassassin and ClamAV.
125 +We start out by installing the most important programs: Amavisd-new,
126 +Spamassassin and ClamAV.
127 </p>
128
129 <pre caption="Installing Amavis, Spamassassin and Clamav">
130 @@ -177,7 +177,7 @@
131 As previously mentioned you should already have a working <c>postfix</c>
132 instance running on the box. Basically this shouldn't be much more than
133 <c>emerge postfix</c> <e>and</e> have a basic understanding of how Postfix is
134 -working.
135 +working.
136 </note>
137
138 </body>
139 @@ -188,12 +188,12 @@
140
141 <note>
142 If you're not setting up a gateway server but have the mailboxes on
143 -the same server you only have to create the MX-Record.
144 +the same server you only have to create the MX-Record.
145 </note>
146
147 <p>
148 While the programs are emerging fire up another shell and create the needed DNS
149 -records.
150 +records.
151 </p>
152
153 <p>
154 @@ -213,7 +213,7 @@
155 <note>
156 Some ADSL providers might block port 25 and force you to relay mail through one
157 of their servers. Typically you have to create a secondary MX-Record
158 -like <c>MX 20 backup-mx.some-isp.tld</c>
159 +like <c>MX 20 backup-mx.some-isp.tld</c>
160 </note>
161
162 </body>
163 @@ -240,7 +240,7 @@
164 </tr>
165 <tr>
166 <ti>Razor</ti><ti>TCP</ti><ti>2703</ti>
167 -</tr>
168 +</tr>
169 </table>
170
171 <p>
172 @@ -269,7 +269,7 @@
173 #lmtp-amavis unix - - n - 2 lmtp
174 # -o lmtp_data_done_timeout=1200
175 # -o lmtp_send_xforward_command=yes</comment>
176 -
177 +
178 127.0.0.1:10025 inet n - n - - smtpd
179 -o content_filter=
180 -o local_recipient_maps=
181 @@ -306,7 +306,7 @@
182
183 <note>
184 If you want to reject spam early on in the process you can use the
185 -Before-Queue (proxy) method instead of the filter method. If you uncomment
186 +Before-Queue (proxy) method instead of the filter method. If you uncomment
187 the three lines you will have to set <c>content_filter=</c> in
188 <path>main.cf</path>. This is not recommended for high traffic servers
189 as the number of concurrent connections are limited to the number of
190 @@ -318,8 +318,8 @@
191 </warn>
192
193 <note>
194 -If you, for any reason whatsoever, want to send mail from this box and don't
195 -want it scanned, add another postfix instance by uncommenting the last two
196 +If you, for any reason whatsoever, want to send mail from this box and don't
197 +want it scanned, add another postfix instance by uncommenting the last two
198 lines and substitute with a proper IP.
199 </note>
200
201 @@ -337,7 +337,7 @@
202 <p>
203 We also need to set the next hop destination for mail. Tell Postfix to filter
204 all mail through an external content filter and enable explicit routing to let
205 -Postfix know where to forward the mail to.
206 +Postfix know where to forward the mail to.
207 </p>
208
209 <pre caption="Modifying /etc/postfix/main.cf">
210 @@ -367,7 +367,7 @@
211 <p>
212 The format of the <path>transport</path> file is the normal Postfix hash file.
213 Mail to the domain on the left hand side is forwarded to the destination on the
214 -right hand side.
215 +right hand side.
216 </p>
217
218 <pre caption="/etc/postfix/transport">
219 @@ -379,13 +379,13 @@
220 does not actually read this file so we have to convert it to the proper format
221 with <c>postmap /etc/postfix/transport</c>. This creates the file
222 <path>/etc/postfix/transport.db</path>. There is no need to reload Postfix as it
223 -will automatically pick up the changes.
224 +will automatically pick up the changes.
225 </p>
226
227 <note>
228 -If the next hop mail server is not listening on the standard SMTP port 25 you
229 -can tell postfix to use a given port number, like
230 -<c>smtp:mail.mydomain.tld:25000</c>.
231 +If the next hop mail server is not listening on the standard SMTP port 25 you
232 +can tell postfix to use a given port number, like
233 +<c>smtp:mail.mydomain.tld:25000</c>.
234 </note>
235
236 <p>
237 @@ -418,7 +418,7 @@
238 together severel different technologies. Upon reception of a mail message it
239 will extract the mail, filter it through some custom filters, handle white and
240 black listing, filter the mail through various virus scanners and finally it
241 -will filter the mail using SpamAssassin.
242 +will filter the mail using SpamAssassin.
243 </p>
244
245 <p>
246 @@ -429,13 +429,14 @@
247 <li>
248 it identifies dangerous file attachments and has policies to handle them
249 </li>
250 - <li>per-user, per-domain and system-wide policies for:
251 - <ul>
252 - <li>whitelists</li>
253 - <li>blacklists</li>
254 - <li>spam score thresholds</li>
255 - <li>virus and spam policies</li>
256 - </ul>
257 + <li>
258 + per-user, per-domain and system-wide policies for:
259 + <ul>
260 + <li>whitelists</li>
261 + <li>blacklists</li>
262 + <li>spam score thresholds</li>
263 + <li>virus and spam policies</li>
264 + </ul>
265 </li>
266 </ul>
267
268 @@ -468,21 +469,21 @@
269
270 <pre caption="Editing /etc/amavisd.conf">
271 <comment>(Insert the domains to be scanned)</comment>
272 -$mydomain = 'example.com';
273 +$mydomain = 'example.com';
274 <comment>(Bind only to loopback interface)</comment>
275 $inet_socket_bind = '127.0.0.1';
276 <comment>(Forward to Postfix on port 10025)</comment>
277 $forward_method = 'smtp:127.0.0.1:10025';
278 -$notify_method = $forward_method;
279 +$notify_method = $forward_method;
280 <comment>(Define the account to send virus alert emails)</comment>
281 $virus_admin = "virusalert\@$mydomain";
282 <comment>(Always add spam headers)</comment>
283 -$sa_tag_level_deflt = -100;
284 +$sa_tag_level_deflt = -100;
285 <comment>(Add spam detected header aka X-Spam-Status: Yes)</comment>
286 -$sa_tag2_level_deflt = 5;
287 +$sa_tag2_level_deflt = 5;
288 <comment>(Trigger evasive action at this spam level)</comment>
289 $sa_kill_level_deflt = $sa_tag2_level_deflt;
290 -<comment>(Do not send delivery status notification to sender. It does not affect
291 +<comment>(Do not send delivery status notification to sender. It does not affect
292 delivery of spam to recipient. To do that, use the kill_level)</comment>
293 $sa_dsn_cutoff_level = 10;
294 <comment>Don't bounce messages left and right, quarantine
295 @@ -495,9 +496,9 @@
296 <note>
297 With this line <c>$sa_tag2_level_deflt = 5;</c> you set the Spamassassin spam
298 score to 5. This might be a bit low. As you might have noticed the Amavisd-new
299 -default is <c>6.3</c>. If you don't want to see a single spam mail in your
300 -mail folder choose <c>5</c>, but if you don't want to deal with false positives
301 -choose <c>6.3</c>.
302 +default is <c>6.3</c>. If you don't want to see a single spam mail in your
303 +mail folder choose <c>5</c>, but if you don't want to deal with false positives
304 +choose <c>6.3</c>.
305 </note>
306
307 <p>
308 @@ -534,9 +535,9 @@
309 LogSyslog
310 LogVerbose
311 LogFacility LOG_MAIL
312 -<comment>(Change pid file location)</comment>
313 +<comment>(Change pid file location)</comment>
314 PidFile /var/run/amavis/clamd.pid
315 -<comment>(Set the clamav socket)</comment>
316 +<comment>(Set the clamav socket)</comment>
317 LocalSocket /var/amavis/clamd
318 <comment>(Close the connection when this limit is exceeded)</comment>
319 StreamMaxLength 10M
320 @@ -552,9 +553,9 @@
321 </note>
322
323 <p>
324 -ClamAV comes with the <c>freshclam</c> deamon dedicated to periodical checks
325 -of virus signature updates. Instead of updating virus signatures twice a day
326 -we will make <c>freshclam</c> update virus signatures every two hours.
327 +ClamAV comes with the <c>freshclam</c> deamon dedicated to periodical checks
328 +of virus signature updates. Instead of updating virus signatures twice a day
329 +we will make <c>freshclam</c> update virus signatures every two hours.
330 </p>
331
332 <pre caption="Edit /etc/freshclam.conf">
333 @@ -572,7 +573,7 @@
334
335 <p>
336 Start <c>clamd</c> with <c>freshclam</c> using the init scripts by modifying
337 -<path>/etc/conf.d/clamd</path>.
338 +<path>/etc/conf.d/clamd</path>.
339 </p>
340
341 <pre caption="Modifying /etc/conf.d/clamd">
342 @@ -604,10 +605,10 @@
343 <body>
344
345 <p>
346 -Razor2 is a collaborative and distributed spam checksum network. Install it
347 -with <c>emerge razor</c> and create the needed configuration files. Do this
348 -as user <c>amavis</c> by running <c>su - amavis</c> followed <c>razor-admin
349 --create</c>.
350 +Razor2 is a collaborative and distributed spam checksum network. Install it
351 +with <c>emerge razor</c> and create the needed configuration files. Do this
352 +as user <c>amavis</c> by running <c>su - amavis</c> followed <c>razor-admin
353 +-create</c>.
354 </p>
355
356 <pre caption="Creating the required configuration files">
357 @@ -632,7 +633,7 @@
358 <p>
359 Like Razor2, dcc is a collaborative and distributed spam checksum network. Its
360 philosopy is to count the number of recipients of a given mail identifying each
361 -mail with a fuzzy checksum.
362 +mail with a fuzzy checksum.
363 </p>
364
365 <pre caption="Installing DCC">
366 @@ -681,7 +682,7 @@
367 <note>
368 You can find inspiration for your <path>local.cf</path> file by trying the <uri
369 link="http://www.yrex.com/spam/spamconfig.php">SpamAssassin Configuration
370 -Generator</uri>.
371 +Generator</uri>.
372 </note>
373
374 <note>
375 @@ -700,8 +701,8 @@
376 <p>
377 Once mail really starts passing through this mail gateway you will probably
378 discover that the above setup is not perfect. Maybe some of your customers like
379 -to receive mails that others wouldn't. You can whitelist/blacklist
380 -envelope senders quite easily. Uncomment the following line in
381 +to receive mails that others wouldn't. You can whitelist/blacklist
382 +envelope senders quite easily. Uncomment the following line in
383 <path>amavisd.conf</path>.
384 </p>
385
386 @@ -710,15 +711,15 @@
387 </pre>
388
389 <p>
390 -In the <path>sender_scores_sitewide</path> file you put complete email
391 -addresses or just the domian parts and then note a positive/negative score
392 +In the <path>sender_scores_sitewide</path> file you put complete email
393 +addresses or just the domian parts and then note a positive/negative score
394 to add to the spam score.
395 </p>
396
397 <pre caption="whitelist_sender example">
398 <comment>(Whitelist all emails from the specific email address)</comment>
399 postmaster@×××××××.net -3.0
400 -<comment>(Whitelist all emails from the example.net excluding subdomains)</comment>
401 +<comment>(Whitelist all emails from the example.net excluding subdomains)</comment>
402 .example.net 1.0
403 </pre>
404
405 @@ -728,7 +729,7 @@
406
407 <note>
408 Placing these addresses outside <path>amavisd.conf</path> is a cleaner and safer
409 -solution.
410 +solution.
411 </note>
412
413 <note>
414 @@ -738,14 +739,14 @@
415 </note>
416
417 <note>
418 -In a later chapter I will show how to implement per-user policies using
419 +In a later chapter I will show how to implement per-user policies using
420 MySQL.
421 </note>
422
423 <p>
424 While waiting for a better method you can add the following to
425 <path>amavisd.conf</path> to bypass spam checks for <c>postmaster</c> and
426 -<c>abuse</c> mailboxes.
427 +<c>abuse</c> mailboxes.
428 </p>
429
430 <pre caption="By pass spam filters for all postmaster and abuse mails">
431 @@ -761,7 +762,7 @@
432 link="http://www.ietf.org/rfc/rfc2142.txt">RFC 2142 MAILBOX NAMES FOR COMMON
433 SERVICES, ROLES AND FUNCTIONS</uri>. Otherwise your domains might end up listed
434 in some of the evil lists over at <uri
435 -link="http://www.rfc-ignorant.org/">rfc-ignorant.org</uri>.
436 +link="http://www.rfc-ignorant.org/">rfc-ignorant.org</uri>.
437 </impo>
438
439 </body>
440 @@ -812,8 +813,8 @@
441 </pre>
442
443 <p>
444 -Now you have updated virus definitions and you know that
445 -<path>freshclam.conf</path> is working properly.
446 +Now you have updated virus definitions and you know that
447 +<path>freshclam.conf</path> is working properly.
448 </p>
449
450 <p>
451 @@ -843,7 +844,7 @@
452
453 <p>
454 Now if no strange messages appear in the log file it is time for a new
455 -test.
456 +test.
457 </p>
458
459 <p>
460 @@ -858,10 +859,10 @@
461
462 <note>
463 For some unknown reason you can not complete a manual mail injection to
464 -<c>amavisd</c> with netcat. Use <c>telnet</c> instead.
465 +<c>amavisd</c> with netcat. Use <c>telnet</c> instead.
466 </note>
467
468 -<pre caption="Manually checking that amavisd and postfix are listning to the new ports">
469 +<pre caption="Manually checking that amavisd and postfix are listning to the new ports">
470 # <i>nc localhost 10024</i>
471 <comment>(Amavis working)</comment>
472 220 [127.0.0.1] ESMTP amavisd-new service ready
473 @@ -931,7 +932,7 @@
474 <p>
475 If you manually want to check some of the mails to ensure that you have no false
476 positives you can use the following <c>procmail</c> recipe to sideline spam
477 -found into different mail folders.
478 +found into different mail folders.
479 </p>
480
481 </body>
482 @@ -1019,11 +1020,11 @@
483 </pre>
484
485 <warn>
486 -This grants members of the <c>mailusers</c> groups access to <c>amavis</c>
487 +This grants members of the <c>mailusers</c> groups access to <c>amavis</c>
488 mail.
489 </warn>
490
491 -<p>
492 +<p>
493 This makes the spam and ham folders writable but not readable. This way
494 users can safely submit their ham without anyone else being able to read it.
495 </p>
496 @@ -1056,9 +1057,9 @@
497 <pre caption="amavis crontab">
498 <comment>#Auto learn</comment>
499 0 * * * * /usr/bin/sa-learn --spam /var/amavis/.maildir/Bayes/.spam/{cur,new} \
500 - > /dev/null 2>&amp;1
501 + > /dev/null 2>&amp;1
502 0 * * * * /usr/bin/sa-learn --ham /var/amavis/.maildir/Bayes/.ham/{cur,new} > \
503 - /dev/null 2>&amp;1
504 + /dev/null 2>&amp;1
505 </pre>
506
507 <note>
508 @@ -1080,7 +1081,7 @@
509
510 <p>
511 Now modify amavis to redirect spam emails to the <c>spamtrap</c> account and
512 -keep spamheaders.
513 +keep spamheaders.
514 </p>
515
516 <pre caption="Modifying /etc/amavisd.conf">
517 @@ -1102,7 +1103,7 @@
518 <c>sa-learn --ham</c> and then redelivered with all headers intact using a
519 patched version of <uri
520 link="http://www.engelschall.com/sw/smtpclient/">smtpclient</uri> by Ralf S.
521 -Engelschall.
522 +Engelschall.
523 </p>
524
525 <p>
526 @@ -1134,9 +1135,9 @@
527
528 <p>
529 Now we only have to copy the <c>redeliver.pl</c> file to
530 -<path>/usr/local/bin/</path>. <uri
531 -link="http://home.coming.dk/files/redeliver.pl">Download it</uri> or use
532 -the version below.
533 +<path>/usr/local/bin/</path>. <uri
534 +link="http://home.coming.dk/files/redeliver.pl">Download it</uri> or use
535 +the version below.
536 </p>
537
538 <pre caption="redeliver.pl">
539 @@ -1236,7 +1237,7 @@
540 </p>
541
542 <pre caption="Download and installing pflogsumm">
543 -# <i>wget http://jimsun.linxnet.com/downloads/pflogsumm-1.1.0.tar.gz</i>
544 +# <i>wget http://jimsun.linxnet.com/downloads/pflogsumm-1.1.0.tar.gz</i>
545 # <i>tar xzf pflogsumm-1.1.0.tar.gz</i>
546 # <i>cp pflogsumm-1.1.0/pflogsumm.pl /usr/local/bin/</i>
547 </pre>
548 @@ -1302,13 +1303,13 @@
549 mail the mail is rejected with a <e>try again later</e> message.
550 This means that mail gets delayed but also that stupid spam bots
551 that do not implement the RFC protocol will drop the attempt to
552 -deliver the spam and never retry. With time spam bots will probably
553 -adjust, however it will give other technologies more time to identify
554 +deliver the spam and never retry. With time spam bots will probably
555 +adjust, however it will give other technologies more time to identify
556 the spam.
557 </p>
558
559 <note>
560 -If your ISP blocks incoming traffic on port 25 and relays all mail to you
561 +If your ISP blocks incoming traffic on port 25 and relays all mail to you
562 through their own mail server greylisting will not work.
563 </note>
564
565 @@ -1326,7 +1327,7 @@
566 There are other greylisting policy servers for Postfix around (such as <uri
567 link="http://www.gasmi.net/gld.html">Gld</uri>, which is in Portage, and <uri
568 link="http://sqlgrey.sourceforge.net/">SQLgrey</uri>). Some of them support
569 -database backends, auto whitelisting and other neat features.
570 +database backends, auto whitelisting and other neat features.
571 </note>
572
573 </body>
574 @@ -1367,7 +1368,7 @@
575 situations for the mail queue and mail box situations, this is not the
576 case with the greylisting database. If the file becomes corrupted
577 you may not be able to receive mail at all until you delete the file
578 -by hand.
579 +by hand.
580 </warn>
581
582 </body>
583 @@ -1403,15 +1404,15 @@
584 </pre>
585
586 <warn>
587 -Be sure to specify <c>check_sender_access</c> AFTER
588 +Be sure to specify <c>check_sender_access</c> AFTER
589 <c>reject_unauth_destination</c> or else your system could become an
590 -open mail relay.
591 +open mail relay.
592 </warn>
593
594 <note>
595 The greylist database gets polluted quickly with bogus addresses. It
596 helps if you protect greylist lookups with other restrictions that
597 -reject unknown senders and/or recipients.
598 +reject unknown senders and/or recipients.
599 </note>
600
601 <p>
602 @@ -1523,11 +1524,11 @@
603 <p>
604 SPF allows domain owners to state in their DNS records which IP
605 addressess should be allowed to send mails from their domain. This
606 -will prevent spammers from spoofing the <c>Return-Path</c>.
607 +will prevent spammers from spoofing the <c>Return-Path</c>.
608 </p>
609
610 <note>
611 -If your ISP blocks incoming traffic on port 25 and relays all mail to you
612 +If your ISP blocks incoming traffic on port 25 and relays all mail to you
613 through their own mail server SPF will not work.
614 </note>
615
616 @@ -1556,7 +1557,7 @@
617
618 <p>
619 Spamassassin 3.0 has support for SPF, however it is not enabled by default
620 -and the new policy daemon in Postfix supports SPF so let's install SPF support
621 +and the new policy daemon in Postfix supports SPF so let's install SPF support
622 for Postfix.
623 </p>
624
625 @@ -1583,7 +1584,7 @@
626
627 <note>
628 The <path>spf.pl</path> coming with Postfix is slightly buggy so find
629 -and uncomment the following line: <c>push @HANDLERS, "sender_permitted_from";
630 +and uncomment the following line: <c>push @HANDLERS, "sender_permitted_from";
631 use Mail::SPF::Query;</c>. Furthermore in about line 199 substitute
632 <c>comemnt</c> with <c>comment</c>. Alternatively you can download a
633 <uri link="http://spf.pobox.com/postfix-policyd.txt">development
634 @@ -1658,7 +1659,7 @@
635 </pre>
636
637 <p>
638 -Now that the database is created we'll need to create the necessary tables.
639 +Now that the database is created we'll need to create the necessary tables.
640 You can cut and paste the following into the mysql prompt:
641 </p>
642
643 @@ -1694,7 +1695,7 @@
644 wb char(1) NOT NULL, -- W or Y / B or N / space=neutral
645 PRIMARY KEY (rid,sid)
646 );
647 -
648 +
649 CREATE TABLE policy (
650 id int unsigned NOT NULL auto_increment,
651 policy_name varchar(32), -- not used by amavisd-new
652 @@ -1710,7 +1711,7 @@
653 spam_quarantine_to varchar(64) DEFAULT NULL, -- (optional field)
654 spam_tag_level float, -- higher score inserts spam info headers
655 spam_tag2_level float DEFAULT NULL, -- higher score inserts
656 - -- 'declared spam' info header fields
657 + -- 'declared spam' info header fields
658 spam_kill_level float, -- higher score activates evasive actions, e.g.
659 -- reject/drop, quarantine, ...
660 -- (subject to final_spam_destiny setting)
661 @@ -1724,20 +1725,20 @@
662 </note>
663
664 <note>
665 -Lookups trying to match email are done with raw (rfc2821-unquoted
666 +Lookups trying to match email are done with raw (rfc2821-unquoted
667 and unbracketed) addresses as a key, i.e.:
668 -<c>John "Funny" Smith@×××××××.com</c>
669 +<c>John "Funny" Smith@×××××××.com</c>
670 </note>
671
672 <note>
673 -Lookups are performed in the following order: <c>SQL</c>, <c>LDAP</c>,
674 +Lookups are performed in the following order: <c>SQL</c>, <c>LDAP</c>,
675 <c>hash</c>, <c>ACL</c>, <c>regexp</c>, <c>constant</c>. The first that
676 returns a definitive answer (not <c>undef/NULL</c>) stops the search.
677 </note>
678
679 <p>
680 If you wish to use whitelisting and blacklisting you must add the
681 -sender and receiver to <c>mailadr</c> after which you create the relation
682 +sender and receiver to <c>mailadr</c> after which you create the relation
683 between the two e-mail addresses in <c>wblist</c> and state if it is
684 whitelisting (<c>W</c>) or blacklisting (<c>B</c>).
685 </p>
686 @@ -1851,7 +1852,7 @@
687 </pre>
688
689 <p>
690 -Now that the database is created we'll create the necessary tables. You can cut
691 +Now that the database is created we'll create the necessary tables. You can cut
692 and paste the following into the mysql prompt:
693 </p>
694
695 @@ -1884,7 +1885,7 @@
696 ham_count int(11) NOT NULL default '0',
697 atime int(11) NOT NULL default '0',
698 PRIMARY KEY (id, token),
699 - INDEX (id, atime)
700 + INDEX (id, atime)
701 ) TYPE=MyISAM;
702
703 CREATE TABLE bayes_vars (
704 @@ -1901,7 +1902,7 @@
705 PRIMARY KEY (id),
706 UNIQUE bayes_vars_idx1 (username)
707 ) TYPE=MyISAM;
708 -
709 +
710 CREATE TABLE awl (
711 username varchar(100) NOT NULL default '',
712 email varchar(200) NOT NULL default '',
713 @@ -1934,10 +1935,10 @@
714 </p>
715
716 <pre caption="Converting Bayes data from a DBM Database">
717 -<i>su - amavis</i>
718 -<i>sa-learn --sync</i>
719 -<i>sa-learn --backup > backup.txt</i>
720 -<i>sa-learn --restore backup.txt</i>
721 +<i>su - amavis</i>
722 +<i>sa-learn --sync</i>
723 +<i>sa-learn --backup > backup.txt</i>
724 +<i>sa-learn --restore backup.txt</i>
725 </pre>
726
727 <note>
728 @@ -1993,7 +1994,7 @@
729 <p>
730 To troubleshoot Amavisd-new start out by stopping it with <c>/etc/init.d/amavisd
731 stop</c> and then start it manually in the foreground with <c>amavisd debug</c>
732 -and watch it for anomalies in the output.
733 +and watch it for anomalies in the output.
734 </p>
735
736 </body>
737 @@ -2005,18 +2006,18 @@
738 <p>
739 To troubleshoot Spamassassin you can filter an email through it with
740 <c>spamassassin -D &lt; mail</c>. To ensure that the headers are intact you can
741 -move it from another machine with IMAP.
742 +move it from another machine with IMAP.
743 </p>
744
745 <note>
746 -If you need to troubleshoot you have to enable login for the user
747 -<c>amavis</c> by changing the login shell in <path>/etc/passwd</path> to
748 +If you need to troubleshoot you have to enable login for the user
749 +<c>amavis</c> by changing the login shell in <path>/etc/passwd</path> to
750 <path>/bin/bash</path>.
751 </note>
752
753 <p>
754 If you want you can make get the same information and more with Amavisd-new
755 -using <c>amavisd debug-sa</c>.
756 +using <c>amavisd debug-sa</c>.
757 </p>
758
759 </body>
760 @@ -2031,7 +2032,7 @@
761 link="http://marc.theaimsgroup.com/?l=amavis-user">Amavis User
762 mailing list archives</uri>. If you find no answer here you can
763 subscribe to the <uri
764 -link="https://lists.sourceforge.net/lists/listinfo/amavis-user">Amavis User
765 +link="https://lists.sourceforge.net/lists/listinfo/amavis-user">Amavis User
766 mailing list</uri>
767 </p>
768
769 @@ -2051,31 +2052,41 @@
770 <body>
771
772 <ul>
773 -<li><uri
774 -link="http://www.ijs.si/software/amavisd/INSTALL">Amavisd-new
775 -INSTALL</uri></li>
776 -<li><uri
777 -link="http://www.ijs.si/software/amavisd/README.postfix">Amavisd-new
778 -Postfix README</uri>
779 -</li>
780 -<li><uri
781 -link="http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks">Amavisd-new
782 -Policy bank documentation</uri>
783 -</li>
784 -<li><uri
785 -link="http://spamassassin.apache.org/full/3.0.x/dist/sql/README">Spamassassin
786 -SQL README</uri></li>
787 -<li><uri link="http://www.greylisting.org">Greylisting</uri></li>
788 -<li><uri link="http://www.postfix.org/FILTER_README.html">Postfix
789 -SMTPD_POLICY_README</uri></li>
790 -<li><uri
791 -link="http://www.unixwiz.net/techtips/postfix-HELO.html">Blocking
792 -spammers with Postfix HELO controls</uri></li>
793 -<li><uri
794 -link="http://www.linuxjournal.com/article.php?sid=7327">SPF Overview</uri></li>
795 -<li><uri
796 -link="http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt">Jim
797 -Seymour's Postfix Anti-UCE Cheat Sheet</uri></li>
798 + <li>
799 + <uri link="http://www.ijs.si/software/amavisd/INSTALL">Amavisd-new
800 + INSTALL</uri>
801 + </li>
802 + <li>
803 + <uri link="http://www.ijs.si/software/amavisd/README.postfix">Amavisd-new
804 + Postfix README</uri>
805 + </li>
806 + <li>
807 + <uri link="http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks">Amavisd-new
808 + Policy bank documentation</uri>
809 + </li>
810 + <li>
811 + <uri link="http://spamassassin.apache.org/full/3.0.x/dist/sql/README">Spamassassin
812 + SQL README</uri>
813 + </li>
814 + <li>
815 + <uri link="http://www.greylisting.org">Greylisting</uri>
816 + </li>
817 + <li>
818 + <uri link="http://www.postfix.org/FILTER_README.html">Postfix
819 + SMTPD_POLICY_README</uri>
820 + </li>
821 + <li>
822 + <uri link="http://www.unixwiz.net/techtips/postfix-HELO.html">Blocking
823 + spammers with Postfix HELO controls</uri>
824 + </li>
825 + <li>
826 + <uri link="http://www.linuxjournal.com/article.php?sid=7327">SPF
827 + Overview</uri>
828 + </li>
829 + <li>
830 + <uri link="http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt">Jim
831 + Seymour's Postfix Anti-UCE Cheat Sheet</uri>
832 + </li>
833 </ul>
834
835 </body>
836 @@ -2085,17 +2096,24 @@
837 <body>
838
839 <ul>
840 -<li><uri link="http://www.spamassassin.org">Spamassassin</uri></li>
841 -<li><uri link="http://www.ijs.si/software/amavisd/">Amavisd-new</uri></li>
842 -<li><uri
843 -link="http://www.ijs.si/software/amavisd/amavisd-new-docs.html">Amavisd-new
844 -documentation bits and pieces</uri></li>
845 -<li><uri link="http://razor.sourceforge.net/">Vipuls's Razor</uri></li>
846 -<li><uri link="http://pyzor.sourceforge.net/">Pyzor</uri></li>
847 -<li><uri link="http://www.rhyolite.com/anti-spam/dcc/">Distributed Checksum
848 -Clearinghouse</uri></li> <li><uri
849 -link="http://www.renaissoft.com/projects/maia/">Maia Mailguard</uri></li>
850 + <li><uri link="http://www.spamassassin.org">Spamassassin</uri></li>
851 + <li><uri link="http://www.ijs.si/software/amavisd/">Amavisd-new</uri></li>
852 + <li>
853 + <uri link="http://www.ijs.si/software/amavisd/amavisd-new-docs.html">Amavisd-new
854 + documentation bits and pieces</uri>
855 + </li>
856 + <li><uri link="http://razor.sourceforge.net/">Vipuls's Razor</uri></li>
857 + <li><uri link="http://pyzor.sourceforge.net/">Pyzor</uri></li>
858 + <li>
859 + <uri link="http://www.rhyolite.com/anti-spam/dcc/">Distributed Checksum
860 + Clearinghouse</uri>
861 + </li>
862 + <li>
863 + <uri link="http://www.renaissoft.com/projects/maia/">Maia
864 + Mailguard</uri>
865 + </li>
866 </ul>
867 +
868 </body>
869 </section>
870 <section>
871 @@ -2103,12 +2121,14 @@
872 <body>
873
874 <ul>
875 -<li><uri link="http://www.flakshack.com/anti-spam/">Fairly-Secure Anti-SPAM
876 -Gateway Using OpenBSD, Postfix, Amavisd-new, SpamAssassin, Razor
877 -and DCC</uri></li>
878 + <li>
879 + <uri link="http://www.flakshack.com/anti-spam/">Fairly-Secure Anti-SPAM
880 + Gateway Using OpenBSD, Postfix, Amavisd-new, SpamAssassin, Razor
881 + and DCC</uri>
882 + </li>
883 </ul>
884 +
885 </body>
886 </section>
887 </chapter>
888 -
889 </guide>
890
891
892
893 --
894 gentoo-doc-cvs@l.g.o mailing list
Report Message
Find on MARC Find on Google Groups