spamfilter20050606 Changelog
Close this window to continue.
20051120
Added two new stand-alone documents:
Getting Maia Mailguard installed on a Debian Sarge gateway email server
Additional anti-UCE settings for our Debian Anti-Spam Anti-Virus Gateway Email Server.
20051115
Revised ClamAV section. We now use Debian Volatile to install ClamAV.
20050904
Moved reject_unauth_pipelining from smtpd_data_restrictions, to the end of smtpd_recipient_restrictions,
then removed smtpd_data_restrictions.
20050813
I removed the 'mailer' script that was used to stop and start both Postfix and
amavisd-new at the same time. The consensus is: there is no reason to stop Postfix
prior to stopping amavisd-new.
20050801
When setting up the transport table, and you want to send to a hostname instead of
an IP address, you should enclose the hostname in square brackets to avoid mail
loops due to MX lookups (i.e. smtp:[exchange.domain1.com]). The brackets disable MX lookups.
20050718
Replaced the generic /etc/postfix/access file with more a specific /etc/postfix/sender_access file.
Changed pin priority of stable from 500 to 600
20050712
The Postfix Anti-Spam settings have changed. I now recommend:
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/access,
reject_non_fqdn_sender,
reject_unknown_sender_domain
and
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination
This enables us to allow certain senders with bogus domains without allowing them to relay through us.
20050707
I now provide a link with instructions to upgrade amavisd-new to version 2.3.2 (was 2.2.1)
20050624
We now remove /etc/razor/razor-agent.conf prior to configuring razor.
Debian installs Postfix chrooted by default, made a note of this, and offered the LINUX2 script for maintenance.
20050611
Added postconf -e "mydestination = "
Added postconf -e "local_recipient_maps = "
Made a note that because there is no local mail delivery, /etc/aliases is likely ignored by Postfix.
20050608
This is a new branch of the document for those who would like to install the Debian Sarge Stable release.
20050530
Added instructions that outline installation of BitDefender AntiVirus
20050516
Added http://verchick.com/mecham/public_html/spam/debian-spamassassin-sql.html
20050513
We need to 'chown -R amavis:amavis /var/dcc' when using dccifd
20050413
Revised edition now uses Debian Release Candidate 3 and Postfix 2.2.x
Previous edition archived as spamfilter20041003-rc2.html
20050324
Completely revised the pflogsumm report.
Made a note on the possible need to turn off IPv6 support in DCC.
For consistency, the AIDE section was modified to use a non-current version of AIDE.
20050314
Added instructions on enabling dccifd.
20050211
Changed from Sarge RC1 to RC2 which resulted in only a few minor changes to the Debian installation.
20041218
Added a new document that outlines upgrading amavisd-new to version 2.2.1
20041216
Added instructions on enabling passive ftp transfer mode via editing libnet.cfg.
Added "pax" to the list of programs to install.
20041209
Added instructions on adding the "qshape" program to a cron job.
20041123
Added trim_whitelist to help maintain the auto-whitelist file.
It's in the "CPAN, Mailgrep, Pflogsumm, Mailer and trim_whitelist" section.
20041118
There is a bug in /etc/cron.daily/amavisd-new that prevents it from running.
Please repair your copy if needed. Make sure you have single quote marks around the command section:
su - amavis '/usr/bin/sa-learn --rebuild --force-expire'
Or modify it by adding --
su - amavis -- /usr/bin/sa-learn --rebuild --force-expire
If you have "bayes_auto_expire 0" set for SpamAssassin, and you don't insure this is fixed, the bayes files may never stop growing.
20041104
SpamAssassin 3.0.0 has been replaced with 3.0.1 so it is no longer necessary to patch SpamAssassin.
Make sure your libarchive-zip-perl is version 1.14-1 or greater. "apt-cache policy libarchive-zip-perl"
20041103
I no longer run "pyzor discover" as a cron job. The Pyzor server it supplies does not work properly (11/8/2004).
Read the "Pyzor, Razor and SpamAssassin configuration" section for instructions on how to set the Pyzor server manually.
20041105
ClamAV clamd 0.80 now uses /etc/clamav/clamd.conf instead of /etc/clamav/clamav.conf used in previous versions.
20041024
Provided a new section "Local DNS cache" that offers instructions for installing the dnscache program.
Added a cron job: "10 10 * * * /sbin/hwclock --systohc" to sync our CMOS clock once each day.
Modified smtpd_recipient_restrictions again (added reject_non_fqdn_sender).
20041022
Modified iptables rules and /etc/apt/sources.list to enable installation of a local dns cache (djbdns).
Placed reject_unknown_sender_domain before permit_mynetworks to insure it will be evaluated when our spamfilter is on an internal network.
20041017
Changed location of pflogsumm.pl from /usr/bin to /usr/sbin because it will install there if we use apt-get to install it.
20041009
Added instructions to optionally run Postfix chrooted.
20041006
Added virtual_alias_maps so we can accept mail to postmaster@[our.ip.add.ress]
20041005
Added a small section on the NTP daemon.
Placed a system in production and the system functioned fine. I was disappointed in
SpamAssassin 3.0.0 as compared with 2.64. The scores were often substantially lower but
in fairness my 2.64 system had been tweaked the way I wanted it. I changed a few
of the scores of default tests (in the tweaking section) and am more pleased today
than I was yesterday. I also copied Bayes data from a 2.64 machine and upgraded
it with sa-learn so I would have Bayes data available from the beginning.
20041003
Uploaded initial version. This document has changed considerably from previous versions
with the most notable changes being the Postfix configuration and the use of SpamAssassin 3.0.0.
As of 03 Oct 2004 I have not actually placed a server with this configuration in a production
environment but based on previous versions I assume this server will function as I
expect, so proceed with that in mind.
http://verchick.com/mecham/public_html/spam/spamfilter20050606.html