Limit SPAM with SPAMasassin

Log into cPanel and choose "Mail".

STEP ONE:

* click the spam assassin icon
* click enable spam assassin

When the screen refreshes, you should see the bold black and red text:
Code:

Spam Assassin is currently: enabled


DO NOT enable 'spambox'.

Click 'configure spam assassin' now.

STEP TWO: Configuring Spam Assassin basic
The screen for configuring spam assassin looks complicated, but it's not.

At this time we'll only worry about 'whitelist' and a few other options.

The whitelist is a list of email domains or accounts that you always want to get mail from. I don't recommend putting entire domains in if you have certain addresses that you know and want. This helps prevent address-spoofing spam.

First, let's have spam asssassin flag messages that it thinks are spam for us. Find the box that says rewrite-subject.
delete any value in that box, and enter the number 1.

Second, find the box that says subject_tag.
This is where you enter the 'flag' message that will be put at the beginning of any suspected spams subject line. Enter (without the quotes)

Quote:
**Possible-Spam**
here.

Third, find the box marked required_hits.
Here you enter the minimum score that a message must have to trigger the flagging you just set up above. Mine is set to 4.5, but initially - to prevent a bunch of false positives, I would set it to 5 or 6.

Fourth, find the whitelist_from box. You'll see 4 boxes to enter whitelist_from addresses. You're not limited to four, by the way. Enter up to four here, then scroll down to the bottom of the screen and hit SAVE. Cpanel will now add 4 more blank lines for whitelist_from addresses. Continue here until all of your necessary whitelist names are her. NOTE you don't need to whitelist everyone. This is helpful however to whitelist people who are in AOL, Hotmail, or Yahoo - or any other domain that is often seen as SPAM. My personal whitelist is only 12 entries.

Don't forget to hit SAVE at the bottom of the Spam Assassin configuration page, or all your work is lost. When you save, it refreshes the page - so you can then click the 'home' icon to return to Cpanel.

Congratulations You've just completed basic spam-assassin configuration.

From this moment on, email that comes to your domain will be examined by Spam Assassin. If Spam Assassin determines, through various rules tests, that it thinks you have a spam - (each test adds 'points) and it reaches the point threshold that you've set, the email subjects will be flagged "**POSSIBLE-SPAM**buy c;all'is today = know doctorz needed"


   
 
In the list of options, choose E-mail filtering

If you have previously input filters, they'll show here, and below them you'll see:
Code:

[ Add Filter ] | [ Go Back ]



Select Add Filter

The Add filter dialog is pretty simple. The Filter drop down defaults to subject. Change this to "Any Header".

The next box over is where you enter your test criteria. You can cut and paste the line below:

Code:

X-Spam-Level: ********



If you want a higher threshold, add a star. If you want a lower one (not recommended at the beginning - some email's that I get from PCWeek score as high as 7.9!) subtract a star.

Leave the Destination as 'discard'.

Now click ACTIVATE.

There. You've done it. If you followed the examples literally, you'll now flag all messages that score over 4.5 points, and automatically trash messages scoring over 8 points.

Part 3 - Teach Spam Assassin the spammers new tricks

We'll assume that you've followed all the steps through now. You should have noticed a drop in spam due to the 'autodelete' of high scoring messages. But a significant number of messages have still been coming through....
Quote:

harem-keeper kempfs jzeroca

Largest Selection Of Online Medications!

They got Vi.co.din, X.@nax, and V.aliu.m..and other popular products..

Enjoy deep discount meds here.

J K http://be.info.offersbank.com/abc/ok/

Quiit service is ava1-iable at website..

It was a very foggy day in London. The fog was so thick that it was
impossible to see more than a foot or so. buses, cars and taxis were not
able to run and were standing by the side of the road. People were trying to find their way about on foot but were losing their way in the fog. Mr. Smith had a very important meeting at the House of Commons and had to get there but no one could take him. He tried to walk there but found he was quite lost. Suddenly he bumped into a stranger. The stranger asked if he could help him. Mr. Smith said he wanted to get to the


Spammers stuff random words, paragraphs, quotes, etc. into the body of the message - or use 'hidden text' in HTML formatted messages (font size 1px, etc.) to get around normal Spam Assassin (and other spam checkers) rules.

Thankfully, Spam Assasin can learn from these messages and start trapping them too...

In your control panel, open your file manager. You'll see a folder .spamassassin.
Click on the FOLDER icon for spam assassin. That will open the folder.

Click on the file user_prefs, and in the right column select EDIT FILE.

Now, add the following lines:

Code:
# Enable the Bayes system use_bayes 1 # Enable or disable network checks skip_rbl_checks 0 use_razor2 1 use_dcc 1 use_pyzor 1


The above lines enable checks against known/reported spammer id's, and the top one enables the bayes 'logic analysis' system.
Now click SAVE on the bottom of the screen.

Now to teach SPAM ASSASSIN...

In the file manager, navigate up to the user_root directory (click up one level). If you see the folder public_html in the list window you're in the right place.

Click create new folder
make a folder named "script" (without the quotes, of course...)

After making the folder, navigate into it and select Create New File
enter the file name 'learnspam', and select type "shell script".

Copy the following code into the file edit window:
Code:

#!/bin/sh
echo "Learning SPAM" for FILE in `find $HOME -name SPAM -print`
do echo "Processing
$FILE" sa-learn --spam --mbox
$FILE done echo "Learning HAM" for FILE in `find
$HOME -name HAM -print` do echo "Processing
$FILE" sa-learn --ham --mbox
$FILE rm $FILE touch
$FILE done echo "Done"



Half Way There....

Now you have a script that will teach Spam Assassin to recognize spam. But the Spam Assassin program won't activate the BAYES rules until it has learned at least 150-200 SPAM and 'ham' (non spam) messages.

The best way to compile that many messages is to have each user 'pre check' their email with HORDE before downloading messages to their computer.

To do this you must disable 'auto-checking' from your mail program (outlook express, etc). Then, open webmail for your account. Open the inbox, then select Folders. Create 2 new folders - SPAM and HAM. You must use those folder names exactly, because that is what the script is searching for.

Now, when you find a message that IS spam in your inbox, MOVE it to the SPAM folder.

And copy a bunch of your 'good' mail messages to the HAM folder. Copy is the best thing here, because the script will purge that folder after each run.

Of course, with HORDE you can look at the contents of these folders. They should have a similar number of messages in them when you start the process. As it runs, however, the spam folder will continue to contain older spam messages. The reason for this is that in the event Cpanel upgrades Spam Assassin, or your bayes-database gets corrupted for any other reason, you want to have a library of about 500 spam messages to 'relearn'. You should go through the SPAM folder every month or so and delete the oldest messages once you have 500 in the folder.

You can accumulate MORE spam by modifying the "autodelete" rule from the last section.

If you remove that rule and instead tell the mail filter to forward ALL MESSAGES scoring over 10 to a separate EMAIL address (mine is 'mailtrap'), then logging into the mail trap account every couple of days and moving 'his' messages to 'his' spam folder will help SA learn REAL spam...

If you get a message that is a FALSE POSITIVE - meaning it scored as spam but was not ment to be, make sure you copy that into the HAM folder.

Setting the Cron Job
Click the CRON JOB icon in Cpanel.
Enter your mail address in the 'mail to' box

Press 'save crontab' button. NOTE - see the path? that is the 'userID' for cpanel that is wiped out there... so replace it with whatever yours is... this is the path to the learning script.

You're done.
 
   
 
 
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

FrontPage problems.

If your site is working properly and you cannot update with Front Page, try this; 1....

BACKUP BACKUP BACKUP

Here is an easy script to help you backup your databases. Please note that you are...

Where do my files go?

Q. Where do I put my HTML pages to replace the default home page? A. publish your...

Create and edit your site from cPanel.

When you login to your control panel Code:...

How to make an immediate backup of my site.

This option in your control panel allows you to compress your directories and/or files located...

Powered by WHMCompleteSolution