使用RulesDuJour添加和更新SpamAssassin规则集
版本1.0
作者:Falko Timme
本文介绍了如何下载其他SpamAssassin规则集。 使用名为RulesDuJour的Shell脚本自动更新这些规则集。 这些额外的规则可以显着提高您的垃圾邮件识别率。 RuleDuJour支持的大多数规则集可以在SA Rules Emporium网站上找到 。
我不会保证这将为您工作!
1初步说明
我假设你已经设置了SpamAssassin(如果它是一个独立的守护进程,或者通过一些其他守护进程调用,如amavisd - RulesDuJour支持所有这些配置)就没关系。
2下载RulesDuJour
我想将RulesDuJour脚本存储在/ usr / local / sbin目录中,所以我去那里下载脚本:
cd /usr/local/sbin
wget http://sandgnat.com/rdj/rules_du_jour
chmod 750 rules_du_jour
3配置规则
每当调用RulesDuJour脚本时,都会尝试读取配置文件/ etc / rulesdujour / config 。 因此,我们现在创建该文件:
mkdir /etc/rulesdujour
vi /etc/rulesdujour/config
TRUSTED_RULESETS="TRIPWIRE SARE_EVILNUMBERS0 SARE_RANDOM"; # TRIPWIRE, SARE_EVILNUMBERS0, SARE_EVILNUMBERS1, SARE_EVILNUMBERS2, BLACKLIST, BLACKLIST_URI, RANDOMVAL, BOGUSVIRUS, SARE_ADULT, SARE_FRAUD, SARE_BML, SARE_SPOOF, SARE_BAYES_POISON_NXM, SARE_OEM, SARE_RANDOM, SARE_HEADER, SARE_HEADER0, SARE_HEADER1, SARE_HEADER2, SARE_HEADER3, SARE_HEADER_ENG, SARE_HTML, SARE_HTML0, SARE_HTML1, SARE_HTML2, SARE_HTML3, SARE_HTML4, SARE_HTML_ENG, SARE_SPECIFIC, SARE_OBFU, SARE_OBFU0, SARE_OBFU1, SARE_OBFU2, SARE_OBFU3, SARE_REDIRECT, SARE_REDIRECT_POST300, SARE_SPAMCOP_TOP200, SARE_GENLSUBJ, SARE_GENLSUBJ0, SARE_GENLSUBJ1, SARE_GENLSUBJ2, SARE_GENLSUBJ3, SARE_GENLSUBJ_ENG, SARE_HIGHRISK, SARE_UNSUB, SARE_URI, SARE_URI0, SARE_URI1, SARE_URI3, SARE_URI_ENG, SARE_WHITELIST, SARE_WHITELIST_RCVD, SARE_WHITELIST_SPF, ZMI_GERMAN, SARE_STOCKS
SA_DIR="/etc/mail/spamassassin"; # Change this to your SA local config
# directory, probably /etc/mail/spamassassin.
# For amavisd chrooted, this may be:
# /var/amavisd/etc/mail/spamassassin
MAIL_ADDRESS="your@yourdomain.com";
SINGLE_EMAIL_ONLY="true"; # Set this to "true" to send only one notification
# email per RDJ run with "interesting"
# activity. Set to "" to send a separate
# for each interesting activity.
EMAIL_RDJ_UPDATE_ONLY=""; # Set this to "true" to send notifications only
# when an update for RDJ has been retrieved. Set
# to "" (default) to send notifications whenever a ruleset
# has changed. (Has no effect unless SINGLE_EMAIL_ONLY is set)
SA_LINT="/usr/bin/spamassassin --lint"; # Command used to lint the rules
SA_RESTART="/etc/init.d/amavisd restart"; # Command used to restart spamd
# May be /etc/rc.d/init.d/spamassassin restart
# For amavisd, may be /etc/init.d/amavisd restart
# For minedefang, may be /etc/init.d/mimedefang restart
CURL_PROG="/usr/bin/curl"; # Location of the curl program
CURL_OPTS="-w %{http_code} --compressed -O -R -s -S -z"; # Parameters of the curl program
CURL="${CURL_PROG} ${CURL_OPTS}"; # Curl program with parameters
WGET_PROG="/usr/bin/wget"; # Location of the wget program
WGET_OPTS="-N" # Parameters of the wget program
WGET="${WGET_PROG} ${WGET_OPTS}"; # Wget program with parameters
PERL="/usr/bin/perl"; # Location of the perl program
GREP="/bin/grep"; # Location of the grep program
TAIL="/usr/bin/tail -n 1"; # Location (and parameters) for 'tail -n 1'
HEAD="/usr/bin/head -n 1"; # Location (and parameters) for 'head -n 1'
MAILCMD="/bin/mail"; # Location of the mail program
# that takes and understand the -s flag
# DEBUG="true"; # Uncomment this to force debug mode on (or use -D) |
TRUSTED_RULESETS行包含要使用的所有规则集(确保在生产系统上使用它们之前测试这些规则!); 我列出了所有可用的规则集在行尾的注释。
SA_DIR行必须包含您的SpamAssassin配置目录; 通常是/ etc / mail / spamassassin 。
MAIL_ADDRESS应包含您希望RulesDuJour发送关于下载/更新过程的通知的电子邮件地址。
所有其他选项将在上述脚本中进行说明(作为注释)。 SA_RESTART应该是用于重新启动SpamAssassin的命令。 如果您运行SpamAssassin作为一个独立的守护进程,它可能类似于/etc/init.d/spamassassin restart或/etc/init.d/spamd restart ; 如果通过amavisd调用SpamAssassin,则必须指定用于重新启动amavisd的命令(例如/etc/init.d/amavisd restart )。
使用上述脚本中所有程序的完整路径是一个好主意(例如/ usr / bin / spamassassin而不是spamassassin或/ usr / bin / curl而不是curl )。 您可以找到每个程序的完整路径,例如
which spamassassin
which curl
which wget
which perl
which grep
which tail
which head
which mail
[root@server1 sbin]# which spamassassin
/usr/bin/spamassassin
[root@server1 sbin]# which curl
/usr/bin/curl
[root@server1 sbin]# which wget
/usr/bin/wget
[root@server1 sbin]# which perl
/usr/bin/perl
[root@server1 sbin]# which grep
/bin/grep
[root@server1 sbin]# which tail
/usr/bin/tail
[root@server1 sbin]# which head
/usr/bin/head
[root@server1 sbin]# which mail
/bin/mail
[root@server1 sbin]#
4运行规则DUJour
如果你在/ usr / local / sbin目录下,可以像这样运行RulesDuJour:
./rules_du_jour
在另一个目录中,您可以这样称呼:
rules_du_jour
当然,您也可以随时使用完整的路径:
/usr/local/sbin/rules_du_jour
5创建Cron作业
当然,你不想每次手动运行RulesDuJour; 因此我们设置了一个这样的cron工作:
crontab -e
0 3 * * * /usr/local/sbin/rules_du_jour 2&>1 > /dev/null |
上述cron工作将在3点00分的每个晚上运行RulesDuJour。
6链接
- SpamAssassin: http : //spamassassin.apache.org
- RulesDuJour: http : //sandgnat.com/rdj/rules_du_jour
- SpamAssassin规则商店 : http : //www.rulesemporium.com
