Difference between revisions of "Unjunkmgr"

From SME Server
Jump to navigationJump to search
m
Line 25: Line 25:
 
Then install the sme-unjunkmgr RPM from (I will get around and release to contribs later):
 
Then install the sme-unjunkmgr RPM from (I will get around and release to contribs later):
  
  rpm –Uvh http://sme.swerts-knudsen.com/downloads/unjunkmgr/sme-unjunkmgr-1.0.1-1.noarch.rpm
+
  rpm –Uvh http://sme.swerts-knudsen.com/downloads/unjunkmgr/sme-unjunkmgr-1.1.0-1.noarch.rpm
  
 
====De-installation or de-activation====
 
====De-installation or de-activation====
Line 32: Line 32:
 
  rpm –e sme-unjunkmgr-1.0.1-1
 
  rpm –e sme-unjunkmgr-1.0.1-1
  
If you are uninstalling version 1.0.0-1 you also need to also expand templates.
+
If you are uninstalling version '''1.0.0-1''' you also need to also expand templates.
 
  expand-template /etc/crontab
 
  expand-template /etc/crontab
 
  expand-template /etc/httpd/conf/httpd.conf
 
  expand-template /etc/httpd/conf/httpd.conf
 
  /etc/rc.d/init.d/httpd-e-smith restart
 
  /etc/rc.d/init.d/httpd-e-smith restart
  
or disable the functionality with:
+
or disable the functionality with (default: yes):
  
 
  /sbin/e-smith/db configuration set unjunkmgr service enabled <no|yes>
 
  /sbin/e-smith/db configuration set unjunkmgr service enabled <no|yes>
Line 43: Line 43:
 
==Configuration==
 
==Configuration==
  
====SpamAssassin bayes filters====
+
====Email Notifications====
 +
The UnJunk Manager sends out the summary email every Friday at 1PM to all users with emails stored in their junkmail folder. If you wish the admin account to get copied on all these user emails then this can be enabled/disabled with (default: no):
  
The SpamAssassin learning requires that the SpamAssassin bayes filters have been enabled though. How this is done can be read at http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning or through these few shell commands.
+
/sbin/e-smith/db configuration setprop unjunkmgr adminemails <no|yes>
  
config setprop spamassassin UseBayes 1
+
If you just want to use the UnJunk Manager to gather statistics and not send out any summary emails to the users you can disable this functionality with (default: yes):
config setprop spamassassin BayesAutoLearnThresholdSpam 4.00
 
config setprop spamassassin BayesAutoLearnThresholdNonspam 0.10
 
expand-template /etc/mail/spamassassin/local.cf
 
sa-learn --sync --dbpath /var/spool/spamd/.spamassassin -u spamd
 
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes_*
 
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes.mutex
 
chmod 640 /var/spool/spamd/.spamassassin/bayes_*
 
config setprop spamassassin status enabled
 
signal-event email-update
 
  
 +
/sbin/e-smith/db configuration setprop unjunkmgr useremails <no|yes>
  
Personally I also think that the default 90 days of retention for emails in the junkmail folder is way to long - who bothers to look at 90 days old emails anyways? I run with 15 days of retention on all my installations.
+
How do I configure the UnJunkMgr to use an IP address or a different hostname rather than the primary domain name when it sends out the weekly overview (default: domainname)?
  
  db configuration setprop spamassassin MessageRetentionTime 15 
+
  /sbin/e-smith/db configuration setprop unjunkmgr unjunkhost <hostname|IP address>
signal-event email-update
 
 
 
====Unofficial ClamAV signatures====
 
I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.
 
 
 
Follow the guide on http://wiki.contribs.org/Email#Anti_Virus to do that.
 
  
 
====Statistics====
 
====Statistics====
Line 75: Line 62:
 
http://your.domain.com/unjunkmgr
 
http://your.domain.com/unjunkmgr
  
This web page and the unjunk functionality can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via:
+
This web page and the unjunk functionality can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):
  
 
  /sbin/e-smith/db configuration setprop unjunkmgr LocalOnly <no|yes>
 
  /sbin/e-smith/db configuration setprop unjunkmgr LocalOnly <no|yes>
Line 93: Line 80:
 
  /sbin/e-smith/db configuration setprop unjunkmgr statsclient <disabled|enabled>
 
  /sbin/e-smith/db configuration setprop unjunkmgr statsclient <disabled|enabled>
  
Today around ~850 servers still active with my sme-spamfilter contrib and ~450 servers using my sme-antivirus for SME 6x send in data for this “worldwide overview”.
+
====SpamAssassin bayes filters====
  
[[Image:Centralweb.jpg]]
+
The SpamAssassin learning requires that the SpamAssassin bayes filters have been enabled though. How this is done can be read at http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning or through these few shell commands.
 +
 
 +
config setprop spamassassin UseBayes 1
 +
config setprop spamassassin BayesAutoLearnThresholdSpam 4.00
 +
config setprop spamassassin BayesAutoLearnThresholdNonspam 0.10
 +
expand-template /etc/mail/spamassassin/local.cf
 +
sa-learn --sync --dbpath /var/spool/spamd/.spamassassin -u spamd
 +
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes_*
 +
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes.mutex
 +
chmod 640 /var/spool/spamd/.spamassassin/bayes_*
 +
config setprop spamassassin status enabled
 +
signal-event email-update
 +
 
 +
 
 +
Personally I also think that the default 90 days of retention for emails in the junkmail folder is way to long - who bothers to look at 90 days old emails anyways? I run with 15 days of retention on all my installations.
 +
 
 +
db configuration setprop spamassassin MessageRetentionTime 15 
 +
signal-event email-update
 +
 
 +
====Unofficial ClamAV signatures====
 +
I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.
 +
 
 +
Follow the guide on http://wiki.contribs.org/Email#Anti_Virus to do that.
  
 
==FAQ==
 
==FAQ==
Line 157: Line 166:
 
   
 
   
 
  expand-template /etc/crontab
 
  expand-template /etc/crontab
 
===How do I avoid the admin emails?===
 
You unfortunately have to change a few lines of code to avoid these. Open a shell on the system you install the contrib on and open /usr/local/unjunkmgr/spamreminder.pl with your favorite editor.
 
 
Find the line (around line 35):
 
my $admin_email_addr = 'admin';
 
and change to
 
my $admin_email_addr = "";
 
 
  
 
===How do I report a problem or a suggestion?===
 
===How do I report a problem or a suggestion?===
 
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk
 
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk
 
===Recent fix to know problem:===
 
How do I configure the UnJunkMgr to use an IP addres rather than the primary domain name when it sends out the weekly overview?
 
 
There are no configuration options to alter this so you need to fix it in the code - not so hard though.
 
open /usr/local/unjunkmgr/spamreminder.pl with your favorite editor ad go to line 49 where $root_url is defined.
 
 
Let assume that the local IP address of the server is 192.168.1.2
 
 
change the original line 49:
 
 
<nowiki>my $root_url = sprintf ("http://%s/unjunkmgr",$domain_name);</nowiki>
 
 
to
 
 
<nowiki>my $root_url = sprintf ("http://%s/unjunkmgr",'192.168.1.2');</nowiki>
 
 
Ref: http://forums.contribs.org/index.php/topic,42221.0/topicseen.html
 
  
 
==Revisions==
 
==Revisions==
Line 202: Line 184:
  
 
Improved uninstall to clean up properly  
 
Improved uninstall to clean up properly  
 +
|1.1.0-1
 +
|Updated statistics overview to use graphs for spam.
 +
 +
Added new configuration parameters for most commonly asked changes to avoid hard-coding
 +
 +
Improved log file checks to avoid catching errors and warnings from ClamAV
 
|}
 
|}

Revision as of 10:32, 2 April 2009


Maintainer

This contrib has been developed by Jesper Knudsen

Description

I have for a long time had ”customers” that POP’ed emails from my servers and that therefore did not have a good chance to see and/or retrieve emails that had been sorted to the junkmail folder by SpamAssassin. The same actually goes for IMAP users that often forgot to look the junkmail folder when they thought emails were missing.

I have therefore made a junkmail manager that on a weekly basis sends out a summary email to all users with a list of emails that have been sorted into the junkmail folder the recent week.

If the user wishes to get one of these emails sent to the users inbox he/she can push the “UnJunk” link to the left. The system will, if UnJunk is pressed, teach SpamAssassin via the “sa-learn” command that this can be considered as “ham” next time. This means that it’s more likely that an email from this sender or with this content will pass the spam check next time.

The Summary email that arrives per default Fridays at 1PM looks something like this:

Emailsummary.jpg

Installation

The package needs the Perl-MIME-Lite package to be able to send out HTML formatted emails and MRTG to create the statistics graphs.

yum install perl-MIME-Lite --enablerepo=smecontribs
yum install mrtg --enablerepo=base
Important.png Note:
Make sure you have the [base] repository enabled for yum or it cannot find the MRTG package!


Then install the sme-unjunkmgr RPM from (I will get around and release to contribs later):

rpm –Uvh http://sme.swerts-knudsen.com/downloads/unjunkmgr/sme-unjunkmgr-1.1.0-1.noarch.rpm

De-installation or de-activation

You can simply remove the package again with the usual rpm command.

rpm –e sme-unjunkmgr-1.0.1-1

If you are uninstalling version 1.0.0-1 you also need to also expand templates.

expand-template /etc/crontab
expand-template /etc/httpd/conf/httpd.conf
/etc/rc.d/init.d/httpd-e-smith restart

or disable the functionality with (default: yes):

/sbin/e-smith/db configuration set unjunkmgr service enabled <no|yes>

Configuration

Email Notifications

The UnJunk Manager sends out the summary email every Friday at 1PM to all users with emails stored in their junkmail folder. If you wish the admin account to get copied on all these user emails then this can be enabled/disabled with (default: no):

/sbin/e-smith/db configuration setprop unjunkmgr adminemails <no|yes>

If you just want to use the UnJunk Manager to gather statistics and not send out any summary emails to the users you can disable this functionality with (default: yes):

/sbin/e-smith/db configuration setprop unjunkmgr useremails <no|yes>

How do I configure the UnJunkMgr to use an IP address or a different hostname rather than the primary domain name when it sends out the weekly overview (default: domainname)?

/sbin/e-smith/db configuration setprop unjunkmgr unjunkhost <hostname|IP address>

Statistics

The UnJunk Manager also collects statistics on the emails passing through the mail server. This is accessible from:

http://your.domain.com/unjunkmgr

This web page and the unjunk functionality can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):

/sbin/e-smith/db configuration setprop unjunkmgr LocalOnly <no|yes>
expand-template /etc/httpd/conf/httpd.conf
/etc/rc.d/init.d/httpd-e-smith restart

Unjunkweb.jpg

An additional feature of the UnJunk Manager is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of: - amount of emails scanned - number of spam infected or virus infected emails - if virus infected the name of the virus found - the version of SME server used

Should you want to disable this functionality then this can obviously be done:

/sbin/e-smith/db configuration setprop unjunkmgr statsclient <disabled|enabled>

SpamAssassin bayes filters

The SpamAssassin learning requires that the SpamAssassin bayes filters have been enabled though. How this is done can be read at http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning or through these few shell commands.

config setprop spamassassin UseBayes 1
config setprop spamassassin BayesAutoLearnThresholdSpam 4.00
config setprop spamassassin BayesAutoLearnThresholdNonspam 0.10
expand-template /etc/mail/spamassassin/local.cf
sa-learn --sync --dbpath /var/spool/spamd/.spamassassin -u spamd
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes_*
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes.mutex
chmod 640 /var/spool/spamd/.spamassassin/bayes_*
config setprop spamassassin status enabled
signal-event email-update


Personally I also think that the default 90 days of retention for emails in the junkmail folder is way to long - who bothers to look at 90 days old emails anyways? I run with 15 days of retention on all my installations.

db configuration setprop spamassassin MessageRetentionTime 15  
signal-event email-update 

Unofficial ClamAV signatures

I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.

Follow the guide on http://wiki.contribs.org/Email#Anti_Virus to do that.

FAQ

How do I see what this Summary of Junkmail looks like without sending to all my users?

You will need to change the “$debug = 0;” to “$debug = 1;” in the configuration section of the /usr/local/unjunkmgr/spamreminder.pl file. Then launch the reminder manually with:

/usr/local/unjunkmgr/spamreminder.pl

All the summary emails will now be sent to “admin”.

How do I change when the reminder email is sent out?

Currently this requires a manual change. Open in you preferred editor:

/etc/e-smith/templates-custom/etc/crontab/unjunk

Add extra lines to have reminder sent out more often or change the hour/day in the last line with the $OUT - Change the "5" to "1" for Monday rather than Friday.

{
   use esmith::ConfigDB;

       my $dbh = esmith::ConfigDB->open() || die "Unable to open configuration dbase.";
       my %sa_conf = $dbh->get('unjunkmgr')->props;

       while (my ($parameter,$value) = each(%sa_conf)) {
         if ($parameter eq 'enabled') {
          $enabled = $value;
         }
       }

       $OUT = "";
       if (uc($enabled) eq 'YES') {
        $OUT .= "# Schedule the UnJunk every 5 minutes\n";
        $OUT .= "0-59/5 * * * * root /usr/local/unjunkmgr/spamchanger.pl -file=/tmp/unjunk.file\n";
        $OUT .= "\n";
        $OUT .= "# Schedule the weekly Blocked Junk Summary to arrive at 1PM Friday\n";
        $OUT .= "0 13 * * 5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Friday
       }
}

See the following schema for modifying the job scheduling:

*     *     *     *     *  command to be executed

|     |     |     |     |
|     |     |     |     +----- day of week (0 - 6) (Sunday=0)
|     |     |     +------- month (1 - 12)
|     |     +--------- day of month (1 - 31)
|     +----------- hour (0 - 23)
+------------- min (0 - 59)

For example, the original entry:

$OUT .= "0 13 * * 5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Friday

is set to run at 13:00 (1pm) on Friday of every week, to change it to say run at 4:30pm Monday to Friday:

$OUT .= "30 16 * * 1-5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Monday to Friday

To see more detail on crontab scheduling see [1]

Then expand templates

expand-template /etc/crontab

How do I report a problem or a suggestion?

This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk

Revisions

Release Changes
1.0.0-1 First release
1.0.1-1 Updated web overview to have virus rigth and spam to the left.

Fixed regex causing some warning messages during weekly spamreminder run if email subject were empty

Improved uninstall to clean up properly

1.1.0-1 Updated statistics overview to use graphs for spam.

Added new configuration parameters for most commonly asked changes to avoid hard-coding

Improved log file checks to avoid catching errors and warnings from ClamAV