Unjunkmgr

From SME Server
Revision as of 17:40, 19 March 2009 by Knuddi (talk | contribs)
Jump to navigation Jump to search


Maintainer

This contrib has been developed by Jesper Knudsen

Description

I have for a long time had ”customers” that POP’ed emails from my servers and that therefore did not have a good chance to see and/or retrieve emails that had been sorted to the junkmail folder by SpamAssassin. The same actually goes for IMAP users that often forgot to look the junkmail folder when they thought emails were missing.

I have therefore made a junkmail manager that on a weekly basis sends out a summary email to all users with a list of emails that have been sorted into the junkmail folder the recent week.

If the user wishes to get one of these emails sent to the users inbox he/she can push the “UnJunk” link to the left. The system will, if UnJunk is pressed, teach SpamAssassin via the “sa-learn” command that this can be considered as “ham” next time. This means that it’s more likely that an email from this sender or with this content will pass the spam check next time.

The Summary email that arrives per default Fridays at 1PM looks something like this:

 

Installation

The package needs the Perl-MIME-Lite package to be able to send out HTML formatted emails and MRTG to create the statistics graphs.

yum install perl-MIME-Lite --enablerepo=smecontribs
yum install mrtg --enablerepo=base
  Note:
Make sure you have the [base] repository enabled for yum or it cannot find the MRTG package!


Then install the sme-unjunkmgr RPM from (I will get around and release to contribs later):

rpm –Uvh http://sme.swerts-knudsen.com/downloads/unjunkmgr/sme-unjunkmgr-1.0.1-1.noarch.rpm

De-installation or de-activation

You can simply remove the package again with the usual rpm command.

rpm –e sme-unjunkmgr-1.0.1-1

If you are uninstalling version 1.0.0-1 you also need to also expand templates.

expand-template /etc/crontab
expand-template /etc/httpd/conf/httpd.conf
/etc/rc.d/init.d/httpd-e-smith restart

or disable the functionality with:

/sbin/e-smith/db configuration set unjunkmgr service enabled <no|yes>

Configuration

SpamAssassin bayes filters

The SpamAssassin learning requires that the SpamAssassin bayes filters have been enabled though. How this is done can be read at http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning or through these few shell commands.

config setprop spamassassin UseBayes 1
config setprop spamassassin BayesAutoLearnThresholdSpam 4.00
config setprop spamassassin BayesAutoLearnThresholdNonspam 0.10
expand-template /etc/mail/spamassassin/local.cf
sa-learn --sync --dbpath /var/spool/spamd/.spamassassin -u spamd
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes_*
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes.mutex
chmod 640 /var/spool/spamd/.spamassassin/bayes_*
config setprop spamassassin status enabled
signal-event email-update


Personally I also think that the default 90 days of retention for emails in the junkmail folder is way to long - who bothers to look at 90 days old emails anyways? I run with 15 days of retention on all my installations.

db configuration setprop spamassassin MessageRetentionTime 15  
signal-event email-update 

Unofficial ClamAV signatures

I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.

Follow the guide on http://wiki.contribs.org/Email#Anti_Virus to do that.

Statistics

The UnJunk Manager also collects statistics on the emails passing through the mail server. This is accessible from:

http://your.domain.com/unjunkmgr

This web page and the unjunk functionality can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via:

/sbin/e-smith/db configuration setprop unjunkmgr LocalOnly <no|yes>
expand-template /etc/httpd/conf/httpd.conf
/etc/rc.d/init.d/httpd-e-smith restart

 

An additional feature of the UnJunk Manager is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of: - amount of emails scanned - number of spam infected or virus infected emails - if virus infected the name of the virus found - the version of SME server used

Should you want to disable this functionality then this can obviously be done:

/sbin/e-smith/db configuration setprop unjunkmgr statsclient <disabled|enabled>

Today around ~850 servers still active with my sme-spamfilter contrib and ~450 servers using my sme-antivirus for SME 6x send in data for this “worldwide overview”.

 

FAQ

How do I see what this Summary of Junkmail looks like without sending to all my users?

You will need to change the “$debug = 0;” to “$debug = 1;” in the configuration section of the /usr/local/unjunkmgr/spamreminder.pl file. Then launch the reminder manually with:

/usr/local/unjunkmgr/spamreminder.pl

All the summary emails will now be sent to “admin”.

How do I change when the reminder email is sent out?

Currently this requires a manual change. Open in you preferred editor:

/etc/e-smith/templates-custom/etc/crontab/unjunk

Add extra lines to have reminder sent out more often or change the hour/day in the last line with the $OUT - Change the "5" to "1" for Monday rather than Friday.

{
   use esmith::ConfigDB;

       my $dbh = esmith::ConfigDB->open() || die "Unable to open configuration dbase.";
       my %sa_conf = $dbh->get('unjunkmgr')->props;

       while (my ($parameter,$value) = each(%sa_conf)) {
         if ($parameter eq 'enabled') {
          $enabled = $value;
         }
       }

       $OUT = "";
       if (uc($enabled) eq 'YES') {
        $OUT .= "# Schedule the UnJunk every 5 minutes\n";
        $OUT .= "0-59/5 * * * * root /usr/local/unjunkmgr/spamchanger.pl -file=/tmp/unjunk.file\n";
        $OUT .= "\n";
        $OUT .= "# Schedule the weekly Blocked Junk Summary to arrive at 1PM Friday\n";
        $OUT .= "0 13 * * 5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Friday
       }
}

See the following schema for modifying the job scheduling:

*     *     *     *     *  command to be executed

|     |     |     |     |
|     |     |     |     +----- day of week (0 - 6) (Sunday=0)
|     |     |     +------- month (1 - 12)
|     |     +--------- day of month (1 - 31)
|     +----------- hour (0 - 23)
+------------- min (0 - 59)

For example, the original entry:

$OUT .= "0 13 * * 5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Friday

is set to run at 13:00 (1pm) on Friday of every week, to change it to say run at 4:30pm Monday to Friday:

$OUT .= "30 16 * * 1-5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Monday to Friday

To see more detail on crontab scheduling see [1]

Then expand templates

expand-template /etc/crontab

How do I avoid the admin emails?

You unfortunately have to change a few lines of code to avoid these. Open a shell on the system you install the contrib on and open /usr/local/unjunkmgr/spamreminder.pl with your favorite editor.

Find the line (around line 35):
my $admin_email_addr = 'admin';
and change to
my $admin_email_addr = "";


How do I report a problem or a suggestion?

This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk

Recent fix to know problem:

How do I configure the UnJunkMgr to use an IP addres rather than the primary domain name when it sends out the weekly overview?

There are no configuration options to alter this so you need to fix it in the code - not so hard though. open /usr/local/unjunkmgr/spamreminder.pl with your favorite editor ad go to line 49 where $root_url is defined.

Let assume that the local IP address of the server is 192.168.1.2

change the original line 49:

my $root_url = sprintf ("http://%s/unjunkmgr",$domain_name);

to

my $root_url = sprintf ("http://%s/unjunkmgr",'192.168.1.2');

Ref: http://forums.contribs.org/index.php/topic,42221.0/topicseen.html

Revisions

Release Changes
1.0.0-1 First release
1.0.1-1 Updated web overview to have virus rigth and spam to the left.

Fixed regex causing some warning messages during weekly spamreminder run if email subject were empty

Improved uninstall to clean up properly