Setting up dovecot-antispam with Spamassassin

dovecot-antispam is a plugin for the Dovecot IMAP server that automatically runs a classifier tool to train your spam filter whenever you move a mail into or out of the Junk folder. As it is written with a generic interface, its configuration allows you to configure a command to be run whenever such an event occurs. It will be called with a configurable argument indicating whether the mail should be considered spam or not and will pipe the mail itself to the standard input of the command.

# /etc/dovecot/conf.d/90-plugin.conf
plugin {
  # dovecot-antispam
  antispam_backend = pipe
  antispam_trash = trash;Trash;Deleted Items;Deleted Messages
  antispam_spam = Junk
  antispam_pipe_program = /usr/local/sbin/sa-learn-pipe
  antispam_pipe_program_spam_arg = --spam
  antispam_pipe_program_notspam_arg = --ham
  antispam_pipe_tmpdir = /tmp
}

Now this should be a sane interface for any Unix system, pipes are quite the preferred way of handling input. However, in case an error occurs, the log files will not include any helpful output from the failed program, just that it failed. Therefore I wrote a small wrapper around sa-learn(1), the tool of Spamassassin to train the Bayesian classifier.

The example script on the wiki page for dovecot-antispam uses temporary files to pass the mail content as a file. However, sa-learn(1) also accepts the common dash "-" as an argument, which internally will create a temporary file from the contents of stdin. Although this is a fully undocumented feature, I looked into the source to confirm this will work as expected. If the command fails, the wrapper script below will record the full output with logger in the mail.err facility in syslog.

#!/bin/bash
 
# /usr/local/sbin/sa-learn-pipe
 
out=$(sa-learn "$@" - 2>&1)
ret=$?
 
if [ $ret -gt 0 ]; then
    logger -p mail.err -i -t "${0##*/}" "${1//[^a-z]/}: $out"
fi
 
exit $ret

My previous way of implementing spam learning was to move spam mails into a special directory, where a cronjob would pick it up to pass it to sa-learn. Now I like this much better, as it integrates nicely with the “Mark as Spam” actions in most IMAP clients. In addition to this, I expunge old spam mails with a cronjob deleting all mails created more than 30 days ago in the Junk folder.

1 thought on “Setting up dovecot-antispam with Spamassassin

  1. Pingback: Debian + Postfix + Dovecot + Multidomain + SSL + IPv6 + OpenVPN + Multi-interfaces + SpamAssassin-learn + Bind – CHEPA website

Leave a Reply

Your email address will not be published.

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.