Funzionamento Spamassassin ??

[giackk83]

Salve,
sono nuovo del forum :-) un salutone a tutti quindi .....

arrivo subito al dunque, mi potreste indicare dove posso reperire materiale che spieghi il funzionamento in dettaglio di spamassassin perpiacere? Perchè devo creare una sorta di ricerca su esso....

nel sito web non ho trovato molto materiale anzi.....

perpicare aiutatemi perpiacere.

Grazie.

[morphey]

Ciao,

in italiano trovi un po' di documentazione (fatta da users):
http://www.google.it/search?hl=it&q=...a=lr%3Dlang_it

Da cui:
http://faq.tol.it/article.php?id=550

Ma ti consiglio il loro wiki:
http://wiki.apache.org/spamassassin/

O comunque trovi molta piu' robba in inglese:
http://www.google.it/search?hl=it&sa...sassin&spell=1

[giackk83]

Grazie per la risposta che mi hai dato....

nel wiki del sito web di spamassassin ci avevo guardato ancheio ma vedi che non ti spiega (secondo me :wink: ) il funzionamento del programma.....

cioè io dovrei indicare come funziona spamassassin quindi spiegare le diverse regole che utilizza, da cosa è composto il suo cuore principale ect ect

[morphey]

Ciao,

da http://svn.apache.org/repos/asf/spam...2/spamd/README

Citazione:

Security
--------

Since spamd effectively has both read and write access on all of the mail
which passes through it , you may want to keep security in mind. Depending
on the nature of your set-up. If you are installing it on a site-wide
basis at least some caution is advisable.


System-Level Security
---------------------

spamd has the facility to run as a non-root user, this has potential security
payoffs. If a fault is found in spamd or spamassassin code, any third party
linked-libraries or imported perl modules there is the potential for abuse of
both the running uid of spamd, and the uid of the username supplied by spamc
(and this could be any user).

When run as root, spamd will change uid's to the user invoking spamc in order
to read and write to their configurations. This functionality is not possible
if spamd does not run as root and is a disadvantage if you rely on this. If you
use mysql or LDAP for per-user configuration there is no reason in the world
to run as root, and this remains fully functional.

If you do not need to let your users define their own rules, maintain
their own whitelists, or have non-world-readable home and ~/.spamassassin
directories, then just set spamd up to run with the "-u username" option.
Since spamd can use auto-whitelisting, which requires it maintain a
database of email addresses on-disk, you should use a non-"root" but
non-"nobody" user: "mailnull" or "mail" are good choices, or even create a
"spamd" user.

If you plan to use Razor or Pyzor, please note that they both rely on
their external configuration files in ~/.razor and ~/.pyzor being
readable, and Razor will try to write to a log file in
~/.razor/razor-agent.log that must be writable (Razor will complain about
'unblessed references' in this case). You may find the -H switch to spamd
to be useful; it allows you to set a 'helper home directory' that will be
used as $HOME when external helpers like Razor, Pyzor and DCC are run.


The Bayesian Classifier
-----------------------

If you plan to use Bayesian classification (the BAYES rules) with spamd,
you will need to either

1. modify /etc/mail/spamassassin/local.cf to use a shared database of
tokens, by setting the 'bayes_path' setting to a path all users can read
and write to. You will also need to set the 'bayes_file_mode' setting
to 0666 so that created files are shared, too.

2. Alternatively, let the users train their individual Bayes database.

http://wiki.apache.org/spamassassin/...eBayesFeedback can be very
helpful here.

We have implemented an auto-learning algorithm (option 'bayes_auto_learn', on
by default) which can use high-scoring and low-scoring (options
'bayes_auto_learn_threshold_spam' and 'bayes_auto_learn_threshold_nonspam')
mails to improve classification efficiency.


Security And User-Spoofing Clients
----------------------------------

Since spamd makes no effort to authenticate the username supplied by
spamc, it is easily possible for malicious users invoking modified
spamc clients to make spamd:

(1.) read (and hence determine) the contents of other users configurations
(2.) change the contents of other users configurations (whitelisting)
(3.) grab CPU time as that user -- this is an issue on ulimit'd systems

If users do not have the opportunity to invoke spamc themselves, and
the network is secure, running spamd as root is the preferred option,
Be clear that the issues above dont affect you. Note: if you use mysql
or LDAP for per-user configuration on systems, you will remain vulnerable
to (1.) and (2.).

configuration: Mysql .spamassassin/user_prefs
/ \ / \
/ \ / \
can users connect? yes no yes no
| | / |
| | / |
unsafe | / root prefered
| /
safe as non-root
|
|
some deprecation

If you use spamd across a network and spamc connects from other hosts, you
should ensure (as with all services) the security of your network segments.
Mail is sent as plaintext, and is prone to packet sniffing and spoofing
techniques if you are on an insecure network. If you cannot avoid this consider
using an encrypted transport layer, such as a VPN, ssh tunnel or similar, or
using an SSL-enabled spamc (see 'SSL Support' below).

E in più, dai un'occhiata qui:
http://spamassassin.apache.org/full/3.2.x/doc/

[giackk83]

Grazie per la risposta sei stato gentilissimo ............

adesso ci do un'occhiata.....

[giackk83]

il materiale che mi hai indicato mi è stato molto utilie ancora graziee

un'altra cosetta se possibile, invece su DSPAM sai qualcosa?

[morphey]

Prego.
No, non l'ho mai usato. Prova a dare un'occhiata qui:
http://dspam.nuclearelephant.com/

[giackk83]

ho guardato nel sito web principale ma come accade in parte per spamassassin le faq sono molto scarse..... non spiegano bene da cosa è formato e come funziona.......

[morphey]

Basta cercare bene nel sito:

http://dspam.nuclearelephant.com/text/README-3.6.7.txt
http://dspamwiki.expass.de/

in generale:
http://dspam.nuclearelephant.com/resources.shtml

[giackk83]

Grazie per le risposte