Razor how to
Andrea Soliva
soliva at comcept.ch
Mon Aug 7 15:09:36 CEST 2006
how hope it helps....! Razor must be initialized with the correct rights!
PS: I hope the format of the mail is not too ugly...!
************************************************
* 276.0 Zusaetzlich Vipul's Razor2 fuer Kolab2 *
************************************************
276.1) Als zusaetzliche Erweiterung werden wir "Razor2" installieren.
Dieses Tool
wird sich ebenfalls in "Amavisd-New" integrieren. Wir erstellen ein
temporaeres
Verzeichnis und werden die Source kompilieren. Die Source ist ein
Perl Module
und wird sich automatisch ins Perl Verzeichnis installieren:
# mkdir /kolabtmp/razor2
# cd /kolabtmp/razor2
# mv razor-agents-2.81.tar.gz /kolabtmp/razor2
# bzip2 -dc razor-agents-2.81.tar.bz2 | tar xvf -
# cd razor-agents-2.81
Jetzt koennen wir die Source kompilieren, testen und installieren.
Achte darauf
das die richtige Perl Version genutzt wird:
# opa /kolab
# which perl
/kolab/bin/perl
# /kolab/bin/perl Makefile.PL
--------------- Makefile.PL ---------------
Checking if your kit is complete...
Looks good
Checking if your kit is complete...
Looks good
Writing Makefile for Razor2::Preproc::deHTMLxs
Writing Makefile for razor-agents
--------------- Makefile.PL ---------------
# /kolab/bin/make
# /kolab/bin/make test
# /kolab/bin/make install
276.2) Als naechstes verifizieren wir mit dem "razor-client" Kommando ob
die betreffenden
"symlinks" generiert wurden:
# /kolab/bin/razor-client
--------------- /kolab/bin/razor-client ---------------
This program is deprecated and no longer necessary. You may begin using
Razor now.
--------------- /kolab/bin/razor-client ---------------
275.3) Nun als naechstes werden wir das Homeverzeichnis von "Razor2"
erstellen. Beachte
bitte bei der nachfolgenden Anweisungen das diese Anweisungen mit
dem entsprechenden
"user" ausgefuehrt werden muessen:
# mkdir /kolab/.razor
# chown kolab-r:kolab-r /kolab/.razor
# su - kolab-r
$ pwd
/kolab
$ /kolab/bin/razor-admin -create
$ exit
# ls -la /kolab/.razor
drwxr-xr-x 2 kolab-r kolab 512 Nov 7 11:07 .
drwxr-xr-x 18 kolab kolab 512 Nov 7 11:06 ..
-rw-r--r-- 1 kolab-r kolab-r 698 Nov 7 11:07 razor-agent.conf
-rw-r--r-- 1 kolab-r kolab-r 212 Nov 7 11:07 razor-agent.log
-rw-r--r-- 1 kolab-r kolab-r 484 Nov 7 11:07
server.folly.cloudmark.com.conf
-rw-r--r-- 1 kolab-r kolab-r 20 Nov 7 11:07
servers.catalogue.lst
-rw-r--r-- 1 kolab-r kolab-r 22 Nov 7 11:07
servers.discovery.lst
-rw-r--r-- 1 kolab-r kolab-r 38 Nov 7 11:07
servers.nomination.lst
ACHTUNG Mit der Variable "-create" wird explizit das File "razor-agent.conf"
******* angelegt. Dieses File wird im Verzeichnis ".razor" des jeweiligen
Users
abgelegt der das Kommando "razor-admin -create" ausfuehrt.
Existiert das File "/etc/razor/razor-agent.conf" werden die Einstellungen
von diesem File uebernommen fuer das "razor-angent.conf" File des Users.
Existiert das File in "/etc/razor/razor-agent.conf" nicht so werden
Standard Werte in das File "razor-agent.conf" des Users geladen.
Das Verzeichnis ".razor" sowie alle darin befindlichen und neu erstellten
Dateien werden mit den Rechten des jeweiligen Users versehen der das
Kommando "razor-admin -create" abgesetzt hat.
276.4) Als naechstes muessen wir uns mit dem "Razor-Netzwerk"
authentifizieren. Dies kann
auf vers. Weise geschehen dh. mit Username und Passwort oder mit
einer E-Mail
Adresse usw. Wir waehlen die Variante "Username/Passwort". Auch
dieser Befehl MUSS
als User "kolab-r" abgesetzt werden wie im vorherigem Punkt:
# su - kolab-r
$ pwd
/kolab
$ /kolab/bin/razor-admin -register -user=emailadresse at domain.ch
-pass=xxxxxxx
Register successful. Identity stored in
/kolab/.razor/identity-xxxxxxx at domain.ch
$ exit
# ls -la /kolab/.razor
drwxr-xr-x 2 kolab-r kolab-r 512 Nov 7 11:13 .
drwxr-xr-x 18 kolab-r kolab-r 512 Nov 7 11:06 ..
lrwxrwxrwx 1 kolab-r kolab-r 29 Nov 7 11:13 identity ->
identity-xxxxxxx at domain.ch
-rw------- 1 kolab-r kolab-r 80 Nov 7 11:13
identity-xxxxxxx at domain.ch
-rw-r--r-- 1 kolab-r kolab-r 698 Nov 7 11:07 razor-agent.conf
-rw-r--r-- 1 kolab-r kolab-r 964 Nov 7 11:13 razor-agent.log
-rw-r--r-- 1 kolab-r kolab-r 484 Nov 7 11:07
server.folly.cloudmark.com.conf
-rw-r--r-- 1 kolab-r kolab-r 20 Nov 7 11:07
servers.catalogue.lst
-rw-r--r-- 1 kolab-r kolab-r 22 Nov 7 11:07
servers.discovery.lst
-rw-r--r-- 1 kolab-r kolab-r 38 Nov 7 11:07
servers.nomination.lst
276.5) Als naechstes werden wir die Log Datei anlegen sowie ein neues Home
fuer Razor2 denn
wir moechten dieses nicht im "/kolab/.razor" sondern im
"/kolab/var/amavisd/.razor".
Damit Razor2 weiss wo sich das Verzeichnis befindet werden wir dies
inkl. der Log
Daei konfigurieren und zwar im konfig File von Razor2
"razor-agent.conf" das sich
im Home Dir von Razor2 befindet:
# touch /kolab/var/amavisd/razor-agent.log
# chown kolab-r:kolab-r /kolab/var/amavisd/razor-agent.log
# chmod 644 /kolab/var/amavisd/razor-agent.log
# vi /kolab/.razor/razor-agent.conf
--------------- /kolab/.razor/razor-agent.conf ---------------
#
# Razor2 config file
#
# Autogenerated by Razor-Agents v2.77
# Mon Nov 7 11:07:46 2005
# Created with all default values
#
# see razor-agent.conf(5) man page
#
razorhome = /kolab/var/amavisd/.razor
debuglevel = 3
identity = identity
ignorelist = 0
listfile_catalogue = servers.catalogue.lst
listfile_discovery = servers.discovery.lst
listfile_nomination = servers.nomination.lst
logfile = /kolab/var/amavisd/razor-agent.log
logic_method = 4
min_cf = ac
razordiscovery = discovery.spamnet.com
rediscovery_wait = 172800
report_headers = 1
turn_off_discovery = 0
use_engines = 4,8
whitelist = razor-whitelist
--------------- /kolab/.razor/razor-agent.conf ---------------
# cp -Rp /kolab/.razor /kolab/var/amavisd/
# su - kolab-r
# pwd
/kolab
$ /kolab/bin/razor-admin -d -create -home=/kolab/var/amavisd/.razor
Das Verzeichnis "/kolab/.razor" ist nun nicht mehr notwendig und
kann geloescht werden:
# rm -rf /kolab/.razor
276.6) Nun betreffend Razor2 Home Dir ist alles getan. Es muss jedoch nun
"amavisd" mitgeteilt
werden wo sich Razor2 befindet. Dies geschieht im File "local.cf":
# vi /kolab/etc/spamassassin/local.cf
--------------- /kolab/etc/spamassassin/local.cf ---------------
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
###########################################################################
#
rewrite_header Subject ****SPAM(_SCORE_)****
## lock_method flock
#
# If you are using a UNIX machine with all database files on local disks,
# and no sharing of those databases across NFS filesystems, you can use a
# more efficient, but non-NFS-safe, locking mechanism. Do this by adding
# the line "lock_method flock" to the /etc/mail/spamassassin/local.cf
# file. This is strongly recommended if you're not using NFS, as it is
# much faster than the NFS-safe locker.
#
lock_method flock
## report_safe { 0 | 1 | 2 } (default: 1)
#
# if this option is set to 1, if an incoming message is
# tagged as spam, instead of modifying the original message,
# SpamAssassin will create a new report message and attach
# the original message as a message/rfc822 MIME part (ensuring
# the original message is completely preserved, not easily
# opened, and easier to recover).
#
# If this option is set to 2, then original messages will
# be attached with a content type of text/plain instead of
# message/rfc822. This setting may be required for safety
# reasons on certain broken mail clients that automatically
# load attachments without any action by the user. This
# setting may also make it somewhat more difficult to
# extract or view the original message.
#
report_safe 1
## use_bayes ( 0 | 1 ) (default 1)
#
# Whether to use the naive-Bayesian-style classifier built
# into SpamAssassin.
#
use_bayes 1
## bayes_path /path/to/file (default: ~/.spamassassin/bayes)
#
# Path for Bayesian probabilities databases. Several databases
# will be created, with this as the base, with _toks, _seen etc.
# appended to this filename; so the default setting results in
# files called ~/.spamassassin/bayes_seen, ~/.spamassassin/bayes_toks
# etc. By default, each user has their own, in their ~/.spamassassin
# directory with mode 0700/0600, but for system-wide SpamAssassin
# use, you may want to reduce disk space usage by sharing this
# across all users. (However it should be noted that Bayesian
# filtering appears to be more effective with an individual
# database per user.)
#
bayes_path /kolab/var/amavisd/.spamassassin/bayes
## use_razor2 ( 0 | 1 ) (default 1)
#
# Whether to use Razor version 2, if it is available.
#
# Up to Spamassassin v3.1.X razor would not be anymore enabled
# in this file. Use instead v310.pre file to enable.
#
use_razor2 1
razor_config /kolab/var/amavisd/.razor/razor-agent.conf
razor_timeout 10
# use_dcc ( 0 | 1 ) (default 1)
#
# Whether to use DCC, if it is available.
#
# Up to Spamassassin v3.1.X razor would not be anymore enabled
# in this file. Use instead v310.pre file to enable.
#
use_dcc 1
dcc_home /kolab/opt/dcc-dccd-1.3.31
dcc_path /kolab/opt/dcc-dccd-1.3.31/bin/dccproc
dcc_timeout 10
## use_pyzor ( 0 | 1 ) (default 1)
#
# Whether to use Pyzor, if it is available.
#
# Up to Spamassassin v3.1.X razor would not be anymore enabled
# in this file. Use instead v310.pre file to enable.
#
#use_pyzor 0
## add_header
#
# DCC processing creates a message header containing the
# statistics for the message. This option sets whether SpamAssassin
# will add the heading to messages it processes. The default is to
# not add the header.
#
add_header all DCC _DCCB_: _DCCR_
## dns_available { yes | test[: name1 name2...] | no } (default: test)
#
# By default, SpamAssassin will query some default hosts on the internet
# to attempt to check if DNS is working on not. The problem is that it
# can introduce some delay if your network connection is down, and in some
# cases it can wrongly guess that DNS is unavailable because the test
# connections failed. SpamAssassin includes a default set of 13 servers,
# among which 3 are picked randomly.
#
# You can however specify your own list by specifying
#
# dns_available test: server1.tld server2.tld server3.tld
#
# Please note, the DNS test queries for MX records so if you specify
# your own list of servers, please make sure to choose the one(s)
# which has an associated MX record.
#
dns_available yes
## skip_rbl_checks { 0 | 1 } (default: 0)
#
# By default, SpamAssassin will run RBL checks. If your ISP
# already does this for you, set this to 1
#
skip_rbl_checks 0
## header FROM_HAS_MIXED_NUMS From =~ /\d+[a-z]+\d+\S*@/i
#
header LOCAL_RCVD Received =~ /\S+\.domain\.com\s+\(.*\[.*\]\)/
## describe FROM_HAS_MIXED_NUMS From: contains numbers mixed in with
letters
#
describe LOCAL_RCVD Received from local machine
## score SYMBOLIC_TEST_NAME n.nn [ n.nn n.nn n.nn ]
#
# Assign scores (the number of points for a hit) to a given test.
# Scores can be positive or negative real numbers or integers.
# SYMBOLIC_TEST_NAME is the symbolic name used by SpamAssassin for that
# test; for example, 'FROM_ENDS_IN_NUMS'. If only one valid score is
# listed, then that score is always used for a test.
#
# If four valid scores are listed, then the score that is used depends
# on how SpamAssassin is being used. The first score is used when both
# Bayes and network tests are disabled. The second score is used when
# Bayes is disabled, but network tests are enabled. The third score is
# used when Bayes is enabled and network tests are disabled. The fourth
# score is used when Bayes is enabled and network tests are enabled.
#
# Setting a rule's score to 0 will disable that rule from running.
#
# Note that test names which begin with '__' are reserved for meta-match
# sub-rules, and are not scored or listed in the 'tests hit' reports.
#
# If no score is given for a test, the default score is 1.0, or 0.01 for
# tests whose names begin with 'T_' (this is used to indicate a rule in
# testing).
#
# By convention, rule names are be all uppercase and have a length of no
# more than 22 characters.
#
score LOCAL_RCVD -50
score DCC_CHECK 4.000
score RAZOR2_CHECK 2.500
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score BAYES_99 4.300
#score BAYES_90 3.500
score BAYES_95 3.500
score BAYES_80 3.000
# Up to Spamassassin v3.1.X score BAYES_90 doese not anymore
# exist. Use instead BAYES_95 or 99
## WHITE-LISTED SENDERS (the good guys):
#
#whitelist_from *.good-domain.net # This domain is safe
#whitelist_from *@goodguys.com # These guys are ok
#whitelist_from dudley.duright at mounties.ca # He never spams us
## WHITE-LISTED RECEIVERS (no scanning for SPAM):
#
#all_spam_to spam-lover at companymail1.com # He likes it
## BLACK-LISTED SENDERS (the bad guys):
#
#blacklist_from *@badguys.com # nasty outlaws
#blacklist_from *@casino-fun.* # we don't want any
of this stuff
## Additional DNSBL Servers
#
# BNBL (The BlueShore Network Black List) bl.blueshore.net
#
header RCVD_IN_BNBL eval:check_rbl('bl', 'bl.blueshore.net.')
describe RCVD_IN_BNBL Listed by BNBL
tflags RCVD_IN_BNBL net
score RCVD_IN_BNBL 2
--------------- /kolab/etc/spamassassin/local.cf ---------------
Nun muss nur noch alles neu gestartet werden:
# /kolab/bin/openpkg rc all restart
276.7) Nun wenn es zu Problemen kommt und "amavisd" im "debug" Mode
ausgefuehrt werden soll
kann dies mit folgender Modifikation errreicht werden:
# vi /kolab/etc/kolab/templates/amavisd.conf.template
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
# Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd
debug')
$sa_debug = 1; # defaults to false
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
# /kolab/sbin/kolabconf
# /kolab/sbin/amavisd \
-c /kolab/etc/amavisd/amavisd.conf debug
Nach diesem Befehl sollte folgendes ersichtlich sein:
--------------- amavisd debug output ---------------
debug: Razor2 is available
debug: entering helper-app run mode
Razor-Log: read_file: 16 items read from
/kolab/var/amavisd/.razor/razor-agent.conf
Nov 07 11:37:55.158534 check[3931]: [ 2] [bootup] Logging initiated
LogDebugLevel=9 to stdout
Nov 07 11:37:55.161126 check[3931]: [ 5] computed
razorhome=/kolab/var/amavisd/.razor,
conf=/kolab/var/amavisd/.razor/razor-agent.conf,
ident=/kolab/var/amavisd/.razor/identity-emailadresse at domain.ch
Nov 07 11:37:55.162283 check[3931]: [ 8] Client supported_engines: 4 8
Nov 07 11:37:55.164157 check[3931]: [ 8] prep_mail done: mail 1
headers=102, mime0=1376
Nov 07 11:37:55.165651 check[3931]: [ 5] read_file: 1 items read from
/kolab/var/amavisd/.razor/servers.discovery.lst
Nov 07 11:37:55.167142 check[3931]: [ 5] read_file: 2 items read from
/kolab/var/amavisd/.razor/servers.nomination.lst
Nov 07 11:37:55.168436 check[3931]: [ 5] read_file: 1 items read from
/kolab/var/amavisd/.razor/servers.catalogue.lst
Nov 07 11:37:55.170185 check[3931]: [ 9] Assigning defaults to
folly.cloudmark.com
Nov 07 11:37:55.171215 check[3931]: [ 9] Assigning defaults to
joy.cloudmark.com
Nov 07 11:37:55.172264 check[3931]: [ 9] Assigning defaults to
shock.cloudmark.com
Nov 07 11:37:55.176170 check[3931]: [ 5] read_file: 15 items read from
/kolab/var/amavisd/.razor/server.shock.cloudmark.com.conf
Nov 07 11:37:55.179146 check[3931]: [ 5] read_file: 15 items read from
/kolab/var/amavisd/.razor/server.shock.cloudmark.com.conf
Nov 07 11:37:55.181916 check[3931]: [ 5] read_file: 14 items read from
/kolab/var/amavisd/.razor/server.folly.cloudmark.com.conf
Nov 07 11:37:55.184676 check[3931]: [ 5] read_file: 14 items read from
/kolab/var/amavisd/.razor/server.folly.cloudmark.com.conf
Nov 07 11:37:55.185846 check[3931]: [ 5] 158548 seconds before closest
server discovery
Nov 07 11:37:55.186906 check[3931]: [ 6] shock.cloudmark.com is a
Catalogue Server srl 5086; computed min_cf=6, Server se: C8
Nov 07 11:37:55.187921 check[3931]: [ 8] Computed supported_engines: 4 8
Nov 07 11:37:55.188709 check[3931]: [ 8] Using next closest server
shock.cloudmark.com:2703, cached info srl 5086
Nov 07 11:37:55.189387 check[3931]: [ 8] mail 1 has no subject
Nov 07 11:37:55.191280 check[3931]: [ 6] preproc: mail 1.0 went from 1376
bytes to 1339
Nov 07 11:37:55.192464 check[3931]: [ 6] computing sigs for mail 1.0, len
1339
Nov 07 11:37:55.204551 check[3931]: [ 6] Engine (8) didn't produce a
signature for mail 1.0
Nov 07 11:37:55.205468 check[3931]: [ 6] skipping whitelist file
(empty?): /kolab/var/amavisd/.razor/razor-whitelist
Nov 07 11:37:55.206406 check[3931]: [ 5] Connecting to
shock.cloudmark.com ...
Nov 07 11:37:55.563637 check[3931]: [ 8] Connection established
Nov 07 11:37:55.564620 check[3931]: [ 4] shock.cloudmark.com >> 36 server
greeting: sn=C&srl=5086&a=l&a=cg&ep4=7542-10
Nov 07 11:37:55.566838 check[3931]: [ 4] shock.cloudmark.com << 25
Nov 07 11:37:55.567390 check[3931]: [ 6] cn=razor-agents&cv=2.77
Nov 07 11:37:55.568637 check[3931]: [ 6] shock.cloudmark.com is a
Catalogue Server srl 5086; computed min_cf=6, Server se: C8
Nov 07 11:37:55.569668 check[3931]: [ 8] Computed supported_engines: 4 8
Nov 07 11:37:55.570507 check[3931]: [ 8] mail 1.0 e4 sig:
xFaZIZUVHk90OQfARnenjx5BZTMA
Nov 07 11:37:55.571295 check[3931]: [ 5] mail 1.0 e8 got no sig
Nov 07 11:37:55.572009 check[3931]: [ 8] preparing 1 queries
Nov 07 11:37:55.573005 check[3931]: [ 8] sending 1 batches
Nov 07 11:37:55.573978 check[3931]: [ 4] shock.cloudmark.com << 52
Nov 07 11:37:55.574515 check[3931]: [ 6]
a=c&e=4&ep4=7542-10&s=xFaZIZUVHk90OQfARnenjx5BZTMA
Nov 07 11:37:56.020280 check[3931]: [ 4] shock.cloudmark.com >> 5
Nov 07 11:37:56.020888 check[3931]: [ 6] response to sent.2
p=0
Nov 07 11:37:56.022640 check[3931]: [ 6] mail 1.0 e=4
sig=xFaZIZUVHk90OQfARnenjx5BZTMA: sig not found.
Nov 07 11:37:56.023321 check[3931]: [ 7] method 4: mail 1.0:
no-contention part, spam=0
Nov 07 11:37:56.023891 check[3931]: [ 7] method 4: mail 1: all
non-contention parts not spam, mail not spam
Nov 07 11:37:56.024468 check[3931]: [ 3] mail 1 is not known spam.
Nov 07 11:37:56.025095 check[3931]: [ 5] disconnecting from server
shock.cloudmark.com
Nov 07 11:37:56.026075 check[3931]: [ 4] shock.cloudmark.com << 5
Nov 07 11:37:56.026600 check[3931]: [ 6] a=q
debug: Using results from Razor v2.77
--------------- amavisd debug output ---------------
Wenn alles in Ordnung ist deaktiviere den "debug" Modus und starte
alle Services neu:
# vi /kolab/etc/kolab/templates/amavisd.conf.template
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
# Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd
debug')
$sa_debug = 1; # defaults to false
--------------- /kolab/etc/kolab/templates/amavisd.conf.template
---------------
# /kolab/sbin/kolabconf
More information about the users
mailing list