local mode only. Here's how I
invoke Spamassassin:
spamassassin -L
It's the -L (dash-capital-L) that
keeps spamassassin local. If you leave
off the -L, spamassassin checks for
spammy IP addresses in incoming emails.
Here's a wonderful article that describes
this much better than I do:
Caching Nameserver
I'm going to try to set up bind9
just like the webpage above suggests. I
feel that spamassassin will be much more
effective if it checks for spammy IP addresses.
Here's how I will start the process of
installing bind9:
aptitude update aptitude search bind9
The first command above updates the
availability information for Debian
packages. The second command tells
me just what in relation to bind9 is
available for installation.
When I do the search for bind9,
I'm given the following information:
p bind9 - Internet Domain Name Server p bind9-doc - Documentation for BIND i bind9-host - Version of 'host' bundled with BIND 9 p bind9utils - Utilities for BIND p gforge-dns-bind9 - collaborative development tool - DNS i libbind9-60 - BIND9 Shared Library used by BIND
Looks like what I need is on the top line, which
is bind9 itself. I'll go ahead and install the
bind9 package:
aptitude install bind9
I probably should have typed
this command first:
aptitude show bind9
The reason I did not type it is
I was quite confident that
bind9 was not installed. When I
type it now, it shows that indeed,
I have successfully installed bind9:
aptitude show bind9 Package: bind9 State: installed
The next step for me is to get
into kmail and turn off
the local switch for spamassassin.
Here's the menus I use to do
this:
Settings > Configure Filters
Next, I high-lighted the following:
SpamAssassin Check
Next, I look for the words
Pipe Through. I then
change the invocation from
spamassassin -L to just
spamassassin without the
-L. Next I click apply
and OK.
Update: June 13, 2012
Changing from local rules only to
rules that make use of IP addresses
and blacklists got me into trouble.
I posted to the Spamassassin mailing
list describing this trouble:
False Positive on Domain Name
The folks on the Spamassassin mailing
list were incredibly generous. I got over
50 replies to my post.
I learned that my ISP's DNS servers were
not going to work. My ISP's DNS servers
were giving me a false positive on what
should have been ham emails.
In effect, my DNS servers were causing
Spamassassin to view all unknown domain
names as having been blacklisted. That
was the overall effect.
Therefore if a domain name was mentioned
in an incoming email, and that domain name
had never been either blacklisted or
white-listed, it was assumed to be blacklisted.
To get around the unknown domain name problem,
I took two steps:
1 -- Set up a bind9 server (for DNS)
2 -- Change my /etc/resolv.conf file to
"local host."
That's it in a nutshell. More detail is
given in the above link.
Update: June 22, 2012
The above link in a mailing list discussion
that taught me how to set up my own Bind
server. The last thing I learned was how
to set my /etc/resolve.conf to localhost.
Ultimately, the way to configure /etc/resolv.conf
is to configure /etc/dhcp/dhclient.conf. The
latter controls the former.
Here's the line I added to dhclient.conf:
supersede domain-name-servers 127.0.0.1;
In this one line, I'm superseding the domain
name servers provided by dhcp. To me,
the logical place to add the above line is
after dhcp information has been retrieved.
Therefore, I've chosen to place the above line
in this context:
request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers; supersede domain-name-servers 127.0.0.1;
Whether or not these two operations --- a request followed
by a supersede --- are truly sequential, I do not know.
However, I've decided to treat these two operations as if they
were programming language operations on a serial computer.
I'm treating it as if the supersede only has lasting effect
if it comes last.
In all probability, the order in which they two operations appear
does not matter. However, I've not experimented with reversing
the order of the operations. I'm happy to leave things just as
they are.
Update: June 28, 2012
Here's a summary of what I eventually
did to get bind working as my caching
nameserver:
- aptitude install bind9
- Add a supersede command to
the file /etc/dhcp/dhclient.conf
The supersede command is there to set the
nameserver to local host. Here are the
sepcifics of the supersede command that I
added.
First I changed this line:
request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers;
to this line:
request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers;
Note that the above dhcp request has had the domain-name-servers
part of the request removed. Next, I added my supersede command
Here's what the supersede command looks like in context:
request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-search, host-name, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers; supersede domain-name-servers 127.0.0.1;
In other words, the domain names servers are no longer a product
of the dhcp request. Domain names servers are now set by the
supersede command.
Ed Abbott
No comments:
Post a Comment