This isn't fool proof by any stretch but even doing one of these steps can help reduce server spam

1. Install MAPS
MAPS are servers with blacklists for spammers. Won't stop the determined people but it definitely helps
Log into Plesk as admin and go to your Server > Mail panel. Scroll down and you'll see MAPS. Check the box to enable it and paste the list below in
opm.blitzed.org;rbl-plus.mail-abuse.org;bl.spamcop.net;relays.ordb.org;sbl-xbl.spamhaus.org;KR.rbl.cluecentral.net;BR.rbl.clu ecentral.net;blackholes.mail-abuse.org;cbl.abuseat.org
Yes, the text box is too short. Hit OK and we're done with step 1.

2. Install ClamAV and upgrade Spamassassin

First we need to make sure DR Web isn't installed
#rpm -e drweb
Now we install clamav (you can skip this step if you have another antivirus)
#yum install clamav
Now upgrade Spamassassin
#yum upgrade spamassassin
This should bring you to SA 3.x (Plesk only brings you up to 2.x)

3. Install qmail-scanner
This step can be iffy. I had some problems the first time around and am uncertain why it stopped having problems. It could be a fluke for me though. Anyways, let ART and Yum do the work
# yum install qmail-scanner
Gathering header information file(s) from server(s)
Server: Atomic Rocket Turtle - 2 - Atomic PSA-Compatible RPMS
Server: Fedora Core 2 - i386 - Base
Server: Fedora Core 2 - i386 - Released Updates
Finding updated packages
Downloading needed headers
Resolving dependencies
Dependencies resolved
I will do the following:
[install: qmail-scanner 1:1.25-9.rhfc2.art.noarch]
Is this ok [y/N]: y
Downloading Packages
Running test transaction:
Test transaction complete, Success!
qmail-scanner 100 % done 1/1
Installed: qmail-scanner 1:1.25-9.rhfc2.art.noarch
Transaction(s) Complete
# /usr/bin/qmail-scanner-reconfigure
Configuring qmail-scanner: OK
Be sure to run that second line or qmail-scanner will not function

Together you can cut your spam by as much as 75%

Thanks Highland! :)

Is there any chance you might know of, or have, a similar tutorial for cPanel servers?

Thanks! :)

This is pretty much independent of any control panel as long as the server is running Qmail. The only control panel specific step is the MAPS section. Does cPanel have an area to put in the MAPS list of servers?

This is pretty much independent of any control panel as long as the server is running Qmail. The only control panel specific step is the MAPS section. Does cPanel have an area to put in the MAPS list of servers?

If it does, I'm not exactly sure where... I spent some time yesterday, before getting pulled away on something else looking, for it.. I'll spend some more time today looking and researching it :)

Thanks! :)

Still more tips...

4. Let Spamassassin use MySQL
Just a reminder, this is for SA 3.1.0 or later. No guarantees for prior versions. Modified from this walkthrough (http://forum.ev1servers.net/showthread.php?t=50247). The main advantage to this is that Bayes can work out of MySQL faster than the typical flat files.

Pick a site in Plesk (preferably one that is only available to you and not a client) and create a new database. Name it, add a user and take note of username and password. Now, launch the DBadmin tool (phpmyadmin) and click the SQL button in the upper left and run the following
CREATE TABLE bayes_expire (
id int(11) NOT NULL default '0',
runtime int(11) NOT NULL default '0',
KEY bayes_expire_idx1 (id)
) TYPE=MyISAM;

CREATE TABLE bayes_global_vars (
variable varchar(30) NOT NULL default '',
value varchar(200) NOT NULL default '',
PRIMARY KEY (variable)
) TYPE=MyISAM;

INSERT INTO bayes_global_vars VALUES ('VERSION','3');

CREATE TABLE bayes_seen (
id int(11) NOT NULL default '0',
msgid varchar(200) binary NOT NULL default '',
flag char(1) NOT NULL default '',
PRIMARY KEY (id,msgid)
) TYPE=MyISAM;

CREATE TABLE bayes_token (
id int(11) NOT NULL default '0',
token char(5) NOT NULL default '',
spam_count int(11) NOT NULL default '0',
ham_count int(11) NOT NULL default '0',
atime int(11) NOT NULL default '0',
PRIMARY KEY (id, token)
) TYPE=MyISAM;

CREATE TABLE bayes_vars (
id int(11) NOT NULL AUTO_INCREMENT,
username varchar(200) NOT NULL default '',
spam_count int(11) NOT NULL default '0',
ham_count int(11) NOT NULL default '0',
token_count int(11) NOT NULL default '0',
last_expire int(11) NOT NULL default '0',
last_atime_delta int(11) NOT NULL default '0',
last_expire_reduce int(11) NOT NULL default '0',
oldest_token_age int(11) NOT NULL default '2147483647',
newest_token_age int(11) NOT NULL default '0',
PRIMARY KEY (id),
UNIQUE bayes_vars_idx1 (username)
) TYPE=MyISAM;

This should make 5 new tables in the left hand column. Close the window and we're done with Plesk.
Log into SSH.

Now edit /etc/mail/spamassassin/local.cf and add the following
# Enable the Bayes system
bayes_store_module Mail::SpamAssassin::BayesStore::SQL
bayes_sql_dsn DBI:mysql:yourdatabasehere:localhost
bayes_sql_username XXXXXXX
bayes_sql_password XXXXXXX
use_bayes 1
bayes_auto_learn 1

Obviously replace the values in bold with your information.

Restart SpamAssassin
#service spamassassin restart

Finally we need to fix the problem with Bayes and the database. Running this throws an error.
#sa-learn --dump magic -C /var/qmail/.spamassassin/
ERROR: Bayes dump returned an error, please re-run with -D for more information
This was quite the problem because
#spamassassin --lint -D
Gives us the problem of
dbg: bayes: unable to initialize database for root user, aborting!
We fix it by running
#sa-learn --sync

Now Bayes should store its information in MySQL without any problems. This is purely a performance tweak, tho.

5. Install Rules Du Jour
These are extra SpamAssassin rulesets. Bascially RDJ is an automated script to update the various rulesets. If you'd like a more extensive rundown of what all this can do you can visit the walkthrough I used at http://www.exit0.us/index.php?pagename=RulesDuJour

Download the base script
#wget http://sandgnat.com/rdj/rules_du_jour

I'd move this to /usr/local/sbin and then
# chmod +x rules_du_jour

Now head into your /etc directory and make a directory called rulesdujour and then make a file inside that directory named config and put this inside
TRUSTED_RULESETS="TRIPWIRE SARE_ADULT SARE_OBFU0 SARE_OBFU1 SARE_URI0
SARE_URI1"
SA_DIR="/etc/mail/spamassassin"
MAIL_ADDRESS="you@yourdomain.com"
SA_RESTART="killall -HUP spamd"

Now we set the whole thing up
#/usr/local/sbin/rules_du_jour

If everything went well you should get an email for each package mentioned in the config file. I found that it makes SA a bit more responsive but be careful as the packages can and do change and can become obsolete. You can cron the script and have it update as often as you want. If you want to uninstall just delete the extra .cf fules in /etc/mail/spamassassin and then restart SA.

# /usr/bin/qmail-scanner-reconfigure


FYI: You need to disable spamassassin before you run this command or else it will give you an error. Once I disabled SA, the reconfigure worked perfectly.




Andrew

Hmmm, having trouble on the FC4 / Plesk 8 image with getting qmail-scanner from Fedora/1and1/ART repositories. It doesn't seem to be available.

I don't think ART has caught up to P8 yet

on trying to add the MAPS zones in Plesk 8 i get:
Error: Unable to change MAPS configuration properties: MAPS zone name is invalid.

Any idea why?

I checked to make sure it was pasting as all one line but it's throwing a tantrum at it :/

Sounds like it might be a Plesk 8 issue. The servers haven't changed as far as I know.

on trying to add the MAPS zones in Plesk 8 i get:
Error: Unable to change MAPS configuration properties: MAPS zone name is invalid.
Any idea why?

I checked to make sure it was pasting as all one line but it's throwing a tantrum at it :/


I get the same error with Plesk 8.



Andrew

anyone able to get this to work on plesk 8?

Plesk 8 seems to have a problem with MAPS zones. Haven't heard anyone find a solution to the problem yet.

copy and paste the lines in two moves.. looks like it could be seeing the newline , I had the same problem, and that fixed it

hello,

Few users complain they send mails with small attached files (pdf, jpg) and recipient get mails without the attached files thus i want to log outgoing mails. I saw on forums that with my FC4, plesk 8 server it's not possible natively so i followed the tutorial found in this forum (http://www.1and1faq.com/forums/showthread.php?t=430 and http://www.1and1faq.com/forums/showthread.php?t=395) to install clamav, clamd and qmail-scanner from ART.
The thing is that not all outgoing mails are logged (only those for local recipients)
Any ideas why ?:confused:

Thanks for help

I get the same error with Plesk 8.



Andrew



Try this: opm.blitzed.org;rbl-plus.mail-abuse.org;bl.spamcop.net;relays.ordb.org;sbl-xbl.spamhaus.org;blackholes.mail-abuse.org;cbl.abuseat.org

I have an old FC2 and plesk 7.5.3 (yes I am a novice)
I wanted to reduce spam so I followed as much of the instructions in this tutorial as I could. I installed and reconfigured qmail scanner.
I have one or two people using the server for sending email using Outlook - these users now get errors for SMTP. Sending mail on the server (localhost) seems to work OK (i.e. via Horde and from PHP scripts).
Where would I go to check what the problem might be? Are there any qmail logs I can check?
Sorry for the beginner questions but I may as well try to learn something.
Thanks in advance,
jonny

(Maybe I should move to a Managed Server?)

A few MAPS zone servers shut down recently. Use jholzy's list and SMTP should restart

Thanks folks,
I have made the change but cannot test it until tomorrow.
Maybe I should read up about MAPS!
j

I have an old FC2 and plesk 7.5.3 (yes I am a novice)
I wanted to reduce spam so I followed as much of the instructions in this tutorial as I could. I installed and reconfigured qmail scanner.
I have one or two people using the server for sending email using Outlook - these users now get errors for SMTP. Sending mail on the server (localhost) seems to work OK (i.e. via Horde and from PHP scripts).
Where would I go to check what the problem might be? Are there any qmail logs I can check?
Sorry for the beginner questions but I may as well try to learn something.
Thanks in advance,
jonny

(Maybe I should move to a Managed Server?)

Some blacklists check for dynamic IPs like sorbs.org as they can be a source of spam when a person’s computer becomes infected.
There’re different ways of getting round this problem.

The simple option would be to just use: zen.spamhaus.org;bl.spamcop.net

Another option would be to add the IPs to your DNS:
If your IP was: 55.44.22.11
you'll add A record like so:
11.22.44.55.dnswl.yourdomain.com A 127.0.0.2

Do the following on your server:
vi /etc/xinetd.d/smtp_psa

add -a dnswl.yourdomain.com after rblsmtpd so it reads something like:

server_args = -Rt0 /usr/sbin/rblsmtpd -a dnswl.yourdomain.com -r zen.spamhaus.org -r bl.spamcop.net -r etc.......

do “service xinetd restart” to reload the services.

you may also use this idea that's uses another port for SMTP for customers of 8025:

add the following line to /etc/services

smtp2 8025/tcp # your customer mail outgoing port 8025

cd /etc/xinetd.d

vi smtp2

service smtp2
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
server = /var/qmail/bin/tcp-env
server_args = /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}

do " services xinetd restart" to reload the services.


Hope this is of some help.

Just as a note to help anyone with problems with maps on plesk:

Make sure your smtp_psa file uses -r and not a ; or it will not work.
so it should read: rblsmtpd -r zen.spamhaus.org -r bl.spamcop.net -r dnsbl.sorbs.net -r etc...
This is a known problem if you upgrade to Plesk 8.1 and some older versions.