Administrators, DnsAdmins, Domain Admins, Domain Users, confluence-administrators, confluence-users, crowd-administrators, jira-administrators, jira-developers, jira-users, stash-administrators, stash-users
322
edits
(Added some troubleshooting hints) |
Greg.ebdon (talk | contribs) m (added config deets, york mta news) |
||
Line 1: | Line 1: | ||
Exim is used as our Mail Transfer Agent (MTA) as part of the [[ | Exim is used as our Mail Transfer Agent (MTA) as part of the [[email]] system, and runs on the [[Ystvweb|webserver]]. It is configured in <code>/etc/exim/exim.conf</code>. | ||
The MTA receives incoming email from external sources (usually the mta.york.ac.uk gateways run by the University), runs some checks on it and routes it to the correct user. In this process it handles delivery to [[Mailing Lists|mailing lists]] and [[aliases]] using a series of redirect routers. As the last step mail is run through the [[Dovecot]] LDA to process user filters and deliver it to user mailboxes. | The [[w:Message transfer agent|MTA]] receives incoming email from external sources (usually the mta.york.ac.uk gateways run by the University), runs some checks on it and routes it to the correct user. In this process it handles delivery to [[Mailing Lists|mailing lists]] and [[aliases]] using a series of redirect routers. As the last step mail is run through the [[Dovecot]] LDA to process user filters and deliver it to user mailboxes. | ||
Due to the withdrawal of the University's spam and virus filtering on their mail relays in October 2012 (as part of the move to Google Apps), Exim operates spam and virus checking on incoming mail, scanning mail using ClamAV and | Due to the withdrawal of the University's spam and virus filtering on their mail relays in October 2012 (as part of the move to Google Apps), Exim operates spam and virus checking on incoming mail, scanning mail using ClamAV and SpamAssassin when it is first received by the server. | ||
One of Exim's Access Control Lists (ACLs) is acl_check_data, which is run immediately after a message is received by the server, before the sender has disconnected. This ACL performs the virus and spam scans, and adds the results to the message headers. | One of Exim's Access Control Lists (ACLs) is acl_check_data, which is run immediately after a message is received by the server, before the sender has disconnected. This ACL performs the virus and spam scans, and adds the results to the message headers. | ||
Despite the move to Google Apps, we have been assured (like other administrators of legacy email systems in the University) that a small number of MTAs will remain active indefinitely to route our mail. | |||
== Troubleshooting == | == Troubleshooting == | ||
Line 19: | Line 21: | ||
Next, Exim connects to the SpamAssassin daemon (spamd) and passes it the message, where it is scanned against the default set of rules. These assign the message spam points based on contents, senders, headers, white/blacklists and Bayesian statistical analysis. The results of this analysis is added to the message in the form of X-Spam-Score and X-Spam-Report headers, where a message with a spam score > 5 is considered spam and has the X-Spam-Flag: YES header added as well. If a message scores >10 it is currently routed to /var/tmp/quarantine and not delivered to the recipient. This will be used to assess whether mail with a score >10 can be safely rejected outright rather than filling up user's mailboxes. | Next, Exim connects to the SpamAssassin daemon (spamd) and passes it the message, where it is scanned against the default set of rules. These assign the message spam points based on contents, senders, headers, white/blacklists and Bayesian statistical analysis. The results of this analysis is added to the message in the form of X-Spam-Score and X-Spam-Report headers, where a message with a spam score > 5 is considered spam and has the X-Spam-Flag: YES header added as well. If a message scores >10 it is currently routed to /var/tmp/quarantine and not delivered to the recipient. This will be used to assess whether mail with a score >10 can be safely rejected outright rather than filling up user's mailboxes. | ||
SpamAssassin is | SpamAssassin configuration is in <code>/etc/mail/spamassassin/local.cf</code>, which overrides a small number of default configuration options. These overrides change the spam report formatting and has a required_hits line which will change the threshold spam score from 5 for all users. The Bayesian database is updated by [[w:cron|cron]], and the cronjob is in <code>/etc/crontab</code>. | ||
For a while bayes_journal wasn't updating: | |||
<blockquote>''Ok, fixed it, looks like bayes_journal is created by the apache user, with group apache and permissions 770, but spamd couldn't write to it as it wasn't a member of apache; I think when I first set it up spamd ended up being the owner of that file, but at some point it got deleted and recreated by apache. Solution: add spamd to the apache group: <code>usermod -aG apache spamd</code>'' - [[User:sam.nicholson|Sam Nicholson]], 21 January 2013</blockquote> | |||
[[Category:Computing]] | [[Category:Computing]] | ||
[[Category:Email]] | [[Category:Email]] |
edits