Using CRM114 and qmail to Filter Spam

This article provides straightforward instructions and files for using the CRM114 Controllable Regex Mutilator on a qmail system to provide spam filtering on a specified user's account, without requiring procmail or other mail handling utilities.

By Dave Voorhis <dave@armchair.mb.ca> February 26, 2003.
Revised November 03, 2003.
Revised November 10, 2003.

 

How Does it Work?

A .qmail file intercepts mail to the user's usual address (say, yourname@yourdomain.com) and passes it via stdin to a modified CRM114 mail filter. The filter classifies the mail and resends it to one email address for 'non-spam' messages and another address for 'spam'. The 'non-spam' address is usually configured to drop mail into the user's main mailbox or Maildir; the 'spam' address usually drops mail into a subfolder of the user's main Maildir or delivers it to another account.

This is accomplished with a combination of .qmail files and modified mailfilter.crm and mailfilterconfig.crm files based on those found in the CRM114 distribution.

 

Changes to the Original CRM114 mail filter:

 

Download

 

Prerequisites

 

Installation

  1. Install CRM114. Read the documentation.

  2. Copy the following files from the CRM114 directory to your home directory, or wherever your personal .qmail files are kept:

    You may want to copy the supplied spam.css and nonspam.css files, but it's not a requirement. The mail filter will create them as needed, and will learn rapidly from your own spam and non-spam if you train it. (See Teaching Your Mail Filter to Behave below.)

  3. Gunzip and untar the patched mailfilter.crm and mailfilterconfig.crm files into your home directory, or wherever your personal .qmail files are kept.

  4. If you have an existing .qmail file, copy it to a new file named .qmail-cleanXXXXX, where XXXXX is a random number.

    If you do not have an existing .qmail file, create a new file named .qmail-cleanXXXXX, where XXXXX is a random number.

    The .qmail-cleanXXXXX file should be configured to deliver mail to your main mailbox or Maildir, eg:

    .qmail-clean19835:
    ./Maildir/

    The random number XXXXX will help prevent spamsters who read this article from easily guessing your 'non-spam' address. Naturally, you should not distribute it or publish it on the Web -- not that there would be any reason to do so.

  5. If you wish to redirect spam mail to a sub-address of your own account such as yourname-spam@yourdomain.com, you will need to create a file named .qmail-spam   That file should contain instructions to direct spam mail to a useful place. For example:
    .qmail-spam:
    ./Maildir/.Spam/

    If spam mail will be redirected to some other account, you don't need to do this.

  6. Temporarily shut off your mail feed. If you have a .qmail file, you can do this with
    chmod +t .qmail

  7. Edit your .qmail file, or create one if you don't have one. The correct contents may be system-specific, but the following should work on a typical installation:
    .qmail:
    |/usr/bin/crm ./mailfilter.crm > /dev/null; echo "Filtered by mailfilter"

  8. Edit your mailfilterconfig.crm file to contain your password (See Teaching Your Mail Filter to Behave below) and the appropriate 'non-spam' and 'spam' email addresses. If you're using sub-addresses, the 'non-spam' address will be something like yourname-clean19835@yourdomain.com and the 'spam' address will be something like yourname-spam@yourdomain.com

  9. Reactivate your mail feed. If you used chmod as described above, you'll probably want to
    chmod -t .qmail

  10. Email a spam message to yourself with the 'command <yourpassword> spam' header, as described under Teaching Your Mail Filter to Behave below. This will create the spam.css file, if it doesn't exist.

  11. Email a non-spam message to yourself with the 'command <yourpassword> nonspam' header, as described under Teaching Your Mail Filter to Behave below. This will create the nonspam.css file, if it doesn't exist.

  12. At this point, you may wish to ensure that you are still receiving email. If you aren't, you have either failed to perform the previous two steps, or something is (probably) wrong with the contents of your .qmail file. Solutions to this are beyond the scope of this article, but the qmail log files should provide hints.

 

Teaching Your Mail Filter to Behave

Initially, the filter will probably make numerous errors until you teach it to recognize the difference between spam and non-spam. Facilities in the CRM114 mail filter make this easy:

When a message is incorrectly recognized as spam that shouldn't be spam, send it back to your own address with the following first line:

command yourpasswd nonspam

When you receive a message that failed to be recognized as spam when it should have been, send it back to your own address with the following first line:

command yourpasswd spam

Replace 'yourpasswd' in the instructions above with the password you set in the mailfilterconfig.crm file.

Other facilities are described in the CRM114 documentation.

 

END