MailFilter
Mail and Spam filtering using the Kinguard Project Installation.
Today a lot of mail that comes into a mailbox is in dire need of filtering. This can be due to spam or just having multiple email addresses landing in the same account that needs to be sorted in different folders depending on the receiver address.
This is work in progress trying to add this functionality to the Kinguard Project software.
Step one: Add spam detection
Spamassassin is a software very commonly used to detect spam. Using ssh to log in to your device it can be installed by:
apt update apt install spamassasin
Edit /etc/postfix.cf, under the smtp line (~line 12) add "-o content_filter=spamassasin" as below
smtp inet n - y - - smtpd -o content_filter=spamassassin
Next in the same file under the "submission" add the same line:
submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o content_filter=spamassassin
Restart postfix
systemctl restart postfix
Step two: Mail filtering
Dovecot is already setup on the device and we need to add support for Seive. This is done uing Pigeonhole (the name is very good, well worth reading the leading paragraph on the project page). This is installed by:
apt install dovecot-sieve dovecot-managesieved dovecot-lmtpd
Edit /etc/dovecot/conf.d/10-master.conf (uncomment/edit as below)
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
Edit /etc/dovecot/conf.d/10-master.conf and change the "mail_location" parameter
mail_location = maildir:/var/opi/mail/data/%n/mail
Edit the file /etc/dovecot/conf.d/90-sieve.conf, commenting out the existing sieve line
# sieve = file:~/sieve;active=~/.dovecot.sieve sieve = /var/opi/mail/data/%n/sieve/dovecot.sieve sieve_dir = /var/opi/mail/data/%n/sieve
Edit /etc/dovecot/conf.d/20-managesieve.conf, enable services below by uncommenting them.
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
# Number of connections to handle before starting a new process. Typically
# the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
# is faster. <doc/wiki/LoginProcess.txt>
service_count = 1
# Number of processes to always keep waiting for more connections.
process_min_avail = 0
# If you set service_count=0, you probably need to grow this.
vsz_limit = 64M
}
service managesieve {
# Max. number of ManageSieve processes (connections)
process_limit = 1024
}
Create /etc/dovecot/conf.d/20-lmtp.conf
protocol lmtp {
postmaster_address = admin@localhost
mail_plugins = $mail_plugins sieve
}
Edit /usr/share/roundcube/config/config.inc.php
$config['plugins'] = array( 'archive', 'opi_addressbook', 'opi_identities', 'zipdownload', 'managesieve', );
and adding to the same file
$config['managesieve_host'] = 'localhost';
Edit /etc/postfix/main.cf and at the end add the line
virtual_transport = lmtp:unix:private/dovecot-lmtp
Restart services
systemctl restart dovecot systemctl restart postfix
Global filtering
If you want to have filters that are executed for all users try the following
Create a location for global scripts
mkdir /etc/kinguard/sieve.d
To be able to run then before and/or after user's personal filters create additional folders
mkdir /etc/kinguard/sieve.d/before mkdir /etc/kinguard/sieve.d/after
Create scritps in the appropriate sub folder, this is a filter for mail marked as spam by spamassasin Create /etc/kinguard/sieve.d/before/10-junk.sieve
require ["fileinto", "mailbox"];
if header :contains "X-Spam-Flag" "YES" {
fileinto :create "Junk";
}
The script needs to be compiled since this can not be done run-time by dovecot as it does not have permissions here
cd /etc/kinguard/sieve.d/before sievec 10-junk.sieve
Add the locations to /etc/dovecot/conf.d/90-sieve.conf
sieve_before = /etc/kinguard/sieve.d/before sieve_after = /etc/kinguard/sieve.d/after
Restart dovecot
systemctl restart dovecot
Debugging
To get some additional information on what is going on, enable mail_debug in /etc/dovecot/conf.d/10-logging.conf
mail_debug = yes
"tail -f /var/log/mail.log" is your friend here.