2014 06 03 17 17 47 Sirolo

Monte Conero 1920x512

Monte Conero 1920x512

Securing KMail on Gentoo

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active
 

{jcomments off}

The default KDE mail program KMail is possibly not the best email manager out there, but it suits my needs for the most part. If you also use it, you can increase the security of Kmail by using SpamAssassin and ClamAV to respectively control spam and remove possible viruses.

SpamAssassin

USE=cron will install a cron job to update the spamassassin database daily:

Open /etc/portage/package.use and add the line

  • ...
  • mail-filter/spamassassin cron
  • ...

then

  • emerge -av spamassassin

You need Spamassassin emerged and configured. It is better to have the daemon spamd running, to avoid permanent program starting delays.

  • service spamd start
  • rc-update add spamd default

will start the daemon at startup. Access to spamassassin is then done through the client spamc.

Spam detection rules

Gentoo's SpamAssassin ebuilds do not ship any rules. You need to download these yourself after SpamAssassin has been installed. The simplest way to do this is to run sa-update, but first, you need to download and install the SpamAssassin project's GPG key (so that the authenticity of the rules can be verified).

To install the GPG key,

  • wget -q https://spamassassin.apache.org/updates/GPG.KEY
  • sa-update --import GPG.KEY

Now you should be able to download the rules:

  • sa-update

To improve performance, you may also wish to compile the rules:

  • sa-compile

(that should output a bunch of junk).

Daily updates

The SpamAssassin project regularly releases new and updated rules. It is a good idea to schedule your updates (at least) daily, so that your rules are never out of date. A cron job is ideal for this, and newer revisions supply one. Just set USE=cron and re-emerge mail-filter/spamassassin. 

You have three configuration files with version 3.x :

  • v310.pre in /etc/mail/spamassassin is the plugin configuration file
  • local.cf in /etc/mail/spamassassin is the system-wide configuration file
  • user_prefs in ~/.spamassassin is the local configuration file of joe-user

Whitelists and blacklists can be defined in local.cf or user_prefs like, for example (see http://forums.gentoo.org/viewtopic-t-534054.html this thread):

whitelist_from  *@kickingdragon.com 
whitelist_from  *@megatron.kickingdragon.com 
blacklist_from  This email address is being protected from spambots. You need JavaScript enabled to view it. 

Once everything is configured, you can play with spamassassin in the console:

  • spamassassin -D < mail-message

or

  • spamassassin -D --lint

will show a lot of debug messages and inform you if the plugins are working etc.

The literature often says that spamassassin modifies the message headers. This is wrong. Spamassassin outputs a modified version of the mail to the output you specify.

  • spamassassin < mail-message > new-mail-message.txt

will save the modified mail message for filtering.

ClamAV

Install ClamAV

  • emerge -av clamav

Include clamd in the default runlevel

  • rc-update add clamd default

Integrate these programs with Kmail

To integrate spamassassin and ClamAV in kmail, run the appropiate wizards (Tools -> Anti-Spam Wizard; Tools -> Anti-Virus Wizard).

With spamassasin, it will set up two filters, 'Classify as Spam' and 'Classify as NOT Spam', which will be applied to classify incoming email. You can manually apply the filters on email which is wrongly classified - spamassassin's statistical learning rules will be updated when you do this.

{jcomments on}