use strict;
use File::Spec;
my $PREFIX = '@@PREFIX@@'; my $DEF_RULES_DIR = '@@DEF_RULES_DIR@@'; my $LOCAL_RULES_DIR = '@@LOCAL_RULES_DIR@@';
use lib '@@INSTALLSITELIB@@';
BEGIN {
my @bin = File::Spec->splitpath($0);
my $bin = ($bin[0] ? File::Spec->catpath(@bin[0..1]) : $bin[1]) || File::Spec->curdir;
if (-e $bin.'/lib/Mail/SpamAssassin.pm'
|| !-e '@@INSTALLSITELIB@@/Mail/SpamAssassin.pm')
{
if ( $bin eq '../' && -e '../blib/lib/Mail/SpamAssassin.pm' ) {
unshift(@INC, '../blib/lib');
}
else {
foreach (qw(lib ../lib/site_perl
../lib/spamassassin ../share/spamassassin/lib))
{
my $dir = File::Spec->catdir($bin, split('/', $_));
if(-f File::Spec->catfile($dir, "Mail", "SpamAssassin.pm")) {
unshift(@INC, $dir); last;
}
}
}
}
}
use Getopt::Long;
use Pod::Usage;
sub usage {
my ($verbose, $message) = @_;
my $ver = Mail::SpamAssassin::Version();
print "SpamAssassin version $ver\n";
pod2usage(-verbose => $verbose, -message => $message, -exitval => 64);
}
my %opt = ( 'create-prefs' => 1);
eval {
require Mail::SpamAssassin;
require Mail::SpamAssassin::NoMailAudit;
require Mail::SpamAssassin::Util;
Getopt::Long::Configure(qw(bundling no_getopt_compat no_auto_abbrev no_ignore_case));
GetOptions(
'whitelist-factory|M=s' => \$opt{'whitelist-factory'},
'auto-whitelist|a' => \$opt{'auto-whitelist'},
'remove-from-whitelist|R' => \$opt{'remove-from-whitelist'},
'add-to-whitelist|W' => \$opt{'add-to-whitelist'},
'add-to-blacklist' => \$opt{'add-to-blacklist'},
'remove-addr-from-whitelist=s' => \$opt{'remove-addr-from-whitelist'},
'add-addr-to-whitelist=s' => \$opt{'add-addr-to-whitelist'},
'add-addr-to-blacklist=s' => \$opt{'add-addr-to-blacklist'},
'warning-from|w=s' => \$opt{'warning-from'},
'local-only|local|L' => \$opt{'local'},
'remove-markup|despamassassinify|d' => \$opt{'remove-markup'},
'revoke|k' => \$opt{'revoke'},
'report|r' => \$opt{'report'},
'configpath|config-file|config-dir|c|C=s' => \$opt{'configpath'},
'prefspath|prefs-file|p=s' => \$opt{'prefspath'},
'siteconfigpath=s' => \$opt{'siteconfigpath'},
'create-prefs!' => \$opt{'create-prefs'},
'x' => sub { $opt{'create-prefs'} = 0 },
'log-to-mbox|l=s' => \$opt{'log-to-mbox'},
'error-code|exit-code|e:i' => \$opt{'error-code'},
'test-mode|test|t' => \$opt{'test-mode'},
'lint' => \$opt{'lint'},
'debug-level|debug|D:s' => \$opt{'debug-level'},
'version|V' => \$opt{'version'},
'help|h|?' => \$opt{'help'},
'pipe|P' => sub { warn "The -P option has been removed.\n" },
'F=i' => sub { warn "The -F option has been removed.\n" },
'add-from!' => sub { warn "The --add-from option has been removed.\n" },
'stop-at-threshold|S' => sub { warn "The -S option has been removed.\n" },
) or usage(0, "Unknown option!");
if (defined $opt{'help'}) { usage(0, "For more information read the spamassassin man page"); }
if (defined $opt{'version'}) {
print "SpamAssassin version " . Mail::SpamAssassin::Version() . "\n";
exit 0;
}
if ( defined $opt{'log-to-mbox'} ) {
$opt{'log-to-mbox'} = Mail::SpamAssassin::Util::untaint_file_path($opt{'log-to-mbox'});
}
my $doing_whitelist_operation = 0;
my $doing_address_only_whitelisting = 0;
if ($opt{'remove-from-whitelist'} or $opt{'add-to-whitelist'} or $opt{'add-to-blacklist'}) {
$doing_whitelist_operation = 1;
}
if ($opt{'remove-addr-from-whitelist'} or $opt{'add-addr-to-whitelist'} or $opt{'add-addr-to-blacklist'}) {
$doing_whitelist_operation = 1;
$doing_address_only_whitelisting = 1;
}
my $mail;
use Mail::SpamAssassin::NoMailAudit;
if (!$opt{'lint'} && !$doing_address_only_whitelisting) {
$mail = Mail::SpamAssassin::NoMailAudit->new ();
}
my $spamtest = new Mail::SpamAssassin ({
rules_filename => $opt{'configpath'},
site_rules_filename => $opt{'siteconfigpath'},
userprefs_filename => $opt{'prefspath'},
local_tests_only => $opt{'local'},
debug => defined($opt{'debug-level'}),
dont_copy_prefs => ($opt{'create-prefs'} ? 0 : 1),
PREFIX => $PREFIX,
DEF_RULES_DIR => $DEF_RULES_DIR,
LOCAL_RULES_DIR => $LOCAL_RULES_DIR,
});
if (defined $opt{'debug-level'} && $opt{'debug-level'} ne '') {
my $levels = $opt{'debug-level'};
while ($levels =~ s/^([a-z]+)=([+-]?\d+)[,;:]*//s) {
$Mail::SpamAssassin::DEBUG->{$1} = $2 + 0;
}
if ($levels !~ /^\s*$/) {
usage(0, "bad areas in --debug option ($levels)!");
}
}
if ($opt{'log-to-mbox'}) {
$mail->{noexit} = 1;
$mail->accept ($opt{'log-to-mbox'});
$mail->{noexit} = 0;
}
if ($opt{'lint'}) {
exit $spamtest->lint_rules ();
}
if ($opt{'remove-markup'}) {
print $spamtest->remove_spamassassin_markup ($mail);
$mail->ignore(); }
if ($opt{'report'}) {
if ( $spamtest->report_as_spam ($mail) ) {
warn "Warning, unable to report spam\nFor more information, re-run with -D option to see debug output.\n";
}
if ($opt{'warning-from'}) {
$spamtest->reply_with_warning ($mail, $opt{'warning-from'});
}
$mail->ignore(); }
if ($opt{'revoke'}) {
if ( $spamtest->revoke_as_spam ($mail) ) {
warn "Warning, unable to revoke spam\n";
}
$mail->ignore(); }
if ($opt{'auto-whitelist'} || $doing_whitelist_operation) {
my $addrlistfactory;
if ($opt{'whitelist-factory'}) {
$opt{'whitelist-factory'} =~ /^([_A-Za-z0-9:]+)$/;
my $factory = $1;
eval '
require '.$factory.';
$addrlistfactory = '.$factory.'->new();
';
if ($@) { warn $@; undef $addrlistfactory; }
} else {
require Mail::SpamAssassin::DBBasedAddrList;
$addrlistfactory = Mail::SpamAssassin::DBBasedAddrList->new();
}
$spamtest->set_persistent_address_list_factory ($addrlistfactory);
};
if ($@) { warn $@; }
if ($doing_whitelist_operation) {
$spamtest->init (1);
if ($opt{'add-to-whitelist'}) {
$spamtest->add_all_addresses_to_whitelist ($mail);
} elsif ($opt{'remove-from-whitelist'}) {
$spamtest->remove_all_addresses_from_whitelist ($mail);
} elsif ($opt{'add-to-blacklist'}) {
$spamtest->add_all_addresses_to_blacklist ($mail);
} elsif ($opt{'add-addr-to-whitelist'}) {
$spamtest->add_address_to_whitelist ($opt{'add-addr-to-whitelist'});
exit;
} elsif ($opt{'remove-addr-from-whitelist'}) {
$spamtest->remove_address_from_whitelist ($opt{'remove-addr-from-whitelist'});
exit;
} elsif ($opt{'add-addr-to-blacklist'}) {
$spamtest->add_address_to_blacklist ($opt{'add-addr-to-blacklist'});
exit;
} else {
die "oops! unhandled whitelist operation";
}
$mail->ignore(); }
my $status = $spamtest->check ($mail);
$status->rewrite_mail ();
if ($opt{'test-mode'}) {
my $lines = $mail->body();
push (@{$lines}, split (/$/, $status->get_report()));
$mail->body ($lines);
}
print $mail->header(), "\n", join ('', @{$mail->body()});
if (defined $opt{'error-code'} && $status->is_spam ()) { exit ($opt{'error-code'} || 5) ; }
exit;
};
if ($@) {
warn $@;
exit 70; }
sub NEVERCALLED {
$Mail::SpamAssassin::DEBUG = { };
}
=head1 NAME
spamassassin - mail filter to identify spam using text analysis
=head1 SYNOPSIS
B<spamassassin> [options] < I<mailmessage> > I<output>
B<spamassassin> B<-d> < I<mailmessage> > <output>
B<spamassassin> B<-r> [B<-w> I<addr>] < I<mailmessage>
B<spamassassin> B<-k> [B<-w> I<addr>] < I<mailmessage>
B<spamassassin> B<-W>|B<-R> < I<mailmessage>
Options:
-P, --pipe Deliver to STDOUT (now default)
-L, --local Local tests only (no online tests)
-r, --report Report message as spam
-k, --revoke Revoke message as spam
-w addr, --warning-from=addr Send a warning mail to sender from addr
-d, --remove-markup Remove spam reports from a message
-C path, --configpath=path, --config-file=path Path to standard configuration dir
-p prefs, --prefspath=file, --prefs-file=file Set user preferences file
--siteconfigpath=path Path for site configs (def: /etc/mail/spamassassin)
-x, --nocreate-prefs Don't create user preferences file
-e, --exit-code Exit with a non-zero exit code if the
tested message was spam
-l filename, --log-to-mbox=file Log messages to a mbox file
-t, --test-mode Pipe message through and add extra
report to the bottom
--lint Lint the rule set: report syntax errors
-a, --auto-whitelist Use auto-whitelists (AWL)
-W, --add-to-whitelist Add addresses in mail to whitelist (AWL)
--add-to-blacklist Add addresses in mail to blacklist (AWL)
-R, --remove-from-whitelist Remove all addresses found in mail
from whitelist (AWL)
--add-addr-to-whitelist=addr Add addr to whitelist (AWL)
--add-addr-to-blacklist=addr Add addr to blacklist (AWL)
--remove-addr-from-whitelist=addr Remove addr from whitelist (AWL)
-M, --whitelist-factory Select whitelist factory (AWL)
-D, --debug [area=n,...] Print debugging messages
-V, --version Print version
-h, --help Print usage message
=head1 OPTIONS
=over 4
=item B<-P>, B<--pipe>
The B<-P> parameter will cause SpamAssassin to pipe the output to STDOUT.
This is now the default mode of operation, so this switch is obsolete,
and should not be used anymore.
=item B<-a>, B<--auto-whitelist>, B<--whitelist>
Use auto-whitelists. Auto-whitelists track the long-term average score for
each sender and then shift the score of new messages toward that long-term
average. This can increase or decrease the score for messages, depending on
the long-term behavior of the particular correspondent.
For more information about the auto-whitelist system, please look
at the the C<Automatic Whitelist System> section of the README file.
The auto-whitelist is not intended as a general-purpose replacement for
static whitelist entries added to your config files
=item B<-e>, B<--error-code>, B<--exit-code>
Exit with a non-zero error code, if the message is determined to be
spam.
=item B<-h>, B<--help>
Print help message and exit.
=item B<-t>, B<--test-mode>
Test mode. Pipe message through and add extra report. Note that the report
text assumes that the message is spam, since in normal use it is only visible
in this case. Pay attention to the score instead.
If you run tests with the B<-a> option, the scores will be added to the AWL.
This may not be what you want to do. If it is not, then don't use B<-a -t>.
=item B<-r>, B<--report>
Report this message as verified spam. This will submit the mail message read
from STDIN to various spam-blocker databases. Currently, these are Vipul's
Razor ( http://razor.sourceforge.net/ ), the Distributed Checksum
Clearinghouse ( http://www.rhyolite.com/anti-spam/dcc/ ), and Pyzor.
If the message contains SpamAssassin markup, this will be stripped out
automatically before submission. The support modules for DCC, Razor
and/or Pyzor must be installed for spam to be reported to each service.
The message will also be submitted to SpamAssassin's learning systems;
currently this is the internal Bayesian statistical-filtering system (the BAYES
rules). (Note that if you I<only> want to perform statistical learning, and
do not want to report mail to a third-party server, you should use the
C<sa-learn> command directly instead.)
=item B<-k>, B<--revoke>
Revoke this message. This will revoke the mail message read from STDIN from
various spam-blocker databases. Currently, these are Vipul's Razor (
http://razor.sourceforge.net/ ).
Revocation support for the Distributed Checksum Clearinghouse (
http://www.rhyolite.com/anti-spam/dcc/ ), and Pyzor is not currently available.
If the message contains SpamAssassin markup, this will be stripped out
automatically before submission. The support modules for Razor must be
installed for spam to be revoked from the service.
The message will also be submitted as 'ham' (non-spam) to SpamAssassin's
learning systems; currently this is the internal Bayesian statistical-filtering
system (the BAYES rules). (Note that if you I<only> want to perform
statistical learning, and do not want to report mail to a third-party server,
you should use the C<sa-learn> command directly instead.)
=item B<--lint>
Syntax check (lint) the rule set and configuration files, reporting
typos and rules that do not compile correctly. Exits immediately with
0 if there are no errors, or greater than 0 if any errors are found.
=item B<-W>, B<--add-to-whitelist>
Add all email addresses, in the headers and body of the mail message read
from STDIN, to the automatic whitelist. Note that you must be running
C<spamassassin> or C<spamd> with the B<-a> switch for this to work.
See the B<-a> documentation for more information.
=item B<--add-to-blacklist>
Add all email addresses, in the headers and body of the mail message read
from STDIN, to the automatic whitelist with a high score (ensuring they
will be ''blacklisted''). Note that you must be running C<spamassassin>
or C<spamd> with the B<-a> switch. See the B<-a> documentation for
more information.
=item B<-R>, B<--remove-from-whitelist>
Remove all email addresses, in the headers and body of the mail message read
from STDIN, from the automatic whitelist. STDIN must contain a full email
message, so to remove a single address you should use
B<--remove-addr-from-whitelist> instead.
Note that you must be running C<spamassassin> or C<spamd> with the B<-a>
switch. See the B<-a> documentation for more information.
=item B<--add-addr-to-whitelist>
Add the named email address to the automatic whitelist. Note that
you must be running C<spamassassin> or C<spamd> with the B<-a> switch.
See the B<-a> documentation for more information.
=item B<--add-addr-to-blacklist>
Add the named email address to the automatic whitelist with a high score
(ensuring they will be ''blacklisted''). Note that you must be running
C<spamassassin> or C<spamd> with the B<-a> switch. See the B<-a>
documentation for more information.
=item B<--remove-addr-from-whitelist>
Remove the named email address from the automatic whitelist. Note that
you must be running C<spamassassin> or C<spamd> with the B<-a> switch.
See the B<-a> documentation for more information.
=item B<-w> I<fromaddr>, B<--warning-from>=I<fromaddr>
This flag is only useful in conjunction with B<-r>. It will send a reply mail
to the sender of the tested mail, notifying them that their message has been
trapped as spam, from the address supplied in I<fromaddr>. See L</SPAM TRAPPING>.
=item B<-l> I<filename>, B<--log-to-mbox>=I<filename>
Log all mail messages that pass through the filter, to an mbox-format file
named by I<filename>. Handy for use with B<-r> and B<-w>.
=item B<-L>, B<--local>
Do only the ''local'' tests, ones that do not require an internet connection to
operate. Normally, SpamAssassin will try to detect whether you are connected
to the net before doing these tests anyway, but for faster checks you may wish
to use this.
=item B<-d>, B<--remove-markup>
Remove SpamAssassin markup (the "SpamAssassin results" report, X-Spam-Status
headers, etc.) from the mail message. The resulting message, which will be
more or less identical to the original, pre-SpamAssassin input, will be output
to stdout.
(Note: the message will not be exactly identical; some headers will be
reformatted due to some features of the Mail::Internet package, but the body
text will be.)
=item B<-C> I<path>, B<--configpath>=I<path>, B<--config-file>=I<path>
Use the specified path for locating the distributed configuration files.
Ignore the default directories (usually C</usr/share/spamassassin> or similar).
=item B<--siteconfigpath>=I<path>
Use the specified path for locating site-specific configuration files. Ignore
the default directories (usually C</etc/mail/spamassassin> or similar).
=item B<-p> I<prefs>, B<--prefspath>=I<prefs>, B<--prefs-file>=I<prefs>
Read user score preferences from I<prefs> (usually C<$HOME/.spamassassin/user_prefs>).
=item B<-D> [I<area=n,...>], B<--debug> [I<area=n,...>]
Produce diagnostic output. The level of diagnostic output can be set for each
area separately; I<area> is the area of the code to instrument, and I<n> is
a positive or negative number indicating the debug level or bitmask for that
area of code. For example, to produce diagnostic output on all rules that
hit, use:
spamassassin -D rulesrun=255
=item B<-x>, B<--nocreate-prefs>
Disable creation of user preferences file.
=item B<-M> I<factory>, B<--whitelist-factory>=I<factory>
Select alternative whitelist factory.
=back
=head1 DESCRIPTION
SpamAssassin is a mail filter to identify spam using text analysis and several
internet-based realtime blacklists.
Using its rule base, it uses a wide range of heuristic tests on mail headers
and body text to identify "spam", also known as unsolicited commercial email.
Once identified, the mail is then tagged as spam for later filtering using the
user's own mail user-agent application.
SpamAssassin also includes support for reporting spam messages to collaborative
filtering databases, such as Vipul's Razor ( http://razor.sourceforge.net/ ).
The default tagging operations that take place are detailed in L</TAGGING>.
=head1 CONFIGURATION FILES
The rule base, text templates, and rule description text are loaded from the
configuration files.
By default, configuration data is loaded from the first existing directory in:
F<@@DEF_RULES_DIR@@>;
F<@@PREFIX@@/share/spamassassin>;
F</usr/local/share/spamassassin>;
F</usr/share/spamassassin> .
Site-specific configuration data is used to override any values which had
already been set. This is loaded from the first existing directory in:
F<@@LOCAL_RULES_DIR@@>;
F<@@PREFIX@@/etc/mail/spamassassin>;
F<@@PREFIX@@/etc/spamassassin>;
F</usr/local/etc/spamassassin>;
F</usr/pkg/etc/spamassassin>;
F</usr/etc/spamassassin>;
F</etc/mail/spamassassin>;
F</etc/spamassassin> .
Spamassassin will read *.cf in these directories, in alphanumeric order within
each directory (similar to SysV-style startup scripts). In other words, it
will read F<10_misc.cf> before F<50_scores.cf> and F<20_body_tests.cf> before
F<20_head_test.cf>. Options in later files will override earlier files.
The user preferences (such as scores to attach to each rule), are loaded from
the file specified in the B<-p> argument. If this is not specified,
F<~/.spamassassin/user_prefs> is used if it exists. C<spamassassin> will
create this file if it does not exist, using F<user_prefs.template> as a
template. This file will be looked for in:
F<@@LOCAL_RULES_DIR@@>;
F<@@PREFIX@@/etc/mail/spamassassin>;
F<@@PREFIX@@/share/spamassassin>;
F</etc/spamassassin>;
F</etc/mail/spamassassin>;
F</usr/local/share/spamassassin>;
F</usr/share/spamassassin>.
=head1 TAGGING
The following two sections detail the tagging that takes place for
messages.
Note that if you use the B<-t> argument, all mails will be tagged
as if they are spam messages.
=head2 TAGGING FOR SPAM MAILS
If an incoming message is tagged as spam, instead of modifying the
original message, SpamAssassin will create a new report message and
attach the original message as a message/rfc822 MIME part (ensuring
the original message is completely preserved and easier to recover).
The new report message inherits the following headers (if they are
present) from the original spam message:
=over 4
=item Subject: header
The string C<*****SPAM*****> is also prepended to the subject,
if the C<rewrite_subject 1> configuration option is given.
=item From: header
=item To: header
=item Cc: header
=item Date: header
=back
And (by default) these headers are added:
=over 4
=item X-Spam-Status: header
A string, C<Yes, hits=nn required=nn tests=xxx,xxx
autolearn=(ham|spam|no)> is set in this header to reflect the filter
status.
=item X-Spam-Flag: header
Set to C<YES>.
=item X-Spam-Report: header
=back
Please note that the headers that added are now fully configurable via
the add_header option. Please see the manpage for
Mail::SpamAssassin::Conf(3) for more information.
=over 4
=item spam mail body text
The SpamAssassin report is added to top of the mail message body,
if the message is marked as spam.
=back
=head2 DEFAULT TAGGING FOR HAM (NON-SPAM) MAILS
=over 4
=item X-Spam-Status: header
A string, C<No, hits=nn required=nn tests=xxx,xxx
autolearn=(ham|spam|no)> is set in this header to reflect the filter
status.
=back
Added headers are fully configurable via the add_header configuration
option. Please see the manpage for Mail::SpamAssassin::Conf(3) for
more information.
=head1 SPAM TRAPPING
Quite often, if you've been on the internet for a while, you'll have
accumulated a few old email accounts that nowadays get nothing but
spam.
SpamAssassin lets you set them up as aliases, as follows:
=over 4
=item spamtrap1: "| /path/to/spamassassin -r -w spamtrap1"
=back
This will add any incoming mail messages straight into spam-tracking databases,
such as Vipul's Razor; send an explanatory reply message to the sender, from
the I<spamtrap1> address; then drop the mail into the bit-bucket.
The explanatory reply text is taken from the SpamAssassin configuration file,
where it is stored in the C<spamtrap> lines.
If you want to keep a copy of the mails, use something like this:
=over 4
=item spamtrap1: "| /path/to/spamassassin -r -w spamtrap1 -l /var/spam/caught"
=back
It is suggested you familiarise yourself with how MTAs run programs specified
in aliases, if you plan to do this; for one thing, B<spamassassin> will not run
under your user id in this case. If you are nervous about this, create a user
for spamtrapping, and set up spamassassin in its F<.forward> file.
=head1 INSTALLATION
The B<spamassassin> command is part of the B<Mail::SpamAssassin> Perl module.
Install this as a normal Perl module, using C<perl -MCPAN -e shell>, or by
hand.
For further details on how to install, please read the C<INSTALL> file
from the SpamAssassin distribution.
=head1 ENVIRONMENT
No environment variables, aside from those used by perl, are required to
be set.
=head1 SEE ALSO
sa-learn(1)
Mail::SpamAssassin(3)
Mail::SpamAssassin::Conf(3)
Mail::Audit(3)
Razor(3)
=head1 BUGS
http://bugzilla.spamassassin.org/
=head1 AUTHOR
Justin Mason E<lt>jm /at/ jmason.orgE<gt>
=head1 PREREQUISITES
C<Mail::Audit>
=head1 COREQUISITES
C<Net::DNS>
C<Razor>
=cut