You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "opencomputing@gmail.com" <op...@gmail.com> on 2006/08/24 00:16:08 UTC
Another SARE channel with the most used rules available
Hi,
This is to notify you about another SARE channel with the most used
rules available as a single channel. If you're not the type to try every
single rule in SARE and manually select them, you can instead use this
single channel instead.
OpenProtect's Sa-update channel for SARE
Sa-update
<http://wiki.apache.org/spamassassin/RuleUpdates#head-b6f1953fb1dc659b7de160effffbe95e9e00d3b1>,
as the linked page says is a way to download new rules from different
places called channels.
We guys at OpenProtect <http://openprotect.com> have created a channel
which contains the recommended rules in the SARE - SpamAssassin Rules
Emporium <http://www.rulesemporium.com/>. This way, rules can be updated
easily using sa-update, which ships with SA versions above 3.0.
Steps to use our channel
Follow the steps below to have our channel working on your mail server
or any computer with SA > 3.0 installed on it.
*
Have gnupg installed, if you wish to check the channel files
against our signature.
*
Run the command *gpg --keyserver pgp.mit.edu --recv-keys BDE9DC10*
to import our public key from the mit keyserver. The output should
look like:
gpg: requesting key BDE9DC10 from hkp server pgp.mit.edu
gpg: key BDE9DC10: public key "Opencomputing Technologies (Key to
sign all files from openprotect.com) " imported
gpg: Total number processed: 1
gpg: imported: 1
* Now, copy the trusted public keys from root to SA by running the
command *cp -f /root/.gnupg/pubring.gpg
/etc/spamassassin/sa-update-keys/pubring.gpg*
*
Another way to import our public key is get the gpg file and
import it manually using sa-update and gpg. The commands are *wget
http://saupdates.openprotect.com/pub.gpg*.
Now, import by running the command *sa-update --import pub.gpg*
which should return without any error or output messages.
This isn't the preferred way, as the gpg file could be corrupted
or tampered with, if our server is hacked.
* Now schedule daily downloads of rules from this channel using cron
using the command *sa-update --gpgkey
D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel
saupdates.openprotect.com*, where the 40 digit hex is our public
key fingerprint and the channel is the URL from which to download
the rules.
The rules should be installed at */var/lib/spamassassin/*
directory and SA will use all these rules by default.
* If you don't have gpg or don't want to check against our
signature, you can add the *--nogpg* option to the above sa-update
command to skip gpg signature checks.
Note that only rules with high hit ratio and low false positives, like
70_sare_uri0.cf are used, instead of the 1,2,3 etc rules which have high
FPs and don't hit on too many spam mails anyway. Rules are linted before
entering the channel, so it's assured to work on any SA from 3.0.0
onwards to 3.1.4.
Let me know of any feedback that you might have about this channel.
cheers,
skar.
--
OpenProtect - The email virus/spam filter
http://openprotect.com
Re: Another SARE channel with the most used rules available
Posted by Michael Schaap <sp...@mscha.org>.
Hi,
On 24-Aug-2006 0:16, opencomputing@gmail.com wrote:
>
> This is to notify you about another SARE channel with the most used
> rules available as a single channel. If you're not the type to try every
> single rule in SARE and manually select them, you can instead use this
> single channel instead.
>
(snip)
>
> Note that only rules with high hit ratio and low false positives, like
> 70_sare_uri0.cf are used, instead of the 1,2,3 etc rules which have high
> FPs and don't hit on too many spam mails anyway. Rules are linted before
> entering the channel, so it's assured to work on any SA from 3.0.0
> onwards to 3.1.4.
>
Any chance of adding support for 3.1.5? (Currently fails with "dns:
query failed: 5.1.3.saupdates.openprotect.com => NXDOMAIN".)
Thanks in advance,
– Michael
Re: Another SARE channel with the most used rules available
Posted by Vivek Khera <vi...@khera.org>.
On Aug 24, 2006, at 7:26 AM, opencomputing@gmail.com wrote:
> Yes, downloading the gpg and using "sa-update import" doesn't have
> that problem though. So, how to extract this public key alone from
> the public key ring to copy over to the sa-update public key ring?
> Any idea on this is welcome :)
gpg --armor --export KEYID
the man page is amazingly helpful ;-)
Re: Another SARE channel with the most used rules available
Posted by "opencomputing@gmail.com" <op...@gmail.com>.
Justin Mason wrote:
> hey, btw, it might be better to extract the gpg public key from "gpg",
> instead of copying over the entire public key ring -- since that will (a)
> overwrite any existing SA-update keys, including the system ones,
> and (b) will trust any existing GPG correspondents to publish SA updates!
Yes, downloading the gpg and using "sa-update import" doesn't have that
problem though. So, how to extract this public key alone from the public
key ring to copy over to the sa-update public key ring? Any idea on this
is welcome :)
cheers,
skar.
--
OpenProtect - The email virus/spam filter
http://openprotect.com