# Spamtrap explained? [Solved]

## BoBoeBoe

I've just setup mail mailserver following  *Quote:*   

> http://www.gentoo.org/doc/en/mailfilter-guide.xml

 

However it is unclear to me how the construction with the spamtrap user is supposed to work. Could somebody explain?

This is what I get from it:

1) Spam is forwarded to the spamtrap user account by adding the following line in /etc/amavisd.conf

```
$spam_quarantine_to = "spamtrap\@$myhostname";
```

2) In .procmailrc email are put into two seperate mailsubdirectories

.spam-found

and

.likely-spam-found

Now comes the tricky part

To prevent false positives one should regularly review the content of .likely-spam-found (and spam-found) and all spam emails should be placed in the shared mailfolder:

Bayes.spam

and all ham messages should be placed in 

Bayes.redeliver

From there the crontab jobs 

```
#Redeliver false positives

* * * * *          find /var/amavis/.maildir/Bayes/.redeliver/cur/ -type f -name \

                   "[0-9]*" -exec cp {} /var/amavis/.maildir/Bayes/.ham/cur/ \; \

                   && find /var/amavis/.maildir/Bayes/.redeliver/cur/ -type f \

                   -name "[0-9]*" -exec /usr/local/bin/redeliver.pl {} \;
```

redelivers the email again 

and the crontab job

```
#Auto learn

0 * * * *          /usr/bin/sa-learn --spam /var/amavis/.maildir/Bayes/.spam/{cur,new} \

                    > /dev/null 2>&1 

0 * * * *          /usr/bin/sa-learn --ham /var/amavis/.maildir/Bayes/.ham/{cur,new} > \

                   /dev/null 2>&1 
```

Make sure the bayes learn what is spam and what is hamLast edited by BoBoeBoe on Wed Nov 22, 2006 8:24 pm; edited 1 time in total

----------

## eltech

Bump .. I'd like to figure out the same thing ... I used a blend of this and this guide, and I have no system accounts, so what changes would i have to make for it to suit my environment..

----------

## BoBoeBoe

The discription is right!

In addition to this user can forward false negetive emails to the spamtrap mail account the administrator can then move these mail to the shared Bayes/.spam folder.

The cronjobs make sure that they are bayes will learn that this is spam

----------

## eltech

 *BoBoeBoe wrote:*   

> The discription is right!
> 
> In addition to this user can forward false negetive emails to the spamtrap mail account the administrator can then move these mail to the shared Bayes/.spam folder.
> 
> The cronjobs make sure that they are bayes will learn that this is spam

 I dont understand what you are saying...

what Im asking is how to craft this setup for a virtual environment. I cant log in as spamtrap because I dont have system accounts.

----------

## BoBoeBoe

I've no experience with the setup of virtual environments, but I suppose what you say that you've setup a mailserver on a VMware based system or something likewise or are you renting a hosted virtual server?

Anyway the solution is rather simple you will need a spamtrap mailaccount. Normally you just do that by adding an extra account spamtrap. In the file /etc/amavisd.conf you configure amavis to forward spam and virus infected emails towards you spamtrap account by adding the line 

```
$spam_quarantine_to = "spamtrap\@$myhostname";
```

To allow Bayes to autolearn from spam you can move these files to a shared maildirectory: /var/amavis/.maildir/Bayes/.spam. You can do this by just reviewing the spam received in your spamtrap mailbox. Make sure that any false positves, ham initially identified as spam, are moved towards: /var/amavis/.maildir/Bayes/.ham

If you don't do this rapidly all your email will be recognized as spam and after a while you won't receive any of your mail.

The cronjobs will scan these directories every hour to learn spam/ham for the future:

```
#Auto learn

0 * * * *          /usr/bin/sa-learn --spam /var/amavis/.maildir/Bayes/.spam/{cur,new} \

                    > /dev/null 2>&1 

0 * * * *          /usr/bin/sa-learn --ham /var/amavis/.maildir/Bayes/.ham/{cur,new} > \

                   /dev/null 2>&1 
```

----------

## eltech

heh .. no this your assumptions are incorrect .. virtual accounts mean that postfix is setup for virtual mail accounts not system accounts.

The gentoo guide says to create a system account and move the mails to the shared directory in the amavis directory. My mail is delivered to 

```
/var/vmail/domain.com/user/
```

So the question is how can I create the same ability to manage the spam/ham with the structure I have and not using system accounts..

----------

## BoBoeBoe

Do you want to have one single spamtrap account or do you need one to handle it for each domain?

----------

## eltech

 *BoBoeBoe wrote:*   

> Do you want to have one single spamtrap account or do you need one to handle it for each domain?

 one account is fine, i can just drop it back into the ham folder to be re-delivered .. but the question is how to set this up using the virtual mail setup guide..

----------

## BoBoeBoe

You just need to create an spamtrap or whatever you want to call it in one of your domains. Now you need to configure amavis to forward spam and virus infected emails towards you spamtrap account. You can do this by adding the following line in the file /etc/amavisd.conf:

```

$spam_quarantine_to = "spamtrap\@myvirtualdomainname.com";
```

Now either create a shared mail directory a explained in the guide, but you could also create you own .spam and .ham folders under your spamtrap@myvirtualdomainname.com account. 

Now move your spam and likely spam emails to your .spam folder in case of a positive spam and forward it towards the .ham folder in case of false positives.

Now define the cronjobs to scan these folder for ham and spam as explained in the guide.

```
#Auto learn

0 * * * *          /usr/bin/sa-learn --spam /myhomefolderlocation/spamtrap/.maildir/.spam/{cur,new} \

                    > /dev/null 2>&1

0 * * * *          /usr/bin/sa-learn --ham /myhomefolderlocation/maildir/Bayes/.ham/{cur,new} > \

                   /dev/null 2>&1

```

Once you've done that you also need to define a cronjob that cleans these folders after some time to make sure that they don't get overloaded. It's explained in the guide but you might need to change the location in case you don't use the shared folder construction.

----------

## eltech

Yes this is how I kind of invisioned it, but my concern is Amavis and others that might require access to the folders which are by default not allowed access by any other groups; but I can make the necessary adjustments and see what happens.

Thanks for your help ..

----------

