Tito's Blog

We all analyze Apache logs with the popular tail -f, which to a certain point is quite neat that you can see the whole request in real time. However, there is a point where you may be interested to know more details about your web logs.

Here it is where I find really interesting GoAccess. Whilst Awstats, Analog, Webalizer all generate HTML statistics, this application will let you analyze your Apache Web server logs straight from the terminal. It generates statistics really fast and it displays them in a nice ncurses interface.

More information about this project at: http://goaccess.prosoftcorp.com/

Here are the steps to install rssh in the linux server :
Follow the below steps to install if your linux os is 32 bit :
Step 1: cd /usr/src
Step 2: wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el4.rf.i386.rpm
Step 3: rpm -ivh rssh-2.3.2-1.2.el4.rf.i386.rpm
If your linux os is 64 bit then follow these steps:
Step 1: cd /usr/src
Step 2: wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el5.rf.x86_64.rpm
Step 3: rpm -ivh rssh-2.3.2-1.2.el5.rf.x86_64.rpm

Installing Spamassassin

Installing Postfix Read my previous article - “Install and configure a Postfix mail server”

The installation of Spamassassin I am going to show you will be done completely in command line. So the very first step is to open up that terminal window and get ready to do a bit of typing (or copy/pasting).

The first step is to install Spamassassin. This is done with the command:

sudo apt-get install spamassassin

You will have to give your sudo password for the installation to continue. There may be some dependencies (this will be determined by what you already have installed on your machine). Allow apt to install the dependencies.

After Spamassassin is installed you are ready to begin the configuration. You will have to do some configuration in both Spamassassin and Postfix.

Configuring Spamassassin

The main configuration file for Spamassassin is /etc/spamassassin/local.cf. The first option you want to look for is the SPAM score option. Look for the line:

# required_score 5.0

Uncomment that line (remove the “#” character) and then change the numerical score to what you would prefer. As I mentioned earlier, a score of 3.5 is pretty safe.

Another great configuration option is to set up whitelist and blacklists within the configuration file. You would only want to do this for addresses that are often tagged incorrectly as SPAM. You can do this to whitelist single addresses or entire domains. For example:

whitelist_from mailme@titopanicker.net

would ensure that email from the address above was not marked as SPAM. Also:

whitelist_from *@titopanicker.net

would whitelist the entire domain somedomain.com. You can also have multiple entries per line separated by spaces like so:

whitelist_from jack@somedomain.com jennifer@somedomain.com olivia@somedomain.com

The same thing holds true for blacklisting, only the parameter is blacklist_from.

You will want to use caution if trying to add your own domain to a whitelist, because a spammer could spoof a local address and Spamassassin will allow it through.

Another configuration option is the report_safe option. Somewhere around the required_score line (this will depend upon the release you install) you will find the line:

# report_safe

This line will define how Spamassassin will handle any message marked as SPAM. If you set this line to:

report_safe 0

all incoming SPAM is modified by altering the header to mark said email as SPAM.

If you set this line to:

report_safe 1

all incoming messages tagged as SPAM will create a new report message and attach the original message as a message/rfc822 MIME (preserving the original message, but not easily opened).

If you set this line to:

report_safe 2

all incoming messages tagged as SPAM will be attached to a new report as plain text.

A message marked as SPAM will not be deleted. Instead a message marked as SPAM will be labeled as such and allowed through. This further prevents false positives and allows the user to define what to do with SPAM in their email client.

If you set that line to…

report_safe 1

…all messages marked as SPAM will be deleted. I find it best to set this to 0, so to avoid the loss of false positive email. If you set report_safe to 0 you will need to define how the header is rewritten so the message is properly labeled as SPAM. Look for this line:

# rewrite_header Subject *****SPAM*****

Uncomment this line (remove the “#” character) and then change the *****SPAM***** section to whatever you prefer it to be. Just make sure your users are aware of what this line is so they can handle it with their mail clients.

After you make this last change, save and close this file and restart the Spamassassin daemon with the command:

sudo /etc/init.d/spamassassin restart

Now you are ready to configure Postfix.

Configure Postfix

The configuration file you need to make changes to is /etc/postfix/master.cf. There are a few changes to make. The first change is to look for this line:

smtp inet n – - – - smtpd

You will need to change this line to:

smtp inet n – - – - smtpd -o content_filter=spamassassin

Now, take a look at the bottom of this configuration file and add the following:

spamassassin
unix – n n – - pipe
flags=R
user=spamd
argv=/usr/bin/spamc
-e /usr/sbin/sendmail
-oi -f ${sender} ${recipient}

That’s it. Now all you need to do is save that file and restart Postfix with the command:

sudo /etc/init.d/postfix restart