From Kolab Wiki
Using Razor2 with kolab2
From [] Vipul's Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures.
This can significantly reduce the amount of spam received by users, and is fairly easy to integrate with amavisd on kolab.
- Go to http://razor.sourceforge.net/ and download the latest razor-agents-x.xx (2.82 at time of writing)
mkdir /usr/local/src/razor2 cd /usr/local/src/razor2 tar jxvf razor-agents-2.81.tar.bz2 cd razor-agents-2.81
- Make sure we are using the correct perl
opa /kolab (opa is a useful script available here Opa, to make sure you use the kolab environment) /kolab/bin/perl Makefile.PL /kolab/bin/make /kolab/bin/make test /kolab/bin/make install
- Now test that it is installed ok
This should give output similar to:
This program is deprecated and no longer necessary. You may begin using Razor now.
Ensure Razor2 outbound port is open
As per http://razor.sourceforge.net/docs/doc.php?type=text&name=FAQ Q: I have a firewall. What ports do I need to open in order for
Razor2 to work?
Outgoing TCP port 2703 (Razor2), only. Previous versions used TCP port 7 (echo), but this is no longer used.
Therefore ensure outbound TCP port 2703 is open from your kolab server.
mkdir /kolab/.razor chown kolab-r.kolab-r /kolab/.razor su - kolab-r pwd (should return /kolab - kolab-r's home) /kolab/bin/razor-admin -create
- razor-admin will now create a basic config in .razor in the users home dir (in this case /kolab/.razor) and you should see some new files in there. They will all be owned by the user that ran the command, in this case kolab-r.
/kolab/bin/razor-admin -register -user=user@domain -pass=xxxxxxx (make sure you are still kolab-r) exit
- /kolab/.razor should now look something like:
drwxr-xr-x 2 kolab-r kolab-r 496 Aug 7 15:29 ./ drwxr-x--- 326 kolab-r kolab-r 18416 Aug 8 11:14 ../ lrwxrwxrwx 1 kolab-r kolab-r 31 Aug 7 15:28 identity -> user@domain -rw------- 1 kolab-r kolab-r 102 Aug 7 14:49 user@domain -rw-r--r-- 1 kolab-r kolab-r 809 Aug 7 15:29 razor-agent.conf -rw-r--r-- 1 kolab-r kolab-r 966 Aug 7 14:49 razor-agent.log -rw-r----- 1 kolab-r kolab-r 621 Aug 7 15:17 server.c101.cloudmark.com.conf -rw-r----- 1 kolab-r kolab-r 621 Aug 7 15:16 server.c102.cloudmark.com.conf -rw-r--r-- 1 kolab-r kolab-r 566 Aug 7 14:48 server.joy.cloudmark.com.conf -rw-r----- 1 kolab-r kolab-r 594 Aug 7 15:13 server.shock.cloudmark.com.conf -rw-r--r-- 1 kolab-r kolab-r 58 Aug 7 15:29 servers.catalogue.lst -rw-r--r-- 1 kolab-r kolab-r 22 Aug 7 15:29 servers.discovery.lst -rw-r--r-- 1 kolab-r kolab-r 38 Aug 7 15:29 servers.nomination.lst
- Now move config dir to the proper location, and edit config
mv /kolab/.razor /kolab/var/amavisd/ cp /kolab/var/amavisd/.razor/razor-agent.conf /kolab/var/amavisd/.razor/razor-agent.conf.`date +%d%m%g` vi /kolab/var/amavisd/.razor/razor-agent.conf
- Make sure you have the following lines in the file, or edit existing ones:
razorhome = /kolab/var/amavisd/.razor logfile = /kolab/var/amavisd/razor-agent.log
- Move log file to the right location and set permissions
mv /kolab/var/amavisd/.razor/razor-agent.log /kolab/var/amavisd/razor-agent.log chown kolab-r:kolab-r /kolab/var/amavisd/razor-agent.log chmod 640 /kolab/var/amavisd/razor-agent.log
- Become kolab-r and rerun (UPGRADING - just update the perl module and rerun the razor-admin command)
su - kolab-r pwd (should return /kolab) /kolab/bin/razor-admin -d -create -home=/kolab/var/amavisd/.razor
Configure SA to use razor
- Edit the file /kolab/etc/kolab/templates/local.cf.template and add the lines:
use_razor2 1 razor_config /kolab/var/amavisd/.razor/razor-agent.conf razor_timeout 10 score RAZOR2_CHECK 2.500
- Authorizing Razor for Spamassassin. To enable it, you need to modify /kolab/etc/spamassassin/v310.pre by ripping the disabling symbol for loading the Razor module for Spamassassin (for Kolab 2.1RC users):
# Razor2 - perform Razor2 message checks. # # Razor2 is disabled here because it is not available for unlimited free # use. It is currently free for personal use, subject to capacity # constraints. See the Cloudmark SpamNet Service Policy for more details. # loadplugin Mail::SpamAssassin::Plugin::Razor2
Configure amavisd for remote tests
- Make sure amavisd has "remote_tests_only" disabled, this will enable it to connect to the internet for other checks (0 enables remote, 1 disables).
vi /kolab/etc/kolab/templates/amavisd.conf.template $sa_local_tests_only = 0; # (default: false) /kolab/sbin/kolabconf
- You can now try to run amavisd in debug mode, to check that razor is working:
openpkg rc amavisd stop amavisd -c /kolab/etc/amavisd/amavisd.conf debug-sa
- Look for lines that say:
 dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC  dbg: razor2: razor2 is available, version 2.82  dbg: plugin: registered Mail::SpamAssassin::Plugin::Razor2=HASH(0x98e7d44)
- Once you are happy that its running, CTRL+C, and then restart amavisd normally
openpkg rc amavisd start