From b0a6ba11baed7e43ac4cd9a5681b110fc3928339 Mon Sep 17 00:00:00 2001 From: Warren Togami Date: Tue, 29 Dec 2009 03:18:05 +0000 Subject: [PATCH] sa-update channels defined in /etc/mail/spamassassin/channels/*.conf --- sa-update-channels.txt | 2 - sa-update-keys.txt | 2 - sa-update.cronscript | 74 ++++++++++++++++++++++----- sought-pubkey.txt => sought.conf | 6 +++ spamassassin-official.conf | 86 ++++++++++++++++++++++++++++++++ spamassassin.spec | 19 ++++--- 6 files changed, 164 insertions(+), 25 deletions(-) delete mode 100644 sa-update-channels.txt delete mode 100644 sa-update-keys.txt rename sought-pubkey.txt => sought.conf (94%) create mode 100644 spamassassin-official.conf diff --git a/sa-update-channels.txt b/sa-update-channels.txt deleted file mode 100644 index 1543e2d..0000000 --- a/sa-update-channels.txt +++ /dev/null @@ -1,2 +0,0 @@ -updates.spamassassin.org -sought.rules.yerp.org diff --git a/sa-update-keys.txt b/sa-update-keys.txt deleted file mode 100644 index e4433d8..0000000 --- a/sa-update-keys.txt +++ /dev/null @@ -1,2 +0,0 @@ -# SOUGHT anti-fraud ruleset -6C6191E3 diff --git a/sa-update.cronscript b/sa-update.cronscript index cab2411..b0df2cb 100644 --- a/sa-update.cronscript +++ b/sa-update.cronscript @@ -1,11 +1,31 @@ #!/bin/bash # *** DO NOT MODIFY THIS FILE *** # -# /etc/mail/spamassassin/sa-update-channels.txt -# Specify custom channels here +# /etc/mail/spamassassin/channels/*.conf +# Place files here to add custom channels. # -# /etc/mail/spamassassin/sa-update-keys.txt -# Specify trusted GPG keys for custom channels here + +# list files in a directory consisting only of alphanumerics, hyphens and +# underscores +# $1 - directory to list +# $2 - optional suffix to limit which files are selected +run_parts_list() { + if [ $# -lt 1 ]; then + echo "ERROR: Usage: run_parts_list " > /dev/stderr + exit 1 + fi + if [ ! -d "$1" ]; then + echo "ERROR: Not a directory: $1" > /dev/stderr + exit 1 + fi + + if [ -d "$1" ]; then + if [ -n "$2" ]; then + find_opts='-name *'$2 + fi + find -L $1 -mindepth 1 -maxdepth 1 -type f $find_opts | sort -n + fi +} # Proceed with sa-update if spam daemon is running or forced in /etc/sysconfig/sa-update unset SAUPDATE @@ -18,17 +38,45 @@ done # Skip sa-update if daemon not detected [ -z "$SAUPDATE" ] && exit 0 -# Sleep random amount of time before proceeding to avoid overwhelming the servers -sleep $(expr $RANDOM % 7200) - # sa-update must create keyring if [ ! -d /etc/mail/spamassassin/sa-update-keys ]; then sa-update fi -# Import SOUGHT key -sa-update --import /usr/share/spamassassin/sought-pubkey.txt -# Update rules with sa-update, restart spamd if rules were updated -/usr/bin/sa-update --channelfile /etc/mail/spamassassin/sa-update-channels.txt \ - --gpgkeyfile /etc/mail/spamassassin/sa-update-keys.txt && \ - /etc/init.d/spamassassin condrestart > /dev/null +# Initialize Channels and Keys +CHANNELLIST="" +KEYLIST="" +# Process each channel defined in /etc/mail/spamassassin/channels/ +for file in $(run_parts_list /etc/mail/spamassassin/channels/ .conf); do + # Validate config file + PREFIXES="CHANNELURL KEYID BEGIN" + for prefix in $PREFIXES; do + if ! grep -q "$prefix" $file; then + echo "ERROR: $file missing $prefix" + exit 255 + fi + done + . $file + echo "CHANNELURL=$CHANNELURL" + echo "KEYID=$KEYID" + CHANNELLIST="$CHANNELLIST $CHANNELURL" + KEYLIST="$KEYLIST $KEYID" + sa-update --import $file +done + +# Sleep random amount of time before proceeding to avoid overwhelming the servers +sleep $(expr $RANDOM % 7200) + +unset arglist +# Run sa-update on each channel, restart spam daemon if success +for channel in $CHANNELLIST; do + arglist="$arglist --channel $channel" +done +for keyid in $KEYLIST; do + arglist="$arglist --gpgkey $keyid" +done +/usr/bin/sa-update $arglist +if [ $? -eq 0 ]; then + /etc/init.d/spamassassin condrestart > /dev/null + [ -f /etc/init.d/amavisd ] && /etc/init.d/amavisd condrestart > /dev/null +fi diff --git a/sought-pubkey.txt b/sought.conf similarity index 94% rename from sought-pubkey.txt rename to sought.conf index 176a22f..f24d6c9 100644 --- a/sought-pubkey.txt +++ b/sought.conf @@ -1,3 +1,9 @@ +# http://wiki.apache.org/spamassassin/SoughtRules +CHANNELURL=sought.rules.yerp.org +KEYID=6C6191E3 +# Ignore everything below. +return 0 + -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.1 (GNU/Linux) diff --git a/spamassassin-official.conf b/spamassassin-official.conf new file mode 100644 index 0000000..2f35a9c --- /dev/null +++ b/spamassassin-official.conf @@ -0,0 +1,86 @@ +# http://wiki.apache.org/spamassassin/RuleUpdates +CHANNELURL=updates.spamassassin.org +KEYID=5244EC45 +# Ignore everything below. +return 0 + +This is the GPG key that updates are signed with (currently, +as of Wed Dec 21 19:31:38 PST 2005. Please contact with any questions. + + +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.2 (SunOS) + +mQILBEOnbDQBEADBfda+hU8cGXD/2WYrIHsZ5CmvC2eCYKgQ87W706tzwmxoZWQS +JfnRpkZnBqS5WDhXhNBOhk9CgF5/e9yHnDQCusNYfRstKd+t0XTFvq30/tacrJNe +67zgq+DtWqIK9C7akfElc+2M5NkX6mF4cjaMXZoW17ltPy0XSSeirf584nvK3pXf +oEFLYQ/0AUV9EBpo9+i2DkMUd8d5tz7A6O5foB3ijYPzIcVtVJ1eyCg6gO1I4cIA +YbIZCH0WIVx5MQjydfKyCR4D7VFPpZgwcZ1PmyZSsy3lrigGVvYEoUS2fWTt2jUO +pB3wg5pgzuu9hN5CpChZGvq65t4PGtAeShnBkddIH4l+iDC6sAc6W06KidSaUCW1 +BKvNMa39lyEkO4bfLblZRjoZbj7Tjq3wQV/PLpPyKDa8ZZ88GfWaeRDUNRgZG6Qq +e6UKlFGfrw2RXOImUje7Sjy/eG4Ud/BOeGkV913yWBm9CHsPNtaVDK+iQI6vkAWS +3QkiPjBkXGTZFHsUx9/i3k5Iga6d4Gq2cBIVBur3sDxjKuuSazLwA9OAybpzQe2s +PvTzbGc/f1P7plT++HBFlBHwFtl/v68Q8pkbMWlEc5M9nYJ6yXHATHZzFfThxBwt +OYfF25XGaclUMkOMX++RiRkmjaEaT7Whv5aPbeb3+H3v6Omjvnebge24lQAGKbQ/ +dXBkYXRlcy5zcGFtYXNzYXNzaW4ub3JnIFNpZ25pbmcgS2V5IDxyZWxlYXNlQHNw +YW1hc3Nhc3Npbi5vcmc+iQI2BBMBAgAgBQJDp2w0AhsDBgsJCAcDAgQVAggDBBYC +AwECHgECF4AACgkQQFamGlJE7EVkfg//ZjBQ6UXDizX9UPsEmogWXIqbBsyP5DJH +uToaFa6OzCbOJqcYnXNfOjovYdDOTje+x3ZEkwbx+y6MSfhmDuHPDPqBU7hXenxx +oRktC68mJasKo0wXym2YfyWFnhSZMlXXFQ9We48zNGcVRckzaxLzM67BFJuRUfOM +EV6Lf3HxMvoUK3/Xzq9YPEq2sqFO1Eu+qPC3nq726Tj/aYBBFHgHmbjDrZTaQNyV +fHvEjDzPcDRjlJI+vZw1UEuXG+BKATPpiT7U7I1OGLDa2ExDIxh0+eJnsmA3YyHG +VweE7nDN2GmkXMVfa5vXHH49Ae9Ee8jIIRipfgMgZWnkZ0XYDvLj2ueH0Ixu4o9R +D2zJIwqzRh1sytG+1YOfHrOMUCplImJaY/ARgOM324ZdBvhkgIi1XvT7Sy/ZmGWd +DKFo+GjX0r2cujR8Pd4i7VlKsF9wRypk+n/aupXiaz5GY44EIVbnweyS5IlCNrwn +4UtqcB9/9uk1tmUNIcC5xjbq5ud/Y+iMIqCKCH0C9WUwSNSdsg+K+9xoZuvlaXY0 +JeXWNcDdq+tMir+x+/o0U4ENVYBkSFesnotmHwN6jZj4lSMRmvcFHPBljXqLqzM+ +y5wZxnCo1N7T+erZaI7BUrpJYm8JxcJ2VCWV0JFoO1Ec//B6XYB0pckbRuSTX/Zw +pKEkNqOdmjm5AgsEQ6dsigEQAKvdggbwqJgfDbRE2Lcy2gsn4j7haqu3IVBbyUDn +kGuuDuEtSeoRjCZXEb5DaKibIpEy5vzvRGvCFFkrBs4KXk/uamkgCpGnQZFnoz/S +rNZ8U7+e1pecEePpIkhQyafUKox9+p43UVoq4UybdPRDvE9SmQ1qaNUhyQY2FP9S +WT1a63u5GA73aH4puGO0BuZ9R3MNaDYZe/MOlRRjmlAsbY4oqWOudlNVaZ71EV3O +FFmOH4pnpxdO0X0l6sF6nvqvO5/gdZ3dI5iqrJjUneVgVOmPkREq7tQ5qHS/2pny +rDrH8NZCDNT5TXciBxBrt53bxxL/V/HWaolmtJi8gK82uXt8YlmT6zuEsofufDmu +P/HMDZ+BhGI+ggNzY2AVwERTRD6ecHDOI3iIuCP4Ck26YNHRCLyocL3CSlIpjQPu +tb3qfdAcqKLJ/fVyLtGkXr24crel6IeJY7/AGjYBrfh47DWnK7Xds8bAqJ8VCjOc +/q1usFTHgGkYocvtv0gmcjbu8YypzuG8HxOg9Yk9qRLQgg1fNhzXE2lqEPyMlBfj +eLmMNRvKP70fH8CK8adinPIegaRrS6gZ/iIdv8+YV+1rlEt28qzzGJxnmzUEmW6X +Xj44u91umg9WOsLxTOCQWdjGHonytHqj/xIsf45N2JIGLhU0lF04hYfEo5p65AyM +PpYhAAYpiQIfBBgBAgAJBQJDp2yKAhsCAAoJEEBWphpSROxFungP/iWKe7o8szOz +VmXkj89xDVFZ69nthVKkbgSYIZYQC+QLF8P1MWRnNWO/8TY+XsaCT3SrqxDFQ/R/ +9mlAPGUM1ySVihOPmP/DPiOlWLCsc0mb6OzYF2olcOR33s05MqvJlqXSmIrdB+hI +KkC7G5byZ+XZwPXVj4XlxIEOzs18+0YJqy0IPZPXTiMet4k2KyWyWkJpJYUCb19G +R6QC8hZQD97EYTbkbr5Ss26jjY/9AqLofW5F1/98pLDo+ron7pI2k8Ymn5DngEsa +XoGsQuyvPfTAjS4p9q/XwExJcX3gvQesdw18mpoSaGAOgDISolBPRqpHpy7v7vuw +3UMnsefKOX3F0Rossevw+c2/JCulnGmJDlgz6nHSR6FhHsbrDKF8oBeYPfGW/Kjw +NvzB1i9yubAMrsTQVu1Q8e5LsnL/MNYKb6oEJbBywdeHxBkehGWFXVdSoFvVSih/ +VNqX9f7jlybpLZW/n8cQ2r1ax19v7FleO/xSGvkYm7B1+4BW0mjy6A5dta5+e5WG +D5R06Uya3/xRAPGdmV6t4Mw8fFsuyCvs+vC73PR3+eS1UvCYsDpcQD8KpVBnsHaA +duWRKKhjuFL0vdOWAr25tFOTKAj5Ywas47PBukO0isov2WBCA1rVqOr6FUvdP76y +mqHv/0E6/vnTLxFoNsu4Ce42nAQ/A/jRiQQ+BBgBAgAJAhsCBQJHhbheAinBXSAE +GQECAAYFAkOnbIoACgkQbFU5eCT0NM68MQ/8DvYqxRm3vP0Gwnr+63kzET8S+6vf +gxOghnU+eMlqUeUu/ajqnVDMzoAIRDw9QgQc9ZZoklOSJQwOuloAbdpL4TwQ2XfJ +MLU60JkZWnEOXJwClb0qG1GqtcBPbMEUPfZcQfphdRL3jpWZlaexFiJRSD+A0riw +7q3NZKPDt4FrF7F3GY9krFy+P0nRt5f462DeDhCYZgguBQH+oGtjc5Hx+kOVWDsS +txo5xkt4/0DG50ZklPkTlCohmJwRLACy+NswdQ9q83eWAhzKOPgkal7xF6a+LyE+ +ytVYy2EgEU74r2gVw5iizy92FDj//Z2QAUyf/c4BMuAhvfwVIHd8n2DPHvpMP15L +6fwoymh0OjzmhwK94Z2u1YqNC1CK27/hfB6okQ/Tct7/Ik61dBjtiYdUC9tTA5Ze +W8X5ouSmttS1QFixx+Z4hiXV7Qj12lgVKuJohjrVshfcbVzTHljjAo3YkOZIHIoA +IJTUMRNzTIx9k4hrPVbxbVQhKjKTwFNtBuxvmptGTcLEIv9THpqlq8jkcStJ2Zrd +hhofPCWRT/Kzo+WE+Kgefv88T5Li7Ku12U/UpiK85+6nRspXj3rnkfDOUbLZjGM+ +1NET0xQTPuyxN6CXF7MMxfGCpszCudYxMANDQqNXu9brcPN/+EIxGRjqin4E7q+h +kYUaY7Ki8mXtJ8cJEEBWphpSROxFktcQALWQv996bFq1iFcGuQ0ITxNDlOWCsses +bgEM5zR10DH+6s2bXEO8xyDHQJtrvdCPetRDosnuOToBMnGMXTYVytnWzwwAzwq1 +YM+bGAeTHaIX+2UmxwFyX4GMOdqsNB+xDZ8pmRKjamJSgUQt6e18YpZlg1Y4QkxS +Vptq7OZBjiKeLUhLhGJ6GWgEIedLcoCtFzKCfz3zwn0Oxl+1EnVu8yqN+quWTf8P +7EZn+0ztqZY059BrcK2jmOyXvtOZBcAHXCUknh/uPHwAJV2WFWSNid2kNiLOrV+J +3eLTs5sF9wNhxWRhl6/10cwTzjy0Onv5cJh2tjdwksigMRMwz4c839zXORni/tnY ++IY22kNTKu84gB8rBuqUq8MQXNdS3bbROwwNUzpC0D1C1z1fBvyXDL1EwJdz70Wc +2m/Sw6tIid5g98+XMW+Ibt43Jk2XbK71JLhbVbePbAcHVh/UXEtnjhRfX7oyWlwS +a+lkKMiJd/6CQ6bvYsgklE7uEzTpRskpkkOcCk1O+8jfl+DsDwKrvVaNu8tpx45k +TtV4JDA6iEHKakD/zZdVTR79W2CFqBvRfRikc5INOl1OfMQ4ODmjkMl3yI9wrHwS +SQQxdq2XsS7xbU9HDFBEguQDu0rfzILZ9DuKIVHyr/CsRoJ5joj+JvKaUQC81ywQ +aB8EKy5bg4U6 +=IbYW +-----END PGP PUBLIC KEY BLOCK----- diff --git a/spamassassin.spec b/spamassassin.spec index dbe966d..a89509a 100644 --- a/spamassassin.spec +++ b/spamassassin.spec @@ -55,7 +55,7 @@ Name: spamassassin Version: 3.3.0 %define prename rc1 %define proposed .proposed2 -Release: 0.27.%{prename}%{?dist} +Release: 0.28.%{prename}%{?dist} License: ASL 2.0 Group: Applications/Internet URL: http://spamassassin.apache.org/ @@ -70,9 +70,8 @@ Source7: sa-update.crontab Source8: sa-update.cronscript Source9: sa-update.force-sysconfig Source10: spamassassin-helper.sh -Source11: sa-update-channels.txt -Source12: sa-update-keys.txt -Source13: sought-pubkey.txt +Source11: spamassassin-official.conf +Source12: sought.conf # Patches 0-99 are RH specific # none yet # Patches 100+ are SVN backports (DO NOT REUSE!) @@ -178,7 +177,6 @@ install -m 0644 %{SOURCE7} %buildroot/etc/cron.d/sa-update install -m 0644 %{SOURCE9} %buildroot%{_sysconfdir}/sysconfig/sa-update # installed mode 744 as non root users can't run it, but can read it. install -m 0744 %{SOURCE8} %buildroot%{_datadir}/spamassassin/sa-update.cron -install -m 0644 %{SOURCE13} %buildroot%{_datadir}/spamassassin/ [ -x /usr/lib/rpm/brp-compress ] && /usr/lib/rpm/brp-compress @@ -204,9 +202,11 @@ find $RPM_BUILD_ROOT%{perl_vendorlib}/* -type d -print | mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/spamassassin mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/spamassassin -# sa-update channels and keys -install -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/ -install -m 0644 %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/ +# sa-update channels and keyring directory +mkdir -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/sa-update-keys/ +mkdir -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channels/ +install -m 0644 %{SOURCE11} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channels/ +install -m 0644 %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/mail/spamassassin/channels/ # Tell portreserve which port we want it to protect. mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/portreserve @@ -264,6 +264,9 @@ fi exit 0 %changelog +* Mon Dec 28 2009 Warren Togami - 3.3.0-0.28.rc1 +- sa-update channels defined in /etc/mail/spamassassin/channels/*.conf + * Mon Dec 28 2009 Warren Togami - 3.3.0-0.27.rc1 - sa-update runs in cron automatically if spamd or amavisd is running If you use neither, you may force sa-update by editing /etc/sysconfig/sa-update.