NAME

Mail::SpamAssassin::Plugin::GoogleSafeBrowsing - SpamAssassin plugin to score mail based on Google blocklists.

SYNOPSIS

  loadplugin Mail::SpamAssassin::Plugin::GoogleSafeBrowsing
  body GOOGLE_SAFEBROWSING eval:check_google_safebrowsing_blocklists()

DESCRIPTION

Score messages by checking the URIs they contain against Google's safebrowsing tables. See http://code.google.com/apis/safebrowsing/

CONFIGURATION

The GoogleSafeBrowsing SpamAssassin plugin relies on a local cache of the URI tables to scan messages. The local cache should be updated at least once every 30 minutes. The recommended setup looks something like:

Install the required Perl modules:
  Net::Google::SafeBrowsing::Blocklist
  Net::Google::SafeBrowsing::UpdateRequest
  Mail::SpamAssassin::Plugin::GoogleSafeBrowsing
Get an API key from Google

http://code.google.com/apis/safebrowsing/key_signup.html

Use the blocklist_updater Perl script to keep the local cache up to date.

Install a cron job that, every 25 minutes or so, runs something like:

  APIKEY=ABCD...
  for LIST in goog-black-hash goog-malware-hash; do
    blocklist_updater --apikey "$APIKEY" --blocklist $LIST --dbfile /var/cache/spamassassin/${LIST}-db
  done

"goog-black-hash" and "goog-malware-hash" are the only lists Google has for now. goog-black-hash seems to be a list for the worst sites.

Configure spamassassin

Typically in local.cf, include lines: loadplugin Mail::SpamAssassin::Plugin::GoogleSafeBrowsing body GOOGLE_SAFEBROWSING eval:check_google_safebrowsing_blocklists()

  google_safebrowsing_dir /var/cache/spamassassin
  google_safebrowsing_apikey ABCD...
  google_safebrowsing_blocklist goog-black-hash 0.2
  google_safebrowsing_blocklist goog-malware-hash 0.1

In this example, for each URI in a message that has a match in goog-black-hash, add 0.2 to the message's spam score.