Spamassassin - Manual Rule Updates

This is a quick doc I wrote up and used for 3.1 updates, it's possible to not be complete. - tvd

  • make a tar file that you're happy with (#.tar.gz) make sure that you only include files! ie:

tar cf #.tar *

and not

tar cf #.tar .
  • if you want, double check files-only with:

tar tvvf #.tar
  • compress the tar file with gzip -9

  • log into the zones machine

  • sudo -u updatesd -s

  • copy the tar file into /var/www/

  • generate the sha1 and gpg files appropriately:

/local/gnupg-1.4.2/bin/gpg --batch --homedir /home/updatesd/key -bas #.tar.gz
/local/perl586/bin/perl /home/updatesd/svn/spamassassin/build/ #.tar.gz > #.tar.gz.sha1
  • make sure the file permissions for #.tar.gz.* are set to 0444:

chmod 0444 #.tar.gz.*
  • update /var/named/ with #

  • run /home/updatesd/svn/spamassassin/build/mkupdates/tick_zone_serial

As Commands

jm -- this is more "concrete" and cut-and-pasteable...

on the zone, check out the relevant SVN paths:

svn co ~/b31
cd ~/b31
svn co rules-3.1

Run a lint:

cd ~/b31
perl Makefile.PL; make
./spamassassin -C ./rules-3.1 -p /nonexistent --siteconfigpath=/nonexistent --lint

Quit here if that lint check fails.

cd ~/b31/rules-3.1
rev=`svn info | perl -ne '/Revision: (\d+)/ and print $1'`
echo $rev
tar cf $rev.tar *.{cf,pre}
tar tvf $rev.tar
rm $rev.tar.gz; gzip -9 $rev.tar
sudo -u updatesd rm -f /var/www/$rev.tar.gz
sudo -u updatesd cp $rev.tar.gz /var/www/
cd /var/www/
sudo -u updatesd rm -f $rev.tar.gz.sha1 $rev.tar.gz.asc
sudo -u updatesd /local/gnupg-1.4.2/bin/gpg --batch \
--homedir /home/updatesd/key -bas $rev.tar.gz
sudo -u updatesd /local/perl586/bin/perl \
/home/updatesd/svn/spamassassin/build/ $rev.tar.gz \
> ~/$rev.tar.gz.sha1
sudo -u updatesd cp ~/$rev.tar.gz.sha1 .
sudo -u updatesd chmod 0444 *.tar.gz.* *.tar.gz
echo '*.1.3 TXT "'$rev'"' > ~/newzoneline

Update the DNS zone file:

sudo vi /var/named/
:r ~/newzoneline
[and replace the existing line with that]

sudo -u updatesd /home/updatesd/svn/spamassassin/build/mkupdates/tick_zone_serial

And you're done.

TODO: this should probably be a standalone script like the 3.2.0 updates.