Chapter 14. Spamassassin

Table of Contents
14.1. Introduction
14.2. Installing spamassasin
14.3. Using spamassassin with procmail

14.1. Introduction

Spam E-Mail is one of the major problems of the current Internet. Fortunately there are some tools which can help you reducing the amount of spam you get. One of them is using blacklists. A blacklist is a list of known open e-mail relays. With a blacklist you can block e-mails which are sent using one of these open relays. Unfortunately there are a few problems with this method, first of all the database of open relays can never be complete. Besides that some spam is sent using normal ISP-specific SMTP servers.

Another method is scanning the incoming e-mails for common characteristics of spam. This method is comparable with a virus scanner; a filter program knows a large number of spam characteristics and gives each characteristic found in a mail a point. If a defined number of points is exceeded the mail is marked as spam. Spamassassin is that kind of filter.

14.2. Installing spamassasin

14.2.1. SpamAssassin

SpamAssassin is written in Perl, and is available through CPAN (Comprehensive Perl Archive Network). You can install SpamAssassin through the CPAN shell. Execute the following command to enter the CPAN shell:

# perl -MCPAN -e shell

Once the shell is started you can install SpamAssassin:

# o conf prerequisites_policy ask
# install Mail::SpamAssassin

The first command will make the installation of dependencies interactive (in other words, the CPAN shell will ask you to confirm their installation). The second command asks the CPAN shell to install SpamAssassin.

During the installation you will be asked to fill in the e-mail address of the e-mail address or URL that should be used in the report that is sent when something is suspected to be spam. You will also be asked whether you would like to conduct some tests or not. You can answer "n" to these questions.

14.2.2. Starting spamd

It is not a bad idea to start a daemonized version of SpamAssassin which runs in the background. This will speed up mail filtering. The daemon can be started using the following command:

# spamd -c -d

It is a good idea tot add this to /etc/rc.local, so spamd will automatically be started during the initialization process.

14.3. Using spamassassin with procmail

Sendmail will use procmail automatically on the default Slackware Linux installation if procmail is installed. Procmail is a program which processes e-mails and allows you to apply filters. At first we are going to have a look at how to add spamassassin headers to a processed e-mail, after that we are going to look at a method to separate spam from normal e-mail.

14.3.1. Marking messages as spam

The first step is to mark messages as either spam or non-spam. Create a /etc/procmailrc file, if you do not already have one. This is the system-wide procmail configuration file, and applies to all incoming e-mails. Use the ~/.procmailrc file if you want to enable spam marking for an individual account. Add the following lines to the configuration file:

:0 fw
* < 256000
| /usr/bin/spamc -f

The first line says we want to pipe all messages to an external command. The second line makes sure only messages smaller than 256000 bytes are filtered. Spam messages are usually not that large, and adding this line can decrease the system load. Finally, the third line specifies that the messages should be piped through /usr/bin/spamc with the -f parameter.

14.3.2. Moving spam mail to a separate mailbox

Procmail can also be used to move spam to a separate mailbox file. It is not a bad idea to configure this on a user basis, because some users might want to use the filters of their e-mail program to separate spam. In the following example we will move spam messages to the ~/mail/spam mailbox file. To do this add the following lines to ~/.procmailrc:


* ^X-Spam-Status: Yes

First of all MAILDIR is defined, this will create and use the mailboxes in ~/mail/. In the next two lines we say that we want to filter out e-mails with the X-Spam-Status: Yes header, which is added by spamassassin if it believes an e-mail is spam. Finally the mailbox to which the e-mails should be moved is specified.