About Spamassassin

Spamassassin is a free and open-source mail filter written in Perl that is used to identify spam using a wide range of heuristic tests on mail headers and body text. It will save your mailbox from much unwanted spam emails.

1. Prerequisites

Before installing Spamassassin, you need to install and setup a mail transfer agent such as Postfix on your virtual private server.

You can find instructions on that here

2. Install Spamassassin

Use apt-get to install Spamassassin and spamc.

apt-get install spamassassin spamc

Once Spamassassin is installed, there are a few steps that has to be taken to make it fully functional.

3. Adding Spamassassin User

To run Spamassassin you need to create a new user on your VPS.

4. First add the group spams:

groupadd spamd

then add the user spamd with the home directory /var/log/spamassassin:

useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd

then create the directory /var/log/spamassassin:

mkdir /var/log/spamassassin

and change the ownership of the directory to spams:

chown spamd:spamd /var/log/spamassassin

Let's set up Spamassassin now.

5. Setting Up Spamassassin

Open the spamassassin config file using:

nano /etc/default/spamassassin

To enable Spamassassin find the line

ENABLED=0

and change it to

ENABLED=1

6. To enable automatic rule updates in order to get the latest spam filtering rules find the line

CRON=0

and change it to

CRON=1

Now create a variable named SAHOME with the Spamassassin home directory:

SAHOME="/var/log/spamassassin/"

Find and change the OPTIONS variable to

OPTIONS="--create-prefs --max-children 2 --username spamd -H ${SAHOME} -s ${SAHOME}spamd.log"

This specifies the username Spamassassin will run under as spamd, as well as add the home directory, create the log file, and limit the child processes that Spamassassin can run.

7. If you have a busy server, feel free to increase the max-children value.

Start the Spamassassin daemon by using the following code:

service spamassassin start

Now, let's config Postfix.

Configuring Postfix

The emails still do not go through Spamassasin. To do that, open Postfix config file using:

nano /etc/postfix/master.cf

Find the the line

smtp      inet  n       -       -       -       -       smtpd

and add the following

-o content_filter=spamassassin

Now, Postfix will pipe the mail through Spamassassin.

To setup after-queue content filter add the following line to the end of the file

spamassassin unix -     n       n       -       -       pipe

        user=spamd argv=/usr/bin/spamc -f -e  

        /usr/sbin/sendmail -oi -f ${sender} ${recipient}

For the changes to take effect restart postfix:

service postfix restart

Now postfix will use spamassassin as a spam filter.

Configuring Spamassassin on your VPS

To get the maximum use of Spamassassin you have to create rules.

Open the Spamassassin default rules file using:

nano /etc/spamassassin/local.cf

To activate a rules uncomment line remove the # symbol.

To add a spam header to spam mail uncomment or add the line:

rewrite_header Subject [***** SPAM _SCORE_ *****]

Spamassassin gives a score to each mail after running different tests on it. The following line will mark the mail as spam if the score is more than the value specified in the rule.

required_score           3.0

To use bayes theorem to check mails, uncomment or add the line:

use_bayes               1

To enable bayes auto learning, uncomment or add the line:

bayes_auto_learn        1

After adding the above details, save the file and restart spam assassin.

service spamassassin restart

Testing

To see if Spamassassin is working, you can check the spamassassin log file using:

nano /var/log/spamassassin/spamd.log

or send the email from an external server and check the mail headers.

En Centos, hay que seguir los siguientes pasos para instalar SPAMASSASSIN

## screen -U -S spamc-screen

## yum update

## yum install spamassassin

## groupadd spamfilter

## useradd -g spamfilter -s /bin/false -d /usr/local/spamassassin spamfilter

## chown spamfilter: /usr/local/spamassassin

Ahora toca configurar SPAMASSASSIN

## vim /etc/mail/spamassassin/local.cf

## Required_hits: This determines the filter balance; the lower the score the more aggressive the filter.
# A setting of 5.0 is generally effective for a small organisation or a single user.
# Adjust the strictness score to your organization's needs - a large medical organisation might want  to let email items
# through that are trying to sell pharmaceuticals, so we might increase the level to a more modest 8.0.
required_hits 5
## Report_safe:  This line determines whether to delete the item or to move the item to the inbox whilst appending
# a spam notice to the subject line. The levels for this line are set to either a 1 or 0. A score of 1 will delete the spam item,
# whereas a score of 0 will send the item to the inbox and rewrite the subject line.
report_safe 0
rewrite_header Subject [**SPAM**]
## Required_score: This line sets the spam score for all email allowed through to your domain, with levels of certainty set from 0 to 5.
# Zero would be classified as a legitimate email item, whereas 5 would be an definite 'SPAM' item.  If we set the score to 3 we would catch a
# lot of unsolicited emails but quite a few false positives would still get through. For our example email server we will use the score of 5,
# but you can of course set this value according to your preference.
required_score 5.0

## vim /etc/sysconfig/spamassassin

Agregar lo siguiente

SAHOME="/usr/local/spamassassin"
SPID_DIR="/var/run/spamassassin"
SUSER="spamfilter"
SPAMDOPTIONS="-d -c -m5 --username ${SUSER} -H ${SAHOME} -s ${SAHOME}/spamfilter.log"

## service spamassassin start

## chkconfig spamassassin on

AHORA HAY QUE CONFIGURAR POSTFIX

## vim /etc/postfix/master.cf

Agregar las siguientes líneas en el fichero.

smtp      inet  n       -       n       -       -       smtpd -o content_filter=spamassassin
spamassassin unix -     n       n       -       -       pipe user=spamfilter argv=/usr/bin/spamc -f -e  /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Y luego reiniciar postfix

## service postfix restart