Configuring SpamAssassin for Postfix on CentOS

In the process of receiving email, spamassassin will stand between the outside world and the email services running on your server itself. If it finds, according to its definition rules and configuration, that an incoming message is spam, it will rewrite the subject line to clearly identify it as such. Let’s see how.

The main configuration file is /etc/mail/spamassassin/local.cf, and we should make sure the following options are available (add them if they are not present or uncomment if necessary):

local.cf
report_safe 0
required_score 8.0
rewrite_header Subject [SPAM]

When report_safe is set to 0 (recommended value), incoming spam is only modified by modifying the email headers as per rewrite_header. If it is set to 1, the message will be deleted. To set the aggressivity of the spam filter, required_score must be followed by an integer or decimal number. The lesser the number, the more sensitive the filter becomes. Setting required_score to a value somewhere between 8.0 and 10.0 is recommended for a large system serving many (~100s) email accounts. Once you’ve saved those changes, enable and start the spam filter service, and then update the spam rules:

/etc/init.d/spamassassin restart

For more configuration options, you may want to refer to the documentation by running

perldoc Mail::SpamAssassin::Conf

Integrating Postfix and SpamAssassin

In order to efficiently integrate Postfix and spamassassin, we will need to create a dedicated user and group to run the spam filter daemon:

# useradd spamd -s /bin/false -d /var/log/spamassassin

Next, add the following line at the bottom of /etc/postfix/master.cf:

spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

And indicate (at the top) that spamassassin will serve as content_filter:

-o content_filter=spamassassin

Finally, restart Postfix to apply changes:

/etc/init.d/postfix restart

To verify that SpamAssassin is working properly and detecting incoming spam, a test known as GTUBE (Generic Test for Unsolicited Bulk Email) is provided.

To perform this test, send an email from a domain outside your network (such as Yahoo!, Hotmail, or Gmail) to an account residing in your email server. Set the Subject line to whatever you want and include the following text in the message body:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

For example, sending the above text in a message body from my Gmail account produces the following result:

Monitor SpamAssassin Mail Logs

As you can see in the image above, this email message got a spam score of 1002.3. Additionally, you can test spamassassin right from the command line:

# spamassassin -D < /usr/share/doc/spamassassin-3.4.0/sample-spam.txt

The above command will produce some really verbose output that should include the following:

Test SpamAssassin Spam from Commandline

If these tests are not successful, you may want to refer to the spamassassin integrations guide.

Src: https://www.tecmint.com/integrate-clamav-and-spamassassin-to-protect-postfix-mails-from-viruses/

Share

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.