How can I configure Spamassassin to filter all the incoming mail on my server?

Updated 16 Sept 2012

Spamassassin is a powerful spam detection system that uses a variety of methods to identify spam in incoming mail. Using Spamassassin in combination with the Mail Deliver Agent (MDA) Procmail, it can filter mail identified as spam in different ways. For example, there is the choice to delete it, put it in a special folder, or change the subject line to indicate that it is spam. Setting up Spamassassin and Procmail for basic scanning of all incoming mail is a fairly straightforward process. This article assumes that there is a working MTA configured for the system and that the procmail and spamassassin packages are installed.

The first step is configuring the Mail Transport Agent (MTA) to send all incoming mail to the Procmail program for further processing. Procmail will then hand each message off to Spamassassin for scanning. If the MTA is Sendmail (the default MTA on Red Hat Enterprise Linux), then it is already configured to use Procmail. If the system's default MTA is Postfix, you will need to issue the following commands:

postconf -e "mailbox_command" = "/usr/bin/procmail"
service postfix reload

Next, open the /etc/procmailrc file for editing (if the file does not exist on the system, go ahead and create it). The file should contain the following content:

# /etc/procmailrc
# Send all mail through Spamassassin
:0 fw
* < 256000
| /usr/bin/spamc -f -u mail

Edit Spamassassin's default configuration file, /etc/sysconfig/spamassassin:

# /etc/sysconfig/spamassassin
# Options for spamd
SPAMDOPTIONS="-d -c -u mail"

Start the Spamassassin service:

service spamassassin start;
chkconfig spamassassin on

To test it, execute the command:

tail -f /var/log/maillog

In a different terminal window send a test message to a local user. All incoming mail should be handed off to Spamassassin for processing:

Nov  5 08:31:52 giles sendmail[20943]: jA5DVqvN020943: to=root, ctladdr=user (10083/10083), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30049, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (jA5DVqJL020944 Message accepted for delivery)
Nov  5 08:31:52 giles spamd[20935]: connection from localhost.localdomain [127.0.0.1] at port 35214
Nov  5 08:31:52 giles spamd[20935]: processing message <200511051331.jA5DVqvN020943@example.com> for mail:8.
Nov  5 08:31:53 giles spamd[20935]: clean message (-2.8/5.0) for mail:8 in 1.2 seconds, 687 bytes.
Nov  5 08:31:53 giles spamd[20935]: result: . -2 - ALL_TRUSTED scantime=1.2,size=687,mid=<200511051331.jA5DVqvN020943@example.com>,autolearn=ham
Nov  5 08:31:53 giles sendmail[20945]: jA5DVqJL020944: to=, ctladdr= (10083/10083), delay=00:00:01, xdelay=00:00:01, mailer=local, pri=30622, dsn=2.0.0, stat=Sent

See additional articles in the Knowledgebase for details on more advanced filtering options.

Components

Tags

mail

Article Type

General