SpamAssasin is the last weapon from our arsenal that we will use to keep spam away from our mail server.
Install needed packages:
|
1 |
apt-get install spamassassin spamc |
We ned to add user that will be running spamassasin on our server:
|
1 2 3 |
groupadd spamd useradd -g spamd -s /bin/false spamd chown spamd:spamd -R /etc/spamassassin/ |
User is ready now we need configure SA to use it:
|
1 2 3 4 5 6 7 8 9 10 11 |
#vim /etc/default/spamassassin # If you're using systemd (default for jessie), the ENABLED setting is # not used. Instead, enable spamd by issuing: # systemctl enable spamassassin.service # Change to "1" to enable spamd on systems using sysvinit: ENABLED=1 SPAMD_HOME="/home/spamd/" OPTIONS="--create-prefs --max-children 5 --username spamd --helper-home-dir /home/spamd/ -s /home/spamd/spamd.log" PIDFILE="/home/spamd/spamd.pid" CRON=1 |
Start SA:
|
1 |
service spamassassin start |
Add SpamAssassin Support to postfix:
|
1 2 3 4 5 6 7 8 9 |
#vim /etc/postfix/master.cf # on the bottom of file add: spamassassin unix - n n - - pipe user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} # in every protocol we use (ex. smtps, submission) we should add this line below to forward mails to spamassasin: -o content_filter=spamassassin |
Restart postfix:
|
1 |
service postfix restart |
We need to create rules for SA:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
#/etc/spamassassin/local.cf rewrite_header Subject ***** SPAM _SCORE_ ***** report_safe 0 required_score 5.0 use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 skip_rbl_checks 0 use_razor2 0 use_dcc 0 use_pyzor 0 #Adjust scores for SPF FAIL score SPF_FAIL 4.0 score SPF_HELO_FAIL 4.0 score SPF_HELO_SOFTFAIL 3.0 score SPF_SOFTFAIL 3.0 #adjust DKIM scores score DKIM_ADSP_ALL 3.0 score DKIM_ADSP_DISCARD 10.0 score DKIM_ADSP_NXDOMAIN 3.0 |
Restart service to be sure we use newest rules:
|
1 |
service spamassassin restart |
To test spamassasin we can send mail from external mail server to our server and check header to see if spamassasin added his header with scoring.
Update 05/11/2016:
I notice that spamassassin throw error in syslog
|
1 |
warn: config: failed to parse line, skipping, in "/etc/spamassassin/local.cf": use_dcc 0 |
This can be fix easily by commenting out use_dcc line or adding dcc and not use it (pointless)
Rest post related to this topic:
Postfix i Dovecot – perfect duo for mail server
Fight against spam part 1 – Postfix SPF
Fight against spam part 2 – Postfix DKIM
Fight against spam part 3 – Postfix DMARC
Fight against spam part 5 – Dovecot Sieve
