Chapter 8. Spamassassin (Catching spam)

A lot of the mails on the Internet nowadays is spam. To combat this, I have installed Spamassassin to help weed out the most obvious spams.

Debian has made the exchange of MTA (Mail Transfer Agent) pretty straightforward, and as I have Yet to configure anything which involves a mail-server, there should be no trouble with just changing the default MTA.

8.1. Installing Spamassassin

To install we need to do the magic


apt-get install spamassassin
apt-get install procmail

And it's installed.

8.2. Using spamassassin in postfix

We could let each and every one of the users do the filtering in their own .forward file. I don't want to muck around with that, and therefore integrate the filtering in the postfix setup. This may be a lot more mucking about, but seems to work.

First we create an user to run the filter. This user should be unable to actually log in, but have a valid shell for testing purposes.


groupadd -g 200 filter
useradd -u 200 -g 200 -s /bin/false -d /tmp filter

Then we create the filter file /usr/local/bin/sa-filter.sh , which is used to detect spam.


#!/bin/bash
#
# Spamassasin filter
#
/usr/bin/spamassassin -P | /usr/sbin/sendmail -i "$@"
exit $?

This filter should be owned and executable by filter, so


chown filter:filter /usr/local/bin/sa-filter
chmod 744 /usr/loal/bin/sa-filter

To make spamassassin actually do something, we need to add some configuration. This is done in the /etc/spamassassin/local.cf .


required_hits 5
add_header all Level _STARS(X)_
rewrite_subject 1
subject_tag ***SPAM*** [_HITS_]

And then we need to make sure that the system actually works before activating it in postfix.


cat /usr/share/doc/spamassassin/spam.txt | /usr/local/bin/sa-filter.sh -f <user> -- <user>
cat /usr/share/doc/spamassassin/sample-nonspam.txt.gz | /usr/local/bin/sa-filter.sh -f <user> -- <user>

This should send two mails to <user>'s mailbox. This needs to work before we continue with enabling spamassassin in postfix.

Now that works, and all we need now is to edit the /etc/postfix/master.cf file in order to use the correct transports.

Add a transport for the spamassassin filter:


#
# Spamassassin filter
#
spamassassin    unix    -       n       n       -       -       pipe
	user=filter     argv=/usr/local/bin/sa-filter.sh -f ${sender} -- ${recipient}

And the change the smtp transport lines to read as follows:


smtp      inet  n       -       n       -       -       smtpd
        -o content_filter=spamassassin:
smtp      unix  -       -       n       -       -       smtp
        -o content_filter=spamassassin:

And everything should now be ready to go.