In the following tutorial we are going to cover the procedure of installing and integrating SpamAssassin with Exim on a CentOS 7 Linux VPS. Once the set-up is completed, SpamAssassin will be able to scan and mark the emails detected as SPAM.
What is SpamAssassin?
It is a software program released under the Apache License 2.0 used for e-mail spam filtering based on content-matching rules. It is a very intelligent email filter which uses a diverse range of tests to identify unsolicited bulk email and apply the tests to email headers and content to classify email using advanced statistical methods.
Before proceeding any further, make sure you have a mailserver with Exim setup on your SSD virtual server. You can follow our great article on how to setup a mailserver with Exim and Dovecot on a CentOS 7 VPS if you don’t have Exim setup already on your Linux VPS.
UPDATE THE SYSTEM
ssh to your server and initiate a screen session using the command below:
## screen -U -S exim-spamd
once you’re in a screen session, update your CentOS 7 VPS using yum as in:
## yum update
INSTALL SPAMASSASSIN
SpamAssassin is available in CentOS 7 base repository, so you can easily install it using yum:
## yum install spamassassin
Once it’s installed, edit /etc/mail/spamassassin/local.cf using your favorite editor and set the following:
## vim /etc/mail/spamassassin/local.cf required_hits 5 report_safe 0 rewrite_header Subject [SPAM] required_score 5.0
with all that in place, proceed with starting spamassassin up and adding it to your system’s startup using systemctl
## systemctl start spamassassin ## systemctl status spamassassin ## systemctl enable spamassassin
update spamassassin rules using:
## sa-update --nogpg
next, check if spamassassin is listening on localhost (127.0.0.1) on port 783 using ss from iproute2:
## ss -tnlp | grep spamd
LISTEN 0 0 127.0.0.1:783 *:* users:(("spamd child",1207,5),("spamd child",1206,5),("/usr/bin/spamd ",1205,5))
CONFIGURE EXIM WITH SPAMASSASSIN
OK, next thing to do is to configure Exim to utilize Spamassassin for scanning and tagging unsolicited emails as SPAM. So, make a backup of your current Exim configuration file using:
## cp /etc/exim/exim.conf{,.backup-no-spamd}
Next, edit exim.conf and add the following line in the beginning of the file:
## vim /etc/exim/exim.conf system_filter = /etc/exim/filters
Next, add or uncomment the spamd_address line as in:
## vim /etc/exim/exim.conf spamd_address = 127.0.0.1 783
and add the following within the ACLs section in your Exim configuration file:
## vim /etc/exim/exim.conf
# Bypass SpamAssassin checks if the message is too large.
#
accept condition = ${if >={$message_size}{100000} {1}}
add_header = X-Spam-Note: SpamAssassin run bypassed due to message size
# Run SpamAssassin, but allow for it to fail or time out. Add a warning message
# and accept the mail if that happens. Add an X-Spam-Flag: header if the SA
# score exceeds the SA system threshold.
#
warn spam = nobody/defer_ok
add_header = X-Spam-Flag: YES
add_header = X-Spam-Subject: [SPAM] $h_Subject
accept condition = ${if !def:spam_score_int {1}}
add_header = X-Spam-Note: SpamAssassin invocation failed
# Unconditionally add score and report headers
#
warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\
X-Spam-Report: $spam_report
Next, create the following Exim system filters in /etc/exim/filters:
## vim /etc/exim/filters
if $h_X-Spam-Flag: contains "YES"
then
headers add "Old-Subject: $h_subject"
headers remove "Subject"
headers add "Subject: [SPAM] $h_old-subject"
headers remove "Old-Subject"
endif
and restart Exim for the changes to take effect using:
## systemctl restart exim ## systemctl status exim
TEST SPAMASSASSIN
To test the setup, simply send a test email with subject XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X to any email account available on the mailserver and you should see the following lines in the email header:
X-Spam-Flag: YES
X-Spam-Subject: [SPAM] XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
X-Spam-Score: 1000.0 (+++++++++++++++++++++++++++++++++++++++++++++++++++)
X-Spam-Report: Spam detection software, running on the system "mail.mydomain.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: nov spam email [...]
Content analysis details: (1000.0 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain
1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email
LET US DO THIS FOR YOU?
Of course you don’t have to do any of this if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to install and integrate SpamAssassin with Exim. They are available 24×7 and will take care of your request immediately.
PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.