Networking / Beginners

Using SpamAssassin

SpamAssassin is a spam-blocking tool that uses a variety of techniques to weed the spam out of your users' mailboxes. SpamAssassin uses a combination of rule filters that scan for suspicious message content and other telltale signs of spam, as well as blacklists from known spammers. The following sections explain how to install and use it.

Installing SpamAssassin

To configure SpamAssassin for basic spam filtering, follow these steps:

  1. Ensure that Procmail is installed as your MDA.
    In Fedora, Procmail is installed by default. To make sure it's enabled, open the file /etc/mail/ and make sure it includes the following line:
    FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u') dnl
    If this line is missing, add it and then restart Sendmail.
  2. Ensure that the spamassassin daemon is running.
    You can do that by choosing Applications → System Settings → Server Settings → Services and looking for spamassassin in the services list. Or, at a console prompt, enter this command:
    service spamassassin status
    If SpamAssassin isn't running, enter this command:
    chkconfig --level 35 spamassassin on
    Whenever you make a configuration change, you should stop and restart the service with this command:
    service spamassassin restart
  3. Create a file named procmailrc in the /etc directory.
    Use gedit or your favorite text editor. The file should contain these two lines:
    | /usr/bin/spamc
    These lines cause Procmail to run all incoming mail through the SpamAssassin client program.
  4. Restart Sendmail and SpamAssassin.
    You can do this from Applications → System Settings → Server Settings → Services, or you can enter these commands at a console prompt:
    service sendmail restart
    service spamassassin restart

SpamAssassin should now be checking for spam. To make sure it's working, send some e-mail to one of the mailboxes on your system and then open the mailbox file for that user in \var\mail and examine the message that was sent. If the message headers include several lines that begin with X-Spam, SpamAssassin is doing its job.

Customizing SpamAssassin

You can configure SpamAssassin by editing the configuration file /etc/ mail/spamassassin/ This file contains SpamAssassin rules that are applied system wide, though you can override these rules for individual users by creating a user_prefs file in each user's $HOME/.spam assassin directory.

In Fedora, the default file contains the following lines:

required_hits 5
report_safe 0
rewrite_header Subject [SPAM]

These lines cause SpamAssassin to add the word [SPAM] to the start of the subject line for any message that scores 5 or higher on SpamAssassin's spam scoring algorithm.

Although you can configure SpamAssassin to automatically delete messages that score above a specified value, most antispam experts recommend against it. Instead, adding a word such as [SPAM] to the header lets each user decide how he or she wants to handle spam by using a message filter on his or her e-mail client that either deletes the marked messages or moves them to a Spam folder.

No matter how you configure SpamAssassin, you will inevitably get some false positives. For example, a long-lost friend who moved to Nigeria will e-mail you a joke about Viagra using a Hotmail account. Odds are good that SpamAssassin will mark this message as spam. That's why arbitrarily deleting messages marked as spam isn't such a great idea, especially on a systemwide basis. Better to simply mark the messages and then let your users decide how to deal with the spam.

Blacklisting and whitelisting e-mail addresses

SpamAssassin lets you blacklist or whitelist a specific e-mail address or an entire domain. When you blacklist an address, any mail from the address will automatically be blocked, regardless of the message contents. Conversely, when you whitelist an address, all mail from the address will be allowed through, even if the message would otherwise be blocked as spam.

Whitelisting is a powerful tool for making sure that the people you correspond with on a regular basis don't get their e-mail accidentally blocked by SpamAssassin. As a result, it's a good idea to add your friends, relatives, and especially your customers to a whitelist.

Likewise, blacklisting lets you mark spammers who have managed to get their spam into your system in spite of SpamAssassin's best efforts to detect their true intent.

To whitelist an address, add a line such as the following to /etc/mail/spamassassin/local.rc:


This allows all mail from to be delivered, even if the mail might otherwise look like spam.

To blacklist an address, add a line like this:


This blocks all mail from your Aunt Ida.

[Previous] [Contents] [Next]