Never Ending Security

It starts all here

How To Install and Setup Spamassassin on Linux

How To Install and Setup Spamassassin

Spamassassin is a free and open-source mail filter written in Perl that is used to identify spam using a wide range of heuristic tests on mail headers and body text. It will save your mailbox from much unwanted spam emails.

Before installing Spamassassin, you need to install and setup a mail transfer agent such as Postfix

Install Spamassassin

Use apt-get to install Spamassassin and spamc.

apt-get install spamassassin spamc

Once Spamassassin is installed, there are a few steps that has to be taken to make it fully functional.

Adding Spamassassin User

To run Spamassassin you need to create a new user on your VPS.

First add the group spams:

groupadd spamd

then add the user spamd with the home directory /var/log/spamassassin:

useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd

then create the directory /var/log/spamassassin:

mkdir /var/log/spamassassin

and change the ownership of the directory to spams:

chown spamd:spamd /var/log/spamassassin

Let’s set up Spamassassin now.

Setting Up Spamassassin

Open the spamassassin config file using:

nano /etc/default/spamassassin

To enable Spamassassin find the line

ENABLED=0

and change it to

ENABLED=1

To enable automatic rule updates in order to get the latest spam filtering rules find the line

CRON=0

and change it to

CRON=1

Now create a variable named SAHOME with the Spamassassin home directory:

SAHOME="/var/log/spamassassin/"

Find and change the OPTIONS variable to

OPTIONS="--create-prefs --max-children 2 --username spamd \
-H ${SAHOME} -s ${SAHOME}spamd.log"

This specifies the username Spamassassin will run under as spamd, as well as add the home directory, create the log file, and limit the child processes that Spamassassin can run.

If you have a busy server, feel free to increase the max-children value.

Start the Spamassassin daemon by using the following code:

service spamassassin start

Now, let’s config Postfix.

Configuring Postfix

The emails still do not go through Spamassasin. To do that, open Postfix config file using:

nano /etc/postfix/master.cf

Find the the line

smtp      inet  n       -       -       -       -       smtpd

and add the following

-o content_filter=spamassassin

Now, Postfix will pipe the mail through Spamassassin.

To setup after-queue content filter add the following line to the end of the file

spamassassin unix -     n       n       -       -       pipe
        user=spamd argv=/usr/bin/spamc -f -e  
        /usr/sbin/sendmail -oi -f ${sender} ${recipient}

For the changes to take effect restart postfix:

service postfix restart

Now postfix will use spamassassin as a spam filter.

Configuring Spamassassin

To get the maximum use of Spamassassin you have to create rules.

Open the Spamassassin default rules file using:

nano /etc/spamassassin/local.cf

To activate a rules uncomment line remove the # symbol.

To add a spam header to spam mail uncomment or add the line:

rewrite_header Subject [***** SPAM _SCORE_ *****]

Spamassassin gives a score to each mail after running different tests on it. The following line will mark the mail as spam if the score is more than the value specified in the rule.

required_score           3.0

To use bayes theorem to check mails, uncomment or add the line:

use_bayes               1

To enable bayes auto learning, uncomment or add the line:

bayes_auto_learn        1

After adding the above details, save the file and restart spam assassin.

service spamassassin restart

Testing

To see if Spamassassin is working, you can check the spamassassin log file using:

nano /var/log/spamassassin/spamd.log

or send the email from an external server and check mail headers.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s