How to install and integrate SpamAssassin with Exim on a CentOS

spamassassinIn the following tutorial we are going to cover the procedure of installing and integrating SpamAssassin with Exim on a CentOS 7 Linux VPS. Once the set-up is completed, SpamAssassin will be able to scan and mark the emails detected as SPAM.

What is SpamAssassin?

It is a software program released under the Apache License 2.0 used for e-mail spam filtering based on content-matching rules. It is a very intelligent email filter which uses a diverse range of tests to identify unsolicited bulk email and apply the tests to email headers and content to classify email using advanced statistical methods.

Before proceeding any further, make sure you have a mailserver with Exim setup on your SSD virtual server. You can follow our great article on how to setup a mailserver with Exim and Dovecot on a CentOS 7 VPS if you don’t have Exim setup already on your Linux VPS.

UPDATE THE SYSTEM

ssh to your server and initiate a screen session using the command below:

# screen -U -S exim-spamd

once you’re in a screen session, update your CentOS 7 VPS using yum as in:

# yum update

INSTALL SPAMASSASSIN

SpamAssassin is available in CentOS 7 base repository, so you can easily install it using yum:

# yum install spamassassin

Once it’s installed, edit /etc/mail/spamassassin/local.cf using your favorite editor and set the following:

# vim /etc/mail/spamassassin/local.cf

required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
required_score 5.0

with all that in place, proceed with starting spamassassin up and adding it to your system’s startup using systemctl

# systemctl start spamassassin
# systemctl status spamassassin
# systemctl enable spamassassin

update spamassassin rules using:

# sa-update –nogpg

next, check if spamassassin is listening on localhost (127.0.0.1) on port 783 using ss from iproute2:

# ss -tnlp | grep spamd
LISTEN 0 0 127.0.0.1:783 *:* users:((“spamd child”,1207,5),(“spamd child”,1206,5),(“/usr/bin/spamd “,1205,5))

CONFIGURE EXIM WITH SPAMASSASSIN

OK, next thing to do is to configure Exim to utilize Spamassassin for scanning and tagging unsolicited emails as SPAM. So, make a backup of your current Exim configuration file using:

# cp /etc/exim/exim.conf{,.backup-no-spamd}

Next, edit exim.conf and add the following line in the beginning of the file:

# vim /etc/exim/exim.conf
system_filter = /etc/exim/filters

Next, add or uncomment the spamd_address line as in:

# vim /etc/exim/exim.conf
spamd_address = 127.0.0.1 783

and add the following within the ACLs section in your Exim configuration file:

# vim /etc/exim/exim.conf

Bypass SpamAssassin checks if the message is too large.

accept  condition  = ${if >={$message_size}{100000} {1}}
add_header = X-Spam-Note: SpamAssassin run bypassed due to message size

Run SpamAssassin, but allow for it to fail or time out. Add a warning message
and accept the mail if that happens. Add an X-Spam-Flag: header if the SA
score exceeds the SA system threshold.

warn    spam       = nobody/defer_ok
add_header = X-Spam-Flag: YES
add_header = X-Spam-Subject: [SPAM] $h_Subject

accept  condition  = ${if !def:spam_score_int {1}}
add_header = X-Spam-Note: SpamAssassin invocation failed

Unconditionally add score and report headers

warn    add_header = X-Spam-Score: $spam_score ($spam_bar)\n\
X-Spam-Report: $spam_report

Next, create the following Exim system filters in /etc/exim/filters:

# vim /etc/exim/filters
if $h_X-Spam-Flag: contains “YES”
then
headers add “Old-Subject: $h_subject”
headers remove “Subject”
headers add “Subject: [SPAM] $h_old-subject”
headers remove “Old-Subject”
endif

and restart Exim for the changes to take effect using:

# systemctl restart exim
# systemctl status exim

TEST SPAMASSASSIN

To test the setup, simply send a test email with subject XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X to any email account available on the mailserver and you should see the following lines in the email header:

X-Spam-Flag: YES
X-Spam-Subject: [SPAM] XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
X-Spam-Score: 1000.0 (+++++++++++++++++++++++++++++++++++++++++++++++++++)
X-Spam-Report: Spam detection software, running on the system “mail.mydomain.com”, has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn’t spam) or label
similar future email.  If you have any questions, see
@@CONTACT_ADDRESS@@ for details.

Content preview:  nov spam email […]

Content analysis details:   (1000.0 points, 5.0 required)

pts rule name              description
—- ———————- ————————————————–
-0.0 T_RP_MATCHES_RCVD      Envelope sender domain matches handover relay
domain
1000 GTUBE                  BODY: Generic Test for Unsolicited Bulk Email

How to install and integrate SpamAssassin with Exim on a CentOS
Written by: AFRIDA YANTI
Reting: 4.9


Cheap Best Hosting is a leading provider of web hosting, shared hosting, resellers hosting, virtual private servers, vps hosting, dedicated servers and domain name registration.


Follow me on Google+ | Twitter | Facebook | Linkedin | YouTube

Share This Post

Recent Articles

Leave a Reply

© 2017 Cheap Best Hosting Blog. All rights reserved. · Entries RSS · Comments RSS
Hosting By Cheap Best Hosting