How to install and integrate SpamAssassin with Exim on a CentOS 7 VPS

How to install and integrate SpamAssassin with Exim on a CentOS 7 VPSIn the following tutorial we are going to cover the procedure of installing and integrating SpamAssassin with Exim on a CentOS 7 Linux VPS. Once the set-up is completed, SpamAssassin will be able to scan and mark the emails detected as SPAM.

What is SpamAssassin?

It is a software program released under the Apache License 2.0 used for e-mail spam filtering based on content-matching rules. It is a very intelligent email filter which uses a diverse range of tests to identify unsolicited bulk email and apply the tests to email headers and content to classify email using advanced statistical methods.

 

Before proceeding any further, make sure you have a mailserver with Exim setup on your SSD virtual server. You can follow our great article on how to setup a mailserver with Exim and Dovecot on a CentOS 7 VPS if you don’t have Exim setup already on your Linux VPS.

 

UPDATE THE SYSTEM

ssh to your server and initiate a screen session using the command below:

## screen -U -S exim-spamd

once you’re in a screen session, update your CentOS 7 VPS using yum as in:

## yum update

 

INSTALL SPAMASSASSIN

SpamAssassin is available in CentOS 7 base repository, so you can easily install it using yum:

## yum install spamassassin

Once it’s installed, edit /etc/mail/spamassassin/local.cf using your favorite editor and set the following:

## vim /etc/mail/spamassassin/local.cf

required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
required_score 5.0

with all that in place, proceed with starting spamassassin up and adding it to your system’s startup using systemctl

## systemctl start spamassassin
## systemctl status spamassassin
## systemctl enable spamassassin

update spamassassin rules using:

## sa-update --nogpg

next, check if spamassassin is listening on localhost (127.0.0.1) on port 783 using ss from iproute2:

## ss -tnlp | grep spamd
LISTEN 0 0 127.0.0.1:783 *:* users:(("spamd child",1207,5),("spamd child",1206,5),("/usr/bin/spamd ",1205,5))

 

CONFIGURE EXIM WITH SPAMASSASSIN

OK, next thing to do is to configure Exim to utilize Spamassassin for scanning and tagging unsolicited emails as SPAM. So, make a backup of your current Exim configuration file using:

## cp /etc/exim/exim.conf{,.backup-no-spamd}

Next, edit exim.conf and add the following line in the beginning of the file:

## vim /etc/exim/exim.conf
system_filter = /etc/exim/filters

Next, add or uncomment the spamd_address line as in:

## vim /etc/exim/exim.conf
spamd_address = 127.0.0.1 783

and add the following within the ACLs section in your Exim configuration file:

## vim /etc/exim/exim.conf

# Bypass SpamAssassin checks if the message is too large.
#
accept  condition  = ${if >={$message_size}{100000} {1}}
      add_header = X-Spam-Note: SpamAssassin run bypassed due to message size

# Run SpamAssassin, but allow for it to fail or time out. Add a warning message
# and accept the mail if that happens. Add an X-Spam-Flag: header if the SA
# score exceeds the SA system threshold.
#
warn    spam       = nobody/defer_ok
       add_header = X-Spam-Flag: YES
       add_header = X-Spam-Subject: [SPAM] $h_Subject

accept  condition  = ${if !def:spam_score_int {1}}
       add_header = X-Spam-Note: SpamAssassin invocation failed

# Unconditionally add score and report headers
#
warn    add_header = X-Spam-Score: $spam_score ($spam_bar)\n\
                    X-Spam-Report: $spam_report

Next, create the following Exim system filters in /etc/exim/filters:

## vim /etc/exim/filters
if $h_X-Spam-Flag: contains "YES"
then
    headers add "Old-Subject: $h_subject"
    headers remove "Subject"
    headers add "Subject: [SPAM] $h_old-subject"
    headers remove "Old-Subject"
endif

and restart Exim for the changes to take effect using:

## systemctl restart exim
## systemctl status exim

 

TEST SPAMASSASSIN

To test the setup, simply send a test email with subject XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X to any email account available on the mailserver and you should see the following lines in the email header:

X-Spam-Flag: YES
X-Spam-Subject: [SPAM] XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
X-Spam-Score: 1000.0 (+++++++++++++++++++++++++++++++++++++++++++++++++++)
X-Spam-Report: Spam detection software, running on the system "mail.mydomain.com", has
 identified this incoming email as possible spam.  The original message
 has been attached to this so you can view it (if it isn't spam) or label
 similar future email.  If you have any questions, see
 @@CONTACT_ADDRESS@@ for details.
 
 Content preview:  nov spam email [...] 
 
 Content analysis details:   (1000.0 points, 5.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 T_RP_MATCHES_RCVD      Envelope sender domain matches handover relay
                             domain
 1000 GTUBE                  BODY: Generic Test for Unsolicited Bulk Email

 

LET US DO THIS FOR YOU?

Of course you don’t have to do any of this if you use one of our Linux VPS Hosting services, in which case you can simply ask our expert Linux admins to install and integrate SpamAssassin with Exim. They are available 24×7 and will take care of your request immediately.

PS. If you liked this post please share it with your friends on the social networks using the buttons on the left or simply leave a reply below. Thanks.

Leave a Comment