![]() There are spammers who send empty message with no subject and no textual parts in the body. I think the default score for this kind of email is low, I prefer to set it to 3.0. Some spammers uses two email addresses in the From: header field like below. score MISSING_FROM 5.0Īlthough the To: header field is not mandatory in RFC 5322, I prefer to set a high score if it’s missing in an email message because I have never seen a legitimate email missing this header field. sudo nano /etc/mail/spamassassin/local.cfįor example, RFC 5322 requires that every email message must have From: and Date: header fields, so I can set a very high score if either of them is missing in an email message by appending the following two lines in local.cf file. If you think the default score is too low or too high for a certain test, you can set custom score in /etc/mail/spamassassin/local.cf file. In the 50_scores.cf and 72_scores.cf file, you can see the default scores for various tests. header _HAS_FROM exists:Fromĭescribe MISSING_FROM Missing From: header Set Custom Score for Existing Rules header _HAS_DATE exists:Dateĭescribe MISSING_DATE Missing Date: headerĪnd these 3 lines are for testing if there’s a From: header in the email message. The following 3 lines are for testing if there’s a Date: header in the email message. The uppercase letters is the name of this test. The second line, which is optional, explains what the first line does. The first line tests if the To: header exists in an email message. header MISSING_HEADERS eval:check_for_missing_to_header()ĭescribe MISSING_HEADERS Missing To: header In the /usr/share/spamassassin/20_head_tests.cf file, you can find the following two lines. SpamAssassin ships with many spam detection rules in /usr/share/spamassassin/ directory. sudo systemctl status postfix spamass-milter Checking Email Header and Body with SpamAssassin sudo systemctl restart postfix spamass-milterĬheck the status and make sure they are running. Restart Postfix and Spamass Milter for the changes to take effect. ![]() Then add postfix user to the sa-milt group, so that Postfix will be able to communicate with spamass-milter. We also need to add the -g sa-milt option to make the spamass-milter socket writable by the sa-milt group. It’s a good practice to ignore emails originating from localhost by adding the -i 127.0.0.1 option. EXTRA_FLAGS="-m -r 8 -R SPAM_ARE_NOT_ALLOWED_HERE" If you want the sender to see a different reject text, then add the -R (reject text) option like below. milter-reject: END-OF-MESSAGE 5.7.1 Blocked by SpamAssassin If the score of a particular email is over 8, Spamassassin would reject it and you would find a message like below in the /var/log/maillog file, indicating it’s rejected. Uncomment this line and change 15 to your preferred reject score such as 8. Now open the /etc/sysconfig/spamass-milter file and find the following line. If you haven’t configured OpenDMARC, then you should remove local:opendmarc/opendmarc.sock, from smtpd_milters. If you have configured OpenDKIM and OpenDMARC on CentOS/RHEL, then these lines should look like below. Smtpd_milters = unix:/run/spamass-milter/spamass-milter.sock Next, edit /etc/postfix/main.cf file and add the following lines at the end of the file. sudo systemctl start spamass-milterĮnable auto-start at boot time. Install the spamass-filter packages on CentOS/RHEL from the EPEL software repository. I prefer to use SpamAssassin via the sendmail milter interface, because it allows me to reject an email when it gets a very high score such as 8, so it will never be seen by the recipient. There are several ways you can use to integrate SpamAssassin with Postfix. sudo systemctl start spamassassin Integrate SpamAssassin with Postfix SMTP Server as a Milter By default, the spamassassin systemd service is disabled, you can enable auto start at boot time with: sudo systemctl enable spamassassin Spamc is the client for SpamAssassin spam filtering daemon. The server binary installed by the spamassassin package is called spamd, which will be listening on TCP port 783 on localhost. Run the following command to install SpamAssassin from the default CentOS/RHEL software repository. If the score is high enough (by default 5.0), the message is considered spam. Each rule adds or removes points in the message’s score. It will check email message against a large set of rules. SpamAssassin is a free, open-source, flexible and powerful spam-fighting tool. In this tutorial, we are going to learn how to use SpamAssassin (SA) to detect spam on CentOS/RHEL mail server. Previously we discussed 7 effective methods for blocking email spam with Postfix on CentOS/RHEL.
0 Comments
Leave a Reply. |