SpamAssassin Configuration

Revision as of 19:31, 11 January 2010 by Steve410 (talk | contribs)

Introduction

We use Spamassassin to tag e-mails with ** SPAM ** if they are found to be spam.

Spamassassin uses several rule sets in determining what is spam and what is non-spam. Points or "hits" are given to e-mails for various levels of "spammedness." The more hits your e-mail gets, the better chance it will be tagged as spam. Once the e-mail reaches the globally define required_hits level, the mail is tagged as spam. By default, CS requires a hit level of 7.0 or above for a mail message to be considered spam.

If you receive mail tagged as ** SPAM **, look for an X-Spam-Status line in your mail headers to see the various tests your e-mail passed for being spam. Sometimes your mail can pass several of the spam tests and yet still doesn't get tagged as spam, as many normal, legitimate e-mails have characteristics of spam within them. The more tests that are passed as spam, the higher the hit level, the more chance of the e-mail getting tagged as spam.

You can use your favorite mail-filtering program to filter mail tagged as ** SPAM **. However, we recommend you do not simply delete such mail, but move spam-tagged mail to a folder to review later, in case there are some legitimate mails that were tagged as spam.


Customizing How Spamassassin Works For You

Spamassassin use both global and user parameters for custom tagging configurations. As a user, you can adjust the user settings. To do so, you'll need to first create a .spamassassin directory (don't forget the dot at the beginning)

mkdir .spamassassin

Then, create the configuration file called user_prefs

touch user_prefs (the touch command merely creates an empty file.)

In your .spamassassin user_prefs file, there are many parameters you can change. The most popular one here is the required_hits level. This will allow you to decide how many spamassassin test hits your incoming e-mail message needs to have before being tagged as ** SPAM **. The lower the required_hits number, the easier it is for mail (legimate or spam) to be tagged as spam (this could lead to false positives). The higher the number, the less items tagged as spam. (More spam will be untagged.) As mentioned earlier, CS uses a required_hits level 7.0 by default You can change this to a different level with by adding the required_hits parameter to user_prefs (the numbers can be decimals).

required_hits 5.4

(more messages will be tagged as spam, however, some may be legitimate e-mails.)

or

required hits 9.2

(less messages will be tagged as spam.)

Other user_prefs file options can be found on the web.

Whitelists (or how to prevent some real mail from being tagged as spam.)

When you receive ** SPAM **-tagged mail from someone you know, you'll probably want to put that person's e-mail address on a whitelist, so that that person's e-mail doesn't get tagged as ** SPAM ** again.

To do that, add a whitelist_from line to your user_prefs file.

For example, say that e-mail from your colleague mike@yahoo.com gets tagged as ** SPAM **.

Add:

whitelist_from mike@yahoo.com

to your user_prefs file (shouldn't matter where in the file you put it),

And now, e-mail from mike@yahoo.com will not be tagged as spam when you receive it.

(you'll also notice that now, the X-Spam-Status line in the mail headers from mike@yahoo.com includes "USER_IN_WHITELIST")