Installing and configuring SpamAssassin

January 11, 2025 by Roberto Puzzanghera 57 comments

SpamAssassin is a mature, widely-deployed open source project that serves as a mail filter to identify Spam. SpamAssassin uses a variety of mechanisms including header and text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases. SpamAssassin runs on a server, and filters spam before it reaches your mailbox.

Troubles with latest DBI::mysql module

Days ago (Jan 06, 2025) the perl DBI::mysql module has been updated to v4.053 and v5.011. Both of them dropped the support for MariaDB and MySQL > 8. Infact v4.053 compilation exits with

/usr/bin/perl: symbol lookup error: /usr/local/lib64/perl5/auto/DBD/mysql/mysql.so: undefined symbol: mysql_real_escape_string_quote

while v5.011 doesn't compile as it seems not to be compliant with my openssl-1.1.1zb (I had the same issue on other distros with openssl-1.1 installed).

I'm restoring v4.052 like this

cpan install DVEEDEN/DBD-mysql-4.052.tar.gz

Changelog

  • May 26, 2024
    - SA upgraded to v. 4.0.1
  • Jun 25, 2023
    - The ExtractText notes have been revised and corrected by Gabriel Torres
  • Jul 14, 2021
    - added DCC setup (next page)
    - moved the configuration of Razor, Pyzor and Spamcop to a separate page

Upgrading spamassassin to version 4.0.x

You have detailed info in a separated page here.

Install

Create the spamd user and group, prepare config and log dirs:

mkdir -p /etc/mail/spamassassin /home/spamd /var/log/spamassassin

groupadd spamd
useradd -g spamd -d /home/spamd spamd
chown -R spamd:spamd /home/spamd

Then install spamassassin and all the modules we need with their prerequisites. First let's set CPAN to follow the dependencies without without showing us a prompt:

> perl -MCPAN -e shell
cpan> o conf prerequisites_policy follow
cpan> o conf commit

Cut and paste the following in CPAN (the order is important):

notest install Socket6 IO::Socket IO::Socket::INET6 LWP MD5 CPAN::DistnameInfo Mail::DKIM
notest install Test::More MIME::Base64 Digest::MD5 Digest::HMAC_MD5 Net::IP
notest install Net::Ping Net::DNS Time::HiRes Digest::SHA1 Getopt::Long Digest::Nilsimsa URI::Escape HTML::Parser HTTP::Date IO::Zlib Archive::Tar  Mail::SPF
notest install Mail::SPF::Query Net::Ident IO::Socket::SSL Mail::DomainKeys Mail::DKIM LWP::UserAgent HTTP::Date Encode::Detect BSD::Resource
notest install Storable DB_File Net::SMTP BerkeleyDB Class::Method::Modifiers
notest install Geo::IP IO::Socket::IP Net::Patricia
notest install Mail::DMARC::PurePerl MIME::QuotedPrint Compress::Raw::Zlib DBD::SQLite
notest install DVEEDEN/DBD-mysql-4.052.tar.gz DBI

We sticked with version 4.052 of DBD::mysql because the support for MariaDB and MySQL > 8 has been dropped. DBD::MariaDB is a fork of DBD::mysql but unfortunately it's not working yet. I hope it will become the default in the future.

Install spamassassin:

notest install  Mail::SpamAssassin Mail::SpamAssassin::Plugin::Razor2 Mail::SpamAssassin::BayesStore::MySQL

I had to skip the tests because of some error.

We have installed in advance the Razor2 and the Bayesstore:MySQL plugins that we'll need later.

Configuring

You can find the config files into /etc/mail/spamassassin

> cd /etc/mail/spamassassin
> ls
init.pre  local.cf  v310.pre  v312.pre  v320.pre  v330.pre v340.pre  v341.pre  v342.pre  v343.pre  v400.pre

local.cf

# Add *****SPAM***** to the Subject header of spam e-mails
# rewrite_header Subject *****SPAM*****
# put here your subnet
trusted_networks 10.0.0.
# Set the threshold at which a message is considered spam (default: 5.0)
required_score 5.0

ExtractText

The purpose of the ExtractText plugin is to, when enabled, convert attachments (including images, byt the use of an OCR) into plain text in order to SpamAssassin to apply its rules to this text. So if we receive doc/pdf/images with spammy text in them, SpamAssassin will now be able to safely mark the email as spam.

In order to do that, we need to have installed some external programs in our server. The configuration lines added to local.cf have to load these programs to scan each message attachment.

Install the required external programs. Debian users will do;

apt-get install antiword
apt-get install docx2txt
apt-get install unrtf
apt-get install odt2txt
apt-get install tesseract-ocr
apt-get install poppler-utils

Slackware users will find all these programs on SlackBuild, while poppler is already availble in the distro.

Add the following lines to 70-extracttext.cf file:

cat > 70-extracttext.cf << EOF
ifplugin Mail::SpamAssassin::Plugin::ExtractText

extracttext_external pdftotext /usr/bin/pdftotext -nopgbrk -layout -enc UTF-8 {} -
extracttext_use pdftotext .pdf application/pdf

# http://docx2txt.sourceforge.net
extracttext_external docx2txt /usr/bin/docx2txt {} -
extracttext_use docx2txt .docx application/docx

extracttext_external antiword /usr/bin/antiword -t -w 0 -m UTF-8.txt {}
extracttext_use antiword .doc application/(?:vnd\.?)?ms-?word.*

extracttext_external unrtf /usr/bin/unrtf --nopict {}
extracttext_use unrtf .doc .rtf application/rtf text/rtf

extracttext_external odt2txt /usr/bin/odt2txt --encoding=UTF-8 {}
extracttext_use odt2txt .odt .ott application/.*?opendocument.*text
extracttext_use odt2txt .sdw .stw application/(?:x-)?soffice application/(?:x-)?starwriter

extracttext_external tesseract {OMP_THREAD_LIMIT=1} /usr/bin/tesseract -c page_separator= {} -
extracttext_use tesseract .jpg .png .bmp .tif .tiff image/(?:jpeg|png|x-ms-bmp|tiff)

add_header all ExtractText-Flags _EXTRACTTEXTFLAGS_

#header PDF_NO_TEXT X-ExtractText-Flags =~ /\bNoText\b/
#describe PDF_NO_TEXT PDF without text
#score PDF_NO_TEXT 0.2

#header DOC_NO_TEXT X-ExtractText-Flags =~ /\bNoText\b/
#describe DOC_NO_TEXT Document without text
#score DOC_NO_TEXT 0.2

#header EXTRACTTEXT exists:X-ExtractText-Flags
#describe EXTRACTTEXT Email processed by extracttext plugin
#score EXTRACTTEXT 0.001

endif
EOF

You can see three rules commented out. You can safely leave them commented out or enable them for debug purposes. The EXTRACTTEXT rule is just to have proof that the plugin is active. PDF_NO_TEXT and DOC_NO_TEXT will be hit in case of an empty document in attach. You will have an header like this when these two rules have been hit:

X-Spam-ExtractText-Flags: NoText

init.pre

# RelayCountry - add metadata for Bayes learning, marking the countries
# a message was relayed through
#
# Note: This requires the IP::Country::Fast Perl module
#
loadplugin Mail::SpamAssassin::Plugin::RelayCountry

# URIDNSBL - look up URLs found in the message against several DNS
# blocklists.
#
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL

# SPF - perform SPF verification.
#
loadplugin Mail::SpamAssassin::Plugin::SPF

v400.pre

Load all new plugin which come with SA v.4

loadplugin Mail::SpamAssassin::Plugin::ExtractText 
loadplugin Mail::SpamAssassin::Plugin::DecodeShortURLs 
loadplugin Mail::SpamAssassin::Plugin::DMARC

sa-update

sa-update updates the rules (it requires gpg 1.4). Before running spamassassin for the first time download the rules:

sa-update

Add to your crontab this line to update the rules once a day

cat >> /etc/cron.d/qmail << EOF
# spamassassin update
30 3 * * * /usr/local/bin/sa-update --nogpg -v &
EOF

The -v option will produce an email notification to postmaster.

Testing

Run this debug command. If you get no error you are ready to run the daemon.

sudo -u spamd -H spamassassin -D --lint

Do not quit spamd with ctrl+C, because the next test with spamc will have to connect to it.

Open another terminal and check if the headers are inserted:

echo -e "From: myself@mymailserver.net\nTo:myfriend@domain.net\nSubject: test\n\n" | spamc

Received: from localhost by qmail.mymailserver.net
 with SpamAssassin (version 3.3.1);
 Tue, 30 Nov 2010 23:18:37 +0100
From: myself@mymailserver.net
To: myfriend@domain.net
Subject: test
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-04-18) on qmail.mymailserver.net
X-Spam-Flag: YES
X-Spam-Level: *****
X-Spam-Status: Yes, score=5.4 required=5.0 tests=BAYES_99,FREEMAIL_FROM,
 MISSING_DATE,MISSING_MID,NO_RECEIVED,NO_RELAYS,TVD_SPACE_RATIO,
 T_TO_NO_BRKTS_FREEMAIL autolearn=no version=3.3.1

Running spamassassin

Download the startup script

cd /usr/local/bin
wget https://notes.sagredo.eu/files/qmail/spamdctl
chmod +x spamdctl

Set the IP variable with the IPs that are allowed to send queries to spamd:

#!/bin/bash
#
# Spamd init script
#
# August, 2th 2003
# Martin Ostlund, nomicon
# Modified slightly by Troy Belding for Qmailrocks - February 23, 2004
#
# Modified by Roberto Puzzanghera - September 02, 2014
# November 17, 2020: moved log file to /var/log/spamassassin/spamd.log

# Comma separated IPs that are allowed to query the spamd server
IP=127.0.0.1,::1,1.2.3.4,10.0.0.0/24

DAEMON=/usr/local/bin/spamd
NAME=spamd
SNAME=spamdctl
DESC="SpamAssassin Mail Filter Daemon"
LOGFILE=/var/log/spamassassin/spamd.log
PIDFILE="/var/run/$NAME.pid"
PNAME="spamd"
LISTEN_IP=0.0.0.0
# DEBUG="-D" # comment out to disable debug
# USER_PREFS="-q" # Use with -x. Comment out to disable sql user prefs

DOPTIONS="${DEBUG} ${USER_PREFS} -x -u spamd -A ${IP} -i ${$LISTEN_IP} -s $LOGFILE -H /home/spamd -d --pidfile=$PIDFILE"

KILL="/bin/kill"
KILLALL="/bin/killall"

# Defaults - don't touch, edit /etc/mail/spamassassin/local.cf
ENABLED=0
OPTIONS=""

set -e

case "$1" in
start)
echo -n "Starting $DESC: "
$DAEMON $OPTIONS $DOPTIONS

echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
$KILL -9 `cat $PIDFILE`
/bin/rm $PIDFILE
echo "$NAME."
;;
restart|force-reload)
echo -n "Restarting $DESC: "
$0 stop
$0 start

echo "$NAME."
;;
*)
ME=/usr/local/bin/$SNAME
echo "Usage: $ME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac

exit 0

Now check that spamd is running:

> spamdctl start
> ps axfu
root      1859  0.1  3.4 139360 61044 ?        Ss   19:00   0:01 /usr/bin/spamd -x -u spamd -A 127.0.0.1,<external-IP> -H /home/spamd -d --pidfile=/var/run/spamd.pid
spamd     1860  0.0  3.2 139360 58984 ?        S    19:00   0:00  \_ spamd child
spamd     1861  0.0  3.2 139360 58984 ?        S    19:00   0:00  \_ spamd child

Type spamd -c to learn how to use spamd. See also http://spamassassin.apache.org/full/3.4.x/doc/spamd.html

Starting spamassassin at boot time

To start spamassassin at boot time put your startup script in your rc.local:

/usr/local/bin/spamdctl start &

logrotate

Create a file /etc/logrotate.d/spamd like this (slackware) to rotate daily your spamd logs:

cat > /etc/logrotate.d/spamd << __EOF__
/var/log/spamassassin/spamd.log /var/log/spamassassin/razor-agent.log {
su root apache
rotate 5
daily
missingok
notifempty
delaycompress
postrotate
   [ -f '/var/run/spamd.pid' ] && (kill -HUP \`cat /var/run/spamd.pid\`) || exit 0
endscript
}
__EOF__

Be aware that we have already setup the logrotate for the log file or Razor, which we'll see in the next page.

vpopmail-auth driver removal
Filtering networks
spamassassin
add a comment

Comments

SA-Update Rules 01-May-2025

Hi Roberto, 

      There seems to be a few features added / changed in SA after the rules update on 01-May-2025.  The below fields are seen the the Spam Mails received , 

0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. 
See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information.
[88.151.12.31 listed in bl.score.senderscore.com]

Well after following the link provided in the message , it seems like one has to create a free account on https://my.validity.com/ and register your mail server ip / ip range CIDR to access queries made to their sender reputation data . Below is the transcript from their website 

Validity provides access through DNS to our sender reputation data, including the Validity Certified Allowlist and the Return Path Blocklist, to allow for use with message filtering. This is commonly accessed through default rules enabled in SpamAssassin or directly through proprietary scripts and applications.

Validity will allow up to 10,000 requests to anonymous users over a 30-day period. If you require the ability to query in larger volumes then a contractual agreement is needed.

Although I have created a account and added my IP's , just wanted to check with you if you are aware of the same / updates to SA.

Can you check / investigate if my above findings are true and the optimum configuration if any has to be applied to SA configuration for the same 

Cheers

Reply |

SA-Update Rules 01-May-2025

Shailendra Shukla

Hi Shailendra, yes I have it in my logs as well

Fri May  2 06:49:07 2025 [29436] info: async: aborting after 3.658 s, deadline shrunk: DNSBL, A/47.196.149.62.bl.score.senderscore.com, rules: RCVD_IN_VALIDITY_RPBL, RCVD_IN_VALIDITY_RPBL_BLOCKED

did you solve by registering your IP in their database?

Reply |

SPAMC Error Log

Hi Roberto , 

     Not sure if anybody else is expereincing it or not but there are error logs in the /var/log/maillog in regards to spamc on SA4.0.1 noticed the below entries

Apr 14 16:00:58 mail spamc[426698]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused
Apr 14 16:04:26 mail spamc[426958]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused
Apr 14 16:21:28 mail spamc[429109]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused
Apr 14 17:27:03 mail spamc[434190]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused

The installation is as per the guide .  After playing around a bit with the settings , I  had to fix it with the below workaround.

create /etc/mail/spamassassin/spamc.conf  with the following line 

-d 127.0.0.1

And restart spamassassin and the above error lines go away.  I have checked these errors on two systems Rocky 8.10 and Rocky 9.5 . 

Can you check if this is the actual case with SA 4.0.1 . For those who want the error entires to vanish can use the temp fix provided above . 

Cheers

Reply |

SPAMC Error Log

Shailendra Shukla

What did you set in the LISTEN_IP variable in your spamdctl script? It appears that you are calling sa in ipv6 but it's only listening on ipv4

Reply |

SPAMC Error Log

Roberto Puzzanghera 

IP=127.0.0.1,::1
LISTEN_IP=0.0.0.0
USER_PREFS="-q"

DOPTIONS="${DEBUG} ${USER_PREFS} -x -u spamd -A ${IP}  -i ${LISTEN_IP} -s $LOGFILE -H /home/spamd -d --pidfile=$PIDFILE"

This is what I have is spamdctl 

Regards

Reply |

SPAMC Error Log

Shailendra Shukla

Well got it to work without the spamc.conf containing -d 127.0.0.1 as I suggested earlier.

As per the spamd daemon help The --listen option (or -i) may be specified multiple times.  I did try with -i ${LISTEN_IP},${LISTEN_IP6}  but that does not work.  Also LISTEN_IP=0.0.0.0,::  ( comma seperated ip list) also does not work

So I modified the spamdctl script like below 

IP=127.0.0.1,::1,a.b.c.6,aaaa:bbbb:0:cc::6
LISTEN_IP=0.0.0.0
LISTEN_IP6=::
DOPTIONS="${DEBUG}  ${USER_PREFS}  -x  -u spamd  -A ${IP}  -i ${LISTEN_IP}  -i ${LISTEN_IP6}  -s $LOGFILE -H /home/spamd -d  --pidfile=$PIDFILE 

Now SA listens on all interfaces i.e 127.0.0.1 and ipv4 public ip ,  with ::1 and ipv6 public ip. 

Cheers

Reply |

SPAMC Error Log

Shailendra Shukla

So, if you want to allow connections only on ipv4, as per your spamc.conf, you should change IP to IP=127.0.0.1

Reply |

Installing spamassassin

I'm assuming it's me doing something wrong and not knowing how to do something, but I follow the command by command, step by step and I'm not able to install spamassassin.

I have this message :(

t/sa_check_spamd.t ................ spam_pid not found:

Sleeping 5 - Retry # 19
Sleeping 5 - Retry # 18
Sleeping 6 - Retry # 17
spam_pid not found:

Sleeping 6 - Retry # 16

What now?

My system is Debian 12.

all the best

Arek

Reply |

Installing spamassassin

Arkadiusz Bronowicki

it works here as explained above. Some optional perl packages required the libidn2-dev package from debian

By the way, the last time that I installed spamassassin in a production server was a debian 11 server, and I installed it from debian packages in this way

apt install spamassassin libgeoip2-perl razor pyzor perl-doc libclass-dbi-perl libdbd-mysql-perl \ 
       libnet-dns-perl libmail-srs-perl libnet-patricia-perl libgeo-ip-perl libmail-rbl-perl

if you can check if this still works for debian 12 I'll add a note to this page for debian users.

Reply |

Installing spamassassin

Roberto Puzzanghera

Hi,

I install all additional packages....

still the same after command:

install Mail::SpamAssassin

t/sa_check_spamd.t ................ spam_pid not found: Sleeping 5 - Retry # 19
spam_pid not found: Sleeping 5 - Retry # 18
spam_pid not found: Sleeping 6 - Retry # 17
spam_pid not found: Sleeping 6 - Retry # 16
spam_pid not found: Sleeping 6 - Retry # 15
spam_pid not found: Sleeping 6 - Retry # 14
spam_pid not found: Sleeping 7 - Retry # 13
spam_pid not found: Sleeping 7 - Retry # 12
spam_pid not found: Sleeping 7 - Retry # 11
spam_pid not found: Sleeping 7 - Retry # 10
spam_pid not found: Sleeping 8 - Retry # 9
spam_pid not found: Sleeping 8 - Retry # 8

Reply |

Installing spamassassin

Arkadiusz Bronowicki

You have to force the install and skip all tests, so

force notest install package

Reply |

Installing spamassassin

Roberto Puzzanghera

Just won't disabling package testing make the whole installation wrong anyway? Since this spamd_pid doesn't work, it won't work anyway. :O

Reply |

Installing spamassassin

Arkadiusz Bronowicki

Some test always fail. If you have time to stay there and click yes in order to proceed, just do it. But this is how I install it since 2008 and it works, as I don't get errors in my logs

Reply |

Installing spamassassin

Roberto Puzzanghera

PS: all tests that I do in the post installation that I suggest above succed. This is the reason why I think you can skip the tests during the installation

Reply |

Installing spamassassin

Roberto Puzzanghera

ok :)

Thanks for Your time and support

all the best

Arek

Reply |

Reset Spamassassin Score

Hi Roberto, any way to reset the score of spamassassin and it's AWL score?

Reply |

Reset Spamassassin Score

Kenny Lee

Hi Kenny,

are you sure that you mean AWL and not txrep/bayesan? AWL has been replaced by txrep a couple of years ago.

Do you want to purge or completely empty the table? In the first case, just run a query like this (better as a cronjob)

/usr/bin/mysql -u spamassassin -p"sa_pwd" -e "USE spamassassin; DELETE FROM txrep WHERE last_hit <= (now() - INTERVAL 120 day);"

change the number of days. Also purge the userprefs table.

In the second case you can truncate all the tables in the spamassassin database.

Reply |

Spamassasin at MX level ?

Hi

I have SA running on virtual host and I enabled or disabled the SA for any domain from vpopmail.limits table, this works perfect

Now, I'm looking for a way to run SA at MX level, whitout users-prefs, without learning, but I can't find the way to make it work :D
I don't have vpopmail on my mxs, only qmail and spamdyke
How can I make SA works without vpopmail  DB (mysql) ?
Can I enable SA from tcp.smtp ?

Thanks

Reply |

Spamassasin at MX level ?

Pablo Murillo

Do you mean running SA before qmail-queue? I don't know...

Reply |

Spamassasin at MX level ?

Roberto Puzzanghera

Hi Roberto
Sorry !, after I post the question I remember that I'm using SIMSCAN !!!
I recompile simscan with SA support and now it's working :D

Reply |

Mail::SpamAssassin::Plugin::Hashcash

Hello Roberto,

from ver 4.0 hashcash was REMOVED from SpamAssassin.
pls update.
Txh

# Hashcash - perform hashcash verification.
#
loadplugin Mail::SpamAssassin::Plugin::Hashcash

Reply |

Mail::SpamAssassin::Plugin::Hashcash

Mike

Thank you. Corrected

Reply |

Details on how to correctly configure the ExtractText plugin

Hi Roberto,

The purpose of the ExtractText plugin is to, when enabled, convert attachments (including imagens, byt the use of an OCR) into plain text in order to SpamAssassin to apply its rules to this text. So if we receive doc/pdf/images with spammy text in them, SpamAssassin will now be able to safely mark the email as spam.

In order to do that, we need to have installed some external programs in our server. The configuration lines added to local.cf have to load these programs to scan each message attachment. Also, the rules provided in the example at the SpamAssassin Apache page are just examples. Here are the correct instructions to make the ExtractText plugin to work. I hope you can test them yourself and update this page (and also the "migrating to SpamAssassin 4.0.0" page.

1. Install the required external programs

Here we run Debian, so we need:

apt-get install antiword
apt-get install docx2txt
apt-get install unrtf
apt-get install odt2txt
apt-get install tesseract-ocr
apt-get install poppler-utils

2. Add the following lines to the local.cf file. NOTE: your tutorial is missing the required extracttext_external lines:

loadplugin Mail::SpamAssassin::Plugin::ExtractText
ifplugin Mail::SpamAssassin::Plugin::ExtractText

extracttext_external  pdftotext  /usr/bin/pdftotext -nopgbrk -layout -enc UTF-8 {} -
extracttext_use       pdftotext  .pdf application/pdf

# http://docx2txt.sourceforge.net
extracttext_external  docx2txt   /usr/bin/docx2txt {} -
extracttext_use       docx2txt   .docx application/docx

extracttext_external  antiword   /usr/bin/antiword -t -w 0 -m UTF-8.txt {}
extracttext_use       antiword   .doc application/(?:vnd\.?)?ms-?word.*

extracttext_external  unrtf      /usr/bin/unrtf --nopict {}
extracttext_use       unrtf      .doc .rtf application/rtf text/rtf

extracttext_external  odt2txt    /usr/bin/odt2txt --encoding=UTF-8 {}
extracttext_use       odt2txt    .odt .ott application/.*?opendocument.*text
extracttext_use       odt2txt    .sdw .stw application/(?:x-)?soffice application/(?:x-)?starwriter

extracttext_external  tesseract  {OMP_THREAD_LIMIT=1} /usr/bin/tesseract -c page_separator= {} -
extracttext_use       tesseract  .jpg .png .bmp .tif .tiff image/(?:jpeg|png|x-ms-bmp|tiff)

add_header   all          ExtractText-Flags _EXTRACTTEXTFLAGS_
header       PDF_NO_TEXT  X-ExtractText-Flags =~ /\bpdftotext_NoText\b/
describe     PDF_NO_TEXT  PDF without text
score        PDF_NO_TEXT  0.001

header       DOC_NO_TEXT  X-ExtractText-Flags =~ /\b(?:antiword|openxml|unrtf|odt2txt)_NoText\b/
describe     DOC_NO_TEXT  Document without text
score        DOC_NO_TEXT  0.001

header       EXTRACTTEXT  exists:X-ExtractText-Flags
describe     EXTRACTTEXT  Email processed by extracttext plugin
score        EXTRACTTEXT  0.001

endif

3. Instructions on how to configure the plugin

The official website suggests the configuration lines above. But this is just an example and there is a small adjustment to be made.

a. Here with me, the string added to X-ExtractText-Flags was only 'NoText' when the attached word/pdf file didn't have any text. So the first two rules wouldn't be triggered. For this reason, I replaced the PDF_NO_TEXT and DOC_NO_TEXT with:

header DOC_NO_TEXT X-ExtractText-Flags =~ /\bNoText\b/
describe DOC_NO_TEXT Document without text
score DOC_NO_TEXT 0.2

b. Note how I adjusted the score from 0.001 to 0.2. With a score of 0.001, the original rule won't do anything. But, it is up to you to assign a score for emails containing doc/pdf files with no text. I ajusted the rule to a score of 0.2.

Personal note: honestly, both rules PDF_NO_TEXT and DOC_NO_TEXT could be safely removed. They are present in the documentation only so you know they are available.

The final rule, EXTRACTTEXT should be left alone. This rule only exists so we have EXTRACTTEXT in the email header in the list of all rules that the message triggered, so we know that attachments were present in the email and they were converted/scanned by the plugin. It is a great debugging tool.

Cheers,

Gabriel.

Reply |

Details on how to correctly configure the ExtractText plugin

Gabriel Torres

Thanks a lot Gabriel. I'll read and test carefully and I'll use it to improve this page

Reply |

X-Spam-ExtractText-Flags: _EXTRACTTEXTFLAGS_

Hi Roberto,

After finally making the move to SA 4.0.0, I noticed that a new header was included, but its value is weird, IMHO:

X-Spam-ExtractText-Flags: _EXTRACTTEXTFLAGS_

Isn't this _EXTRACTTEXTFLAGS_  a variable that should be replaced with something else?

Also:

add_header   all          ExtractText-Flags _EXTRACTTEXTFLAGS_

Shouldn't this be:

add_header   all          X-ExtractText-Flags _EXTRACTTEXTFLAGS_

Please advise!

Cheers!

Reply |

X-Spam-ExtractText-Flags: _EXTRACTTEXTFLAGS_

Gabriel Torres

I did a test changing like this with no luck

X-Spam-ExtractText-Flags: _EXTRACTTEXTFLAGS_

Reply |

X-Spam-ExtractText-Flags: _EXTRACTTEXTFLAGS_

Gabriel Torres

Hi Gabriel,

Actually I would expect it to fill that _EXTRACTTEXTFLAGS_ tag with the notes of the plugin, something like

X-ExtractText-Flags: openxml_NoText

but I have it as is.

Concerning the other question, I copied the example from the man page here

I hope that someone else can be more specific than me...

Reply |

X-Spam-ExtractText-Flags: _EXTRACTTEXTFLAGS_

Roberto Puzzanghera

I'll investigate this further and let you know. Thanks.

Reply |

Update to spamdctl script

Hi Roberto,

After upgrading our OS here to the latest version, spamd stopped working. Upon further inspection, I found this in the log file:

Tue Aug 24 18:54:43 2021 [9957] warn: spamd: unauthorized connection from ::1 [::1]:59928 to port 783, fd 5 at /usr/local/bin/spamd line 1627.

This meant that spamd was listening on 127.0.0.1 but not at ::1 (IPv6 version of 127.0.0.1). Therefore, I replaced IP= with:

IP=::1

and the problem was gone.

Just a small note for you to upgrade the script to support both 127.0.0.1 and ::1.

Cheers.

Reply |

Update to spamdctl script

Gabriel Torres

Thank you.

Probably you have to adjust for ipv6 dovecot as well...

Reply |

GEOIP Perl Module

For anyone still having issues with GEOIP or GEOIP2, I had to manually patch the file with the help of some freenode people.

Here's the link to the patch: https://github.com/neilgierman/awstats/compare/GeoIP2...Grinnz:patch-1

Reply |

Create .spamassassin/ dir

Here I had to manually create /etc/mail/spamassassin/.spamassassin/ and chown spamd:spamd otherwise I would see error messages in the log files saying that the tx-reputation file couldn't be created.

Reply |

SA scans only from external emails how to scan local emails?

Hi,

Spamassassin is installed correctly and is working fine for years and still is. While spamassassin scans incoming email from external sources, it does not scan emails that is being send locally, (from local to local or local to external domains). Is there a way to make it scan local emails as well? I tried modifying tcp rules to include simscan for local IP addresses but it still does not work.

thanks

Reply |

How to get SA scan local emails?

munku

Try to recompile simscan adding 

--enable-spam-auth-user=y

to your configure. This should "turn on spam scanning for authenticated users (default no)."

Reply |

got error

installed everithing, but got this error (slackware current)

Util.c: loadable library and perl binaries are mismatched (got handshake key 0xdb00080, needed 0xde00080),

anybody knows where to grab..

Reply |

got error

kwa

Let me understand... you upgraded perl and then your installed modules stopped to work?

Reply |

SSL and AUTH

Hello,

Being a long time qmail user  I recently wanted to switch to full SSL. Unfortunately I cannot succeed having both SSL and AUTH working at same time.

When using stunnel, it just creates an openrelay : any login/pass is considered as OK (all vars are the same as for normal smtp)

/usr/local/bin/tcpserver -v -R -l mail.watchmusic.com -x /etc/tcp.smtp.cdb -c 50 -u 1008 -g 1003 0 465 /usr/local/bin/stunnel /var/qmail/control/stunnel_smtpd.conf

and stunnel_smtpd.conf

foreground = yes
cert = /var/qmail/control/servercert.pem
exec = /var/qmail/bin/qmail-smtpd
execargs = /var/www/vpopmail/bin/vchkpw /bin/true

When using sslserver, I've no openrelay, but I don't get AUTH on prompt (I've well exported the SMTPAUTH var)

sslserver -e -vR -l myserverfqdn -c 30 -u 508 -g 503 -x /etc/tcp.ssmtp.cdb 0.0.0.0 465 qmail-smtpd myserverfqdn /var/www/vpopmail/bin/vchkpw /bin/true


Has anybody succeeded having SSL and AUTH at same time ?

Reply |

I think I did manage to have

Nicolas

I think I did manage to have SSL on 465 with AUTH. I had to play with the run file of the specific service (on my system, /var/qmail/service/smtpd-465/run). Can you post yours ?

Reply |

I don't use SSL 465

mizzio

I don't use SSL 465

Reply |

spamdctl DOPTIONS for IPv6

Spamassassin 3.4.1 was not working.  I was getting spamd.log hits

warn: spamd: unauthorized connection from ::1 [::1]:52080 to port 783, fd 5 at /usr/local/bin/spamd line 1600.

and spamd was not working at all.

I added ::1  in the spamdctl file like so:

DOPTIONS="-x -u spamd -A 127.0.0.1,::1 -s /var/log/spamd.log -H /home/spamd -d -c --pidfile=$PIDFILE"

Reply |

I think you have to check

John D Trolinger

I think you have to check that spamd is listening on IPv6 as well and eventually add a "-i [::1]:783" option to your spamdctl. Look here for details http://spamassassin.apache.org/full/3.4.x/doc/spamd.html

Reply |

IPv6

roberto puzzanghera

Roberto,

We have a new email server for 300 people thanks to your guide.  Being able to use Roundcube with PGP was the key piece.   I had to keep the old qmail / sqmail  with the PGP plugin up until today.

IPv6 is working great and spamassassin is doing the job.

I sent you a couple of coffee's and we thank you for keeping the awesome qmail alive.

John D. Trolinger

Reply |

spamassassin error

Hi,

I have this error on load :

error: Can't locate loadable object for module Geo::IP in @INC (@INC contains: /usr/local/share/perl5 /usr/local/lib64/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/local/share/perl5/Geo/IP.pm line 42.

Thanks

Reply |

spamassassin error

rudi durieux

the problem is missing geoip-perl-api - solve like this:

cd /usr/local/src
wget https://github.com/maxmind/geoip-api-perl/archive/v1.45.tar.gz
tar zxvf https://github.com/maxmind/geoip-api-perl/archive/v1.45.tar.gz
cd geo-api-perl-1.45
perl Makefile.PL
make
make install
ldconfig

Reply |

spamassassin error

Ivelin Topalov

GEO:IP is already mentioned above among the packages that must be installed via CPAN...

Reply |

I would try to see which

rudi durieux

I would try to see which module is missing looking inside that file/line

Reply |

did you installed GEO:IP?

rudi durieux

did you installed GEO:IP?

Reply |

I have this in cpan

roberto puzzanghera

I have this in cpan

install Geo::IP

Geo::IP is up to date (1.45).

Reply |

Geo::IP

rudi durieux

I had to disable loadplugin Mail::SpamAssassin::Plugin::URILocalBL  in v341.pre   to get rid of this error in the spamd.log

error: Can't locate loadable object for module Geo::IP in @INC

Reply |

Geo::IP

John D Trolinger

I had the same issue. It was resolved by installing GeoIP2 and uninstall IP::GeoIP. Spamd may complain about missing Class::XSAccessor, after installing it there was no more error.

Reply |

Geo::IP

J

GeoIP2 is not found and unfortunately the Perl GeoIP2 module has been declared deprecated and not suitable for use by its maintainer (more info here), so I think it's better for us to stick with Geo::IP

Reply |

Change DB Spamassassin

For update Spamassassin 3.4.1 is necesary update the db (in my case):

ALTER TABLE `awl` ADD signedby VARCHAR(255) NOT NULL DEFAULT '' AFTER totscore;

Regards

Reply |

Disable Spamassassin

How can I disable the use of spamassassin? Just uninstalling it?

Thanks!

Reply |

no, just edit

Fabiano Heringer

no, just edit /var/qmail/control/simcontrol and put spam=no. update the simcontrol after that:

$ /var/qmail/bin/simscanmk

Reply |

Many thanks

Wow, just found this post yesterday when I wanted to install Spamassassin on my Slackware64-current box. I can't thank you enough for this superb post. Grazie mille!

Reply |

Geo::IP plug not working

3rensho

Thank you for a great tutorial.

I was wondering did you manage to make the new Geo::IP plug in working. I have installed from cpan and updated (geoiplookup works) but spamassassin doesn't seems to take that in consideration when I block a country. I have enable it from init.pre. Any ideea what can be?

Thanks

Reply |

I don't use that plugin

catalin

Sorry, I don't use that plugin

Reply |

add a comment
qmail notes

General notes

qmail picture

Preinstallation tasks

daemontools

fehQlibs

ucspi-tcp6

ucspi-ssl

qmail

VPopMail

Upgrading qmail

Configuring

tcprules

Testing

autorespond

ezmlm-idx

QmailAdmin

Add-ons

RBL

Greetdelay

SPF

SRS

DKIM

SURBL

Limiting outgoing emails

Denying bad DNS HELOs

Greylisting

qmail-taps-extended

moreipme

qmHandle

queue-repair

vQadmin

rblsmtpd

Dovecot

Running

Testing

Filtering

Indexing

Expunging

vpopmail-auth driver removal

SpamAssassin

Filtering networks

User Prefs

TxRep and Bayesian

Learning and reporting

DMARC

Roundcube

Plugins

ClamAV

clamav-unofficial-sigs

simscan

Testing

Fail2Ban

Installing a valid SSL certificate

SQL valias with sieve

Mailman

AWStats

ChangeLog

Asking for help, contributing to the project

Pay me a coffee:

PayPal - The safer, easier way to pay online.

LXC scripts

Introduction

Basic configuration files

Creating an unprivileged container

Scripts overview

Natting

Other contents

Converting a Linux installation to Slackware in OVH server

Running OpenBoard in a window

Migrating from Linux-VServer to LXC

Linux-VServer on Slackware

rsync backup via ssh

Running two php on the same server

Securing proftpd

Mounting remotely with sshfs and curlftpfs

Installing mariaDB

Setting up MySQL

SEO friendly URLs with apache mod_rewrite

Building your ownCloud

Building your own mozilla-sync server

Setting up Tex on Mediawiki

Slackware RSS feeds

English
Italiano
Recent comments

SA-Update Rules 01-May-2025
May 2, 2025 18:38 CET

SA-Update Rules 01-May-2025
May 2, 2025 16:43 CET

File error 2 modifying Forward with QmailAdmin
April 29, 2025 20:45 CET

File error 2 modifying Forward with QmailAdmin
April 29, 2025 20:44 CET

File error 2 modifying Forward with QmailAdmin
April 29, 2025 20:40 CET

File error 2 modifying Forward with QmailAdmin
April 29, 2025 20:26 CET

File error 2 modifying Forward with QmailAdmin
April 29, 2025 20:12 CET

File error 2 modifying Forward with QmailAdmin
April 29, 2025 19:56 CET

File error 2 modifying Forward with QmailAdmin
April 29, 2025 19:39 CET

RCPTCheck Overlimit
April 25, 2025 09:42 CET

RCPTCheck Overlimit
April 25, 2025 09:28 CET

RCPTCheck Overlimit
April 25, 2025 08:46 CET

buffer overflow
April 24, 2025 13:20 CET

buffer overflow
April 24, 2025 12:50 CET

buffer overflow
April 24, 2025 12:12 CET

See also...

Migrating spamassassin to version 4.0

Tags

apache chkuser clamav dkim dovecot ezmlm fail2ban forward github hacks lamp letsencrypt linux linux-vserver lxc mailman mariadb mediawiki mozilla mysql openboard owncloud patches php postfix proftpd qmail qmail to postfix qmail-spp qmailadmin rbl roundcube roundcube plugins rsync sieve simscan slackware solr spamassassin spf srs ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin

Recent posts

Upgrading qmail

ChangeLog

Roundcube plugins

Configuring qmail

qmHandle

Adding clamav-unofficial-sigs

Qmail virtual user delivery picture

SQL valias with sieve solution for qmail. New features and Roundcube plugin

Sieve interpreter & Dovecot ManageSieve

Installing and configuring VPopMail

RSS feeds