• NAME
• SYNOPSIS
• OPTIONS
• DESCRIPTION
• CONFIGURATION FILES
• TAGGING
• TAGGING FOR SPAM MAILS
• TAGGING FOR NON-SPAM MAILS
• SPAM TRAPPING
• INSTALLATION
• ENVIRONMENT
• SEE ALSO
• AUTHOR
• PREREQUISITES
• COREQUISITES

NAME

spamassassin - mail filter to identify spam using text analysis

SYNOPSIS

spamassassin [option ...] < mailmessage

spamassassin -P [option ...] < mailmessage > output

OPTIONS

-P

Normally SpamAssassin will write the rewritten message to the mail spool by default. The -P parameter will cause it to pipe the output to STDOUT instead.

-a

Use auto-whitelists. These will automatically create a list of senders whose messages are to be considered non-spam by monitoring the total number of received messages which weren't tagged as spam from that sender. Once a threshold is exceeded, further messages from that sender will be given a non-spam bonus (in case you correspond with people who occasionally swear in their emails).

-e

Exit with a non-zero error code, if the message is determined to be spam.

-h

Print help message and exit.

-t

Test mode. Pipe message through and add extra report.

-r

Report this message as verified spam. This will submit the mail message read from STDIN to various spam-blocker databases, such as Vipul's Razor ( http://razor.sourceforge.net/ ).

If the message contains SpamAssassin markup, this will be stripped out automatically before submission.

-W

Add all email addresses, in the headers and body of the mail message read from STDIN, to the automatic whitelist.

-R

Remove all email addresses, in the headers and body of the mail message read from STDIN, from the automatic whitelist.

-F 0 | 1

Ensure that the output email message either always starts with a 'From ' line (1) for UNIX mbox format, or ensure that this line is stripped from the output (0). (default: 1)

-w fromaddr

This flag is only useful in conjunction with -r. It will send a reply mail to the sender of the tested mail, notifying them that their message has been trapped as spam, from the address supplied in fromaddr. See SPAM TRAPPING.

-l filename

Log all mail messages that pass through the filter, to an mbox-format file named by filename. Handy for use with -r and -w.

-L

Do only the ''local'' tests, ones that do not require an internet connection to operate. Normally, SpamAssassin will try to detect whether you are connected to the net before doing these tests anyway, but for faster checks you may wish to use this.

-S

Stop spam checking as soon as the spam threshold is reached, to increase performance. This option also turns off Razor reporting.

-d

Remove SpamAssassin markup (the ``SpamAssassin results'' report, X-Spam-Status headers, etc.) from the mail message. The resulting message, which will be more or less identical to the original, pre-SpamAssassin input, will be output to stdout.

(Note: the message will not be exactly identical; some headers will be reformatted due to some features of the Mail::Internet package, but the body text will be.)

-c config

Read configuration from config.

-p prefs

Read user score preferences from prefs.

-D

Produce diagnostic output.

DESCRIPTION

SpamAssassin is a mail filter to identify spam using text analysis and several internet-based realtime blacklists.

Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify ``spam'', also known as unsolicited commercial email.

Once identified, the mail is then tagged as spam for later filtering using the user's own mail user-agent application.

SpamAssassin also includes support for reporting spam messages to collaborative filtering databases, such as Vipul's Razor ( http://razor.sourceforge.net/ ).

The default tagging operations that take place are detailed in TAGGING.

CONFIGURATION FILES

The rule base, text templates, and rule description text are loaded from the configuration files.

By default, configuration data is loaded from the first existing directory in: /usr/local/share/spamassassin;/usr/share/spamassassin;./rules;../rules

The configuration data in the first existing directory in: /usr/local/etc/spamassassin;/usr/pkg/etc/spamassassin;/usr/etc/spamassassin;/etc/mail/spamassassin;/etc/spamassassin are used to override any values which had already been set

Spamassassin will read *.cf in these directories, in alphanumeric order within each directory (similar to SysV-style startup scripts). In other words, it will read 10_misc.cf before 50_scores.cf and 20_body_tests.cf before 20_head_test.cf. Options in later files will override earlier files.

The user preferences (such as scores to attach to each rule), are loaded from the file specified in the -p argument. If this is not specified, ~/.spamassassin/user_prefs is used if it exists. spamassassin will create this file if it does not exist, using user_prefs.template as a template. This file will be looked for in /etc/spamassassin/user_prefs.template;/usr/local/share/spamassassin/user_prefs.template;/usr/share/spamassassin/user_prefs.template

TAGGING

The following two sections detail the tagging that takes place for spam messages, first of all, and for non-spam messages.

Note that if you use the -t argument, all mails will be tagged as if they are spam messages.

TAGGING FOR SPAM MAILS

The modifications made are as follows:

Subject: header

The string *****SPAM***** is prepended to the subject, unless the rewrite_subject 0 configuration option is given.

X-Spam-Status: header

A string, Yes, hits=nn required=nn is set in this header to reflect the filter status.

X-Spam-Flag: header

Set to YES.

X-Spam-Report: header for spam mails

The SpamAssassin report is added to the mail header if the report_header = 1 configuration option is given.

Content-Type: header

Set to text/plain, in order to defang HTML mail or other active content that could ``call back'' to the spammer.

spam mail body text

The SpamAssassin report is added to top of the mail message body, unless the report_header 1 configuration option is given.

TAGGING FOR NON-SPAM MAILS

X-Spam-Status: header

A string, No, hits=nn required=nn is set in this header to reflect the filter status.

SPAM TRAPPING

Quite often, if you've been on the internet for a while, you'll have accumulated a few old email accounts that nowadays get nothing but spam.

SpamAssassin lets you set them up as aliases, as follows:

spamtrap1: ``| /path/to/spamassassin -r -w spamtrap1''

This will add any incoming mail messages straight into spam-tracking databases, such as Vipul's Razor; send an explanatory reply message to the sender, from the spamtrap1 address; then drop the mail into the bit-bucket.

The explanatory reply text is taken from the SpamAssassin configuration file, where it is stored in the spamtrap lines.

If you want to keep a copy of the mails, use something like this:

spamtrap1: ``| /path/to/spamassassin -r -w spamtrap1 -l /var/spam/caught''

It is suggested you familiarise yourself with how MTAs run programs specified in aliases, if you plan to do this; for one thing, spamassassin will not run under your user id in this case. If you are nervous about this, create a user for spamtrapping, and set up spamassassin in its .forward file.

INSTALLATION

The spamassassin command is part of the Mail::SpamAssassin Perl module. Install this as a normal Perl module, using perl -MCPAN -e shell, or by hand.

ENVIRONMENT

No environment variables, aside from those used by perl, are required to be set.

SEE ALSO

Mail::SpamAssassin(3) Mail::Audit(3) Razor(3)

AUTHOR

Justin Mason <jm /at/ jmason.org>

PREREQUISITES

Mail::Audit

COREQUISITES

Net::DNS Razor