Adding a Spam Filter to Postfix on Ubuntu 13.04

August 21, 2013

A prerequisite for the following is that you have Postfix installed and working as per my last post.

This will probably work on other versions of Ubuntu e.g. 12.04, 13.10, 14.04, 14.10, 15.04, 15.10, 16.04, 16.10!

Install Spam Assassin and edit the config file

sudo apt-get install spamassassin
sudo vim /etc/spamassassin/local.cf

These are my current settings, we will see how they pan out:

required_score 4.0

rewrite_header Subject [***** SPAM _SCORE_ *****]
report_safe 0

shortcircuit USER_IN_WHITELIST       on
shortcircuit USER_IN_BLACKLIST       on

Blacklists and Whitelists

I also want to set up whitelist and blacklist files, the best way seems just to create files ending with .cf in the /etc/spamassassin/ folder, like so:

sudo vim /etc/spamassassin/whitelist.cf
sudo vim /etc/spamassassin/blacklist.cf

You can add white/blacklist items using the format below.

whitelist_from *@somedomain.com
blacklist_from spambot@somedomain.com
blacklist_to thisisnotarealaddr@mydomain.com

This website has documentation of the SpamAssassin configuration options.

Create spamd user and enable SpamAssassin

sudo groupadd -g 5001 spamd
sudo useradd -u 5001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd
sudo mkdir -p /var/lib/spamassassin
sudo chown spamd:spamd /var/lib/spamassassin

Then edit the config:

sudo vim /etc/default/spamassassin

ENABLED=1
SAHOME="/var/lib/spamassassin/"
OPTIONS="--create-prefs --max-children 5 --username spamd --helper-home-dir ${SAHOME} -s ${SAHOME}spamd.log"
PIDFILE="${SAHOME}spamd.pid"

Then (re)start SpamAssassin:

sudo /etc/init.d/spamassassin restart

Integrate SpamAssassin with Postfix

sudo vim /etc/postfix/master.cf

Modify the smtpd line near the top of the file to look like this:

smtp  inet  n   -   -   -   -   smtpd -o content_filter=spamassassin

Then add this to the bottom of the file

spamassassin unix -  n   n   -   -   pipe
  flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Finally, restart Postfix:

sudo /etc/init.d/postfix restart

Watching log files

Hopefully all the above will have worked for you. To get some more insight into what is going on you can take a look at some log files and send yourself some emails!

sudo tail -f /var/lib/spamassassin/spamd.log /var/log/mail.log

Update/Extension of this post

I’ve posted an update to this post where I now use AMaViS to actually block the spam messages rather than just flag them on Ubuntu 13.10.