debian/README.Exim3 - spamassassin - Git at Google

 This file contains suggestions on how to get SpamAssassin working
 sitewide with Exim 3, submitted by John Girash
 <girash@skyron.harvard.edu>. Please note that this is not the easiest
 way to integrate spamassassin into your mail stream (simple procmail
 is; see procmailrc.example).

 Here's my writeup of how I got SpamAssassin working under exim3, including
 user-level mail filtering via an exim filter file.  Most credit goes to "dman"
 (formerly at <dman@dman.ddts.net>) for providing an earlier version of this
 document; I merely updated it for the more-current versions (exim 3.35-1 and
 spamassassin 2.53-1; I use Debian).

 Step 1 :
 Edit /etc/exim/exim.conf to include scanning (filtering) by spamassassin
 in the delivery of a message.  In the Transports section add the following
 (order is irrelevant, and you can omit the leading 2 spaces of each line):

   # Spam Assassin 2.53 for exim3
   #   Notes :
   #   This pipes the message to exim using the BSMTP (batched SMTP)
   #   protocol. This avoids any nasties with shell metacharacters in
   #   addresses. Prior to giving the message back to itself, exim will
   #   filter it through the 'spamc' command. As the message returns to exim,
   #   the "received_protocol" set to "spam-scanned".

   spamcheck:
     driver = pipe

     command = /usr/sbin/exim -oMr spam-scanned -bS
     transport_filter = /usr/bin/spamc -u ${local_part}

     bsmtp = all

     home_directory = "/tmp"
     current_directory = "/tmp"

     # must use a privileged user to set $received_protocol on the way back in!
     user = mail
     group = mail

     return_path_add = false

     log_output = true
     return_fail_output = true

     prefix =
     suffix =

 Insert the following at the top of the Directors section :

   # Spam Assassin 2.53 for exim3
   #   This director is used for any message that
   #   * wasn't received from spamassassin (determined by $received_protocol)
   #   * wasn't received via a pipe from a local user
   #   * isn't already flagged (this is safe because the only flag that is
   #      skipped is a positive flag; spammers can tag their spam for you,
   #      but they can't tag it as being clean).#

   spamcheck_director:

     # do not use this director when verifying a local-part at SMTP-time
     no_verify

     condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}} {!eq {$received_protocol}{local}} } {1}{0}}"
     driver = smartuser
     transport = spamcheck

 Step 2:

 Edit /etc/default/spamassassin to start 'spamd' at boot time. I just
 left the "-m 10" in as Debian's defaults had, but removed the "-c"
 that would otherwise create user preferences files, as that's how dman
 had his set up.

   # Change to one to enable spamd
   ENABLED=1
   OPTIONS="-m 10"

 Step 3:

 Start spamd as root :
 # /etc/init.d/spamassassin start

 That's it! Now SpamAssassin will check all your mail & put in header
 info stating whether or not SpamAssassin thinks any given message is
 spam or not. To achieve actual filtering, I do as dman says & use an
 exim filter file in my user account, i.e. a file named "~/.forward"
 that has as its first line "# Exim filter". The following is my full
 .forward file:

   #   Exim filter   <<== do not edit or remove this line!
   if
     $h_X-Spam-Status: contains "Yes, hit"
         or
     "${if def:h_X-Spam-Flag {def}{undef}}" is "def"
   then
     save $home/Mail/junk/autospam.mai
     finish
   endif

 This dumps all messages tagged as spam into file
 ~/Mail/junk/autospam.mai . You want to keep this around (as opposed to
 sending to /dev/null) because while SpamAssassin produces almost no
 false positives, it does produce some. I search on "Yes, hit" instead
 of just "Yes" because once SpamAssassin has read enough mail to start
 doing "Bayesian" filtering, it inserts the test name "BAYES" into the
 headers of most messages, whether spam or not.

 If you want your .forward file to also act like a traditional one and
 forward your mail to a different address, simply append the line
 "deliver address@machine.dom" to the end of the above, replacing
 address@machine.dom with the address of the new destination you want.

 dman says: "Note that because I skip scanning on messages with an
 X-Spam-Flag: header I must check for that in my filter. Otherwise a
 spammer could put the X-Spam-Flag: header in but omit the
 X-Spam-Status: header and slip past my filter. For details on what a
 filter file is and where it goes see sections 24.7 (specifically the
 'filter' option) and 50.3 of spect.txt and section 5 of filter.txt."
 (...I usually just do a google search myself.)

 Much thanks to dman <dman@dman.ddts.net>, whose similar document
 (http://dman.ddts.net/~dman/config_docs/exim3_spamassassin.html)
 regarding using exim3 with earlier versions of SpamAssassin (<=2.11)
 helped me to no end (and from which I borrow liberally here). He also
 thanks the following folks for helping him, so it seems proper to
 mention them here: * Nigel Metheringham, * Kevin Fleming and * Renee
 Brown.
	This file contains suggestions on how to get SpamAssassin working
	sitewide with Exim 3, submitted by John Girash
	<girash@skyron.harvard.edu>. Please note that this is not the easiest
	way to integrate spamassassin into your mail stream (simple procmail
	is; see procmailrc.example).

	Here's my writeup of how I got SpamAssassin working under exim3, including
	user-level mail filtering via an exim filter file. Most credit goes to "dman"
	(formerly at <dman@dman.ddts.net>) for providing an earlier version of this
	document; I merely updated it for the more-current versions (exim 3.35-1 and
	spamassassin 2.53-1; I use Debian).

	Step 1 :
	Edit /etc/exim/exim.conf to include scanning (filtering) by spamassassin
	in the delivery of a message. In the Transports section add the following
	(order is irrelevant, and you can omit the leading 2 spaces of each line):

	# Spam Assassin 2.53 for exim3
	# Notes :
	# This pipes the message to exim using the BSMTP (batched SMTP)
	# protocol. This avoids any nasties with shell metacharacters in
	# addresses. Prior to giving the message back to itself, exim will
	# filter it through the 'spamc' command. As the message returns to exim,
	# the "received_protocol" set to "spam-scanned".

	spamcheck:
	driver = pipe

	command = /usr/sbin/exim -oMr spam-scanned -bS
	transport_filter = /usr/bin/spamc -u ${local_part}

	bsmtp = all

	home_directory = "/tmp"
	current_directory = "/tmp"

	# must use a privileged user to set $received_protocol on the way back in!
	user = mail
	group = mail

	return_path_add = false

	log_output = true
	return_fail_output = true

	prefix =
	suffix =

	Insert the following at the top of the Directors section :

	# Spam Assassin 2.53 for exim3
	# This director is used for any message that
	# * wasn't received from spamassassin (determined by $received_protocol)
	# * wasn't received via a pipe from a local user
	# * isn't already flagged (this is safe because the only flag that is
	# skipped is a positive flag; spammers can tag their spam for you,
	# but they can't tag it as being clean).#

	spamcheck_director:

	# do not use this director when verifying a local-part at SMTP-time
	no_verify

	condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}} {!eq {$received_protocol}{local}} } {1}{0}}"
	driver = smartuser
	transport = spamcheck

	Step 2:

	Edit /etc/default/spamassassin to start 'spamd' at boot time. I just
	left the "-m 10" in as Debian's defaults had, but removed the "-c"
	that would otherwise create user preferences files, as that's how dman
	had his set up.

	# Change to one to enable spamd
	ENABLED=1
	OPTIONS="-m 10"

	Step 3:

	Start spamd as root :
	# /etc/init.d/spamassassin start

	That's it! Now SpamAssassin will check all your mail & put in header
	info stating whether or not SpamAssassin thinks any given message is
	spam or not. To achieve actual filtering, I do as dman says & use an
	exim filter file in my user account, i.e. a file named "~/.forward"
	that has as its first line "# Exim filter". The following is my full
	.forward file:

	# Exim filter <<== do not edit or remove this line!
	if
	$h_X-Spam-Status: contains "Yes, hit"
	or
	"${if def:h_X-Spam-Flag {def}{undef}}" is "def"
	then
	save $home/Mail/junk/autospam.mai
	finish
	endif

	This dumps all messages tagged as spam into file
	~/Mail/junk/autospam.mai . You want to keep this around (as opposed to
	sending to /dev/null) because while SpamAssassin produces almost no
	false positives, it does produce some. I search on "Yes, hit" instead
	of just "Yes" because once SpamAssassin has read enough mail to start
	doing "Bayesian" filtering, it inserts the test name "BAYES" into the
	headers of most messages, whether spam or not.

	If you want your .forward file to also act like a traditional one and
	forward your mail to a different address, simply append the line
	"deliver address@machine.dom" to the end of the above, replacing
	address@machine.dom with the address of the new destination you want.

	dman says: "Note that because I skip scanning on messages with an
	X-Spam-Flag: header I must check for that in my filter. Otherwise a
	spammer could put the X-Spam-Flag: header in but omit the
	X-Spam-Status: header and slip past my filter. For details on what a
	filter file is and where it goes see sections 24.7 (specifically the
	'filter' option) and 50.3 of spect.txt and section 5 of filter.txt."
	(...I usually just do a google search myself.)

	Much thanks to dman <dman@dman.ddts.net>, whose similar document
	(http://dman.ddts.net/~dman/config_docs/exim3_spamassassin.html)
	regarding using exim3 with earlier versions of SpamAssassin (<=2.11)
	helped me to no end (and from which I borrow liberally here). He also
	thanks the following folks for helping him, so it seems proper to
	mention them here: * Nigel Metheringham, * Kevin Fleming and * Renee
	Brown.