Add custom SpamAssassin rules for content filtering

Your local SpamAssassin rules should be stored in a file called /etc/mail/spamassassin/local.cf if you want the rules applied to every user on the system, or ~/.spamassassin/user_pref if you want to have them only apply to your own email. All rules have three components:

  • The rule itself
  • A 2-5 word description of the rule for SpamAssassin reports (optional),
  • A commensurate scoring for the rule if matched

As a simple example, here's a rule that applies against the body of messages that are being filtered:

body NO_VIOXX /vioxx/i
score NO_VIOXX 10
description NO_VIOXX messages that contain the word Vioxx

In this case, any message that contains "Vioxx" (without regard to the mix of upper and lower case, which is what the 'i' accomplishes in the pattern) will be given a score of +10, which might by itself make this an undelivered spam message (it actually depends on what threshold you specify in your (configuration file).

Having shown that, I use rawbody rather than body so that it catches words that appear in HTML formatted messages and messages with base64 or any other encoding scheme. Here are two actual rules from my own SpamAssassin rule set:

rawbody BECAUSE_OPTIN /because you opted-in/i
score BECAUSE_OPTIN 5.0
rawbody DEALSMINUTE /dealsbytheminute/i
score DEALSMINUTE 5.0

The first thing you'll notice is that I don't bother with the description field. I just try to use sufficiently mnemonic rule names.

Don't be fooled into thinking that you can only match rules and have things be more spammy. You can do the opposite instead, as shown here:

header ITS_DEREK ALL =~ /derek\@farmprints.com/i
score ITS_DEREK -100

Finally, you can also reassign the scoring of built-in rules too, by simply restating the score:

score SUBJ_FREE_CAP 4.0score FREE_PREVIEW 4.0
score HTTP_ESCAPED_HOST 4.0

Finally, don't forget to always run the command immediately after editing your configuration file to ensure that you haven't introduced any errors or typos into the rule set.

spamassassin –lint

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Installing htop

htop is an interactive process viewer for Linux, which is a powerful alternative to the...

Bind Multiple IP Addresses to a Single Network Interface Card (NIC)

This tutorial demonstrates how to bind multiple IP addresses to a single NICI'll be using LAN...

Clear Memory Cache on Linux Server

By default the Linux OS has a very efficient memory management process that should be freeing any...

Set the time on a Linux server

Log into the server via SSHAt the shell prompt run the following command:date MMDDHHmmYYYYFor...

Check your disk usage in Linux

A good way to check your disk usage for folders on your Linux server is via shell.Download...