SpamAssassin is implemented as the /usr/bin/spamassasin script, which is a Perl script. There is some performance overhead involved in running a Perl script for each email. For sites with low volumes of email, this may not be an issue, but performance is a high priority for high volume sites. In these cases, the SpamAssassin daemon can be used to improve performance.

When SpamAssassin is used as a daemon, /usr/bin/spamd is run at system startup, and /usr/bin/spamc is used as a client. When used in Procmail recipes, /usr/bin/spamc and /usr/bin/spamassassin are often interchangeable, although they support different flags.

The spamc and spamd programs are installed with SpamAssassin. The SpamAssassin distribution directory includes sample initialization scripts for starting the daemon. They are located in the spamd directory of the SpamAssassin build directory.

The spamd daemon supports...

Procmail is a Mail Delivery Agent (MDA), sometimes called a Local Delivery Agent (LDA). It is not a Mail Transport Agent (MTA) such as sendmail, Postfix, Exim, or qmail. Procmail relies on another application (normally the MTA) to run it and to pass each email message. Procmail can run other programs (generally called email filters), make decisions, and take specific actions depending on the content of the email it is processing. Procmail may also be invoked from .forward files, which are part of the sendmail local delivery system.

$ which procmail

which: no procmail in (/bin:/usr/bin:/usr/local/bin:/opt/bin)

/usr/bin/procmail

The following instructions describe how to integrate SpamAssassin into a number of popular MTAs. Once SpamAssassin has been integrated into the MTA, basic MTA configuration should be tested and the user should confirm that SpamAssassin headers are being added to emails.

# /usr/sbin/sendmail -bt -d0.1 </dev/null
Version 8.12.10
Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8MIME8TO7NAMED_BIND...

To test if SpamAssassin is working properly, send an email to a user who is configured to receive spam-filtered email. Once the email has been received, examine the headers. There should be lines similar to the following:

X-Spam-Checker-Version: SpamAssassin 3.00 (2004-07-20) on mta.domain.com
X-Spam-Level:
X-Spam-Status: No, hits=0.9 required=4.0 tests=BAYES_00,DATE_IN_PAST_96_XX,
NO_REAL_NAME,RCVD_IN_SORBS autolearn=no version=2.63

If headers like these are present, then SpamAssassin has run correctly. If the email is not received or the extra headers are not present, then SpamAssassin has failed to work.

Several tests can be performed to analyze the problem. Some were covered in Chapter 6 in Verifying the Installation. The following sections also discuss SpamAssassin troubleshooting.

MTAs can reject email. They do this when unauthorized relaying is attempted or if the recipient is invalid. When an email is addressed to a valid user, processed by SpamAssassin, and tagged as spam, there are several actions that can be taken:

There are different ways of running SpamAssassin. The method chosen depends on the requirements of the site. Each method has different performance implications and offers different levels of flexibility.

For low-volume sites, Procmail is an ideal choice. It can be used to filter email site-wide, or can be used selectively for users with local accounts. For higher performance, SpamAssassin can be integrated into the MTA.

If desired, email can be rejected upon delivery. This warns a legitimate sender that their email has been filtered. However, if the spam email uses a fake identity or a stolen identity (as is usually the case) the message is bounced back to an innocent user and so this method should be avoided.