Additional Spamassassin Rules

3 posts / 0 new
Last post
#1 Sat, 10/30/2010 - 12:41

Additional Spamassassin Rules


I implemented the SARE/OpenProtect rules on a previous hosting server, so I decided to try them out on our new Virtualmin server.

I post this here for two reasons:

1) I would appreciate any critiques or improvements. Is this a good idea? What's the down side?

2) It might help others fight spam.

First off, on my Centos 5.5 Virtualmin server, I found that the sa-updates cron job was commented out by default. Is there a reason for that? I uncommented it so it will automatically update the Spamassassin rules.

sa-update --import pub.gpg
sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel

vi /etc/cron.d/sa-update

Add one very long line:

23 4 */2 * * root /usr/bin/sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel 2>&1 | tee -a /var/log/sa-update.log

cat /var/log/sa-update.log

ll /var/lib/spamassassin/3.002005/saupdates_openprotect_com


sa-update -D --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel

service spamassassin restart



Tue, 11/02/2010 - 21:17

Thanks for the info!

Are you finding that it helps reduce your spam?

Also, if you haven't already, I might suggest looking into Greylisting... I've seen it make a rather large difference in the amount of spam that makes it through.


Tue, 11/02/2010 - 23:26 (Reply to #2)

Hi Eric,

I don't know how to quantitatively say that the TARE rules reduce spam, but my gut tells me they do.

With my spam classification threshold set to 4.0, I have been getting 1-3 junk messages get through per day. It seems like I haven't had any get through the filter since adding the new rules. Not very scientific, I know.

Yes, greylisting was the first 'extra' feature I enabled. Past experience has shown me that greylisting alone cuts spam in half...or thereabouts...with very little down-side and with very low resource utilization.


Topic locked