Installing Spamassassin Milter on FreeBSD

This document assumes that you have a working installation of FreeBSD with sendmail up and running. Beyond that, this document should cover everything else. Please email me if you run into any problems, though.

Update Ports Tree

Before you begin, make sure that your FreeBSD ports tree is up-to-date.

I update my ports as follows (as root, of course):

# cd
# cvsup -L2 -g portsupfile
where my /root/portsupfile looks like:
*default tag=.
*default release=cvs
*default host=cvsup3.freebsd.org
*default base=/usr/local/etc/cvsup
*default prefix=/usr
*default delete
*default use-rel-suffix
*default compress

ports-all

Install Spamassassin from Ports

To install Spam Assassin, simply do the following:

# cd /usr/ports/mail/spamass-milter
# make install clean

This will install the spamassassin software and the milter to allow it to plug into sendmail.

Configure /usr/local/etc/mail/spamassassin/local.cf

Copy local.cf.sample to local.cf. This is the spamassassin config. See the documentation for configuration options.

Configure /usr/local/etc/rc.d/spamass-milter.sh

Verify this file is chmod 755 and this line appears:

        SOCKET=/var/run/spamass-milter.sock

Configure /etc/rc.conf

Add the following line

        spamd_enable="YES"
	spamass_milter_enable="YES"

Start SpamAssassin

Run the following

# /usr/local/etc/rc.d/spamd.sh start
# /usr/local/etc/rc.d/spamass-milter.sh start

Configure Sendmail

Enter the /etc/mail directory and edit the YOURHOSTNAME.mc file. Add the following lines at the end:

        INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')
        define(`confINPUT_MAIL_FILTERS', `spamassassin')

While you are in /etc/mail, run the following commands to update the configuration files and to restart sendmail

        # make
        # make install
        # make restart

Verify Install

To verify that this is working, send a message to a mailbox on this server. Then, view /var/log/maillog and you should see some lines that look like this:

Apr 12 18:08:17 web spamd[34221]: processing message <2714751.1081811244156.Jav
aMail.Administrator@205.147.231.29> for root:65534.
Apr 12 18:08:18 web spamd[34221]: clean message (0.9/5.0) for root:65534 in 1.1
 seconds, 5603 bytes.
Apr 12 18:08:18 web sm-mta[34219]: i3CN8GTw034219: Milter add: header: X-Spam-S
tatus: No, hits=0.9 required=5.0 tests=CLICK_BELOW,HTML_50_60,\n\tHTML_FONTCOLO
R_RED,HTML_IMAGE_RATIO_06,HTML_LINK_CLICK_HERE,\n\tHTML_MESSAGE,OFFERS_ETC auto
learn=no version=2.63

In addition, view the headers of the message that you just received and you should see some lines that look like this:

X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on web.netstreme.com

Setup your client

To finish your setup, simply configure your mail client to filter emails based upon the results of these headers. A spam message's headers will look more like this:

X-Spam-Flag: YES
X-Spam-Status: Yes, hits=21.1 required=5.0 tests=AS_SEEN_ON,BANG_EXERCISE,
        BANG_GUARANTEE,BANG_OPRAH,BIZ_TLD,HAIR_LOSS,HG_HORMONE,HTML_50_60,
        HTML_FONTCOLOR_BLUE,HTML_FONT_INVISIBLE,HTML_MESSAGE,
        MIME_HTML_NO_CHARSET,MIME_HTML_ONLY,MIME_HTML_ONLY_MULTI,
        PRIORITY_NO_NAME,RAZOR2_CF_RANGE_51_100,RAZOR2_CHECK,REVERSE_AGING,
        SOME_BREAKTHROUGH,X_PRIORITY_HIGH autolearn=no version=2.63
X-Spam-Level: *********************
X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on web.netstreme.com

And, you may see the following:

Spam detection software, running on the system "web.netstreme.com", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or block
similar future email.  If you have any questions, see
the administrator of that system for details.

Content preview:  As seen on NBC, CBS, and CNN, and even Oprah! The
  health discovery that actually reverses aging while burning fat,
  without dieting or exercise! This proven discovery has even been
  reported on by major Science Journals. Forget aging and dieting
  forever! And It's Guaranteed! [...]

Content analysis details:   (21.1 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 0.5 X_PRIORITY_HIGH        Sent with 'X-Priority' set to high
 4.3 REVERSE_AGING          BODY: Reverses Aging
 1.9 AS_SEEN_ON             BODY: As seen on national TV!
 0.6 HAIR_LOSS              BODY: Cures Baldness
 1.1 BANG_GUARANTEE         BODY: Something is emphatically guaranteed
 2.2 BANG_OPRAH             BODY: Talks about Oprah with an exclamation!
 0.6 SOME_BREAKTHROUGH      BODY: Describes some sort of breakthrough
 1.2 BANG_EXERCISE          BODY: Talks about exercise with an exclamation!
 0.4 HTML_FONT_INVISIBLE    BODY: HTML font color is same as background
 0.1 HTML_FONTCOLOR_BLUE    BODY: HTML font color is blue
 0.2 HTML_50_60             BODY: Message is 50% to 60% HTML
 1.6 RAZOR2_CF_RANGE_51_100 BODY: Razor2 gives confidence between 51 and 100
                            [cf: 100]
 0.1 MIME_HTML_ONLY         BODY: Message only has text/html MIME parts
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.7 MIME_HTML_NO_CHARSET   RAW: Message text in HTML without charset
 0.8 BIZ_TLD                URI: Contains a URL in the BIZ top-level domain
 0.9 RAZOR2_CHECK           Listed in Razor2 (http://razor.sf.net/)
 2.0 HG_HORMONE             Talks about hormones for human growth
 0.8 PRIORITY_NO_NAME       Message has priority setting, but no X-Mailer
 1.1 MIME_HTML_ONLY_MULTI   Multipart message only has text/html MIME parts

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam.  If you wish to view
it, it may be safer to save it to a file and open it with an editor.

Other notes

This is from a conversation I had with Bill Moss who has been very helpful in getting this document updated. He is emailing back and forth with one of the spamass-milter developers.

>> >I was going to suggest using "-r 15 -b devnull", where devnull is a
>> >local alias pointing to /dev/null, but that will silently drop all
>> >spam, not just high-scoring spam.  I may have to rethink the
>> >interactions between -r, -b, and -B.
>>
>>How come it will drop all spam - what affect does the -r 15 have in
>>the above example? How does it know to drop any spam. Is it inherent
>>in the -b command?
> 
> -b and -B apply whenever spamassassin marks a message as spam; -r
> applies when it's spam AND has a specific score.  There's currently no
> way to say "mark all spam but silently drop spam over 15".