Installation

First thing first: DON’T EVEN THINK ABOUT DOING THIS UNTIL YOU HAVE AN OPERATIONAL MAIL SERVER RUNNING DOVECOT, POSTFIX AND POSTFIXADMIN! You need to get it working on it’s own; If it has gone tits up already this won’t fix it.

Did I mention not to do this until you had a working server?  Okay then, install spam assassin in the usual way:

apt-get install spamassassin spamass-milter swaks

In most of this guide we edit the files manually, but here we can use postconf to add a couple of lines to the postfix configuration file cf. From the command line type

postconf smtpd_milters=unix:/spamass/spamass.sock 
postconf milter_connect_macros="i j {daemon_name} v {if_name} _"

If you wish to do this manually, all that postconf does in this instance is append the 2 lines to the end of /etc/postfix/main.cf to enable spamassassin.

Next edit the /etc/default/spamassassin file and set:

OPTIONS="--create-prefs --max-children 5 --helper-home-dir -x -u mailer" CRON=1

Be sure to make sure the /home/mailer directory exists, if not then create it and set the permissions correctly

mkdir /home/mailer
chown -R mailer:mailer /home/mailer

The additional OPTIONS “-x -u mailer” tell SpamAssassin to look for its Bayes database in the home directory of the “mailer” user. To be exact it will be put into /var/mailer/.spamassassin. The Bayes database records words (aka “tokens”) from all seen emails and computes conditional probabilities that determine the likelihood that an email is spam.

CRON=1 enables the daily cron job in /etc/cron.daily/spamassassin that downloads a new set of spam detection rules every night.

To make the spamd process get started automatically run:

systemctl enable spamassassin

 

We need to fix a permission issue. The SpamAssassin milter needs to access the same data as the spamd. So we need to add the debian-spamd group to the spamass-milter group:

adduser spamass-milter debian-spamd

Restart SpamAssassin:

service spamassassin restart #service spamass-milter restart

 

Testing spam detection

From the command line run

swaks --to user@fqdn.suffix --server xxx.xxx.xxx.xxx --data /usr/share/doc/spamassassin/examples/sample-spam.txt

You will need to set user@fqdn.suffix to a mailbox on the server and set –server to the ip address of your server

 

Sending spam to the junk folder

Fortunately Dovecot offers Sieve filters. John could log into Roundcube and configure a filter for himself that would save any emails to his “Junk” folder if the header line “X-Spam-Flag: YES” was found. This rule would be useful for all your users though so let’s find a general solution.

Dovecot lets us define global filters. Edit the file /etc/dovecot/conf.d/90-sieve.conf. Look for the “sieve_after” lines. They are commented out. So add a new line there:

sieve_after = /etc/dovecot/sieve-after

The “sieve after” filters are executed after the user’s filters. John can define his own filter rules. And after that Dovecot will run any filter rules it finds in files in /etc/dovecot/sieve-after. Create that directory:

mkdir /etc/dovecot/sieve-after

And create a new file /etc/dovecot/sieve-after/spam-to-folder.sieve reading:

require ["fileinto","mailbox"]; 
if header :contains "X-Spam-Flag" "YES" { 
    fileinto :create "Junk"; 
    stop; 
}

The “require” lines include functionality to move emails into certain folders (fileinto) and to create folders if they don’t exist yet (mailbox). Then if SpamAssassin marked a header as spam it is moved into the Junk folder which just appears as “Junk” to the user.

Dovecot cannot deal with such human-readable files though. So we need to compile it:

sievec /etc/dovecot/sieve-after/spam-to-folder.sieve

That generated a machine-readable file /etc/dovecot/sieve-after/spam-to-folder.svbin. Restart Dovecot:

service dovecot restart

And again send a test junk email using swaks. If all is well, the junk email will automatically have been put into Junk

swaks --to user@fqdn.suffix --server xxx.xxx.xxx.xxx --data /usr/share/doc/spamassassin/examples/sample-spam.txt

 

Training spam assassin

First you need to get a load of junk that it has made its way into your inbox and mark it as junk and move it to your junk folder if this has not been done automatically.

Once you have a good enough sample, from the command line on the server run

sa-learn --spam --dir /mailstore/fqdn.suffix/user/.Junk/* -D

To update spam assassin simply run sa-update from the command line (although this should not be necessary as it runs as a cron job as long as you have set CRON=1 in the spamassassin configuration file as described above.

 

Troubleshooting

Postfix is supposed to run chrooted, but I had an issue when setting up spamassassin where it could not find the socket using the chrooted path /spamass/spamass.sock.  If this happens try and edit /etc/postfix/main.cf and find the line

smtpd_milters=unix:/spamass/spamass.sock

And replace it with:

smtpd_milters=unix:/var/spool/postfix/spamass/spamass.sock

Hopefully if you restart postfix this will solve all your problems and realign your chakra.  If not; you’re on your own!

UPDATE:  A further restart and now it is using the chrooted path correctly so not sure what happened; left this note in just in case it happens again.