Home arrow Latest Tutorials arrow Setup a Spam Filter with SpamAssasin and Postfix
Setup a Spam Filter with SpamAssasin and Postfix PDF
Wednesday, 28 May 2008
If you receive a lot of spams here is a quick solution to filter spams using SpamAssasin and Postfix. Also spamd will be used (which is include within SpamAssasin). There are other implementations that we will cover in other tutorials.

Step 1. Install Postfix
We will install Postfix from Ports:

cd /usr/ports/mail/postfix
make install

If you want to use Postfix with MySQL, you must check MySQL before compilation, also you may want to check Dovecot, to use Dovecot SASL authentication method. We recommend you dovecot over cyrus-imap.

After installation, configure postfix by editing: /usr/local/etc/postfix/master.cf and /usr/local/etc/postfix/main.cf

# -------------------- main.cf -----------------------------------------
queue_directory = /var/spool/postfix
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 550
mynetworks_style = host

debug_peer_level = 2

debugger_command =
         xxgdb $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/local/sbin/sendmail
mailq_path = /usr/local/bin/mailq
setgid_group = maildrop
html_directory = no
manpage_directory = /usr/local/man
sample_directory = /usr/local/etc/postfix
readme_directory = no
#smtpd_recipient_restrictions = check_relay_domains, permit

mydomain = example.com
myhostname = firewall.$mydomain
myorigin = $myhostname
mydestination = $myhostname, localhost,$mydomain

mynetworks =
mynetworks_style = subnet
# --------- end of file main.cf --------------------

Also add the following line to /etc/rc.conf

Don't forget to setup in main.cf the variable: mydestination = $myhostname, localhost,$mydomain
If you forget to do that, you will get rely denied error, and emails that comes to your domain name will be rejected.
If you have many domains you can use transport_maps variable:

mydestination = $mydomain, $myhostname, $transport_maps, localhost

Transport maps can be also used from within mysql (for large mail servers with postfix compiled and configured with virtual users and MySQL support. If you are interested there is a tutorial on that topic on our website.

Make sure you either add your IP in main.cf with your mynetworks variable or setup smtp server with authentication and allow your username to use SMTP with authentication.

mynetworks =

Step 2. Install SpamAssasin

cd /usr/ports/mail/p5-Mail-SpamAssassin
make install

Step 3. Configure SpamAssasin

After compilation and installation of SpamAssasin (which is written in Perl) from ports, as described in Step 2, create a config file for spamassasin:

touch /usr/local/etc/mail/spamassasin/local.cf

with the following content:
# ---------- local.cf --------------
rewrite_header Subject *****SPAM*****

# trusted_networks 10.0.0.
# lock_method flock
# use_bayes 1
# bayes_auto_learn 1

required_score 5.0
report_safe     1

whitelist_from This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
# --------- end of local.cf

If you want to catch more spams, but also you will have more false positive, lower required_score. Higher score will catch less spams.

Step 4. Start spamd
Edit /usr/local/etc/rc.d/sa-spamd and change spamd_enable to "YES".
Then, start spamd:

/usr/local/etc/rc.d/sa-spamd start

Step 5. Edit master.cf and add support for spamassasin
Edit /usr/local/etc/postfix/master.cf, replace line:

smtp      inet  n       -       n       -       -       smtpd
smtp      inet  n       -       -       -       -       smtpd
        -o content_filter=spamassassin

And then add the following lines to master.cf.

spamassassin unix -     n       n       -       -       pipe
        user=spamd argv=/usr/local/bin/spamc -f -e
        /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Step 6. Restart postfix and test the setup

/usr/local/etc/rc.d/postfix restart

Last Updated ( Tuesday, 01 November 2011 )
< Prev   Next >

Other BSD Systems





Best BSD firewall?