Avoid receiving spams : spamassassin

spamassassin is a well-known anti-spam. It is used by OpenBSD project with spamd for their mailing lists. Let's see how to use it with smtpd using tags since the setup is interesting if you want to understand how things works. You may instead want to use the filter opensmtpd-filter-spamassassin : install the port then read /usr/local/share/doc/pkg-readmes/opensmtpd-filter-spamassassin.

Install appropriate ports :

# pkg_add p5-Mail-SpamAssassin spampd

Run spamassassin daemons.

You may add a few flags to make sure it is running as we expect.

# rcctl enable spampd
# rcctl set spampd flags "--relayhost=127.0.0.1:10026"
# rcctl start spampd
# rcctl enable spamassassin
# rcctl start spamassassin

Every incoming mails now must be checked by spammassassin, which is listening on port 10025. Once they've been scanned, they will be delivered on port 10026 and tagged "SPAMASSASSIN" so we don't check them twice.

That's how it looks in "/etc/mail/smtpd.conf" :

...
# mails checked by spammassassin
listen on lo0 port 10026 tag SPAMASSASSIN
...
action spamassassin relay host smtp://127.0.0.1:10025 
...
# system mails
accept from local for local alias <aliases> deliver to maildir "~/Maildir"
# Mails scanned by SPAMASSASSIN
match tag SPAMASSASSIN from any for domain "athome.tld" action virtual_maildir
### not tagged mails, must be checked by spammassassin
match from any for domain "athome.tld" action spamassassin
...

Spams subject are modified by spammassassin.

You can automatically delete them, but it's a risk in case of false positive.

In order to save spams in a junk folder, modify smtpd's action so it checks for "X-spam" header :

# /etc/mail/smtpd.conf
action virtual_maildir maildir "/var/vmail/%{dest.domain:lowercase}/%{dest.user:lowercase}/Maildir" junk virtual <virtuals>