Toby-Spamassassin.conf

1. # =============== MailScanner: spamassassin.conf ===============
2.  
3. # SpamAssassin preferences for MailScanner users should be placed in
4. # this file to avoid being overwritten by a SpamAssassin upgrade.
5. # For a complete listing of configurable parameters, please see:
6. #
7. # http://www.spamassassin.org/doc/Mail_SpamAssassin_Conf.html
8.  
9. # =============== SpamAssassin Preferences ===============
10.  
11. # This file is linked to mailscanner.cf. The mailscanner.cf link is put
12. # into the site_rules directory by the MailScanner installation scripts. You
13. # can find the directory where the link is, and where all your site-specific
14. # SpamAssassin files should be, by running this perl script:
15. #
16. # perl -MMail::SpamAssassin -e 'print Mail::SpamAssassin->new->first_existing_path(@Mail::SpamAssassin::site_rules_path)'
17. #
18. # If you don't have SpamAssassin installed, then I advise you install
19. # it. Without it, you won't catch much spam. There is an easy-to-install
20. # ClamAV and SpamAssassin installation package included on the MailScanner
21. # downloads page on the web.
22. #
23. # This file is no longer read specially by MailScanner when it starts up
24. # SpamAssassin, it relies on the link being in place to force SpamAssassin
25. # to read the file automatically on its own during its startup code. So
26. # you must have the link in place, or else this file is not read.
27. #
28. # To check your configuration, run the command
29. # spamassassin -D --lint
30.  
31. # ================== Settings For SpamAssassin ===========================
32.  
33. # dns_available { yes | test[: name1 name2...] | no } (default: test)
34. # By default, SpamAssassin will query some default hosts on the internet
35. # to attempt to check if DNS is working on not. The problem is that it can
36. # introduce some delay if your network connection is down, and in some
37. # cases it can wrongly guess that DNS is unavailable because the test
38. # connections failed. SpamAssassin includes a default set of 13 servers,
39. # among which 3 are picked randomly.
40.  
41. dns_available yes
42.  
43.  
44. # =============== White list and Black list addresses ===============
45.  
46. # While you can white list here but see below for a better place.
47.  
48. # White list addresses should be added in
49.  
50. # /etc/MailScanner/rules/spam.whitelist.rules
51.  
52. # Black list addresses should be added in
53.  
54. # /etc/MailScanner/rules/spam.blacklist.rules
55.  
56. # FSL Notes: we need to set the default rule for:
57. # Is Definitely Spam = no
58. # to:
59. # %rules-dir/spam.blacklist.rules
60. # and create a default rules-dir/spam.blacklist.rules file
61.  
62.  
63. # =============== OK Locales ===============
64.  
65. # ok_locales en
66.  
67.  
68. # =============== Bayesian Filtering ===============
69.  
70. # By default, the Bayesian engine is used. This is a real CPU hog
71. # and uses a lot of system resources to work.
72. # On a small overloaded system, you might need to disable it.
73.  
74. # use_bayes 0
75.  
76. # If your root filesystem is filling up because SpamAssassin is putting
77. # large databases in /.spamassassin or /root/.spamassassin, you can
78. # move them using the following lines to point to their new locations.
79. # The last part of the path is not a directory name, but actually the
80. # start of the filenames. So with the settings below, the Bayes files
81. # will be created as /var/spool/spamassassin/bayes_msgcount, etc.
82.  
83. # FSL Note: we need to coordinate the Bayes File Placement
84. # With MailWatch
85.  
86. # bayes_path should NOT be directory!
87. # The Rules_du_jour script will choke if it is a directory.
88. # It needs to be a full pathname, PLUS a partial filename.
89. # In this example, the trailing "bayes" will be the "bayes*" +
90. # files in the directory "/etc/MailScanner/bayes/"
91. # Thanks to Matt Kettler for pointing this out.
92. #bayes_path /etc/MailScanner/bayes/bayes
93.  
94.  
95. # This is actually used as a mask, not a raw chmod setting.
96. # Thanks for Matt Kettler for spotting this one.
97. # Commented out: this if for MailWatch and Exim/Postfix users only.
98. # bayes_file_mode 0770
99.  
100. # Bump up SpamAssassin scores on the high and low end
101. # score BAYES_00 -15.0
102. # score BAYES_05 -5.0
103. # score BAYES_95 5.0
104. # score BAYES_99 15.0
105.  
106. # To disable bayes autolearn
107. # bayes_auto_learn 0
108.  
109. # For feeding spam and and ham for saved messages, mailboxes
110. # or directories:
111.  
112. # This MUST be customized for each site :(
113.  
114. # Change X-YOURDOMAIN-COM to match your %org-name% as
115. # set in MailScanner.conf
116.  
117. bayes_ignore_header X-RoseCottage-MailScanner
118. bayes_ignore_header X-RoseCottage-MailScanner-SpamCheck
119. bayes_ignore_header X-RoseCottage-MailScanner-SpamScore
120. bayes_ignore_header X-RoseCottage-MailScanner-Information
121.  
122. # When using the scheduled Bayes expiry feature, in MailScanner.conf
123. # you probably want to turn off auto-expiry in SpamAssassin as it will
124. # rarely complete before it is killed for taking too long.
125. # You will just end up with # MailScanner: big bayes_toks.new files
126. # wasting space.
127.  
128. # FSL Note: we run Bayes expire from a cron job
129.  
130. #bayes_auto_expire 0
131.  
132. # If you are using a UNIX machine with all database files on local disks,
133. # and no sharing of those databases across NFS filesystems, you can use a
134. # more efficient, but non-NFS-safe, locking mechanism. Do this by adding
135. # the line "lock_method flock" to the /etc/mail/spamassassin/local.cf
136. # file. This is strongly recommended if you're not using NFS, as it is
137. # much faster than the NFS-safe locker.
138.  
139. lock_method flock
140.  
141. # The --auto-whitelist and -a options for "spamd" and "spamassassin" to
142. # turn on the auto-whitelist have been removed and replaced by the
143. # "use_auto_whitelist" configuration option which is also now turned on by
144. # default.
145.  
146. # only use this setting if you have the SA plugin enabled. otherwise,
147. # it will throw an error in SA. (JB 18 FEB 2015)
148. #
149. # use_auto_whitelist 0
150.  
151.  
152. # =============== RBSL related items ===============
153.  
154. # By default, SpamAssassin will run RBL checks. If your ISP already
155. # does this, stop RBL checks in SpamAssassin by un-commenting the
156. # following line
157. # skip_rbl_checks 1
158.  
159. # make sure pyzor is installed before enabling
160. #ifplugin Mail::SpamAssassin::Plugin::Pyzor
161. #pyzor_path /usr/bin/pyzor
162. #endif
163.  
164. # you need to install DCCPROC and enable the plugin in v310.pre
165. # https://svn.apache.org/repos/asf/spamassassin/branches/3.0/INSTALL
166. # under "Optional Programs"
167. #ifplugin Mail::SpamAssassin::Plugin::DCC
168. #dcc_path /usr/local/bin/dccproc
169. #endif
170.  
171. # Uncomment the lines below to stop using the specific service
172. # To stop Razor2 checks, uncomment the following line
173. # use_razor2 0
174. # To stop DCC checks, uncomment the following line
175. # use_dcc 0
176. # To stop Pyzor checks, uncomment the following line
177. # use_pyzor 0
178.  
179.  
180. # The timeouts for blacklists and Razor are rather generous in the
181. # default state that SpamAssassin is shipped. Reducing these
182. # stops a lot of timeouts from removing SpamAssassin scores
183. # altogether.
184.  
185. #rbl_timeout 20
186. #razor_timeout 10
187. #pyzor_timeout 10
188.  
189.  
190. # If you specify these scores, SpamAssassin will do RBL checks as well
191. # as MailScanner, which just wastes CPU power and network bandwidth.
192. # Either do them here by un-commenting the rules below
193. # (if you have paid for them) or else uncomment the "skip_rbl_checks" #
194. # line above and let MailScanner do the checks instead.
195.  
196. #score RCVD_IN_BL_SPAMCOP_NET 4
197. # These next 3 will cost you money, see mailscanner.conf.
198. #score RCVD_IN_RBL 10
199. #score RCVD_IN_RSS 1
200. #score RCVD_IN_DUL 1
201.  
202. # =============== SpamAssassin Header Processing ===============
203.  
204. # SpamAssassin will attempt to discover the address used in the 'MAIL FROM:'
205. # phase of the SMTP transaction that delivered this message, if this data
206. # has been made available by the SMTP server. This is used in the EnvelopeFrom
207. # pseudo-header, and for various rules such as SPF checking.
208.  
209. # This should be explicitly set for MailScanner
210. # and should match your %org-name% setting in MailScanner.conf
211. envelope_sender_header X-RoseCottage-MailScanner-From
212.  
213. # =============== Adding SpamAssassin Rules ===============
214.  
215. # Add your own customized scores for some tests below. The default
216. # scores are read from the installed "spamassassin.cf" file, but you
217. # can override or disable the here.
218. # To see the list of tests and their default scores, go to
219. # http://spamassassin.taint.org/tests.html
220.  
221. # These next 3 lines will add a local rule to SpamAssassin to help
222. # protect you from the friendlygreetings.com nasty-gram which will
223. # send lots of spam from your PC if you let it. Not really a virus,
224. # but you don't want your users all clicking on it.
225.  
226. # This is old now.
227. # header FRIEND_GREETINGS Subject =~ /you have an E-Card from/i
228. # describe FRIEND_GREETINGS Nasty E-card from FriendGreetings.com
229. # score FRIEND_GREETINGS 100.0
230. # header FRIEND_GREETINGS2 Subject =~ /you have a greeting card from/i
231. # describe FRIEND_GREETINGS2 Nasty E-card from FriendGreetings.com
232. # score FRIEND_GREETINGS2 100.0
233.  
234.  
235. # =============== Disable SpamAssassin Rules ===============
236.  
237. # To disable a SpamAssassin rule simply add an uncommented
238. # line similar to:
239. # score SUBJ_ILLEGAL_CHARS 0.0
240.  
241. # =============== Change SpamAssassin Rules scores ===============
242.  
243. # To Change a SpamAssassin rule Score simply add an uncommented
244. # line similar to:
245. # score SUBJ_ILLEGAL_CHARS 2.1
246.  
247.  
248. # =============== Special Case Rules ===============
249.  
250. # added Mon Jan 12 16:14:04 EST 2004 to stop the forgers of
251. # Not needed ins SA 3.0
252. # HABEAUS headers
253. # score HABEAS_SWE -2.0
254. #### Special Case Rules #####
255.  
256. # =============== Historic Rules ===============
257.  
258. # Osirusoft RBSL is dead
259. # score RCVD_IN_OSIRUSOFT_COM 0.0
260. # score X_OSIRU_OPEN_RELAY 0.0
261. # score X_OSIRU_DUL 0.0
262. # score X_OSIRU_SPAM_SRC 0.0
263. # score X_OSIRU_SPAMWARE_SITE 0.0
264. # score X_OSIRU_DUL_FH 0.0
265.  
266.  
267.  
268. # score RCVD_IN_RFCI 0.0
269. # score DNS_FROM_RFCI_DSN 0.0
270.  
271. # =============== Your Edits Go Here ===============
272.  
273.  
274. # [email protected] edit Sun Jan 16 12:17:16 CST 2005
275. # disable the ALL_TRUSTED ruleset that comes with SA 3.x.
276. # It's generating too many false positives
277.  
278. # If you have problems where ALL_TRUSTED is matching external email,
279. # including spam, then SpamAssassin has become confused about which hosts are
280. # a part of your trusted_networks. The most common cause of this is having a
281. # gateway mail exchanger that has a reserved IP and gets NATed by your
282. # firewall. Fortunately the problem is easy to fix by manually declaring a
283. # trusted_networks setting. See man Mail::SpamAssassin::Conf for details.
284. # Once manually set, SA won't try to guess.
285. #
286. # If that does not fix your problem, the other possibility is you have an MTA
287. # that generates malformed Received: headers. If you've modified your
288. # Received: header format, please put it back to the standard format.
289. # SpamAssassin is quite tolerant of deviations from the RFC 2822 format, but
290. # there are some combinations it can't handle. If the malformed headers are
291. # being made by some form of network appliance that you can't fix, report a
292. # bug to your vendor, and as a short-term fix set the score of ALL_TRUSTED to
293. # 0. However, realize that other problems may occur as a result of the
294. # mis-parsed headers and the root cause does need fixing.
295. #
296. #score ALL_TRUSTED 0
297.  
298. #
299. # The header name in the next line must have your %org-name% added into it,
300. # so that it matches what is set in "Spam-Virus Header" in your
301. # MailScanner.conf file.
302. #
303. header MS_FOUND_SPAMVIRUS exists:X-RoseCottage-MailScanner-SpamVirus-Report
304. score MS_FOUND_SPAMVIRUS 3.0