How to enable custom rules for spamassassin?

Discussion in 'Installation/Configuration' started by Diogo Jesus, Jul 18, 2019.

  1. Diogo Jesus

    Diogo Jesus New Member

    Hello everyone,
    We've been target for spammers for a while now.
    Most of this spam has been blocked which I'm happy with the result (around 700 spams blocked per week).
    Our last problem is that we're receiving a lot of spam from AOL.com services. Which I can't simply block their network as some customers might use that service. So I saw something similar on this spam. All the spam comes from @aol.de / @aim.com & @mail.fr, and it always starts in the same way.

    So I thought creating a spamassassin custom rule to detect these and give them an enough spam score to get it rejected. Here is my spamassassin code (/etc/spamassassin/loca.rc):

    Code:
    header __check_CONTENT From =~ /\@aim\.com/i
    body __check_CONTENT /btest/
    meta check_SPAM (__check_FROM && __check_CONTENT)
    score check_SPAM 65.0
    But for some reason this isn't getting picked up. At first I thought my code had a typo somewhere so I made a simpler one:
    Code:
    header TIVI_SUBJ_TEST Subject =~ /^mysubjectspamtest/
    score TIVI_SUBJ_TEST 20.0
    But again this isn't being picked up as the spam score doesn't show at all on my email header. My question is, do I need to create any specific rule with amavis-new? I'm new to spamassassin as I never did a custom rule before, so I don't know if I need to add something extra to my amavis-new config.

    I also did spamassassin --lint & restarted spamassassin, amavis & postfix and it doesn't seem to work.
    Thank you,
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    If you are using amavis on your server, then amavis must be restarted. If its an ispconfig server, then SpamAssassin should be stopped as it is not used anyway, the scanning happens within amavis which loads the SpamAssassin library without the need for the SpamAssassin daemon.
     
    Diogo Jesus likes this.
  3. Diogo Jesus

    Diogo Jesus New Member

    sorry forgot to mention it is an ISPConfig server
     
  4. Diogo Jesus

    Diogo Jesus New Member

    So you're saying that I should disabled spamassassin daemon? But do I need to add these rules to somewhere else? I've been reading for a while about these $sa_rules but I still didn't understood where should I exacly use them
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    No. Amavis loads the rules from spamassasin config file.
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    But the file for custom spamassasins ettings is named local.cf and not rc.local. /etc/spamassassin/local.cf
     
  7. Diogo Jesus

    Diogo Jesus New Member

    Correct, I did a typo in the main topic my bad. In the meantime I tried once again running spamassassin --lint and then service amavisd-new restart but the rules aren't still being picked up. Is there anything that I might need to activate in the amavis configuration?
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

  9. Jesse Norell

    Jesse Norell Well-Known Member

    rules put in local.cf will be read and used, likely you simply have errors in them. Perhaps a description is mandatory? I'll try to test the above subject rule.
     
  10. Jesse Norell

    Jesse Norell Well-Known Member

    I did a quick test, and you do not need a description or score for the rule, I cut & pasted your
    TIVI_SUBJ_TEST rule into my local.cf, restarted amavis, then sent a message with 'Subject: mysubjectspamtest' and the rule hit.
     
  11. Diogo Jesus

    Diogo Jesus New Member

    I don't understand then why my rules aren't being picked. I'll do more research maybe I did a change in the past? It could be. But it's good to know that at least the rule is working
     

Share This Page