This is an old revision of the document!
SpamAssassin examines your mail using numerous heuristic filters and assigns a spam score based on matches it finds. Citadel can attach directly to SpamAssassin without the need to install or configure any filters.
You should configure SpamAssassin to reject messages with attachments that are Windows executables, because these are almost always malware. If users complain, suggest archive formats such as Zip. Free and easy to use zip tools are commonly available. Save yourself and your users work.
You can also configure SpamAssassin to outrightly reject (by scoring extremely high) any message which contains a URL whose hostname resolves to an IP address on one of the various blacklists. These tests are disabled by default! You have to enable and high-score them by putting the following lines into SA local.cf:
# High score for URL's whose IP addresses are in rbl score URIBL_AB_SURBL 10 score URIBL_JP_SURBL 10 score URIBL_OB_SURBL 10 score URIBL_PH_SURBL 10 score URIBL_SBL 10 score URIBL_SC_SURBL 10 score URIBL_WS_SURBL 10
Other suggested SpamAssassin tools and tips:
- Always configure sa-update to download and install new SpamAssassin rules automatically.
- SARE SpamAssassin Rules Emporium contains lots of extra community-supported rules.
- Rules Du Jour is an auto-updater for the SARE ruleset (although you may be able to do this with sa-update too). [upstream link has vanished]
- The Mailscanner Wiki might also give you useful hints.
- The Spamassasin custom rulesets page has many more and their current status.
Right now citadel itself can only binary operate SA:
- Spam: Reject
- NoSpam: Deliver
If you want to change that behaviour you need to plug another Mail Transport Agent (MTA) in front of citadel. By principle this can be every MTA that knows how to forward / deliver through LMTP mails on to another server. However, right now the most tightest way to do this with Postfix; it even can revalidate whether the Recipient exists (which is important to keep your systems to suffer from Dictionary Spam Attacks). Less accurate solutions are known to work with QPSMTPD and qmail. Then you do configure a Sieve Rule per user to move SPAM-Flagged Mails to the spam-folder.