SpamAssassin examines your mail using numerous heuristic filters and assigns a spam score based on matches it finds. Citadel can attach directly to SpamAssassin without the need to install or configure any filters.
You should configure SpamAssassin to reject messages with attachments that are Windows executables, because these are almost always malware. If users complain, suggest archive formats such as Zip. Free and easy to use zip tools are commonly available. Save yourself and your users work.
You can also configure SpamAssassin to outrightly reject (by scoring extremely high) any message which contains a URL whose hostname resolves to an IP address on one of the various blacklists. These tests are disabled by default! You have to enable and high-score them by putting the following lines into SA local.cf:
# High score for URL's whose IP addresses are in rbl score URIBL_AB_SURBL 10 score URIBL_JP_SURBL 10 score URIBL_OB_SURBL 10 score URIBL_PH_SURBL 10 score URIBL_SBL 10 score URIBL_SC_SURBL 10 score URIBL_WS_SURBL 10
Other suggested SpamAssassin tools and tips:
- Always configure sa-update to download and install new SpamAssassin rules automatically.
- SARE SpamAssassin Rules Emporium contains lots of extra community-supported rules.
- Rules Du Jour is an auto-updater for the SARE ruleset (although you may be able to do this with sa-update too). [upstream link has vanished]
- The Mailscanner Wiki might also give you useful hints.
- The Spamassasin custom rulesets page has many more and their current status.
Citadel's SpamAssassin integration only works on a site-wide basis. Spam is bounced; ham (non-spam) is delivered. If you wish to change this behavior you can reconfigure Citadel to only flag spam instead of rejecting it. In this case, each user will need to have a spam handling rule on their inbox. In this case, each user can choose to either reject or quarantine incoming spam.