By Francis Ndungu, Alibaba Cloud Tech Share Author. Tech Share is Alibaba Cloud's incentive program to encourage the sharing of technical knowledge and best practices within the cloud community.
Unsolicited emails are very annoying because they take up your disk space and waste your time every time you try to weed them out from your inbox . Luckily, SpamAssassin is one of the best Open-source tools for filtering and blocking spam.
Designed in Perl, Apache SpamAssassin uses different approaches to identify and block spam. These include: online blacklist database lookup, checksum based filters, Bayesian algorithm and third party programs.
The highly configurable email filter utility is rule-based and to function effectively, it uses regular expressions to determine if an email contains Spam.
If you have already setup an email server with Postfix, SpamAssassin is a good tool for keeping your inbox free from unwanted emails from hackers and telemarketers.
This is a comprehensive guide that walks you through the process of securing your Ubuntu 16.04 Postfix email server with SpamAssassin.
SpamAssassin is available on the Ubuntu software repository. So before we install it, let's first update the package information index:
$ sudo apt-get update
Then we can install SpamAssassin with the command below:
$ sudo apt-get install spamassassin spamc
Next, we need to create a dedicated user for SpamAssassin:
$ sudo adduser spamd --disabled-login
After installation, we are going to edit the SpamAssassin configuration file. To do this, open the file /etc/default/spamassassin
using nano text editor:
$ sudo nano /etc/default/spamassassin
To enable SpamAssassin on the system, find the parameter ENABLED
and change its value from 0 to 1.
ENABLED =1
Next, we are going to create a SAHOME
variable and direct it to SpamAssassin home directory:
SAHOME="/var/log/spamassassin/"
Then, locate the below line on the same file:
OPTIONS="--create-prefs --max-children 5 --helper-home-dir"
Change it to:
OPTIONS="--create-prefs --max-children 5 --username spamd --helper-home-dir /home/spamd/ -s /home/spamd/spamd.log"
To pick the latest updates from SpamAssassin, we are going to change the CRON
value from 0 to 1:
CRON =1
When you are done editing the file, press CTRL+X, Y and Enter to save the changes.
We can now start adding rules to SpamAssassin. Open the file /etc/spamassassin/local.cf
Using nano text editor:
$ sudo nano /etc/spamassassin/local.cf
Make sure the below parameters and values are set on the file:
rewrite_header Subject [***** SPAM _SCORE_ *****]
required_score 5.0
use_bayes 1
bayes_auto_learn 1
The above parameters tell SpamAssassin to rewrite the subject of each email that surpasses the threshold score of 5.0. When set to 1, use_bayes
instructs SpamAssassin to use the Bayes algorithm to classify emails as either ham or spam using a mathematical formula based on probability.
The parameter bayes_auto_learn
is set to 1 to enable the auto-learning mechanism. Save and close the file by pressing CTRL+X, Y and Enter.
Next, edit the Postfix master configuration file and instruct it to route emails to SpamAssassin for filtering:
$ sudo nano /etc/postfix/master.cf
Find the line:
smtp inet n - - - - smtpd
Then, add the following information below it:
-o content_filter=spamassassin
spamassassin unix - n n - - pipe
user=spamd argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
Save and close the file by pressing CTRL+X, Y and Enter. Then, restart both Postfix and SpamAssassin.
$ sudo service postfix restart
$ sudo service spamassassin restart
To check whether SpamAssassin is working, send an email to your server (e.g. info@example.com) and add include the content below on the email body to trigger the spam check:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
Open your email client (in this case, we are using SquirrelMail) and check your inbox. Your email should now be marked as spam and the subject should be re-written to indicate the same.
We have gone through the steps of securing your Postfix email server with SpamAssassin on Ubuntu 16.04 server hosted on Alibaba Cloud. We believe you are going to implement the steps in this article to safeguard your email servers from unwanted emails.
If you haven't setup your email server, remember to check out our guide on How to Setup Email Server with Postfix, Dovecot, DirectMail and SquirrelMail on Ubuntu 16.04 Alibaba ECS
How to Set Up and Secure PhpMyAdmin with Apache on Ubuntu 16.04
How to Implement MySQL Roles on Alibaba Cloud ECS Running Ubuntu 16.04
31 posts | 8 followers
Followfrancisndungu - October 19, 2018
Alex - June 21, 2019
francisndungu - May 29, 2019
Alibaba Clouder - February 18, 2019
francisndungu - December 12, 2018
Alibaba Clouder - January 4, 2019
31 posts | 8 followers
FollowAlibaba Mail is one of the only email service providers in the industry that supports public cloud services and provides fast, secure, and stable services.
Learn MoreAlibaba Cloud is committed to safeguarding the cloud security for every business.
Learn MoreMarketplace is an online market for users to search and quickly use the software as image for Alibaba Cloud products.
Learn MoreAlibaba Cloud (in partnership with Whale Cloud) helps telcos build an all-in-one telecommunication and digital lifestyle platform based on DingTalk.
Learn MoreMore Posts by francisndungu