# =============== MailScanner: spam.assassin.prefs.conf ===============
# Version 2.13.1# SpamAssassin preferences for MailScanner users should be placed in
# this file to avoid being overwritten by a SpamAssassin upgrade.
# For a complete listing of configurable parameters, please see:
# http://www.spamassassin.org/doc/Mail_SpamAssassin_Conf.html
# =============== SpamAssassin Preferences ===============
#
# the file installed by SpamAssassin:
#/usr/local/etc/mail/spamassassin/local.cf
# Should be disabled
# typically use these commands:
# mv /etc/mail/spamassassin/local.cf \
# /etc/mail/spamassassin/local.cf.saved
# When running SpamAssassin or sa-learn from the command line,
# or a script, you should always specify that SpamAssassin use
# this file to load SpamAssassin preferences, i.e:
# sa-learn --ham -p /etc/MailScanner/spam.assassin.prefs.conf \
# --mbox ham_mbox
# spamassassin -D -p etc/MailScanner/spam.assassin.prefs.conf \
# --lint
# Additional SpamAssassin rule files should be placed in:
# /etc/mail/spamassasssin (default location)
# or in the directory specified in MailScanner.conf setting:
SpamAssassin Local Rules Dir = /etc/mail/spamassasssin
# dns_available { yes | test[: name1 name2...] | no } (default: test)
# By default, SpamAssassin will query some default hosts on the internet
# to attempt to check if DNS is working on not. The problem is that it can
# introduce some delay if your network connection is down, and in some
# cases it can wrongly guess that DNS is unavailable because the test
# connections failed. SpamAssassin includes a default set of 13 servers,
# among which 3 are picked randomly.
dns_available yes
# =============== White list and Black list addresses ===============
# While you can white list here but see below for a better place.
# White list addresses should be added in
# /etc/MailScanner/rules/spam.whitelist.rules
# Black list addresses should be added in
# /etc/MailScanner/rules/spam.blacklist.rules
# FSL Notes: we need to set the default rule for:
# Is Definitely Spam = no
# to:
# %rules-dir/spam.blacklist.rules
# and create a default rules-dir/spam.blacklist.rules file
# =============== OK Locales ===============
ok_locales en ru
# FSL Notes: we only support English this is unnecessary
# =============== Bayesian Filtering ===============
# By default, the Bayesian engine is used. This is a real CPU hog
# and uses a lot of system resources to work.
# On a small overloaded system, you might need to disable it.
use_bayes 1
# If your root filesystem is filling up because SpamAssassin is putting
# large databases in /.spamassassin or /root/.spamassassin, you can
# move them using the following lines to point to their new locations.
# The last part of the path is not a directory name, but actually the
# start of the filenames. So with the settings below, the Bayes files
# will be created as /var/spool/spamassassin/bayes_msgcount, etc.
# FSL Note: we need to coordinate the Bayes File Placement With MailWatch
bayes_path /usr/local/etc/MailScanner/bayes/bayes
#bayes_path /root/.spamassassin/bayes
# This is actually used as a mask, not a raw chmod setting.
# Thanks for Matt Kettler for spotting this one.
bayes_file_mode 0770
# Bump up SpamAssassin scores on the high and low end
score BAYES_00 0.0
score BAYES_05 0.123
score BAYES_95 4.0
score BAYES_99 5.0
# To disable bayes autolearn
bayes_auto_learn 1
# For feeding spam and and ham for saved messages, mailboxes
# or directories:
# This MUST be customized for each site :(
# Change X-YOURDOMAIN-COM to match your %org-name% as
# set in MailScanner.conf
bayes_ignore_header MailScanner
bayes_ignore_header MailScanner-SpamCheck
bayes_ignore_header MailScanner-SpamScore
bayes_ignore_header MailScanner-Information
# When using the scheduled Bayes expiry feature, in MailScanner.conf
# you probably want to turn off auto-expiry in SpamAssassin as it will
# rarely complete before it is killed for taking too long.
# You will just end up with # MailScanner: big bayes_toks.new files
# wasting space.
# FSL Note: we run Bayes expire from a cron job
bayes_auto_expire 0
# If you are using a UNIX machine with all database files on local disks,
# and no sharing of those databases across NFS filesystems, you can use a
# more efficient, but non-NFS-safe, locking mechanism. Do this by adding
# the line "lock_method flock" to the /etc/mail/spamassassin/local.cf
# file. This is strongly recommended if you're not using NFS, as it is
# much faster than the NFS-safe locker.
lock_method flock
# The --auto-whitelist and -a options for "spamd" and "spamassassin" to
# turn on the auto-whitelist have been removed and replaced by the
# "use_auto_whitelist" configuration option which is also now turned on by
# default.
use_auto_whitelist 0
# =============== RBSL related items ===============
# By default, SpamAssassin will run RBL checks. If your ISP already
# does this, stop RBL checks in SpamAssassin by un-commenting the
# following line
skip_rbl_checks 0
# paths to utilities
pyzor_path /usr/local/bin/pyzor
dcc_path /usr/local/bin/dccproc
# Uncomment the lines below to stop using the specific service
# To stop Razor2 checks, uncomment the following line
use_razor2 1
# To stop DCC checks, uncomment the following line
use_dcc 1
# To stop Pyzor checks, uncomment the following line
use_pyzor 1
# The timeouts for blacklists and Razor are rather generous in the
# default state that SpamAssassin is shipped. Reducing these
# stops a lot of timeouts from removing SpamAssassin scores
# altogether.
rbl_timeout 20
razor_timeout 10
pyzor_timeout 10
# If you specify these scores, SpamAssassin will do RBL checks as well
# as MailScanner, which just wastes CPU power and network bandwidth.
# Either do them here by un-commenting the rules below
# (if you have paid for them) or else uncomment the "skip_rbl_checks" #
# line above and let MailScanner do the checks instead.
score RCVD_IN_BL_SPAMCOP_NET 4.5
# These next 3 will cost you money, see mailscanner.conf.
#score RCVD_IN_RBL 10
#score RCVD_IN_RSS 1
#score RCVD_IN_DUL 1
# =============== SpamAssassin Header Processing ===============
# SpamAssassin will attempt to discover the address used in the 'MAIL FROM:'
# phase of the SMTP transaction that delivered this message, if this data
# has been made available by the SMTP server. This is used in the EnvelopeFrom
# pseudo-header, and for various rules such as SPF checking.
# This should be explicitly set for MailScanner
envelope_sender_header X-MailScanner-From
# =============== Adding SpamAssassin Rules ===============
# Add your own customized scores for some tests below. The default
# scores are read from the installed "spamassassin.cf" file, but you
# can override or disable the here.
# To see the list of tests and their default scores, go to
# http://spamassassin.taint.org/tests.html
# These next 3 lines will add a local rule to SpamAssassin to help
# protect you from the friendlygreetings.com nasty-gram which will
# send lots of spam from your PC if you let it. Not really a virus,
# but you don't want your users all clicking on it.
header FRIEND_GREETINGS Subject =~ /you have an E-Card from/i
describe FRIEND_GREETINGS Nasty E-card from FriendGreetings.com
score FRIEND_GREETINGS 100.0
header FRIEND_GREETINGS2 Subject =~ /you have a greeting card from/i
describe FRIEND_GREETINGS2 Nasty E-card from FriendGreetings.com
score FRIEND_GREETINGS2 100.0
# =============== Disable SpamAssassin Rules ===============
# To disable a SpamAssassin rule simply add an uncommented
# line similar to:
# score SUBJ_ILLEGAL_CHARS 0.0
# =============== Change SpamAssassin Rules scores ===============
# To Change a SpamAssassin rule Score simply add an uncommented
# line similar to:
# score SUBJ_ILLEGAL_CHARS 2.1
# =============== Special Case Rules ===============
# IE explorer spoofing
uri IE_VULN /%([01][0-9a-f]|7f).*@/i
score IE_VULN 100.0
describe IE_VULN Internet Explorer vulnerability
# added Mon Jan 12 16:14:04 EST 2004 to stop the forgers of
# Not needed ins SA 3.0
# HABEAUS headers
# score HABEAS_SWE -2.0
#### Special Case Rules #####
# =============== Historic Rules ===============
# Osirusoft RBSL is dead
# score RCVD_IN_OSIRUSOFT_COM 0.0
# score X_OSIRU_OPEN_RELAY 0.0
# score X_OSIRU_DUL 0.0
# score X_OSIRU_SPAM_SRC 0.0
# score X_OSIRU_SPAMWARE_SITE 0.0
# score X_OSIRU_DUL_FH 0.0
# score RCVD_IN_RFCI 0.0
# score DNS_FROM_RFCI_DSN 0.0
# =============== Your Edits Go Here ===============
score RCVD_IN_RSL 0.3
# Steve@fsl.com edit Sun Jan 16 12:17:16 CST 2005
# disable the ALL_TRUSTED ruleset that comes with SA 3.x.
# It's generating too many false positives
# If you have problems where ALL_TRUSTED is matching external email,
# including spam, then SpamAssassin has become confused about which hosts are
# a part of your trusted_networks. The most common cause of this is having a
# gateway mail exchanger that has a reserved IP and gets NATed by your
# firewall. Fortunately the problem is easy to fix by manually declaring a
# trusted_networks setting. See man Mail::SpamAssassin::Conf for details.
# Once manually set, SA won't try to guess.
#
# If that does not fix your problem, the other possibility is you have an MTA
# that generates malformed Received: headers. If you've modified your
# Received: header format, please put it back to the standard format.
# SpamAssassin is quite tolerant of deviations from the RFC 2822 format, but
# there are some combinations it can't handle. If the malformed headers are
# being made by some form of network appliance that you can't fix, report a
# bug to your vendor, and as a short-term fix set the score of ALL_TRUSTED to
# 0. However, realize that other problems may occur as a result of the
# mis-parsed headers and the root cause does need fixing.
#
#score ALL_TRUSTED 0
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
