Spam Filter

To counter the deluge of junk email department users have been hit with recently, we have installed a new filtering program called SpamAssassin. Working with procmail, this package analyzes incoming email and searches for characteristics common to such nuisance messages, also known as "spam". To activate the software, if you don't already have a '.procmailrc' file in the home directory of your unix account, you should issue the following command:
cp   /ga/model/.procmailrc   ~
If you already have a .procmailrc file, then you should put the following lines of code at the beginning of your .procmailrc file (contact an admin if you need help):

#----------------------- Begin Code ----------------------- :0fw: spamassassin.lock | /usr/bin/spamc :0: * ^X-Spam-Status: Yes caughtspam #----------------------- End Code -------------------------

Essentially, the code activates SpamAssassin whenever an email is received and moves suspected spam to a folder called 'caughtspam'. You can read this caught mail by using the command:
mail   -f   ~/caughtspam
You can delete any or all of the spam in that file using the standard UNIX commands used in the mail program. If you spot any mail in that file that you do not consider spam, you can read it, and in the future add that address to your 'whitelist_from' lists in your user_prefs as described below. If you use pine as your mail reader and want to view your caughtspam as a pine folder, then modify your .procmailrc so that you precede 'caughtspam' with the actual path to your pine folders. E.g., if your home directory were /za/guest, then instead of 'caughtspam' you would have: /za/guest/mail/caughtspam When you receive your first email following the creation or modification of your .procmailrc file as described above, SpamAssassin will create a subdirectory called '.spamassassin' that will contain a file named 'user_prefs'. By editing this file, you can customize the spam filtering program to better fit your needs. Here is what a typical user_prefs file looks like:

# SpamAssassin user preferences file. See 'man Mail::SpamAssassin::Conf' for # details of what can be tweaked. #* #* Note: this file is never read by SpamAssassin. Instead, it will be copied #* to a user's home directory, allowing them to perform personalised #* customisation. If you want to make changes to the site-wide defaults, #* create a file in /etc/spamassassin or /etc/mail/spamassassin instead. ########################################################################### # How many hits before a mail is considered spam. # required_hits 5 # Whitelist and blacklist addresses are now file-glob-style patterns, so # "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work. # whitelist_from someone@somewhere.com # Add your own customised scores for some tests below. The default scores are # read from the installed spamassassin rules files, but you can override them # here. To see the list of tests and their default scores, go to # http://spamassassin.org/tests.html . # # score SYMBOLIC_TEST_NAME n.nn

A sample of the file ~/.spamassassin/user_prefs

Above are the default preferences for the program. SpamAsssassin works by running a series of tests on the email and assigns a certain amount of points for each test the message fails. If the total is at least 5 in this case, the email is considered to be spam. If you uncomment, i.e. remove the '#' sign in front of, the line containing 'required_hits' and change the number from 5 to say 7, you will tell SpamAssassin to be less strict in what it considers to be junk email. If SpamAssassin is mishandling certain messages, you can tell it to allow email from a particular address, or even an entire domain, to pass through the filter by using a 'whitelist_from' tag and entering in the appropriate email address (one address per line). A similar option is available to block messages getting through the filter by using the 'blacklist_from' tag. Lets take a look at a modified example of the user_prefs files:

# SpamAssassin user preferences file. See 'man Mail::SpamAssassin::Conf' for # details of what can be tweaked. #* #* Note: this file is never read by SpamAssassin. Instead, it will be copied #* to a user's home directory, allowing them to perform personalised #* customisation. If you want to make changes to the site-wide defaults, #* create a file in /etc/spamassassin or /etc/mail/spamassassin instead. ########################################################################### # How many hits before a mail is considered spam. required_hits 7 # Whitelist and blacklist addresses are now file-glob-style patterns, so # "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work. # whitelist_from someone@somewhere.com whitelist_from *@math.uchicago.edu whitelist_from rwthomas@math.princeton.edu blacklist_from *.amazon.com # Add your own customised scores for some tests below. The default scores are # read from the installed spamassassin rules files, but you can override them # here. To see the list of tests and their default scores, go to # http://spamassassin.org/tests.html . # # score SYMBOLIC_TEST_NAME n.nn

A modified ~/.spamassassin/user_prefs file

In the above preference file, I have told SpamAssassin to relax a little by bumping up the required_hits setting from 5 to 7 and to allow all email coming from any math.uchicago.edu account, or from my friend rwthomas at Princeton, using the whitelist_from tags. Also, any email from amazon.com will immediately be considered spam, using the blacklist_from tag.
Eventually, when you are satisfied that your caughtspam file is 100% spam (you should probably give it a few months to be on the safe side), you can change the line containing 'caughtspam' in your .procmailrc file to: /dev/null
After doing this, all e-mail recognized as spam by SpamAssassin will automatically by deleted as soon as it is received by our mail server, without your ever having to view it.