SpamAssassin (now called Apache SpamAssassin) is a trusted computer program that uses a large set of rules and spam detection techniques to filter your mail. The highly configurable SpamAssassin can be run by individual users on their own mailbox or integrated with any mail program. It is included free of charge with cPanel.
SpamAssassin works by assigning rules based on regular expressions matching against the body or header of the message, along with other spam fighting techniques. Here’s some tips on getting the most out of SpamAssassin.
How to Blacklist or Whitelist in SpamAssassin:
Blacklisting blocks e-mail addresses, while whitelisting makes sure your legitimate mail doesn’t end up in spam. Here’s how to enable either:
1. Log in to your cPanel account.
2. Click the “SpamAssassin” icon.
3. Check that SpamAssassin is enabled.
4. Click “Configure SpamAssassin”.
5. Enter in specific addresses in the “blacklist_from” or “whitelist_from”. firstname.lastname@example.org, *@isp.com, or *.domain.net will all work.
Using SpamAssassin Score for Stricter Spam Fighting
The SpamAssassin score is the number of hits needed for mail to be considered spam. The lower the score, the stricter the settings. 5 is the recommended setting for spam, but if you’d like to be more strict, lower the number to 4. Make sure to decrease the number 1 digit at a time to avoid legitimate mail getting blocked. As you test the lower number then you can decrease it lower as needed.
Filter Foreign Language Spam
SpamAssassin treats all languages equally, but you can change the rule so that points are added to messages if it’s not a permissible language. To have SpamAssassin filter out mail for language:
Open /etc/mail/spamassassin/local.cf in cPanel File Manager or your favorite editor.
For example, to accept mail only in English, German, and Swedish, use “ok_languages en de sv”.
Cut Down on Memory
If SpamAssassin is killing your server, there are ways to cut down on that. Avoid large custom rules files as these can double or triple your memory usage. These in particular can hurt your server:
blacklist.cf (aka. sa-blacklist.cf)
blacklist-uri.cf (aka. sa-blacklist-uri.cf)
If you are use any of these rulesets, perhaps use SURBLs (Spam URI Realtime Blocklists) instead. SURBLs are blacklists of domains that don’t require large rulesets.
Experiencing False Positives?
SpamAssassin isn’t immune to false positives, but they do analyze the hit rates on each rule to maintain quality. Rules that hit non-spam receive low scores. So SpamAssassin suggests that you “examine exactly which rules were triggered. Take careful note of the _points_ listed beside each rule name — low-scoring rules do not make much of a difference; it’s the ones with high scores that need to be avoided.”
For more SpamAssassin tips, check out their Wiki page.
HostDime is a privately owned and operated global data center provider founded in 2001. HostDime offers managed cloud hosting services with fully supported amenities and web tools that have empowered users to do more on the cloud with affordable cost in mind. HostDime is globally recognized as an established, reliable, and trustworthy data center company in the industry.
Jared Smith is HostDime’s Content and SEO Strategist.