Panix Help System - SpamAssassin for experts

Panix Help System -- SpamAssassin Pro

This is for folks who are already familiar with SpamAssassin but want to know how to use it at Panix.

You already know about the SpamAssassin web page at http://www.spamassassin.org/. Here's what you have to keep in mind:

SpamAssassin is third-party software. Upgrades may result in changes in the point value of any of the rules. (We make occasional local changes, but they are rare.) We advise users to whitelist addresses they wish to protect.

We have a shared filter rule set up at
/net/local/filters/rc.spamassassin
that you can include in your .procmailrc file with this line:
INCLUDERC=/net/local/filters/rc.spamassassin

We strongly urge you to use /usr/local/bin/spamc rather than /usr/local/bin/spamassassin because the latter is very costly in terms of system resources. If you cannot use spamc, and if your invocation of spamassassin becomes a system hog, we'll require you to modify it and perhaps shut it down.

It is inadvisable to use SpamAssassin's built-in blacklist feature for spam addresses for (at least) two reasons:
- Spammers use throw-away addresses, often forging legitimate user addresses (from one domain or another) into the headers of the mail they send out. You won't reduce your spam load by filtering on these addresses because they're generally used only once, and you risk blacklisting people you want to hear from.
- Blacklisting in SpamAssassin generally causes the user_prefs file to grow very large. A large user_prefs file is extremely uneconomical for the system to process.
  SpamAssassin does not work with a user_prefs file longer than 1024 lines.
  It is possible to use separate procmail rules blacklist addresses, and you might want to consider doing this instead of running your blacklist or whitelist directly from SpamAssassin.

Just as you can blacklist by using procmail recipes, you can also whitelist (i.e. protect) addresses in procmail. If you do this, you can protect messages by Subject: line (or any other characteristic you choose) as well as by address. It's handy to set up a special file of procmail recipes that you invoke in .procmailrc with an INCLUDERC line. Just make sure that you put that line ahead of the INCLUDERC that invokes SpamAssassin or your effor to whitelist will be in vain.
Suppose your set of rules for procmail whitelisting is in a file called $HOME/.procmail/rc.whitelist; you might have these lines (in this order) in your .procmailrc file:
INCLUDERC=.procmail/rc.whitelist INCLUDERC=/net/local/filters/rc.spamassassin

We don't support sa-learn because it doesn't run with our spamc and spamd setup. Running /usr/local/bin/spamassassin is too expensive for us to enable this, as the many users who would then run the standalone program would overload the system.

The master list of SpamAssassin tests and their default values:
http://www.spamassassin.org/tests.html
Panix uses the "net" numbers, so if a particular test has four different default numbers on the list, Panix uses the second number on the list.

The SpamAssassin manpages:
spamassassin(1), spamc(1), and Mail::SpamAssassin::Conf(3) (user_prefs config)

The spamassassin.org README file offers additional documentation (some of it relevant and some not).