message = Message headers fail syntax check
!verify = header_syntax
+ # Don't spamcheck big messages
+ accept
+ condition = ${if >{$message_size}{80k}}
+ add_header = X-Spam-Score: Message too big, not scanned.
- # require that there is a verifiable sender address in at least
- # one of the "Sender:", "Reply-To:", or "From:" header lines.
- deny
- message = No verifiable sender address in message headers
- !verify = header_sender
-
- # Mark messages with their spamscore and deny messages with a very high
- # score.
+ # Deny messages with a large spamscore. The threshold is set by
+ # spamassassin, see required_score in /etc/spamassassin/local.cf
deny
message = Message was classified as spam
- # Only scan messages that are small, since spam is hardly ever big (and
- # scanning big messages costs lots of resources
- condition = ${if <{$message_size}{80k}}
- # Check using spamassasin's default profile (the name "default" should just
- # be any non-existing profile to get the default configuration). This
- # condition will always succeed, since spam assassin is configured with a
- # very low (even negative) threshold.
- spam = default
- # Add spam headers (these will be added even when the next condition fails
- # and the message is not denied).
+ # Check using spamassasin, running as the "spamd" user.
+ spam = spamd
+ # Don't reject to some trusted hosts, since they will only generate
+ # useless delivery failures to innocent people. We check this after the
+ # spamcheck, so the next rule can still the spam headers properly.
+ !hosts = +dont_reject_spam_hosts
+
+ # Accept any other messages, but add spam headers.
+ accept
add_header = X-Spam-Score: $spam_score ($spam_bar)
add_header = X-Spam-Report: $spam_report
- # Reject any messages with a spam score of more than 20 ($spam_score_int is
- # $spam_score * 10). This is fairly high, but we don't like really
- # rejecting messages.
- condition = ${if >{$spam_score_int}{200}}
-
- # accept otherwise
- accept
# vim: set sts=2 expandtab sw=2 ai: