How to create custom SpamC rules
Added almost 2 years ago
MailCleaner uses SpamAssassin to establish a spam score for each mail.
Creating a custom rule should be done carefully. For example creating too much rules will slow down your MailCleaner server performances. Some kind of rules (regexp) may also decrease your server performance, so please be careful if you choose to add a custom rule.
You should create a new rule in the two following cases:
- adding rules
- overcharging an already existing rule
Where do I write rules?¶
To add rules, you need to create a file like
with a prefix
99_custom_rules_ and a
.cf extension ( necessary for spamassassin to see the file as a rules file), for example
/usr/mailcleaner/share/spamassassin/99_custom_rules_phishing.cf /usr/mailcleaner/share/spamassassin/99_custom_rules_invoice.cf /usr/mailcleaner/share/spamassassin/99_custom_rules_mailcleaner.cf
The files are read in an alphanumerical order, meaning
70_*.cf will be read before
99_*cf. Ensure that your custom rule files have this prefix so that the previous rules are overridden if you want it to.
Modifying the score of a rule¶
If you want to change the score applied by a given rule, you can add to your file:
score RULE <score>
RULE being the name of the rule you want to overload (Can be found in the
X-MailCleaner-SpamCheck header of the mail, under the
SpamC section) and
<score> the new score value.
For example, to set the rule
MC_TEST to set a score of 2.4, write
score MC_TEST 2.4
Adding new rules¶
Those rules are SpamAssassin rules. The complete rule writing documentation can be found on the official SpamAssassin website: https://wiki.apache.org/spamassassin/WritingRules
Testing the rules¶
To test rules, you need the original mail on the mailcleaner. You can then test a specific rule file (and standard rules) against this email using
/usr/local/bin/spamassassin -p rules_file.cf < email
You can also simulate the real MailCleaner scan by testing against all the rules
/usr/local/bin/spamassassin --siteconfigpath=/usr/mailcleaner/share/spamassassin/ < email
Applying the rules to MailCleaner¶
You must copy the new rules on each and every MailCleaner of yours.
When ready, please restart your filtering engine in
Monitoring -> status