# /etc/default/spamassassin
# Duncan Findlay
 
# WARNING: please read README.spamd before using.
# There may be security risks.
 
# Change to one to enable spamd
ENABLED=1
 
# Options
# See man spamd for possible options. The -d option is automatically added.
 
# SpamAssassin uses a preforking model, so be careful! You need to
# make sure --max-children is not set to anything higher than 5,
# unless you know what you're doing.
 
OPTIONS="-m 2 -c -u spamd -l --socketpath=/var/run/spamd.sock --siteconfigpath=/etc/spamassassin"
 
# Pid file
# Where should spamd write its PID to file? If you use the -u or
# --username option above, this needs to be writable by that user.
# Otherwise, the init script will not be able to shut spamd down.
PIDFILE="/var/run/spamd.pid"
 
# Set nice level of spamd
NICE="--nicelevel 15"
 
# Cronjob
# Set to anything but 0 to enable the cron job to automatically update
# spamassassin's rules on a nightly basis
CRON=1

# How many hits before a message is considered spam.
required_score           5.0                        
 
# Whether to change the subject of suspected spam
rewrite_header Subject ****SPAM****(_SCORE_)     
 
# Encapsulate spam in an attachment
report_safe             0          
 
#   Set which networks or hosts are considered 'trusted' by your mail
#   server (i.e. not spammers)                                       
#                                                                    
#trusted_networks 127.0.0.0/8                                        
 
# Add report into headers
add_header spam Report _REPORT_
add_header spam Flag _YESNOCAPS_
add_header all Status _YESNO_, hits=_HITS_ required=_REQD_ tests=_TESTSSCORES(,)_ bayes=_BAYES_ autolearn=_AUTOLEARN_
 
add_header all Level _STARS(*)_
add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_
 
# Set file-locking method (flock is not safe over NFS, but is faster)
 
lock_method flock
allow_user_rules 1
 
rbl_timeout 4
ok_locales all
dns_available yes
#auto_whitelist_factor 0.03
whitelist_to root@*        
whitelist_to abuse@*       
whitelist_from root@*      
whitelist_from postmaster@*
 
#bayes konfiguration
use_bayes 1         
bayes_journal_max_size 15000000
bayes_expiry_max_db_size 20000000
bayes_auto_learn       1         
bayes_learn_to_journal 1         
bayes_ignore_header Return-Path  
bayes_ignore_header Received     
bayes_ignore_header X-Spam-Flag  
bayes_ignore_header X-Spam-Status
bayes_ignore_header X-Spam-Flag  
bayes_ignore_header X-Spam-Level 
bayes_ignore_header X-purgate    
bayes_ignore_header X-purgate-ID 
bayes_ignore_header X-purgate-Ad 
bayes_ignore_header X-GMX-Antispam
bayes_ignore_header X-Resent-For
bayes_ignore_header X-Resent-By
bayes_ignore_header X-Resent-To
bayes_ignore_header Resent-To
bayes_ignore_header Sender
bayes_ignore_header Precedence
bayes_ignore_header X-Antispam
bayes_ignore_header X-Sieve
bayes_ignore_header X-Spamcount
bayes_ignore_header X-Spamsensitivity
bayes_ignore_header To
bayes_ignore_header X-Sieve
bayes_ignore_header X-WEBDE-FORWARD
 
#pyzor konfiguration
pyzor_max 3
 
# Andere Module benutzen
skip_rbl_checks 0
use_razor2 1
use_pyzor 1
 
#bayes punkte
score BAYES_00 -6.1
score BAYES_20 -2.0
score BAYES_40 -0.3
score BAYES_50 0.01
score BAYES_60 1.0
score BAYES_80 3.1
score BAYES_99 7.2
 
#razor punkte
score RAZOR2_CHECK 1.8
score RAZOR2_CF_RANGE_51_100 2.7
 
#dcc punkte
#score DCC_CHECK 4.9
 
#pyzor punkte
#score PYZOR_CHECK 4.8
# TVD_SPACE_RATIO ist zu hoch und wird beim phpBB3 immer gesetzt
score TVD_SPACE_RATIO 0
# Fehler seit 2010 siehe
# http://wiki.apache.org/spamassassin/Rules/FH_DATE_PAST_20XX
score FH_DATE_PAST_20XX 0.0
 

# Modify Subject line with a header ala spamassassin with rewrite_subject on
# You'll want to add a trailing space before the old subject
SUBJECTHEAD="****VIRUS**** "
 
# Configure your full path to clamscan or clamdscan
# (If you use clamdscan, see the README for directions)
CLAMSCAN=/usr/bin/clamscan
 
# Configure options passed to clamscanner
CLAMSCANOPT="--no-summary --stdout"
 
# Configure flag to add clamscanner to version header
ADDSCANNERFLAG=1
 
# Configure whether or not the virus signature version is added
# Default: 0.80 and higher: off, others: on
SIGVERSFLAG=0
 

#DROPPRIVS=yes
# Schalte mal zur Probe das Logfile ein
LOGFILE=/var/log/procmail
VERBOSE=ON
LOGABSTRACT=all
SHELL=/bin/sh
SENDMAIL="/usr/sbin/sendmail"
SENDMAILFLAGS="-oi -t"
# Fals du dovecot verwendest
#DELIVER="/usr/lib/dovecot/deliver -e -d ${LOGNAME}"
DEFAULT="$HOME/Maildir/"
LOG="--- Logging for ${LOGNAME}, "
SPAMDIR="$HOME/Maildir/.Spam/"
TRASHDIR="$HOME/Maildir/.Trash/"
 
# Zuerst pruefen, ob es ein subject gibt
:0 H
* !^Subject:
{
LOG="No Subject. "
:0 fhw
| /usr/bin/formail -I "Subject: Warning: without Subject!"
}
 
:0 H
* !^X-Virus-Checker
# Virus Scanner anwerfen
{
:0 fw
| /usr/bin/clamassassin
}
 
:0 H
#Nicht mehr scannen wenn schon auf eurem Server gescannt
* !^X-SPAM-CHECKER-VERSION: SpamAssassin
{
:0 fw
# Ist die nachricht kleiner als 250KB
# (250 * 1024 = 256000 bytes) durch spamc leiten
* < 256000
| /usr/bin/spamc --socket=/var/run/spamd.sock -t 30 -u ${LOGNAME}
}
 
# Work around procmail bug: any output on stderr will cause the "F" in "From"
# to be dropped.  This will re-add it.
:0 H
* ! ^From[ ]
* ^rom[ ]
{
LOG="*** Dropped F off From_ header! Fixing up. "
:0 fhw
| sed -e 's/^rom /From /'
}
 
# procmailrc des Benutzers laden
INCLUDERC="$HOME/.procmailrc"
LOG="---- POST ${LOGNAME} wird zugestellt ---- "
 
# Das Ergebnis der Zustellung wird geloggt:
#
:0 w
# Fals du dovecot verwendest
#| $DELIVER
EXITCODE=$?

procmail  unix  -       n       n       -       15       pipe
   flags=R user=nobody argv=/usr/bin/procmail -t -o SENDER=${sender} -m USER=${user} EXTENSION=${extension} -m /etc/procmailrc ${sender} ${recipient}