How to add spamassassin to your existing maildrop configuration

Well I stopped using greylisting as fighting method against SPAM. Instead I decided to start using SpamAssassin. I didn't want to force my mail server - postfix to communicate with spamd daemon via spamc client. So my solution is to check every message directly with spamassassin within maildrop and mailfilter message processing process. I have one user called vmail who owns all virtual mailboxes on filesystem. This is the only one user who can read¹ the .mailfilter file (one file with rules for all virtual mailboxes). Maybe this fact can be a disadvantage for someone, but I prefer this setup when server-side processing is set by administrator (the chosen one person responsible for that your e-mail corespondency will not end in purgatory because of bad setup).

¹ of course, root can read it too.

At first there is $MAILBOX variable definition in my .mailfilter

 
MAILBOX = "/dataspace/vmail/${2}/${3}/"
xfilter "/usr/bin/spamassassin"
 
if      ( ${1} == "niekto@niekde.sk" || ${1} == "asfethan@cyberasylum.eu" )
{
 
 

Following is xfilter - this keyworid causes maildrop to filter message through another program - spamassassin in this case.
The next is conditional block: if recipient is niekto@niekde.sk or asfethan@cyberasylum.eu, rules inside this conditional block will be processed.
Variables: ${1} means recipients whole address, ${2} is part after @ and ${3} is part before @.

Inside this conditional block at the end I added the following rule

 
        if      (/^X-Spam-Level: [\*]{5,}$/)
        {
                to "$MAILBOX/.Spam/"
        }
}
 
to $MAILBOX
 

which move message with X-Spam-level value equal to five or more asterisks to folder $MAILBOX/.Spam/
There is also end of the conditional block and to $MAILBOX sentence at the end of file which moves message unmatched by any of the rules to its mailbox.

How it works?

Maildrop processing .mailfilter file will execute spamassassin through pipe which returns modified message with added X-Spam headers. Afterwards you can create rules for filtering based on these headers.

Post Scriptum

As you can see, there is regular expression matching number of asterisks in header X-Spam-level. I decided to use this because I saw some examples on the internet where people were matching against pattern like \*\*\*\*\*.*$ which came funny to me. More appropriate concept is to use X-Spam-Status header and match against Yes word. There are score and required values in this header also. You can use them too. If score reaches the required value message will be considered as SPAM and it will get X-Spam-Status header set to Yes. You can configure the required value in spamassassin configuration file, usually /etc/spamassassin/local.cf