SpamAssassin Rules

The SpamAssassin system is software for analyzing email messages, determining how likely they are to be spam, and reporting its conclusions.
It is a rule-based system that compares different parts of email messages with a large set of rules.
Each rule adds or removes points from a message's spam score.
A message with a high enough score is reported to be spam.
The SpamAssassin system is a plugin of the Amavisd-New filter.
These rules must be set with Amavisd-New enabled service.

  • On Main Interface left menu, click on SpamAssassin Rules link.


  • A new table is displayed and list all available SpamAssassin rules.
  • Click on New rule.


  • Put a text inside the description field, the discription is important because you will be able to find rules with it.
  • Select the SMTP header that will be checked by the rule.
  • Define the rule in the Regex field using regular expressions.
  • Define the 4 scores.


About scores:

SpamAssassin performs its spam-checking by applying a series of tests to an email message.
Most tests examine the message headers or body for patterns that are suggestive of spam; others perform Internet lookups against network-based blacklists of IP addresses or checksums of spam messages.
Each positive test yields a score, and the sum of the scores is the total spam score of the message.

Most SpamAssassin tests consist of the same basic components:

  • A test name, consisting of up to 22 uppercase letters, numbers, or underscores.
    Names that begin T_ refer to rules in testing.

  • A more verbose description of the test, which is used in the reports generated by SpamAssassin.
    Typically, descriptions are up to 50 characters long.

  • An indication of where to look.
    Tests can be applied to the message headers only, the message body only, uniform resource identifiers (URIs) in the message body, or the complete message.
    When testing the message body, the body can be analyzed in its raw state, after MIME-decoding the text, or after MIME-decoding, stripping of HTML, and removal of all line breaks.

  • A description of what to look for.
    Tests can specify a header to check for existence, a Perl regular expression pattern to match, a DNS-based blacklist to query, or a SpamAssassin function to evaluate.

  • Optional test flags that control the conditions under which the test is applied or other exceptional features.

  • A score or scores for the test.
    Tests can have a single score that is always used, or they can have separate scores for messages that test positive under each of four conditions:
    1. When the Bayesian classifier and network tests are not in use
    2. When the Bayesian classifier is not in use, but network tests are
    3. When the Bayesian classifier is in use, but network tests are not
    4. When the Bayesian classifier and network tests are both in use
  • After added rules, click on "Build rules". Operation will restart the amavisd-new daemon and compile your SpamAssassin rules.