I'm a little late stepping in on this and it seems the original email
was deleted from my mail box by mistake. As everyone has saids, yes you
can use spam assassin on a separate server. I do that right now and it
works pretty well. It's also pretty slick because I have it setup not
only to filter SPAM only for the domains I tell it but also only for
specific email accounts I tell it to.
In your primary zone file set up two MX records for the domain. 10 goes
to the spam server, 2o goes straight to the mail machine.
On the server that is running spam assassin I have it setup with Exim
4.67, SA 3.2.2, ClamAV .091.2, Bind 9.3.3
* Create a user equal to the domain. So domain.com is user domaincom.
For me the user dir is /home/sa-users/domaincom
* In the home dir setup a directory for each account you want to run
along with a 0 byte file called "spamcheck" so you end up with something
like /home/sa-users/domaincom/tom/spamcheck
* I add all the domains I'm accepting mail for in /etc/exim/domains
* I add all the domains I'm filtering for in /etc/exim/sa-list
* I create a zone file in /var/named with the following two lines. In my
resolv.conf I have it looking at the local machine only.
IN MX 10 mail.domainnamehere.com.
mail IN A 1.1.1.120
My exim.conf Router and Transport for SA looks like this:
Router:
# SpamAssassin
spamcheck_router:
driver = accept
no_verify
check_local_user = false
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
condition = "${if and { {!def:h_X-Spam-Flag:} {!eq
{$received_protocol}{spam-scanned}}} {1}{0}}"
require_files = /mail/${domain}/spamassassin/${local_part}/spamcheck
transport = spamcheck
# Only send mail for our domains
lookuphost:
driver = dnslookup
domains = /etc/exim/domains
transport = remote_smtp
no_more
Transport:
spamcheck:
driver = pipe
command = /usr/local/exim/bin/exim -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/spamc -u
${lookup{$domain}lsearch*{/etc/exim/sa-list}{$value}}
home_directory = /tmp
current_directory = /tmp
# must use a privileged user to set $received_protocol on the way
back in!
user = exim
group = exim
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
Basically it accepts the mail for the domain, if it's supposed to check
it for SPAM it does, all mail is scanned for viruses. I automatically
drop anything with .vbs .scr or other types of attachments and then it
sends the mail onto my mail server or what ever other mail server I
specify for the domain in the local zone file. I have clients running in
house email servers but I scan for viruses and spam before delivering it
on to them. The other beauty is if the main mail server(s) go down, the
spam server will hold the message in queue until the server(s) are
responding again. I hold messages for 14 days before thawing and dumping
them.
Oh and finally, once SA scans email once for the domain it puts the
user_prefs file in /home/sa-users/domaincom/.spamassassin
Hope this helps.
--
Tom Ray
Cheif Operations Officer
Detroit Online
DSL * VoIP * Networking * Email * Hosting * Programming
http://www.detroitonline.com
Toll Free: 888-235-6817 x202
Outside US: 313-887-0805 x202
Fax: 313-887-8321
