I was looking for a spam filter improvement for our on premise exchange server. The integrated spam protection is not really the best and Microsoft has a solution in form of its cloud services. If you don’t want that the only other solutions are other paid solutions or some kind of SMTP spam proxies.
None of those solutions were acceptable in my case. On github I found quite a few years old solution. It is exactly what I was looking for a Spammassasin agent for exchange. Basically it is a open source spam filter.
I forked the solution, added the required Microsoft.Exchange.Data.Common.dll and Microsoft.Exchange.Data.Transport.dll from my exchange edge server. I had 15.1.2507.6.
The new dlls that were added required framework 4.6.2. After that the project compiled without any errors.
On the repositor main page is also a link to install instructions but it is dead. While browsing trough all the files I found out that the author of the code has even made an power shell script for installation.
I made some changes to the installation script later. Added the new exchange version, added srvany-ng (which is requiered by the spamassassin daemon)
I noticed that the windows precompiled version of spamassasin gets downloaded from a commercial spam provided solution that uses it 😉
Had to make some to the spamassasin config as it was not adding the X-Spam-Score tag but was using the X-Spam-Level tag.
These 2 lines to local.cf fixed the issue
add_header all Score _SCORE_
remove_header all Level
The only other thing I changed was in the SpamassasinConfig.xml.
The RejectTreshold value of 10 was a bit low for my taste.
<SpamassassinSettings>
<SpamassassinPath>C:\Program Files (x86)\SpamAssassin\spamc.exe</SpamassassinPath>
<SpamassassinArgs></SpamassassinArgs>
<RejectThreshold>20</RejectThreshold>
<LogLevel>4</LogLevel>
<MaxMessageSize>104857600</MaxMessageSize>
<SkipRecievedHeaders>1</SkipRecievedHeaders>
</SpamassassinSettings>This is how an example header looks like
X-Spam-Checker-Version: SpamAssassin 3.4.4 (svnunknown) on your.server
X-Spam-Flag: YES
X-Spam-Status: Yes, score=7.5 required=5.0 tests=HTML_MESSAGE,MIME_HTML_ONLY,
NO_RECEIVED,NO_RELAYS,SPF_FAIL,SUBJ_ALL_CAPS,URIBL_ABUSE_SURBL,
URIBL_BLOCKED,URIBL_DBL_BLOCKED_OPENDNS,URIBL_ZEN_BLOCKED_OPENDNS,
URI_PHISH autolearn=no autolearn_force=no version=3.4.4
X-Spam-Discard: YES
X-Spam-Score: 7.5
You can see that X-Spam-Discard: YES tag is added by the agent when the score is larger than 2. In the config that is 20. Based on those headers you are able to make some nice mail flow rules. If you want to add some more custom tags check the spamassasin configuration manual
this one moves the detected spam mails to the spam folder if your server is so configured
Now you have a nice spam filter agent which is nicely configurable. One of the best features of spamassasin is also the DKIM signature validation ability. A feature that is on a stale branch of the otherwise excellent Exchange DKIM Signer
X-Spam-Status: No, score=1.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
HTML_FONT_LOW_CONTRAST,HTML_MESSAGE,KHOP_HELO_FCRDNS,MIME_HTML_ONLY,
PDS_RDNS_DYNAMIC_FP,RDNS_DYNAMIC,SPF_HELO_NONE,URIBL_BLOCKED,
URI_TRUNCATED autolearn=no autolearn_force=no version=3.4.4
X-Spam-Score: 1.0This is an example of a failed dkim test
Here is the link to my github fork. I added all the changes described above in it and some more. I plan to add new versions to github when I upgrade my edge server. Maybe if I find the time I will write an agent for virus scanning or modify this one 😉
shubell's blog 