Spamassassin and sa-update

Sa-update replaces Rules-Du-Jour providing fresh spam rules to spamassassin in a similar way that freshclam provides viri updates to ClamAV.
Presumably Spamassassin is installed but if it isn't:

yum install spamassassin*

This will install the main package plus the seperate tools package.
Some of the plug-ins require specific perl modules so the following might help depending on the plug-ins you use:

yum install perl-Mail-SPF* perl-IP-Country perl-Razor-Agent perl-Net-Ident perl-Mail-DKIM perl-Mail-DomainKeys perl-Encode-Detect perl-HTML-Parser perl-Net-DNS perl-Digest-SHA1 perl-Archive-Tar perl-IO-Zlib perl-IO-Socket-SSL perl-DBI perl-DBD-MySQL
yum install gocr poppler-utils
yum install netpbm gifsicle giflib ocrad perl-String-Approx perl-Time-HiRes

With the latest versions of spamassassin sa-update is pre-installed so to get the ball rolling you need to:

sa-update -D

After this you should find a new directory related to your spamassassin version in:

ls /var/lib/spamassassin 

drwxr-xr-x  3 root root 4096 Apr 25 23:49 3.001009

 In this directory is stored any sa-update channels you have configured. By default the main spamassassin updates channel is used but it is also possible to add others.
The OpenProtect channel:

 SARE Channel by
Details for using OpenProtects SARE channel are available here. I preferred this to the Dostech one below

cd /root
gpg –keyserver –recv-keys BDE9DC10
gpg –armor -o pub.gpg –export BDE9DC10
sa-update –import pub.gpg

Then just proceed with the cron script which will use sa-update to fetch new channel updates.

Now add the SARE (Spam Assassin Rules Emporium) channel to sa-update (courtesy of Daryl O'Shea):

mkdir /var/lib/spamassassin/3.001009/

Download the GPG key used to sign files in these channels from:


Import the GPG key used for these channels (downloaded above):

    sa-update –import GPG.KEY

vi /var/lib/spamassassin/sare-sa-update-channels.txt

  Note: You should also add the default update channel ""
    to the channel file you create.  Currently SpamAssassin requires you
    to use updates from the default channel if you use any other channels.
    If you do not add the default channel to the channel file you MUST
    also run sa-update without the –channelfile option at least once.
Some of these dostech channels are duplicates of some of the openprotect ones.

Cron Jobs for sa-update channels:
# vi /etc/cron.daily/

# This cron job will update the dostech channels but also the standard SA updates channel
sa-update -D –channelfile /var/lib/spamassassin/sare-sa-update-channels.txt –gpgkey 856AA88A 2>&1 | tee -a /var/log/sa-update-dostech.log

# vi /etc/cron.daily/

sa-update -D –allowplugins –gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 –channel 2>&1 | tee -a /var/log/sa-update-openprotect.log

After updating the rules Spam Assassin needs restarted. To check rule syntax you can also use: spamassassin –lint
# vi /etc/cron.daily/

/etc/init.d/spamassassin restart > /var/log/sa-update-restart.log

Make the files executable and run them manually once to ensure they work as expected, from then on the sa-update rules should be updated daily.


2 Responses to “Spamassassin and sa-update”

  1. locutus

    How did you get the dostech rules to go into the directory you created? Mine ended up a level higher.


Leave a Reply

  • (will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>