exim linux

exim + spamassassin subject rewriting on symbiosis

One customer of mine has an Bytemark Symbiosis based exim mailserver which uses SpamAssassin. It works pretty well – however the :

rewrite_header Subject *****SPAM*****

directive in spamassassin (/etc/spamassassin/ seemed to be being ignored – and the only effect of the mail being classified as spam is/was a couple of additional headers added (X-Spam-Status: spam). For the customer in question this wasn’t of much use – as they’re reasonably non-technical and probably couldn’t create a client side mail filter. And they also thought the spamfiltering wasn’t working.

I found adding the following to /etc/exim4/system_filter results in the subject being appropriately modified :

if $h_X-Spam-Status: contains "spam"
    headers add "Old-Subject: $h_subject"
    headers remove "Subject"
    headers add "Subject: *** SPAM *** $h_old-subject"
    headers remove "Old-Subject"

And if you want to tag virus-ey emails … add this in as well :

# X-Anti-Virus: infected
if $h_X-Anti-Virus: contains "infected"
    headers add "Old-Subject: $h_subject"
    headers remove "Subject"
    headers add "Subject: *** VIRUS *** $h_old-subject"
    headers remove "Old-Subject"

Seeing as how that took about 2 hours to figure out – hopefully this will be of use to others.

I started looking at SpamAssassin and wondering why IT wasn’t doing it… I still don’t know why – but assume it’s an Exim ‘feature’.

4 replies on “exim + spamassassin subject rewriting on symbiosis”

Hi David

I expect that the SA wasn’t rewriting because it only gives the score back to Exim when the scan takes place, not a modified message.

The way you’ve done it is (probably) the only way that this is going to happen, barring individual filters for each mailbox.

Hope this makes sense!


Yes indeed – that’s what eventual Googling etc implied.

I’m used to a Postfix/Amavis style solution where SA isn’t as integrated; so found it a bit strange that Exim does things differently.

Thanks, this just helped me! (5 years on from your initial message). SA is so mis-leading with what it has in the file, as it leads you to believe *it* will rewrite the message :/

Leave a Reply

Your email address will not be published. Required fields are marked *