Skip to content

SpamAssassin: fix the documentation #2833

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
squioc wants to merge 2 commits into
base: main
Choose a base branch
from
Open

SpamAssassin: fix the documentation #2833

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
99cc69c
fix(SpamAssassin): fix the documentation
squioc Feb 26, 2026
b6fc4b0
Update docs/integration/categories/email/spamassassin.md
squioc Feb 26, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 33 additions & 31 deletions docs/integration/categories/email/spamassassin.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,36 +61,38 @@ This setup guide will show you how to forward logs produced by your SpamAssassin

#### Detailed Procedure:

1. **Install and Configure Rsyslog:**
- Ensure that the `rsyslog` package is installed on your server.
- Load the `imfile` module to read log files:

```bash
$ModLoad imfile
```

2. **Configure Rsyslog to Monitor SpamAssassin Log Files:**
- Add the following configuration to your `rsyslog` configuration file (usually found in `/etc/rsyslog.conf` or `/etc/rsyslog.d/`):

```bash
$InputFileName /var/log/spamd.log
$InputFileStateFile stat-apache-spamassassin
$InputFileSeverity notice
$InputFileFacility local5
$InputFilePollInterval 1
$InputRunFileMonitor
```

3. **Forward Logs to a Concentrator:**
- Configure rsyslog to forward logs to a syslog concentrator:

```bash
*.* action(type="omfwd"
target="<Concentrator_FQDN_or_IP>"
port="<Remote_Port>"
protocol="tcp"
TCP_Framing="octet-counted"
)
1. **Install Rsyslog:**
- Ensure that the `rsyslog` package is installed on your server.

2. **Create a dedicated configuration**
- Add a dedicated configuration file for SpamAssassin logs in `/etc/rsyslog.d/18-spamassassin.conf`:

```text
module(load="imfile" PollingInterval="5")
module(load="omfwd")

input(
type="imfile"
File="/var/log/spamd.log"
Facility="local5"
Severity="notice"
StateFile="stat-apache-spamassassin"
PersistStateInterval="200"
Ruleset="spamassassin-logs"
)

ruleset(name="spamassassin-logs") {
# Forward to remote concentrator
action(
type="omfwd"
target="CONCENTRATOR_FQDN_OR_IP"
port="REMOTE_PORT"
protocol="tcp"
TCP_Framing="octet-counted"
)
# Prevent further processing of these messages
stop
}
```

!!! Note
Expand All @@ -113,4 +115,4 @@ This setup guide will show you how to forward logs produced by your SpamAssassin
## Further readings

- The code of the Intake format is available [here](https://github.com/SEKOIA-IO/intake-formats/tree/main/SpamAssassin).
- [SpamAssassin documentation](https://spamassassin.apache.org/)
- [SpamAssassin documentation](https://spamassassin.apache.org/)
Loading