Getting Started

Upgrade SpamAssassin

We have updated SpamAssassin packages available for CentOS/Cloudlinux 7/8 servers. The repository was created for users who want to run the very latest SpamAssassin with Warden Anti-Spam and Virus Protection instead of the legacy SpamAssassin packages from their OS. If you are using CentOS/Cloudlinux 7/8 and would like this setup follow the directions below or open a support ticket in our client area and a technician can upgrade your SpamAssassin packages for you.

See: https://docs.danami.com/warden/basics/yum-repository

Configure Locale Settings

Specify which locales are considered OK for incoming mail. Mail using the character sets that are allowed by this option will not be marked as possibly being spam in a foreign language. If you receive lots of spam in foreign languages, and never get any non-spam in these languages, this may help.

  1. Navigate to Warden -> Settings -> Anti-spam Settings.
  2. Under Locale Settings select the locales you want to enable. Most users will only need Western character sets in general checked.
  3. Click the Update button to save your settings.

Configure Network Settings

  1. Navigate to Warden -> Settings -> Network Settings.
  2. Under Trusted Networks enter what networks or hosts are "trusted" in your setup. Trusted in this case means that relay hosts on these networks are considered to not be potentially operated by spammers, open relays, or open proxies. A trusted host could conceivably relay spam, but will not originate it, and will not forge header data. DNS blacklist checks will never query for hosts on these networks.
  3. Click the Update button to save your settings.

Configure the TextCat Plugin

  1. Navigate to Warden -> Plugin Settings and make sure that the TextCat plugin is enabled.
  2. Navigate to Warden -> Plugin Settings -> TextCat.
  3. Select the OK Languages you and your clients recieve and send email for.
  4. Click the Update button to save your settings.
  5. Click the Restart button to restart the anti-spam service.

Configure the RelayCountry Plugin

This plugin requires the Perl Module GeoIP2::Database::Reader (Spamassassin 3.4.2 or newer) or GeoIP (Spamassassin 3.4.1 or older).

  1. Navigate to Warden -> Plugin Settings and make sure that the RelayCountry plugin is enabled.
  2. Navigate to Warden -> Plugin Settings -> RelayCountry.
  3. Select the Bad relay countries for countries you and your clients would never expect to get email from.
  4. Click the Update button to save your settings.
  5. Click the Restart button to restart the anti-spam service.

Configure the URILocalBL Plugin

This plugin requires the Perl Module GeoIP2::Database::Reader (Spamassassin 3.4.2 or newer) or GeoIP (Spamassassin 3.4.1 or older).

  1. Navigate to Warden -> Plugin Settings and make sure that the URILocalBL plugin is enabled.
  2. Navigate to Warden -> Plugin Settings -> URILocalBL.
  3. Select the Bad URI countries or Bad URI continents for countries or continents that you and your clients would never expect links in emails to be hosted from (Selecting Africa and South America is a good start).
  4. Click the Update button to save your settings.
  5. Click the Restart button to restart the anti-spam service.

Configure the TesseractOcr Plugin

If your clients get image based spam then it is recommended to enable the TesseractOcr plugin.

  1. Navigate to Warden -> Plugin Settings and make sure that the TesseractOcr plugin is enabled.
  2. Click the Restart button to restart the anti-spam service.

Configure the DCC Plugin

DCC is not installed by default because it is not open source but is still highly recommended. We recommend that you install and setup DCC so that you can use it:

See: https://docs.danami.com/warden/user-guide/antispam-plugins/dcc

Configure PHP to track form mail

Warden can use the X-PHP-Originating-Script header to track all PHP based mail. Edit the PHP.ini for each version of PHP installed on the server and set mail.add_x_header = On

Edit: /opt/plesk/php/7.0/etc/php.ini

; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename
mail.add_x_header = On

Restart the PHP 7.0 FPM handler:

service plesk-php70-fpm.service restart

Open Razor, Pyzor, and DCC Firewall Ports (Done by the installer)

If you are using an external firewall then you will have to open ports on your firewall for the network tests:

  1. Razor requires that port 2703 TCP OUT be opened.
  2. Pyzor requires that port 24441 UDP IN / OUT be opened.
  3. DCC requires that port 6277 UDP OUT be opened.

Enable Spam Filtering on all accounts (optional)

If this is the first time running SpamAssassin and you want to enable spam filtering for all mailboxes on the server then run the following command:

for i in `mysql -uadmin -p\`cat /etc/psa/.psa.shadow\` psa -Ns -e "select concat(mail.mail_name,\"@\",domains.name) as address from mail,domains,accounts where mail.dom_id=domains.id and mail.account_id=accounts.id order by address"`; do /usr/local/psa/bin/spamassassin -u $i -status true ; done