How to add rules to SpamAssassin

These are additional rulesets you can add to SpamAssassin to help improve spam detection. Please review each rule before you implement this.
Please note: I have removed the sa-blacklist rules as they can cause memory issues. Please see

First we need to choose a backup path. This path should reside outside the standard spamassasssin directory. Lets use /usr/local/etc/mail/spambackup

# mkdir /usr/local/etc/mail/spambackup

Now lets copy all the files that are in the /usr/local/etc/mail/spamassassin folder. We want to preserve the file history in this case.

# cd /usr/local/etc/mail/spambackup
# cp -Rp /usr/local/etc/mail/spamassassin/ /usr/local/etc/mail/spambackup

We will add rules that are no longer updated and then we will add a script to update additional rules. First we need to fetch the rules along with the cfupdates script:

# mkdir ~root/rules
# cd ~root/rules
# fetch
# tar zxvf cfupdates2.tgz
# rm cfupdates2.tgz

Now lets copy over the non-updated rules to the spamassassin folder first:

# cp -Rp ~root/rules/*.cf /usr/local/etc/mail/spamassassin
# rm *.cf

Now you will want to copy the cfupdates to a bin folder. I keep mine in ~root/bin so lets use that. Feel free to use any path you choose.

# mkdir ~root/bin
# cp ~root/rules/ ~root/bin
# cd ~root/bin
# chmod 755

Here is my crontab entry to run at 3AM every day. It is not advised to run this script than any more than once in a 24 hour period.

0 3,15 * * * ~root/bin/ > /dev/null 2>&1

Additional notes:

If you are using bayes this script will also backup your bayes folder. Run the following first

# mkdir /usr/local/etc/mail/spambackup/.spamassassin

Uncomment the two bayes sections in

You can also add your own rules. I provided as an example. Take a look at the following:

body WEEKLY_STOCK_SPAMS /\bWeekly Stock Report\b/i
describe WEEKLY_STOCK_SPAMS This is a Stock Spam

The first section you need to give a description which is part of the score and describe. This needs to be the same in all 3 sections. The next part in the body /\bWeekly Stock Report\b/i
is what you want to "tag" for spamassassin to see.
The score is what you need to determine. If you're using sa-delete please take this into account.
The last section is just the description of the rule. That's all there is to scoring a message.

You can also additional rules from the /usr/ports/mail/spamass-rules port. Just run make installl clean.

More rules are located here:

Special thanks to Steve Donohue