Mailing List Archive

On Fri, 2022-04-22 at 09:20 -0400, Michael Grant wrote:
> Is there some way to run spamassassin with only a specific set of
> rules and scores?
>
If I'm trying to target specific specific sorts of spam I write rules
that sort of follow these guidelines:

- their rule names all start with my initials followed by an underscore.
followed by something specific, e.g XXX_FAKE_INVOICE. Any subrules
append a number to this name: XXX_FAKE_INVOICE2

- if a subrule will always be part of a more complex rule, i.e. linked
in with a meta-rule it will initially be named as described and only,
when debugged and working will its name be changed to, say,
__XXX_FAKE_INVOICE2 
to stop subriule names from cluttering the header area of processed
messages.

- these rules don't reference any standard rules

The result of the above is that it doesn't matter whether other rules
also run because I can see exactly which part(s) of my rules are firing
and know they won't be affected by any other rules because there are no
references to any standard rules or (usually) to my other self-developed
rules: naming rules, if done carefully, is as good a way as any to
isolate your own rules from the standard rule set and/or any others
you've found or been given.

I do all rule development on a separate machine, which also has SA
installed. This is configured so it only runs when triggered by a shell
script. This starts SA, pipes a set of test messages into it, and stops
SA when all test messages have been run. SA's output is sent to stdout
so it can be inspected using 'less', filtered with grep to only show
output from my rules or however else I want to handle it to make it more
readable.

When I'm happy with a new rules its gets put live by ftping the .cf file
containing it to the live machine's repository and restarting the live
SA daemon to pick up the new rule(s). Last, but not least, all my
private rules are put under version control in a git repository.

HTH
Martin

On 2022-04-22 at 09:20:17 UTC-0400 (Fri, 22 Apr 2022 09:20:17 -0400)
Michael Grant <mgrant@grant.org>
is rumored to have said:

> Is there some way to run spamassassin with only a specific set of rules and scores?
>
> I've tried putting the rules in a rules.cf file and running spamassassin like:
>
> spamassassin -t -p rules.cf < test.eml
>
> but it runs all the rules including theones in rules.cf

Correct. The -p option loads a file in 'user prefs' mode, which is supplementary to the base config and cannot change some settings.

> I've tried changing the config path with -C so it doesn't pick up the
> other cf files but this breaks things.

Correct. The -C flag replaces the "LOCAL_STATE_DIR" setting, which is the top of the versioned tree into which sa-update loads rules channels. Typically something like /var/lib/spamassassin/3.004006/ or /var/db/spamassassin/3.004006/ with $channelname.cf files that contain include directives for files in $channelname/ subdirectories. There MUST be at least one *.cf file in the LOCAL_STATE_DIR or spamassassin will exit with a message telling you to run sa-update. Note that the default config settings and utility subrules are defined in the rules channel, so if you run SA with an empty .cf there, you may have unexpected results.

In addition to -C pointing to a directory with some *.cf (maybe empty!) you can use '--siteconfigpath=path' to change where spamassassin looks for your *.pre files and your local.cf file.


--
Bill Cole
bill@scconsult.com or billcole@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire