regexemailspamspam-preventionspamassassin

Spamassassin's custom rule (for subject line filtering) doesn't work


I'm setting up Spamassassin to use along isbg to filter mail in my IMAP mail account. My ISP already has a pretty good spam filter that adds "[SPAM]" in front of the subject line of each message it detects; thus, I'm setting up a custom rule in Spamassassin so that it adds a high score to any mail which Subject line starts with "[SPAM]". My user_prefs file is:

 required_score     9
 score HTML_COMMENT_8BITS   0
 score UPPERCASE_25_50      0
 score UPPERCASE_50_75      0
 score UPPERCASE_75_100 0
 score OBSCURED_EMAIL          0

 score SUBJ_ILLEGAL_CHARS      0

header SPAM_FILTRADO    Subject =~ /^\s*\[SPAM\]/
score  SPAM_FILTRADO    20

And yet, when I feed it a spam message to test it, it doesn't seem to trigger my rule. I feed it an email with this subject line, for example:

Subject: [SPAM] See Drone X Pro in action

And I analyse it in this way:

[paulo@myserver mails]$ spamc -R < spam7.txt 
9.3/9.0
Spam detection software, running on the system "myserver", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
@@CONTACT_ADDRESS@@ for details.

Content preview:  Big Drone Companies Are Terrified Of This New Drone That Hit
   The Market <http://www.fairfood.icu/uisghougw/pjarx44255sweouci/I31AAdtTTKmLsu_A6Dq7ZK_a47Ko45fCRXk7Fr9fqm4/BbYMgcZjieuj_YxMOSmnXetiI6e4Z37yS9H2zVIeHEilOpatuk8V8Mt0EtJDfLLE1llzj6MiwlLzR99DGODekcqeM7kn63lcFcp8fJutAsw>
   [...] 

Content analysis details:   (9.3 points, 9.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 2.4 DNS_FROM_AHBL_RHSBL    RBL: Envelope sender listed in dnsbl.ahbl.org
 2.7 RCVD_IN_PSBL           RBL: Received via a relay in PSBL
                            [193.17.4.113 listed in psbl.surriel.com]
-0.0 SPF_PASS               SPF: sender matches SPF record
 1.3 HTML_IMAGE_ONLY_24     BODY: HTML: images with 2000-2400 bytes of words
 0.0 HTML_MESSAGE           BODY: HTML included in message
 1.6 RCVD_IN_BRBL_LASTEXT   RBL: RCVD_IN_BRBL_LASTEXT
                            [193.17.4.113 listed in bb.barracudacentral.org]
 1.3 RDNS_NONE              Delivered to internal network by a host with no rDNS

There isn't anything about my rule.

I know that my user_prefs is being loaded because, after the section I pasted above, I have some email addresses set up in a whitelist, and when analysing emails coming from those addresses, Spamassassin correctly detects them.

What's wrong with my rule?


Solution

  • Spamassassin: Enabling custom rules in user_prefs

    Support for custom rules in user_prefs file is turned off by default.
    You may use item_allow_user_rules in global configuration to change it.