Mail::SpamAssassin - Spam detector and markup engine
my $spamtest = Mail::SpamAssassin->new();
my $mail = $spamtest->parse($message);
my $status = $spamtest->check($mail);
if ($status->is_spam()) {
$message = $status->rewrite_mail();
}
else {
...
}
...
$status->finish();
$mail->finish();
$spamtest->finish();
Mail::SpamAssassin is a module to identify spam using several methods including text analysis, internet-based realtime blocklists, statistical analysis, and internet-based hashing algorithms.
Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify "spam", also known as unsolicited bulk email. Once identified as spam, the mail can then be tagged as spam for later filtering using the user's own mail user agent application or at the mail transfer agent.
If you wish to use a command-line filter tool, try the spamassassin
or the spamd
/spamc
tools provided.
Constructs a new Mail::SpamAssassin
object. You may pass a hash reference to the constructor which may contain the following attribute- value pairs.
This is the debug options used to determine logging level. It exists to allow sections of debug messages (called "facilities") to be enabled or disabled. If this is a string, it is treated as a comma-delimited list of the debug facilities. If it's a hash reference, then the keys are treated as the list of debug facilities and if it's a array reference, then the elements are treated as the list of debug facilities.
There are also two special cases: (1) if the special case of "info" is passed as a debug facility, then all informational messages are enabled; (2) if the special case of "all" is passed as a debug facility, then all debugging facilities are enabled.
The filename/directory to load spam-identifying rules from. (optional)
The filename/directory to load site-specific spam-identifying rules from. (optional)
The filename to load preferences from. (optional)
The directory user state is stored in. (optional)
Set to 1
to recurse through directories when reading configuration files, instead of just reading a single level. (optional, default 0)
The text of all rules and preferences. If you prefer not to load the rules from files, read them in yourself and set this instead. As a result, this will override the settings for rules_filename
, site_rules_filename
, and userprefs_filename
.
Similar to config_text
, this text is placed before config_text to allow an override of config files.
Similar to config_text
, this text is placed after config_text to allow an override of config files.
If set to 1, DNS or other network tests will prefer IPv4 and not attempt to use IPv6. Use if the existing tests for IPv6 availability produce incorrect results or crashes.
For symmetry with force_ipv4: if set to 1, DNS or other network tests will prefer IPv6 and not attempt to use IPv4. Some plugins may disregard this setting and use whatever protocol family they are comfortable with.
If set to 1, init() will die if no valid rules could be loaded. This is the default behaviour when called by spamassassin
or spamd
.
If you want to be able to use the language-guessing rule UNWANTED_LANGUAGE_BODY
, and are using config_text
instead of rules_filename
, site_rules_filename
, and userprefs_filename
, you will need to set this. It should be the path to the languages file normally found in the SpamAssassin rules directory.
If set to 1, no tests that require internet access will be performed. (default: 0)
The option provides a way to avoid more expensive processing when it is known in advance that some information will not be needed by a caller.
A value of the option can either be a string (a comma-delimited list of tag names), or a reference to a list of individual tag names. A caller may provide the list in advance, specifying his intention to later collect the information through $pms->get_tag() calls. If a name of a tag starts with a 'NO' (case insensitive), it shows that a caller will not be interested in such tag, although there is no guarantee it would save any resources, nor that a tag value will be empty. Currently no built-in tags start with 'NO'. A later entry overrides previous one, e.g. ASN,NOASN,ASN,TIMING,NOASN is equivalent to TIMING,NOASN.
For backward compatibility, all tags available as of version 3.2.4 will be available by default (unless disabled by NOtag), even if not requested through need_tags option. Future versions may provide new tags conditionally available.
Currently the only tag that needs to be explicitly requested is 'TIMING'. Not requesting it can save a millisecond or two - it mostly serves to illustrate the usage of need_tags.
Example: need_tags => 'TIMING,noLANGUAGES,RELAYCOUNTRY,ASN,noASNCIDR', or: need_tags => [qw(TIMING noLANGUAGES RELAYCOUNTRY ASN noASNCIDR)],
If set to 1, any rule files found in the site_rules_filename
directory will be ignored. *.pre files (used for loading plugins) found in the site_rules_filename
directory will still be used. (default: 0)
If set to 1, the user preferences file will not be created if it doesn't already exist. (default: 0)
If set to 1, the patterns hit can be retrieved from the Mail::SpamAssassin::PerMsgStatus
object. Used for debugging.
If set, the HOME environment variable will be set to this value when using test applications that require their configuration data, such as Razor, Pyzor and DCC.
If set, the username
attribute will use this as the current user's name. Otherwise, the default is taken from the runtime environment (ie. this process' effective UID under UNIX).
If skip_prng_reseeding is set to true, the SpamAssassin library will not call srand() to reseed a pseudo-random number generator (PRNG). The srand() Perl function should be called during initialization of each child process, soon after forking.
Prior to version 3.4.0, calling srand() was handled by the SpamAssassin library.
This setting requires the caller to decide when to call srand(). This choice may be desired to preserve the entropy of a PRNG. The default value of skip_prng_reseeding is false to maintain backward compatibility.
This option should only be set by a caller if it calls srand() upon spawning child processes. Unless you are certain you need it, leave this setting as false.
NOTE: The skip_prng_reseeding feature is implemented in spamd as of 3.4.0 which allows spamd to call srand() right after forking a child process.
If none of rules_filename
, site_rules_filename
, userprefs_filename
, or config_text
is set, the Mail::SpamAssassin
module will search for the configuration files in the usual installed locations using the below variable definitions which can be passed in.
Used as the root for certain directory paths such as:
'__prefix__/etc/mail/spamassassin'
'__prefix__/etc/spamassassin'
Defaults to "@@PREFIX@@".
Location where the default rules are installed. Defaults to "@@DEF_RULES_DIR@@".
Location where the local site rules are installed. Defaults to "@@LOCAL_RULES_DIR@@".
Location of the local state directory, mainly used for installing updates via sa-update
and compiling rulesets to native code. Defaults to "@@LOCAL_STATE_DIR@@".
Parse will return a Mail::SpamAssassin::Message object with just the headers parsed. When calling this function, there are two optional parameters that can be passed in: $message is either undef (which will use STDIN), a scalar - a string containing an entire message, a reference to such string, an array reference of the message with one line per array element, or either a file glob or an IO::File object which holds the entire contents of the message; and $parse_now, which specifies whether or not to create a MIME tree at parse time or later as necessary.
The $parse_now option, by default, is set to false (0). This allows SpamAssassin to not have to generate the tree of internal data nodes if the information is not going to be used. This is handy, for instance, when running spamassassin -d
, which only needs the pristine header and body which is always parsed and stored by this function.
The optional last argument $suppl_attrib provides a way for a caller to pass additional information about a message to SpamAssassin. It is either undef, or a ref to a hash where each key/value pair provides some supplementary attribute of the message, typically information that cannot be deduced from the message itself, or is hard to do so reliably, or would represent unnecessary work for SpamAssassin to obtain it. The argument will be stored to a Mail::SpamAssassin::Message object as 'suppl_attrib', thus made available to the rest of the code as well as to plugins. The exact list of attributes will evolve through time, any unknown attribute should be ignored. Possible examples are: SMTP envelope information, a flag indicating that a message as supplied by a caller was truncated due to size limit, an already verified list of DKIM signature objects, or perhaps a list of rule hits predetermined by a caller, which makes another possible way for a caller to provide meta information (instead of having to insert made-up header fields in order to pass information), or maybe just plain rule hits.
For more information, please see the Mail::SpamAssassin::Message
and Mail::SpamAssassin::Message::Node
POD.
Check a mail, encapsulated in a Mail::SpamAssassin::Message
object, to determine if it is spam or not.
Returns a Mail::SpamAssassin::PerMsgStatus
object which can be used to test or manipulate the mail message.
Note that the Mail::SpamAssassin
object can be re-used for further messages without affecting this check; in OO terminology, the Mail::SpamAssassin
object is a "factory". However, if you do this, be sure to call the finish()
method on the status objects when you're done with them.
Check a mail, encapsulated in a plain string $mailtext
, to determine if it is spam or not.
Otherwise identical to check()
above.
Learn from a mail, encapsulated in a Mail::SpamAssassin::Message
object.
If $isspam
is set, the mail is assumed to be spam, otherwise it will be learnt as non-spam.
If $forget
is set, the attributes of the mail will be removed from both the non-spam and spam learning databases.
$id
is an optional message-identification string, used internally to tag the message. If it is undef
, the Message-Id of the message will be used. It should be unique to that message.
Returns a Mail::SpamAssassin::PerMsgLearner
object which can be used to manipulate the learning process for each mail.
Note that the Mail::SpamAssassin
object can be re-used for further messages without affecting this check; in OO terminology, the Mail::SpamAssassin
object is a "factory". However, if you do this, be sure to call the finish()
method on the learner objects when you're done with them.
learn()
and check()
can be run using the same factory. init_learner()
must be called before using this method.
Initialise learning. You may pass the following attribute-value pairs to this method.
Whether or not the code calling this method will take care of untie'ing from the Bayes databases (by calling finish_learner()
) (optional, default 0).
Should an expiration run be forced to occur immediately? (optional, default 0).
Should learning data be written to the journal, instead of directly to the databases? (optional, default 0).
Whether or not to wait a long time for locks to complete (optional, default 0).
During the opportunistic journal sync and expire check, don't actually do the expire but report back whether or not it should occur (optional, default 0).
If doing a learn operation, and the message has already been learned as the opposite type, don't re-learn the message.
Rebuild any cache databases; should be called after the learning process. Options include: verbose
, which will output diagnostics to stdout
if set to 1.
Finish learning.
Dump the contents of the Bayes DB
Signals that the current user has changed (possibly using setuid
), meaning that SpamAssassin should close any per-user databases it has open, and re-open using ones appropriate for the new user.
Note that this should be called after reading any per-user configuration, as that data may override some paths opened in this method. You may pass the following attribute-value pairs:
The username of the user. This will be used for the username
attribute.
A directory to use as a 'home directory' for the current user's data, overriding the system default. This directory must be readable and writable by the process. Note that the resulting userstate_dir
will be the .spamassassin
subdirectory of this dir.
A directory to use as a directory for the current user's data, overriding the system default. This directory must be readable and writable by the process. The default is user_dir/.spamassassin
.
Report a mail, encapsulated in a Mail::SpamAssassin::Message
object, as human-verified spam. This will submit the mail message to live, collaborative, spam-blocker databases, allowing other users to block this message.
It will also submit the mail to SpamAssassin's Bayesian learner.
Options is an optional reference to a hash of options. Currently these can be:
Inhibits reporting of the spam to DCC.
Inhibits reporting of the spam to Pyzor.
Inhibits reporting of the spam to Razor.
Inhibits reporting of the spam to SpamCop.
Revoke a mail, encapsulated in a Mail::SpamAssassin::Message
object, as human-verified ham (non-spam). This will revoke the mail message from live, collaborative, spam-blocker databases, allowing other users to block this message.
It will also submit the mail to SpamAssassin's Bayesian learner as nonspam.
Options is an optional reference to a hash of options. Currently these can be:
Inhibits revoking of the spam to Razor.
Previously add_address_to_whitelist which will work interchangeably until 4.1.
Given a string containing an email address, add it to the automatic welcomelist database.
If $cli_p is set then underlying plugin may give visual feedback on additions/failures.
Previously add_all_addresses_to_whitelist which will work interchangeably until 4.1.
Given a mail message, find as many addresses in the usual headers (To, Cc, From etc.), and the message body, and add them to the automatic welcomelist database.
If $cli_p is set then underlying plugin may give visual feedback on additions/failures.
Previously remove_address_from_whitelist which will work interchangeably until 4.1.
Given a string containing an email address, remove it from the automatic welcomelist database.
If $cli_p is set then underlying plugin may give visual feedback on additions/failures.
Previously remove_all_addresses_from_whitelist which will work interchangeably until 4.1.
Given a mail message, find as many addresses in the usual headers (To, Cc, From etc.), and the message body, and remove them from the automatic welcomelist database.
If $cli_p is set then underlying plugin may give visual feedback on additions/failures.
Previously add_address_to_blacklist which will work interchangeably until 4.1.
Given a string containing an email address, add it to the automatic welcomelist database with a high score, effectively blocklisting them.
If $cli_p is set then underlying plugin may give visual feedback on additions/failures.
Previously add_all_addresses_to_blacklist which will work interchangeably until 4.1.
Given a mail message, find addresses in the From headers and add them to the automatic welcomelist database with a high score, effectively blocklisting them.
Note that To and Cc addresses are not used.
If $cli_p is set then underlying plugin may give visual feedback on additions/failures.
Returns the text of the message, with any SpamAssassin-added text (such as the report, or X-Spam-Status headers) stripped.
Note that the $mail object is not modified.
Warning: if the input message in $mail contains a mixture of CR-LF (Windows-style) and LF (UNIX-style) line endings, it will be "canonicalized" to use one or the other consistently throughout.
Read a configuration file and parse user preferences from it.
User preferences are as defined in the Mail::SpamAssassin::Conf
manual page. In other words, they include scoring options, scores, welcomelists and blocklists, and so on, but do not include rule definitions, privileged settings, etc. unless allow_user_rules
is enabled; and they never include the administrator settings.
Read configuration parameters from SQL database and parse scores from it. This will only take effect if the perl DBI
module is installed, and the configuration parameters user_scores_dsn
, user_scores_sql_username
, and user_scores_sql_password
are set correctly.
The username in $username
will also be used for the username
attribute of the Mail::SpamAssassin object.
Read configuration parameters from an LDAP server and parse scores from it. This will only take effect if the perl Net::LDAP
and URI
modules are installed, and the configuration parameters user_scores_dsn
, user_scores_ldap_username
, and user_scores_ldap_password
are set correctly.
The username in $username
will also be used for the username
attribute of the Mail::SpamAssassin object.
Set the persistent address list factory, used to create objects for the automatic welcomelist algorithm's persistent-storage back-end. See Mail::SpamAssassin::PersistentAddrList
for the API these factory objects must implement, and the API the objects they produce must implement.
Compile all patterns, load all configuration files, and load all possibly-required Perl modules.
Normally, Mail::SpamAssassin uses lazy evaluation where possible, but if you plan to fork() or start a new perl interpreter thread to process a message, this is suboptimal, as each process/thread will have to perform these actions.
Call this function in the master thread or process to perform the actions straight away, so that the sub-processes will not have to.
If $use_user_prefs
is 0, this will initialise the SpamAssassin configuration without reading the per-user configuration file and it will assume that you will call read_scoreonly_config
at a later point.
If $keep_userstate
is true, compile_now() will revert any configuration options which have a default with __userstate__ in it post-init(), and then re-change the option before returning. This lets you change $ENV{'HOME'} to a temp directory, have compile_now() and create any files there as necessary without disturbing the actual files as changed by a configuration option. By default, this is disabled.
Output some diagnostic information, useful for debugging SpamAssassin problems.
Syntax-check the current set of rules. Returns the number of syntax errors discovered, or 0 if the configuration is valid.
Destroy this object, so that it will be garbage-collected once it goes out of scope. The object will no longer be usable after this method is called.
Find a rule-support file, such as languages
or triplets.txt
, in the system-wide rules directory, and return its full path if it exists, or undef if it doesn't exist.
(This API was added in SpamAssassin 3.1.1.)
Copy default preferences file into home directory for later use and modification, if it does not already exist and dont_copy_prefs
is not set.
Used for daemons to keep a persistent Mail::SpamAssassin object's configuration correct if switching between users. Pass an associative array reference as either $source or $dest, and set the other to 'undef' so that the object will use its current configuration. i.e.:
# create object w/ configuration
my $spamtest = Mail::SpamAssassin->new( ... );
# backup configuration to %conf_backup
my %conf_backup;
$spamtest->copy_config(undef, \%conf_backup) ||
die "config: error returned from copy_config!\n";
... do stuff, perhaps modify the config, etc ...
# reset the configuration back to the original
$spamtest->copy_config(\%conf_backup, undef) ||
die "config: error returned from copy_config!\n";
Note that the contents of the associative arrays should be considered opaque by calling code.
Return the list of plugins currently loaded by this SpamAssassin object's configuration; each entry in the list is an object of type Mail::SpamAssassin::Plugin
.
(This API was added in SpamAssassin 3.2.0.)
HTML::Parser
Sys::Syslog
See also <https://spamassassin.apache.org/> and <https://wiki.apache.org/spamassassin/> for more information.
Mail::SpamAssassin::Conf(3) Mail::SpamAssassin::PerMsgStatus(3) spamassassin(1) sa-update(1)
See <https://issues.apache.org/SpamAssassin/>
The SpamAssassin(tm) Project <https://spamassassin.apache.org/>
SpamAssassin is distributed under the Apache License, Version 2.0, as described in the file LICENSE
included with the distribution.
The latest version of this library is likely to be available from CPAN as well as:
<https://spamassassin.apache.org/>