Jul 30

Configuring Exim4 with spamassassin and sa-exim on debian against spam

Category: Linux   — Published by goeszen on July 30, 2012 at 8:54 pm

In this post we learn how to configure exim4 on Debian with Spamassassin and the sa-exim module.

Installing and configuring

We do the routines suggested here, only without clamav virus scanning.

apt-get install sa-exim spamassassin spamc

Then, as the installer tells us, we edit spamassassins config file to enable the spamassassin daemon called spamd by editing:

/etc/default/spamassassin and changing the parameter ENABLED to:


Also enable sa-exim by editing:

Locate these lines:

SAEximRunCond: ${if and {{def:sender_host_address} {!eq {$sender_host_address}{}} {!eq {$h_X-SA-Do-Not-Run:}{Yes}} } {1}{0}}
#Remove or comment out the following line to enable sa-exim
SAEximRunCond: 0

Then change SAEximRunCond to:

SAEximRunCond: 1

Then start spamassassin! By doing /etc/init.d/spamassassin start. Otherwise your exim4 mainlog will tell you:

Debug: SAEximRunCond expand returned: 'true'
 Debug: check succeeded, running spamc
Action: SA didn't successfully run against message, accepting

Which means sa-exim itself did run but the underlying spamassassin didn't! ...as it isn't running yet! The syslog usually tells you then

... spamc[910]: connection attempt to spamd aborted after 3 retries
... spamc[1139]: connect to spamd on failed, retrying (#1 of 3): Connection refused
... spamc[1139]: connect to spamd on failed, retrying (#2 of 3): Connection refused
... spamc[1139]: connect to spamd on failed, retrying (#3 of 3): Connection refused

So make sure spamassassin is running. That's it for the config. Testing is next...

Testing the setup.

We do not restart exim4 yet, as we may end up with a non working configuration. We first do the checks illustrated here:

Generate the new configuration:


If you made it through this, then your config files don't have any syntax errors.

exim4 -bV

If that works, then there are no config issues
Next, start exim by issuing:

/etc/init.d/exim4 start

Above assumes that you are running exim4 as a daemon, and not through inetd.
Now, let's first check how exim treats a local address (replace the stuff below with an actual existing email on the system you are doing this here):

exim4 -bt some.local.user@example.com

If this looks good, you can use the same -bt switch to have exim examine a non-local address.
Then, try sending an outgoing email, with the -v switch, exim enters an interactive mode to compile the test mail on the command line, and the -v turns on verbose output:

exim -v 'user@domain'
message here

The recipient is specified directly on the command line, after that type your message at the prompts that will appear below. After typing the message, use CTRL+D to send the EOF (end of file) characters to exim which will trigger exim to stop receiving text and start delivering the mail to user@domain.


For more testing, like sending emails or more verbose debugging see this article.

Keep an eye on Exim4's log files especially "paniclog", as it processes mails. If you find "Action: scanned but message isn't spam:" in /var/log/exim4/mainlog everything is working great!

Start spamassassin (and optionally restart exim4)

/etc/init.d/spamassassin start
/etc/init.d/exim4 restart


Most things you should know about sa-exim can be read here. And more about exim4 and sa-exim here.

sa-exim includes a way to do greylisting, other people use greylistd to achieve that. We do not cover greylisting here.

Leave a Reply