davee, Exim now has a built in interface to spamd. That’s what I use and it’s also what we use on lug.org.uk. It’s very simple:
# put headers in all messages (no matter if spam or not) warn message = X-Spam-Score: $spam_score ($spam_bar) spam = nobody:true warn message = X-Spam-Report: $spam_report spam = nobody:true # reject spam at high scores (> 12) deny message = This message scored $spam_score spam points. spam = nobody:true condition = ${if >{$spam_score_int}{120}{1}{0}}
You’ll need exim4-daemon-heavy on Debian sarge or etch.
I also recommend having some HELO checks before spamassassin, and virus checks after it. Exim can also call out to clamav to reject viruses at SMTP time.