Making Exim reject spam at SMTP time

davee, Exim now has a built in interface to spamd. That’s what I use and it’s also what we use on lug.org.uk. It’s very simple:

# put headers in all messages (no matter if spam or not)
warn  message = X-Spam-Score: $spam_score ($spam_bar)
      spam = nobody:true
warn  message = X-Spam-Report: $spam_report
      spam = nobody:true
  
# reject spam at high scores (> 12)
deny   message = This message scored $spam_score spam points.
       spam = nobody:true
       condition = ${if >{$spam_score_int}{120}{1}{0}}

You’ll need exim4-daemon-heavy on Debian sarge or etch.

I also recommend having some HELO checks before spamassassin, and virus checks after it. Exim can also call out to clamav to reject viruses at SMTP time.