INTRODUCTION
------------
eximspamy is a spam filter framework that uses exim's perl extension.
It is supposed to be solution which requires no maintenance and will
use only very little cpu power. 
I am using this on a pentium 100 Mhz server with no problems.

eximspamy processes or rejects the mail in one go. That is: the mail
does not run twice through exim as with most other mail filter systems.

If you are looking for a more complex and processor intensive solution
then take a look at this article where SpamAssasin is used:
http://www.linuxgazette.com/node/view/219

HOW IT WORKS
------------
Exim offers the possibility to execute perl subroutines from filter files.

To use this feature you must specify a file which contains perl subroutines
in the exim.conf file:
perl_startup = do '/etc/exim/exim.pl'
and you need to have a version of exim which had perl support enabled at compile time
in the file:
add the line 
EXIM_PERL=perl.o
in 
Local/Makefile 
of the exim source tree.

In the system filter (normally system_filter.exim) you can use those perl subroutines
to execute various tests on any line of the header (e.g $header_subject: $header_from:) or
even the message body ($message_body) 

eximspamy uses the following idea to catch the spam:
You need to setup one user to which you re-direct all spam-traps. That is old accounts
which are no longer used and catch only spam or special seeds which you spread on
webpages to catch only spam (use e.g white font on white background so that normal users
do not see them).

All mail which is sent to the spamtrap is run through a filter which will take
a checksum on the subject line. Those checksums are stored in a file
(/usr/local/spamy/tmp/sums.txt)

Any mail coming into your system will then be checked against the known "spam" checksums
in /usr/local/spamy/tmp/sums.txt. In other words you compute again a checksum on the subject
line and then you check if this checksum is already known. If it is known then  you consider
it spam.

INSTALLATION
------------
1)
Add to your exim.conf the following lines:

#perl support
erl_startup = do '/etc/exim/exim.pl'

# System filter:
message_filter = /etc/exim/system_filter.exim
message_filter_file_transport = address_file
message_body_visible = 5000

The address_file transport should look like this (probably you have it already):
address_file:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add

2)
Copy the exim.pl to /etc/exim/exim.pl 

3)
take a look at the provided system_filter.exim and include the relevant lines
to you possibly already exiting system filter file.

4)
Setup a user to catch the spam and forward (redirect) all mails from old accounts
to this account.
Create the directory /usr/local/spamy/ and copy spamygetcksums into it.
Create the directory /usr/local/spamy/tmp/ and give it permissions 1777
Copy the file eximfilter_generatecksum to .forward in the home directory of the
spam catch account.
You must also enable exim filter syntax for users. Do this by adding the option
"filter" to the userforward director (or what ever your director for local mail is
called).

5) send a test mail to the spam trap and see that /usr/local/spamy/tmp/sums.txt 
is created correctly. Install a cron job to rotate the sums.txt using the provided
spamylogrotate script

COPYRIGHT and VERSION INFO
--------------------------
Copyright is GPL
Author: Guido Socher (guido at linuxfocus.org)

Versions:
2003-12-27 version 0.1
2004-02-25 version 0.2



