Okay, I figured out how ho rewrite the subject line. The Spamassassin configuration is quite misleading and annoying. As the rewrite header is not even used, as EXIM needs to handle the rewriting of the subject lines in email. No idea why that’s even set in the config.
Anywhere, here are the steps I followed to setup the rewrite function to include SPAM in subject line of spam emails. Please feel free to comment if I did anything wrong or there is an easier way to do this.
This is how to setup the rewrite for the subject line. The Spamassassin configuration does nothing, as the rewrite rule is handled by EXIM. No idea why the fuck they include it in there, as it does nothing.
Edit the Exim config
nano /etc/exim4/exim4.conf.template
Find this section in the file:
.ifdef SPAMASSASSIN
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{1024K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = debian-spamd:true/defer_ok
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif
Add this line:
add_header = X-Spam-Subject: [Spam Score $spam_score_int] $h_Subject
Final result should look like this:
.ifdef SPAMASSASSIN
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{1024K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = debian-spamd:true/defer_ok
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
add_header = X-Spam-Subject: [Spam Score $spam_score_int] $h_Subject
message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif
Find the ACL section in the file:
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
acl_not_smtp = acl_not_smtp
begin acl
Just before this section, add these two lines:
system_filter = /etc/exim4/system_filter
system_filter_user = Debian-exim
Now create the system_filter file:
nano /etc/exim4/system_filter
Add this code to that file:
if $h_X-Spam-Status: contains "Yes"
then
headers remove "Subject"
headers add "Subject: $h_X-Spam-Subject"
endif
Set permissions on the file:
chown root:Debian-exim /etc/exim4/system_filter
Restart Exim:
service exim4 restart
Test if the rewrite function is working by sending an email from outside your server to one of your email addresses hosted by your server. Create an email and paste this string of text into the body of the email:
Test message XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
You should receive the email with the subject line modified with something like: [Spam Score 9861] Your Subject Line.
Hopefully this helps someone else that wants to configure the same thing.