How to add a spamassassin rule to block all mails that contain a certain word


I get quite a lot spam. A couple mails per day.

I am know trying to block those via spamassassin, however it is not working. For example, I get daily mails from someone with a different e-mail adress everytime, but in the FROM name is always the word ‘Degree’

So, I created this rule:
Test Name: Degree
Check: From: header
Match expression: / [Degree] / []
Score to apply: 10

What am I doing wrong? Is there documentation somewhere on how the match expression should be formed?


Well, first off, I’ll offer that if you’ve gotten things down to two spam messages a day, you’re doing pretty well :slight_smile:

However, off the top of my head I’m not entirely certain what the required syntax there is… I’d be curious if it worked simple to enter:


In the “Match expression” field.

If that doesn’t help, what is the resulting rule that is generated into the SpamAssassin field?


Hi Eric,

Thanks for your prompt reply.

It does not seem to work, I still get mails containing exactly these words. I know 2 messages a day is not to crazy, however, I can rule at least one of the two out because it alwas contains the same words.

If I just add Degree to the match expression, it results in this rule in the
header Degreefrom From =~ /Degree/

Is that good? Because I still get mails with sender name containing Degree…


I’ve been looking into that, and it really does look like what you have there should work.

Amongst other things, I see examples of that here:

I’m wondering if it’s just something simple… could you try restarting the SpamAssassin service? That would ensure that the config file has been re-read.



Thanks a lot. I am going to do some checks using the stack link you posted.

I also discovered this: when I go to Email messages > Spam and virus scannign then the ‘Spamassassing client program’ is set to spamc instead of spamassassin. Is this correct? What client program should I use? Which one is faster, better, lighter?


I use spamc myself, as it just uses one running SpamAssassin service instance. Then, for each incoming email, a small spamc process is launched to communicate with it.

The other option launches a full SpamAssassin process for each incoming email, but has no resident SpamAssassin service.

The second option I think is best on servers with extremely low email traffic, which are also low on RAM. However, the second option also allows per-domain SpamAssassin settings, rather than global settings.



Thanks for your help!

As for the spamassasin rules. I see in the link you posted that the rules should be ended with /i/ however, my rules do not have that part.
Should I put an i character in the field next to match expression? Or should I just add /i/ to my match expression?