Andrew Richards
• The Free Stuff!


On this page: • Introduction   • Status/Warranty   • Documentation   • Pre-requisites   • Download   • Installation   • Setup / Configuration   • Compatibility   • Programming Notes   • Archives


This lightweight patch extends netqmail to refuse spammy messages at SMTP time. This assumes incoming messages are scanned by SpamAssassin prior to reaching qmail-queue, such as by setting QMAILQUEUE to invoke SpamAssassin's qmail-spamc.

An environment variable SPAMREFUSE is added to specify the Spam Assassin threshold over which messages are refused. By default, all postmaster addresses are exempt. Different exemptions can be specified in control/nospamrefuse.

Status / Warranty

No warranty, express or implied is given - USE THIS SOFTWARE ENTIRELY AT YOUR OWN RISK. You will need to satisfy yourself as to the suitability of this software before deploying it in a production environment.


The documentation for this patch consists of this web page and the updated man pages:


This patch is for netqmail 1.06 patched with qmail-logmsg. SpamAssassin too of course, if you want Spamrefuse to do its job...


The current release, version 1.01, is available in plaintext or gzipped (.gz).


Proceed as follows:

Setup / Configuration

Enable spam refusal with the SPAMREFUSE environment variable. This specifies the threshold score above which messages should be refused. This may be the different from your SpamAssassin required_hits setting if desired (for example you might reject very spammy messages and quarantine moderately spammy messages). Set this variable in the source for your cdb file (if using tcpserver -x), remembering to update your cdb afterwards (qmailctl cdb if you have a LWQ setup). For example,



Alternatively you can set SPAMREFUSE in the environment supplied to qmail-smtpd / tcpserver, in the startup script for qmail-smtpd, for example (based on LWQ section,

exec env SPAMREFUSE="5.5" \

    /usr/local/bin/softlimit -m 2000000 \

    /usr/local/bin/tcpserver ...

By default postmaster for all domains is exempt (no mail is refused). See the man pages if you wish to alter this.


Please let me know if you successfully install Spamrefuse on systems not listed below (see the end of the installation section on this page).

Compatibility with qmail, netqmail: The patch should apply cleanly to the following:

Compatibility with Unix / Linux: Successful compilations have been reported on the following:



Programming Notes

I've tried to ensure that the changes to netqmail are minimal. In qmail-smtpd I've taken my cue from the existing badmailfrom code to provide the code for nospamrefuse. By definition the scanned message is not available to qmail-smtpd, therefore it is in qmail-queue that SPAMREFUSE is checked against the message's SpamAssassin score in the X-Spam-Status: header.

Rather than add floating-point logic for comparing SPAMREFUSE (which can have a fractional part) I multiply it and the SpamAssassin score by 100 before comparing them.

Spamrefuse could be enhanced:

At present I do not have plans to implement any of the above enhancements, given that the current behaviour is sufficiently straightforward, particularly for a fairly small netqmail system - and that I'm not being paid for it. I have written SpamRefuse because I feel it's an important tool to reduce the impact of spam and it's a feature I want to offer to my clients.


There are no earlier public releases.

This page last updated: AR, 1st July 2013.

This gratuitous space at the end ensures that the short-cuts to each section work properly