Setting Up SSL
Here's how I generated SSL certificates for use with "spamd --ssl" and "spamc --ssl":
rm -rf /etc/mail/spamassassin/certs mkdir -p /etc/mail/spamassassin/certs ( cd /etc/mail/spamassassin/certs openssl genrsa 2048 > ca-key.pem openssl req -new -x509 -nodes -days 1000 -key ca-key.pem > ca-cert.pem openssl req -newkey rsa:2048 -days 1000 \ -nodes -keyout server-key.pem > server-req.pem [enter whatever random data you feel like] openssl x509 -req -in server-req.pem -days 1000 \ -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem )
Compiling SpamAssassin with SSL
The primary configuration requirement for compiling SpamAssassin with SSL is the ENABLE_SSL=yes option for the Makefile.PL.
NOTE: With SpamAssassin v3.4.0+, you will need a more modern compiler (tested as far back as GCC v3.2.3 which works but GCC 2.96 failed).
Here's an example which will configure the current 3.4 SVN branch to use a version of OpenSSL installed in /usr/local/ssl and GCC 3.2.3 installed in /usr/local/gcc3.2.3
perl Makefile.PL ENABLE_SSL="yes" cd spamc CXX=/usr/local/gcc3.2.3/bin/g++ CC=/usr/local/gcc3.2.3/bin/gcc LIBS=-I/usr/local/ssl/include/ LDFLAGS=-L/usr/local/ssl/lib CPPFLAGS="-I/usr/local/ssl/include" ./configure --prefix=/usr/local --sysconfdir=/etc/mail/spamassassin --datadir=/usr/local/share/spamassassin --enable-ssl=yes ./version.h.pl --with-version=3.4.2 cd .. make make test spamc/spamc --version make install
Spamd will use Net::SSLeay so to use an alternate SSL with that, use the OPENSSL_PREFIX=<path to alternate SSL> perl Makefile.PL. For example, OPENSSL_PREFIX=/usr/local/ssl perl Makefile.PL