# SpamAssassin
spamcheck:
driver = pipe
command = /usr/local/bin/exim4 -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/spamc
home_directory = "/tmp"
current_directory = "/tmp"
# must use a privileged user to set $received_protocol on the way back in!
user = mail
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
Now add a router that will direct messages that haven't yet been scanned to be delivered using the transport you defined above. You should already be aware that the order routers occur is significant. You will most likely want to place this router below the routers that handle non-local domains, but you may have the need or desire for slightly different behavior. Be sure to read the exim specification to understand what the various options mean and how to apply them to your setup.
# SpamAssassin
spamcheck_router:
no_verify
check_local_user
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
driver = accept
transport = spamcheck