If you use catch-all's and have SpamAssassin enabled, and also have the filters set to “send to user spambox”, any emails sent to a non-existent account and is flagged as spam, will end up creating a spambox file for the non-existent mail. You can implement this to prevent spamassassin from scanning catch-all data.
You can tell exim to only scan an email if a valid account exists, by editing your /etc/exim.conf and setting the ”# Spam Assassin” section to look like the following:
# Spam Assassin
spamcheck_director:
driver = accept
condition = "${if and { \
{!def:h_X-Spam-Flag:} \
{!eq {$received_protocol}{spam-scanned}} \
{!eq {$received_protocol}{local}} \
{exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
{exists{/etc/virtual/${domain}/passwd}} \
{ \
or \
{ \
{!eq {}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/passwd}}}} \
{eq {$local_part} {${lookup{$domain}lsearch{/etc/virtual/domainowners}}}} \
} \
} \
} {1}{0}}"
retry_use_local_part
transport = spamcheck
no_verify
However, this guide will not scan forwarders. If you want it to also scan forwarder, you can insert:
{!eq {}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}} \
Just after the first instance of "{!eq {}{$lookup ....".
Another trick to reducting what spamassassin should be scanning is to only scan messages that are below a certain size threshold. Spammers cannot afford to make their spam messages too big due to size contraints in combination with the volume of emails they have to send out. They way we do that is to put in another condition that tells exim that if an exim if over a certain size, there isn't a need to scan it, it's not likely spam. Insert this condition into the above list:
{<{$message_size}{200k}} \