spamd: unauthorized connection from IP to port 783

Should you happen to notice that SpamAssassin does not check incoming emails, or to see lines similar to the following in mail logs:

Wed Sep  2 21:03:57 2015 [12881] warn: spamd: unauthorized connection from server.domain.com [11.22.33.xx]:56486 to port 783, fd 6 at /usr/bin/spamd line 1603.
Wed Sep  2 21:03:57 2015 [12842] info: prefork: child states: II
Wed Sep  2 21:13:12 2015 [12881] warn: spamd: unauthorized connection from server.domain.com [11.22.33.xx]:57262 to port 783, fd 6 at /usr/bin/spamd line 1603.
Wed Sep  2 21:13:12 2015 [12842] info: prefork: child states: II
Wed Sep  2 21:13:39 2015 [12881] warn: spamd: unauthorized connection from server.domain.com [11.22.33.xx]:57274 to port 783, fd 6 at /usr/bin/spamd line 1603.
Wed Sep  2 21:13:39 2015 [12842] info: prefork: child states: II
Wed Sep  2 21:14:05 2015 [12881] warn: spamd: unauthorized connection from server.domain.com [11.22.33.xx]:57293 to port 783, fd 6 at /usr/bin/spamd line 1603.
Wed Sep  2 21:14:05 2015 [12842] info: prefork: child states: II

here is a possible solution for a directadmin powered server:

Open /etc/init.d/exim

Find a line with:

if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -d -c -m 15 1>/dev/null 2>/dev/null; fi

and append it with IP address(es) of your server :

-A 11.22.33.xxx, 127.0.0.1

so it would look like:

if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -A 11.22.33.xxx, 127.0.0.1 -d -c -m 15 1>/dev/null 2>/dev/null; fi

Note to replace 11.22.33.xxx with an actual IP of your server.

Save changes, quit editing the file and restart exim.

/etc/init.d/exim restart

If successful you will see lines similar to:

Thu Sep  3 00:44:07 2015 [6636] info: spamd: connection from server.domain.com [11.22.33.xx]:48004 to port 783, fd 6
Thu Sep  3 00:44:07 2015 [6636] info: spamd: setuid to userbob succeeded
Thu Sep  3 00:44:07 2015 [6636] info: spamd: processing message <20150902184336.665991849A9@gmail.com> for userbob:507
Thu Sep  3 00:44:13 2015 [6636] info: spamd: clean message (-0.0/5.0) for userbob:507 in 5.3 seconds, 1058 bytes.

p.s. Man pages

       -A host,..., --allowed-ips=host,...
           Specify a comma-separated list of authorized hosts or networks
           which can connect to this spamd instance. Each element of the
           list is either a single IP addresses, or a range of IP addresses
           in address/masklength CIDR notation, or ranges of IPv4 addresses
           by specifying 3 or less octets with a trailing dot.  Hostnames
           are not supported, only IPv4 or IPv6 addresses.  This option can
           be specified multiple times, or can take a list of addresses
           separated by commas.  IPv6 addresses may be (but need not be)
           enclosed in square brackets for consistency with option --listen.
           Examples:

           -A 10.11.12.13 -- only allow connections from 10.11.12.13.

           -A 10.11.12.13,10.11.12.14 -- only allow connections from
           10.11.12.13 and 10.11.12.14.

           -A 10.200.300.0/24 -- allow connections from any machine in the
           range "10.200.300.*".

           -A 10. -- allow connections from any machine in the range
           "10.*.*.*".

           -A [2001:db8::]/32,192.0.2.0/24,::1,127.0.0.0/8 -- only accept
           connections from specified test networks and from localhost.

           In absence of the -A option, connections are only accepted from
           IP address 127.0.0.1 or ::1, i.e. from localhost on a loopback
           interface.