Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME 7.x Contribs
  4. Topic: Junkmail filtering has stopped...
« previous next »
Pages: [1]   Go Down

Junkmail filtering has stopped...

  • 5 Replies
  • 2460 Views

jeffco01

Junkmail filtering has stopped...
« on: December 08, 2006, 03:44:08 AM »
Hello,
  Up until a few days ago my server was running great! I'm using SME 7final. I have installed the spam filtering configurations from Sonora Comm. and everything was working fine. All settings, in server-manager,  were as recomended. I had been adding spam to the "LearnAsSpam" folder for a couple of weeks.
  Suddenly there are no emails going to the junkmail folder. Still getting tons of junkmail, though. All of which are going to the inbox. In the headers of these spam mails I find this... "X-Spam-Status:  No, hits=0.0 required=5.0 tests= ". So, I guess, with hits being 0.0 this is why they are going to the inbox.
  From the server-manager I have disabled/saved, and then re-enabled/saved, spam filtering. I have done

" expand-template /etc/mail/spamassassin/local.cf
/etc/init.d/spamassassin restart  "

just to make sure that the changes were in fact being saved and able to be accessed by spamassassin. I have done a "reconfigure" from server-manager, just in case an update wasn't completed. I have rebooted the system. I have made sure that no users are forwarding mail to other accounts.
  I found all of these by searching contribs. But, so far, it seems that no one else has had this exact trouble. Can anyone help? I'm just about ready to reinstall SME totally! But I'm hoping I don't have to.
Thanks, in advance.
Jeffrey
Logged

Offline mmccarn

  • *
  • 2,651
  • +10/-0
Junkmail filtering has stopped...
« Reply #1 on: December 08, 2006, 06:37:21 AM »
Do you see any useful information in /var/log/spamd/current?
Logged

jeffco01

Junkmail filtering has stopped...
« Reply #2 on: December 08, 2006, 02:08:34 PM »
Yup,
  I see a whole lot of things in there! Just, most of it I don't understand! Here's a clipping of what I am seeing overand over...

2006-12-07 22:30:17.013841500 [2263] info: spamd: connection from localhost [127.0.0.1] at port 32894
2006-12-07 22:30:17.104768500 [2263] info: spamd: checking message <20060383448427.B7591BB04CE13569@eebrl-sym.com> for qpsmtpd:1005
2006-12-07 22:30:23.456115500 [2263] error: bayes: locker: safe_lock: cannot create lockfile /var/spool/spamd/.spamassassin/bayes.mutex: Permission denied
2006-12-07 22:30:23.460749500 [2263] info: spamd: clean message (0.0/5.0) for qpsmtpd:1005 in 6.4 seconds, 8605 bytes.
2006-12-07 22:30:23.462455500 [2263] info: spamd: result: . 0 - scantime=6.4,size=8605,user=qpsmtpd,uid=1005,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=32894,mid=<20060383448427.B7591BB04CE13569@eebrl-sym.com>,autolearn=failed
2006-12-07 22:30:23.483041500 [2111] info: prefork: child states: II

So, after seeing the "permission denied" bit , here's what I tried...

chown spamd.spamd /var/spool/spamd/.spamassassin/bayes_*
chmod 750 /var/spool/spamd/.spamassassin/bayes_*
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes.mutex

After that, here's what the output changed to...

2006-12-08 04:33:21.667798500 [3364] info: spamd: connection from localhost [127.0.0.1] at port 32843
2006-12-08 04:33:21.758678500 [3364] info: spamd: checking message <20060952119541.E7A05CCC20B8883D@YFMAIL01.INFO> for qpsmtpd:1005
2006-12-08 04:33:33.323192500 [3364] info: spamd: clean message (0.0/3.0) for qpsmtpd:1005 in 11.7 seconds, 11647 bytes.
2006-12-08 04:33:33.323222500 [3364] info: spamd: result: . 0 - scantime=11.7,size=11647,user=qpsmtpd,uid=1005,required_score=3.0,rhost=localhost,raddr=127.0.0.1,rport=32843,mid=<20060952119541.E7A05CCC20B8883D@YFMAIL01.INFO>,autolearn=ham
2006-12-08 04:33:33.344009500 [3116] info: prefork: child states: II

So, no more "permission denied", but every single email coming through is being marked as "ham". Every one is being read as (0.0/3.0). The system doesn't rate them at all (i.e. 0.0)

At this rate, I think the best thing would be to uninstall everything that I installed using the details for spam filter configuration on the Sonora Comm. site http://wiki.contribs.org/posting.php?mode=reply&t=34813

My problem is (well, one of many) I don't know the commands to remove all of this and get back to my basic server. Can anyone tell me how to uninstall all of this? The help would sure be appreciated.

Thank you, again, for the help.
Jeffrey
Logged

Offline mmccarn

  • *
  • 2,651
  • +10/-0
Junkmail filtering has stopped...
« Reply #3 on: December 08, 2006, 04:32:24 PM »
I don't know how to uninstall the spamassassin stuff, but thought I'd post my various settings:

config show spamassassin
Code: [Select]
spamassassin=service
    BayesAutoLearnThresholdNonspam=0.10
    BayesAutoLearnThresholdSpam=12.00
    DNSAvailable=yes
    MessageRetentionTime=90
    OkLanguages=all
    OkLocales=all
    RejectLevel=18
    ReportSafe=0
    Sensitivity=custom
    SkipRBLChecks=0
    SortSpam=enabled
    Subject=[SPAM]
    SubjectTag=enabled
    TagLevel=5
    UseBayes=1
    status=enabled
db spamassassin show
Code: [Select]
wbl.global=list
wbl.global_to=list
less /etc/mail/spamassassin/local.cf
Code: [Select]
#------------------------------------------------------------
#              !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at http://wiki.contribs.org/development/
#
# Copyright (C) 1999-2006 Mitel Networks Corporation
#------------------------------------------------------------
dns_available yes
internal_networks 192.168.100.1
lock_method flock
ok_languages all
ok_locales all
bayes_path /var/spool/spamd/.spamassassin/bayes
bayes_file_mode 750
auto_whitelist_path /var/spool/spamd/.spamassassin/auto-whitelist
auto_whitelist_file_mode 750
report_safe 0
required_hits 5
rewrite_header Subject [SPAM]
skip_rbl_checks 0
clear_trusted_networks
trusted_networks 192.168.100.1 127.
use_auto_whitelist 0
use_bayes 1
Searching Google for "spamassassin always scores 0" I found a post implying this could be caused by incorrect permissions on /usr/share/spamassassin, so ls -al /usr/share/spamassassin
Code: [Select]
drwxr-xr-x   2 root root   4096 Aug 21 16:10 .
drwxr-xr-x  57 root root   4096 Aug 25 16:48 ..
-rw-r--r--   1 root root   5521 Jun  7  2006 10_misc.cf
-rw-r--r--   1 root root   8167 Jun  7  2006 20_advance_fee.cf
...(all 48 files have the same permissions as 10_misc.cf)

Are you using "sa-update" to automatically update your spamassassin ruleset?  If so, your "admin" account should have emails telling you what has been done, and if it ran into any trouble.  The latest update log may still be in /tmp/sa-update.log

grep \( /var/log/spamd/current |grep -v unknown | sed s/^.*\(/\(/ | sed s/\).*$/\)/
 will list all of the spam scores in your current log file.  Here's a sample of mine; is ALL of your email scored zero?
Code: [Select]
(6.7/5.0)
(10.8/5.0)
(7.8/5.0)
(9.2/5.0)
(17.4/5.0)
(6.7/5.0)
(17.0/5.0)
(26.6/5.0)
(6.9/5.0)
(8.7/5.0)
(8.7/5.0)
(19.0/5.0)
(12.3/5.0)
(6.7/5.0)(note: this output is from my backup mx, so almost everything is spam...)
Logged

jeffco01

Junkmail filtering has stopped...
« Reply #4 on: December 09, 2006, 12:56:51 PM »
Quote from: "mmccarn"
I don't know how to uninstall the spamassassin stuff, but thought I'd post my various settings:


Thank you for going through all the trouble. As soon as I can figure out how to uninstall (or just reverse) the "spam stuff" I plan to re-do it and start again.

Quote from: "mmccarn"
Code: [Select]
drwxr-xr-x   2 root root   4096 Aug 21 16:10 .
drwxr-xr-x  57 root root   4096 Aug 25 16:48 ..
-rw-r--r--   1 root root   5521 Jun  7  2006 10_misc.cf
-rw-r--r--   1 root root   8167 Jun  7  2006 20_advance_fee.cf
...(all 48 files have the same permissions as 10_misc.cf)


The only difference in here is that your ".." has the number "57" in it (just before root root) and mine has "55". Don't know if this is significant, because I'm not sure what that number means?

Other than that one difference, everything you have shown me here is identical to what I have at this end. So I am completely lost.

Quote from: "mmccarn"
... is ALL of your email scored zero?


Yes, all of my email scores are zero's. Really frustrating. Any other ideas that I can try? I really would rather fix this mess than rebuild the entire server.

Again, thank you for all your help.
Jeffrey
Logged

jeffco01

Junkmail filtering has stopped...
« Reply #5 on: December 09, 2006, 01:21:36 PM »
Quote from: "mmccarn"
Are you using "sa-update" to automatically update your spamassassin ruleset?  If so, your "admin" account should have emails telling you what has been done, and if it ran into any trouble.  The latest update log may still be in /tmp/sa-update.log


I forgot to tell you about this one. Here's what the last lines of "sa-update" read...

Code: [Select]
[9125] dbg: channel: attempting channel updates.spamassassin.org
[9125] dbg: channel: update directory /var/lib/spamassassin/3.001003/updates_spamassassin_org
[9125] dbg: channel: update tmp directory /var/lib/spamassassin/3.001003/updates_spamassassin_org.tmp
[9125] dbg: channel: channel cf file /var/lib/spamassassin/3.001003/updates_spamassassin_org.cf
[9125] dbg: channel: channel tmp cf file /tmp/.spamassassin9125OAkMmEtmp
[9125] dbg: dns: query failed: 3.1.3.updates.spamassassin.org => SERVFAIL
[9125] dbg: channel: no updates available, skipping channel
[9125] dbg: diag: updates complete, exiting with code 1

I looked back through several, and this is how they read in all of them. Since it says "DNS : query failed:" and "Servfail", is this a problem, or is it just that there weren't any updates available, so it quit?

Thank you.
Jeffrey
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME 7.x Contribs
  4. Topic: Junkmail filtering has stopped...