Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: femc on February 03, 2008, 08:19:39 AM
-
I know it has been asked before - my spam tagging level is still in the range below 50%
any ideas if something wrong with the below setting :
# config show qpsmtpd
qpsmtpd=service
Bcc=disabled
BccMode=cc
BccUser=maillog
DNSBL=enabled
LogLevel=8
MaxScannerSize=25000000
RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:dnsbl-1.uceprotect.net:dnsbl-2.uceprotect.net:list.dsbl.org:multihop.dsbl.org:psbl.surriel.com:zen.spamhaus.org
RHSBL=enabled
RequireResolvableFromHost=yes
SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org:blackhole.securitysage.com
access=public
qplogsumm=disabled
setprop=qpsmtpd
status=enabled
-
Don't really understand your question but I did notice some db settings that look incorrect.
qplogsumm=disabled
setprop=qpsmtpd
I don't think they are doing any harm but you can get rid of them with:
config delprop qpsmtpd qplogsumm
config delprop qpsmtpd setprop
If you are asking about your spam tag and reject level, it is not in qpsmtpd, it is in spamassassin. Show us the output of:
config show spamassassin
-
thks for assistance. I am also using LearnAsSpam and wbl, and I have changed the taging from ***SPAM*** to [SPAM]
config show spamassassin
spamassassin=service
BayesAutoLearnThresholdNonspam=0.10
BayesAutoLearnThresholdSpam=4.00
DNSAvailable=yes
MessageRetentionTime=90
OkLanguages=all
OkLocales=all
RejectLevel=0
ReportSafe=0
Sensitivity=veryhigh
SkipRBLChecks=0
SortSpam=disabled
Subject=[SPAM]
SubjectTag=enabled
TagLevel=19
UseBayes=1
status=enabled
-
Does your new tag show in emails?
-
the [SPAM] tag apperas in spam emails - but unluckily only in less than 50% of all spam. btw - i hardly get any false positive taggings
-
the [SPAM] tag apperas in spam emails - but unluckily only in less than 50% of all spam. btw - i hardly get any false positive taggings
Hmm.. thats never worked for me :(
I do use some Clam signatures from http://www.sanesecurity.co.uk/clamav/ I only update them with a manual script when spam is on the rise.
-
I looked at this website - do not know how to do
can you give me more instruction ?
-
TagLevel=19
This looks too high to me. Try lowering it to 4.
config setprop spamassassin TagLevel 4
signal-event email-update
-
I looked at this website - do not know how to do
can you give me more instruction ?
Here is the script (http://www.magicwilly.webhostingpal.com/SME7%20How%20To%20Files/ClamAV/ss-msrbl.sh) that I use.
I just placed it in /root and run it when I remember. It really needs to be run from a daily cron.
I have mail and filesystem virus scanning enabled and the day after email usually show a few that its caught during its nightly scan.
Here are my other settings...
[root@tiger ~]# config show spamassassin
spamassassin=service
DNSAvailable=yes
MessageRetentionTime=90
OkLanguages=all
OkLocales=all
RejectLevel=8
ReportSafe=0
Sensitivity=custom
SkipRBLChecks=0
SortSpam=enabled
Subject=[SPAM]
SubjectTag=enabled
TagLevel=4
UseBayes=0
status=enabled
[root@tiger ~]#
[root@tiger ~]# config show qpsmtpd
qpsmtpd=service
Bcc=disabled
BccMode=cc
BccUser=maillog
DNSBL=enabled
LogLevel=5
MaxScannerSize=25000000
RBLList=bl.spamcop.net:combined.njabl.org:dnsbl.ahbl.org:dnsbl-1.uceprotect.net:dnsbl-2.uceprotect.net:list.dsbl.org:multihop.dsbl.org:psbl.surriel.com:sbl-xbl.spamhaus.org
RHSBL=enabled
RequireResolvableFromHost=yes
SBLList=bogusmx.rfc-ignorant.org:multi.surbl.org:black.uribl.com:rhsbl.sorbs.net:bulk.rhs.mailpolice.com:fraud.rhs.mailpolice.com:porn.rhs.mailpolice.com:adult.rhs.mailpolice.com:ex.dnsbl.org:blackhole.securitysage.com
access=public
status=enabled
[root@tiger ~]#
-
femc
You might also change RejectLevel to something like
RejectLevel=14
-
custom spam rejection level 19 or 20 hardly tags the spam. custom rejection level 5 works super.
Problem solved - I will file a bug report
-
A custom reject (block) spam score of 5 is too low. You will block legitimate email. I have found that a custom tag score of 5 and a custom reject score of 10-12 works well with a minimal amount of spam being received.
I don't know why you would want to create a bug as it is all working as it should.
The spam score/level indicates the chances of the email being spam. A lower score means it is less likely to be spam. When you set the custom reject score to 19 you were letting a lot of spam thru. Setting it at 5 means you have a high chance of rejecting legitimate mail. Legitimate mail that may result in a low level spam score include email with high HTML content, HTML content with unusual colors or fonts and my favorite, HTML email signatures the include GIF images.
Jon