Koozali.org: home of the SME Server
Obsolete Releases => SME Server 9.x => Topic started by: oegeeks on August 14, 2017, 07:12:18 PM
-
SMESERVER 9.2 - last updates
I configured spam assassin and autolearn and tried some configurations with rules either for procmail or mail drop.
As far is i could find out, spam assassin is not writing anything in the mail header.
The user config is shortened for the confidential data
sa-learn --dump magic
0.000 0 3 0 non-token data: bayes db version
0.000 0 53 0 non-token data: nspam
0.000 0 0 0 non-token data: nham
0.000 0 13454 0 non-token data: ntokens
0.000 0 1502200801 0 non-token data: oldest atime
0.000 0 1502726102 0 non-token data: newest atime
0.000 0 0 0 non-token data: last journal sync atime
0.000 0 0 0 non-token data: last expiry atime
0.000 0 0 0 non-token data: last expire atime delta
0.000 0 0 0 non-token data: last expire reduction count
xxx=user
AdminPanels=bugreport,clamav,cronmanager,dar2,diskusage,emailsettings,qmailanalog,reboot,sme9admin,sysmon,user-email,userpanel-mailsort,viewlogfiles,yum
Dept=
EmailForward=local
EmailVacation=no
EmailVacationFrom=20170804
EmailVacationTo=20170805
ForwardAddress=
PasswordSet=yes
Shell=/bin/bash
SortSpam=enabled
VPNClientAccess=no
In no mail there is any X-SPAM or other related Header TAG.
How i can debug the problem?
Best regards
Andreas
-
Some more config details:
spamassassin=service
BayesAutoLearnThresholdNonspam=0.10
BayesAutoLearnThresholdSpam=6.00
DNSAvailable=yes
MaxMessageSize=2000000
MessageRetentionTime=14
OkLanguages=all
OkLocales=all
RejectLevel=12
ReportSafe=0
Sensitivity=custom
SkipRBLChecks=0
SortSpam=enabled
Subject=[SPAM]
SubjectTag=enabled
TagLevel=4
UseBayes=1
status=enabled
spamd=service
status=enabled
qmail=service
DoubleBounceTo=devnull
FilterType=procmail
MaxMessageSize=15000000
status=enabled
qpsmtpd=service
Bcc=disabled
BccMode=off
BccUser=maillog
DNSBL=enabled
LogLevel=8
MaxScannerSize=25000000
RBLList=bl.spamcop.net,dnsbl-1.uceprotect.net,dnsbl-2.uceprotect.net,psbl.surriel.com,zen.spamhaus.org
RHSBL=enabled
RelayRequiresAuth=enabled
SBLList=multi.surbl.org,black.uribl.com,rhsbl.sorbs.net
TlsBeforeAuth=1
UBLList=multi.surbl.org:8-16-64-128,black.uribl.com,rhsbl.sorbs.net
URIBL=disabled
access=public
qplogsumm=disabled
status=enabled
-
An Example of the Mail-Headers of a learned spam email. The confidential data is tripped out:
Return-Path: <upfoktt@newtokkin.biz.ua>
X-policyd-weight: using cached result; rate: -6.1
Received: from mail.newtokkin.biz.ua (mail.newtokkin.biz.ua [62.141.45.219])
Received: from newtokkin.biz.ua (mail.newtokkin.biz.ua [62.141.45.219])
by mail.newtokkin.biz.ua (Postfix) with ESMTPA id 22AC8C65E0;
Mon, 14 Aug 2017 10:57:21 +0300 (EEST)
Message-ID: <upfoktt27213144.88058520@mail.newtokkin.biz.ua>
Reply-To: "Rezeptpflichtige Medikamente" <upfoktt@newtokkin.biz.ua>
From: "Rezeptpflichtige Medikamente" <upfoktt@newtokkin.biz.ua>
To: <cconrady@cowa.de>
Subject: =?utf-8?B?VGFibGV0dGVuIGbDvHIgRXJla3Rpb25zc3TDtnJ1bmc=?=
Date: Mon, 14 Aug 2017 10:57:23 +0300
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_0006_01D314EA.1CC01710"
Precedence: bulk
List-Id: b28258464v37384072
X-Complaints-To: abuse@newtokkin.biz.ua
List-Unsubscribe: <http://newtokkin.biz.ua/ru/unsubscribe/do?hash=1806640373585266>
X-Virus-Status: No
X-KasScanner: clean
-
By the way:
The to field is not my email address. This is just a make-up of the spam mail.
Just by the subject, spam assassin should reject the message.
-
The information in the previous posts is still valid, but i changed the get mail behavior.
I changed getmail.sh to use mail drop instead of qmail inbox.
Now nearly every mail is moved to the spam folder, even the good email. Whitelist is working as expected.
I changed the rating to 8, but still no really usable results.
How to see, what score an email from mail drop or spam assassin gets and why?
-
Here is the spamassasin local.cf, but no Header is changed as written in the config-file.
#------------------------------------------------------------
# !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at http://www.contribs.org/development/
#
# Copyright (C) 1999-2006 Mitel Networks Corporation
#------------------------------------------------------------
dns_available yes
internal_networks 192.168.4.221
lock_method flock
ok_locales all
bayes_path /var/spool/spamd/.spamassassin/bayes
bayes_file_mode 750
report_safe 0
required_score 8
rewrite_header Subject [SPAM]
skip_rbl_checks 0
clear_trusted_networks
trusted_networks 192.168.4.221
use_bayes 1
add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ autolearn=_AUTOLEARN_
add_header all Details _REPORT_
-
As a thought
1. Are you collecting mail via POP ? In which case you need to look in the bug tracker as there are issues with spamassassin not checking mail collected via fetchmail etc
e.g. https://bugs.contribs.org/show_bug.cgi?id=10290
2. If that isn't the case then a) have you had a read through the bugs and b) if you have and haven't found anything then you should create one
Rgds
John
-
Hi John,
thanks for the hints. I will check if the workaround of the bug will help me. Maybe i have to open a new bug, because mail drop is not related to the old bug.
Anyway you shed a light.
Regards
Andreas
-
:-)
No problems.
Rgds
John
-
I use getmail and tried fetch mail for this bug. The workaround for fetch mail did not work for me, but i found a working solution for getmail.
in the config file *.mailrc insert this section:
[filter]
type = Filter_external
path = /usr/bin/spamc
arguments = ("-s","250000","-p","783","-u","USER",)