No sign of spamassassin working

Having trouble installing Group-Office? No worries. Help is on the way.

Moderator: Developers

michelbisson
Posts: 18
Joined: Sat Jan 18, 2014 11:14 pm

No sign of spamassassin working

Postby michelbisson » Sun Feb 09, 2014 9:30 am

Hi,
I've got the very latest GroupOffice installed in Debian Wheezy. I have been trying to make the anti-spam to work so that I see the spam as Subject tagged ***SPAM*** and after many hours of searching and I trying different configuration changes in Amavis and Spamassassin I gave up trying alone and asking the community for help.
I create new users and the folder 'Junk' or 'Spam' doesn't get created. So I created it manually. Then I send a definite Spam test message(GTUBE) to the user and looking in the mail log I get a full recognition that it's a SPAM

Code: Select all

...... amavis[30575]: (30575-07) Passed SPAM {RelayedOpenRelay,Quarantined},..... Hits: 999.999,

The mail gets deposited in the mailbox as if nothing happened, no mail headers indication of anything except of Virus check done by Amavis

Code: Select all

X-Virus-Scanned: Debian amavisd-new at .....

No tagging of the subject although I've added the following Amavis configuration in /etc/amavis/conf.d/60-groupoffice_defaults:

Code: Select all

$sa_spam_subject_tag = '***SPAM***';
$sa_tag_level_deflt = -999 ;
$sa_tag2_level_deflt = -999 ;

And added the following config in /etc/spamassassin/local.cf

Code: Select all

rewrite_header subject  ***SPAM***
add_header all Status score=_SCORE_

Restarted Amavis and Spamassassin(spamd)
The mail doesn't get deposited in the Junk folder and no indication to the user that this mail is a spam.
I've stopped spamd daemon to see if the spam recognition(at least in the log) still works, and it surprisingly does.
Amavis seems to do a good job on virus checking but no sign of any activity or effect on spam mails can be seen elsewhere, except in the mail log.
I've been trying to understand the spam check flow, and so far I've read that Amavis calls the Amavis Perl SA module which should in turn calls Spamassassin.
I don't know if this is right in the case of GroupOffice, it also seems as if Amavis doesn't recognize it's own configuration regarding tagging the subject header.
Logs of Amavis restart indicates that the SPAM Check modules are loaded:

Code: Select all

Feb  9 10:22:58 mail2 amavis[25721]: ANTI-VIRUS code      loaded
Feb  9 10:22:58 mail2 amavis[25721]: ANTI-SPAM code       loaded
Feb  9 10:22:58 mail2 amavis[25721]: ANTI-SPAM-EXT code   NOT loaded
Feb  9 10:22:58 mail2 amavis[25721]: ANTI-SPAM-C code     NOT loaded
Feb  9 10:22:58 mail2 amavis[25721]: ANTI-SPAM-SA code    loaded
 


So I really don't understand what is happening here. I've experimented with many other Spammassasin configuration settings and no effect at all
as if Amavis either doesn't see the spam scoring seen in the log or doesn't even call spamassassin or calls some other spam checker instead.
So I'm really lost. Some light into this would greatly be appreciated.
mschering
Site Admin
Site Admin
Posts: 8154
Joined: Tue Apr 20, 2004 1:06 pm
Location: The Netherlands - Den Bosch
Contact:

Re: No sign of spamassassin working

Postby mschering » Mon Feb 10, 2014 3:21 pm

Does it have the X-Spam-Flag=yes header?
Best regards,

Merijn Schering
Intermesh
michelbisson
Posts: 18
Joined: Sat Jan 18, 2014 11:14 pm

Re: No sign of spamassassin working

Postby michelbisson » Mon Feb 10, 2014 4:59 pm

Unfortunately not. I even tried to force SA to write headers regarding the score level

Code: Select all

add_header all Status score=_SCORE_

No change in the email headers at all.

Received Email headers:

Code: Select all

Return-Path: <root@mail2.itmatrix.eu>
X-Original-To: mic@yourmail.name
Delivered-To: mic@yourmail.name
Received: from localhost (localhost [127.0.0.1])
   by mail2.itmatrix.eu (Postfix) with ESMTP id D5B5D1E2DF
   for <mic@yourmail.name>; Sun,  9 Feb 2014 09:19:36 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at mail2.itmatrix.eu
Received: from mail2.itmatrix.eu ([127.0.0.1])
   by localhost (mail2.itmatrix.eu [127.0.0.1]) (amavisd-new, port 10024)
   with ESMTP id 2b-F6gOKllmo for <mic@yourmail.name>;
   Sun,  9 Feb 2014 09:19:35 +0100 (CET)
Received: by mail2.itmatrix.eu (Postfix, from userid 0)
   id 485FE1E2E1; Sun,  9 Feb 2014 09:19:35 +0100 (CET)
Date: Sun, 09 Feb 2014 09:19:35 +0100
To: mic@yourmail.name
Subject: test from Vserver
User-Agent: Heirloom mailx 12.5 6/20/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20140209081935.485FE1E2E1@mail2.itmatrix.eu>
From: root@mail2.itmatrix.eu (root)

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X


I don't know if I did something stupid, that might be obvious to you, that blocks everything.
So here are the configs I modified, but from the beginning on I had no indication of spam either and the 'Junk' folder didn't get created either when I created the users.

Content of Amavis config file 60-groupoffice_defaults

Code: Select all

use strict;
# leave this line or Group-Office will overwrite your config

#enable virus checking
@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

#enable spam checking
@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

#change spam destiny from D_BOUNCE to pass. We use Dovecot sieve to file the
#spam into the spam folder
$final_spam_destiny       = D_PASS;

#Don't tag subject because we'll file it into the spam folder
$sa_spam_subject_tag = '***SPAM***';
$sa_tag_level_deflt = -999 ;
$sa_tag2_level_deflt = -999 ;

# Activating warnings for failed DKIM checked emails
$enable_dkim_verification = 1;
$virus_admin = "admin\@$mydomain"; # due to D_DISCARD default

1;  # ensure a defined return



Content of /etc/spamassassin/local.cf

Code: Select all

# leave this line or Group-Office will overwrite your config

# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
###########################################################################
#
# rewrite_header Subject *****SPAM*****
# report_safe 1
# trusted_networks 212.17.35.
# lock_method flock

# Added by Michel
loadplugin Mail::SpamAssassin::Plugin::AWL
loadplugin Mail::SpamAssassin::Plugin::DCC

# How many hits before a message is considered spam.
required_hits           4.0

# Changed by Michel 07.02.2014
# Text to prepend to subject if rewrite_subject is used
rewrite_header subject  ***SPAM***
#add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_
add_header all Status score=_SCORE_

trusted_networks 82.200.70.XXX/28

# Encapsulate spam in an attachment
report_safe             0

# Enable the Bayes system
use_bayes               1

# Enable Bayes auto-learning
bayes_auto_learn        1
bayes_path              /home/spamd/
bayes_file_mode         0666

# Enable or disable network checks
skip_rbl_checks         0
use_razor2              1
use_dcc                 1
use_pyzor               1

dns_available yes

## Optional Score Increases
score DCC_CHECK 4.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000
score RAZOR2_CHECK 2.500
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000

# Added by jsu2
# refer to http://flakshack.com/anti-spam/wiki/index.php?page=Testing
body LOCAL_TEST1 /myspamtest12341234/
describe LOCAL_TEST1 This is a unique phrase to trigger a positive score
score LOCAL_TEST1 50

urirhssub       URIBL_BLACK  multi.uribl.com.        A   2
body            URIBL_BLACK  eval:check_uridnsbl('URIBL_BLACK')
describe        URIBL_BLACK  Contains an URL listed in the URIBL blacklist
tflags          URIBL_BLACK  net
score           URIBL_BLACK  3.0

urirhssub       URIBL_GREY  multi.uribl.com.        A   4
body            URIBL_GREY  eval:check_uridnsbl('URIBL_GREY')
describe        URIBL_GREY  Contains an URL listed in the URIBL greylist
tflags          URIBL_GREY  net
score           URIBL_GREY  0.25

score DKIM_VERIFIED -0.1
score DKIM_SIGNED    0

# don't waste time on fetching ASP record, hardly anyone publishes it
score DKIM_POLICY_SIGNALL  0
score DKIM_POLICY_SIGNSOME 0
score DKIM_POLICY_TESTING  0

# DKIM-based whitelisting of domains with good reputation:
score USER_IN_DKIM_WHITELIST -8.0

whitelist_from_dkim  *@ebay.com
whitelist_from_dkim  *@*.ebay.com
whitelist_from_dkim  *@ebay.co.uk
whitelist_from_dkim  *@*.ebay.co.uk
whitelist_from_dkim  *@ebay.at
whitelist_from_dkim  *@ebay.ca
whitelist_from_dkim  *@ebay.de
whitelist_from_dkim  *@ebay.fr
whitelist_from_dkim  *@*.paypal.com
whitelist_from_dkim  *@paypal.com
whitelist_from_dkim  *@*                paypal.com
whitelist_from_dkim  *@*.paypal.be

whitelist_from_dkim  *@cern.ch
whitelist_from_dkim  *@amazon.com
whitelist_from_dkim  *@springer.delivery.net
whitelist_from_dkim  *@cisco.com
whitelist_from_dkim  *@alert.bankofamerica.com
whitelist_from_dkim  *@bankofamerica.com
whitelist_from_dkim  *@cnn.com
whitelist_from_dkim  *@*.cnn.com
whitelist_from_dkim  *@skype.net
whitelist_from_dkim  service@youtube.com
whitelist_from_dkim  *@welcome.skype.com
whitelist_from_dkim  *@cc.yahoo-inc.com  yahoo-inc.com
whitelist_from_dkim  *@cc.yahoo-inc.com
whitelist_from_dkim  rcapotenoy@yahoo.com
whitelist_from_dkim  googlealerts-noreply@google.com

# DKIM-based whitelisting of domains with less then perfect
# reputation can be given fewer negative score points:
score USER_IN_DEF_DKIM_WL -1.5
def_whitelist_from_dkim   *@google.com
def_whitelist_from_dkim   *@googlemail.com
def_whitelist_from_dkim   *@*  googlegroups.com
def_whitelist_from_dkim   *@*  yahoogroups.com
def_whitelist_from_dkim   *@*  yahoogroups.co.uk
def_whitelist_from_dkim   *@*  yahoogroupes.fr
def_whitelist_from_dkim   *@yousendit.com
def_whitelist_from_dkim   *@meetup.com
def_whitelist_from_dkim   dailyhoroscope@astrology.com

# reduce default scores, which are being abused
score ENV_AND_HDR_DKIM_MATCH -0.1
score ENV_AND_HDR_SPF_MATCH  -0.5

#other suggestions - penalize mail claiming to be from PayPal, eBay, Yahoo or Gmail but was not signed by their official mailers:

header   __ML1        Precedence =~ m{\b(list|bulk)\b}i
header   __ML2        exists:List-Id
header   __ML3        exists:List-Post
header   __ML4        exists:Mailing-List
header   __ML5        Return-Path:addr =~ m{^([^\@]+-(request|bounces|admin|owner)|owner-[^\@]+)(\@|\z)}mi
meta     __VIA_ML     __ML1 || __ML2 || __ML3 || __ML4 || __ML5
describe __VIA_ML     Mail from a mailing list

header   __AUTH_YAHOO1  From:addr =~ m{[\@.]yahoo\.com$}mi
header   __AUTH_YAHOO2  From:addr =~ m{\@yahoo\.com\.(ar|au|br|cn|hk|mx|my|ph|sg|tw)$}mi
header   __AUTH_YAHOO3  From:addr =~ m{\@yahoo\.co\.(id|in|jp|nz|th|uk)$}mi
header   __AUTH_YAHOO4  From:addr =~ m{\@yahoo\.(ca|cn|de|dk|es|fr|gr|ie|it|no|pl|se)$}mi
meta     __AUTH_YAHOO   __AUTH_YAHOO1 || __AUTH_YAHOO2 || __AUTH_YAHOO3 || __AUTH_YAHOO4
describe __AUTH_YAHOO   Author claims to be from Yahoo

header   __AUTH_GMAIL   From:addr =~ m{\@gmail\.com$}mi
describe __AUTH_GMAIL   Author claims to be from gmail.com

header   __AUTH_PAYPAL  From:addr =~ /[\@.]paypal\.(com|co\.uk)$/mi
describe __AUTH_PAYPAL  Author claims to be from PayPal

header   __AUTH_EBAY    From:addr =~ /[\@.]ebay\.(com|at|be|ca|ch|de|ee|es|fr|hu|ie|in|it|nl|ph|pl|pt|se|co\.(kr|uk)|com\.(au|cn|hk|mx|my|sg))$/mi
describe __AUTH_EBAY    Author claims to be from eBay

meta     NOTVALID_YAHOO !DKIM_VERIFIED && __AUTH_YAHOO && !__VIA_ML
priority NOTVALID_YAHOO 500
describe NOTVALID_YAHOO Claims to be from Yahoo but is not

meta     NOTVALID_GMAIL !DKIM_VERIFIED && __AUTH_GMAIL && !__VIA_ML
priority NOTVALID_GMAIL 500
describe NOTVALID_GMAIL Claims to be from gmail.com but is not

meta     NOTVALID_PAY   !DKIM_VERIFIED && (__AUTH_PAYPAL || __AUTH_EBAY)
priority NOTVALID_PAY   500
describe NOTVALID_PAY   Claims to be from PayPal or eBay, but is not

score    NOTVALID_YAHOO  2.8
score    NOTVALID_GMAIL  2.8
score    NOTVALID_PAY    6

# accept replies from abuse@yahoo.com even if not dkim/dk-signed:
whitelist_from_rcvd abuse@yahoo.com          yahoo.com
whitelist_from_rcvd MAILER-DAEMON@yahoo.com  yahoo.com
mschering
Site Admin
Site Admin
Posts: 8154
Joined: Tue Apr 20, 2004 1:06 pm
Location: The Netherlands - Den Bosch
Contact:

Re: No sign of spamassassin working

Postby mschering » Tue Feb 11, 2014 7:21 am

Is there a content filter defined in /etc/postfix/main.cf:

content_filter = smtp-amavis:[127.0.0.1]:10024
Best regards,



Merijn Schering

Intermesh
michelbisson
Posts: 18
Joined: Sat Jan 18, 2014 11:14 pm

Re: No sign of spamassassin working

Postby michelbisson » Tue Feb 11, 2014 9:48 am

Yes the entry is there, I do get some work done from Amavis since it does recognizes when a spam is coming but only in the mail logs, and Amavis puts a header that it checked the email for viruses, but no sign of spam work in the headers or anywhere else. Just to make sure I didn't put an inerfering directive in the main.cf or master.cf , here is the content of them. For security reasons I changed here the IP addresses of my_networks.

MAIN.CF

Code: Select all

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/mailserver/mail-cert.pem
smtpd_tls_key_file = /etc/ssl/mailserver/mail-key.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
tls_random_source = dev:/dev/urandom
smtpd_tls_loglevel = 0
smtpd_tls_security_level = may

# Using for TLS delivery of specific destinations (2011.12.28)
smtp_tls_security_level = may

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mail2.itmatrix.eu
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, localhost, localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8 192.168.0.0/24  [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
relay_domains = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf
virtual_mailbox_base = /home/vmail
virtual_minimum_uid = 150
virtual_uid_maps = static:150
virtual_gid_maps = static:8
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
transport_maps = proxy:mysql:/etc/postfix/mysql_virtual_transports.cf
#smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_unknown_sender_domain, reject_rbl_client zen.spamhaus.org, reject_rhsbl_sender dsn.fc-ignorant.org, permit
smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit
receive_override_options = no_address_mappings
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
message_size_limit = 20480000

content_filter = smtp-amavis:[127.0.0.1]:10024

# EXTRA manual DKIM Configuration(not part of original Group Office installation)
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:12345
non_smtpd_milters = inet:localhost:12345

# EXTA manual Spam filtering
smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination,
    reject_invalid_hostname,
    reject_non_fqdn_sender,
    reject_non_fqdn_recipient,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_rhsbl_sender dsn.fc-ignorant.org,
    check_recipient_access hash:/etc/postfix/spam_rec_addr,
    check_client_access hash:/etc/postfix/rbl_whitelist,
        reject_rbl_client  abuse.rfc-ignorant.org,
        reject_rbl_client  blackholes.brainerd.net,
        reject_rbl_client  bl.deadbeef.com,
        reject_rbl_client  dnsbl.antispam.or.id,
        reject_rbl_client  korea.services.net,
        reject_rbl_client  korea.services.net,
        reject_rbl_client  l1.spews.dnsbl.sorbs.net,
        reject_rbl_client  l2.spews.dnsbl.sorbs.net,
        reject_rbl_client  postmaster.rfc-ignorant.org,
        reject_rbl_client  query.bondedsender.org,
        reject_rbl_client  relays.bl.kundenserver.de,
        reject_rbl_client  relays.nether.net,
        reject_rbl_client  sbl.spamhaus.org,
        reject_rbl_client  zen.spamhaus.org,
        reject_rbl_client  ix.dnsbl.manitu.net,
        reject_rbl_client  spamguard.leadmon.net,
        reject_rbl_client  tr.countries.nerd.dk,
        reject_rbl_client  unsure.nether.net,
        reject_rbl_client  whois.rfc-ignorant.org,
        reject_rbl_client  l1.bbfh.ext.sorbs.net,
        reject_rbl_client  l2.bbfh.ext.sorbs.net,
        reject_rbl_client  psbl.surriel.com,
        reject_rbl_client  b.barracudacentral.org,
        reject_rbl_client  cbl.abuseat.org,
   permit_dnswl_client list.dnswl.org,
        check_policy_service inet:127.0.0.1:10023,
   permit

# Creates false positives. Disabled
#        reject_rbl_client  dsn.rfc-ignorant.org,

# Recommendation for better security by OpenVAS
disable_vrfy_command=yes

# SASL
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

# Extra spam filtering per sender addr
smtpd_reject_unlisted_sender = yes
smtpd_sender_restrictions =
   permit_mynetworks,
   permit_sasl_authenticated,
   reject_unknown_sender_domain,
   reject_non_fqdn_sender,
   check_sender_access hash:/etc/postfix/spam_addr
   permit

smtpd_client_restrictions =  check_client_access hash:/etc/postfix/spam_access
body_checks = regexp:/etc/postfix/spam_body_regex
# Next line added to make sure Postfix is set to the value of 10000.
# We had problems with bulk sending over 100 recipients.
smtpd_recipient_limit = 10000


MASTER.CF

Code: Select all

smtp      inet  n       -       -       -       -       smtpd
smtp-amavis unix -      -       y     -       2  smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20
127.0.0.1:10025 inet n  -       y     -       -  smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

dovecot   unix  -       n       n       -       -       pipe
    flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/deliver -d ${recipient}

pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       -       300     1       qmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
scalemail-backend unix   -   n   n   -   2   pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}

587     inet   n   -   n   -   -   smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
vacation    unix  -       n       n       -       -       pipe
  flags=Rq user=vacation argv=/usr/bin/groupoffice-vacation -f ${sender} -- ${recipient}

465     inet    n       -       -       -       -       smtpd
michelbisson
Posts: 18
Joined: Sat Jan 18, 2014 11:14 pm

Re: No sign of spamassassin working

Postby michelbisson » Wed Feb 12, 2014 1:17 am

I solved it!!!
I found the answer at:
https://groups.google.com/forum/#!msg/m ... uL1daCsS4J

Well as it often happens, it was my fault.
I had forgotten to add the domains that are local to my mail server in the Amavis configuration under:
@local_domains_acl = ( ".$mydomain" , "yourmail.name" ......
in the file: /etc/amavis/conf.d/05-domain_id
I restarted Amavis and when I sent a GTUBE Spam mail, the amavis log changed from:

Code: Select all

Passed SPAM {RelayedOpenRelay,Quarantined}

To:

Code: Select all

Passed SPAM {RelayedTaggedInbound,Quarantined}


Now the ***SPAM*** tag gets added to the subject header,and the following headers get also added:
Example:

Code: Select all

X-Quarantine-ID: <m1DKV8wQ9sAi>
X-Virus-Scanned: Debian amavisd-new at mail2.itmatrix.eu
X-Spam-Flag: YES
X-Spam-Score: 1000
X-Spam-Level: ****************************************************************
X-Spam-Status: Yes, score=1000 tagged_above=-999 required=-999
   tests=[GTUBE=1000] autolearn=no


Thanks for the support and also thanks for the new Debian version 5.0.40.
mschering
Site Admin
Site Admin
Posts: 8154
Joined: Tue Apr 20, 2004 1:06 pm
Location: The Netherlands - Den Bosch
Contact:

Re: No sign of spamassassin working

Postby mschering » Wed Feb 12, 2014 8:31 am

Great!
Best regards,



Merijn Schering

Intermesh
alstonamos
Posts: 1
Joined: Mon Apr 11, 2016 7:30 am

Re: No sign of spamassassin working

Postby alstonamos » Mon Apr 11, 2016 7:30 am

Best regards,



waleeed

Return to “Installation”

Who is online

Users browsing this forum: No registered users and 4 guests

cron