need spamassassin help

Discuss Applications
Post Reply
User avatar
cdhgold
administrator
administrator
Posts: 382
Joined: Tue Mar 18, 2003 6:11 pm
Location: Texas

need spamassassin help

Post by cdhgold »

spamassassinis running but seems to no longer be marking messages .. it should be adding the [spam] marker to subject and it is not i'm not sure how to t/s spamassassin

any suggestions?
cdhgold

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Is it going through spamassassin and just not scoring high enough to mark it as spam (check the headers)? Did you upgrade sendmail and overwrite your sendmail configuration with the spamassassin hooks? Did you go back over all the pieces mentioned in your other spam topic?

http://voidmain.is-a-geek.net/forums/vi ... php?t=2062

On my setup I have to have the hooks in the sendmail configuration and have the spamassassin and spamass-milter services running. You might just try restarting those services first and see if that helps. Check your /var/log/maillog to see if they started and there are no errors. Also you can pipe a message directly into the "spamc" command for testing spamassassin itself. Check the /var/log/maillog after doing that to see what spamassassin did to the message.

User avatar
cdhgold
administrator
administrator
Posts: 382
Joined: Tue Mar 18, 2003 6:11 pm
Location: Texas

Post by cdhgold »

looks like the filter is not working right

here is the entries in /var/log/maillog for a spam that was not marked by spamassassain

Code: Select all

Aug 21 07:37:08 101009-phoenix postfix/smtpd[25091]: connect from mx2.ruexpress.com[208.146.32.83]
Aug 21 07:37:08 101009-phoenix postfix/cleanup[25106]: A95CB5E4512: message-id=<20070821123708.A95CB5E4512@101009-phoenix.tecman.com>
Aug 21 07:37:08 101009-phoenix postfix/qmgr[2925]: A95CB5E4512: from=<postmaster@tecman.com>, size=278, nrcpt=1 (queue active)
Aug 21 07:37:09 101009-phoenix postfix/smtp[25107]: A95CB5E4512: to=<2-1492311-tecman.com?cdhgold@mx2.ruexpress.com>, relay=mx2.ruexpress.com[208.146.32.83], delay=1, status=deliverable (250 ok 2-1492311-tecman.com?cdhgold@mx2.ruexpress.com)
Aug 21 07:37:09 101009-phoenix postfix/qmgr[2925]: A95CB5E4512: removed
Aug 21 07:37:11 101009-phoenix postfix/smtpd[25091]: warning: 83.32.146.208.relays.ordb.org: RBL lookup error: Host or domain name not found. Name service error for name=83.32.146.208.relays.ordb.org type=A: Host not found, try again
Aug 21 07:37:11 101009-phoenix postfix/smtpd[25091]: F1E375E4512: client=mx2.ruexpress.com[208.146.32.83]
Aug 21 07:37:12 101009-phoenix postfix/cleanup[25106]: F1E375E4512: message-id=<2-1492311-88Qw4tOQ9sb8SLD78tS@mx2.ruexpress.com>
Aug 21 07:37:12 101009-phoenix postfix/qmgr[2925]: F1E375E4512: from=<2-1492311-tecman.com?cdhgold@mx2.ruexpress.com>, size=1815, nrcpt=1 (queue active)
Aug 21 07:37:12 101009-phoenix spamd[11336]: spamd: connection from localhost [127.0.0.1] at port 44689
Aug 21 07:37:12 101009-phoenix spamd[11336]: spamd: setuid to spamfilter succeeded
Aug 21 07:37:12 101009-phoenix spamd[11336]: spamd: processing message <2-1492311-88Qw4tOQ9sb8SLD78tS@mx2.ruexpress.com> for spamfilter:506
Aug 21 07:37:12 101009-phoenix spamd[11336]: spamd: clean message (0.0/5.0) for spamfilter:506 in 0.4 seconds, 1786 bytes.
Aug 21 07:37:12 101009-phoenix spamd[11336]: spamd: result: . 0 - scantime=0.4,size=1786,user=spamfilter,uid=506,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=44689,mid=<2-1492311-88Qw4tOQ9sb8SLD78tS@mx2.ruexpress.com>,autolearn=ham
Aug 21 07:37:12 101009-phoenix spamd[2970]: prefork: child states: II
Aug 21 07:37:12 101009-phoenix postfix/pipe[25109]: F1E375E4512: to=<cdhgold@tecman.com>, relay=spamfilter, delay=4, status=sent (101009-phoenix.tecman.com)
Aug 21 07:37:12 101009-phoenix postfix/qmgr[2925]: F1E375E4512: removed
Aug 21 07:37:12 101009-phoenix postfix/pickup[25015]: ABACD5E4512: uid=506 from=<2-1492311-tecman.com?cdhgold@mx2.ruexpress.com>
Aug 21 07:37:12 101009-phoenix postfix/cleanup[25106]: ABACD5E4512: message-id=<2-1492311-88Qw4tOQ9sb8SLD78tS@mx2.ruexpress.com>
Aug 21 07:37:12 101009-phoenix postfix/qmgr[2925]: ABACD5E4512: from=<2-1492311-tecman.com?cdhgold@mx2.ruexpress.com>, size=2026, nrcpt=1 (queue active)
Aug 21 07:37:12 101009-phoenix postfix/local[25114]: ABACD5E4512: to=<cdhgold@tecman.com>, relay=local, delay=0, status=sent (delivered to mailbox)
Aug 21 07:37:12 101009-phoenix postfix/qmgr[2925]: ABACD5E4512: removed
Aug 21 07:37:18 101009-phoenix postfix/smtpd[25091]: disconnect from mx2.ruexpress.com[208.146.32.83]
any suggestions of where to go from here?

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Looks like it has to be your spamassassin configuration. It scored the example message a 0. Looks like you are using a different setup than I use so I am not sure where your spamassassin configuration files would be. Mine are:

/etc/sysconfig/spamassassin

Code: Select all

# Options to spamd
SPAMDOPTIONS="-d -c -m5 -H"
/etc/sysconfig/spamass-milter

Code: Select all

### Override for your different local config
#SOCKET=/var/run/spamass.sock

### Default parameter for spamass-milter is -f (work in the background)
### you may add another parameters here, see spamass-milter(1)
#EXTRA_FLAGS="-m -r 15"
#EXTRA_FLAGS="-M -B spam"
EXTRA_FLAGS="-b spam"
and

/etc/mail/spamassassin/*
local.cf

Code: Select all

# These values can be overridden by editing ~/.spamassassin/user_prefs.cf 
# (see spamassassin(1) for details)

# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.

required_hits 5
report_safe 0
rewrite_header Subject [SPAM]

use_bayes 1
bayes_auto_learn 1
bayes_path /var/amavisd/.spamassassin
bayes_path /var/run/spamassassin/bayes
bayes_file_mode 0666
and a bunch of other *.cf files in /etc/mail/spamassassin.

User avatar
cdhgold
administrator
administrator
Posts: 382
Joined: Tue Mar 18, 2003 6:11 pm
Location: Texas

Post by cdhgold »

found my problem i have a cron job that nightly runs the sa-learn command on 2 users inbox and junk folders .. found that one of the users was not getting their spam redirected to junk so was marking whole inbox as ham causing spamassassain grading to be borked up .. now need to find out how to reset spamassassin so it can be tr-trained from scratch

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

sa-learn has a lot of options. I think "--clear" would be the one to wipe your entire database. You can also just clear for a single user. Here's the man page:

http://voidmain.is-a-geek.net/man?param ... n&mode=man

Post Reply