Please see the following maillog, why this email over the spamassassin required, but
the user still can receive spam mail?
Jun 18 00:03:46 leiw sendmail[6017]: l5HG3i2d006017: Milter add: header: X-Spam-Flag: YES
Jun 18 00:03:46 leiw sendmail[6017]: l5HG3i2d006017: Milter add: header: X-Spam-Status: Yes, score=2.8 required=0.5 tests=FROM_ENDS_IN_NUMS,HTML_60_70,\n\tHTML_MESSAGE,HTML_TAG_EXIST_TBODY,RCVD_BY_IP,WEIRD_QUOTING \n\tautolearn=no version=3.0.5
Jun 18 00:03:46 leiw sendmail[6017]: l5HG3i2d006017: Milter add: header: X-Spam-Report: \n\t* 0.5 FROM_ENDS_IN_NUMS From: ends in numbers\n\t* 0.0 RCVD_BY_IP Received by mail server with no name\n\t* 2.0 WEIRD_QUOTING BODY: Weird repeated double-quotation marks\n\t* 0.0 HTML_60_70 BODY: Message is 60% to 70% HTML\n\t* 0.2 HTML_TAG_EXIST_TBODY BODY: HTML has "tbody" tag\n\t* 0.0 HTML_MESSAGE BODY: HTML included in message
Jun 18 00:03:46 leiw sendmail[6017]: l5HG3i2d006017: Milter add: header: X-Spam-Level: **
Jun 18 00:03:46 leiw sendmail[6017]: l5HG3i2d006017: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.0.5 (2005-11-28) on leiw.no-ip.org
Jun 18 00:03:46 leiw sendmail[6016]: l5HG3h9K006016: to=<wilson@leiw.no-ip.org>, delay=00:00:03, xdelay=00:00:02, mailer=relay, pri=72257, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (l5HG3i2d006017 Message accepted for delivery)
Jun 18 00:03:52 leiw sendmail[6025]: l5HG3i2d006017: to=<wilson@leiw.no-ip.org>, delay=00:00:08, xdelay=00:00:06, mailer=scalix_mime, pri=162437, relay=leiw, dsn=2.0.0, stat=Sent (Ok)
Spam question
Moderator: ScalixSupport
-
dougp23
- Posts: 229
- Joined: Thu Feb 15, 2007 2:42 pm
Very rarely I seem to see the same thing, where a message with a score that should make the mail be marked as spam, sails right through. I am not sure why.
If you don't want your users getting the email that is SPAM you need to tell the milter this. ( it looks like from your post that you're not changing the headers or anything, so all you're doing is adding a header that has the spam score )
You can tell the milter to rewrite subject headers into something like ***SPAM*** and deliver them to your users so they can filter them out, or add the -b setting in your milter and point it to a mailbox where all spam will go. (i.e. spambox@yourdomain.com).
Do a man on spamass-milter, it's pretty straightforward.
If you don't want your users getting the email that is SPAM you need to tell the milter this. ( it looks like from your post that you're not changing the headers or anything, so all you're doing is adding a header that has the spam score )
You can tell the milter to rewrite subject headers into something like ***SPAM*** and deliver them to your users so they can filter them out, or add the -b setting in your milter and point it to a mailbox where all spam will go. (i.e. spambox@yourdomain.com).
Do a man on spamass-milter, it's pretty straightforward.
-
dougp23
- Posts: 229
- Joined: Thu Feb 15, 2007 2:42 pm
-
jaime.pinto
- Scalix Star
- Posts: 709
- Joined: Fri Feb 23, 2007 6:50 pm
- Location: Toronto - Canada
Edit /etc/mail/spamassassin/local.cf
Check the settings below:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If required_hits is too high, it takes more repetitions before the email is classified as spam. If too low, you could miss a legitimate email. 3-5 is a reasonable range.
As dougp23 said, the re-written subject line can be used as pattern for users to filter out the offending emails.
Jaime
Check the settings below:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If required_hits is too high, it takes more repetitions before the email is classified as spam. If too low, you could miss a legitimate email. 3-5 is a reasonable range.
As dougp23 said, the re-written subject line can be used as pattern for users to filter out the offending emails.
Jaime
Last edited by jaime.pinto on Sun Jun 24, 2007 10:32 pm, edited 1 time in total.
-
dougp23
- Posts: 229
- Joined: Thu Feb 15, 2007 2:42 pm
Check these two files, look for EXTRA FLAGS
/etc/init.d/spamass-milter
/etc/sysconfig/spamass-milter
If EITHER of them have the -m flag set, this will tell the milter NOT to rewrite the headers, REGARDLESS of what local.cf says.
If you want to redirect all your spam to a separate mailbox and not to your users, add the -b flag. Create a spam mailbox, i.e. junkmail@mydomain.com and then in the EXTRA FLAGS settings (I usually put mine in /etc/init.d) you would have
-b junkmail@mydomain.com
You must then stop and restart the milter, and *I think*, stop and restart sendmail.
/etc/init.d/spamass-milter
/etc/sysconfig/spamass-milter
If EITHER of them have the -m flag set, this will tell the milter NOT to rewrite the headers, REGARDLESS of what local.cf says.
If you want to redirect all your spam to a separate mailbox and not to your users, add the -b flag. Create a spam mailbox, i.e. junkmail@mydomain.com and then in the EXTRA FLAGS settings (I usually put mine in /etc/init.d) you would have
-b junkmail@mydomain.com
You must then stop and restart the milter, and *I think*, stop and restart sendmail.
Return to “Third Party Integration”
Who is online
Users browsing this forum: No registered users and 3 guests