HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   SpamSnake SpamAssassin not working? (http://www.howtoforge.com/forums/showthread.php?t=24353)

getrav 19th June 2008 18:41

SpamSnake SpamAssassin not working?
 
In Mailscanner SA Score is all blank!

Instead of clogging up this post, I put the full Lint test is at:
http://pastebin.com/m770e808f
Please help!!!

As per Rocky's instructions, I should be seeing something like code below but I don't.
Code:

I see: debug: using "/etc/MailScanner/spam.assassin.prefs.conf" for user prefs file
I don't see any of the below:
debug: bayes: 28821 tie-ing to DB file R/O /etc/MailScanner/bayes/bayes_toks
debug: bayes: 28821 tie-ing to DB file R/O /etc/MailScanner/bayes/bayes_seen
debug: bayes: found bayes db version 2
debug: Score set 3 chosen.


Rocky 19th June 2008 20:30

Hey,

Verify that you have the following set in your /etc/MailScanner/MailScanner.conf file:

Code:


SpamScore Number Instead Of Stars yes
Is Definitely Not Spam &SQLWhitelist
Is Definitely Spam &SQLBlacklist
Spam Actions deliver store
High Scoring Spam Actions delete store
Non Spam Actions deliver store


getrav 19th June 2008 22:06

This is what I have and it pretty much matches:

Code:

SpamScore Number Instead Of Stars = yes
Is Definitely Not Spam = &SQLWhitelist
Is Definitely Spam = &SQLBlacklist
Spam Actions = deliver store header "X-Spam-Status: Yes"
High Scoring Spam Actions = delete store
Non Spam Actions = deliver store header "X-Spam-Status: No"

All messages are delivered including spam. My current solution is to use outlook's junk mail filter. I would much prefer to keep it at SpamSnake :)

Rocky 20th June 2008 15:28

Hey,

Yes, all messages, including spam and ham, will be delivered because of your configuration. However, high scoring spam will not be delivered according to your configuration.

You mentioned that spamassassin does not score the messages. Does it tag mails as spam? Also, post the output of your lint test using the mailwatch interface.

If it's tagging spam as spam, then spamassassin is working.

Rocky

getrav 20th June 2008 17:17

Here is a post the output of your lint test using the mailwatch interface.
http://pastebin.com/m26179802

Here is a picture of my mailwatch interface showing no sa scores!
http://i280.photobucket.com/albums/k.../mailwatch.jpg

getrav 24th June 2008 00:02

Dont mean to be a pest, but could I get some help please???

Here are the last 100 lines of the mail.log:

Jun 19 15:20:42 spamsnake postfix/smtpd[1784]: disconnect from unknown[117.194.32.73]
Jun 19 15:20:47 spamsnake postfix/smtpd[1784]: connect from unknown[88.227.239.254]
Jun 19 15:20:50 spamsnake postfix/policy-spf[1788]: handler sender_policy_framework: is decisive.
Jun 19 15:20:50 spamsnake postfix/policy-spf[1788]: : Policy action=PREPEND Received-SPF: none (tactec.org: No applicable sender policy available) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="dwtactecm@tactec.org"; helo="[88.227.239.254]"; client-ip=88.227.239.254
Jun 19 15:20:50 spamsnake postfix/smtpd[1784]: 9E98317643C: client=unknown[88.227.239.254]
Jun 19 15:20:51 spamsnake postfix/cleanup[1790]: 9E98317643C: hold: header Received: from [88.227.239.254] (unknown [88.227.239.254])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 9E98317643C??for <ks@blabla.com>; Thu, 19 Jun 2008 15:20:49 -0400 (EDT) from unknown[88.227.239.254]; from=<dwtactecm@tactec.org> to=<ks@blabla.com> proto=ESMTP helo=<[88.227.239.254]>
Jun 19 15:20:51 spamsnake postfix/cleanup[1790]: 9E98317643C: message-id=<01c8d252$58dba500$feefe358@dwtactecm>
Jun 19 15:20:52 spamsnake postfix/smtpd[1784]: disconnect from unknown[88.227.239.254]
Jun 19 15:20:52 spamsnake postfix/smtpd[1784]: connect from wr-out-0506.google.com[64.233.184.233]
Jun 19 15:20:52 spamsnake postfix/smtpd[1795]: connect from an-out-0708.google.com[209.85.132.249]
Jun 19 15:20:52 spamsnake postfix/smtpd[1796]: connect from an-out-0708.google.com[209.85.132.250]
Jun 19 15:20:52 spamsnake postfix/smtpd[1797]: connect from an-out-0708.google.com[209.85.132.247]
Jun 19 15:20:52 spamsnake postfix/smtpd[1798]: connect from an-out-0708.google.com[209.85.132.248]
Jun 19 15:20:53 spamsnake postfix/policy-spf[1788]: handler sender_policy_framework: is decisive.
Jun 19 15:20:53 spamsnake postfix/policy-spf[1788]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=wr-out-0506.google.com; client-ip=64.233.184.233
Jun 19 15:20:53 spamsnake postfix/smtpd[1784]: DE9A017649A: client=wr-out-0506.google.com[64.233.184.233]
Jun 19 15:20:53 spamsnake postfix/policy-spf[1802]: handler sender_policy_framework: is decisive.
Jun 19 15:20:54 spamsnake postfix/policy-spf[1806]: handler sender_policy_framework: is decisive.
Jun 19 15:20:54 spamsnake postfix/policy-spf[1804]: handler sender_policy_framework: is decisive.
Jun 19 15:20:54 spamsnake postfix/cleanup[1790]: DE9A017649A: hold: header Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.233])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id DE9A017649A??for <anudas@blabla.com>; Thu, 19 Jun 2008 15:20 from wr-out-0506.google.com[64.233.184.233]; from=<invitebox@classmates.com> to=<anudas@blabla.com> proto=ESMTP helo=<wr-out-0506.google.com>
Jun 19 15:20:54 spamsnake postfix/cleanup[1790]: DE9A017649A: message-id=<000701c8d241$02d5eeb2$f959cca4@xnpqog>
Jun 19 15:20:54 spamsnake postfix/policy-spf[1802]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=an-out-0708.google.com; client-ip=209.85.132.250
Jun 19 15:20:54 spamsnake postfix/smtpd[1796]: 3AB3917649B: client=an-out-0708.google.com[209.85.132.250]
Jun 19 15:20:54 spamsnake postfix/policy-spf[1806]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=an-out-0708.google.com; client-ip=209.85.132.248
Jun 19 15:20:54 spamsnake postfix/smtpd[1798]: NOQUEUE: reject: RCPT from an-out-0708.google.com[209.85.132.248]: 550 5.1.1 <mg@blabla.com>: Recipient address rejected: User unknown in relay recipient table; from=<invitebox@classmates.com> to=<mg@blabla.com> proto=ESMTP helo=<an-out-0708.google.com>
Jun 19 15:20:54 spamsnake postfix/policy-spf[1804]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=an-out-0708.google.com; client-ip=209.85.132.247
Jun 19 15:20:54 spamsnake postfix/smtpd[1797]: 46BA117649E: client=an-out-0708.google.com[209.85.132.247]
Jun 19 15:20:54 spamsnake postfix/smtpd[1798]: disconnect from an-out-0708.google.com[209.85.132.248]
Jun 19 15:20:54 spamsnake postfix/cleanup[1790]: 3AB3917649B: hold: header Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.250])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 3AB3917649B??for <rshah@blabla.com>; Thu, 19 Jun 2008 15:20: from an-out-0708.google.com[209.85.132.250]; from=<invitebox@classmates.com> to=<rshah@blabla.com> proto=ESMTP helo=<an-out-0708.google.com>
Jun 19 15:20:54 spamsnake postfix/cleanup[1790]: 3AB3917649B: message-id=<000701c8d241$02d5eeb2$f959cca4@xnpqog>
Jun 19 15:20:54 spamsnake postfix/cleanup[1807]: 46BA117649E: hold: header Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.247])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 46BA117649E??for <kks@blabla.com>; Thu, 19 Jun 2008 15:20:53 from an-out-0708.google.com[209.85.132.247]; from=<invitebox@classmates.com> to=<kks@blabla.com> proto=ESMTP helo=<an-out-0708.google.com>
Jun 19 15:20:54 spamsnake postfix/cleanup[1807]: 46BA117649E: message-id=<000701c8d241$02d5eeb2$f959cca4@xnpqog>
Jun 19 15:20:56 spamsnake MailScanner[32463]: New Batch: Scanning 4 messages, 15471 bytes
Jun 19 15:20:56 spamsnake MailScanner[32463]: Virus and Content Scanning: Starting
Jun 19 15:20:59 spamsnake MailScanner[32463]: /var/spool/MailScanner/incoming/32463/./9E98317643C.33844.header: Email.Spam.Gen595.Sanesecurity.07052401 FOUND
Jun 19 15:20:59 spamsnake MailScanner[32463]: /var/spool/MailScanner/incoming/32463/./9E98317643C.33844.message: Email.Spam.Gen595.Sanesecurity.07052401 FOUND
Jun 19 15:20:59 spamsnake MailScanner[32463]: Virus Scanning: ClamAV found 2 infections
Jun 19 15:21:00 spamsnake MailScanner[32463]: Virus Scanning: F-Prot found 2 infections
Jun 19 15:21:00 spamsnake MailScanner[32463]: Infected message 9E98317643C.33844.header came from
Jun 19 15:21:00 spamsnake MailScanner[32463]: Infected message 9E98317643C.33844.message came from
Jun 19 15:21:00 spamsnake MailScanner[32463]: Virus Scanning: Found 2 viruses
Jun 19 15:21:01 spamsnake MailScanner[32463]: Requeue: 46BA117649E.788E6 to 1CEB91764A1
Jun 19 15:21:01 spamsnake MailScanner[32463]: Requeue: 3AB3917649B.0C2F0 to 1750017649E
Jun 19 15:21:01 spamsnake MailScanner[32463]: Requeue: 9E98317643C.33844 to 53C4A17649B
Jun 19 15:21:02 spamsnake MailScanner[32463]: Requeue: DE9A017649A.ED469 to 5FC7C17643C
Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 5FC7C17643C: from=<invitebox@classmates.com>, size=3866, nrcpt=1 (queue active)
Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 53C4A17649B: from=<dwtactecm@tactec.org>, size=1285, nrcpt=1 (queue active)
Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 1CEB91764A1: from=<invitebox@classmates.com>, size=3862, nrcpt=1 (queue active)
Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 1750017649E: from=<invitebox@classmates.com>, size=3866, nrcpt=1 (queue active)
Jun 19 15:21:02 spamsnake postfix/smtp[1822]: 5FC7C17643C: to=<anudas@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=9.4, delays=9.2/0.01/0.01/0.16, dsn=2.6.0, status=sent (250 2.6.0 <000701c8d241$02d5eeb2$f959cca4@xnpqog> Queued mail for delivery)
Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 5FC7C17643C: removed
Jun 19 15:21:02 spamsnake postfix/smtp[1824]: 53C4A17649B: to=<ks@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=12, delays=12/0.04/0.02/0.13, dsn=2.6.0, status=sent (250 2.6.0 <01c8d252$58dba500$feefe358@dwtactecm> Queued mail for delivery)
Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 53C4A17649B: removed
Jun 19 15:21:02 spamsnake postfix/smtp[1825]: 1CEB91764A1: to=<kks@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=9.2, delays=9/0.07/0/0.12, dsn=2.6.0, status=sent (250 2.6.0 <000701c8d241$02d5eeb2$f959cca4@xnpqog> Queued mail for delivery)
Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 1CEB91764A1: removed
Jun 19 15:21:02 spamsnake postfix/smtp[1826]: 1750017649E: to=<rshah@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=9.2, delays=9.1/0.06/0.01/0.12, dsn=2.6.0, status=sent (250 2.6.0 <000701c8d241$02d5eeb2$f959cca4@xnpqog> Queued mail for delivery)
Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 1750017649E: removed
Jun 19 15:21:02 spamsnake MailScanner[32463]: Uninfected: Delivered 4 messages
Jun 19 15:21:02 spamsnake MailScanner[32463]: Logging message 46BA117649E.788E6 to SQL
Jun 19 15:21:02 spamsnake MailScanner[32465]: 46BA117649E.788E6: Logged to MailWatch SQL
Jun 19 15:21:02 spamsnake MailScanner[32463]: Logging message 3AB3917649B.0C2F0 to SQL
Jun 19 15:21:03 spamsnake MailScanner[32465]: 3AB3917649B.0C2F0: Logged to MailWatch SQL
Jun 19 15:21:03 spamsnake MailScanner[32463]: Logging message 9E98317643C.33844 to SQL
Jun 19 15:21:03 spamsnake MailScanner[32465]: 9E98317643C.33844: Logged to MailWatch SQL
Jun 19 15:21:03 spamsnake MailScanner[32463]: Logging message DE9A017649A.ED469 to SQL
Jun 19 15:21:03 spamsnake MailScanner[32465]: DE9A017649A.ED469: Logged to MailWatch SQL
Jun 19 15:21:03 spamsnake postfix/policy-spf[1800]: handler sender_policy_framework: is decisive.
Jun 19 15:21:04 spamsnake postfix/policy-spf[1800]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=an-out-0708.google.com; client-ip=209.85.132.249
Jun 19 15:21:04 spamsnake postfix/smtpd[1795]: 313B217643C: client=an-out-0708.google.com[209.85.132.249]
Jun 19 15:21:04 spamsnake postfix/cleanup[1790]: 313B217643C: hold: header Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.249])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 313B217643C??for <ns@blabla.com>; Thu, 19 Jun 2008 15:20:52 from an-out-0708.google.com[209.85.132.249]; from=<invitebox@classmates.com> to=<ns@blabla.com> proto=ESMTP helo=<an-out-0708.google.com>
Jun 19 15:21:04 spamsnake postfix/cleanup[1790]: 313B217643C: message-id=<000701c8d241$02d5eeb2$f959cca4@xnpqog>
Jun 19 15:21:09 spamsnake MailScanner[32463]: New Batch: Scanning 1 messages, 4528 bytes
Jun 19 15:21:09 spamsnake MailScanner[32463]: Virus and Content Scanning: Starting
Jun 19 15:21:13 spamsnake MailScanner[32463]: Requeue: 313B217643C.19DFE to CB5A417649A
Jun 19 15:21:13 spamsnake postfix/qmgr[4751]: CB5A417649A: from=<invitebox@classmates.com>, size=3860, nrcpt=1 (queue active)
Jun 19 15:21:13 spamsnake postfix/smtp[1822]: CB5A417649A: to=<ns@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=20, delays=20/0/0/0.13, dsn=2.6.0, status=sent (250 2.6.0 <000701c8d241$02d5eeb2$f959cca4@xnpqog> Queued mail for delivery)
Jun 19 15:21:13 spamsnake postfix/qmgr[4751]: CB5A417649A: removed
Jun 19 15:21:13 spamsnake MailScanner[32463]: Uninfected: Delivered 1 messages
Jun 19 15:21:13 spamsnake MailScanner[32463]: Logging message 313B217643C.19DFE to SQL
Jun 19 15:21:13 spamsnake MailScanner[32465]: 313B217643C.19DFE: Logged to MailWatch SQL
Jun 19 15:21:24 spamsnake postfix/smtpd[1784]: disconnect from wr-out-0506.google.com[64.233.184.233]
Jun 19 15:21:24 spamsnake postfix/smtpd[1796]: disconnect from an-out-0708.google.com[209.85.132.250]
Jun 19 15:21:24 spamsnake postfix/smtpd[1797]: disconnect from an-out-0708.google.com[209.85.132.247]
Jun 19 15:21:34 spamsnake postfix/smtpd[1795]: disconnect from an-out-0708.google.com[209.85.132.249]
Jun 19 15:22:23 spamsnake postfix/smtpd[1798]: connect from unknown[200.89.94.203]
Jun 19 15:22:25 spamsnake postfix/policy-spf[1806]: handler sender_policy_framework: is decisive.
Jun 19 15:22:25 spamsnake postfix/policy-spf[1806]: : Policy action=PREPEND Received-SPF: none (crutherford.co.uk: No applicable sender policy available) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="xbwextreme@crutherford.co.uk"; helo=derkonfigurator.de; client-ip=200.89.94.203
Jun 19 15:22:25 spamsnake postfix/smtpd[1798]: 5D2A217643C: client=unknown[200.89.94.203]
Jun 19 15:22:25 spamsnake postfix/cleanup[1807]: 5D2A217643C: hold: header Received: from derkonfigurator.de (unknown [200.89.94.203])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 5D2A217643C??for <ks@blabla.com>; Thu, 19 Jun 2008 15:22:24 -0400 (EDT) from unknown[200.89.94.203]; from=<xbwextreme@crutherford.co.uk> to=<ks@blabla.com> proto=ESMTP helo=<derkonfigurator.de>
Jun 19 15:22:25 spamsnake postfix/cleanup[1807]: 5D2A217643C: message-id=<001b01c8d220$469bc820$0033b45c@pc22>
Jun 19 15:22:25 spamsnake postfix/smtpd[1798]: disconnect from unknown[200.89.94.203]
Jun 19 15:22:31 spamsnake MailScanner[32463]: New Batch: Scanning 1 messages, 3090 bytes
Jun 19 15:22:32 spamsnake MailScanner[32463]: Virus and Content Scanning: Starting
Jun 19 15:22:35 spamsnake MailScanner[32463]: Requeue: 5D2A217643C.26D6E to D5F6217649A
Jun 19 15:22:35 spamsnake postfix/qmgr[4751]: D5F6217649A: from=<xbwextreme@crutherford.co.uk>, size=2515, nrcpt=1 (queue active)
Jun 19 15:22:35 spamsnake postfix/smtp[1824]: D5F6217649A: to=<ks@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=11, delays=11/0/0/0.18, dsn=2.6.0, status=sent (250 2.6.0 <001b01c8d220$469bc820$0033b45c@pc22> Queued mail for delivery)
Jun 19 15:22:35 spamsnake postfix/qmgr[4751]: D5F6217649A: removed
Jun 19 15:22:35 spamsnake MailScanner[32463]: Uninfected: Delivered 1 messages
Jun 19 15:22:35 spamsnake MailScanner[32463]: Logging message 5D2A217643C.26D6E to SQL
Jun 19 15:22:36 spamsnake MailScanner[32465]: 5D2A217643C.26D6E: Logged to MailWatch SQL
Jun 19 15:24:41 spamsnake postfix/smtpd[1897]: connect from unknown[78.167.62.197]


All times are GMT +2. The time now is 17:18.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.