View Single Post
Old 10th August 2012, 18:16
cbj4074 cbj4074 is offline
Senior Member
Join Date: Nov 2010
Posts: 395
Thanks: 30
Thanked 58 Times in 50 Posts

I double-checked the Spamfilter -> User / Domain list and everything looks correct there. I am assigning my custom "default policy" to each domain, at the domain level only.

Hmm, that explanation of the quarantine cut-off value doesn't seem consistent with the observed behavior. As can be seen in the screenshot attached to my previous post, this value has been set at zero, yet I do receive quarantine emails for messages with scores >= "SPAM kill level".

I have tried hunting-down the 5.0 score, and it's not in 50-user. I see the defined defaults there, however:

# Default settings, we st this very high to not filter aut emails accidently
$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt  = 20.0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 60.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 60.0; # triggers spam evasive actions
$sa_dsn_cutoff_level = 100;   # spam level beyond which a DSN is not sent
I have double-checked all policies in ISPConfig and none of them use the score 5.0. So, where's it coming from, I wonder?

All of this said, I still don't have a viable strategy for reviewing messages with scores that straddle the ham/spam line.

Is there any means by which to receive a "digest" of the day's spam activity and scores?

I've seen a Perl script ( ), but it's pretty old.

I'm willing to write a script to parse the log, but that's another issue entirely. I don't see detailed SpamAssassin information in /var/log/syslog (on Debian). I asked this question in my initial post: does one have to use Spam Assassin in daemon mode to enable detailed logging?
Reply With Quote