Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 9th December 2008, 06:47
unsichtbare unsichtbare is offline
Senior Member
 
Join Date: Sep 2007
Posts: 111
Thanks: 18
Thanked 7 Times in 6 Posts
Default Getting tons of spam with negative scores

It seems like the volume of spam on my server is up about 400% in the last couple weeks. Here's what the headers look like:
Code:
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on
	clients1.azwebdesigns.com
X-Spam-Level: 
X-Spam-Status: No, score=-87.3 required=5.0 tests=BAYES_50,
	HTML_FONT_LOW_CONTRAST,HTML_IMAGE_ONLY_08,HTML_MESSAGE,HTML_SHORT_LINK_IMG_1,
	MIME_HTML_ONLY,RCVD_IN_PBL,RDNS_NONE,URIBL_AB_SURBL,URIBL_BLACK,
	URIBL_JP_SURBL,URIBL_SBL,URIBL_WS_SURBL,USER_IN_WHITELIST autolearn=no
	version=3.2.4
How can I filter this?

-J
__________________
Ubuntu 14.04 - The Perfect Setup
ISPConfig 3.0.5
http://www.vmsources.com
Reply With Quote
Sponsored Links
  #2  
Old 9th December 2008, 19:48
chipsafts chipsafts is offline
Senior Member
 
Join Date: Nov 2007
Posts: 184
Thanks: 2
Thanked 6 Times in 6 Posts
Default

adjust the SA configuration so that it gives you the test results as well as which tests returned values.
Than figure out from there which test scores are out of whack
Reply With Quote
  #3  
Old 10th December 2008, 13:48
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 154 Times in 151 Posts
Default

It could be bayes poisoning you need to dump your bayes database and also check this rule USER_IN_WHITELIST it could be reversing the score on all the other rules.
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
  #4  
Old 12th December 2008, 18:05
unsichtbare unsichtbare is offline
Senior Member
 
Join Date: Sep 2007
Posts: 111
Thanks: 18
Thanked 7 Times in 6 Posts
Default

Sounds great! How do I dump the DB? Is: /home/admispconfig/ispconfig/tools/spamassassin/etc/mail/spamassassin/local.cf the correct path to adjust SpamAssassin?

-J
__________________
Ubuntu 14.04 - The Perfect Setup
ISPConfig 3.0.5
http://www.vmsources.com
Reply With Quote
  #5  
Old 16th December 2008, 00:22
chipsafts chipsafts is offline
Senior Member
 
Join Date: Nov 2007
Posts: 184
Thanks: 2
Thanked 6 Times in 6 Posts
Default

installing webmin from www.webmin.com will probably help you quite a bit with the SA data and configurations.
Reply With Quote
  #6  
Old 16th December 2008, 03:40
unsichtbare unsichtbare is offline
Senior Member
 
Join Date: Sep 2007
Posts: 111
Thanks: 18
Thanked 7 Times in 6 Posts
 
Default

Where is the value USER_IN_WHITELIST coming from? I have tried changing my SpamAssasin configuration to no avail, still tons of spam and it is always from a user to that user: from mike to mike

Thanks for the replies!
-J

Code:
Return-Path: <StacybrokeBurnett@worldchanging.com>
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on
	clients1.azwebdesigns.com
X-Spam-Level: 
X-Spam-Status: No, score=-81.8 required=5.0 tests=BAYES_80,BODY_ENHANCEMENT2,
	HTML_MESSAGE,MIME_HTML_ONLY,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_PBL,RCVD_IN_XBL,
	RDNS_NONE,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SBL,
	URIBL_SC_SURBL,USER_IN_WHITELIST autolearn=no version=3.2.4
X-Original-To: john@azwebdesigns.com
Delivered-To: web5_john@clients1.azwebdesigns.com
Received: by clients1.azwebdesigns.com (Postfix)
	id EAC891B515E; Mon, 15 Dec 2008 08:38:15 -0700 (MST)
Delivered-To: web15_john@clients1.azwebdesigns.com
Received: from 6d5e70435c3a448.domain (unknown [123.8.100.224])
	by clients1.azwebdesigns.com (Postfix) with SMTP id D0B9A1B5150;
	Mon, 15 Dec 2008 08:38:14 -0700 (MST)
To: <mike@azwebdesigns.com>
Subject: Discount ID: 2675
From: <mike@azwebdesigns.com>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
Message-Id: <20081215153814.D0B9A1B5150@clients1.azwebdesigns.com>
Date: Mon, 15 Dec 2008 08:38:14 -0700 (MST)
X-Virus-Status: No
X-Virus-Checker-Version: clamassassin 1.2.4 with clamscan / ClamAV 0.92/8762/Mon Dec 15 07:57:35 2008
__________________
Ubuntu 14.04 - The Perfect Setup
ISPConfig 3.0.5
http://www.vmsources.com
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
email spam filter options the_spy Feature Requests 1 7th September 2008 18:04
Ubuntu 8.04 Spamsnake - all SA scores 0.00 Thomas_Powers HOWTO-Related Questions 23 24th June 2008 18:37
Redirect Postfix Spam TimmBo Server Operation 6 5th March 2008 18:08
do you get tons of spam in your mailboxes ? showe1966 Installation/Configuration 1 8th February 2008 19:37
In ISPconfig whitelist but still seen as spam edge Installation/Configuration 12 5th September 2007 01:30


All times are GMT +2. The time now is 18:26.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.