SpamSnake SpamAssassin not working?

Discussion in 'HOWTO-Related Questions' started by getrav, Jun 19, 2008.

  1. getrav

    getrav New Member

    In Mailscanner SA Score is all blank!

    Instead of clogging up this post, I put the full Lint test is at:
    http://pastebin.com/m770e808f
    Please help!!!

    As per Rocky's instructions, I should be seeing something like code below but I don't.
    Code:
    [COLOR="Blue"]I see: [/COLOR]debug: using "/etc/MailScanner/spam.assassin.prefs.conf" for user prefs file
    [COLOR="Red"]I don't see any of the below:[/COLOR]
    debug: bayes: 28821 tie-ing to DB file R/O /etc/MailScanner/bayes/bayes_toks
    debug: bayes: 28821 tie-ing to DB file R/O /etc/MailScanner/bayes/bayes_seen
    debug: bayes: found bayes db version 2
    debug: Score set 3 chosen.
     
  2. Rocky

    Rocky New Member

    Hey,

    Verify that you have the following set in your /etc/MailScanner/MailScanner.conf file:

    Code:
     
    SpamScore Number Instead Of Stars yes 
    Is Definitely Not Spam &SQLWhitelist 
    Is Definitely Spam &SQLBlacklist 
    Spam Actions deliver store 
    High Scoring Spam Actions delete store 
    Non Spam Actions deliver store
    
     
  3. getrav

    getrav New Member

    This is what I have and it pretty much matches:

    Code:
    SpamScore Number Instead Of Stars = yes
    Is Definitely Not Spam = &SQLWhitelist
    Is Definitely Spam = &SQLBlacklist
    Spam Actions = deliver store header [COLOR="Red"]"X-Spam-Status: Yes"[/COLOR]
    High Scoring Spam Actions = delete store
    Non Spam Actions = deliver store header [COLOR="Red"]"X-Spam-Status: No"[/COLOR]
    All messages are delivered including spam. My current solution is to use outlook's junk mail filter. I would much prefer to keep it at SpamSnake :)
     
  4. Rocky

    Rocky New Member

    Hey,

    Yes, all messages, including spam and ham, will be delivered because of your configuration. However, high scoring spam will not be delivered according to your configuration.

    You mentioned that spamassassin does not score the messages. Does it tag mails as spam? Also, post the output of your lint test using the mailwatch interface.

    If it's tagging spam as spam, then spamassassin is working.

    Rocky
     
  5. getrav

    getrav New Member

    Here is a post the output of your lint test using the mailwatch interface.
    http://pastebin.com/m26179802

    Here is a picture of my mailwatch interface showing no sa scores!
    [​IMG]
     
    Last edited: Jun 20, 2008
  6. getrav

    getrav New Member

    Dont mean to be a pest, but could I get some help please???

    Here are the last 100 lines of the mail.log:

    Jun 19 15:20:42 spamsnake postfix/smtpd[1784]: disconnect from unknown[117.194.32.73]
    Jun 19 15:20:47 spamsnake postfix/smtpd[1784]: connect from unknown[88.227.239.254]
    Jun 19 15:20:50 spamsnake postfix/policy-spf[1788]: handler sender_policy_framework: is decisive.
    Jun 19 15:20:50 spamsnake postfix/policy-spf[1788]: : Policy action=PREPEND Received-SPF: none (tactec.org: No applicable sender policy available) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="dwtactecm@tactec.org"; helo="[88.227.239.254]"; client-ip=88.227.239.254
    Jun 19 15:20:50 spamsnake postfix/smtpd[1784]: 9E98317643C: client=unknown[88.227.239.254]
    Jun 19 15:20:51 spamsnake postfix/cleanup[1790]: 9E98317643C: hold: header Received: from [88.227.239.254] (unknown [88.227.239.254])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 9E98317643C??for <ks@blabla.com>; Thu, 19 Jun 2008 15:20:49 -0400 (EDT) from unknown[88.227.239.254]; from=<dwtactecm@tactec.org> to=<ks@blabla.com> proto=ESMTP helo=<[88.227.239.254]>
    Jun 19 15:20:51 spamsnake postfix/cleanup[1790]: 9E98317643C: message-id=<01c8d252$58dba500$feefe358@dwtactecm>
    Jun 19 15:20:52 spamsnake postfix/smtpd[1784]: disconnect from unknown[88.227.239.254]
    Jun 19 15:20:52 spamsnake postfix/smtpd[1784]: connect from wr-out-0506.google.com[64.233.184.233]
    Jun 19 15:20:52 spamsnake postfix/smtpd[1795]: connect from an-out-0708.google.com[209.85.132.249]
    Jun 19 15:20:52 spamsnake postfix/smtpd[1796]: connect from an-out-0708.google.com[209.85.132.250]
    Jun 19 15:20:52 spamsnake postfix/smtpd[1797]: connect from an-out-0708.google.com[209.85.132.247]
    Jun 19 15:20:52 spamsnake postfix/smtpd[1798]: connect from an-out-0708.google.com[209.85.132.248]
    Jun 19 15:20:53 spamsnake postfix/policy-spf[1788]: handler sender_policy_framework: is decisive.
    Jun 19 15:20:53 spamsnake postfix/policy-spf[1788]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=wr-out-0506.google.com; client-ip=64.233.184.233
    Jun 19 15:20:53 spamsnake postfix/smtpd[1784]: DE9A017649A: client=wr-out-0506.google.com[64.233.184.233]
    Jun 19 15:20:53 spamsnake postfix/policy-spf[1802]: handler sender_policy_framework: is decisive.
    Jun 19 15:20:54 spamsnake postfix/policy-spf[1806]: handler sender_policy_framework: is decisive.
    Jun 19 15:20:54 spamsnake postfix/policy-spf[1804]: handler sender_policy_framework: is decisive.
    Jun 19 15:20:54 spamsnake postfix/cleanup[1790]: DE9A017649A: hold: header Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.233])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id DE9A017649A??for <anudas@blabla.com>; Thu, 19 Jun 2008 15:20 from wr-out-0506.google.com[64.233.184.233]; from=<invitebox@classmates.com> to=<anudas@blabla.com> proto=ESMTP helo=<wr-out-0506.google.com>
    Jun 19 15:20:54 spamsnake postfix/cleanup[1790]: DE9A017649A: message-id=<000701c8d241$02d5eeb2$f959cca4@xnpqog>
    Jun 19 15:20:54 spamsnake postfix/policy-spf[1802]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=an-out-0708.google.com; client-ip=209.85.132.250
    Jun 19 15:20:54 spamsnake postfix/smtpd[1796]: 3AB3917649B: client=an-out-0708.google.com[209.85.132.250]
    Jun 19 15:20:54 spamsnake postfix/policy-spf[1806]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=an-out-0708.google.com; client-ip=209.85.132.248
    Jun 19 15:20:54 spamsnake postfix/smtpd[1798]: NOQUEUE: reject: RCPT from an-out-0708.google.com[209.85.132.248]: 550 5.1.1 <mg@blabla.com>: Recipient address rejected: User unknown in relay recipient table; from=<invitebox@classmates.com> to=<mg@blabla.com> proto=ESMTP helo=<an-out-0708.google.com>
    Jun 19 15:20:54 spamsnake postfix/policy-spf[1804]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=an-out-0708.google.com; client-ip=209.85.132.247
    Jun 19 15:20:54 spamsnake postfix/smtpd[1797]: 46BA117649E: client=an-out-0708.google.com[209.85.132.247]
    Jun 19 15:20:54 spamsnake postfix/smtpd[1798]: disconnect from an-out-0708.google.com[209.85.132.248]
    Jun 19 15:20:54 spamsnake postfix/cleanup[1790]: 3AB3917649B: hold: header Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.250])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 3AB3917649B??for <rshah@blabla.com>; Thu, 19 Jun 2008 15:20: from an-out-0708.google.com[209.85.132.250]; from=<invitebox@classmates.com> to=<rshah@blabla.com> proto=ESMTP helo=<an-out-0708.google.com>
    Jun 19 15:20:54 spamsnake postfix/cleanup[1790]: 3AB3917649B: message-id=<000701c8d241$02d5eeb2$f959cca4@xnpqog>
    Jun 19 15:20:54 spamsnake postfix/cleanup[1807]: 46BA117649E: hold: header Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.247])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 46BA117649E??for <kks@blabla.com>; Thu, 19 Jun 2008 15:20:53 from an-out-0708.google.com[209.85.132.247]; from=<invitebox@classmates.com> to=<kks@blabla.com> proto=ESMTP helo=<an-out-0708.google.com>
    Jun 19 15:20:54 spamsnake postfix/cleanup[1807]: 46BA117649E: message-id=<000701c8d241$02d5eeb2$f959cca4@xnpqog>
    Jun 19 15:20:56 spamsnake MailScanner[32463]: New Batch: Scanning 4 messages, 15471 bytes
    Jun 19 15:20:56 spamsnake MailScanner[32463]: Virus and Content Scanning: Starting
    Jun 19 15:20:59 spamsnake MailScanner[32463]: /var/spool/MailScanner/incoming/32463/./9E98317643C.33844.header: Email.Spam.Gen595.Sanesecurity.07052401 FOUND
    Jun 19 15:20:59 spamsnake MailScanner[32463]: /var/spool/MailScanner/incoming/32463/./9E98317643C.33844.message: Email.Spam.Gen595.Sanesecurity.07052401 FOUND
    Jun 19 15:20:59 spamsnake MailScanner[32463]: Virus Scanning: ClamAV found 2 infections
    Jun 19 15:21:00 spamsnake MailScanner[32463]: Virus Scanning: F-Prot found 2 infections
    Jun 19 15:21:00 spamsnake MailScanner[32463]: Infected message 9E98317643C.33844.header came from
    Jun 19 15:21:00 spamsnake MailScanner[32463]: Infected message 9E98317643C.33844.message came from
    Jun 19 15:21:00 spamsnake MailScanner[32463]: Virus Scanning: Found 2 viruses
    Jun 19 15:21:01 spamsnake MailScanner[32463]: Requeue: 46BA117649E.788E6 to 1CEB91764A1
    Jun 19 15:21:01 spamsnake MailScanner[32463]: Requeue: 3AB3917649B.0C2F0 to 1750017649E
    Jun 19 15:21:01 spamsnake MailScanner[32463]: Requeue: 9E98317643C.33844 to 53C4A17649B
    Jun 19 15:21:02 spamsnake MailScanner[32463]: Requeue: DE9A017649A.ED469 to 5FC7C17643C
    Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 5FC7C17643C: from=<invitebox@classmates.com>, size=3866, nrcpt=1 (queue active)
    Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 53C4A17649B: from=<dwtactecm@tactec.org>, size=1285, nrcpt=1 (queue active)
    Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 1CEB91764A1: from=<invitebox@classmates.com>, size=3862, nrcpt=1 (queue active)
    Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 1750017649E: from=<invitebox@classmates.com>, size=3866, nrcpt=1 (queue active)
    Jun 19 15:21:02 spamsnake postfix/smtp[1822]: 5FC7C17643C: to=<anudas@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=9.4, delays=9.2/0.01/0.01/0.16, dsn=2.6.0, status=sent (250 2.6.0 <000701c8d241$02d5eeb2$f959cca4@xnpqog> Queued mail for delivery)
    Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 5FC7C17643C: removed
    Jun 19 15:21:02 spamsnake postfix/smtp[1824]: 53C4A17649B: to=<ks@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=12, delays=12/0.04/0.02/0.13, dsn=2.6.0, status=sent (250 2.6.0 <01c8d252$58dba500$feefe358@dwtactecm> Queued mail for delivery)
    Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 53C4A17649B: removed
    Jun 19 15:21:02 spamsnake postfix/smtp[1825]: 1CEB91764A1: to=<kks@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=9.2, delays=9/0.07/0/0.12, dsn=2.6.0, status=sent (250 2.6.0 <000701c8d241$02d5eeb2$f959cca4@xnpqog> Queued mail for delivery)
    Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 1CEB91764A1: removed
    Jun 19 15:21:02 spamsnake postfix/smtp[1826]: 1750017649E: to=<rshah@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=9.2, delays=9.1/0.06/0.01/0.12, dsn=2.6.0, status=sent (250 2.6.0 <000701c8d241$02d5eeb2$f959cca4@xnpqog> Queued mail for delivery)
    Jun 19 15:21:02 spamsnake postfix/qmgr[4751]: 1750017649E: removed
    Jun 19 15:21:02 spamsnake MailScanner[32463]: Uninfected: Delivered 4 messages
    Jun 19 15:21:02 spamsnake MailScanner[32463]: Logging message 46BA117649E.788E6 to SQL
    Jun 19 15:21:02 spamsnake MailScanner[32465]: 46BA117649E.788E6: Logged to MailWatch SQL
    Jun 19 15:21:02 spamsnake MailScanner[32463]: Logging message 3AB3917649B.0C2F0 to SQL
    Jun 19 15:21:03 spamsnake MailScanner[32465]: 3AB3917649B.0C2F0: Logged to MailWatch SQL
    Jun 19 15:21:03 spamsnake MailScanner[32463]: Logging message 9E98317643C.33844 to SQL
    Jun 19 15:21:03 spamsnake MailScanner[32465]: 9E98317643C.33844: Logged to MailWatch SQL
    Jun 19 15:21:03 spamsnake MailScanner[32463]: Logging message DE9A017649A.ED469 to SQL
    Jun 19 15:21:03 spamsnake MailScanner[32465]: DE9A017649A.ED469: Logged to MailWatch SQL
    Jun 19 15:21:03 spamsnake postfix/policy-spf[1800]: handler sender_policy_framework: is decisive.
    Jun 19 15:21:04 spamsnake postfix/policy-spf[1800]: : Policy action=PREPEND Received-SPF: softfail (classmates.com: Sender is not authorized by default to use 'invitebox@classmates.com' in 'mfrom' identity, however domain is not currently prepared for false failures (mechanism '~all' matched)) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="invitebox@classmates.com"; helo=an-out-0708.google.com; client-ip=209.85.132.249
    Jun 19 15:21:04 spamsnake postfix/smtpd[1795]: 313B217643C: client=an-out-0708.google.com[209.85.132.249]
    Jun 19 15:21:04 spamsnake postfix/cleanup[1790]: 313B217643C: hold: header Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.249])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 313B217643C??for <ns@blabla.com>; Thu, 19 Jun 2008 15:20:52 from an-out-0708.google.com[209.85.132.249]; from=<invitebox@classmates.com> to=<ns@blabla.com> proto=ESMTP helo=<an-out-0708.google.com>
    Jun 19 15:21:04 spamsnake postfix/cleanup[1790]: 313B217643C: message-id=<000701c8d241$02d5eeb2$f959cca4@xnpqog>
    Jun 19 15:21:09 spamsnake MailScanner[32463]: New Batch: Scanning 1 messages, 4528 bytes
    Jun 19 15:21:09 spamsnake MailScanner[32463]: Virus and Content Scanning: Starting
    Jun 19 15:21:13 spamsnake MailScanner[32463]: Requeue: 313B217643C.19DFE to CB5A417649A
    Jun 19 15:21:13 spamsnake postfix/qmgr[4751]: CB5A417649A: from=<invitebox@classmates.com>, size=3860, nrcpt=1 (queue active)
    Jun 19 15:21:13 spamsnake postfix/smtp[1822]: CB5A417649A: to=<ns@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=20, delays=20/0/0/0.13, dsn=2.6.0, status=sent (250 2.6.0 <000701c8d241$02d5eeb2$f959cca4@xnpqog> Queued mail for delivery)
    Jun 19 15:21:13 spamsnake postfix/qmgr[4751]: CB5A417649A: removed
    Jun 19 15:21:13 spamsnake MailScanner[32463]: Uninfected: Delivered 1 messages
    Jun 19 15:21:13 spamsnake MailScanner[32463]: Logging message 313B217643C.19DFE to SQL
    Jun 19 15:21:13 spamsnake MailScanner[32465]: 313B217643C.19DFE: Logged to MailWatch SQL
    Jun 19 15:21:24 spamsnake postfix/smtpd[1784]: disconnect from wr-out-0506.google.com[64.233.184.233]
    Jun 19 15:21:24 spamsnake postfix/smtpd[1796]: disconnect from an-out-0708.google.com[209.85.132.250]
    Jun 19 15:21:24 spamsnake postfix/smtpd[1797]: disconnect from an-out-0708.google.com[209.85.132.247]
    Jun 19 15:21:34 spamsnake postfix/smtpd[1795]: disconnect from an-out-0708.google.com[209.85.132.249]
    Jun 19 15:22:23 spamsnake postfix/smtpd[1798]: connect from unknown[200.89.94.203]
    Jun 19 15:22:25 spamsnake postfix/policy-spf[1806]: handler sender_policy_framework: is decisive.
    Jun 19 15:22:25 spamsnake postfix/policy-spf[1806]: : Policy action=PREPEND Received-SPF: none (crutherford.co.uk: No applicable sender policy available) receiver=spamsnake.silkcrafts.local; identity=mfrom; envelope-from="xbwextreme@crutherford.co.uk"; helo=derkonfigurator.de; client-ip=200.89.94.203
    Jun 19 15:22:25 spamsnake postfix/smtpd[1798]: 5D2A217643C: client=unknown[200.89.94.203]
    Jun 19 15:22:25 spamsnake postfix/cleanup[1807]: 5D2A217643C: hold: header Received: from derkonfigurator.de (unknown [200.89.94.203])??by spamsnake.silkcrafts.local (Postfix) with ESMTP id 5D2A217643C??for <ks@blabla.com>; Thu, 19 Jun 2008 15:22:24 -0400 (EDT) from unknown[200.89.94.203]; from=<xbwextreme@crutherford.co.uk> to=<ks@blabla.com> proto=ESMTP helo=<derkonfigurator.de>
    Jun 19 15:22:25 spamsnake postfix/cleanup[1807]: 5D2A217643C: message-id=<001b01c8d220$469bc820$0033b45c@pc22>
    Jun 19 15:22:25 spamsnake postfix/smtpd[1798]: disconnect from unknown[200.89.94.203]
    Jun 19 15:22:31 spamsnake MailScanner[32463]: New Batch: Scanning 1 messages, 3090 bytes
    Jun 19 15:22:32 spamsnake MailScanner[32463]: Virus and Content Scanning: Starting
    Jun 19 15:22:35 spamsnake MailScanner[32463]: Requeue: 5D2A217643C.26D6E to D5F6217649A
    Jun 19 15:22:35 spamsnake postfix/qmgr[4751]: D5F6217649A: from=<xbwextreme@crutherford.co.uk>, size=2515, nrcpt=1 (queue active)
    Jun 19 15:22:35 spamsnake postfix/smtp[1824]: D5F6217649A: to=<ks@blabla.com>, relay=192.168.1.231[192.168.1.231]:25, delay=11, delays=11/0/0/0.18, dsn=2.6.0, status=sent (250 2.6.0 <001b01c8d220$469bc820$0033b45c@pc22> Queued mail for delivery)
    Jun 19 15:22:35 spamsnake postfix/qmgr[4751]: D5F6217649A: removed
    Jun 19 15:22:35 spamsnake MailScanner[32463]: Uninfected: Delivered 1 messages
    Jun 19 15:22:35 spamsnake MailScanner[32463]: Logging message 5D2A217643C.26D6E to SQL
    Jun 19 15:22:36 spamsnake MailScanner[32465]: 5D2A217643C.26D6E: Logged to MailWatch SQL
    Jun 19 15:24:41 spamsnake postfix/smtpd[1897]: connect from unknown[78.167.62.197]
     

Share This Page