Hi! I have set up my mailserver so spam from amavis/spamassassin should be delivered to the users SPAM folder via maildrop. It worked for 3 domains, but when I was adding a new one the spam remains in the Inbox folder. I sent the GTUBE string to my own mail and the new mail (new domain), my mail ended up in Spam ([email protected]), but not the new domain. OS: Debian Apps: Postfix, amavis, courier Mailaddress that works: [email protected] Mailaddress that now works: [email protected] Any idea where to start troubleshooting? Is it amavis or postfix, which config-files? Log: Code: Jan 11 14:36:03 mail amavis[17995]: (17995-02) Passed SPAMMY, LOCAL [127.0.0.1] [127.0.0.1] <[email protected]> -> <[email protected]>,<[email protected]>, Message-ID: <[email protected]>, mail_id: Rdn1sEvd3VaS, Hits: 998.921, queued_as: 65C6847ED3/8D69E47ED5, 5837 ms Jan 11 14:36:03 mail postfix/pipe[18744]: 65C6847ED3: to=<[email protected]>, relay=maildrop, delay=0.37, delays=0.1/0.04/0/0.24, dsn=2.0.0, status=sent (delivered via maildrop service) Jan 11 14:36:03 mail postfix/qmgr[23171]: 65C6847ED3: removed Jan 11 14:36:03 mail postfix/smtp[18738]: B4F2A47ECB: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.1, delays=0.06/0.1/0.03/5.9, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=17995-02, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 65C6847ED3) Jan 11 14:36:03 mail postfix/smtp[18738]: B4F2A47ECB: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.1, delays=0.06/0.1/0.03/5.9, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=17995-02, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 65C6847ED3) Jan 11 14:36:03 mail postfix/qmgr[23171]: B4F2A47ECB: removed Jan 11 14:36:03 mail postfix/pipe[18759]: 8D69E47ED5: to=<[email protected]>, relay=maildrop, delay=0.39, delays=0.14/0.09/0/0.17, dsn=2.0.0, status=sent (delivered via maildrop service) Jan 11 14:36:03 mail postfix/qmgr[23171]: 8D
maildroprc Code: # Global maildrop filter file # Uncomment this line to make maildrop default to ~/Maildir for # delivery- this is where courier-imap (amongst others) will look. #DEFAULT="$HOME/Maildir" HOME_DIR="/vmail" logfile "/var/log/maildroprc.log" EXTENSION="$1" RECIPIENT=tolower("$2") USER="$3" HOST="$4" SENDER="$5" # make the domain's mail directory if it doesn't exist `test -e $HOME_DIR/$HOST` if ($RETURNCODE != 0) { `mkdir $HOME_DIR/$HOST` # `chown vmail:vmail $HOME_DIR/$HOST` # `chmod 755 $HOME_DIR/$HOST` } # make the user's mail directory if it doesn't exist `test -e $HOME_DIR/$HOST/$USER` if ($RETURNCODE != 0) { `maildirmake $HOME_DIR/$HOST/$USER` # `maildirmake $HOME_DIR/$HOST/$USER` `maildirmake -f Drafts $HOME_DIR/$HOST/$USER` `maildirmake -f Trash $HOME_DIR/$HOST/$USER` `maildirmake -f Sent $HOME_DIR/$HOST/$USER` `maildirmake -f Spam $HOME_DIR/$HOST/$USER` `echo INBOX >> $HOME_DIR/$HOST/$USER/courierimapsubscribed` `echo INBOX.Drafts >> $HOME_DIR/$HOST/$USER/courierimapsubscribed` `echo INBOX.Trash >> $HOME_DIR/$HOST/$USER/courierimapsubscribed` `echo INBOX.Sent >> $HOME_DIR/$HOST/$USER/courierimapsubscribed` `echo INBOX.Spam >> $HOME_DIR/$HOST/$USER/courierimapsubscribed` } if ( $EXTENSION eq "spam" ) { # Change 'spam' to 'Spam' since folder names are typically capitalized EXTENSION = "Spam" # Autocreate extension maildir # # See if the user exists `test -e $HOME_DIR/$HOST/$USER` #log "Testing for $HOME_DIR/$HOST/$USER subdirectory: result=$RETURNCODE" # Only continue if user is valid if ( $RETURNCODE == 0 ) { # See if the spam directory already exists `test -e $HOME_DIR/$HOST/$USER/.$EXTENSION` #log "Testing for $EXTENSION subdirectory: result=$RETURNCODE" if ( $RETURNCODE != 0 ) # spam directory does not exist - so we create it { # Create the subdirectory `maildirmake -f $EXTENSION $HOME_DIR/$HOST/$USER` log "Ran \"maildirmake -f $EXTENSION $HOME_DIR/$HOST/$USER\"" # Auto-subscribe the subdirectory `if ! grep -q INBOX.$EXTENSION $HOME_DIR/$HOST/$USER/courierimapsubscribed; then echo INBOX.$EXTENSION >> $HOME_DIR/$HOST/$USER/courierimapsubscribed; fi` # Set permissions on the mailbox `chmod -R 0700 $HOME_DIR/$HOST/$USER` log " Ran \"chmod -R 0700 $HOME_DIR/$HOST/$USER\"" } # Deliver the message to the mailbox exception { # for those who unsubscribed themselves - subscribe them `if ! grep -q INBOX.$EXTENSION $HOME_DIR/$HOST/$USER/courierimapsubscribed; then echo INBOX.$EXTENSION >> $HOME_DIR/$HOST/$USER/courierimapsubscribed; fi` to "$HOME_DIR/$HOST/$USER/.$EXTENSION" } } } log "Extension: $EXTENSION"
Working: mail:~# ls -l /vmail/domain.com/ total 20 drwx------ 75 vmail daemon 4096 2009-01-14 00:30 mailaccount mail:~# ls -l /vmail/domain.com/mailaccount/ total 120 drwx------ 2 vmail vmail 32768 2009-01-14 18:58 courierimapkeywords -rw-r--r-- 1 vmail vmail 2138 2009-01-14 00:30 courierimapsubscribed -rw-r--r-- 1 vmail vmail 6108 2009-01-14 18:28 courierimapuiddb drwx------ 2 vmail daemon 45056 2009-01-14 18:28 cur drwx------ 2 vmail daemon 28672 2009-01-14 18:28 new drwx------ 2 vmail daemon 4096 2009-01-14 20:28 tmp NOT working: mail:~# ls -l /vmail/domain.com/ total 8 drwx------ 10 vmail daemon 4096 2009-01-08 07:32 mailaccount mail:~# ls -l /vmail/domain.com/mailaccount/ total 100 drwx------ 2 vmail vmail 28672 2009-01-14 15:35 courierimapkeywords -rw-r--r-- 1 vmail vmail 178 2009-01-08 10:50 courierimapsubscribed -rw-r--r-- 1 vmail vmail 18462 2009-01-14 16:45 courierimapuiddb drwx------ 2 vmail daemon 40960 2009-01-14 16:54 cur drwx------ 2 vmail daemon 4096 2009-01-14 20:31 new drwx------ 2 vmail daemon 4096 2009-01-14 20:31 tmp
I have now set exactly the same permissions on the not working mailfolder as the one who worked. Still doesn't work. But heres the log: Both are passed SPAMMY, but one postfix/pipe doesn't put "+spam" on the not working. Code: Jan 14 21:20:25 mail amavis[2459]: (02459-07) Passed SPAMMY, [84.17.192.138] [84.17.192.138] <[email protected]> -> <[email protected]>, Message-ID: <AFDBE539A2CA8244B45DBECF9336A62B0155ED32310E@E12AR1CE1VS1.e12.tconet.net>, mail_id: a234XXY29Gm3, Hits: 998.869, queued_as: 887E947ED5, 4895 ms Jan 14 21:20:25 mail postfix/smtp[6253]: A7F7F47E03: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=5.4, delays=0.47/0.04/0.02/4.9, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=02459-07, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 887E947ED5) Jan 14 21:20:25 mail postfix/pipe[6261]: 887E947ED5: to=<[email protected]>, relay=maildrop, delay=0.36, delays=0.14/0.1/0/0.13, dsn=2.0.0, status=sent (delivered via maildrop service) Jan 14 21:20:26 mail amavis[3220]: (03220-07) Passed SPAMMY, [84.17.192.138] [84.17.192.138] <[email protected]> -> <[email protected]>, Message-ID: <AFDBE539A2CA8244B45DBECF9336A62B0155ED32310E@E12AR1CE1VS1.e12.tconet.net>, mail_id: 9w3OXzjq2Ej2, Hits: 998.868, queued_as: 9874647E03, 5285 ms Jan 14 21:20:26 mail postfix/smtp[6254]: DA22947ED3: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=5.9, delays=0.13/0.07/0.41/5.3, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=03220-07, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9874647E03) Jan 14 21:20:27 mail postfix/pipe[6261]: 9874647E03: to=<[email protected]>, relay=maildrop, delay=0.5, delays=0.11/0.07/0/0.32, dsn=2.0.0, status=sent (delivered via maildrop service)
amavis I have found out that it is the amavis process that doesn't mark it as spam. I have not put anything in spam_lovers or whitelist/blacklist... I have followed one of the howtoforge tutorials... Mail to: [email protected] is marked as spam [email protected] is not marked as spam /etc/amavis/conf.d/15-content_filter_mode Code: @bypass_spam_checks_maps = ( \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re); /etc/amavis/conf.d/20-debian_defaults Code: use strict; # ADMINSTRATORS: # Debian suggests that any changes you need to do that should never # be "updated" by the Debian package should be made in another file, # overriding the settings in this file. # # The package will *not* overwrite your settings, but by keeping # them separate, you will make the task of merging changes on these # configuration files much simpler... # see /usr/share/doc/amavisd-new/examples/amavisd.conf-default for # a list of all variables with their defaults; # see /usr/share/doc/amavisd-new/examples/amavisd.conf-sample for # a traditional-style commented file # [note: the above files were not converted to Debian settings!] # # for more details see documentation in /usr/share/doc/amavisd-new # and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html $QUARANTINEDIR = "$MYHOME/virusmails"; $log_recip_templ = undef; # disable by-recipient level-0 log entries $LOGFILE = "/var/log/amavis.log"; $DO_SYSLOG = 1; # log via syslogd (preferred) $syslog_ident = 'amavis'; # syslog ident tag, prepended to all messages $syslog_facility = 'mail'; $syslog_priority = 'debug'; # switch to info to drop debug output, etc $enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) $enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1 $inet_socket_port = 10024; # default listenting socket #$X_HEADER_TAG = 'X-Virus-Scanned'; #$X_HEADER_LINE = "Konsept-IT SPAM gateway"; $recipient_delimiter = '+'; @addr_extension_virus_maps = ('virus'); @addr_extension_spam_maps = ('spam'); @addr_extension_banned_maps = ('banned'); @addr_extension_bad_header_maps = ('badh'); $addr_extension_spam = 'spam'; #$sa_spam_subject_tag = '***SPAM*** '; $sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level $sa_kill_level_deflt = 1024; # triggers spam evasive actions $sa_dsn_cutoff_level = 1024; # spam level beyond which a DSN is not sent $final_spam_destiny = D_PASS; $final_virus_destiny = D_PASS; read_hash(\%whitelist_sender, '/var/amavis/whitelist'); read_hash(\%blacklist_sender, '/var/amavis/blacklist'); read_hash(\%spam_lovers, '/var/amavis/spam_lovers'); $sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger $sa_local_tests_only = 0; # only tests which do not require internet access? # Quota limits to avoid bombs (like 42.zip) $MAXLEVELS = 14; $MAXFILES = 1500; $MIN_EXPANSION_QUOTA = 100*1024; # bytes $MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes # You should: # Use D_DISCARD to discard data (viruses) "/etc/amavis/conf.d/20-debian_defaults" 223 lines, 9803 characters # ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING @score_sender_maps = ({ # a by-recipient hash lookup table, # results from all matching recipient tables are summed # ## per-recipient personal tables (NOTE: positive: black, negative: white) # '[email protected]' => [{'[email protected]' => 10.0}], # '[email protected]' => [{'.ebay.com' => -3.0}], # '[email protected]' => [{'[email protected]' => -7.0, # '.cleargreen.com' => -5.0}], ## site-wide opinions about senders (the '.' matches any recipient) '.' => [ # the _first_ matching sender determines the score boost new_RE( # regexp-type lookup table, just happens to be all soft-blacklist [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0], [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0], [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0], [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0], [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0], [qr'^(your_friend|greatoffers)@'i => 5.0], [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0], ), # read_hash("/var/amavis/sender_scores_sitewide"), { # a hash-type lookup table (associative array) '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, 'securityfocus.com' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]'=> -3.0, '[email protected]' => -3.0, 'spamassassin.apache.org' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -3.0, '[email protected]' => -5.0, '[email protected]' => -3.0, 'returns.groups.yahoo.com' => -3.0, '[email protected]' => -3.0, lc('[email protected]') => -3.0, lc('[email protected]') => -5.0, # soft-blacklisting (positive score) '[email protected]' => 3.0, '.example.net' => 1.0, }, ], # end of site-wide tables }); 1; # insure a defined return Any ideas? Debug of amavis (the two emails) is attached as .txt
