SpamAssassin config ?

Discussion in 'Server Operation' started by ColdDoT, Aug 17, 2006.

  1. ColdDoT

    ColdDoT Member

    @SOLVED
    after trying retrying i have it working per domain based filtering
    ~maildrop

    and this site some config files
    http://gentoo-wiki.com/HOWTO_Email_Virtual_Server_Maildrop_and_Spam_Assasin

    @@Original
    After some sleepless evening i have spamassassin to work.

    but i got a problem it marks almost every mail as spam :(

    this a e-mail that was marked as spam
    Code:
    Return-Path: <[email protected]>
    X-Original-To: [email protected]
    Delivered-To: [email protected]
    Received: from localhost (localhost.localdomain [127.0.0.1])
            by colddot.nl (Postfix) with ESMTP id C46D96A8C05
            for <[email protected]>; Thu, 17 Aug 2006 12:23:39 +0200 (CEST)
    X-Quarantine-ID: <sDQCM-75747Z>
    X-Virus-Scanned: by amavisd-new-2.4.2 (20060627) (Debian) at colddot.nl
    X-Spam-Flag: YES
    X-Spam-Score: 5.585
    X-Spam-Level: *****
    X-Spam-Status: Yes, score=5.585 tagged_above=3 required=4 tests=[AWL=1.602,
            HELO_EQ_NO_DOT=0.843, HOST_EQ_DSL=0.49, HOST_EQ_NL=1.545,
            MSGID_FROM_MTA_ID=0.927, NO_REAL_NAME=0.178]
    Received: from colddot.nl ([127.0.0.1])
            by localhost (colddot.nl [127.0.0.1]) (amavisd-new, port 10024)
            with ESMTP id sDQCM-75747Z for <[email protected]>;
            Thu, 17 Aug 2006 12:23:34 +0200 (CEST)
    Received: from OWNER (nm-dkbg-131a0.adsl.wanadoo.nl [81.69.79.160])
            by colddot.nl (Postfix) with ESMTP id 6D58F6A8C04
            for <[email protected]>; Thu, 17 Aug 2006 12:23:34 +0200 (CEST)
    From: [email protected]
    To: [email protected]
    Subject: ***SPAM*** [email protected]
    Date: Thu, 17 Aug 2006 12:23:40 +0200
    X-Mailer: POP Peeper (2.4.3.0)
    Message-Id: <[email protected]>
    
    
    [email protected]
    
    and this is my config file (/etc/spamassassin/local.cf)
    Code:
    #SpamAssassin
    required_score          10.0
    required_hits           10.0
    rewrite_header subject  *****SPAM*****
    report_safe             1
    
    #bayes
    use_bayes               1
    use_bayes_rules         1
    bayes_auto_learn        1
    
    #RBL
    skip_rbl_checks         0
    
    #Razor2
    use_razor2              1
    razor_config            /etc/razor/razor-agent.conf
    
    #DCC
    use_dcc                 1
    dcc_path                /usr/bin/dccproc
    
    #Pyzor
    use_pyzor               1
    pyzor_path              /usr/bin/pyzor
    
    #languages
    ok_languages            all
    ok_locales              all
    
    i noticed that i can't change the
    score=5.585 tagged_above=3 required=4

    even if i set
    required_score 10.0
    required_hits 10.0

    so whats the problem you guys think?

    i'm running
    ~debian sarge
    ~postfix
    ~amavisd-new
    ~SpamAssassin

    btw if i run
    spamassassin --lint
    it is error free :)

    Greets ColdDoT
     
    Last edited: Aug 20, 2006
  2. ColdDoT

    ColdDoT Member

    i have my virtual mail map to /home/vmail/domain
    can i set a file in to /home/vmail/domain that will be readed so i can specefik there my rule for that domain.

    else is there a file that readed in /home/vmail/
    in php i will do something like this
    Code:
    $dom = explode("@",$to);
    $dom = end($dom);
    switch ($dom) {
       case "colddot.nl":
           rules: /etc/spamassassin/filters/colddot.nl
           break;
       case "entertainmentsupport.nl":
           rules: /etc/spamassassin/filters/entertainmentsupport.nl
           break;
       case "zoomatyou.nl":
           rules: /etc/spamassassin/filters/zoomatyou.nl
           break;
    }
    
    and in colddot.nl file is something like this
    Code:
    body COLDDOT_RULE1        /mess colddot/
    score COLDDOT_RULE1       999.0
    
    is this possible with spamassassin (or in my current config)
    ~debian~
    ~amavid
    ~postfix
    ~spamassassin
    ~dcc
    ~razer
    ~pyzor

    thx in advanced
     
    Last edited: Aug 17, 2006
  3. nuanda

    nuanda New Member

    If you use amavisd-new you need to edit them in /etc/amavisd.conf:

    $sa_tag_level_deflt = -100;
    $sa_tag2_level_deflt = 6.31;
    $sa_kill_level_deflt = $sa_tag2_level_deflt;
    $sa_dsn_cutoff_level = 9;

    Nuanda
     
  4. ColdDoT

    ColdDoT Member

    Just before you posted i found that out :)
    but is there a way to filter e-mails on domain
    like
    colddot.nl -> regexp:/var/filters/colddot.nl (colddot.nl conains like /owned/ REJECT)
    zoomatyou -> pre:/var/filters/zoomatyou.nl (zoomayou.nl conains lol REJECT)

    thx for respons ;)
     
  5. falko

    falko Super Moderator Howtoforge Staff

    Maybe this is possible with amavisd, but you can also do it with Postfix header_checks: http://www.postfix.org/header_checks.5.html
     
  6. ColdDoT

    ColdDoT Member

    Dam after googling and reading sites i can't figure out howto do this.
    my route now of my mail (or what i think it is doing)
    Code:
                                  ClamAV
    postfix -> amavisd =                                    -> postfix
                   Pyzor  <-  Spamassassin -> dcc
                                          \/
                                        Razor2
    what i wanna do is to just set on a point a script that does like this
    Code:
    if mail_domain = blablabla.nl then
     regexp_body = /var/reg_b1
     regexp_subject = /var/reg_s1
    else if mail_domain = ash.com then
     regexp_body = /var/reg_b2
     regexp_subject = /var/reg_s2
    ....etc...
    after that the mail must put back into to delevery stream i wanna do this for customers to add there own rules

    is there any way.
    #falko
    that content_filter is used by amavisd already and the examples that i found, aro not what i want :( srry/
     
  7. ColdDoT

    ColdDoT Member

    Can i do it with mysql i meen like this

    header_checks = mysql:/etc/postfix/mysql-filter_header.cf
    body_checks = mysql:/etc/postfix/mysql-filter_body.cf

    so database will look like this
    Code:
    ~~~~~~header db~~~~~~
    ----------------------------
        domain       |          file
    ---------------------------
    colddot.nl        |regexp:/etc/postfix/filters/h_colddot.nl
    ---------------------------
    zoomatyou.nl   |regexp:/etc/postfix/filters/h_colddot.nl
    ---------------------------
    
    Code:
    ~~~~~~~body db~~~~~~
    ----------------------------
        domain       |          file
    ---------------------------
    colddot.nl        |regexp:/etc/postfix/filters/b_colddot.nl
    ---------------------------
    zoomatyou.nl   |regexp:/etc/postfix/filters/b_colddot.nl
    ---------------------------
    
    but i don't know how the mysql-filter_*.cf will look like. so is this possible.
    if so then does some 1 know how the mysql files look like.
     
    Last edited: Aug 19, 2006
  8. falko

    falko Super Moderator Howtoforge Staff

    You can also do this with plain text files. Did you have a look here? http://www.postfix.org/header_checks.5.html
     
  9. ColdDoT

    ColdDoT Member

  10. falko

    falko Super Moderator Howtoforge Staff

  11. ColdDoT

    ColdDoT Member

    i give up

    the problem is the if statement for the checks.

    i'm trying maildrop now thx for help

    @@edit
    striping google of link
    http://blog.gmane.org/gmane.mail.postfix.user/month=20020901

    @@edit men i'm bad with mail servers.
    after maildrop installing i keep getting faults in my maildroprc
    code now in my maildroprc
    Code:
    LOGNAME=tolower("$LOGNAME")
    EXTENSION="$1"
    RECIPIENT=tolower("$2")
    USER="$3"
    HOST="$4"
    SENDER="$5"
    DEFAULT="/home/vmail/$HOST/$USER/."
    
    if ( "$EXTENSION" ne "" )
    {
            DELIMITER="+"
    }
    
    if (!$SENDER)
    {
            SENDER = "<>"
    }
    
    #
    # Autocreate maildir, if not existant
    #
    
    `test -e /home/vmail/$HOST`
    if ( $RETURNCODE != 0 ){
            `mkdir /home/vmail/$HOST`
    }
    
    `test -e /home/vmail/$HOST/$USER`
    if ( $RETURNCODE != 0 ){
            `/usr/local/maildrop/bin/maildirmake /home/vmail/$HOST/$USER`
            `chmod -R 0700 /home/vmail/$HOST`
    }
    
    #
    # Check that user has his own maildrop include,
    # if not available, check if $DEFAULT is set
    # (newer maildrop get's that from the DB and updates
    # it) and deliver or fail temporarily if not available
    #
    
    `test -f /home/vmail/.mailfilters/$HOST`
    if ( $RETURNCODE == 0 ){
                    include "/home/vmail/.mailfilters/$HOST"
            }else{
                    if ( "$DEFAULT" ne "" ){
                            to "$DEFAULT"
                    }else{
                            EXITCODE=75
                            exit
                    }
    }
    
    error
    Code:
    410766A8C04     1096 Sun Aug 20 17:49:09  [email protected]
    (temporary failure. Command output: /etc/maildroprc(33): Syntax error after ))
                                             [email protected]
    
     
    Last edited: Aug 20, 2006
  12. ColdDoT

    ColdDoT Member

Share This Page