I am not quite shure if the SPAM filter s working. I set policy to normal but it seams I have too much SPAM. Virusfilter is working, could test with ICAR. Is the a log or any other thing I can see how SPAM filter works, eventuelly to tune it. As I understand I should not manually change SPAMassasin etc. Thanks for help Rainer
I have RDNS for the mail server and some RBLS too OK solution, to see what spamassassin is doing, was to add an email address under email/spamfilter/policy/qurantine/forward... There are round about 2 to 3 thousends of spam catched a day. Adjusting the Tag-level a litte bit was fine too. To stop the notifications I removed the email address, but I still got the notifications. How to stop them???? Is there a bug in ISPConfig, that it does not remove the email address in spamassasin? Thanks for help Rainer
Would you have set that same quarantine address as Email > Spamfilter > Policy > Other > SPAM admin, by chance? Restart amavisd if you have not (though I don't know if that should be needed, I wouldn't guess so, but worth a quick try if nothing else).
Can someone please help me. I've set the spam admin email address, but spam is not getting sent to the email address I put in there. everything else about my setup seems to work perfectly except for this feature. The mailbox can send and receive fine. but when I use GTUBE test spam. it is just tagged as ***SPAM*** but no copy or message is sent to spam admin.
Here is some more info. in the ispconfig database it says the correct address next to "spam_quarantine_to" here is the relevant mail log. Code: Mar 6 21:33:22 ispc postfix/smtpd[8422]: connect from mail-qk0-f179.google.com[209.85.220.179] Mar 6 21:33:23 ispc postfix/smtpd[8422]: NOQUEUE: filter: RCPT from mail-qk0-f179.google.com[209.85.220.179]: <[email protected]>: Sender address triggers FILTER amavis:[127.0.0.1]:10026; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-qk0-f179.google.com> Mar 6 21:33:23 ispc postfix/smtpd[8422]: NOQUEUE: filter: RCPT from mail-qk0-f179.google.com[209.85.220.179]: <[email protected]>: Sender address triggers FILTER amavis:[127.0.0.1]:10024; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-qk0-f179.google.com> Mar 6 21:33:23 ispc postfix/smtpd[8422]: 75BBA1832FD: client=mail-qk0-f179.google.com[209.85.220.179] Mar 6 21:33:23 ispc postfix/cleanup[8430]: 75BBA1832FD: message-id=<CAJ95apcAOYDvN9FNygFWBrNqdDc=V7WQK3FDYEgo7_ru5BLmoQ@mail.gmail.com> Mar 6 21:33:23 ispc postfix/qmgr[1181]: 75BBA1832FD: from=<[email protected]>, size=3517, nrcpt=1 (queue active) Mar 6 21:33:23 ispc postfix/smtpd[8422]: disconnect from mail-qk0-f179.google.com[209.85.220.179] Mar 6 21:33:24 ispc amavis[8398]: (08398-01) Blocked SPAM {DiscardedInbound}, [209.85.220.179]:34847 [209.85.220.179] <[email protected]> -> <[email protected]>, Queue-ID: 75BBA1832FD, Message-ID: <CAJ95apcAOYDvN9FNygFWBrNqdDc=V7WQK3FDYEgo7_ru5BLmoQ@mail.gmail.com>, mail_id: vsfQwenIfcZ8, Hits: 999.882, size: 3517, dkim_sd=20161025:gmail.com, 561 ms Mar 6 21:33:24 ispc postfix/smtp[8431]: 75BBA1832FD: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.98, delays=0.38/0.03/0.01/0.55, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=08398-01 - spam) Mar 6 21:33:24 ispc postfix/qmgr[1181]: 75BBA1832FD: removed
fixed it... Added these three lines into 50-user, I did a lot of things else it might have been. but i'm pretty sure it was this. Code: $banned_files_quarantine_method = 'smtp:localhost:10025'; $spam_quarantine_method = 'smtp:localhost:10025'; $bad_header_quarantine_method = 'smtp:localhost:10025';
Install ConfigServer Security & Firewall and a subset of their spam black lists. Then, install this header check file. https://www.howtoforge.com/community/threads/postfix-guides-and-header-checks.75214/ Plus my smart tips. All spam will become past tense. Of course, you also have to install the ISPConfig spamassasin as well. The focus is on the message's header check. Many mail exchange gateways have built-in spam stamps. They will leave them on the message. We just pick up all those stamps are blocked them. Better use command HOLD instead of REJECT.
ISPconfig uses amavisd-new for mail scanning which internally uses spamassassin to classify spam emails.