Spamfilter Policy not working: Amavisd conf file is default

Discussion in 'Installation/Configuration' started by Mina Gerges, Oct 13, 2015.

  1. Mina Gerges

    Mina Gerges New Member

    ISPConfig Version: on CentOS 7.1, Installed using the perfect server tutorial.

    After installation i noticed that Spamfilter policies do not work at all, then i noticed that /etc/amavisd/amavisd.conf has no settings to ispconfig DB, in fact is the default one (i guess). /etc/ispconfig_install.log had no entries about configuring amavisd config file as well (is that normal?)

    Shall i replace /etc/amavisd/amavisd.conf with the once in the package "ISPConfig-3-stable/ispconfig3_install/install/tpl/fedora_amavisd_conf.master" and configure it manually (DB config, replace placeholders with actual values etc.) ?
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Probably you have an /etc/amavisd.conf and an /etc/amavisd/amavisd.conf conf an the wrong one is used. Replace the file /etc/amavisd/amavisd.conf with a symlink to /etc/amavisd.conf and restart amavis.
  3. Mina Gerges

    Mina Gerges New Member

    Wow, so fast response.
    Thank you so much, that fixed it, but i had to change ClamAV socket path manually. Now policies are working.

    Do you know What caused that, and if this is an indicator of a problematic installation which i shall investigate further?
  4. Patrick V

    Patrick V New Member

    i have done so...

    ln -s /etc/amavisd.conf /etc/amavisd/amavis.conf

    But the Problem with the SPAM Filter is already on ...
    What can I do???
  5. Nap

    Nap Member

    For some reason I don't have either /etc/amavis.conf or /etc/amavis/amavis.conf. (I did not delete these files.)
    My policies seem to be working (I have a quarantine account where mail is diverted to, the subject field of potential spam mail is marked with "???SPAM???" as per my policy, but I haven't tested anything to do with viruses as I just don't open the attachments [my own policy])

    My /etc/amavis folder has the following files:
    50-user~ conf.d/ en_US/ README.l10n
    And my /etc/amavis/conf.d folder has these files:
    01-debian 05-domain_id 05-node_id 15-av_scanners 15-content_filter_mode 20-debian_defaults 21-ubuntu_defaults 25-amavis_helpers 30-template_localization 40-policy_banks 50-user

    It looks to me that 50-user is the main configuration file, but I'm not 100% sure.
    I am trying to reduce the amount of spam I'm getting, and I'm looking at this while reading

    (It seems like, at least some of, the settings are distributed over the files in conf.d)
    Which file should I be modifying when the guide says to adjust amavis.conf?
    Last edited: Mar 6, 2016
  6. florian030

    florian030 Well-Known Member HowtoForge Supporter

    amavis reads the files in /etc/amavis/conf.d
  7. Nap

    Nap Member

    Not on my system. ;) I don't have that file.
    And I've had a look through the mail log file to confirm it's working. I also have a catch-all quarantine for spam with scores greater than X. So amavis is working..
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, that's the file that gets added by ISPConfig to tell amavis to use the settings from the database plus a few other global settings. But the actual scores get configured in the policies in ISPConfig.
  9. Nap

    Nap Member

    Thanks for that Till.
    I'm trying to figure out why I'm still accepting mail for an account that I deleted. Though the user doesn't exist anymore, the mail is still being diverted to my quaranteen account, even after I turned off the mail domain level spamfilter.
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    The denial of non-existing accounts is handled by postfix and not amavis, if an email account does not exist anymore and there is no catchall for that domain, then postfix has to reject it and it will not go to amavis. Check that there is really no alias. mailbox for this address anymore and also no catchall for that domain.
  11. Nap

    Nap Member

    I checked, and I have no catchall mailboxes setup. The spamfilter policy states the address to forward to.
    If Postfix handles the mail, then there should not be any X-abd-def Spam headers, yet there are.

    I tried to send a mail to the deleted account from my gmail account and it bounced with a permanent error. So the spam is getting in some other way. Through port 25 & telnet.
    I've been playing around with my mail server using Telnet and have been able to create spam mail (with bogus/missing/incomplete headers etc.) that is delivered to my mail boxes. My server's setup prevents me from sending to an external address (which is good).
    So maybe, even though my Outlook shows the recipient as the deleted account, the actual account that received it was different?

    Could you recommend a URL to read up about controlling spam via port 25 and telnet?

Share This Page