Rob,
> First, I can see that my Bayes db is being populated, but I can't tell
> whether it's autolearning according to my settings. I have the following
> in /etc/mail/spamassassin/local.cf:
>
> bayes_auto_learn 1
> bayes_auto_learn_threshold_nonspam -4.0
> bayes_auto_learn_threshold_spam 5.0
> How can I get the autolearn status to be added to the log, or at least the
> headers? I'm using the long $log_templ from amavisd.conf-sample, which is
> a bit line-noise-y. The amavisd source does look like it keeps track of
> autolearn status.
With 2.4.x you can add autolearn status to the main log entry
with the use of macro AUTOLEARN, e.g.: autolearn=[:AUTOLEARN],
like in the following template replacement which can be placed
in amavisd.conf:
$log_templ = <<'EOD';
[?%#D|#|Passed #
[? [:ccat_maj] |OTHER|CLEAN|TEMPFAIL|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\
UNCHECKED|BANNED (%F)|INFECTED (%V)]#
#([:ccat_maj],[:ccat_min])#
, [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%D|,]#
[? %q ||, quarantine: %q]#
[? %Q ||, Queue-ID: %Q]#
[? %m ||, Message-ID: %m]#
[? %r ||, Resent-Message-ID: %r]#
, mail_id: %i#
, Hits: %c#
, size: %z#
#, boost: [:score_boost]#
#, fwd_to: [:remote_mta]#
[~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\
[remote_mta_smtp_response|[~%x|["queued as ([0-9A-Z]+)$"]|["%1"]|["%0"]]|/]#
[? %j ||, Subject: "%j\"]#
[? %#T ||, Tests: \[[%T|,]\]]#
[? [:AUTOLEARN] ||, autolearn=[:AUTOLEARN]]#
, %y ms#
]
[?%#O|#|Blocked #
[? [:ccat_maj] |OTHER|CLEAN|TEMPFAIL|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\
UNCHECKED|BANNED (%F)|INFECTED (%V)]#
#([:ccat_maj],[:ccat_min])#
, [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%O|,]#
[? %q ||, quarantine: %q]#
[? %Q ||, Queue-ID: %Q]#
[? %m ||, Message-ID: %m]#
[? %r ||, Resent-Message-ID: %r]#
, mail_id: %i#
, Hits: %c#
, size: %z#
#, boost: [:score_boost]#
#, smtp_resp: [:smtp_response]#
[? %j ||, Subject: "%j\"]#
[? %#T ||, Tests: \[[%T|,]\]]#
[? [:AUTOLEARN] ||, autolearn=[:AUTOLEARN]]#
, %y ms#
]
EOD
> Second, when I try and dump tokens from sa-learn, I don't seem to get the
> actual tokens any more, just something that looks like a hex signature.
> How can I tell what my actual tokens are in the db?
This is a question for the SA list. Maybe the SA wiki can tell.
> Last, is it possible to include the virus name in the quarantine filename
> when quarantining to local disk?
You could modify the following code section in sub mail_to_local_mailbox:
$suggested_filename =~ s{%(.)}
{ $1 eq 'b' ? $msginfo->body_digest
: $1 eq 'm' ? $msginfo->mail_id
: $1 eq 'i' ? iso8601_timestamp($msginfo->rx_time,1,'-')
: $1 eq 'n' ? am_id()
: $1 eq '%' ? '%' : '%'.$1 }egs;
and add new stubs to existing %b, %m, %i, and %n.
Be careful not to spill special characters to file names.
Virus names found in the current mail are stored in the
global list @virusname (I know, ugly).
> Or is that something I'm better off using SQL for?
It is currently not stored to SQL logging/reporting database.
The code should go to sub save_info_final.
For statistical purposes virus names and their count is stored
in a snmp-like database and reported by amavisd-agent.
> And also, how do I use amavisd-release when the quarantine
> directory is hashed into subdirs?
> I keep getting errors whether I use the
> complete file name, the file name relative to $quarantine_base,
Should work out of the box. The argument to amavisd-release
should be the exact string that is also logged as a quarantine location:
(83682-08-2) Blocked SPAM, [...] ... <...> -> <...>,
quarantine: spam/h/hiXE2fSV2X6y.gz, ...
^^^^^^^^^^^^^^^^^^^^^^
and is also stored in SQL (if enabled), field msgs.quar_loc .
Mark
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
