> I have:
> $sa_tag2_level_deflt = 5.5; # add 'spam detected' headers at that
> $sa_kill_level_deflt = 7.5; # triggers spam evasive actions (e.g.
> blocks mail)
I think it is quite high. Pls see my config ( 3.5 and 3.8 )
$sa_tag_level_deflt = undef; # add spam info headers if at, or above
$sa_tag2_level_deflt = 3.5; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 3.8;
> We do use RBLs at the SMTP level, greylisting, RBLs with spamassassin, but
> still we have been getting a lot of spam.
Do you use postfix? then,
you can have below in mail.cf under smtpd_recipient_restrictions.
Anyway Be VERY careful since it REJECTS mails.
from - http://www.postfix.org/postconf.5.html
reject_unknown_client_hostname (with Postfix < 2.3:
reject_unknown_client)Reject the request when 1) the client IP
address->name mapping fails, 2) the name->address mapping fails, or 3)
the name->address mapping does not match the client IP address.
This is a stronger restriction than the
reject_unknown_reverse_client_hostname feature, which triggers only
under condition 1) above.
The unknown_client_reject_code parameter specifies the response code
for rejected requests (default: 450). The reply is always 450 in case
the address->name or name->address lookup failed due to a temporary
> Here is a blocked spamas an example:
> X-Spam-Status: Yes, score=8.308 tag=-999 tag2=5.5 kill=7.5
Did you receive this mail since score = 8.3?
Pls set final_spam_destiny to D_DISCARD in this way.
$final_spam_destiny = D_DISCARD;
It is worth to have below 2 lines to D_DISCARD as well.
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
> tests=[BAYES_99=3.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
> HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001,
> RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.886,
> RAZOR2_CHECK=0.922, RP_MATCHES_RCVD=-1.509, SPF_HELO_PASS=-0.1,
> SPF_PASS=-0.1, SUBJ_ALL_CAPS=1.506, URIBL_BLACK=1.7,
> I decided to configure:
> score BAYES_99 4.5 # was 3.5
> score BAYES_999 2.0 # was 0.2
I do NOT conceder the above stuffs so much. I go with defaults.
anyway, keep on monitoring mail log and add spam assassin rules to
if you need help, you may write to the mailing list.
> because I noticed a lot of spam was correctly identified using BAYES_99 and
> BAYES_999, but was not getting blocked due to low scoring.
> I have been monitoring spam and I think that I have a lot more blocks and
> thereare no false positives at this point.
> Any ideas and suggestions will be greatly appreciated!
> Thanks (Efharisto!) again,
> On 14/10/2016 3:06 μμ, Dino Edwards wrote:
>> Yasou NiKo,
>> There are a few things that might be going on here. What is the average
>> score of the ham e-mails that you are getting through. The reason I’m asking
>> is can you possibly bring down your required=5.5 score? Every installation
>> is different but our required= score is set to 3.6 and that seems to work
>> very well. The required = score would be set in your amavis config file as
>> follows (the parameter below is probably how it’s set in your amavis):
>> $sa_tag2_level_deflt = 3.6;
>> If your spam filter is trained properly, you should be able to bring that
>> score down and not have to worry about false positives. Alternatively, if
>> you really want to raise the bayes_99 score you would set it in
>> /etc/spamasassain/local.cf as follows:
>> #override bayes default scores
>> score BAYES_99 5
>> But, in the grand scheme of things, your spamfilter is your very last line
>> of defense against spam. Are you doing all you can to prevent spam from ever
>> reaching your spam filter? Things like RBL blocking on the MTA level,
>> graylisting etc?
http://www.siyabas.lk/sinhala_how_to_install.html - Download Sinhala Fonts