When I run /etc/init.d/amavis debug, it spits out a bunch of Permissions
denied of basically everything and fails with Server closing!
I tried it under amavis user first, and also under root but always the same.
If I start normally, the mail.log looks like: (don't think this is all,
but most)
----------------------------------------
Jan 29 14:42:53 M1-2 amavis[3173]: starting. /usr/sbin/amavisd-new at
M1-2.dettenwanger.inter-control.com amavisd-new-2.7.1 (20120429),
Unicode aware, LANG="en_US.UTF-8"
Jan 29 14:42:53 M1-2 amavis[3180]: Net::Server: Group Not Defined.
Defaulting to EGID '117 117'
Jan 29 14:42:53 M1-2 amavis[3180]: Net::Server: User Not Defined.
Defaulting to EUID '110'
Jan 29 14:42:53 M1-2 amavis[3180]: Module Amavis::Conf 2.303
Jan 29 14:42:53 M1-2 amavis[3180]: Module Archive::Zip 1.30
Jan 29 14:42:53 M1-2 amavis[3180]: Module BerkeleyDB 0.54
Jan 29 14:42:53 M1-2 amavis[3180]: Module Compress::Zlib 2.06
Jan 29 14:42:53 M1-2 amavis[3180]: Module Convert::TNEF 0.18
Jan 29 14:42:53 M1-2 amavis[3180]: Module Convert::UUlib 1.4
Jan 29 14:42:53 M1-2 amavis[3180]: Module Crypt::OpenSSL::RSA 0.28
Jan 29 14:42:53 M1-2 amavis[3180]: Module DB_File 1.827
Jan 29 14:42:53 M1-2 amavis[3180]: Module Digest::MD5 2.52
Jan 29 14:42:53 M1-2 amavis[3180]: Module Digest::SHA 5.84_01
Jan 29 14:42:53 M1-2 amavis[3180]: Module File::Temp 0.23
Jan 29 14:42:53 M1-2 amavis[3180]: Module IO::Socket::INET6 2.71
Jan 29 14:42:53 M1-2 amavis[3180]: Module MIME::Entity 5.505
Jan 29 14:42:53 M1-2 amavis[3180]: Module MIME::Parser 5.505
Jan 29 14:42:53 M1-2 amavis[3180]: Module MIME::Tools 5.505
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::DKIM::Signer 0.4
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::DKIM::Verifier 0.4
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::Header 2.12
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::Internet 2.12
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::SPF v2.009
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::SpamAssassin 3.004000
Jan 29 14:42:53 M1-2 amavis[3180]: Module Net::DNS 0.68
Jan 29 14:42:53 M1-2 amavis[3180]: Module Net::Server 2.007
Jan 29 14:42:53 M1-2 amavis[3180]: Module NetAddr::IP 4.071
Jan 29 14:42:53 M1-2 amavis[3180]: Module Razor2::Client::Version 2.84
Jan 29 14:42:53 M1-2 amavis[3180]: Module Socket6 0.25
Jan 29 14:42:53 M1-2 amavis[3180]: Module Time::HiRes 1.9725
Jan 29 14:42:53 M1-2 amavis[3180]: Module URI 1.60
Jan 29 14:42:53 M1-2 amavis[3180]: Module Unix::Syslog 1.1
Jan 29 14:42:53 M1-2 amavis[3180]: Amavis::DB code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SQL base code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SQL::Log code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SQL::Quarantine NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Lookup::SQL code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Lookup::LDAP code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: AM.PDP-in proto code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SMTP-in proto code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Courier proto code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SMTP-out proto code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Pipe-out proto code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: BSMTP-out proto code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Local-out proto code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: OS_Fingerprint code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-VIRUS code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-SPAM code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-SPAM-EXT code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-SPAM-C code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-SPAM-SA code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Unpackers code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: DKIM code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Tools code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Found $file at /usr/bin/file
Jan 29 14:42:53 M1-2 amavis[3180]: No $altermime, not using it
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .mail
Jan 29 14:42:53 M1-2 amavis[3180]: No decoder for .F
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .Z at
/bin/uncompress
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .gz
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .bz2 at
/bin/bzip2 -d
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .xz at
/usr/bin/xz -dc
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .lzma at
/usr/bin/xz -dc --format=lzma
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .lzo at
/usr/bin/lzop -d
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .rpm at
/usr/bin/rpm2cpio
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .cpio at /bin/pax
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .tar at /bin/pax
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .deb at /usr/bin/ar
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .zip
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .kmz
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .7z at
/usr/bin/7zr
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .rar at
/usr/bin/unrar-free
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .arj at
/usr/bin/arj
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .arc at
/usr/bin/arc
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .zoo at
/usr/bin/zoo
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .doc at
/usr/bin/ripole
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .cab at
/usr/bin/cabextract
Jan 29 14:42:53 M1-2 amavis[3180]: No decoder for .tnef
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .tnef
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .exe at
/usr/bin/unrar-free; /usr/bin/arj
Jan 29 14:42:53 M1-2 amavis[3180]: Using primary internal av scanner
code for ClamAV-clamd
Jan 29 14:42:53 M1-2 amavis[3180]: Using primary internal av scanner
code for AVG Anti-Virus
Jan 29 14:42:53 M1-2 amavis[3180]: Found secondary av scanner
ClamAV-clamscan at /usr/bin/clamscan
Jan 29 14:42:53 M1-2 amavis[3180]: Deleting db files
nanny.db,__db.003,snmp.db,__db.001,__db.002 in /var/lib/amavis/db
Jan 29 14:42:53 M1-2 amavis[3180]: Creating db in /var/lib/amavis/db/;
BerkeleyDB 0.54, libdb 5.3
------------------------------------------------
On 1/29/18 2:33 PM, Dino Edwards wrote:
Please run amavisd in debug mode.
Stop the service
/etc/init.d/amavis stop
Then start in debug mode:
/etc/init.d/amavis debug
Open another session to your mail server and look at you
/var/log/mail.log and you should see the following upon amavisd
startup (or similar):
Jan 29 15:30:55.078 mail.domain.tld /usr/sbin/amavisd-new[8330]:
initializing Mail::SpamAssassin (0)
Jan 29 15:30:55.078 mail.domain.tld /usr/sbin/amavisd-new[8330]:
SpamAssassin debug facilities: info
Jan 29 15:30:55.712 mail.domain.tld /usr/sbin/amavisd-new[8330]: SA
info: zoom: able to use 315/360 'body_0' compiled rules (87.5%)
Jan 29 15:30:56.454 mail.domain.tld /usr/sbin/amavisd-new[8330]:
SpamAssassin loaded plugins: AskDNS, AutoLearnThreshold, Bayes,
BodyEval, Check, DCC, DKIM, DNSEval, FreeMail, HTMLEval,
HTTPSMismatch, Hashcash, HeaderEval, ImageInfo, MIMEEval, MIMEHeader,
Pyzor, Razor2, RelayEval, ReplaceTags, Rule2XSBody, SPF, SpamCop,
URIDNSBL, URIDetail, URIEval, VBounce, WLBLEval, WhiteListSubject
Jan 29 15:30:56.455 mail.domain.tld /usr/sbin/amavisd-new[8330]:
SpamControl: init_pre_fork on SpamAssassin done
Jan 29 15:30:56.455 mail.domain.tld /usr/sbin/amavisd-new[8330]: extra
modules loaded after daemonizing/chrooting:
/usr/lib/perl5/auto/NetAddr/IP/InetBase/inet_n2dx.al,
Mail/SpamAssassin/CompiledRegexps/body_0.pm,
Mail/SpamAssassin/Plugin/FreeMail.pm, Net/DNS/RR/OPT.pm
*From:*Computer Bob [mailto:[email protected]]
*Sent:* Monday, January 29, 2018 3:24 PM
*To:* Dino Edwards <[email protected]>;
[email protected]
*Subject:* Re: Scoring questions
Changes made, amavis restarted.
I have seen the following on all mails, I just was too lazy to include
it because I had to blank the server name...skuza..
X-Virus-Scanned: Debian amavisd-new at M1-2.myorganization.org
On 1/29/18 2:15 PM, Dino Edwards wrote:
Please try
$sa_tag_level_deflt = undef;
In
/etc/amavis/conf.d/50-user
Do you see the X-Virus-Scanned header in the emails that amavisd
processes?
*From:*amavis-users
[mailto:[email protected]]
*On Behalf Of *Computer Bob
*Sent:* Monday, January 29, 2018 2:40 PM
*To:* [email protected] <mailto:[email protected]>
*Subject:* Re: Scoring questions
I also agree that at this point auto learn should be off and
cleared as I have done.
But I still continue to get garbage mails through showing headers
such as:
X-Spam-Flag: NO
X-Spam-Score: 0.61
X-Spam-Level:
X-Spam-Status: No, score=0.61 tagged_above=-9999 required=5
tests=[HTML_FONT_LOW_CONTRAST=0.001, HTML_IMAGE_RATIO_04=0.61,
HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
T_REMOTE_IMAGE=0.01, T_RP_MATCHES_RCVD=-0.01]
autolearn=no autolearn_force=no
And as I said, when I run them through SA at the command line they
seem to score correctly.
The scores being given in the headers can't be correct as they all
are similarly low and wrong.
An interesting note is that if I try and forward one of these
received, they get flagged and sent to spam.
Without knowing the intricacies of the amavis procedural steps, or
were to start, it is not possible for me to troubleshoot.
On 1/29/18 1:20 PM, Dino Edwards wrote:
I disagree it's bad advice considering it's autolearn that seems to be
creating at least some of the problems he's experiencing.
However, I do agree, the AutoLearn Threshold should definitely be set
IF you are going to be using autolearn but in my experience auto-learn creates
more problems than it solves. I believe that only humans should be be used for
training the bayes database. Auto-learning has the tendency to exaggerate
issues over time.
Keep it simple for now and train your bayes database and after you've
trained it and it's scoring well, then consider using autolearn.
-----Original Message-----
From: amavis-users
[mailto:[email protected]] On
Behalf Of Benny Pedersen
Sent: Monday, January 29, 2018 1:06 PM
To:[email protected] <mailto:[email protected]>
Subject: Re: Re: Scoring questions
Computer Bob skrev den 2018-01-29 18:57:
I assume you mean bayes_auto_learn in local.cf. I set it to 0 from 1
and restarted.
yes its just bad advise, but setting this is what disables autolearn
i suggest see autolearnthreashold instaed
https://spamassassin.apache.org/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.html
bayes_auto_learn_threshold_nonspam -5
bayes_auto_learn_threshold_spam 7.5
let the spammers win now :)
