Did you send all the headers of the emails that do not get handled
correctly?
*From:*Computer Bob [mailto:[email protected]]
*Sent:* Monday, January 29, 2018 5:25 PM
*To:* Dino Edwards <[email protected]>;
[email protected]
*Subject:* Re: Scoring questions
Interestingly, most mail gets handled correctly, only a few get
through and show the odd scores and such.
If I try and forward one of those that got through to another account,
they get handled properly and quarantined as spam !
So I am waiting for one of those odd-balls.
It's perplexing to me.
On 1/29/18 3:58 PM, Dino Edwards wrote:
If you are using putty, can you enable logging in your session,
send an obviously spam message and send the debug output?
Thanks
*From:*amavis-users
[mailto:[email protected]]
*On Behalf Of *Computer Bob
*Sent:* Monday, January 29, 2018 4:49 PM
*To:* [email protected] <mailto:[email protected]>
*Subject:* Re: Scoring questions
It starts with debug-sa, stays in the console window and puts does
not put debug-sa info into mail.log but displays it at the console
that called it.
On 1/29/18 2:33 PM, Dino Edwards wrote:
Please run amavisd in debug mode.
Stop the service
/etc/init.d/amavis stop
Then start in debug mode:
/etc/init.d/amavis debug
Open another session to your mail server and look at you
/var/log/mail.log and you should see the following upon
amavisd startup (or similar):
Jan 29 15:30:55.078 mail.domain.tld
/usr/sbin/amavisd-new[8330]: initializing Mail::SpamAssassin (0)
Jan 29 15:30:55.078 mail.domain.tld
/usr/sbin/amavisd-new[8330]: SpamAssassin debug facilities: info
Jan 29 15:30:55.712 mail.domain.tld
/usr/sbin/amavisd-new[8330]: SA info: zoom: able to use
315/360 'body_0' compiled rules (87.5%)
Jan 29 15:30:56.454 mail.domain.tld
/usr/sbin/amavisd-new[8330]: SpamAssassin loaded plugins:
AskDNS, AutoLearnThreshold, Bayes, BodyEval, Check, DCC, DKIM,
DNSEval, FreeMail, HTMLEval, HTTPSMismatch, Hashcash,
HeaderEval, ImageInfo, MIMEEval, MIMEHeader, Pyzor, Razor2,
RelayEval, ReplaceTags, Rule2XSBody, SPF, SpamCop, URIDNSBL,
URIDetail, URIEval, VBounce, WLBLEval, WhiteListSubject
Jan 29 15:30:56.455 mail.domain.tld
/usr/sbin/amavisd-new[8330]: SpamControl: init_pre_fork on
SpamAssassin done
Jan 29 15:30:56.455 mail.domain.tld
/usr/sbin/amavisd-new[8330]: extra modules loaded after
daemonizing/chrooting:
/usr/lib/perl5/auto/NetAddr/IP/InetBase/inet_n2dx.al,
Mail/SpamAssassin/CompiledRegexps/body_0.pm,
Mail/SpamAssassin/Plugin/FreeMail.pm, Net/DNS/RR/OPT.pm
*From:*Computer Bob [mailto:[email protected]]
*Sent:* Monday, January 29, 2018 3:24 PM
*To:* Dino Edwards <[email protected]>
<mailto:[email protected]>;
[email protected] <mailto:[email protected]>
*Subject:* Re: Scoring questions
Changes made, amavis restarted.
I have seen the following on all mails, I just was too lazy to
include it because I had to blank the server name...skuza..
X-Virus-Scanned: Debian amavisd-new at M1-2.myorganization.org
On 1/29/18 2:15 PM, Dino Edwards wrote:
Please try
$sa_tag_level_deflt = undef;
In
/etc/amavis/conf.d/50-user
Do you see the X-Virus-Scanned header in the emails that
amavisd processes?
*From:*amavis-users
[mailto:[email protected]]
*On Behalf Of *Computer Bob
*Sent:* Monday, January 29, 2018 2:40 PM
*To:* [email protected] <mailto:[email protected]>
*Subject:* Re: Scoring questions
I also agree that at this point auto learn should be off
and cleared as I have done.
But I still continue to get garbage mails through showing
headers such as:
X-Spam-Flag: NO
X-Spam-Score: 0.61
X-Spam-Level:
X-Spam-Status: No, score=0.61 tagged_above=-9999 required=5
tests=[HTML_FONT_LOW_CONTRAST=0.001,
HTML_IMAGE_RATIO_04=0.61,
HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
T_REMOTE_IMAGE=0.01, T_RP_MATCHES_RCVD=-0.01]
autolearn=no autolearn_force=no
And as I said, when I run them through SA at the command
line they seem to score correctly.
The scores being given in the headers can't be correct as
they all are similarly low and wrong.
An interesting note is that if I try and forward one of
these received, they get flagged and sent to spam.
Without knowing the intricacies of the amavis procedural
steps, or were to start, it is not possible for me to
troubleshoot.
On 1/29/18 1:20 PM, Dino Edwards wrote:
I disagree it's bad advice considering it's autolearn that
seems to be creating at least some of the problems he's experiencing.
However, I do agree, the AutoLearn Threshold should definitely
be set IF you are going to be using autolearn but in my experience auto-learn
creates more problems than it solves. I believe that only humans should be be
used for training the bayes database. Auto-learning has the tendency to
exaggerate issues over time.
Keep it simple for now and train your bayes database and after
you've trained it and it's scoring well, then consider using autolearn.
-----Original Message-----
From: amavis-users
[mailto:[email protected]] On
Behalf Of Benny Pedersen
Sent: Monday, January 29, 2018 1:06 PM
To:[email protected] <mailto:[email protected]>
Subject: Re: Re: Scoring questions
Computer Bob skrev den 2018-01-29 18:57:
I assume you mean bayes_auto_learn in local.cf. I set it to
0 from 1
and restarted.
yes its just bad advise, but setting this is what disables
autolearn
i suggest see autolearnthreashold instaed
https://spamassassin.apache.org/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.html
bayes_auto_learn_threshold_nonspam -5
bayes_auto_learn_threshold_spam 7.5
let the spammers win now :)
