On 23.05.20 10:35, sse450 wrote:
I setup amavisd (2.12.0), spamassassin (3.4.2), postfix, dovecot on
CentOS8 about one month ago and run sa-learn every night as a crontab
entry. There are considerable data accumulated on the database. But,
still, I get BAYES_00=-1.9 for a very spammy mail:
X-Spam-Flag: YES
X-Spam-Score: 29.813
X-Spam-Level: *****************************
X-Spam-Status: Yes, score=29.813 tagged_above=-999 required=3
tests=[AXB_XMAILER_MIMEOLE_OL_024C2=0.001, BAYES_00=-1.9,
CUSTOM_DMARC_FAIL=2, DCC_CHECK=1.1, DCC_REPUT_70_89=0.1,
DIGEST_MULTIPLE=0.293, DKIM_ADSP_CUSTOM_MED=0.001, DMARC_NONE=0.1,
FORGED_GMAIL_RCVD=2.5, FORGED_MUA_OUTLOOK=1.927, FORM_FRAUD_5=0.001,
FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001,
FREEMAIL_REPLYTO=1, FREEMAIL_REPLYTO_END_DIGIT=0.25,
FROM_MISSPACED=0.001, FROM_MISSP_EH_MATCH=0.001,
FROM_MISSP_FREEMAIL=2.01,
FROM_MISSP_MSFT=0.001,FROM_MISSP_REPLYTO=1.717,
FROM_MISSP_XPRIO=0.001, FROM_NOT_REPLYTO=2, FSL_BULK_SIG=0.001,
FSL_CTYPE_WIN1251=0.001, FSL_NEW_HELO_USER=0.001, HK_SCAM=0.001,
KAM_DMARC_NONE=0.25, KAM_DMARC_STATUS=0.01, MALFORMED_FREEMAIL=1.142,
MISSING_HEADERS=1.021, MISSING_MID=0.497, NML_ADSP_CUSTOM_MED=0.9,
NSL_RCVD_HELO_USER=0.001, PYZOR_CHECK=1.392,RCVD_IN_MSPIKE_BL=0.001,
RCVD_IN_MSPIKE_L4=0.001, RCVD_IN_RP_RNBL=1.31, RCVD_IN_SBL_CSS=3.335,
REPLYTO_WITHOUT_TO_CC=1.552, SPF_HELO_PASS=-0.001,
SPF_SOFTFAIL=0.665,SPOOFED_FREEMAIL=1.999, SPOOFED_FREEM_REPTO=0.693,
TO_NO_BRKTS_FROM_MSSP=1.655, TO_NO_BRKTS_MSFT=0.001,
T_DEAR_BENEFICIARY=0.01, T_FILL_THIS_FORM_SHORT=0.01,
T_HK_NAME_FM_MR_MRS=0.01] autolearn=no autolearn_force=no
root@winsvr:/# sa-learn -D --dump magic
root's bayes is not used here.
root@winsvr:~# su amavis -c 'sa-learn -D --dump magic'
plugin: failed to parse plugin (from @INC): Can't locate
Mail/SpamAssassin/Plugin/SpamCop.pm:
lib/Mail/SpamAssassin/Plugin/SpamCop.pm: Permission denied at (eval
50) line 1.
you must change to directory readable by user amavis to avoid this error.
chown -R amavis.amavis /usr/share/perl5/vendor_perl/Mail/SpamAssassin
you can easily mess your system up this way.
I believe you should chown back to root.
(I hope it's owned by root on centos)
root@winsvr:/# su amavis -c 'sa-learn -D --dump magic'
here you are in root directory so you won't get that problem
Interestingly, even after chown, su amavis -c 'sa-learn -D --dump
magic' still gives permission denied error sometimes.
because of the problem I described above
Is the BAYES_00=-1.9 normal for the sample spam email? Perhaps, I need
to accumulate more training data. Or, is something look wrong with my
setup?
this can happen ocasionally. Unfortunately, most of negative scoring rules
whitelists, so it's quite common that unwanted mail from e.g. google gets
whitelisted.
You need to train more spam.
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows found: (R)emove, (E)rase, (D)elete
