Of course, no matter how good your configuration is, some spam will always get through and some users will always complain.
As for concern #2, I'm not quite sure I fully understand what you are asking. I think you are saying that you are getting some errors after creating your own rules. If this is the case, my advice is:
1) Hold off on creating your own rules until you get a chance to read some tutorials on rule creation. There is a fine art to creating rules. Instead, get the custom rules from the link above and keep training Bayes to deal with false negatives and consider using DCC and Pyzor if you like.
2) When you do create new rules, always test them with "spamassassin --lint" first to make sure there are no errors in them.
Hope that helps. Kevin
Fernando Serto wrote:
hi, I had a mail relay running postfix (well, actually I still have), lying in front of my exchange server, so all mail sent to outside, goes through this postfix.
I got a link on security-basics that describes an installation of postfix-amavisd-spamassassin to filter spam.
I've followed Scott L. Henderson's step-by-step doc (http://www.geocities.com/scottlhenderson/spamfilter.html), and also a razor2 configuration (http://www.dambrosioauto.com/razor_config.html), and everything is working really smoothly.
but I still have a few doubts...
1- a few messages are not beeing tagged as a spam, and so, a few users are still getting unsolicited mails and complaining a lot! even the amount of spam had been decreased (1 of the users has recieved only 5 spams since last night... he used to recieve almost a 100 spams a day). I told all the users to forward the spams to me, and I would do something about it (yeah... I'm doing! I'm asking for help...). all the messages look like spam to me (subject and body). how should I block these messages. I've been adding the most common subject lines to postfix' header_checks file, but that seems pretty stupid to me.
2- sometimes, when I have a few rules on header_checks file (like the ones above): ## Anonymous?? ## /^(To|Cc): $/ REJECT Mail detected as spam - Specify recipients /^(To|Cc): undisclosed-recipients/ REJECT Mail detected as spam - Specify recipients
## Known spam ## /^X-Spam-Level: \*\*\*\*\*\*\*\*/ REJECT Mail detected as spam
... I get something really weird on the log file: May 31 15:19:03 mx amavis[30362]: (30362-02) mail_via_smtp: 550 5.6.0 Failed, id=30362-02, from MTA: 550 Error: Mail detected as spam - Specify recipients May 31 15:19:03 mx amavis[30362]: (30362-02) TROUBLE in check_mail: spam quar+notif FAILED: Can not quarantine: 550 5.6.0 Failed, id=30362-02, from MTA: 550 Error: Mail detected as spam - Specify recipients at /usr/local/sbin/amavisd line 6038, <GEN6> line 448. May 31 15:19:03 mx amavis[30362]: (30362-02) PRESERVING EVIDENCE in /var/amavis/amavis-20040531T151729-30362 May 31 15:19:03 mx postfix/smtp[30398]: 5BA693C544: to=<[EMAIL PROTECTED]>, relay=61.8.29.111[61.8.29.111], delay=1238, status=deferred (host 61.8.29.111[61.8.29.111] said: 451 4.5.0 Error in processing, id=30362-02, spam quar+notif FAILED: Can not quarantine: 550 5.6 .0 Failed, id=30362-02, from MTA: 550 Error: Mail detected as spam - Specify recipients at /usr/local/sbin/amavisd line 6038, <GEN6> line 448. (in reply to end of DATA command))
3- I read somewhere about DCC and Pyzor. I've configured it to use only Razor2, should I install these other couple tools?
Cheers, Fernando
-- Fernando Serto Systems Administrator Memetrics Pty. Phone: +61 2 95560833 Fax: +61 2 95556911 Mobile: 0403 338 005 E-mail: [EMAIL PROTECTED]
--- Certain disclaimers and policies apply to all email sent from Memetrics.
For the full text of these disclaimers and policies see <a
href="http://www.memetrics.com/emailpolicy.html";>http://www.memetrics.com/em
ailpolicy.html</a>
