Thanks for you help! I'm trying to figure out why this email "get very
low" score. Yes, Amavisd didn't stop it. I understand that, it is not
part of the question here.
I fed a lot of similar emails "learn spam" and still get very low score.
It too thought it was permissions issues.
On 04/10/2018 01:12 PM, Reindl Harald wrote:
this is *amavis* not spamassassin
X-Spam-Status: Yes, score=3.501 tag=-999.9 tag2=3.1 kill=3.1
3.501 is clearly above kill=3.1
Delivered-To: spam-quarantine
so it *does not* get very low score, ask amavis folks, spamassasin is
only one piece of your setup
Am 10.04.2018 um 22:05 schrieb Motty Cruz:
Thanks for your prompt reply:
https://pastebin.com/bLy3Jcqt
Apr 10 11:51:44 vm1 postfix/qmgr[791]: 723EC1A1706:
from=<emily.thomp...@spontaneous-search-level.com>, size=16883, nrcpt=1
(queue active)
Apr 10 11:51:46 vm1 amavis[1395]: (01395-01) Passed CLEAN
{RelayedInbound}, [127.0.0.1] [171.61.147.96]
<emily.thomp...@spontaneous-search-level.com> -> <iu...@domainfq.com>,
Message-ID:
<1747601d3d0fc$dc189190$9449b4b0$@spontaneous-search-level.com>,
mail_id: G71jMeOxz-Ha, Hits: 3.501, size: 16883, 1972 ms
root@vm1
On 04/10/2018 12:34 PM, David Jones wrote:
On 04/10/2018 02:13 PM, Motty Cruz wrote:
tons of spam fed to my spam-filter and yet very spammy emails get low
score.
zcat /var/virusmails/spam-G71jMeOxz-Ha.gz | less
Return-Path: <>
Delivered-To: spam-quarantine
X-Envelope-From: <emily.thomp...@spontaneous-search-level.com>
X-Envelope-To: <iu...@domainfq.com>
X-Envelope-To-Blocked: <iu...@domainfq.com>
X-Quarantine-ID: <G71jMeOxz-Ha>
X-Spam-Flag: YES
X-Spam-Score: 3.501
X-Spam-Level: ***
X-Spam-Status: Yes, score=3.501 tag=-999.9 tag2=3.1 kill=3.1
tests=[BAYES_99=3.5, HTML_MESSAGE=0.001] autolearn=disabled
Received: from vm1.domainfq.com ([127.0.0.1])
by vm1 (vm1.domainfq.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id G71jMeOxz-Ha for <iu...@domainfq.com>;
Tue, 10 Apr 2018 11:51:44 -0700 (PDT)
Received: from pba.mrc.mrface.com (pba.mrc.mrface.com [178.62.193.238])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
in local.cf
use_bayes 1
skip_rbl_checks 1
# Bayesian classifier auto-learning (default: 1)
#
bayes_auto_learn 0
bayes_path /var/amavis/.spamassassin/bayes
use_razor2 1
# Tell SA that we want to use Razor version 2
use_pyzor 0
# Tells SA that we don't want to use Pyzor
dns_available yes
# If you are sure you have DNS access set it to "yes"
#
score DKIM_POLICY_SIGNALL 2
score DKIM_SIGNED 0.00
score DKIM_POLICY_SIGNSOME 2
score DKIM_POLICY_TESTING 2
score DKIM_VERIFIED 0.0
score T_DKIM_INVALID 3.59
score T_DKIM_VALID_AU 3.59
score DKIM_INVALID 3.59
score DKIM_VALID_AU 3.59
score HTML_LINK_CLICK_HERE 3
score LINES_OF_YELLING 2
score BODY_ENHANCEMENT 5.213
score BODY_ENHANCEMENT2 5.213
score DRUGS_ERECTILE 5.713
score DRUG_ED_SILD 5.713
score HELO_DYNAMIC_DHCP 4.213
score HS_INDEX_PARAM 5.713
score ONLINE_PHARMACY 5.713
score RDNS_DYNAMIC 2.99
score RDNS_NONE 2.99
score NO_DNS_FOR_FROM 5.5
score SPF_HELO_FAIL 5.0
Need more info:
- example email in pastbin.com only lightly redacted
- mail log output from this message
- output of the bayes DB: 'sa-learn --dump magic' run as amavis user
- output of this command: 'spamassassin -D --lint 2>&1 | /bin/grep -i
bayes' run as the amavis user
