-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi!
I hope this is the right place to ask the following questions. I have a setup with an internet-facing "external mail relay" and an internal mail server, both running Sendmail under Linux. On the external mail relay I have spamass-milter running. SpamAssassin runs on the internal mail server, mostly to make it easy to use sa-learn on some cyrus imap folders but also because the external mail relay is a virtualized machine where I want to keep the load low. I now want to reject all incoming mails which were tagged by SA with a score equal to or above some value directly at the external relay. I also want to redirect all other tagged spam mails to some internal mail address to keep the inboxes of my users clear of spam mail and have someone check the "spam-box" once every few days. I can do this with the following options of spamass-milter: "-r nn" - makes spamass-milter instruct sendmail to reject mails with a score equal to or above a value of "nn". I currently use an upper limit of 12 "-b address" - redirects tagged spam to the specified address. In principle this works, but it has a flaw: rejected mails also get redirected to the central spam address... Look at the following log messages from the external mail relay: [...] Feb 5 14:11:25 router sm-mta[27772]: o15DBIvZ027772: from=<alexander.pristen...@telma.ru>, size=7280, class=0, nrcpts=1, msgid=<0c0b01caa675$752fc5d0$a607b...@\360\363\361\353\340\355>, bodytype=8BITMIME, proto=SMTP, daemon=MTA, relay=166-7-179-94.pool.ukrtel.net [94.179.7.166] Feb 5 14:11:31 router sm-mta[27772]: o15DBIvZ027772: Milter add: header: X-Spam-Flag: YES Feb 5 14:11:31 router sm-mta[27772]: o15DBIvZ027772: Milter add: header: X-Spam-Status: Yes, score=46.3 required=5.0 tests=BAYES_99,\n\tBUG6152_INVALID_DATE_TZ_ABSURD,DCC_CHECK,DIGEST_MULTIPLE,FH_HELO_EQ_D_D_D_D,\n\tHELO_DYNAMIC_IPADDR2,HK_NAME_DRUGS,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,\n\tINVALID_DATE_TZ_ABSURD,INVALID_MSGID,LIVEFILESTORE,L_SPAM_TOOL_13,\n\tMIME_HTML_ONLY,RATWARE_MS_HASH,RATWARE_OUTLOOK_NONAME,RAZOR2_CF_RANGE_51_100,\n\tRAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_BL_SPAMCOP_NET,\n\tRCVD_IN_BRBL_LASTEXT,RCVD_IN_PBL,RCVD_IN_PSBL,RCVD_IN_SORBS_WEB,RCVD_IN_XBL,\n\tRDNS_DYNAMIC,TVD_RCVD_IP,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL\n\tautolearn=spam version=3.3.0 Feb 5 14:11:31 router sendmail[27776]: o15DBVfw027776: from=root, size=12859, class=0, nrcpts=1, msgid=<0c0b01caa675$752fc5d0$a607b...@\360\363\361\353\340\355>, bodytype=8BITMIME, relay=r...@localhost Feb 5 14:11:36 router sm-mta[27777]: STARTTLS=server, relay=localhost [127.0.0.1], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256 Feb 5 14:11:36 router sendmail[27776]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 Feb 5 14:11:36 router sm-mta[27777]: o15DBVOX027777: from=<r...@router.mydomain.at>, size=13017, class=0, nrcpts=1, msgid=<0c0b01caa675$752fc5d0$a607b...@\360\363\361\353\340\355>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1] Feb 5 14:11:36 router sendmail[27776]: o15DBVfw027776: to=s...@mydomain.at, ctladdr=root (0/0), delay=00:00:05, xdelay=00:00:05, mailer=relay, pri=42859, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (o15DBVOX027777 Message accepted for delivery) Feb 5 14:11:36 router sm-mta[27772]: o15DBIvZ027772: Milter: data, reject=550 5.7.1 Blocked by SpamAssassin Feb 5 14:11:36 router sm-mta[27772]: o15DBIvZ027772: to=<u...@mydomain.at>, delay=00:00:12, pri=37280, stat=Blocked by SpamAssassin Feb 5 14:11:36 router sm-mta[27780]: STARTTLS=client, relay=server.mydomain.at, version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 Feb 5 14:11:37 router sm-mta[27780]: o15DBVOX027777: to=<s...@mydomain.at>, ctladdr=<r...@router.mydomain.at> (0/0), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=133017, relay=server.mydomain.at. [192.168.191.3], dsn=2.0.0, stat=Sent (o15DBaYm029903 Message accepted for delivery) [...] You can see that the mail has a spam score of 46.3 which is way above my limit of 12 so the mail gets rejected at the external mail relay with error code 550. This is what I want. *But* the mail is also redirected to the internal spam mail account "s...@mydomain.at", which is not what I want. I only want mails with a spam score between 5 and and some upper limit (currently 12) to go the the central spam address. On the external mail relay "router.mydomain.at", spamass-milter is running like this: /usr/sbin/spamass-milter -f -r 12 -a -p /var/run/spamassassin/milter.sock -b s...@mydomain.at -i 127.0.0.1/32 -i 192.168.191.0/24 -- -p 783 -d 192.168.191.3 On the internal mailserver "server.mydomain.at" spamd is running like this: /usr/bin/spamd -d -x -u spamd -r /var/run/spamassassin/spamd.pid -p 783 -A 127.0.0.1,192.168.191.0/24 -i 0.0.0.0 Does anyone use a similar setup? Is there any way to make the system behave the way I want? Do I miss the obvious? Any ideas are welcome! Thanks! KR - - andreas - -- Andreas Haumer | mailto:andr...@xss.co.at *x Software + Systeme | http://www.xss.co.at/ Karmarschgasse 51/2/20 | Tel: +43-1-6060114-0 A-1100 Vienna, Austria | Fax: +43-1-6060114-71 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFLbB20xJmyeGcXPhERAtRYAKCL3PUGVi8crM1Il3FJK8RG+q6DHgCfc/Mn ht0koMrbZHl7hpterN/XGmE= =RJg7 -----END PGP SIGNATURE-----
