LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Amavisd / SA question

[ILUG] Amavisd / SA question

Niall O Broin niall at linux.ie
Mon Jul 26 16:01:35 IST 2004 

I'm configuring amavisd-new + clamav + SpamAssassin on a server. clamav 
appears to work, but I am having some issues with SA. I have a local.cf for 
SA which, amongst other things, gives 5 points if the subject matches 
"vicodin" and 2.5 points if the subject matches "í" (that's i fada, in case 
of encoding issue)

So, doing some tests with telnet to 10024, I got this:

MAIL FROM:<niall at magicgoeshere.com>
250 2.1.0 Sender niall at magicgoeshere.com OK
RCPT TO:<postmaster>
250 2.1.5 Recipient postmaster OK
DATA
354 End data with <CR><LF>.<CR><LF>
Subject: test4 for amavis - vicodin vícodín
test4 for amavis - vicodin vícodín
SA should catch this
.
250 2.5.0 Ok, id=28754-01-6, BOUNCE

and postmaster got no mail, but my sending address didn't get a bounce. What 
should have happened there?


However, when I do a slightly more real test, with telnet to 25, I get:

MAIL MAIL FROM:<niall at magicgoeshere.com>
250 Ok
RCPT TO:<postmaster>
250 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
Subject: test for amavis - vicodin vícodín
test for amavis - vicodin vícodín
SA should catch this
.
250 Ok: queued as 0026DE4D0


and sure enough when I look in postmaster's mail there it is, in all its 
glory, with an  X-Virus-Scanned: by amavisd-new  header.

Having done this with amavisd in debug mode, I have LOTS of debug info from 
which the following look relevant

(31053-01) CALLING SA check
(31053-01) spam_scan: hits=6 tests=ALL_TRUSTED,DRUGS_PAIN,LOCAL_DRUGS
(31053-01) lookup (bypass_spam_checks) => undef, 
"postmaster at localhost.mydomain.com" does not match
(31053-01) lookup (spam_tag_level) => true,
 "postmaster at localhost.mydomain.com" matches, result="2", 
matching_key="(constant:2)"
(31053-01) headers CLUSTERING: NEW CLUSTER
<postmaster at localhost.mydomain.com>: hits=6, tag=0, tag2=0, subj=0, subj_u=0, 
local=0, bl=
(31053-01) headers CLUSTERING: done all 1 recips in one go
(31053-01) FWD via SMTP: [127.0.0.1]:10025
<root at mail.mydomain.com> -> <postmaster at localhost.mydomain.com>



>From which it appears to me that amavisd DOES scan the mail with SA, which 
does find it to be spam (LOCAL_DRUGS is a local rule which gives +5 to 
vicodin in the Subject) but yet it doesn't add a header. I don't know what on 
earth the  headers CLUSTERING:  lines are about.

Can any of you shed some light here?



--
Niall

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell