CentOS 5 Server :: Spamassassin - Amavisd Not Catching Spam
Jul 21, 2010
I followed this how to document [URL] to install postfix, Amavisd, SpamAssassin and ClamAV. My postfix installation is working fine and I can send and receive emails fine. However, it looks like SpamAssassin is not catching any emails. Emails do get passed over to Amavisd as I can see in the logs but ALL Messages comes out CLEAN without being tagged as spam.
As per the document, I did test by sending a test virus email
it does get delievered without being detected as SPAM or tagged as SPAM.
As I said, I have followed the documentation dot by dot and hence do not have spamassassin starting up as a service but i guess amavisd starts it within itself as a module.
Also, my postfix version is the one that supports mysql virtual tables which I got from rpmforge.
start working with SA+Amavis+clamd+postfix+dovecot.will be my filter:spamassassin+amavisd-new+clamd. 1 Server will be my mail server: postfix+dovecot. Like u see, the emails from the outside reach first the filter, latter the mailbox. Now, I have seen in my log files, that if I receive a email to a "unknown user", the filter doesn't detect this and process the email and send it to the mail server. Exist a way to setup the filter to first check if the user exist and them apply all hard work and latter send the email to the mail server
I configured a mail server using Squeeze's latest packages with Posfix + Amavisd-new + Clamav + Spamassassin, but apparently the latter is not using the system configuration files, and I cannot figure out why.Running amavis in debug mode I get the following:
# /etc/init.d/amavis debug Trying to run amavisd-new in debug mode... Apr 28 16:01:08.291 [1427]: starting. /usr/sbin/amavisd-new at *******************
I'm running FC10, with the sendmail that was part of it in Feb 09. Anyway, Up till now I've been using the user client to do spam filtering, But I'd like to start catching the spam at the sendmail level. What are my options today? I tried searching the forums and found a bunch of threads from 2001-2006, but I figured many of the ideas are now longer vaild.
I have postfix setup with amavisd and I tried to send myself an email with the eicar file however it lets the email go through to my inbox. When I restart the amavisd service, there are no errors in the log and it finds all the decoders for different file types and I also see this come up:
Feb 8 14:45:44 Mailgate amavis[3116]: Using primary internal av scanner code for ClamAV-clamd Feb 8 14:45:44 Mailgate amavis[3116]: Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan
Everything seems to work but it doesn't scan the file for viruses. Also, I've double and triple checked and my amavisd.conf file doesn't have the option enabled to bypass virus scanning.
Due to all the "fun" I had upgrading spamassassin from 3.2.5 to 3.3.1 on C55 I thought I would detail it here so as to possibly save others from all the frustration I have endured. There are probably a zillion different ways to make this work but this is how I did it and it seems to work well.
1) Acquire spamassassin rpm. I downloaded several different versions from various sites and had problems with all of them so I ended up grabbing the SRPM from Fedora 13 spamassassin-3.3.1-2.fc13.src.rpm. This of course will not load onto C55 as rpmbuild has changed so I loaded it onto a FC13 box and then TARed the SPEC & SOURCES directories, copied them onto a C55 and built SRPM from there.
2) Install on C55 The new spamassassin requires several updated packages to make it happy. a) perl-Mail-DKIM greater than 0.31. I cheated and used this one from FC8 perl-Mail-DKIM-0.32-3.fc8.noarch.rpm b) perl-socket6 that is 2.0 or later. I got this one from DAG perl-Socket6-0.20-1.rf.x86_64.rpm c) perl-NetAddr-IP that is 4.0 or later. Again DAG saved the day perl-NetAddr-IP-4.007-1.rf.x86_64.rpm d) the spamassassin of course :) Actually I built them from the SRPMs as I needed both the 32 and 64 bit packages for various servers.
3) Run sa-update --D to get the latest rules then restart the spamassassin service. For those who do not have access to a FC13 box you can get a copy of the SRPM I made here [URL].
In the last week email delivery had slowed down to taking approximately 24 hours and investigation has revealed that there were 45000 emails in the mailqueue. I flushed the mailqueue yesterday but mail delivery is slowing down again because emails are again being queued by the thousand.
The mails are mainly spam sent to ficticious users at a genuine domain hosted on the server.
My setup is running Courier IMAP with Postfix, Spassassin is installed along with Amavisd-new but I just don't understand why this has suddenly become a problem based on my setup not having changed for the last 6 months.
Should these spam emails be being discarded by spamassassin before reaching the mail queue? Are my discard score settings too high (6.9)?
Anyone know what version of spam assassin is newer 3.3.1-3 or 3.3.1-52 I would assume 52 is newer but I don't know if once it reaches 99 it going to 2 Example 3.3.1-99 ---- 3.3.1-2 -----3.3.1-21 and so on. I could be completely off but can anyone just clarify if 3.3.1-3 is newer or older than 3.3.1.52
(On a side note does anyone know the difference between spamassassin-3.3.1-3.el5.rfx.i386.rpm and spamassassin-3.3.1-3.el5.rf.i386.rpm?? What does the X mean?) I looked at the release date of .52 and it seems to be in march 2010 whereas .1-3 seems to be in november. oes that seem correct? Does anyone have a direct download to spamassassin-3.3.1-3el5.rf.i386.rpm???
I just setup SpamAssassin and what not following this tutorial
[URL]
I am using CentOS 5.3. I was half way through that and got an email that had ***SPAM*** in the subject. Haven't received any more. First of all I want to know if spam will still get delivered, and just have a modified subject. Second, I want to know how to set it up so Spam goes to a user's spam mailbox (Virtual Users). And third of all, is it possible to disable spam filtering on a user basis, preferably using MySQL tables? Is it possible for users to mark a message as spam, and all further messages sent from that address will be sent to spam folder but only for that user?
EDIT: Yes spam is getting delivered with a modified header, on the server site, how can i deliver to spam folder? how to create IMAP virtual mailboxes on request without having to send an email to them first? Using virtual users with Courier Imap
I'm new here and I'm sure this question has been thrown around a lot but I just couldn't find a solution. I have a networking website I've setup and we need to send notification mails to our members depending on activity related to their profiles(messages, comments etc).We are hosting the site on Centos5.6 with VirtualMin and are using Postfix as our MTA. We also use google apps for email on the site. Heres the problem, the mails go through for some gmail users but more often than not, they end up in gmail,hotmail and yahoo spam.We've setup the appropriate SPF codes on the server, DKIM and rDNS works fine.v=spf1 ip4:xx.xx.xx.xx a mx include:_spf.google.com ~all Below is a sample email that goes directly into gmail spam. I've replaced the actual values with dummy text (Ip, Domain etc)
Delivered-To: my.email@gmail.com Received: by 10.143.165.5 with SMTP id s5cs223598wfo; Fri, 15 Apr 2011 08:38:22 -0700 (PDT)
I currently have the following email server set up:
Postfix with mysql backend Dovecot clamav spamassassin amavisd
And it all works great. However I would like it for amavisd to forward all the marked spam into a folder on each user account, but I cannot figure this out.
Brand new to Linux. Sort of got thrown in front of the bus if you know what I mean. The company I work for has a Linux server running CentOS 5.4 Company uses Linux for their Email, FTP and Web Server. Have been here a few years dabbling in and out of Linux and now that the old Admin has left the company.....I need to learn it ASAP. The server has run pretty solid until today.
The email server runs SendMail and SpamAssasin. Received lots of complaints today regarding extra SPAM. Noticed that SpamAssassin was not running. Tried to restart it through the WebMin tools and got the following error: Starting spamd: child process [3956] exited or timed out without signaling production of a PID file: exit 255 at /usr/bin/spamd line 2588.
Is there a package in YUM now that automatically updates amavisd-new to version 2.6.4??? My VM comes stock with version 2.5.4 and i absolutely CANNOT update it to 2.6.4 due to incompatibility issues in Maia Mailguard. When I do the package upgrade I don't understand but i specifically do NOT choose amavisd-new to be updated and everytime I check to see my latest version it is at version 2.6.4 I don't get it am I missing something? What can be causing my package to always get upgraded to the new version when I am not upgrading it.
I have spamassassin 3.3.1 clamav 0.96 postfix 2.3.3
I have Centos 5.5 and using Postfix, procmail and Dovecot for sending and receiving emails. I have spamassassin installed too but not configured. I am getting lots of spams. I googled a lot to find if there is any configuration but I couldn't find.how to setup spamassassin to filter emails for spams.
I work for a university institute and administrate its servers "incidently". Currently I am putting some work into our mail server configuration (sendmail 8.13.1 with amavisd-new-2.6.4). Recently I got amavis to verify DKIM signed mails. Now my plan was to sign outgoing Emails ourselves. This is what I have done (I replaced some names for privacy reasons):
I created a private key:
Code: /usr/local/amavisd/amavisd genrsa /var/dkim/SEL1_DKIMkey.pem Changed permissions for the user running amavis: Code: chown -R vscan.vscan /var/dkim/ && chmod -R 700 /var/dkim Editet my /etc/amavisd.conf:
[Code]....
Send Testmails to sa-test@sendmail.net and check-auth@verifier.port25.com . They automatically create answer mails considering signature information.
Send emails to my external account at some other provider.
The problem is that amavis is not signing the mails. Both automatic test emails reported, that the mail had not been signed. The mail to my external account also did not contain any DKIM information.
"My" system:
Code: # uname -r & cat /etc/issue 2.6.9-89.0.11.ELsmp Red Hat Enterprise Linux AS release 4 (Nahant Update 8)
I am running or was running a mail server. It used the titles service to scan emails but keeps bringing up a temporary failure right. But when I run the command 'amavisd' It brings up this error here:
I'm migrating a mailserver from an old to a new mailserver. The new mailserver is based on ISPConfig 3.0.6.1. I would like to migrate what spamassassin learnt in the past from the old mailserver to the new one. Now the question:
- The 2 spamassassin versions are different. Is it a problem? - Can I just migrate the database with this commands??? Code: sa-learn --backup > sadb.bkp sa-learn --restore ./sadb.bkp
-how to migrate SpamAssasins Auto White List and all others SpamAssassins databases?
Upgraded my Debian server over the weekend - caught up on all the updates since January. One of them was Spamassassin, which was working fine before (3.2.5). After the upgrade to 3.3.1, it's NOT using Bayes anymore - and I'm now finding 200+ messages for male-enhancement/ED meds, knockoffs of expensive watches and no-study graduate degrees in my Inbox that previously would have gone to /dev/null. I have the following in /etc/spamassassin/local.cf:
I have Postfix and Spamassassin setup on Ubuntu Server 9.10. The mail is working perfectly. Spamassassin is correctly marking messages as spam. My problem is with the milter and procmail. On past servers I was able to reject spam based on score via the spamass-milter. For whatever reason I can not get it to work. I have also tried with procmail, again, it does not work. Here are the relative lines in their respective config files:
I tried to fix my audio today after flash was not giving any sound i can see the video but there is no sound a problem common on the Ensoniq ES1370 chip i tried to resolve that by taking out the card leaving only the onboard SiS audio but that didn't work iether so i then installed the ac'97 linux driver which also did not work. so i disabled the onboard audio in the bios and it is now not showing up but i also put the card back in and now that one will now show up in System > Preferences > Sound but it does show in the device in system-config-soundcard but when i try to test i do not hear the sound the card did work on non flash things before i did all this.
When i installed CentOS 5.3 from the dvd i have to take out my slave drive on the primary ide and switch it to a dvd drive i had lying around. i have 4 drives total that take all the channels. so when i installed i only had 3 connected. after installing i tried to plug the drive back in and when it starts to load grub right after post all i get is "GRUB" spammed onto the screen over and over.
i have done a yum update to a new kernel and it says i am running CentOS 5.4 now kernel is 2.6.18-164.15.1.el5 these are the only known things from holding me back from getting my full linux experience :(
I am not sure why it does not install, it hangs(hangs for 10 minutes) and the only way to get out of it, is to ctrl-c, and then it gives error yum install amavisd-new
I am using postfix as spam Mailscanner to protect my mail server running sendmail. The problem is that when I forward an email from MailScanner mail me back with the following error:
<postmaster@localhost.@mydomain.com.>... Real domain name required for sender address (in reply to MAIL FROM command)) Jul 27 13:15:59 smtp postfix/local[28465]: C68AC1000001: to=<root@smtp.mydomain.com>,
After installing postfix on my server , all emails sent by a PHP class that i built , are received to spam folder , no matter what i do .am not an expert , except in PHP , the class i built works fine everywhere else except on this server , so i think the problem might be from the server it self ?some told me wrong configuration/software on my server , others told me wrong DNS stuff . actually i don't understand the DNS stuff , and am not an expert in linux softwares and services but i cann install/configure them , so could anyone please check the DNS for problems ?
Because our visitors/customers are short term, and may be configured incorrectly with their own mail servers we automagically redirect all port 25 traffic going to internal IP's to our own mail servers while on our network.(postfix on centos 5.6)While I have taken some measures to prevent it from spamming, I would greatly appreciate some assistance.I will be putting in clamav, but I haven't configured it yet with the mail.I am using postfix, but can also put on procmail or even spam assassin
The mail server is not on my local LAN, and all the primary users are roaming. They connect via TLS auth, which is required to make a sendmail connection to my server. I could whitelist all addresses in my domain, but then anyone spoofing my email wouldn't be seen as spam. How do I simply tell amavis-new and/or sendmail not to spam scan TLS authenticated users?
We have a vpn that is accessible to anyone. We already block port 25, 587 and 465. But I am still receiving spam reports. I believe that the users of my vpn is infected by a virus or something that sends spam. Are there any other ways that spammer send spam mails without using the smtp ports?
My guess is that they are trying to send it by accessing a webmail. Have you heard of anything like that? how to block spam?
I have a mail server (dovecot+postfix) on Centos with amavis/clamav installed and working. It correctly identifies spam as such and puts it in the headers. I want it to move those suspected spam messages into a spam folder. I do have this working on an older debian server that I didn't setup. If someone could point me in the direction if where that config might be. I can't find it in any of the mail config files.Could there be a seperate package doing this?
