Hallo,
ich habe mit Amavisd/Spamassassin ein Problem: Einige Mails deren Hits Wert über dem in der
Amavisd.conf angegebenen Wert liegt werden trotzdem zugestellt. Folgende Versionen kommen zum
Einsatz: amavisd-new-2.1.2; SpamAssassin version 3.0.4 (Suse 9.2).
Meine amavisd.conf (der höffentlich relevante Teil
):
# @bypass_virus_checks_maps = (1); # uncomment to DISABLE anti-virus code
# @bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code
$max_servers = 4; # number of pre-forked children (2..15 is common)
$daemon_user = 'vscan';
$daemon_group = 'vscan';
$mydomain = 'de-facto.de';
$MYHOME = '/var/spool/amavis';
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = undef;
# $daemon_chroot_dir = $MYHOME; # chroot directory or undef
# $db_home = "$MYHOME/db";
# $helpers_home = "$MYHOME/var"; # prefer $MYHOME clean and owned by root?
# $pid_file = "$MYHOME/var/amavisd.pid";
# $lock_file = "$MYHOME/var/amavisd.lock";
#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually
@local_domains_maps = ( ["."] );
# @mynetworks = qw( 127.0.0.0/8 ::1 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
$log_level = 4; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # listen on this local TCP port(s) (see $protocol)
$unix_socketname = "$MYHOME/amavisd.sock"; # when using sendmail milter
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 45.0;
$sa_kill_level_deflt = 4.0; # triggers spam evasive actions
$sa_dsn_cutoff_level = 8; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 2000*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
$sa_auto_whitelist = 0; # turn on AWL in SA 2.63 or older (irrelevant
# for SA 3.0, cf option is 'use_auto_whitelist')
# @lookup_sql_dsn =
# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'],
# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'] );
$virus_admin = "antivirus16\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "postmaster16\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "postmaster16\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "postmaster16\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
#@addr_extension_virus_maps = ('virus');
#@addr_extension_spam_maps = ('spam');
#@addr_extension_banned_maps = ('banned');
#@addr_extension_bad_header_maps = ('badh');
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file = 'file'; # file(1) utility; use recent versions
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj'];
$unrar = ['rar', 'unrar'];
$zoo = 'zoo';
$lha = 'lha';
$cpio = ['gcpio','cpio'];
$dspam = 'dspam';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$sa_spam_subject_tag = '***SPAM*** ';
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
# OTHER MORE COMMON SETTINGS (defaults may suffice):
$myhostname = 'mail.de-facto.de'; # must be a fully-qualified domain name!
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter!
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_PASS;
# $final_bad_header_destiny = D_PASS;
hier ein entsprechender Ausschnitt aus /var/log/mail:
Dec 21 04:54:46 mail2 amavis[5517]: (05517-02) Passed CLEAN, [205.158.62.181] <spock@yyhmail.com> -> <tes@test.de>, Message-ID: <000001c605e4$a99deda4$f897737a@yyhmail.com>, Hits: 10.827
Dec 21 04:54:46 mail2 amavis[5517]: (05517-02) TIMING [total 4321 ms] - SMTP EHLO: 6 (0%), SMTP pre-MAIL: 1 (0%), SMTP pre-DATA-flush: 2 (0%), SMTP DATA: 80 (2%), body_hash: 1 (0%), mime_decode: 17 (0%), get-file-type2: 11 (0%), decompose_part: 1 (0%), decompose_part: 3 (0%), parts_decode: 0 (0%), AV-scan-1: 722 (17%), spam-wb-list: 2 (0%), SA msg read: 2 (0%), SA parse: 3 (0%), SA check: 3374 (78%), update_cache: 1 (0%), save-to-local-mailbox: 3 (0%), post-do_spam: 1 (0%), fwd-connect: 7 (0%), fwd-mail-from: 4 (0%), fwd-rcpt-to: 5 (0%), write-header: 3 (0%), fwd-data: 1 (0%), fwd-data-end: 42 (1%), fwd-rundown: 1 (0%), main_log_entry: 16 (0%), update_snmp: 5 (0%), unlink-2-files: 8 (0%), rundown: 0 (0%)
Dec 21 04:54:46 mail2 postfix/smtp[5618]: < 127.0.0.1[127.0.0.1]: 250 2.6.0 Ok, id=05517-02, from MTA: 250 Ok: queued as 72A3918003
Dec 21 04:54:46 mail2 postfix/smtp[5618]: 2BC9118002: to=<test@test.de>, relay=127.0.0.1[127.0.0.1], delay=10, status=sent (250 2.6.0 Ok, id=05517-02, from MTA: 250 Ok: queued as 72A3918003)
Dec 21 04:54:46 mail2 postfix/smtp[5618]: name_mask: resource
Dec 21 04:54:46 mail2 postfix/smtp[5618]: name_mask: software
Dec 21 04:54:46 mail2 postfix/qmgr[4411]: 2BC9118002: removed
Dec 21 04:54:46 mail2 postfix/smtp[5624]: 72A3918003: to=<test@test.de>, relay=10.3.1.33[10.3.1.33], delay=0, status=sent (250 Ok: queued as 82C8F406316)
habt Ihr da eine Idee? Wenn noch irgendwas fehlt reiche ich das natürlich gerne nach!
Gruß
ich habe mit Amavisd/Spamassassin ein Problem: Einige Mails deren Hits Wert über dem in der
Amavisd.conf angegebenen Wert liegt werden trotzdem zugestellt. Folgende Versionen kommen zum
Einsatz: amavisd-new-2.1.2; SpamAssassin version 3.0.4 (Suse 9.2).
Meine amavisd.conf (der höffentlich relevante Teil
):# @bypass_virus_checks_maps = (1); # uncomment to DISABLE anti-virus code
# @bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code
$max_servers = 4; # number of pre-forked children (2..15 is common)
$daemon_user = 'vscan';
$daemon_group = 'vscan';
$mydomain = 'de-facto.de';
$MYHOME = '/var/spool/amavis';
$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR
$QUARANTINEDIR = undef;
# $daemon_chroot_dir = $MYHOME; # chroot directory or undef
# $db_home = "$MYHOME/db";
# $helpers_home = "$MYHOME/var"; # prefer $MYHOME clean and owned by root?
# $pid_file = "$MYHOME/var/amavisd.pid";
# $lock_file = "$MYHOME/var/amavisd.lock";
#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually
@local_domains_maps = ( ["."] );
# @mynetworks = qw( 127.0.0.0/8 ::1 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 );
$log_level = 4; # verbosity 0..5
$log_recip_templ = undef; # disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024; # listen on this local TCP port(s) (see $protocol)
$unix_socketname = "$MYHOME/amavisd.sock"; # when using sendmail milter
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 45.0;
$sa_kill_level_deflt = 4.0; # triggers spam evasive actions
$sa_dsn_cutoff_level = 8; # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 2000*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0; # only tests which do not require internet access?
$sa_auto_whitelist = 0; # turn on AWL in SA 2.63 or older (irrelevant
# for SA 3.0, cf option is 'use_auto_whitelist')
# @lookup_sql_dsn =
# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'],
# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'] );
$virus_admin = "antivirus16\@$mydomain"; # notifications recip.
$mailfrom_notify_admin = "postmaster16\@$mydomain"; # notifications sender
$mailfrom_notify_recip = "postmaster16\@$mydomain"; # notifications sender
$mailfrom_notify_spamadmin = "postmaster16\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
#@addr_extension_virus_maps = ('virus');
#@addr_extension_spam_maps = ('spam');
#@addr_extension_banned_maps = ('banned');
#@addr_extension_bad_header_maps = ('badh');
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file = 'file'; # file(1) utility; use recent versions
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj'];
$unrar = ['rar', 'unrar'];
$zoo = 'zoo';
$lha = 'lha';
$cpio = ['gcpio','cpio'];
$dspam = 'dspam';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$sa_spam_subject_tag = '***SPAM*** ';
$defang_virus = 1; # MIME-wrap passed infected mail
$defang_banned = 1; # MIME-wrap passed mail containing banned name
# OTHER MORE COMMON SETTINGS (defaults may suffice):
$myhostname = 'mail.de-facto.de'; # must be a fully-qualified domain name!
$notify_method = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter!
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_PASS;
# $final_bad_header_destiny = D_PASS;
hier ein entsprechender Ausschnitt aus /var/log/mail:
Dec 21 04:54:46 mail2 amavis[5517]: (05517-02) Passed CLEAN, [205.158.62.181] <spock@yyhmail.com> -> <tes@test.de>, Message-ID: <000001c605e4$a99deda4$f897737a@yyhmail.com>, Hits: 10.827
Dec 21 04:54:46 mail2 amavis[5517]: (05517-02) TIMING [total 4321 ms] - SMTP EHLO: 6 (0%), SMTP pre-MAIL: 1 (0%), SMTP pre-DATA-flush: 2 (0%), SMTP DATA: 80 (2%), body_hash: 1 (0%), mime_decode: 17 (0%), get-file-type2: 11 (0%), decompose_part: 1 (0%), decompose_part: 3 (0%), parts_decode: 0 (0%), AV-scan-1: 722 (17%), spam-wb-list: 2 (0%), SA msg read: 2 (0%), SA parse: 3 (0%), SA check: 3374 (78%), update_cache: 1 (0%), save-to-local-mailbox: 3 (0%), post-do_spam: 1 (0%), fwd-connect: 7 (0%), fwd-mail-from: 4 (0%), fwd-rcpt-to: 5 (0%), write-header: 3 (0%), fwd-data: 1 (0%), fwd-data-end: 42 (1%), fwd-rundown: 1 (0%), main_log_entry: 16 (0%), update_snmp: 5 (0%), unlink-2-files: 8 (0%), rundown: 0 (0%)
Dec 21 04:54:46 mail2 postfix/smtp[5618]: < 127.0.0.1[127.0.0.1]: 250 2.6.0 Ok, id=05517-02, from MTA: 250 Ok: queued as 72A3918003
Dec 21 04:54:46 mail2 postfix/smtp[5618]: 2BC9118002: to=<test@test.de>, relay=127.0.0.1[127.0.0.1], delay=10, status=sent (250 2.6.0 Ok, id=05517-02, from MTA: 250 Ok: queued as 72A3918003)
Dec 21 04:54:46 mail2 postfix/smtp[5618]: name_mask: resource
Dec 21 04:54:46 mail2 postfix/smtp[5618]: name_mask: software
Dec 21 04:54:46 mail2 postfix/qmgr[4411]: 2BC9118002: removed
Dec 21 04:54:46 mail2 postfix/smtp[5624]: 72A3918003: to=<test@test.de>, relay=10.3.1.33[10.3.1.33], delay=0, status=sent (250 Ok: queued as 82C8F406316)
habt Ihr da eine Idee? Wenn noch irgendwas fehlt reiche ich das natürlich gerne nach!
Gruß
