SpamAssassin – listo para dar para arriba – muy poco confiable, marcando el Spam como jamón

Funciono un VPS, y tengo que decir que por mucho, conseguir SpamAssassin que trabaja derecho ha sido la cosa más frustrante de todos. Sigue perdiendo correos spam y veo autolearn=ham en el encabezado, pero cuando encuentro el post en /var/vmail en el server y ejecuto spamassassin -t para probarlo, se obtiene una puntuación de más de 100 (porque el remitente es en mi list negra). No tiene sentido.

Este es el estado de X-Spam-Status en el encabezado del correo electrónico:

 X-Spam-Status: No, score=-0.5 requinetworking=3.4 tests=BAYES_05,HTML_MESSAGE, NO_RECEIVED,NO_RELAYS autolearn=ham version=3.3.2 

¿Por qué la puntuación aquí por -0,5 y por qué se autolearned como jamón? Sin embargo, ejecutar spamassassin -t en este post produce:

 Content analysis details: (103.0 points, 3.4 requinetworking) pts rule name description ---- ---------------------- -------------------------------------------------- 100 USER_IN_BLACKLIST From: address is in the user's black-list 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (advertise.bz222hwpxo[at]gmail.com) -0.0 NO_RELAYS Informational: message was not relayed via SMTP 3.0 BAYES_95 BODY: Bayes spam probability is 95 to 99% [score: 0.9502] 0.0 T_OBFU_HTML_ATTACH BODY: HTML attachment with non-text MIME type 0.0 T_HTML_ATTACH HTML attachment to bypass scanning? -0.0 NO_RECEIVED Informational: message has no Received headers 

Estoy completamente confundido. Cualquier ayuda sería muy apreciada!

Archivos de configuration

/etc/postfix/master.cf

 # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - - - - smtpd -o content_filter=spamassassin #smtp inet n - - - 1 postscreen #smtpd pass - - - - - smtpd #dnsblog unix - - - - 0 dnsblog #tlsproxy unix - - - - 0 tlsproxy submission inet n - - - - smtpd -o content_filter=spamassassin # -o syslog_name=postfix/submission # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_tls_auth_only=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject -o smtpd_sasl_security_options=noanonymous,noplaintext -o smtpd_sasl_tls_security_options=noanonymous # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickup fifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - - 1000? 1 tlsmgr rewrite unix - - - - - trivial-rewrite bounce unix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verify unix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - - - - smtp relay unix - - - - - smtp # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - - - - showq error unix - - - - - error retry unix - - - - - error discard unix - - - - - discard local unix - nn - - local virtual unix - nn - - virtual lmtp unix - - - - - lmtp anvil unix - - - - 1 anvil scache unix - - - - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. # # Many of the following services use the Postfix pipe(8) delivery # agent. See the pipe(8) man page for information about ${recipient} # and other message envelope options. # ==================================================================== # # maildrop. See the Postfix MAILDROP_README file for details. # Also specify in main.cf: maildrop_destination_recipient_limit=1 # maildrop unix - nn - - pipe flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} # # ==================================================================== # # Recent Cyrus versions can use the existing "lmtp" master.cf entry. # # Specify in cyrus.conf: # lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 # # Specify in main.cf one or more of the following: # mailbox_transport = lmtp:inet:localhost # virtual_transport = lmtp:inet:localhost # # ==================================================================== # # Cyrus 2.1.5 (Amos Gouaux) # Also specify in main.cf: cyrus_destination_recipient_limit=1 # #cyrus unix - nn - - pipe # user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} # # ==================================================================== # Old example of delivery via Cyrus. # #old-cyrus unix - nn - - pipe # flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} # # ==================================================================== # # See the Postfix UUCP_README file for configuration details. # uucp unix - nn - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) # # Other external delivery methods. # ifmail unix - nn - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - nn - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient scalemail-backend unix - nn - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} mailman unix - nn - - pipe flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop} ${user} dovecot unix - nn - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/dovecot-lda -d $(recipient) spamassassin unix - nn - - pipe user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} #sp-order unix - nn - - pipe # user=sara argv=/home/sara/order-notify -f ${sender} -- ${recipient} 

/etc/spamassassin/local.cf

 # This is the right place to customize your installation of SpamAssassin. # # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be # tweaked. # # Only a small subset of options are listed below # ########################################################################### bayes_path /var/lib/spamassassin/.spamassassin/bayes # Add *****SPAM***** to the Subject header of spam e-mails # rewrite_header Subject [***** SPAM _SCORE_ *****] # Save spam messages as a message/rfc822 MIME attachment instead of # modifying the original message (0: off, 2: use text/plain instead) # report_safe 0 # Set which networks or hosts are considenetworking 'trusted' by your mail # server (ie not spammers) # # trusted_networks 212.17.35. # Set file-locking method (flock is not safe over NFS, but is faster) # # lock_method flock # Network checks skip_rbl_checks 0 use_razor2 0 #use_dcc 0 use_pyzor 0 # Set the threshold at which a message is considenetworking spam (default: 5.0) # requinetworking_score 3.4 # Use Bayesian classifier (default: 1) # use_bayes 1 use_bayes_rules 1 # Bayesian classifier auto-learning (default: 1) # bayes_auto_learn 1 # Set headers which may provide inappropriate cues to the Bayesian # classifier # # bayes_ignore_header X-Bogosity # bayes_ignore_header X-Spam-Flag # bayes_ignore_header X-Spam-Status # Some shortcircuiting, if the plugin is enabled # ifplugin Mail::SpamAssassin::Plugin::Shortcircuit # # default: strongly-whitelisted mails are *really* whitelisted now, if the # shortcircuiting plugin is active, causing early exit to save CPU load. # Uncomment to turn this on # # shortcircuit USER_IN_WHITELIST on # shortcircuit USER_IN_DEF_WHITELIST on # shortcircuit USER_IN_ALL_SPAM_TO on # shortcircuit SUBJECT_IN_WHITELIST on # the opposite; blacklisted mails can also save CPU # # shortcircuit USER_IN_BLACKLIST on # shortcircuit USER_IN_BLACKLIST_TO on # shortcircuit SUBJECT_IN_BLACKLIST on # if you have taken the time to correctly specify your "trusted_networks", # this is another good way to save CPU # # shortcircuit ALL_TRUSTED on # and a well-trained bayes DB can save running rules, too # # shortcircuit BAYES_99 spam # shortcircuit BAYES_00 ham endif # Mail::SpamAssassin::Plugin::Shortcircuit blacklist_from mike.newsletter30@gmail.com blacklist_from advertise*@gmail.com 

One Solution collect form web for “SpamAssassin – listo para dar para arriba – muy poco confiable, marcando el Spam como jamón”

Sospecho que está ejecutando su testing spamassassin -t como un usuario diferente de postfix está invocando como. Si postfix ya ha degradado los privilegios desde la raíz, es posible que no pueda ejecutarse como cualquier usuario que no sea él mismo.

Dado que parece que está ejecutando cada post en SpamAssassin como el mismo usuario, no necesita counts separadas en SpamAssassin. Intente usar /etc/spamassassin/local.cf (o donde quiera que /etc/spamassassin/local.cf la configuration del sistema) en lugar de ~/.spamassassin/user_prefs para su list negra y, si funciona, asegúrese de que otros elementos por usuario también se hagan a nivel global , especialmente en las bahías de todo el sitio . (El único otro que puedo pensar es AWL .)

Si desea elementos por usuario, tendrá que averiguar qué usuario está ejecutando. O cavar a través de sus loggings o tal vez se puede ejecutar top y ver como un post de testing viene en (aunque será rápido …).

  • Spamassassin DNS problema DKIM
  • URIBL_BLOCKED a pesar del caching del server de nombres
  • Solución alternativa SpamAssassin Y2K10 Bug (Mac OS X Server)
  • Sane Spam Strategy
  • Spamassassin: tienda bayes por usuario en mysql (con amavis)
  • Spamassassin Systemd Error
  • Spamassassin en 1and1 server dedicado
  • amavis + SA no marca posts como spam
  • Problema de SPF con SpamAssassin
  • Spamassassin: SA-update falló por razones desconocidas, error diario, ¿Cómo arreglarlo?
  • ¿Es SRS reescritura absolutamente necesario para un server de correo de reenvío?
  • Spamassassin no respetando mi list negra
  • Recuperación de correo en cuarentena de SpamAssassin / ClamAV / Postfix
  • El linux y los temas del servidor de Windows, como ubuntu, centos, apache, nginx, debian y consejos de red.