Hello Gary, First off thanx for answering. I am attaching two text files with this email, one is the debug information that amavis spits out ( I only included some of the information that I thought was relevant) when I send the email and the other one is the email headers when I actually receive the email.
It is being awarded a score of 4.35 for some reason. Not the 50+ score that I was waiting to see since that is what I've set for that rule. I guess my next question is that if that rule is not being hit like you said then how would I know if the following rule (which the howto guide tells me to write in the conf file) is actually being hit: header LOCAL_RCVD Received =~ /.*\(\S+\.mydomain\.com\s+\[.*\]\)/ describe LOCAL_RCVD Received from local machine score LOCAL_RCVD -50 Again, I'm just really looking to test this server to make sure that it works fine before it goes out for production. I can't really test this on my live network so I need to find a way to send some actuall spam emails so to see if it picks them up or not, and I cant really do that since I have the server on an isolated network with nothing but a mock email server. Is there another way that I can test the spam server's functionality? I also noticed below that only a few of the tests are running: subtests=__CT,__CTYPE_HAS_BOUNDARY,__CTYPE_MULTIPART_ALT,__HAS_MIMEOLE,_ _HAS_MSGID,__HAS_OUTLOOK_IN_MAILER,__HAS_RCVD,__HAS_SUBJECT,__HAS_X_MAIL ER,__HTML_LENGTH_0000_1024,__HTML_LENGTH_384,__HTML_LENGTH_512,__MIMEOLE _MS,__MIME_HTML,__MIME_VERSION,__MSGID_DOLLARS_MAYBE,__MSGID_DOLLARS_OK, __MSGID_OK_HEX,__NEXTPART_ALL,__NEXTPART_NORMAL,__NONEMPTY_BODY,__OE_MSG ID_2,__SANE_MSGID,__TOCC_EXISTS Is there a way to run more? Like the ones listed here: http://spamassassin.apache.org/tests_3_1_x.html Thanx ========FILE 1 EMAIL HEADERS=============== Microsoft Mail Internet Headers Version 2.0 Received: from tadspam1.mydomain.com ([192.168.3.2]) by xchange.mydomain.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 9 Oct 2006 11:15:26 -0600 Received: from localhost (localhost. mydomain.com [127.0.0.1]) by tadspam1. mydomain.com (Postfix) with ESMTP id 958296CCD57 for <fcastellon@ mydomain.com>; Mon, 9 Oct 2006 04:50:37 -0600 (MDT) X-Spam-Score: 4.35 X-Spam-Level: **** X-Spam-Status: No, score=4.35 tagged_above=3 required=6.3 tests=[ALL_TRUSTED=-1.44, DATE_IN_FUTURE_03_06=2.007, HTML_MESSAGE=0.001, HTML_SHORT_LENGTH=0.629, NO_DNS_FOR_FROM=2.603, NO_REAL_NAME=0.55] Received: from tadspam1. mydomain.com ([127.0.0.1]) by localhost (TADSPAM1. mydomain.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id soGFhjukNl0H for <fcastellon@ mydomain.com>; Mon, 9 Oct 2006 04:50:36 -0600 (MDT) Received: from mydomainLT2 (unknown [192.168.3.3]) by tadspam1. mydomain.com (Postfix) with SMTP for <fcastellon@ mydomain.com>; Mon, 9 Oct 2006 04:50:36 -0600 (MDT) thread-index: Acbrrv9oihLtcnmDQreqVp+JUNNj3Q== Thread-Topic: This is a test message From: <[EMAIL PROTECTED]> To: <fcastellon@ mydomain.com> Subject: This is a test message Date: Mon, 9 Oct 2006 08:27:06 -0600 Message-ID: <000001c6ebae$ff6b5960$0303a8c0@ mydomainLT2> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0001_01C6EB7C.B4D3F6A0" X-Mailer: Microsoft CDO for Windows 2000 Content-Class: urn:content-classes:message Importance: normal Priority: normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 Return-Path: [EMAIL PROTECTED] X-OriginalArrivalTime: 09 Oct 2006 17:15:26.0656 (UTC) FILETIME=[835C6400:01C6EBC6] ------=_NextPart_000_0001_01C6EB7C.B4D3F6A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit ------=_NextPart_000_0001_01C6EB7C.B4D3F6A0 Content-Type: text/html Content-Transfer-Encoding: 7bit ------=_NextPart_000_0001_01C6EB7C.B4D3F6A0-- =========================================== ============== FILE 2 Amavis Debug ================ [29737] dbg: rules: running header regexp tests; score so far=0 [29737] dbg: rules: ran header rule __HAS_MSGID ======> got hit: "<" [29737] dbg: rules: ran header rule __HAS_MIMEOLE ======> got hit: "P" [29737] dbg: rules: ran header rule __CT ======> got hit: "m" [29737] dbg: rules: ran header rule __HAS_RCVD ======> got hit: "f" [29737] dbg: rules: ran header rule __MSGID_DOLLARS_MAYBE ======> got hit: "<[EMAIL PROTECTED]>" [29737] dbg: rules: ran header rule __SANE_MSGID ======> got hit: "<[EMAIL PROTECTED]> [29737] dbg: rules: " [29737] dbg: rules: ran header rule NO_REAL_NAME ======> got hit: "<[EMAIL PROTECTED]> [29737] dbg: rules: " [29737] dbg: rules: ran header rule __MSGID_DOLLARS_OK ======> got hit: "<[EMAIL PROTECTED]>" [29737] dbg: rules: ran header rule __MIMEOLE_MS ======> got hit: "Produced By Microsoft MimeOLE" [29737] dbg: rules: ran header rule __OE_MSGID_2 ======> got hit: "<[EMAIL PROTECTED]>" [29737] dbg: rules: ran header rule __NEXTPART_NORMAL ======> got hit: "="----=_NextPart_000_0001_01C6EB7C.B4D3F6A0"" [29737] dbg: rules: ran header rule __HAS_SUBJECT ======> got hit: "T" [29737] dbg: rules: ran header rule __HAS_OUTLOOK_IN_MAILER ======> got hit: "Microsoft CDO" [29737] dbg: rules: ran header rule __MIME_VERSION ======> got hit: "1" [29737] dbg: rules: ran header rule __NEXTPART_ALL ======> got hit: "NextPart" [29737] dbg: rules: ran header rule __CTYPE_MULTIPART_ALT ======> got hit: "multipart/alternative" [29737] dbg: rules: ran header rule __MSGID_OK_HEX ======> got hit: "ff6b5960" [29737] dbg: rules: ran header rule __CTYPE_HAS_BOUNDARY ======> got hit: "boundary" [29737] dbg: rules: ran header rule __TOCC_EXISTS ======> got hit: "<" [29737] dbg: rules: ran header rule __HAS_X_MAILER ======> got hit: "M" [29737] dbg: eval: all '*From' addrs: [EMAIL PROTECTED] [29737] dbg: eval: trying Received header date for real time: 9 Oct 2006 04:50:36 -0600 [29737] dbg: eval: time_t from date=1160391036, rcvd= 9 Oct 2006 04:50:36 -0600 [29737] dbg: eval: all '*To' addrs: [EMAIL PROTECTED] [29737] dbg: rules: ran eval rule ALL_TRUSTED ======> got hit [29737] dbg: rules: ran eval rule DATE_IN_FUTURE_03_06 ======> got hit [29737] dbg: eval: date chosen from message: Mon Oct 9 04:50:36 2006 [29737] dbg: rules: running body-text per-line regexp tests; score so far=1.117 [29737] dbg: rules: ran body rule __NONEMPTY_BODY ======> got hit: "T" [29737] dbg: uri: running uri tests; score so far=1.117 [29737] dbg: rules: ran eval rule __HTML_LENGTH_512 ======> got hit [29737] dbg: bayes: no dbs present, cannot tie DB R/O: /var/amavisd/.spamassassin/bayes_toks [29737] dbg: bayes: not scoring message, returning undef [29737] dbg: bayes: opportunistic call attempt failed, DB not readable [29737] dbg: rules: ran eval rule __HTML_LENGTH_0000_1024 ======> got hit [29737] dbg: rules: ran eval rule HTML_SHORT_LENGTH ======> got hit [29737] dbg: rules: ran eval rule __MIME_HTML ======> got hit [29737] dbg: rules: ran eval rule HTML_MESSAGE ======> got hit [29737] dbg: rules: ran eval rule __HTML_LENGTH_384 ======> got hit [29737] dbg: eval: text words: 14, html words: 14 [29737] dbg: eval: madiff: left: 0, orig: 14, max-difference: 0.00% [29737] dbg: rules: running raw-body-text per-line regexp tests; score so far=1.747 [29737] dbg: rules: running full-text regexp tests; score so far=1.747 [29737] dbg: check: running tests for priority: 500 [29737] dbg: dns: success for 5 of 5 queries [29737] dbg: rules: running meta tests; score so far=4.35 [29737] dbg: rules: running header regexp tests; score so far=4.35 [29737] dbg: rules: running body-text per-line regexp tests; score so far=4.35 [29737] dbg: uri: running uri tests; score so far=4.35 [29737] dbg: rules: running raw-body-text per-line regexp tests; score so far=4.35 [29737] dbg: rules: running full-text regexp tests; score so far=4.35 [29737] dbg: check: is spam? score=4.35 required=5 [29737] dbg: check: tests=ALL_TRUSTED,DATE_IN_FUTURE_03_06,HTML_MESSAGE,HTML_SHORT_LENGTH,NO _DNS_FOR_FROM,NO_REAL_NAME [29737] dbg: check: subtests=__CT,__CTYPE_HAS_BOUNDARY,__CTYPE_MULTIPART_ALT,__HAS_MIMEOLE,_ _HAS_MSGID,__HAS_OUTLOOK_IN_MAILER,__HAS_RCVD,__HAS_SUBJECT,__HAS_X_MAIL ER,__HTML_LENGTH_0000_1024,__HTML_LENGTH_384,__HTML_LENGTH_512,__MIMEOLE _MS,__MIME_HTML,__MIME_VERSION,__MSGID_DOLLARS_MAYBE,__MSGID_DOLLARS_OK, __MSGID_OK_HEX,__NEXTPART_ALL,__NEXTPART_NORMAL,__NONEMPTY_BODY,__OE_MSG ID_2,__SANE_MSGID,__TOCC_EXISTS Oct 9 04:50:37 TADSPAM1.mydomain.com /usr/local/sbin/amavisd[29737]: (29737-01) prolong_timer spam_scan_sa_finish: timer set to = 60 s Oct 9 04:50:37 TADSPAM1.mydomain.com /usr/local/sbin/amavisd[29737]: (29737-01) spam_scan: score=4.35 tests=[ALL_TRUSTED=-1.44,DATE_IN_FUTURE_03_06=2.007,HTML_MESSAGE=0.001,H TML_SHORT_LENGTH=0.629,NO_DNS_FOR_FROM=2.603,NO_REAL_NAME=0.55] Oct 9 04:50:37 TADSPAM1.mydomain.com /usr/local/sbin/amavisd[29737]: (29737-01) prolong_timer spam_scan: remaining time = 60 s Oct 9 04:50:37 TADSPAM1.mydomain.com /usr/local/sbin/amavisd[29737]: (29737-01) lookup: (scalar) matches, result="3" Oct 9 04:50:37 TADSPAM1.mydomain.com /usr/local/sbin/amavisd[29737]: (29737-01) lookup (spam_tag_level) => true, "[EMAIL PROTECTED]" matches, result="3", matching_key="(constant:3)" ========================================== ------------------------------ Message: 2 Date: Fri, 6 Oct 2006 15:24:50 -0600 From: Gary V <[EMAIL PROTECTED]> Subject: Re: [AMaViS-user] Fresh Installation not working To: amavis-user@lists.sourceforge.net Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii Francisco wrote: > Hello folks: > I wanted to create a message that failed a SpamAssassin/amavis test, so > I created a file called test.vbs and added the following lines: [...] > The problem is that the message is not being stopped, it still goes > through the filters. Is there anything that I perhaps forgot to turn on? > Any help would be greatly appreciated, thanx! This attachment may get encoded to Base64 by your MUA and like you, I could not get that rule to hit when it is in this form. Not that this may help much, but save the file as a .txt file and send it through again, it should hit then, but this does not answer why it does not when it is encoded. I'm testing with SpamAssassin 3.1.5. Gary V ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
