Dino wrote: > I've posted this in the spamassassin user list, but I'm told I should > be posting on the amavisd user list concerning this issue.
>> From what I can tell, the bayes database is not checking any messages at all. >>How did you determine that? It's not too difficult to know for sure. >> I keep traing the spam filter every night, but the same messages that I have >> trained the database as spam mesages are still not getting blocked. >>Typically Bayes is not the only thing that determines if a message is >>blocked or not (but it can help push the score toward that goal). >> Same issue with the ham messages. So, I've checked the configuration of >>SA during >> my discussions on the SA user list, so the problem possibly lies with amavisd. >> Your help on this particular issue would be appreciated. >> Assuming you are using standard DB based Bayes, remember that you >> should always learn messages as the amavisd-new user and debug as the >> amavis user also. The Bayes files must also be owned by the amavis >> user or you will not be able to write to them. Let's say your amavis >> user is 'amavis': I'm using standard DB based Bayes >>See how many spam (nspam) and ham (nham) are in the database (under >>the amavis user): >>su amavis -c 'sa-learn --dump magic' >>or: >>sudo -H -u amavis sa-learn --dump magic So I ran sudo -H -u amavis sa-learn --dump magic and here's the result. Am I to assume that there are 1429 nspam messages and 2039 nham messages? 0.000 0 3 0 non-token data: bayes db version 0.000 0 1429 0 non-token data: nspam 0.000 0 2039 0 non-token data: nham 0.000 0 140491 0 non-token data: ntokens 0.000 0 1170889169 0 non-token data: oldest atime 0.000 0 1172327394 0 non-token data: newest atime 0.000 0 1172311175 0 non-token data: last journal sync atime 0.000 0 1172271573 0 non-token data: last expiry atime 0.000 0 1382400 0 non-token data: last expire atime delta 0.000 0 11750 0 non-token data: last expire reduction count >>Debug bayes as the amavis user: >> (get a sample from me if you need one): >>wget http://www200.pair.com/mecham/spam/sample-spam.txt >>su amavis -c 'spamassassin -D bayes < sample-spam.txt' >>or: >>sudo -H -u amavis spamassassin -D bayes < sample-spam.txt I ran both commands. The first one amavis -c 'spamassassin -D bayes < sample-spam.txt' returned nothing it just gave me a new line, and the second one sudo -H -u amavis spamassassin -D bayes < sample-spam.txt gave me the following output: debug: SpamAssassin version 3.0.4 debug: Score set 0 chosen. debug: running in taint mode? no bad areas in --debug option (bayes)! Usage: spamassassin [options] [ < *mailmessage* | *path* ... ] spamassassin -d [ < *mailmessage* | *path* ... ] spamassassin -r [ < *mailmessage* | *path* ... ] spamassassin -k [ < *mailmessage* | *path* ... ] spamassassin -W|-R [ < *mailmessage* | *path* ... ] Options: -L, --local Local tests only (no online tests) -r, --report Report message as spam -k, --revoke Revoke message as spam -d, --remove-markup Remove spam reports from a message -C path, --configpath=path, --config-file=path Path to standard configuration dir -p prefs, --prefspath=file, --prefs-file=file Set user preferences file --siteconfigpath=path Path for site configs (def: /etc/mail/spamassassin) -x, --nocreate-prefs Don't create user preferences file -e, --exit-code Exit with a non-zero exit code if the tested message was spam --mbox read in messages in mbox format --mbx read in messages in UW mbx format -t, --test-mode Pipe message through and add extra report to the bottom --lint Lint the rule set: report syntax errors -W, --add-to-whitelist Add addresses in mail to whitelist (AWL) --add-to-blacklist Add addresses in mail to blacklist (AWL) -R, --remove-from-whitelist Remove all addresses found in mail from whitelist (AWL) --add-addr-to-whitelist=addr Add addr to whitelist (AWL) --add-addr-to-blacklist=addr Add addr to blacklist (AWL) --remove-addr-from-whitelist=addr Remove addr from whitelist (AWL) -D, --debug [area=n,...] Print debugging messages -V, --version Print version -h, --help Print usage message >>See if debug shows any problems. >>If you are using a recent version of amavisd-new you can run it in >>debug-sa mode and limit some of the output: >>amavisd stop >>amavisd -d bayes debug-sa >>don't forget to start amavisd back up when you are finished. >>Also look at the X-Spam-Status headers and see if any BAYES rules hit: >>X-Spam-Status: No, score=-2.564-9 required=5 tests=[BAYES_00=-2.599, >>FORGED_RCVD_HELO=0.135, L_P0F_Linux=-0.1] >>Gary V I've seen message headers with a BAYES hit, but yet they never score high enough. For instance, here's part of the header of a message that I know the BAYES filter has been trained with. As you can see, this message has been processed by two mail servers both running amavisd-new with SA yet still it's not tagged as spam. Message-Id: <[EMAIL PROTECTED]> X-Virus-Scanned: amavisd-new at mydirectmail.org X-Virus-Scanned: amavisd-new at mydirectmail.net X-Spam-Status: No, hits=0.214 required=5 tests=[AWL=0.008, BAYES_40=-1.096, FM_WHITEONWHITE=0.45, HTML_80_90=0.146, HTML_MESSAGE=0.001, HTML_TAG_EXIST_TBODY=0.114, SARE_UNI=0.591] X-Spam-Score: 0.214 X-Spam-Level: Return-Path: [EMAIL PROTECTED] X-OriginalArrivalTime: 23 Feb 2007 14:05:09.0187 (UTC) FILETIME=[A09CA130:01C75753] This is totally frustrating. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
