Re: How to make Postfix filter spam for entries in virtual?

2018-09-17 Thread Miguel Almeida 
Thanks for the reply.

It seems that I might have something wrong in my amavis/spamassassin
configuration, but the following log might show something obvious to a more
experienced user - can you help?

Here is a log for a spam message that arrived:

Sep 17 16:07:15 mailserver postfix/smtpd[9970]: connect from
localhost[127.0.0.1]
Sep 17 16:07:15 mailserver postfix/smtpd[9970]: 920C9507539:
client=localhost[127.0.0.1]
Sep 17 16:07:15 mailserver postfix/cleanup[9965]: 920C9507539: message-id=<
20180917150656.664ef152...@vps10593.com>
Sep 17 16:07:15 mailserver postfix/qmgr[18272]: 920C9507539: from=<
mowu...@wvtmo.net>, size=1806, nrcpt=3 (queue active)
Sep 17 16:07:15 mailserver amavis[9250]: (09250-06) Passed SPAM
{RelayedOpenRelay,Quarantined}, [180.125.253.237]:22311 [208.62.237.18] <
mowu...@wvtmo.net> -> , quarantine: l/spam-lIL6tWw0gz1s.gz,
Queue-ID: 910D6507538, Message-ID: <20180917150656.664ef152...@vps10593.com>,
mail_id: lIL6tWw0gz1s, Hits: 15.778, size: 1320, queued_as: 920C9507539,
2695 ms
Sep 17 16:07:15 mailserver postfix/smtpd[9970]: disconnect from
localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Sep 17 16:07:15 mailserver postfix/smtp[9966]: 910D6507538: to=,
relay=127.0.0.1[127.0.0.1]:10024, delay=4.6, delays=1.9/0.01/0/2.7,
dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250
2.0.0 Ok: queued as 920C9507539)
Sep 17 16:07:15 mailserver postfix/qmgr[18272]: 910D6507538: removed
Sep 17 16:07:16 mailserver dovecot: lda(admit): sieve: msgid=<
20180917150656.664ef152...@vps10593.com>: stored mail into mailbox 'INBOX'
Sep 17 16:07:16 mailserver dovecot: lda(mma): sieve: msgid=<
20180917150656.664ef152...@vps10593.com>: stored mail into mailbox 'INBOX'
Sep 17 16:07:16 mailserver postfix/local[9971]: 920C9507539: to=<
ad...@itc.com>, orig_to=, relay=local, delay=1.3,
delays=0.17/0.02/0/1.1, dsn=2.0.0, status=sent (delivered to command:
/usr/lib/dovecot/deliver)
Sep 17 16:07:16 mailserver postfix/local[9972]: 920C9507539: to=,
orig_to=, relay=local, delay=1.3, delays=0.17/0.04/0/1.1,
dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver)

It looks like it is being marked as quarentine, but going to the inbox
nonetheless?

My* /etc/amavis/conf.d/20-debian_defaults:*

$QUARANTINEDIR = "$MYHOME/virusmails";
$quarantine_subdir_levels = 1; # enable quarantine dir hashing

$log_recip_templ = undef;# disable by-recipient level-0 log entries
$DO_SYSLOG = 1;  # log via syslogd (preferred)
$syslog_ident = 'amavis';# syslog ident tag, prepended to all messages
$syslog_facility = 'mail';
$syslog_priority = 'debug';  # switch to info to drop debug output, etc

$enable_db = 1;  # enable use of BerkeleyDB/libdb (SNMP and
nanny)
$enable_global_cache = 1;# enable use of libdb-based cache if
$enable_db=1

$inet_socket_port = 10024;   # default listening socket

#$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt  = -20;  # add spam info headers if at, or above that
level
$sa_tag2_level_deflt = 5; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 5; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
(...)
$final_virus_destiny  = D_DISCARD;  # (data not lost, see virus
quarantine)
$final_banned_destiny = D_BOUNCE;   # D_REJECT when front-end MTA
$final_spam_destiny   = D_PASS;
$final_bad_header_destiny = D_PASS; # False-positive prone (for spam)

And the header of this email:

Return-Path: 
X-Original-To: i...@bbv.com
Delivered-To: ad...@itc.com
Received: from localhost (localhost [127.0.0.1])
by mailserver.itc.com (Postfix) with ESMTP id 920C9507539
for ; Mon, 17 Sep 2018 16:07:15 +0100 (WEST)
X-Virus-Scanned: Debian amavisd-new at itclinical.com


Which is different from other emails received (I configured amavis to
always add the X-Spam flags):

X-Virus-Scanned: Debian amavisd-new at itc.com
X-Spam-Flag: NO
X-Spam-Score: 2.441
X-Spam-Level: **
X-Spam-Status: No, score=2.441 tagged_above=-20 required=5
tests=[FROM_EXCESS_BASE64=0.105, HEADER_FROM_DIFFERENT_DOMAINS=0.25,
HTML_IMAGE_ONLY_24=1.282, HTML_IMAGE_RATIO_02=0.805,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001,
SPF_PASS=-0.001] autolearn=no autolearn_force=no


On Mon, Sep 17, 2018 at 4:16 PM Noel Jones  wrote:

> On 9/17/2018 5:44 AM, Miguel Almeida wrote:
> > My postfix installation is working correctly (delivery via dovecot,
> > spam filtering via amavis - spamassasin).
> >
> > I have some aliases in virtual, eg:
> >
> > |i...@mydomain.com <mailto:i...@mydomain.com> johnDoe |
> >
> > However, for the emails that match an entry in virtual, amavis is
> > not filtering for spam (resulting in lots of spam reaching my inbox).
> >
> > How can the configuration be changed so tha

How to make Postfix filter spam for entries in virtual?

2018-09-17 Thread Miguel Almeida 
My postfix installation is working correctly (delivery via dovecot, spam
filtering via amavis - spamassasin).

I have some aliases in virtual, eg:

i...@mydomain.comjohnDoe

However, for the emails that match an entry in virtual, amavis is not
filtering for spam (resulting in lots of spam reaching my inbox).

How can the configuration be changed so that the emails that match virtual
entries are also filtered for spam?

You can find my main.cf file here
.


Thank you in advance for your help!


Miguel