subject:"How to make Postfix filter spam for entries in virtual\?"

Re: How to make Postfix filter spam for entries in virtual?

2018-09-17 Thread Noel Jones

It appears postfix is operating properly; this is either an amavis
problem or a dovecot/sieve problem.  Those products have their own
support lists.


  -- Noel Jones




On 9/17/2018 10:33 AM, Miguel Almeida wrote:
> Thanks for the reply.
> 
> It seems that I might have something wrong in my amavis/spamassassin
> configuration, but the following log might show something obvious to
> a more experienced user - can you help?
> 
> Here is a log for a spam message that arrived:
> 
> Sep 17 16:07:15 mailserver postfix/smtpd[9970]: connect from
> localhost[127.0.0.1]
> Sep 17 16:07:15 mailserver postfix/smtpd[9970]: 920C9507539:
> client=localhost[127.0.0.1]
> Sep 17 16:07:15 mailserver postfix/cleanup[9965]: 920C9507539:
> message-id=<20180917150656.664ef152...@vps10593.com
> >
> Sep 17 16:07:15 mailserver postfix/qmgr[18272]: 920C9507539:
> from=mailto:mowu...@wvtmo.net>>, size=1806,
> nrcpt=3 (queue active)
> Sep 17 16:07:15 mailserver amavis[9250]: (09250-06) Passed SPAM
> {RelayedOpenRelay,Quarantined}, [180.125.253.237]:22311
> [208.62.237.18] mailto:mowu...@wvtmo.net>> ->
> mailto:i...@bbv.com>>, quarantine:
> l/spam-lIL6tWw0gz1s.gz, Queue-ID: 910D6507538, Message-ID:
> <20180917150656.664ef152...@vps10593.com
> >, mail_id:
> lIL6tWw0gz1s, Hits: 15.778, size: 1320, queued_as: 920C9507539, 2695 ms
> Sep 17 16:07:15 mailserver postfix/smtpd[9970]: disconnect from
> localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
> Sep 17 16:07:15 mailserver postfix/smtp[9966]: 910D6507538:
> to=mailto:i...@bbv.com>>,
> relay=127.0.0.1[127.0.0.1]:10024, delay=4.6, delays=1.9/0.01/0/2.7,
> dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025):
> 250 2.0.0 Ok: queued as 920C9507539)
> Sep 17 16:07:15 mailserver postfix/qmgr[18272]: 910D6507538: removed
> Sep 17 16:07:16 mailserver dovecot: lda(admit): sieve:
> msgid=<20180917150656.664ef152...@vps10593.com
> >: stored mail into
> mailbox 'INBOX'
> Sep 17 16:07:16 mailserver dovecot: lda(mma): sieve:
> msgid=<20180917150656.664ef152...@vps10593.com
> >: stored mail into
> mailbox 'INBOX'
> Sep 17 16:07:16 mailserver postfix/local[9971]: 920C9507539:
> to=mailto:ad...@itc.com>>, orig_to= >, relay=local, delay=1.3,
> delays=0.17/0.02/0/1.1, dsn=2.0.0, status=sent (delivered to
> command: /usr/lib/dovecot/deliver)
> Sep 17 16:07:16 mailserver postfix/local[9972]: 920C9507539:
> to=mailto:m...@itc.com>>, orig_to= >, relay=local, delay=1.3,
> delays=0.17/0.04/0/1.1, dsn=2.0.0, status=sent (delivered to
> command: /usr/lib/dovecot/deliver)
> 
> It looks like it is being marked as quarentine, but going to the
> inbox nonetheless?
> 
> My*/etc/amavis/conf.d/20-debian_defaults:*
> 
> $QUARANTINEDIR = "$MYHOME/virusmails";
> $quarantine_subdir_levels = 1; # enable quarantine dir hashing
> 
> $log_recip_templ = undef;    # disable by-recipient level-0 log entries
> $DO_SYSLOG = 1;  # log via syslogd (preferred)
> $syslog_ident = 'amavis';    # syslog ident tag, prepended to all
> messages
> $syslog_facility = 'mail';
> $syslog_priority = 'debug';  # switch to info to drop debug output, etc
> 
> $enable_db = 1;  # enable use of BerkeleyDB/libdb (SNMP
> and nanny)
> $enable_global_cache = 1;    # enable use of libdb-based cache if
> $enable_db=1
> 
> $inet_socket_port = 10024;   # default listening socket
> 
> #$sa_spam_subject_tag = '***SPAM*** ';
> $sa_tag_level_deflt  = -20;  # add spam info headers if at, or above
> that level
> $sa_tag2_level_deflt = 5; # add 'spam detected' headers at that level
> $sa_kill_level_deflt = 5; # triggers spam evasive actions
> $sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
> (...)
> $final_virus_destiny  = D_DISCARD;  # (data not lost, see virus
> quarantine)
> $final_banned_destiny = D_BOUNCE;   # D_REJECT when front-end MTA
> $final_spam_destiny   = D_PASS;
> $final_bad_header_destiny = D_PASS; # False-positive prone (for
> spam)
> 
> And the header of this email:
> 
> Return-Path: mailto:mowu...@wvtmo.net>>
> X-Original-To: i...@bbv.com 
> Delivered-To: ad...@itc.com 
> Received: from localhost (localhost [127.0.0.1])
>   by mailserver.itc.com  (Postfix) with ESMTP 
> id 920C9507539
>   for mailto:i...@bbv.com>>; Mon, 17 Sep 2018 16:07:15 
> +0100 (WEST)
> X-Virus-Scanned: Debian amavisd-new at itclinical.com 
> 
> 
> Which is different from other emails received (I configured amavis to always 
> add the X-Spam flags):
> 
> X-Virus-Scanned: Debian amavisd-new at itc.com 
> X-Spam-Flag: NO
> X-Spam-Score: 2.441
> X-Spam-Level: **
> X-Spam-Status: No, score=2.441 tagged_above=-20 required=5
>

Re: How to make Postfix filter spam for entries in virtual?

2018-09-17 Thread Miguel Almeida

Thanks for the reply.

It seems that I might have something wrong in my amavis/spamassassin
configuration, but the following log might show something obvious to a more
experienced user - can you help?

Here is a log for a spam message that arrived:

Sep 17 16:07:15 mailserver postfix/smtpd[9970]: connect from
localhost[127.0.0.1]
Sep 17 16:07:15 mailserver postfix/smtpd[9970]: 920C9507539:
client=localhost[127.0.0.1]
Sep 17 16:07:15 mailserver postfix/cleanup[9965]: 920C9507539: message-id=<
20180917150656.664ef152...@vps10593.com>
Sep 17 16:07:15 mailserver postfix/qmgr[18272]: 920C9507539: from=<
mowu...@wvtmo.net>, size=1806, nrcpt=3 (queue active)
Sep 17 16:07:15 mailserver amavis[9250]: (09250-06) Passed SPAM
{RelayedOpenRelay,Quarantined}, [180.125.253.237]:22311 [208.62.237.18] <
mowu...@wvtmo.net> -> , quarantine: l/spam-lIL6tWw0gz1s.gz,
Queue-ID: 910D6507538, Message-ID: <20180917150656.664ef152...@vps10593.com>,
mail_id: lIL6tWw0gz1s, Hits: 15.778, size: 1320, queued_as: 920C9507539,
2695 ms
Sep 17 16:07:15 mailserver postfix/smtpd[9970]: disconnect from
localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Sep 17 16:07:15 mailserver postfix/smtp[9966]: 910D6507538: to=,
relay=127.0.0.1[127.0.0.1]:10024, delay=4.6, delays=1.9/0.01/0/2.7,
dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250
2.0.0 Ok: queued as 920C9507539)
Sep 17 16:07:15 mailserver postfix/qmgr[18272]: 910D6507538: removed
Sep 17 16:07:16 mailserver dovecot: lda(admit): sieve: msgid=<
20180917150656.664ef152...@vps10593.com>: stored mail into mailbox 'INBOX'
Sep 17 16:07:16 mailserver dovecot: lda(mma): sieve: msgid=<
20180917150656.664ef152...@vps10593.com>: stored mail into mailbox 'INBOX'
Sep 17 16:07:16 mailserver postfix/local[9971]: 920C9507539: to=<
ad...@itc.com>, orig_to=, relay=local, delay=1.3,
delays=0.17/0.02/0/1.1, dsn=2.0.0, status=sent (delivered to command:
/usr/lib/dovecot/deliver)
Sep 17 16:07:16 mailserver postfix/local[9972]: 920C9507539: to=,
orig_to=, relay=local, delay=1.3, delays=0.17/0.04/0/1.1,
dsn=2.0.0, status=sent (delivered to command: /usr/lib/dovecot/deliver)

It looks like it is being marked as quarentine, but going to the inbox
nonetheless?

My* /etc/amavis/conf.d/20-debian_defaults:*

$QUARANTINEDIR = "$MYHOME/virusmails";
$quarantine_subdir_levels = 1; # enable quarantine dir hashing

$log_recip_templ = undef;# disable by-recipient level-0 log entries
$DO_SYSLOG = 1;  # log via syslogd (preferred)
$syslog_ident = 'amavis';# syslog ident tag, prepended to all messages
$syslog_facility = 'mail';
$syslog_priority = 'debug';  # switch to info to drop debug output, etc

$enable_db = 1;  # enable use of BerkeleyDB/libdb (SNMP and
nanny)
$enable_global_cache = 1;# enable use of libdb-based cache if
$enable_db=1

$inet_socket_port = 10024;   # default listening socket

#$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt  = -20;  # add spam info headers if at, or above that
level
$sa_tag2_level_deflt = 5; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 5; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
(...)
$final_virus_destiny  = D_DISCARD;  # (data not lost, see virus
quarantine)
$final_banned_destiny = D_BOUNCE;   # D_REJECT when front-end MTA
$final_spam_destiny   = D_PASS;
$final_bad_header_destiny = D_PASS; # False-positive prone (for spam)

And the header of this email:

Return-Path: 
X-Original-To: i...@bbv.com
Delivered-To: ad...@itc.com
Received: from localhost (localhost [127.0.0.1])
by mailserver.itc.com (Postfix) with ESMTP id 920C9507539
for ; Mon, 17 Sep 2018 16:07:15 +0100 (WEST)
X-Virus-Scanned: Debian amavisd-new at itclinical.com


Which is different from other emails received (I configured amavis to
always add the X-Spam flags):

X-Virus-Scanned: Debian amavisd-new at itc.com
X-Spam-Flag: NO
X-Spam-Score: 2.441
X-Spam-Level: **
X-Spam-Status: No, score=2.441 tagged_above=-20 required=5
tests=[FROM_EXCESS_BASE64=0.105, HEADER_FROM_DIFFERENT_DOMAINS=0.25,
HTML_IMAGE_ONLY_24=1.282, HTML_IMAGE_RATIO_02=0.805,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001,
SPF_PASS=-0.001] autolearn=no autolearn_force=no


On Mon, Sep 17, 2018 at 4:16 PM Noel Jones  wrote:

> On 9/17/2018 5:44 AM, Miguel Almeida wrote:
> > My postfix installation is working correctly (delivery via dovecot,
> > spam filtering via amavis - spamassasin).
> >
> > I have some aliases in virtual, eg:
> >
> > |i...@mydomain.com  johnDoe |
> >
> > However, for the emails that match an entry in virtual, amavis is
> > not filtering for spam (resulting in lots of spam reaching my inbox).
> >
> > How can the configuration be changed so that the emails that match
> > virtual entries are also filtered for spam?
> >
> > You can find my main.cf  file here
> >

Re: How to make Postfix filter spam for entries in virtual?

2018-09-17 Thread Noel Jones

On 9/17/2018 5:44 AM, Miguel Almeida wrote:
> My postfix installation is working correctly (delivery via dovecot,
> spam filtering via amavis - spamassasin).
> 
> I have some aliases in virtual, eg:
> 
> |i...@mydomain.com  johnDoe |
> 
> However, for the emails that match an entry in virtual, amavis is
> not filtering for spam (resulting in lots of spam reaching my inbox).
> 
> How can the configuration be changed so that the emails that match
> virtual entries are also filtered for spam?
> 
> You can find my main.cf  file here
> .
> 
> 
> Thank you in advance for your help!
> 
> 
> Miguel
> 

That sounds unusual.  For general debugging hints, please see
http://www.postfix.org/DEBUG_README.html

For further help from the list, please see:
http://www.postfix.org/DEBUG_README.html#mail

In your description of the problem, please be sure to include
"postconf -n" output.  It would also be helpful to include log
entries showing the problem (NOT debug logs).



  -- Noel Jones

How to make Postfix filter spam for entries in virtual?

2018-09-17 Thread Miguel Almeida

My postfix installation is working correctly (delivery via dovecot, spam
filtering via amavis - spamassasin).

I have some aliases in virtual, eg:

i...@mydomain.comjohnDoe

However, for the emails that match an entry in virtual, amavis is not
filtering for spam (resulting in lots of spam reaching my inbox).

How can the configuration be changed so that the emails that match virtual
entries are also filtered for spam?

You can find my main.cf file here
.


Thank you in advance for your help!


Miguel

Re: How to make Postfix filter spam for entries in virtual?

Re: How to make Postfix filter spam for entries in virtual?

Re: How to make Postfix filter spam for entries in virtual?

How to make Postfix filter spam for entries in virtual?

4 matches

Site Navigation

Mail list logo

Footer information