Unable to verify custom rules being loaded from 'local.cf'
Original Message Subject: Unable to verify custom rules being loaded from 'local.cf' From: Sharma, Ashish ashish.shar...@hp.com To: users@spamassassin.apache.org CC: Hi, I have a amavisd-new setup with spamassassin(3.3.1) on RHEL 5.8 , at the following location: /etc/mail/spamassassin/local.cf I have added some custom rule sets as follows: #xx java script hack prevention rule describe SCRIPTED_NAME_xx Attachment name or filename is a script mimeheader __ContentTypeNameContent-Type =~ /name.*\=.*script.*?/i mimeheader __DispositionTypeFileNameContent-Disposition =~ /filename.*\=.*script.*?/i meta SCRIPTED_NAME_xx (__ContentTypeName || __DispositionTypeFileName) score SCRIPTED_NAME_xx 12.0 #xx html redirect prevention via meta tag describe META_TAG_xx Attachment name or filename is a html meta tag mimeheader __ContentTypeMetaNameContent-Type =~ /name.*\=.*meta.*?/i mimeheader __DispositionTypeMetaFileNameContent-Disposition =~ /filename.*\=.*meta.*?/i meta META_TAG_xx (__ContentTypeMetaName || __DispositionTypeMetaFileName) score META_TAG_xx 12.0 here 'spamassassin --lint' is giving no issues on a local and production setup, but when I test the rule set with some custom test emails, the local setup works fine while the production setup show that no rules were hit for the same sample email. I am confused as to what is going wrong here? How can I test whether the custom rule sets in 'local.cf' are being loaded by spamassassin on my production setup? Thanks Ashish
Re: Unable to verify custom rules being loaded from 'local.cf'
How can I test whether the custom rule sets in 'local(munged to avoid URIBLs).cf' are being loaded by spamassassin on my production setup? Put your rules in another file, let's say ASHISH.cf. Run spamassassin -D --lint 21 | grep ASHISH Look for something like: Jul 17 09:22:26.419 [12158] dbg: config: read file /etc/mail/spamassassin/ASHISH.cf NOTE: You are using amavis. Are you restarting amavis to reload the rules on the server that the mail is passing through? Are you putting the cf file in the correct place to be loaded by amavis? Regards, KAM IMPORTANT NOTE: First email to the list was blocked because local(munged).cf is blacklisted. Any of the Blacklist experts have any thoughts on that issue? Is it a legit URL in spams?
Re: Unable to verify custom rules being loaded from 'local.cf'
On 07/17/2013 03:39 PM, Kevin A. McGrail wrote: IMPORTANT NOTE: First email to the list was blocked because local(munged).cf is blacklisted. Any of the Blacklist experts have any thoughts on that issue? Is it a legit URL in spams? HE! local[[.]]cf listed on black.uribl.com local[[.]]cf listed on jp.surbl.org local[[.]]cf listed on ws.surbl.org local[[.]]cf listed on uri.invaluement.com local[[.]]cf listed on dbl.spamhaus.org local.cf is a parked domain will see this is taken care of...
Re: Help eliminate false positive for Google Code notifications
Benny Pedersen wrote: its was good since to many still use it :) In my case it was that the old rulesets were left behind long after the updates stopped; they kept getting transferred over through upgrades of SpamAssassin and Perl. Once I deleted them, all was well. Well, except that more spam started getting through. :)