Re: Newbie: Postfix/Spamassassin Questions
Thanks! I'll take a look at this and see if I can figure out what's going on On 10/7/05, Mike Schrauder <[EMAIL PROTECTED]> wrote: > Alex, > http://workaround.org/articles/ispmail-sarge/ > I started w/ this tutorial to get some virtual domains working. > > It works well for those LOW traffic domains. > Then I allowed postfix to relay some other domains to exchange > (after sa and clamav told amavisd what's the score) > But this has some good scoop on amavis > > Mike S > > > -Original Message- > > From: Mike Schrauder > > Sent: Friday, October 07, 2005 12:58 PM > > To: SpamAssassin Mailing List > > Subject: RE: Newbie: Postfix/Spamassassin Questions > > > > Alex, > > Amavisd-new is the ticket. I use it w/ sa and clamav. > > Setting up the config for amavis was a real pain for me, but > > it works great now. > > I am trying to find the online tutorial that I used to set it up. > > Are you using it as a wall before mail gets to exchange? > > That is what I am doing, but I have no 'per-user' whitelists > > or tweakable settings. I will try my best to answer any > > questions you have, but I am linux challenged. > > > > Mike S > > > > > -Original Message- > > > From: Alex Davidson [mailto:[EMAIL PROTECTED] > > > Sent: Friday, October 07, 2005 10:32 AM > > > To: SpamAssassin Mailing List > > > Subject: Re: Newbie: Postfix/Spamassassin Questions > > > > > > Well that confirms my suspicion on it not doing Content-Checking > > > (quarantining messages based on > > > content/attachments) - can anyone suggest something to do this? > > > > > > From the tutorials I've been following it looks like SA > > will hook into > > > AV software (or vice versa) - I think the key is amavisd-new. > > > > > > I tested telneting into ports 10024 and 10025 but 10024 > > can't connect > > > - could this indicate a problem or is that normal? > > > > > > On 10/6/05, Loren Wilton <[EMAIL PROTECTED]> wrote: > > > > > I was told that I can use spamassassin to do Content > > > Checking but I > > > > > see no evidence of it as yet. > > > > > > > > That may depend on what you mean by "content checking" > > > > > > > > SA is a tool for classifying spam. You seem to have > > tried it on a > > > > virus. A virus really isn't spam, it is a virus. SA > > makes little > > > > attempt to catch virui, there are tools designed for that purpose. > > > > Now, if you want to catch messages about mortgage deals and > > > the latest > > > > popularity pills and sex clubs, then SA will do a nice job > > > for you once you have it set up right. > > > > > > > > It is important to realyse that SA is a *filter*. It doesn;t DO > > > > anything to the spam, other than add a score that indicates > > > how likely > > > > a message is to be spam. Something else in your processing chain > > > > needs to follow SA, look at the score, and decide what to > > > do with the > > > > mail. If you don't have that, then all mail, spam > > > included, will get > > > > routed to the users. However, the spam will be scored and > > > marked as > > > > spam in the subject line. The user's mail client can then > > > usually filter on that if they want to. > > > > > > > > It sounds like you don't have SA properly integrated into > > > the rest of > > > > your mail system, and it isn't processing the messages. > > > Unfortunately > > > > I don't recognize the tool you are using, so I can't > > help. Someone > > > > else will probably be along soon that may be able to. > > > > > > > > Loren > > > > > > > > > > > > > > > > > > >
Re: Newbie: Postfix/Spamassassin Questions
Yes Mike, I'm actually still pulling mail in with Mail Essentials as it has a nifty mail archiver built in (eventually I'd like to switch that to the linux box too), then I'm passing mail on to Postfix, then on to Exchange 2000. The whole whitelist/blacklist thing is next I guess, once I have the server doing the spam and virus analysis. I would like to replicate Gfi's ability to allow users to blacklist and whitelist addresses and mark content as spam if possible. No idea how that all works (or does it?) On 10/7/05, Mike Schrauder <[EMAIL PROTECTED]> wrote: > Alex, > Amavisd-new is the ticket. I use it w/ sa and clamav. Setting > up the config for amavis was a > real pain for me, but it works great now. > I am trying to find the online tutorial that I used to set it up. > Are you using it as a wall before mail gets to exchange? > That is what I am doing, but I have no 'per-user' whitelists or > tweakable settings. I will try my best to answer any questions you > have, but I am linux challenged. > > Mike S > > > -Original Message- > > From: Alex Davidson [mailto:[EMAIL PROTECTED] > > Sent: Friday, October 07, 2005 10:32 AM > > To: SpamAssassin Mailing List > > Subject: Re: Newbie: Postfix/Spamassassin Questions > > > > Well that confirms my suspicion on it not doing > > Content-Checking (quarantining messages based on > > content/attachments) - can anyone suggest something to do this? > > > > From the tutorials I've been following it looks like SA will > > hook into AV software (or vice versa) - I think the key is > > amavisd-new. > > > > I tested telneting into ports 10024 and 10025 but 10024 can't connect > > - could this indicate a problem or is that normal? > > > > On 10/6/05, Loren Wilton <[EMAIL PROTECTED]> wrote: > > > > I was told that I can use spamassassin to do Content > > Checking but I > > > > see no evidence of it as yet. > > > > > > That may depend on what you mean by "content checking" > > > > > > SA is a tool for classifying spam. You seem to have tried it on a > > > virus. A virus really isn't spam, it is a virus. SA makes little > > > attempt to catch virui, there are tools designed for that purpose. > > > Now, if you want to catch messages about mortgage deals and > > the latest > > > popularity pills and sex clubs, then SA will do a nice job > > for you once you have it set up right. > > > > > > It is important to realyse that SA is a *filter*. It doesn;t DO > > > anything to the spam, other than add a score that indicates > > how likely > > > a message is to be spam. Something else in your processing chain > > > needs to follow SA, look at the score, and decide what to > > do with the > > > mail. If you don't have that, then all mail, spam > > included, will get > > > routed to the users. However, the spam will be scored and > > marked as > > > spam in the subject line. The user's mail client can then > > usually filter on that if they want to. > > > > > > It sounds like you don't have SA properly integrated into > > the rest of > > > your mail system, and it isn't processing the messages. > > Unfortunately > > > I don't recognize the tool you are using, so I can't help. Someone > > > else will probably be along soon that may be able to. > > > > > > Loren > > > > > > > > > > >
Re: Newbie: Postfix/Spamassassin Questions
Well that confirms my suspicion on it not doing Content-Checking (quarantining messages based on content/attachments) - can anyone suggest something to do this? >From the tutorials I've been following it looks like SA will hook into AV software (or vice versa) - I think the key is amavisd-new. I tested telneting into ports 10024 and 10025 but 10024 can't connect - could this indicate a problem or is that normal? On 10/6/05, Loren Wilton <[EMAIL PROTECTED]> wrote: > > I was told that I can use spamassassin to do Content Checking but I > > see no evidence of it as yet. > > That may depend on what you mean by "content checking" > > SA is a tool for classifying spam. You seem to have tried it on a virus. A > virus really isn't spam, it is a virus. SA makes little attempt to catch > virui, there are tools designed for that purpose. Now, if you want to catch > messages about mortgage deals and the latest popularity pills and sex clubs, > then SA will do a nice job for you once you have it set up right. > > It is important to realyse that SA is a *filter*. It doesn;t DO anything to > the spam, other than add a score that indicates how likely a message is to > be spam. Something else in your processing chain needs to follow SA, look > at the score, and decide what to do with the mail. If you don't have that, > then all mail, spam included, will get routed to the users. However, the > spam will be scored and marked as spam in the subject line. The user's mail > client can then usually filter on that if they want to. > > It sounds like you don't have SA properly integrated into the rest of your > mail system, and it isn't processing the messages. Unfortunately I don't > recognize the tool you are using, so I can't help. Someone else will > probably be along soon that may be able to. > > Loren > >
Newbie: Postfix/Spamassassin Questions
I'm new to the world of Linux, trying to come up with a replacement for GFI's Mail Essentials and Mail Security by setting up Ubuntu v5.10 with Postfix v2.2.4, Spamassassin v3.0.4-2, Clamav v0.87-1 and Amavisd-new v0.1.6.9-1. I've found a couple of useful tutorials on getting things working but I do have some beginner-type questions and I'd be grateful for any help. Firstly, is there something I can use to manage and monitor postfix & spamassassin graphically? I have webmin v1.230 which is a good start but is there anything else that might be a better choice? I was told that I can use spamassassin to do Content Checking but I see no evidence of it as yet. Can it be used to do this? If so, I guess I need to figure out how to get that going. If not, what is out there that I can add to do that? How can I test that Spamassassin is doing everything I want it to? I sent an eicar test file and from the headers it looks as if it hit postfix, plus the subject had [BAYESIAN] in it and the virus was removed and replaced with a test file saying: 10/06/2005 14:45:49 Original attachment (eicar.com) was Quarantined. A virus was detected and removed from the original attachment. You can safely save or delete this replacement attachment. (I wish the message indicated clamav was responsible for the action for my own peace of mind.) I've not been able to get anything else spamassassin-related to work - e.g. I used webmin to add my personal email address to the blacklist yet when I send from that address it comes right in to me. Also when I sent some text that I've read is the spam-engine equivalent to the eicar test virus but it wasn't marked as spam (including it in my first post would explain why it was rejected - duh). Last question, how does the auto whitelist work? Does it just add outbound recipients to the whitelist or is there more to it? Sorry if these questions sound dumb, I just need some prodding in the right direction and feel like I'm flying blind right now. Thanks, Alex
Re: test
That would be ironic ;-) On 10/6/05, Evan Platt <[EMAIL PROTECTED]> wrote: > At 07:49 PM 10/6/2005, you wrote: > >My post was rejected as spam - just making sure i can post > > Did you try to forward spam to the list? :) > > Evan > >
test
My post was rejected as spam - just making sure i can post
