Below is my full local.cf. I already run 'spamassassin --lint' No other rules
are conflicting with test.cf.
[r...@spd spamassassin]# cat local.cf
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
# Add *SPAM* to the Subject header of spam e-mails
#
rewrite_header Subject SPAM-123
# Save spam messages as a message/rfc822 MIME attachment instead of
# modifying the original message (0: off, 2: use text/plain instead)
#
report_safe 1
# Set which networks or hosts are considered 'trusted' by your mail
# server (i.e. not spammers)
#
# trusted_networks 212.17.35.
# Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock
# Set the threshold at which a message is considered spam (default: 5.0)
#
required_score 5.0
# Use Bayesian classifier (default: 1)
#
use_bayes 1
# Bayesian classifier auto-learning (default: 1)
#
bayes_auto_learn 1
# Set headers which may provide inappropriate cues to the Bayesian
# classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status
# Some shortcircuiting, if the plugin is enabled
#
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
# default: strongly-whitelisted mails are *really* whitelisted now, if the
# shortcircuiting plugin is active, causing early exit to save CPU load.
# Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST on
# shortcircuit USER_IN_DEF_WHITELIST on
# shortcircuit USER_IN_ALL_SPAM_TO on
# shortcircuit SUBJECT_IN_WHITELISTon
# the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST on
# shortcircuit USER_IN_BLACKLIST_TOon
# shortcircuit SUBJECT_IN_BLACKLISTon
# if you have taken the time to correctly specify your "trusted_networks",
# this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED on
# and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99spam
# shortcircuit BAYES_00ham
endif # Mail::SpamAssassin::Plugin::Shortcircuit
below is the spamd logfile entries..
Aug 25 08:07:01 spd spamd[3776]: spamd: connection from spd [127.0.0.1] at port
59296
Aug 25 08:07:01 spd spamd[3776]: spamd: setuid to clamav succeeded
Aug 25 08:07:01 spd spamd[3776]: spamd: processing message
<00fb01cb43fe$5e706710$1b5135...@com> for clamav:46
Aug 25 08:07:12 spd spamd[3776]: spamd: clean message (4.0/5.0) for clamav:46
in 10.7 seconds, 2792 bytes.
Aug 25 08:07:12 spd spamd[3776]: spamd: result: . 4 -
ALL_TRUSTED,HTML_MESSAGE,LOCAL_DEMONSTRATION_RULE,MIME_HTML_MOSTLY,TVD_SPACE_RATIO
scantime=10.7,size=2792,user=clamav,uid=46,required_score=5.0,rhost=spd,raddr=127.0.0.1,rport=59296,mid=<00fb01cb43fe$5e706710$1b5135...@com>,autolearn=no
Aug 25 08:07:12 spd spamd[3775]: prefork: child states: II
It seems that it consider test.cf file (LOCAL_DEMONSTRATION_RULE) while
processing the mail..but still not consider it as a mail...
-Original Message-
From: Karsten Bräckelmann [mailto:guent...@rudersport.de]
Sent: Monday, August 23, 2010 7:40 PM
To: users@spamassassin.apache.org
Subject: Re: After upgrade the SA to 3.3.1, Mail scanning stop working partially
On Mon, 2010-08-23 at 08:16 +0530, Suhag Desai wrote:
> After upgrade the SpamAssassin Server version to 3.3.1, my mail
> scanning stop working partially.
> Below is the setting for local.cf
>
> rewrite_header Subject SPAM
> report_safe 1
> required_score 5.0
> use_bayes 1
> bayes_auto_learn 1
>
> endif # Mail::SpamAssassin::Plugin::Shortcircuit
Is that the exact content of your local.cf? That doesn't even pass lint
testing. Did you do 'spamassassin --lint'?
> Let me explain in details. When I set the required score to 5.0, mail
> scanning is not working properly. When I send the mail with “test123”
> with required score 5, SA not consider it spam but when I set the
> required score to 4, SA consider it spam the same mail. I have check
> the same with many other test.
What do the X-Spam headers read SA generates?
You are using a test rule with a score of 5.0, which is the same as the
required_score threshold. Odds are, there are other rules firing on the
message a well.
If the sum of these other rules is less than 0, but greater than -1,
you'd get exactly what you just described.
> Below is the log
> @40004c71e02d1471a28c simscan:[4698]:CLEAN
> (-1.00/12.00):5.3640s:test123:192.168.10.70:s...@test.com:d...@test.com
> @40004c71e02f35bee364 tcpserver: end 4698 status 0
> @40004c71e02f35bf0e5c tcpserver: status: 0/100
There is no SA logs in there.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}