Re: spamass-milter reject?
On 27 Jun 2019, at 9:33, Matus UHLAR - fantomas wrote:
for mail received from the net I use amavisd-new with amavisd-milter.
Content filter accepts message, I don't want to drop it, send bounce or send
it to anyone. I use content filter for mail sent from internal network or
through alternative ports.
On 27.06.19 10:50, Matt Anton wrote:
Have you many false positives by rejecting outright mails marked as spam by
amavisd-new?
I haven't seen any false positives.
Apparently because they all were rejected and thus were not delivered to me.
Or, because the reject score is different than tag score.
$sa_tag_level_deflt = undef;# always add status
$sa_tag2_level_deflt= 5;
$policy_bank{'AM.PDP-SOCK'} = {
protocol => 'AM.PDP', # select Amavis policy delegation protocol
spam_kill_level_maps=> 8,
final_spam_destiny => D_REJECT,
final_virus_destiny => D_REJECT,
final_banned_destiny=> D_REJECT,
spam_quarantine_to_maps => undef,
};
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
You have the right to remain silent. Anything you say will be misquoted,
then used against you.
Re: spamass-milter reject?
On 27 Jun 2019, at 9:33, Matus UHLAR - fantomas wrote: > for mail received from the net I use amavisd-new with amavisd-milter. > > Content filter accepts message, I don't want to drop it, send bounce or send > it to anyone. I use content filter for mail sent from internal network or > through alternative ports. Have you many false positives by rejecting outright mails marked as spam by amavisd-new? -- matt [at] lv223.org GPG key ID: 7D91A8CA signature.asc Description: OpenPGP digital signature
Re: spamass-milter reject?
On 26 Jun 2019, at 9:02, @lbutlr wrote: Well, I want spam MARKED at 5.0, but I want it REJECTED at 10.0. It is a subtle difference, but the majority of spam being delivered to users is in the 10-100 range. On 26.06.19 22:19, Matt Anton wrote: I achieve that with amavisd-new being configured as an after queue content filter, thus the required_score in local.cf only applies to spamass-milter/spamd for rejecting outright before it is queued. for mail received from the net I use amavisd-new with amavisd-milter. Content filter accepts message, I don't want to drop it, send bounce or send it to anyone. I use content filter for mail sent from internal network or through alternative ports. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I feel like I'm diagonally parked in a parallel universe.
Re: spamass-milter reject?
On 26 Jun 2019, at 10:26, Matus UHLAR - fantomas wrote: >> Could it be what milter macros are sent by the MTA (postfix here) to the >> milter ? > > I don't think so, unless postfix doesn't allow milter to reject e-mail. > rejections with amavis-milter work properly with postfix. It does allow reinjection (on other milters too like open opendkim/opendmarc ones) so you’re right. I don’t know why spamass-milter acts like that and submitting a bug report could be a dead end as it seems that milter looks like abandoned as lbutlr saids. -- matt [at] lv223.org GPG key ID: 7D91A8CA signature.asc Description: OpenPGP digital signature
Re: spamass-milter reject?
On 26 Jun 2019, at 9:02, @lbutlr wrote: > Well, I want spam MARKED at 5.0, but I want it REJECTED at 10.0. It is a > subtle difference, but the majority of spam being delivered to users is in > the 10-100 range. I achieve that with amavisd-new being configured as an after queue content filter, thus the required_score in local.cf only applies to spamass-milter/spamd for rejecting outright before it is queued. -- matt [at] lv223.org GPG key ID: 7D91A8CA signature.asc Description: OpenPGP digital signature
Re: spamass-milter reject?
I simply overcame this by setting SA’s required_score parameter to a desired value in mail/spamassassin/local.cf On 25 Jun 2019, at 22:14, Matus UHLAR - fantomas wrote: I have different value in required_score than I use in -r flag. However that's sendmail installation. There's something strange here. On 25.06.19 22:42, Matt Anton wrote: Could it be what milter macros are sent by the MTA (postfix here) to the milter ? I don't think so, unless postfix doesn't allow milter to reject e-mail. rejections with amavis-milter work properly with postfix. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. A day without sunshine is like, night.
Re: spamass-milter reject?
On Jun 25, 2019, at 11:36 AM, Matt Anton wrote: > On 25 Jun 2019, at 2:57, @lbutlr wrote: > >> These are inbound messages being delivered to local users with high spam >> scores. I want Spamassassin-milter to honor the -r 10 flag setting to reject >> messages scoring over 10.0 > > After digging on my configuration files I came to the same problem as you > when I installed that milter (spamass-milter doesn’t honours the -r flag no > matter what I’ve tried). That’s unfortunate, and it appears to no longer be in development. > I simply overcame this by setting SA’s required_score parameter to a desired > value in mail/spamassassin/local.cf Well, I want spam MARKED at 5.0, but I want it REJECTED at 10.0. It is a subtle difference, but the majority of spam being delivered to users is in the 10-100 range. > FWIW this is with spamass-milter-0.4.0_3 on FreeBSD. Same. Sigh.
Re: spamass-milter reject?
On 25 Jun 2019, at 22:14, Matus UHLAR - fantomas wrote: >> I simply overcame this by setting SA’s required_score parameter to a desired >> value in mail/spamassassin/local.cf > I have different value in required_score than I use in -r flag. > However that's sendmail installation. There's something strange here. Could it be what milter macros are sent by the MTA (postfix here) to the milter ? -- matt [at] lv223.org GPG key ID: 7D91A8CA signature.asc Description: OpenPGP digital signature
Re: spamass-milter reject?
On 25 Jun 2019, at 2:57, @lbutlr wrote: These are inbound messages being delivered to local users with high spam scores. I want Spamassassin-milter to honor the -r 10 flag setting to reject messages scoring over 10.0 On 25.06.19 19:36, Matt Anton wrote: After digging on my configuration files I came to the same problem as you when I installed that milter (spamass-milter doesn’t honours the -r flag no matter what I’ve tried). I simply overcame this by setting SA’s required_score parameter to a desired value in mail/spamassassin/local.cf I have different value in required_score than I use in -r flag. However that's sendmail installation. There's something strange here. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. It's now safe to throw off your computer.
Re: spamass-milter reject?
On 25 Jun 2019, at 2:57, @lbutlr wrote: > These are inbound messages being delivered to local users with high spam > scores. I want Spamassassin-milter to honor the -r 10 flag setting to reject > messages scoring over 10.0 After digging on my configuration files I came to the same problem as you when I installed that milter (spamass-milter doesn’t honours the -r flag no matter what I’ve tried). I simply overcame this by setting SA’s required_score parameter to a desired value in mail/spamassassin/local.cf FWIW this is with spamass-milter-0.4.0_3 on FreeBSD. -- matt [at] lv223.org GPG key ID: 7D91A8CA signature.asc Description: OpenPGP digital signature
Re: spamass-milter reject?
On 24 Jun 2019, at 14:08, Matt Anton wrote: > On 23 Jun 2019, at 22:39, @lbutlr wrote: > >> I did `postfix relaod` >> >> and the milter is running with the flags shown in the OP. > > Talking about it and your recent thread there, why didn’t you use > spamass-milter’s « -a » parameter which does skip messages received on an > authenticated connection? These are inbound messages being delivered to local users with high spam scores. I want Spamassassin-milter to honor the -r 10 flag setting to reject messages scoring over 10.0 I also do not have Spamassassin-milter check messages received on submission to 587 at all anymore. >> I did not restart postfix entirely, but that shouldn’t be necessary? > > Shouldn’t be needed as `postfix reload` just reloads main.cf > Did you restart spamass-milter/spamd after changing any of their parameters? I restarted it a few times, but I have not changed parameters since i removed by non-static Home IP from the list of -i flags -- I WILL NOT ENCOURAGE OTHERS TO FLY Bart chalkboard Ep. 7F03
Re: spamass-milter reject?
On 23 Jun 2019, at 22:39, @lbutlr wrote: > I did `postfix relaod` > > and the milter is running with the flags shown in the OP. Talking about it and your recent thread there, why didn’t you use spamass-milter’s « -a » parameter which does skip messages received on an authenticated connection? > I did not restart postfix entirely, but that shouldn’t be necessary? Shouldn’t be needed as `postfix reload` just reloads main.cf Did you restart spamass-milter/spamd after changing any of their parameters? -- matt [at] lv223.org GPG key ID: 7D91A8CA signature.asc Description: OpenPGP digital signature
Re: spamass-milter reject?
OK, the accept was not the issue.
Got another email in:
Jun 23 14:19:16 mail spamd[9849]: spamd: identified spam (15.7/5.0) for
*munge*@covisp.net:58 in 1.5 seconds, 4275 bytes.
Jun 23 14:19:16 mail spamd[9849]: spamd: result: Y 15 -
BAYES_99,BAYES_999,DKIM_INVALID,DKIM_SIGNED,HTML_IMAGE_ONLY_20,HTML_MESSAGE,HTML_SHORT_LINK_IMG_3,MIME_HEADER_CTYPE_ONLY,RCVD_IN_SBL_CSS,RDNS_DYNAMIC,T_REMOTE_IMAGE,URIBL_ABUSE_SURBL,URIBL_BLACK,URIBL_CSS,URIBL_CSS_A,URIBL_DBL_SPAM
scantime=1.5,size=4275,user=*munge*@covisp.net,uid=58,required_score=5.0,rhost=::1,raddr=::1,rport=54681,mid=<0.0.0.31.1d529ff03d32a54.5b0...@mail.increasinglooking.com>,bayes=1.00,autolearn=no
autolearn_force=no
Jun 23 14:19:16 mail postfix/qmgr[37494]: 45X3fg0s2czdrvH:
from=, size=10662,
nrcpt=2 (queue active)
Jun 23 14:19:16 mail dovecot: lmtp(70243): Connect from local
Jun 23 14:19:16 mail dovecot:
lmtp(*munge*@covisp.net)<70243>: sieve:
msgid=<0.0.0.31.1d529ff03d32a54.5b0...@mail.increasinglooking.com>: stored mail
into mailbox 'Junk'
Jun 23 14:19:16 mail dovecot: lmtp(70243): Disconnect from local: Client has
quit the connection (state=READY)
Jun 23 14:19:16 mail postfix/lmtp[70197]: 45X3fg0s2czdrvH:
to=<*munge*@covisp.net>, relay=mail.covisp.net[private/dovecot-lmtp],
delay=9.5, delays=9.5/0.01/0.01/0.03, dsn=2.0.0, status=sent (250 2.0.0
<*munge*@covisp.net> SJVeIsTeD11jEgEAIdGjjQ Saved)
Jun 23 14:19:16 mail postfix/qmgr[37494]: 45X3fg0s2czdrvH: removed
Jun 23 14:19:16 mail spamd[9731]: prefork: child states: II
Jun 23 14:19:16 mail postfix/smtpd[69575]: disconnect from
vpsnode16.webstudio30.com[36.255.26.45] ehlo=1 mail=1 rcpt=1 bdat=1 quit=1
commands=5
apsmass-milter is the only milter, I have
smtpd_milters =
unix:/var/run/spamass-milter.sock,
milter_connect_macros = j {daemon_name} v {if_name} _
milter_default_action = tempfail
I did `postfix relaod`
and the milter is running with the flags shown in the OP.
I did not restart postfix entirely, but that shouldn’t be necessary?
--
"I hope someday you know the indescribable joy of having children, and
of paying someone else to raise them.”
Re: spamass-milter reject?
On 23 Jun 2019, at 12:22, Matus UHLAR - fantomas wrote: > is the milter really in action? is it the only milter? It is the only milter and messages are getting tagged as shown in the logs, just the ones scoring over 10 are not getting rejected. Oh, hang on a second, I seem to have left my testing milter_default_action = accept in place. I have to assume that is the cause. Sorry for the noise. -- You know what they say about paradigms: Shift happens.
Re: spamass-milter reject?
On 23.06.19 12:11, @lbutlr wrote: Using Spamassassin-milter via postfix: spamass-milter is running with these settings: /usr/local/sbin/spamass-milter -f -p /var/run/spamass-milter.sock -u spamd -e -i 65.121.55.40/29 -i 127.0.0.1 -r 10 Reading the man page, -r 10 should be rejecting mail that is scored over 10, yes? yes... is it running with options above? Jun 23 10:11:10 mail spamd[9806]: spamd: identified spam (12.3/5.0) for *mumble*@*mimble*.com:58 in 0.4 seconds, 6703 bytes. Jun 23 10:11:10 mail spamd[9806]: spamd: result: Y 12 - BAYES_99,BAYES_999,DKIM_INVALID,DKIM_SIGNED,FROM_FMBLA_NEWDOM,HTML_MESSAGE,MIME_HEADER_CTYPE_ONLY,MIME_QP_LONG_LINE,RCVD_IN_SBL_CSS,T_REMOTE_IMAGE,URIBL_BLACK,URIBL_CSS,URIBL_CSS_A,URIBL_RHS_DOB scantime=0.4,size=6703,user=*mumble*@*mimble*.com,uid=58,required_score=5.0,rhost=::1,raddr=::1,rport=44060,mid=<0.0.0.18.1d529dd9c4b5bac.2d3...@mail.jake-powers.com>,bayes=1.00,autolearn=no autolearn_force=no Jun 23 10:11:10 mail postfix/qmgr[85847]: 45Wy8R58pFzdrvH: from=, size=12881, nrcpt=2 (queue active) Jun 23 10:11:10 mail dovecot: lmtp(58406): Connect from local Jun 23 10:11:10 mail dovecot: lmtp(*mumble*@covisp.net)<58406><0HQIDZ6kD10m5AAAIdGjjQ>: sieve: msgid=<0.0.0.18.1d529dd9c4b5bac.2d3...@mail.jake-powers.com>: stored mail into mailbox ‘Junk' What else do I need to do so that the -r 10 setting actually rejects the high scoring spam? is the milter really in action? is it the only milter? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. LSD will make your ECS screen display 16.7 million colors
spamass-milter reject?
Using Spamassassin-milter via postfix: spamass-milter is running with these settings: /usr/local/sbin/spamass-milter -f -p /var/run/spamass-milter.sock -u spamd -e -i 65.121.55.40/29 -i 127.0.0.1 -r 10 Reading the man page, -r 10 should be rejecting mail that is scored over 10, yes? Jun 23 10:11:10 mail spamd[9806]: spamd: identified spam (12.3/5.0) for *mumble*@*mimble*.com:58 in 0.4 seconds, 6703 bytes. Jun 23 10:11:10 mail spamd[9806]: spamd: result: Y 12 - BAYES_99,BAYES_999,DKIM_INVALID,DKIM_SIGNED,FROM_FMBLA_NEWDOM,HTML_MESSAGE,MIME_HEADER_CTYPE_ONLY,MIME_QP_LONG_LINE,RCVD_IN_SBL_CSS,T_REMOTE_IMAGE,URIBL_BLACK,URIBL_CSS,URIBL_CSS_A,URIBL_RHS_DOB scantime=0.4,size=6703,user=*mumble*@*mimble*.com,uid=58,required_score=5.0,rhost=::1,raddr=::1,rport=44060,mid=<0.0.0.18.1d529dd9c4b5bac.2d3...@mail.jake-powers.com>,bayes=1.00,autolearn=no autolearn_force=no Jun 23 10:11:10 mail postfix/qmgr[85847]: 45Wy8R58pFzdrvH: from=, size=12881, nrcpt=2 (queue active) Jun 23 10:11:10 mail dovecot: lmtp(58406): Connect from local Jun 23 10:11:10 mail dovecot: lmtp(*mumble*@covisp.net)<58406><0HQIDZ6kD10m5AAAIdGjjQ>: sieve: msgid=<0.0.0.18.1d529dd9c4b5bac.2d3...@mail.jake-powers.com>: stored mail into mailbox ‘Junk' What else do I need to do so that the -r 10 setting actually rejects the high scoring spam? -- Nothing says poor craftsmanship more than wrinkled duct tape.
