Hello, I'm new to this list and to SpamAssassin, and I'm have some questions that will hopefully be easy for you all, but have been giving me problems.
Background: I've been running a Sendmail relay on OpenBSD for the last couple years for a smallish company. The only thing this machine does is forward to an Exchange server - there are no mailboxes on it (besides root). I'm not a Sendmail expert but it's been doing the job. So recently I've installed SMTP-Vilter and SpamAssassin 3.0.4 from OpenBSD's ports. Now, according to the SA wiki and most of the things I've read, my grandmother should be able to install SA and stop most spam out of the box. However, this has not been my experience. It appears to be 'working', in the sense that headers are added to messages, for example: X-SMTP-Vilter-Version: 1.1.9 X-SMTP-Vilter-Spam-Backend: spamd X-Spam-Score: 7.3 X-Spam-Level: ******* X-Spam-Threshold: 5.0 X-Spam-Probability: 1.5 X-Spam-Status: spam The message with the above headers had its subject successfully rewritten as one would expect. However, the vast majority of spam we receive gets a very low score, often negative, and is not marked. Simply lowering the threshold will not help me because the spam scores often lower than legit mail. So obviously I'm doing something horribly and stupidly wrong, but what? More specifically - for troubleshooting, how can I add headers to each message showing what SA rules were hit? How can I view the contents of the auto-whitelist? Is it bayes that is broken? Can anyone suggest some actions I can take to troubleshoot? The default local.cf was very minimal, during troubleshooting I added some things trying to get improvements. This is my current /etc/mail/spamassassin/local.cf: required_score 5 rewrite_header Subject *****SPAM***** use_razor2 1 razor_config /etc/mail/spamassassin/.razor/razor-agent.conf razor_timeout 600 # report_safe 1 # trusted_networks 212.17.35. # lock_method flock use_bayes 1 use_bayes_rules 1 bayes_path /home/_vilter/.spamassassin/bayes bayes_auto_learn 1 bayes_auto_learn_threshold_spam 6 skip_rbl_checks 0 rbl_timeout 600 use_auto_whitelist 0 score ALL_TRUSTED 0 0 0 0 I'm fairly certain this file is being read because if I change the required_score you see the change in the mail headers. If I've missed some obvious piece of documentation that answers these questions, feel free to point me to it. I've searched the wiki and the man pages and I'm still cloudy on what could be happening here. Any ideas welcome. Thanks in advance, Mike