Mike Sassaman wrote: > Hello, > > I'm new to this list and to SpamAssassin, and I'm have some questions > that will hopefully be easy for you all, but have been giving me > problems. > > Background: I've been running a Sendmail relay on OpenBSD for the last > couple years for a smallish company. The only thing this machine > does is forward to an Exchange server - there are no mailboxes on it > (besides root). I'm not a Sendmail expert but it's been doing the job. > > So recently I've installed SMTP-Vilter and SpamAssassin 3.0.4 from > OpenBSD's ports. Now, according to the SA wiki and most of the > things I've read, my grandmother should be able to install SA and > stop most spam out of the box. However, this has not been my > experience. It appears to be 'working', in the sense that headers > are added to messages, for example: > > X-SMTP-Vilter-Version: 1.1.9 > X-SMTP-Vilter-Spam-Backend: spamd > X-Spam-Score: 7.3 > X-Spam-Level: ******* > X-Spam-Threshold: 5.0 > X-Spam-Probability: 1.5 > X-Spam-Status: spam > > The message with the above headers had its subject successfully > rewritten as one would expect. > > However, the vast majority of spam we receive gets a very low score, > often negative, and is not marked. Simply lowering the threshold > will not help me because the spam scores often lower than legit mail. > > So obviously I'm doing something horribly and stupidly wrong, but > what? > > More specifically - for troubleshooting, how can I add headers to each > message showing what SA rules were hit? How can I view the contents > of the auto-whitelist? Is it bayes that is broken? Can anyone > suggest some actions I can take to troubleshoot?
Add this to your local.cf: add_header all Report _REPORT_ (at least, this is the 3.1 format. I think it was the same with 3.0.4) > > The default local.cf was very minimal, during troubleshooting I added > some things trying to get improvements. This is my current > /etc/mail/spamassassin/local.cf: > > required_score 5 > rewrite_header Subject *****SPAM***** > use_razor2 1 > razor_config /etc/mail/spamassassin/.razor/razor-agent.conf > razor_timeout 600 > # report_safe 1 > # trusted_networks 212.17.35. > # lock_method flock > use_bayes 1 > use_bayes_rules 1 > bayes_path /home/_vilter/.spamassassin/bayes > bayes_auto_learn 1 > bayes_auto_learn_threshold_spam 6 > skip_rbl_checks 0 > rbl_timeout 600 > use_auto_whitelist 0 > score ALL_TRUSTED 0 0 0 0 Here we go again... PLEASE fix this: > # trusted_networks 212.17.35. And DON'T do this: > score ALL_TRUSTED 0 0 0 0 Removing the ALL_TRUSTED rule just masks the problem. Set trusted_networks to include the ip addresses (or subnet addresses) of all of your mail servers (including the local machine, if it is also a mail server) and it should fix any problems you were having with the ALL_TRUSTED rule. See the wiki for more details. http://wiki.apache.org/spamassassin/TrustPath -- Bowie