Mike Sassaman wrote:
> Hello,
>
> I'm new to this list and to SpamAssassin, and I'm have some questions
> that will hopefully be easy for you all, but have been giving me
> problems.
>
> Background: I've been running a Sendmail relay on OpenBSD for the last
> couple years for a smallish company. The only thing this machine
> does is forward to an Exchange server - there are no mailboxes on it
> (besides root). I'm not a Sendmail expert but it's been doing the job.
>
> So recently I've installed SMTP-Vilter and SpamAssassin 3.0.4 from
> OpenBSD's ports. Now, according to the SA wiki and most of the
> things I've read, my grandmother should be able to install SA and
> stop most spam out of the box. However, this has not been my
> experience. It appears to be 'working', in the sense that headers
> are added to messages, for example:
>
> X-SMTP-Vilter-Version: 1.1.9
> X-SMTP-Vilter-Spam-Backend: spamd
> X-Spam-Score: 7.3
> X-Spam-Level: *******
> X-Spam-Threshold: 5.0
> X-Spam-Probability: 1.5
> X-Spam-Status: spam
>
> The message with the above headers had its subject successfully
> rewritten as one would expect.
>
> However, the vast majority of spam we receive gets a very low score,
> often negative, and is not marked. Simply lowering the threshold
> will not help me because the spam scores often lower than legit mail.
>
> So obviously I'm doing something horribly and stupidly wrong, but
> what?
>
> More specifically - for troubleshooting, how can I add headers to each
> message showing what SA rules were hit? How can I view the contents
> of the auto-whitelist? Is it bayes that is broken? Can anyone
> suggest some actions I can take to troubleshoot?
Add this to your local.cf:
add_header all Report _REPORT_
(at least, this is the 3.1 format. I think it was the same with 3.0.4)
>
> The default local.cf was very minimal, during troubleshooting I added
> some things trying to get improvements. This is my current
> /etc/mail/spamassassin/local.cf:
>
> required_score 5
> rewrite_header Subject *****SPAM*****
> use_razor2 1
> razor_config /etc/mail/spamassassin/.razor/razor-agent.conf
> razor_timeout 600
> # report_safe 1
> # trusted_networks 212.17.35.
> # lock_method flock
> use_bayes 1
> use_bayes_rules 1
> bayes_path /home/_vilter/.spamassassin/bayes
> bayes_auto_learn 1
> bayes_auto_learn_threshold_spam 6
> skip_rbl_checks 0
> rbl_timeout 600
> use_auto_whitelist 0
> score ALL_TRUSTED 0 0 0 0
Here we go again...
PLEASE fix this:
> # trusted_networks 212.17.35.
And DON'T do this:
> score ALL_TRUSTED 0 0 0 0
Removing the ALL_TRUSTED rule just masks the problem.
Set trusted_networks to include the ip addresses (or subnet addresses)
of all of your mail servers (including the local machine, if it is also
a mail server) and it should fix any problems you were having with the
ALL_TRUSTED rule.
See the wiki for more details.
http://wiki.apache.org/spamassassin/TrustPath
--
Bowie
