1 Topic by orphans

  • orphans
  • Member
  • Offline
  • Registered: 2011-03-04
  • Posts: 39

Topic: Amavis / Spamassassin question

==== Required information ====
- iRedMail version: 0.8.6
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Centos 6.3
- SpamAssassin version 3.3.1
====

Hi,

I've noticed that recently our server has been letting more spam than usual to come my inbox... we've had some other users report this as well.

This is a typical type of thing that I would expect spamassasin to easily flag. http://pastebin.com/jiFnmhTc

For some reason it seems to be running it's DNS blacklist checks etc, but according to the SA headers the content is not matching any of the tests for drug names etc.

Is this something caused by an update, or is there some non-standard config telling spamassassin to not scan the email content?

We're running default iRedMail versions of /etc/mail/spamassassin/local.cf and /etc/amavisd.conf

Any help is greatly appreciated.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ketan.aagja

  • ketan.aagja
  • Member
  • Offline
  • From: UK
  • Registered: 2012-05-15
  • Posts: 252

Re: Amavis / Spamassassin question

Can you send your amavisd.conf and main.cf to understand you issue better?

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,789

Re: Amavis / Spamassassin question

X-Spam-Status: No, score=5.458 tagged_above=0 required=6.2 tests=[BAYES_999=1,
        BODY_URI_ONLY=0.25, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.723,
        RAZOR2_CHECK=0.922, RCVD_IN_BL_SPAMCOP_NET=1.347, RDNS_NONE=1,
        TO_NO_BRKTS_HTML_ONLY=0.001, URIBL_WS_SURBL=0.214] autolearn=no

Maybe you should decrease required score to, e.g. 5 in Amavisd config file (sa_tag2_level_deflt).

4 Reply by orphans

  • orphans
  • Member
  • Offline
  • Registered: 2011-03-04
  • Posts: 39

Re: Amavis / Spamassassin question

Yeah I decided in the end to just decrease the spam flag threshold to 5, and tweak the DNS blacklist weights. This seems to have stopped most of it.

5 Reply by istaon

  • istaon
  • Member
  • Offline
  • Registered: 2009-09-17
  • Posts: 20

Re: Amavis / Spamassassin question

orphans wrote:

Yeah I decided in the end to just decrease the spam flag threshold to 5, and tweak the DNS blacklist weights. This seems to have stopped most of it.

Can you tell me where you tweaked the DNS blacklist weights?