Re: Spamassassin and outbound mail

[Rick Roberts <rroberts@xxxxxxxxxxxxxxx>]

Great. Thanks.

What is the difference between this log (/var/log/mail.log) and /var/spool/post.office/log/post.office?

Rick

On Tuesday, October 21, 2003, at 10:31  PM, John Sievert wrote:

> Hi
> Robert,
>
> I don't exactly know
> what you were doing with the command that you describe, but I can tell
> you how to tell if this is working.
>
> In the terminal,
> type:
>
>  tail -f
> /var/log/mail.log
>
> This will cause the
> tail end of your log to be printed on the terminal screen and will
> show the real time activity in spamassassin.  So, as you watch
> this, you can see if the white list works.  
>
> Specifically, if you
> have whitelisted your own domain, and you send an email, you should
> see a line like this:
>
> Oct 21 20:56:15 mail
> spamd[5820]: debug: is spam? score=-100.5 required=5
> tests=ORIGINAL_MESSAGE,USER_IN_WHITELIST  
> Oct 21 20:56:15 mail
> spamd[5820]: logmsg: clean message (-100.5/5.0) for daemon:1 in 0.0
> seconds, 1513 bytes.  
> Oct 21 20:56:15 mail
> spamd[5820]: clean message (-100.5/5.0) for daemon:1 in 0.0 seconds,
> 1513 bytes.
> Oct 21 21:05:15 mail
> spamd[5835]: debug: last date in Received:  18 Oct 2003 22:15:57
> +0100
>
> You can see that the
> whitelist because of two things:
>
> 1. USER_IN_WHITELIST
> notation and
> 2. -100
> score.
>
> How the white list
> process works is that SA adds -100 points to a whitelisted email so
> that it must have a very high spam score to get
> bounced.
>
> J
>
>
>
> On 10/21/03 6:32a,
> "Rick Roberts" <rroberts@xxxxxxxxxxxxxxx>
> wrote:
>
> >
> Thanks, John. I followed your instructions and then
> ran
> >
> >
> spamassassin -D --lint
> >
> >
> and got the following:
> >
> >
> debug: Score set 0 chosen.
> >
> debug: running in taint mode? no
> >
> debug: ignore: using a test message to lint rules
> >
> debug: using "/usr/share/spamassassin" for default rules
> dir
> >
> debug: using "/etc/mail/spamassassin" for site rules
> dir
> >
> debug: using "/var/root/.spamassassin" for user state
> dir
> >
> debug: using "/var/root/.spamassassin/user_prefs" for user
> prefs file
> >
> debug: using "/var/root/.spamassassin" for user state
> dir
> >
> debug: bayes: no dbs present, cannot scan:
> >
> /var/root/.spamassassin/bayes_toks
> >
> debug: Score set 1 chosen.
> >
> debug: Initialising learner
> >
> debug: debug: Only 0 spam(s) in Bayes DB < 200
> >
> debug: bayes: 29003 untie-ing
> >
> debug: bayes: 29003 untie-ing db_toks
> >
> debug: is Net::DNS::Resolver available? no
> >
> debug: is DNS available? 0
> >
> debug: running header regexp tests; score so far=0
> >
> debug: running body-text per-line regexp tests; score so
> far=1.9
> >
> debug: running raw-body-text per-line regexp tests; score so
> far=1.9
> >
> debug: running uri tests; score so far=1.9
> >
> debug: uri tests: Done uriRE
> >
> debug: running full-text regexp tests; score so
> far=1.9
> >
> debug: Razor2 is not available
> >
> debug: Current PATH is:
> /bin:/sbin:/usr/bin:/usr/sbin
> >
> debug: DCC is not available: dccproc not found
> >
> debug: Pyzor is not available: pyzor not found
> >
> debug: all '*To' addrs:
> >
> debug: all '*From' addrs:
> ignore@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> >
> debug: running meta tests; score so far=2.4
> >
> debug: is spam? score=2.4 required=5
> >
> tests=DATE_MISSING,MISSING_HEADERS,NO_REAL_NAME
> >
> debug: bayes: 29003 untie-ing
> >
> >
> Does all of that look normal to you?
> >
> >
> Thanks for the help.
> >
> >
> Rick
> >
> >
> >
> On Monday, October 20, 2003, at 11:31  PM, John Sievert
> wrote:
> >
> >>
> You absolutely can create your own local.cf file and whitelist
> domain
> >>
> names.  It works fine - we did it to ours, no
> problem.
> >>
> >>
> What happens is SA then adds a -100 to the score, making sure that
> no
> >>
> mail message ever gets hung up by a positive score from
> the
> >>
> whitelisted domains.  To set this up you need to do the
> following:
> >>
> >>
> >>
> Login in to the shell as root, edit up the local.cf file in
> the
> >>
> directory /etc/mail/spamassassin.  You may need to add
> the
> >>
> spamassassin directory.  Then add a line that
> says:
> >>
> >>
> whitelist_from *yourdomain.com
> >>
> >>
> You might want to add some other whitelists too.  Just add them
> one to
> >>
> a line.  Then:
> >>
> >>
> ps -jax|grep spamd
> >>
> >>
> To find the process id for spamd.
> >>
> >>
> kill <process id for spamd insert PID number
> here>
> >>
> >>
> spamd -d -D
> >>
> >>
> ps -jax | grep spamd
> >>
> >>
> To verify spamd is running.
> >>
> >>
> Logout of root.  You're done.  
> >>
> >>
> On 10/20/03 6:58p, "Rick Roberts"
> <rroberts@xxxxxxxxxxxxxxx> wrote:
> >>
> >>> SA keeps flagging messages from my own
> users as junk. Sue at Tenon
> >>> tells me that I can't create my own
> local.cf file with whitelist
> >>
> info.
> >>> What am I to do?
> >>>
> >>> Is anyone else having this
> issue?
> >>>
> >>> ---------
> >>> Tenon Intersystems' Post.Office Mailing
> List
> >>> To unsubscribe: send
> mailto:post_office-request@xxxxxxxxxxxxxxx
> >>> with the body only
> containing:
> >>> unsubscribe
> >>> Find the searchable mailing list archives
> at:
> >>>
> http://postoffice.computeroil.com/
> >>
> >>
> --
> >>
> "Thinking is the hardest work there is.  That is why so few
> people
> >>
> engage in it." - Henry Ford
> >>
> >>
> John Sievert
> >>
> Customer 1st, Inc.
> >>
> 2950 Metro Drive, #101
> >>
> Mpls, MN 55425
> >>
> 952.851.7901 office
> >>
> 952.851.7907 fax
> >>
> >
>
> --------------------------------------------------
> "If you're not
> living on the edge, you're taking
> up too much space."
> - unknown
>
> John
> Sievert
> Customer 1st,
> Inc.
> 2950 Metro Drive,
> #101
> Mpls, MN
> 55425
> 952.851.7901
> office
> 952.851.7907
> fax
> mailto:john.pager@xxxxxxxxxxxxxxx (150 chars, text pager)