You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by Sarang Shrivastava <sa...@gmail.com> on 2016/01/24 18:35:20 UTC
OUTPUT OF SPAMASSASSIN
Hey guys,
I ran the following command
spamassassin -D < TEST_00000.eml
this was the last line of the output
Jan 25 03:30:46.222 [8919] dbg: netset: cache trusted_networks
hits/attempts: 9/11, 81.8 %
What does this mean actually ? Does anyone knows how to read the ouput
given by spamassassin after running this command in general.
The TEST_00000.eml file is attached below
--
*Sarang Shrivastava*
*Computer Science & Engineering*
*MNNIT Allahabad*
Re: OUTPUT OF SPAMASSASSIN
Posted by Reindl Harald <h....@thelounge.net>.
Am 24.01.2016 um 19:12 schrieb Martin Gregorie:
> On Sun, 2016-01-24 at 23:05 +0530, Sarang Shrivastava wrote:
>> Jan 25 03:30:46.222 [8919] dbg: netset: cache trusted_networks
>> hits/attempts: 9/11, 81.8 %
>>
>> What does this mean actually ? Does anyone knows how to read the
>> ouput
>> given by spamassassin after running this command in general.
>>
> That looks like a log entry from /var/log/messages output by a program
> called netset. I don't see it when running spamassassin 3.4.1
pure nonsense - that's part of the "spamassassin -D" debug ouput and
nothing else
Jan 24 20:09:38.822 [2845] dbg: netset: trusted_networks lookup on
10.0.0.19, 3 networks, result: 1, 0.147 ms
Jan 24 20:09:38.822 [2845] dbg: netset: internal_networks lookup on
10.0.0.19, 3 networks, result: 1, 0.086 ms
Jan 24 20:09:38.822 [2845] dbg: netset: trusted_networks lookup on
10.0.0.6, 3 networks, result: 1, 0.099 ms
Jan 24 20:09:38.822 [2845] dbg: netset: internal_networks lookup on
10.0.0.6, 3 networks, result: 1, 0.084 ms
Jan 24 20:09:38.882 [2845] dbg: netset: cache trusted_networks
hits/attempts: 0/2, 0.0 %
Jan 24 20:09:38.883 [2845] dbg: netset: cache internal_networks
hits/attempts: 0/2, 0.0 %
Re: OUTPUT OF SPAMASSASSIN
Posted by Reindl Harald <h....@thelounge.net>.
Am 24.01.2016 um 21:54 schrieb Martin Gregorie:
> On Sun, 2016-01-24 at 20:52 +0100, Reindl Harald wrote:
>> * the point is that he is analyzing *local* files
>>
> NOW we know that. But, the OP's first post made it clear he hadn't even
> read the manpage
yes, but se my response 15 minutes before yours
problem is he is incapable to use a mail client / mailing list
Re: OUTPUT OF SPAMASSASSIN
Posted by Martin Gregorie <ma...@gregorie.org>.
On Sun, 2016-01-24 at 20:52 +0100, Reindl Harald wrote:
> * the point is that he is analyzing *local* files
>
NOW we know that. But, the OP's first post made it clear he hadn't even
read the manpage or he'd have realised that SA's results are output by
adding headers to the message. Also, he clearly had no clue about
asking good questions or he'd have said what he was trying to do rather
than saying (summarised) "SA doesn't do what I want. Waaaa!".
> * so he needs to pass eml files to spamc/spamassassin
> * SA adds a header "X-Spam-Flag: Yes" in case of it reached spam
> -score
> * that output needs to be parsed
> * that's it
>
In fact that's all anybody ever does with SA. You look at the X-Spam
-Flag header to determine whether the message is spam and deal with it
if it is. Some analysis or more nuanced spam disposal may want to look
at the score and/or names of rules that fired, so they will also look
at the X-Spam-Status header.
Martin
Re: OUTPUT OF SPAMASSASSIN
Posted by Dave Funk <db...@engineering.uiowa.edu>.
On Sun, 24 Jan 2016, Reindl Harald wrote:
>
>
> Am 24.01.2016 um 20:45 schrieb Shawn Bakhtiar:
>>> On Jan 24, 2016, at 11:29 AM, Martin Gregorie <ma...@gregorie.org> wrote:
>>>
>>> On Mon, 2016-01-25 at 00:07 +0530, Sarang Shrivastava wrote:
>>>> I am just a newbie who has started using SA. Someone on the mailing
>>>> list suggested me to use -D option. So if this option is for
>>>> debugging then how do we classify it ?
>>>>
>>> You don't classify it: that's SA's job. It only scores messages and
>>> sets the Yes/No flag before adding the X-Spam-* headers to the message.
>>> Nothing else. What you do with mail that SA has classified as spam is
>>> the responsibility of your additional software and/or your users.
[snip..]
> * the point is that he is analyzing *local* files
> * so he needs to pass eml files to spamc/spamassassin
> * SA adds a header "X-Spam-Flag: Yes" in case of it reached spam-score
> * that output needs to be parsed
> * that's it
Simpler yet, get spamd running and just use "spamc -c < mail.eml"
It emits a score and sets the exit code.
No "parsing" needed, just test the exit code.
EG, suppose I have two messages, one known ham "ham.eml" and one known
spam "spam.eml"
Then:
if (spamc -c < spam.eml ) ; then
echo "is ham"
else
echo "is spam"
fi
will execute the 'echo "is spam"' clause
and if you feed it the ham.eml will execute the 'echo "is ham"' clause.
( this presupposes a bash shell varient, coding for other shell types is
left as an exercise for the reader. ;)
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
Re: OUTPUT OF SPAMASSASSIN
Posted by Reindl Harald <h....@thelounge.net>.
Am 24.01.2016 um 20:45 schrieb Shawn Bakhtiar:
>> On Jan 24, 2016, at 11:29 AM, Martin Gregorie <ma...@gregorie.org> wrote:
>>
>> On Mon, 2016-01-25 at 00:07 +0530, Sarang Shrivastava wrote:
>>> I am just a newbie who has started using SA. Someone on the mailing
>>> list suggested me to use -D option. So if this option is for
>>> debugging then how do we classify it ?
>>>
>> You don't classify it: that's SA's job. It only scores messages and
>> sets the Yes/No flag before adding the X-Spam-* headers to the message.
>> Nothing else. What you do with mail that SA has classified as spam is
>> the responsibility of your additional software and/or your users.
>>
>> Simplest case: configure SA to add [SPAM] as the first word in the
>> Subject header and let the users decide what to do with this mail.
>>
>> Next easiest: If your users' mail readers can detect spam and put it in
>> a spam folder, enable that feature for them once you've configured SA
>> to set whatever indicator the mail reader uses for spam identification.
>>
>
> The best option I’ve found is to use sieve (filter) scripts (we have a default set we enable for all new users) that simply moves emails tagged as spam into a special folder
* the point is that he is analyzing *local* files
* so he needs to pass eml files to spamc/spamassassin
* SA adds a header "X-Spam-Flag: Yes" in case of it reached spam-score
* that output needs to be parsed
* that's it
Re: OUTPUT OF SPAMASSASSIN
Posted by Shawn Bakhtiar <sh...@hotmail.com>.
> On Jan 24, 2016, at 11:29 AM, Martin Gregorie <ma...@gregorie.org> wrote:
>
> On Mon, 2016-01-25 at 00:07 +0530, Sarang Shrivastava wrote:
>> I am just a newbie who has started using SA. Someone on the mailing
>> list suggested me to use -D option. So if this option is for
>> debugging then how do we classify it ?
>>
> You don't classify it: that's SA's job. It only scores messages and
> sets the Yes/No flag before adding the X-Spam-* headers to the message.
> Nothing else. What you do with mail that SA has classified as spam is
> the responsibility of your additional software and/or your users.
>
> Simplest case: configure SA to add [SPAM] as the first word in the
> Subject header and let the users decide what to do with this mail.
>
> Next easiest: If your users' mail readers can detect spam and put it in
> a spam folder, enable that feature for them once you've configured SA
> to set whatever indicator the mail reader uses for spam identification.
>
The best option I’ve found is to use sieve (filter) scripts (we have a default set we enable for all new users) that simply moves emails tagged as spam into a special folder for the user called SPAM. This allows them to have access to any false positives that may occur.
Most common MDA/LDA’s have sieve script integration either by default or as a plugin module. For example Cyrus has timsieve server built it, and Dovecote has Pigeonhole, etc...
> Beyond that: write a spam quarantine subsystem and install it in the
> mail flow it where it can inspect messages that have been classified by
> SA and quarantine or delete them. Of course, you'll also need some way
> that your users can retrieve misclassified spam, and provide you with
> feedback so you can correct misclassifications....
>
>
> Martin
>
>
Re: OUTPUT OF SPAMASSASSIN
Posted by Martin Gregorie <ma...@gregorie.org>.
On Mon, 2016-01-25 at 00:07 +0530, Sarang Shrivastava wrote:
> I am just a newbie who has started using SA. Someone on the mailing
> list suggested me to use -D option. So if this option is for
> debugging then how do we classify it ?
>
You don't classify it: that's SA's job. It only scores messages and
sets the Yes/No flag before adding the X-Spam-* headers to the message.
Nothing else. What you do with mail that SA has classified as spam is
the responsibility of your additional software and/or your users.
Simplest case: configure SA to add [SPAM] as the first word in the
Subject header and let the users decide what to do with this mail.
Next easiest: If your users' mail readers can detect spam and put it in
a spam folder, enable that feature for them once you've configured SA
to set whatever indicator the mail reader uses for spam identification.
Beyond that: write a spam quarantine subsystem and install it in the
mail flow it where it can inspect messages that have been classified by
SA and quarantine or delete them. Of course, you'll also need some way
that your users can retrieve misclassified spam, and provide you with
feedback so you can correct misclassifications....
Martin
Re: OUTPUT OF SPAMASSASSIN
Posted by Reindl Harald <h....@thelounge.net>.
Am 24.01.2016 um 20:09 schrieb Sarang Shrivastava:
> Will take into consideration your advice from the next time.
WTF? respond to the list AND ONLY to the list
https://www.google.com/search?q=how+to+use+a+mailing-list
* set up spamd
* spamc -R -l --socket /run/spamassassin/spamassassin.sock < file.eml
* parse the output
fireup spamassassin for each and every mail with it's whole
initialization is wasting of ressources and time
[root@mail-gw:~]$ spamc -h
SpamAssassin Client version 3.4.1
compiled with SSL support (OpenSSL 1.0.1k-fips 8 Jan 2015)
Usage: spamc [options] [-e command [args]] < message
Options:
-d, --dest host[,host2]
Specify one or more hosts to connect to.
[default: localhost]
-H , --randomize Randomize IP addresses for the looked-up
hostname.
-p, --port port Specify port for connection to spamd.
[default: 783]
-S, --ssl Use SSL to talk to spamd.
-U, --socket path Connect to spamd via UNIX domain sockets.
-F, --config path Use this configuration file.
-t, --timeout timeout
Timeout in seconds for communications to
spamd. [default: 600]
-n, --connect-timeout timeout
Timeout in seconds when opening a connection to
spamd. [default: 600]
--filter-retries retries
Retry filtering this many times if the spamd
process fails (usually times out) [default: 1]
--filter-retry-sleep sleep
Sleep for this time between failed filter
attempts, in seconds [default: 1]
--connect-retries retries
Try connecting to spamd tcp socket this many times
[default: 3]
--retry-sleep sleep Sleep for this time between attempts to
connect to spamd, in seconds [default: 1]
-s, --max-size size Specify maximum message size, in bytes.
[default: 500k]
-u, --username username
User for spamd to process this message under.
[default: current user]
-L, --learntype learntype
Learn message as spam, ham or forget to
forget or unlearn the message.
-C, --reporttype reporttype
Report message to collaborative filtering
databases. Report type should be 'report' for
spam or 'revoke' for ham.
-B, --bsmtp Assume input is a single BSMTP-formatted
message.
-c, --check Just print the summary line and set an exit
code.
-y, --tests Just print the names of the tests hit.
-r, --full-spam Print full report for messages identified as
spam.
-R, --full Print full report for all messages.
--headers Rewrite only the message headers.
-E, --exitcode Filter as normal, and set an exit code.
-x, --no-safe-fallback
Don't fallback safely.
-X, --unavailable-tempfail
When using -x, turn 'unavailable' error into
'tempfail'. This may be useful for an MTAs
to defer emails with a temporary SMTP error
instead of bouncing with a permanent SMTP
error.
-l, --log-to-stderr Log errors and warnings to stderr.
-e, --pipe-to command [args]
Pipe the output to the given command instead
of stdout. This must be the last option.
-h, --help Print this help message and exit.
-V, --version Print spamc version and exit.
-K Keepalive check of spamd.
-z Compress mail message sent to spamd.
-f (Now default, ignored.)
-4 Use IPv4 only for connecting to server.
-6 Use IPv6 only for connecting to server.
> So the thing is I want incorporate a new statistical plug-in into SA .
> Presently it just has a Bayesian filter. I wanted to add some more
> machine learning algorithms to it.
>
> But I don't have a web server at my disposal which I can directly link
> with SA. I have just started using SA. If i have a mail in a .eml format
> and I want to classify it with SA , what should I do .?
>
> I guess I mailed my purpose on the mailing list previously and you were
> the one who helped me out
>
> "no - you need just "spamassassin -D < sample.eml"
>
> just configure thunderbird to access your gmail account with IMAP and
> svae the mails as file, the default format of thunderbird in that case
> is .eml
>
> maybe you need to play around with 'trusted_networks' in your SA so that
> it is able to recocinze the first external hop delivering to the gmail
> infrastructure (RBL, PTR tests and so on)"
>
> This is what you wrote.
>
>
> On Mon, Jan 25, 2016 at 12:29 AM, Reindl Harald <h.reindl@thelounge.net
> <ma...@thelounge.net>> wrote:
>
>
>
> Am 24.01.2016 um 19:37 schrieb Sarang Shrivastava:
>
> I am just a newbie who has started using SA. Someone on the
> mailing list
> suggested me to use -D option. So if this option is for
> debugging then
> how do we classify it ?
>
>
> please don't top-post and press reply-all on mailing-lists!
>
> don't write subjects with caps only
> score SUBJ_ALL_CAPS 0.518 1.625 1.197 1.506
>
> just without specify -D?
> yes it is for debug - look at "spamassassin -h"
>
> you should better describe you overall goal which is maybe not using
> spamassassin just on a shell!
>
> [root@mail-gw:/var/lib/spamass-milter]$ su -c "/usr/bin/spamassassin
> < /var/lib/spamass-milter/spam-example.eml" - sa-milt
> Jan 24 19:56:37.839 [633] warn: config: created user preferences
> file: /var/lib/spamass-milter/.spamassassin/user_prefs
> X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
> mail-gw.thelounge.net <http://mail-gw.thelounge.net>
> X-Spam-Status: No, score=-2.0, tag-level=5.5, block-level=8.0,
> envelope=_SENDERDOMAIN_, from=gmail.com <http://gmail.com>
> X-Spam-Report: =?ISO-8859-1?Q?Flag: No,
> * -2.0 ALL_TRUSTED Nachricht wurde nur =fcber
> vertrauensw=fcrdige Rechner
> * weitergeleitet
> * 0.0 SHORTCIRCUIT Not all rules were run, due to a
> shortcircuited rule
> * 0.0 CUST_SHORTCIRCUIT Skip tests based on
> whitelists/blacklists and
> * local relays?=
> Received: from mail-gw.thelounge.net <http://mail-gw.thelounge.net>
> (mail-gw.thelounge.net <http://mail-gw.thelounge.net> [10.0.0.19])
> (using TLSv1.2
> with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No
> client certificate requested)
> by mail.thelounge.net <http://mail.thelounge.net>
> (THELOUNGE MTA) with ESMTPS id 3hjPzJ6TWVz23
> for <h.reindl@thelounge.net
> <ma...@thelounge.net>>; Wed, 27 Aug 2014 00:30:20 +0200 (CEST)
> Received: from arrakis.thelounge.net <http://arrakis.thelounge.net>
> (arrakis.thelounge.net <http://arrakis.thelounge.net> [10.0.0.6])
> by mail-gw.thelounge.net <http://mail-gw.thelounge.net>
> (THELOUNGE GATEWAY) with ESMTP id 3hjPzJ2tkPz1w
> for <h.reindl@thelounge.net
> <ma...@thelounge.net>>; Wed, 27 Aug 2014 00:30:20 +0200 (CEST)
> Date: Wed, 27 Aug 2014 00:30:19 +0200
> To: h.reindl@thelounge.net <ma...@thelounge.net>
> From: Mail-Administrator <reindl.harald@gmail.com
> <ma...@gmail.com>>
> Subject: Test
> Message-ID:
> <ac29b495e4f8272e477a291cb8fe9c93c7af5d481409092219@arrakis.thelounge.net
> <ma...@arrakis.thelounge.net>>
> X-Received: xx.xx.xx.241 (openvpn-rh.thelounge.net
> <http://openvpn-rh.thelounge.net>) on panel.thelounge.net
> <http://panel.thelounge.net>
> by HTTP
> Precedence: bulk
> Auto-Submitted: auto-generated
> MIME-Version: 1.0
> X-Virus-Scanned: Yes
> X-Virus-Status: Clean
> Return-Path: reindl.harald@gmail.com <ma...@gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
> Content-Transfer-Encoding: quoted-printable
>
> On Sun, Jan 24, 2016 at 11:59 PM, Reindl Harald
> <h.reindl@thelounge.net <ma...@thelounge.net>
> <mailto:h.reindl@thelounge.net <ma...@thelounge.net>>>
> wrote:
>
> Am 24.01.2016 um 19:25 schrieb Sarang Shrivastava:
>
> I just downloaded a dataset of spam and hams from the
> net and
> fed one of
> the training file as input to the SA. What i want from
> it is to
> classify
> it as a spam or a ham when i run the command
> spamassassin -D <
> TEST_00000.eml
>
>
> and why do you use '-D' for 'debug' when you just want to
> classify it?
Re: OUTPUT OF SPAMASSASSIN
Posted by Reindl Harald <h....@thelounge.net>.
Am 24.01.2016 um 19:37 schrieb Sarang Shrivastava:
> I am just a newbie who has started using SA. Someone on the mailing list
> suggested me to use -D option. So if this option is for debugging then
> how do we classify it ?
please don't top-post and press reply-all on mailing-lists!
don't write subjects with caps only
score SUBJ_ALL_CAPS 0.518 1.625 1.197 1.506
just without specify -D?
yes it is for debug - look at "spamassassin -h"
you should better describe you overall goal which is maybe not using
spamassassin just on a shell!
[root@mail-gw:/var/lib/spamass-milter]$ su -c "/usr/bin/spamassassin <
/var/lib/spamass-milter/spam-example.eml" - sa-milt
Jan 24 19:56:37.839 [633] warn: config: created user preferences file:
/var/lib/spamass-milter/.spamassassin/user_prefs
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
mail-gw.thelounge.net
X-Spam-Status: No, score=-2.0, tag-level=5.5, block-level=8.0,
envelope=_SENDERDOMAIN_, from=gmail.com
X-Spam-Report: =?ISO-8859-1?Q?Flag: No,
* -2.0 ALL_TRUSTED Nachricht wurde nur =fcber
vertrauensw=fcrdige Rechner
* weitergeleitet
* 0.0 SHORTCIRCUIT Not all rules were run, due to a
shortcircuited rule
* 0.0 CUST_SHORTCIRCUIT Skip tests based on
whitelists/blacklists and
* local relays?=
Received: from mail-gw.thelounge.net (mail-gw.thelounge.net [10.0.0.19])
(using TLSv1.2
with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No
client certificate requested)
by mail.thelounge.net (THELOUNGE MTA) with ESMTPS id 3hjPzJ6TWVz23
for <h....@thelounge.net>; Wed, 27 Aug 2014 00:30:20 +0200
(CEST)
Received: from arrakis.thelounge.net (arrakis.thelounge.net [10.0.0.6])
by mail-gw.thelounge.net (THELOUNGE GATEWAY) with ESMTP id
3hjPzJ2tkPz1w
for <h....@thelounge.net>; Wed, 27 Aug 2014 00:30:20 +0200
(CEST)
Date: Wed, 27 Aug 2014 00:30:19 +0200
To: h.reindl@thelounge.net
From: Mail-Administrator <re...@gmail.com>
Subject: Test
Message-ID:
<ac...@arrakis.thelounge.net>
X-Received: xx.xx.xx.241 (openvpn-rh.thelounge.net) on panel.thelounge.net
by HTTP
Precedence: bulk
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-Virus-Scanned: Yes
X-Virus-Status: Clean
Return-Path: reindl.harald@gmail.com
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
> On Sun, Jan 24, 2016 at 11:59 PM, Reindl Harald <h.reindl@thelounge.net
> <ma...@thelounge.net>> wrote:
>
> Am 24.01.2016 um 19:25 schrieb Sarang Shrivastava:
>
> I just downloaded a dataset of spam and hams from the net and
> fed one of
> the training file as input to the SA. What i want from it is to
> classify
> it as a spam or a ham when i run the command spamassassin -D <
> TEST_00000.eml
>
>
> and why do you use '-D' for 'debug' when you just want to classify it?
Re: OUTPUT OF SPAMASSASSIN
Posted by Sarang Shrivastava <sa...@gmail.com>.
I am just a newbie who has started using SA. Someone on the mailing list
suggested me to use -D option. So if this option is for debugging then how
do we classify it ?
On Sun, Jan 24, 2016 at 11:59 PM, Reindl Harald <h....@thelounge.net>
wrote:
>
>
> Am 24.01.2016 um 19:25 schrieb Sarang Shrivastava:
>
>> I just downloaded a dataset of spam and hams from the net and fed one of
>> the training file as input to the SA. What i want from it is to classify
>> it as a spam or a ham when i run the command spamassassin -D <
>> TEST_00000.eml
>>
>
> and why do you use '-D' for 'debug' when you just want to classify it?
>
>
--
*Sarang Shrivastava*
*Computer Science & Engineering*
*MNNIT Allahabad*
Re: OUTPUT OF SPAMASSASSIN
Posted by Reindl Harald <h....@thelounge.net>.
Am 24.01.2016 um 19:25 schrieb Sarang Shrivastava:
> I just downloaded a dataset of spam and hams from the net and fed one of
> the training file as input to the SA. What i want from it is to classify
> it as a spam or a ham when i run the command spamassassin -D <
> TEST_00000.eml
and why do you use '-D' for 'debug' when you just want to classify it?
Re: OUTPUT OF SPAMASSASSIN
Posted by Sarang Shrivastava <sa...@gmail.com>.
I just downloaded a dataset of spam and hams from the net and fed one of
the training file as input to the SA. What i want from it is to classify it
as a spam or a ham when i run the command spamassassin -D < TEST_00000.eml
And this particular thing i could not found. Any help ?
On Sun, Jan 24, 2016 at 11:42 PM, Martin Gregorie <ma...@gregorie.org>
wrote:
> On Sun, 2016-01-24 at 23:05 +0530, Sarang Shrivastava wrote:
> > Hey guys,
> >
> > I ran the following command
> >
> > spamassassin -D < TEST_00000.eml
> >
> > this was the last line of the output
> >
> > Jan 25 03:30:46.222 [8919] dbg: netset: cache trusted_networks
> > hits/attempts: 9/11, 81.8 %
> >
> > What does this mean actually ? Does anyone knows how to read the
> > ouput
> > given by spamassassin after running this command in general.
> >
> That looks like a log entry from /var/log/messages output by a program
> called netset. I don't see it when running spamassassin 3.4.1.
>
> What you should be looking at are the headers added to the message by
> spamassassin: they all start with "X-Spam-" and the return code, which
> is shown by running the command "echo $?" immediately after
> spamassassin. I see a return code of 0 after running your message,
> which may be incomplete, since the first line is not an envelope-from
> line.
>
> What output are you expecting from spamassassin?
> Do you think the message is ham or spam?
>
>
> Martin
>
> >
>
--
*Sarang Shrivastava*
*Computer Science & Engineering*
*MNNIT Allahabad*
Re: OUTPUT OF SPAMASSASSIN
Posted by Martin Gregorie <ma...@gregorie.org>.
On Sun, 2016-01-24 at 23:05 +0530, Sarang Shrivastava wrote:
> Hey guys,
>
> I ran the following command
>
> spamassassin -D < TEST_00000.eml
>
> this was the last line of the output
>
> Jan 25 03:30:46.222 [8919] dbg: netset: cache trusted_networks
> hits/attempts: 9/11, 81.8 %
>
> What does this mean actually ? Does anyone knows how to read the
> ouput
> given by spamassassin after running this command in general.
>
That looks like a log entry from /var/log/messages output by a program
called netset. I don't see it when running spamassassin 3.4.1.
What you should be looking at are the headers added to the message by
spamassassin: they all start with "X-Spam-" and the return code, which
is shown by running the command "echo $?" immediately after
spamassassin. I see a return code of 0 after running your message,
which may be incomplete, since the first line is not an envelope-from
line.
What output are you expecting from spamassassin?
Do you think the message is ham or spam?
Martin
>