You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Bruce Sackett <br...@oecnw.com> on 2014/10/29 17:00:43 UTC

Bayer Filtering - Not working no matter what I try

I have my mail system running beautifully with spamassassin, but can’t get bayes filtering to work.  I’m assuming it’s a user/group issue, since if I run tests as my ‘amavis’ user (which is how I should have it running) it does show bayes results, but when the mail system itself processes a message no bayes filtering happens at all.  

I’ll try to provide pertinent information, if anyone has any ideas or questions, I’d appreciate any input.

/etc/postfix/master.cf:

smtp    inet    n       -       n       -       -       smtpd
 -o content_filter=smtp-amavis:[127.0.0.1]:10024
smtp-amavis unix -      -       n       -       15      smtp
 -o smtp_data_done_timeout=1200
 -o disable_dns_lookups=no
127.0.0.1:10025 inet    n       -       n       -       -       smtpd
 -o content_filter=
 -o local_recipient_maps=
 -o smtpd_restriction_classes=
 -o smtpd_client_restrictions=
 -o smtpd_helo_restrictions=
 -o smtpd_sender_restrictions=
 -o smtpd_recipient_restrictions=permit_mynetworks,reject
 -o strict_rfc821_envelopes=yes

/etc/spamassassin/local.cf:

use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1
bayes_path /var/lib/amavis/.spamassassin
 bayes_ignore_header X-Bogosity
 bayes_ignore_header X-Spam-Flag
 bayes_ignore_header X-Spam-Status
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
shortcircuit USER_IN_WHITELIST       on
shortcircuit USER_IN_DEF_WHITELIST   on
shortcircuit USER_IN_ALL_SPAM_TO     on
shortcircuit SUBJECT_IN_WHITELIST    on
 shortcircuit USER_IN_BLACKLIST       on
 shortcircuit USER_IN_BLACKLIST_TO    on
 shortcircuit SUBJECT_IN_BLACKLIST    on
endif 

/etc/amavisd.conf:

use strict;
$myhostname = 'digi.busymind.net'; # fully-qualified dom. name!
$mydomain = 'busymind.net'; # default for other settings
@lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', ‘*****', ‘*****'] );
$sa_spam_subject_tag = '***SPAM*** ';
$daemon_user  = 'amavis';     
$daemon_group = 'amavis';    
$max_servers = 16;             # number of pre-forked children (2..15 is common)
$sa_timeout = 90;             # give SpamAssassin time (in secs) to do its work
$MYHOME   = '/var/lib/amavis';   # a convenient default for other settings
$TEMPBASE = "$MYHOME/tmp";    # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE;     # environment variable TMPDIR
$QUARANTINEDIR = '$MYHOME/virusmails';
$pid_file = "/var/run/amavis/amavisd.pid";
$log_level = 5;              # verbosity 0..5
$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$LOGFILE = "/var/log/amavis.log";
$DO_SYSLOG = 0;              # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';
$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024;   # listen on this local TCP port(s) (see $protocol)
$sa_tag_level_deflt  = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 2.0;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 2.0;  # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 1024*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?
$sa_auto_whitelist = 0;      # turn on AWL in SA 2.63 or older (irrelevant
$virus_admin               = undef;  # notifications recip.
$mailfrom_notify_admin     = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_recip     = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef
@addr_extension_virus_maps      = ('virus');
@addr_extension_spam_maps       = ('spam');
@addr_extension_banned_maps     = ('banned');
@addr_extension_bad_header_maps = ('badh');
$recipient_delimiter = undef;
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file        = '/usr/bin/file';   # file(1) utility; use recent versions
$gzip        = 'gzip';
$bzip2       = 'bzip2';
$lzop        = 'lzop';
$rpm2cpio    = ['rpm2cpio.pl','rpm2cpio'];
$cabextract  = 'cabextract';
$uncompress  = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze    = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc         = ['nomarch', 'arc'];
$unarj       = ['arj', 'unarj'];
#$unrar      = ['rar', 'unrar'];
$zoo         = 'zoo';
$lha         = 'lha';
$cpio        = ['gcpio','cpio'];
$ar          = 'ar';
$dspam       = 'dspam';
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)
$defang_virus  = 1;  # MIME-wrap passed infected mail
$defang_banned = 1;  # MIME-wrap passed mail containing banned name
$notify_method  = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';
$final_virus_destiny      = D_DISCARD;
$final_banned_destiny     = D_DISCARD;
$final_spam_destiny       = D_DISCARD;
$final_bad_header_destiny = D_DISCARD;
$X_HEADER_TAG = 'X-Virus-Scanned';
$X_HEADER_LINE = "Maia Mailguard 1.0.2a";
@viruses_that_fake_sender_maps = (new_RE(
  [qr'\bEICAR\b'i => 0],            # av test pattern name
  [qr'^(WM97|OF97|Joke\.)'i => 0],  # adjust names to match your AV scanner
  [qr/.*/ => 1],  # true for everything else
));
@keep_decoded_original_maps = (new_RE(
# qr'^MAIL$',   # retain full original message for virus checking (can be slow)
  qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
# qr'^Zip archive data',     # don't trust Archive::Zip
));
$banned_filename_re = new_RE(
# qr'^UNDECIPHERABLE$',  # is or contains any undecipherable components
  # block certain double extensions anywhere in the base name
  qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
# qr'[{}]',      # curly braces in names (serve as Class ID extensions - CLSID)
  qr'^application/x-msdownload$'i,                  # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,
  qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME types
  qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|exe|fxp|hlp|hta|inf|ins|isp|
         js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|ops|pcd|pif|prg|
         reg|scr|sct|shb|shs|vb|vbe|vbs|wsc|wsf|wsh|zip)$'ix,  # banned ext
  qr'^\.(exe-ms)$',                       # banned file(1) types
  qr'^\.(exe|lha|cab|dll)$',              # banned file(1) types
);
@score_sender_maps = ({});  # should be empty if using Maia Mailguard
@av_scanners = (
['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
@av_scanners_backup = (
['ClamAV-clamscan', 'clamscan',
    "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

);
1;  # insure a defined return