You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Michael Chapman <mi...@kpmcornerstone.com> on 2007/08/21 21:10:08 UTC
Blacklist problems!
Hi there:
This should be a fairly simple question for the experts out there ...
everything I'm receiving is being blacklisted, and the reports indicate
that all these messages are flagged as "USER_IN_BLACKLIST." Where? I
don't have a user_prefs, and my global is really simple:
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
whitelist_from *.musiciansfriend.com
whitelist_from *.apache.org
blacklist_from angel@biasdc.com
required_hits 8
#report_safe 0
rewrite_header Subject [SPAM]
# SpamAssassin config file for version 3.x
# # NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6
# # See http://www.yrex.com/spam/spamconfig25.php for earlier versions
# # Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50)
#
# # How many hits before a message is considered spam.
# required_score 5.0
#
# # Encapsulate spam in an attachment (0=no, 1=yes, 2=safe)
report_safe 1
#
# # Enable the Bayes system
use_bayes 1
#
# # Enable Bayes auto-learning
bayes_auto_learn 1
#
# # Enable or disable network checks
# skip_rbl_checks 0
use_razor2 1
#use_dcc 1
use_pyzor 1
#
# # Mail using languages used in these country codes will not be marked
# # as being possibly spam in a foreign language.
#ok_languages en
#
# # Mail using locales used in these country codes will not be marked
# # as being possibly spam in a foreign language.
ok_locales en
# Blacklist for foreign countries we don't care about getting mail from
#
blacklist_from *.ar
blacklist_from *.tr
blacklist_from *.cn
blacklist_from *.hr
blacklist_from *.ru
blacklist_from *.tw
#
#
This all worked just fine when I was using RH9/SA 2.6. This is on
Fedora 7 with SA 3.2.2. I am using procmail to process incoming mail,
and using ClamAV for virus stuff.
Is there a way I can reset the blacklist? This is driving me nuts. I
don't want to use all_spam_to just to get my mail!
Help! Please?
Thanks!
Michael
Re: Blacklist problems!
Posted by Michael Chapman <mi...@kpmcornerstone.com>.
OK ... after diving back into my spam to get responses to this message,
I turned off AWL in v310.pre and removed all blacklist items from
local.cf and user_prefs. Still no joy. Everything is still getting
flagged as before! What is going on?
Thanks for all of your help so far, gang!
Michael
Michael Chapman wrote:
> Hi there:
>
> This should be a fairly simple question for the experts out there ...
> everything I'm receiving is being blacklisted, and the reports
> indicate that all these messages are flagged as "USER_IN_BLACKLIST."
> Where? I don't have a user_prefs, and my global is really simple:
>
> # These values can be overridden by editing ~/.spamassassin/user_prefs.cf
> # (see spamassassin(1) for details)
>
> # These should be safe assumptions and allow for simple visual sifting
> # without risking lost emails.
> whitelist_from *.musiciansfriend.com
> whitelist_from *.apache.org
> blacklist_from angel@biasdc.com
> required_hits 8
> #report_safe 0
> rewrite_header Subject [SPAM]
> # SpamAssassin config file for version 3.x
> # # NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6
> # # See http://www.yrex.com/spam/spamconfig25.php for earlier versions
> # # Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50)
> #
> # # How many hits before a message is considered spam.
> # required_score 5.0
> #
> # # Encapsulate spam in an attachment (0=no, 1=yes, 2=safe)
> report_safe 1
> #
> # # Enable the Bayes system
> use_bayes 1
> #
> # # Enable Bayes auto-learning
> bayes_auto_learn 1
> #
> # # Enable or disable network checks
> # skip_rbl_checks 0
> use_razor2 1
> #use_dcc 1
> use_pyzor 1
> #
> # # Mail using languages used in these country codes will not be marked
> # # as being possibly spam in a foreign language.
> #ok_languages en
> #
> # # Mail using locales used in these country codes will not be marked
> # # as being possibly spam in a foreign language.
> ok_locales en
>
> # Blacklist for foreign countries we don't care about getting mail from
> #
> blacklist_from *.ar
> blacklist_from *.tr
> blacklist_from *.cn
> blacklist_from *.hr
> blacklist_from *.ru
> blacklist_from *.tw
> #
> #
>
>
> This all worked just fine when I was using RH9/SA 2.6. This is on
> Fedora 7 with SA 3.2.2. I am using procmail to process incoming mail,
> and using ClamAV for virus stuff.
>
> Is there a way I can reset the blacklist? This is driving me nuts. I
> don't want to use all_spam_to just to get my mail!
>
> Help! Please?
>
> Thanks!
>
> Michael
>
RE: Blacklist problems!
Posted by Skip Brott <sb...@dmp.com>.
> No need for these settings if you have the above "ok_languages en"
I think you are correct if you assume that emails coming from *.ru (for
example), are written in something other than English, which is rarely the
case. Much of the spam I see from *.ru and *.su is in English.
- Skip
Re: Blacklist problems!
Posted by maillist <ma...@emailacs.com>.
Michael Chapman wrote:
> Hi there:
>
> This should be a fairly simple question for the experts out there ...
> everything I'm receiving is being blacklisted, and the reports
> indicate that all these messages are flagged as "USER_IN_BLACKLIST."
> Where? I don't have a user_prefs, and my global is really simple:
>
> # These values can be overridden by editing ~/.spamassassin/user_prefs.cf
> # (see spamassassin(1) for details)
>
> # These should be safe assumptions and allow for simple visual sifting
> # without risking lost emails.
> whitelist_from *.musiciansfriend.com
> whitelist_from *.apache.org
> blacklist_from angel@biasdc.com
> required_hits 8
> #report_safe 0
> rewrite_header Subject [SPAM]
> # SpamAssassin config file for version 3.x
> # # NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6
> # # See http://www.yrex.com/spam/spamconfig25.php for earlier versions
> # # Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50)
> #
> # # How many hits before a message is considered spam.
> # required_score 5.0
> #
> # # Encapsulate spam in an attachment (0=no, 1=yes, 2=safe)
> report_safe 1
> #
> # # Enable the Bayes system
> use_bayes 1
> #
> # # Enable Bayes auto-learning
> bayes_auto_learn 1
> #
> # # Enable or disable network checks
> # skip_rbl_checks 0
> use_razor2 1
> #use_dcc 1
> use_pyzor 1
> #
> # # Mail using languages used in these country codes will not be marked
> # # as being possibly spam in a foreign language.
> #ok_languages en
> #
> # # Mail using locales used in these country codes will not be marked
> # # as being possibly spam in a foreign language.
> ok_locales en
>
> # Blacklist for foreign countries we don't care about getting mail from
> #
> blacklist_from *.ar
> blacklist_from *.tr
> blacklist_from *.cn
> blacklist_from *.hr
> blacklist_from *.ru
> blacklist_from *.tw
> #
> #
>
>
> This all worked just fine when I was using RH9/SA 2.6. This is on
> Fedora 7 with SA 3.2.2. I am using procmail to process incoming mail,
> and using ClamAV for virus stuff.
>
> Is there a way I can reset the blacklist? This is driving me nuts. I
> don't want to use all_spam_to just to get my mail!
>
> Help! Please?
>
> Thanks!
>
> Michael
>
I would set the following....
whitelist_from_rcvd *.musiciansfriend.com musiciansfriend.com
whitelist_from_rcvd *.apache.org apache.org
LOOK HERE FOR MORE INFO ON THIS OPTION
http://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html
blacklist_from angel@biasdc.com
required_hits 8
rewrite_header Subject [SPAM]
report_safe 1
use_bayes 1
bayes_auto_learn 0
skip_rbl_checks 0
use_razor2 1
use_pyzor 1
ok_languages en
# Blacklist for foreign countries we don't care about getting mail from
#
#blacklist_from *.ar
#blacklist_from *.tr
#blacklist_from *.cn
#blacklist_from *.hr
#blacklist_from *.ru
#blacklist_from *.tw
No need for these settings if you have the above "ok_languages en"
-=Aubrey=-
Re: Blacklist problems!
Posted by Matt Kettler <mk...@verizon.net>.
Michael Chapman wrote:
> Hi there:
>
> This should be a fairly simple question for the experts out there ...
> everything I'm receiving is being blacklisted, and the reports
> indicate that all these messages are flagged as "USER_IN_BLACKLIST."
> Where? I don't have a user_prefs, and my global is really simple:
First, I assume by your "global" you mean your local.cf
Have you tried the simple approach of commenting out all your
blacklist_from commands?
Do you have *ANY* other .cf files in the same directory as your
local.cf? SA will read ALL of them, and use ALL of them.
Are you sure you're even using the right directory? Try running
spamassassin --lint -D and the earlier parts of the debug output should
list all the directories and files SA is using.
In particular this line could be quite useful to you:
[22185] dbg: config: using "/etc/mail/spamassassin" for site rules dir
Along with the lines that follow indicating all the .cf files
Looking at the message headers, I'm assuming you're using SpamAssassin
3.2.2. You really should include that kind of info in your posts.
One part that makes me wonder what's missing is your own system seems to
have generated:
X-Old-Spam-Status: No, score=-0.9 required=8.0 tests=AWL,BAYES_00,
USER_IN_BLACKLIST,USER_IN_WHITELIST autolearn=ham version=3.2.2
I don't see anything in your posted config that would have blacklisted OR whitelisted the message. But somehow, it got both.
Also, using your same configuration (as posted) I get:
X-Spam-Status: No, score=-2.8 required=8.0 tests=RCVD_IN_DNSWL_MED,
RCVD_IN_SORBS_WEB,RDNS_NONE autolearn=ham version=3.2.3
Admittedly a different version of SA, but that shouldn't affect the white/blacklist decisions.
That's telling me there's more to your config than you think. Personally, I think the --lint -D should take you pretty far into finding out what's going on, or at least give you all the files you need to grep.
You could also try running a message through spamassassin -D on the command line. This would tell you which exact address matched a blacklist, but you'd have to wade deep into the debug output to find it.
Re: Blacklist problems!
Posted by Kai Schaetzl <ma...@conactive.com>.
Michael Chapman wrote on Tue, 21 Aug 2007 12:10:08 -0700:
> Is there a way I can reset the blacklist?
There is no "auto blacklist". It's your blacklist entries. For a quick
diagnosis disable all of them and check if it persists.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com