You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by ttgh <to...@goldenhour.com> on 2015/01/21 23:09:12 UTC

SA using wrong set of sa-updates?

I've just inherited an incoming SMTP relay running CentOS 5 with postfix,
Amavis and Spamassassin 3.3.1.  We're using a daily cron job to run
sa-update and save the verbose result to a log file.  The log doesn't have
much information but that seems to be a limitation in sa-update's output,
e.g. -v has very little info while -D has too much.  I can see where the
updates are being downloaded, at least, so I assume its working. 

But how do I know SpamAssassin is using those updates?   
Where in the config(s) does it say which rules folder is in-effect?   
Is there a diagnostic command I can run which will state it? 

Updates are being downloaded to
/var/lib/spamassassin/3.003001/updates_spamassassin_org but I'm afraid it
might be ignoring those in favor of the default(?) rules in
/usr/share/spamassassin (circa 2010).  I'm hoping this turns out to be the
case as it would explain why so much spam still gets through 

Thank you for any suggestions! 

UPDATE: I figured-out how to run a command-line scan using 'spamassassin -D'
which showed that it was using the old c.2011 rules in
/var/lib/spamassassin/3.003001/saupdates_openprotect_com.  How do I fix
that?



--
View this message in context: http://spamassassin.1065346.n5.nabble.com/SA-using-wrong-set-of-sa-updates-tp114062.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

RE: SA using wrong set of sa-updates?

Posted by ttgh <to...@goldenhour.com>.

I saw a post somewhere that said SA will scan those pre-determined folders
for any .cf or .pre files, then automatically load those rules.  I deleted
the leftover 'openprotect' files and folder, restarted SA, re-ran my
diagnostic command and the only rules being referenced now are the current
'updates_spamassassin_org'

So I think I was running both sets of rules, probably with unpredictable
results!  I went back and looked at some of the ham which had been labeled
'Suspected Spam' and I could see that they'd been flagged by a 'SARE' rule,
which I know is one of the old ones.  This leads me to think I have
succeeded in eliminating some false positives, at least.



--
View this message in context: http://spamassassin.1065346.n5.nabble.com/SA-using-wrong-set-of-sa-updates-tp114062p114081.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

RE: SA using wrong set of sa-updates?

Posted by Marieke Janssen <mj...@myguard.nl>.

>UPDATE: I figured-out how to run a command-line scan using 'spamassassin
-D'
>which showed that it was using the old c.2011 rules in
/var/lib/spamassassin/3.003001/saupdates_openprotect_com.  How do I fix
that?

If you have no intention to use 3rd party rules, I think you can just delete
that dir and cf file.
Make sure there is no crontab or script what puts it back. 

/MJ