You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Its Azfar <az...@yahoo.com> on 2005/12/12 08:53:30 UTC

Few errors.

1.
I am getting following errors in my maillog.
spamd[6203]: connection from localhost.mydomain.com
[127.0.0.
1] at port 52118
spamd[6203]: info: setuid to clamav succeeded
spamd[6203]: Creating default_prefs
[/nonexistent/.spamassa
ssin/user_prefs]
spamd[6203]: Cannot write to
/nonexistent/.spamassassin/use
r_prefs: No such file or directory
spamd[6203]: Couldn't create readable default_prefs
for [/n
onexistent/.spamassassin/user_prefs]
spamd[6203]: processing message
<001801c5feea$970819a0$8a30
45ca@netops4> for clamav:106.
spamd[6203]: clean message (-2.6/5.0) for clamav:106
in 4.9
 seconds, 1368 bytes.
spamd[6203]: result: . -2 -
ALL_TRUSTED,DATE_IN_FUTURE_03_0
6,HTML_90_100,HTML_MESSAGE
scantime=4.9,size=1368,mid=<001801c5feea$970819a0$8a3
045ca@netops4>,autolearn=failed

2.
Second here is my local.cf

rewrite_header Subject *****SPAM*****
report_safe 1
rewrite_subject 1
required_hits 5
required_score 5.0
use_bayes               1
skip_rbl_checks         0
use_razor2              1
use_dcc                 1
use_pyzor               1

What does this conf will do specially required_hits
and required_score. I want that initialy spamassassin
only mark mails as SPAM but on more higher hit it will
delete them.
Wht should I set required_hits and required_score for
an ISP environment.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Re: Few errors.

Posted by Matt Kettler <mk...@comcast.net>.
At 02:53 AM 12/12/2005, Its Azfar wrote:
>1.
>spamd[6203]: Couldn't create readable default_prefs
>for [/n
>onexistent/.spamassassin/user_prefs]

<snip>

If you are running spamd as root, it will try to setuid itself to the user 
that calls spamc. However, if that user turns out to be root, spamd will 
setuid itself to "nobody" for safety.

The "nobody" user can't write it's own homedir (and should not be able to!) 
thus SA couldn't create a profile directory to store user_prefs or bayes 
learning into.

If you're calling spamc on a per-user basis, (ie: from a script running as 
their userid) don't worry as this only affects roots mail.

If you're calling spamc from a root-privileged script on a site-wide basis, 
you might want to consider creating a "spamd" user and passing that 
username to the -u parameter of spamd.

>2.
>Second here is my local.cf
>
>rewrite_header Subject *****SPAM*****
>report_safe 1

report_safe defines how SA handles mail when it tags it. This setting will 
cause SA to encapsulate the spam as an attachment to a warning message. 
Setting this to 2 will encapsulate the spam's source as a text-file 
attachment, instead of a multipart message attachment. Setting this to 0 
disables encapsulation, and SA only modifies the subject as needed, and 
adds X-Spam-* headers.


>rewrite_subject 1

The rewrite_subject option should be removed. It's obsolete and is replaced 
by the rewrite_header command your using.

>required_hits 5
>required_score 5.0

required_hits and required_score do the same thing, but required_hits is 
syntax from obsolete version of SA. Remove the required_hits line.

These options determine what score threshold SA will tag mail as spam at. 
If you lower the threshold, SA will catch more spam, but there's a higher 
chance it will mis-tag a non-spam email. Conversely If you raise it, SA 
will be less-likely to mis-tag a non-spam email as spam, but more real spam 
will be missed.

>use_bayes               1

Turns on the bayesian statistical classifier. See man sa-learn.

>skip_rbl_checks         0

Does not disable use of DNS RBL checks. These checks are very helpful, but 
can take a few seconds and are not well suited to very high volume sites.

>use_razor2              1
>use_dcc                 1
>use_pyzor               1

Disables or enables various add-ons. Note: if you're using SA 3.1.0 these 
options are largely obsolete, as you have to enable them with plugins in 
v310.pre.



>What does this conf will do specially required_hits
>and required_score.


(see above)



All of these options match SA's default values, so aren't really necessary, 
but they're handy as a reference sometimes.

>  I want that initialy spamassassin
>only mark mails as SPAM but on more higher hit it will
>delete them.
>Wht should I set required_hits and required_score for
>an ISP environment.


If you want to be really cautious, start off at 6.0 and ease your way down 
to 5.0 after you are sure it's not mis-classifying mail. Most people do 
fine with the default, but some go higher or lower depending on how they 
handle tagged mail.