You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Philip Prindeville <ph...@redfish-solutions.com> on 2014/07/01 01:19:42 UTC
Re: Lots of spam getting thru
On Jun 30, 2014, at 1:49 PM, Robert Fitzpatrick <ro...@webtent.org> wrote:
> John Hardin wrote:
>> On Mon, 30 Jun 2014, Robert Fitzpatrick wrote:
>>
>>> I have been experiencing a huge amount of spam getting through to some big target addresses, mainly from .eu and .info addresses, and would like to see if someone can find something wrong with my setup. I recently upgraded to 3.4, but still the same issue. I am using Postfix with Maia Mailguard (a forked version of amavisd-new). Here is one example, could someone test this on their own config and see how the scores compare?
>>
>> Are you doing URIBL lookups?
> Thanks, the only one I am using my our postfix setup is spamhaus, we discontinued spamcop after an issue with false positives. Can I ask which most of you are using with good results? I have skip_rbl_checks in SA set to zero, is there more to add?
>
> --
> Robert
>
I have:
score URIBL_BLACK 4.95
in my /etc/mail/spamassassin/sa-scores.cf file (this rule is defined in:
/var/lib/spamassassin/3.004000/updates_spamassassin_org/25_uribl.cf
if that’s on your system), and:
loadplugin Mail::SpamAssassin::URIDNSBL
in my /etc/mail/spamassassin/init.pre file (this is on Fedora 20).
If you were doing it from scratch, you might try:
loadplugin Mail::SpamAssassin::URIDNSBL
skip_rbl_checks 0
urirhssub L_URIBL_BLACK multi.uribl.com. A 2
body L_URIBL_BLACK eval:check_uridnsbl('L_URIBL_BLACK')
describe L_URIBL_BLACK Contains a URL listed in the URIBL blacklist
tflags L_URIBL_BLACK net
score L_URIBL_BLACK 4.95
But like I said, the canned rules should already include URIBL_BLACK.
-Philip