You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Alex Davidson <da...@gmail.com> on 2005/10/07 05:05:31 UTC
Newbie: Postfix/Spamassassin Questions
I'm new to the world of Linux, trying to come up with a replacement
for GFI's Mail Essentials and Mail Security by setting up Ubuntu v5.10
with Postfix v2.2.4, Spamassassin v3.0.4-2, Clamav v0.87-1 and
Amavisd-new v0.1.6.9-1. I've found a couple of useful tutorials on
getting things working but I do have some beginner-type questions and
I'd be grateful for any help.
Firstly, is there something I can use to manage and monitor postfix &
spamassassin graphically? I have webmin v1.230 which is a good start
but is there anything else that might be a better choice?
I was told that I can use spamassassin to do Content Checking but I
see no evidence of it as yet. Can it be used to do this? If so, I
guess I need to figure out how to get that going. If not, what is out
there that I can add to do that?
How can I test that Spamassassin is doing everything I want it to? I
sent an eicar test file and from the headers it looks as if it hit
postfix, plus the subject had [BAYESIAN] in it and the virus was
removed and replaced with a test file saying:
10/06/2005 14:45:49 Original attachment (eicar.com) was Quarantined.
A virus was detected and removed from the original attachment. You
can safely save or delete this replacement attachment.
(I wish the message indicated clamav was responsible for the action
for my own peace of mind.)
I've not been able to get anything else spamassassin-related to work -
e.g. I used webmin to add my personal email address to the blacklist
yet when I send from that address it comes right in to me. Also when
I sent some text that I've read is the spam-engine equivalent to the
eicar test virus but it wasn't marked as spam (including it in my
first post would explain why it was rejected - duh).
Last question, how does the auto whitelist work? Does it just add
outbound recipients to the whitelist or is there more to it?
Sorry if these questions sound dumb, I just need some prodding in the
right direction and feel like I'm flying blind right now.
Thanks,
Alex
Re: Newbie: Postfix/Spamassassin Questions
Posted by jdow <jd...@earthlink.net>.
From: "Alex Davidson" <da...@gmail.com>
Well that confirms my suspicion on it not doing Content-Checking
(quarantining messages based on content/attachments) - can anyone
suggest something to do this?
<< Procmail, MailScanner, Amavis-new, and so forth. I use procmail.
{^_^}
Re: Newbie: Postfix/Spamassassin Questions
Posted by Alex Davidson <da...@gmail.com>.
Well that confirms my suspicion on it not doing Content-Checking
(quarantining messages based on content/attachments) - can anyone
suggest something to do this?
>From the tutorials I've been following it looks like SA will hook into
AV software (or vice versa) - I think the key is amavisd-new.
I tested telneting into ports 10024 and 10025 but 10024 can't connect
- could this indicate a problem or is that normal?
On 10/6/05, Loren Wilton <lw...@earthlink.net> wrote:
> > I was told that I can use spamassassin to do Content Checking but I
> > see no evidence of it as yet.
>
> That may depend on what you mean by "content checking"
>
> SA is a tool for classifying spam. You seem to have tried it on a virus. A
> virus really isn't spam, it is a virus. SA makes little attempt to catch
> virui, there are tools designed for that purpose. Now, if you want to catch
> messages about mortgage deals and the latest popularity pills and sex clubs,
> then SA will do a nice job for you once you have it set up right.
>
> It is important to realyse that SA is a *filter*. It doesn;t DO anything to
> the spam, other than add a score that indicates how likely a message is to
> be spam. Something else in your processing chain needs to follow SA, look
> at the score, and decide what to do with the mail. If you don't have that,
> then all mail, spam included, will get routed to the users. However, the
> spam will be scored and marked as spam in the subject line. The user's mail
> client can then usually filter on that if they want to.
>
> It sounds like you don't have SA properly integrated into the rest of your
> mail system, and it isn't processing the messages. Unfortunately I don't
> recognize the tool you are using, so I can't help. Someone else will
> probably be along soon that may be able to.
>
> Loren
>
>
Re: Newbie: Postfix/Spamassassin Questions
Posted by Loren Wilton <lw...@earthlink.net>.
> I was told that I can use spamassassin to do Content Checking but I
> see no evidence of it as yet.
That may depend on what you mean by "content checking"
SA is a tool for classifying spam. You seem to have tried it on a virus. A
virus really isn't spam, it is a virus. SA makes little attempt to catch
virui, there are tools designed for that purpose. Now, if you want to catch
messages about mortgage deals and the latest popularity pills and sex clubs,
then SA will do a nice job for you once you have it set up right.
It is important to realyse that SA is a *filter*. It doesn;t DO anything to
the spam, other than add a score that indicates how likely a message is to
be spam. Something else in your processing chain needs to follow SA, look
at the score, and decide what to do with the mail. If you don't have that,
then all mail, spam included, will get routed to the users. However, the
spam will be scored and marked as spam in the subject line. The user's mail
client can then usually filter on that if they want to.
It sounds like you don't have SA properly integrated into the rest of your
mail system, and it isn't processing the messages. Unfortunately I don't
recognize the tool you are using, so I can't help. Someone else will
probably be along soon that may be able to.
Loren