Solved

Spamassassin not using blacklist to mark emails

Posted on 2013-01-04
6
1,353 Views
Last Modified: 2013-01-12
My spamassassin installation is not using any of my blacklist items to score messages. Currently I have three custom blacklist files in my /etc/mail/spamassassin folder.

blacklist.cf
custom_bl.cf
foreign_bl.cf

blacklist.cf contains manually entered blacklist entries.
custom_bl.cf contains specific entries that I wanted to keep separate from other manual entries.
foreign_bl.cf contains about 50 items specifically designed to blacklist messages from certain domains in the form of: blacklist_from *@*.vu

None of these blacklist items are being used to flag messages in SA. Running 'spamassassin -D --lint' reveals no errors and shows all files being loaded.

I'm at a loss.
0
Comment
Question by:Tekz08
  • 3
  • 3
6 Comments
 
LVL 92

Expert Comment

by:John Hurst
ID: 38744611
It has been a while since I have used Spamassissin. In the version I used, blacklist entries were in user_prefs, but a newer version might be different.

More importantly, I had difficulty with *@*.vu.  I use *.vu or *.ar or *.whatever. That worked very well.  Use the following to unblacklist from *.de

blacklist_from   *.de
unblacklist_from *lavasoft.de
whitelist_from   *@lavasoft.de

What I suggest you do is create a rule you want working and see if you can make one file work.

As I noted, it has been a long while since I have used Spamassissin since my mail now gets filtered by mail.com.

.... Thinkpads_User
0
 
LVL 92

Expert Comment

by:John Hurst
ID: 38745358
@Tekz08 - Any follow up?

Check the message headers of one of your emails. Do you see this?

Return-Path: <noreply@info.blackhatcovertchannel.com>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on my mailserver
X-Spam-Level: **
X-Spam-Status: No, score=2.6 required=5.0 tests=HK_RANDOM_FROM,
      HK_RANDOM_REPLYTO,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,REMOVE_BEFORE_LINK
      autolearn=no version=3.3.2
X-Original-To: Me
Delivered-To: Me

... Thinkpads_User
0
 
LVL 1

Author Comment

by:Tekz08
ID: 38752033
I switched my top-level domain blacklists over to the *.de format but it's still not working properly.

All my blacklists and custom rules are not being applied, even though spamassassin -D --lint shows that they are being read.

http://pastebin.com/PnZQGrVD
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 92

Expert Comment

by:John Hurst
ID: 38752297
Thanks for the update. I am an end user so I have limited operating knowledge, so some questions:

1. Per an earlier post, what do your mail headers say (Outlook headers for example). Is Spamassissin working at the user level?

2. Are you setting up user rules? I could not tell from the long output list. But each user needs a separate rules file so my rules can be different than yours.

3. Have you tried removing and then re-installing Spamassissin?

Thanks, ... Thinkpads_User
0
 
LVL 1

Accepted Solution

by:
Tekz08 earned 0 total points
ID: 38752420
Alright I just figured this out. Turns out that MailCleaner uses the spamd daemon and had the siteconfigpath set in spamd.conf to /usr/mailcleaner/share/spamassassin and did not mention /etc/mail/spamassasssin at all.

I moved my custom config files over to that directory and the rules started working after restarting services.

Thanks for participating.
0
 
LVL 1

Author Closing Comment

by:Tekz08
ID: 38769729
Figured out solution.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now