Solved

Spamassassin not using blacklist to mark emails

Posted on 2013-01-04
6
1,418 Views
Last Modified: 2013-01-12
My spamassassin installation is not using any of my blacklist items to score messages. Currently I have three custom blacklist files in my /etc/mail/spamassassin folder.

blacklist.cf
custom_bl.cf
foreign_bl.cf

blacklist.cf contains manually entered blacklist entries.
custom_bl.cf contains specific entries that I wanted to keep separate from other manual entries.
foreign_bl.cf contains about 50 items specifically designed to blacklist messages from certain domains in the form of: blacklist_from *@*.vu

None of these blacklist items are being used to flag messages in SA. Running 'spamassassin -D --lint' reveals no errors and shows all files being loaded.

I'm at a loss.
0
Comment
Question by:Tekz08
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 96

Expert Comment

by:Experienced Member
ID: 38744611
It has been a while since I have used Spamassissin. In the version I used, blacklist entries were in user_prefs, but a newer version might be different.

More importantly, I had difficulty with *@*.vu.  I use *.vu or *.ar or *.whatever. That worked very well.  Use the following to unblacklist from *.de

blacklist_from   *.de
unblacklist_from *lavasoft.de
whitelist_from   *@lavasoft.de

What I suggest you do is create a rule you want working and see if you can make one file work.

As I noted, it has been a long while since I have used Spamassissin since my mail now gets filtered by mail.com.

.... Thinkpads_User
0
 
LVL 96

Expert Comment

by:Experienced Member
ID: 38745358
@Tekz08 - Any follow up?

Check the message headers of one of your emails. Do you see this?

Return-Path: <noreply@info.blackhatcovertchannel.com>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on my mailserver
X-Spam-Level: **
X-Spam-Status: No, score=2.6 required=5.0 tests=HK_RANDOM_FROM,
      HK_RANDOM_REPLYTO,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,REMOVE_BEFORE_LINK
      autolearn=no version=3.3.2
X-Original-To: Me
Delivered-To: Me

... Thinkpads_User
0
 
LVL 1

Author Comment

by:Tekz08
ID: 38752033
I switched my top-level domain blacklists over to the *.de format but it's still not working properly.

All my blacklists and custom rules are not being applied, even though spamassassin -D --lint shows that they are being read.

http://pastebin.com/PnZQGrVD
0
Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

 
LVL 96

Expert Comment

by:Experienced Member
ID: 38752297
Thanks for the update. I am an end user so I have limited operating knowledge, so some questions:

1. Per an earlier post, what do your mail headers say (Outlook headers for example). Is Spamassissin working at the user level?

2. Are you setting up user rules? I could not tell from the long output list. But each user needs a separate rules file so my rules can be different than yours.

3. Have you tried removing and then re-installing Spamassissin?

Thanks, ... Thinkpads_User
0
 
LVL 1

Accepted Solution

by:
Tekz08 earned 0 total points
ID: 38752420
Alright I just figured this out. Turns out that MailCleaner uses the spamd daemon and had the siteconfigpath set in spamd.conf to /usr/mailcleaner/share/spamassassin and did not mention /etc/mail/spamassasssin at all.

I moved my custom config files over to that directory and the rules started working after restarting services.

Thanks for participating.
0
 
LVL 1

Author Closing Comment

by:Tekz08
ID: 38769729
Figured out solution.
0

Featured Post

Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question