Solved

Spamassassin not using blacklist to mark emails

Posted on 2013-01-04
6
1,376 Views
Last Modified: 2013-01-12
My spamassassin installation is not using any of my blacklist items to score messages. Currently I have three custom blacklist files in my /etc/mail/spamassassin folder.

blacklist.cf
custom_bl.cf
foreign_bl.cf

blacklist.cf contains manually entered blacklist entries.
custom_bl.cf contains specific entries that I wanted to keep separate from other manual entries.
foreign_bl.cf contains about 50 items specifically designed to blacklist messages from certain domains in the form of: blacklist_from *@*.vu

None of these blacklist items are being used to flag messages in SA. Running 'spamassassin -D --lint' reveals no errors and shows all files being loaded.

I'm at a loss.
0
Comment
Question by:Tekz08
  • 3
  • 3
6 Comments
 
LVL 94

Expert Comment

by:John Hurst
ID: 38744611
It has been a while since I have used Spamassissin. In the version I used, blacklist entries were in user_prefs, but a newer version might be different.

More importantly, I had difficulty with *@*.vu.  I use *.vu or *.ar or *.whatever. That worked very well.  Use the following to unblacklist from *.de

blacklist_from   *.de
unblacklist_from *lavasoft.de
whitelist_from   *@lavasoft.de

What I suggest you do is create a rule you want working and see if you can make one file work.

As I noted, it has been a long while since I have used Spamassissin since my mail now gets filtered by mail.com.

.... Thinkpads_User
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 38745358
@Tekz08 - Any follow up?

Check the message headers of one of your emails. Do you see this?

Return-Path: <noreply@info.blackhatcovertchannel.com>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on my mailserver
X-Spam-Level: **
X-Spam-Status: No, score=2.6 required=5.0 tests=HK_RANDOM_FROM,
      HK_RANDOM_REPLYTO,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,REMOVE_BEFORE_LINK
      autolearn=no version=3.3.2
X-Original-To: Me
Delivered-To: Me

... Thinkpads_User
0
 
LVL 1

Author Comment

by:Tekz08
ID: 38752033
I switched my top-level domain blacklists over to the *.de format but it's still not working properly.

All my blacklists and custom rules are not being applied, even though spamassassin -D --lint shows that they are being read.

http://pastebin.com/PnZQGrVD
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 94

Expert Comment

by:John Hurst
ID: 38752297
Thanks for the update. I am an end user so I have limited operating knowledge, so some questions:

1. Per an earlier post, what do your mail headers say (Outlook headers for example). Is Spamassissin working at the user level?

2. Are you setting up user rules? I could not tell from the long output list. But each user needs a separate rules file so my rules can be different than yours.

3. Have you tried removing and then re-installing Spamassissin?

Thanks, ... Thinkpads_User
0
 
LVL 1

Accepted Solution

by:
Tekz08 earned 0 total points
ID: 38752420
Alright I just figured this out. Turns out that MailCleaner uses the spamd daemon and had the siteconfigpath set in spamd.conf to /usr/mailcleaner/share/spamassassin and did not mention /etc/mail/spamassasssin at all.

I moved my custom config files over to that directory and the rules started working after restarting services.

Thanks for participating.
0
 
LVL 1

Author Closing Comment

by:Tekz08
ID: 38769729
Figured out solution.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
awk to variable in bash 2 106
Upgrade BIOS / EUFI at Scale 4 69
I NEED A "BARE" LINUX ... 9 84
When trying to install php-fpm on CentOS 7 - GPG error 2 89
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question