?
Solved

SpamAssasin is doing NOTHING!

Posted on 2013-11-19
3
Medium Priority
?
704 Views
Last Modified: 2013-11-20
No doubt it's my configuration that's at fault ...

Ubuntu Linux 10.04.2
dovecot 1.2.9
Postfix 2.7.0
SpamAssassin 3.3.1

I get hundreds of spam messages / day.  The sort that SpamAssassin was created to assassinate.

Here's my /etc/spamassassin/local.cf file:
#
# Sample SpamAssassin rules. It should be localted at:
#   /etc/mail/spamassassin/local.cf
#
# Shipped within iRedMail project:
#   * http://iRedMail.googlecode.com/
#
# See also:
#    $ man Mail::SpamAssassin::Conf
#


# These two lines will not affect due to Amavisd use its
# own variables setting in /etc/amavisd.conf.
required_score      5.0
rewrite_header      subject [ SPAM ]

report_safe         0
lock_method         flock

use_bayes           1
bayes_auto_learn    1
bayes_auto_expire   0

score ALL_TRUSTED -10.000

#skip_rbl_checks  1
score URIBL_AB_SURBL 0 0.3306 0 0.3812
score URIBL_JP_SURBL 0 0.3360 0 0.4087
score URIBL_OB_SURBL 0 0.2617 0 0.3008
score URIBL_PH_SURBL 0 0.2240 0 0.2800
score URIBL_SBL 0 0.1094 0 0.1639
score URIBL_SC_SURBL 0 0.3600 0 0.4498
score URIBL_WS_SURBL 0 0.1533 0 0.2140

# For Mail::SPF
spf_timeout         5

# For SpamAssassin-3.2.x. Reference:
# http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Plugin_SPF.html
#do_not_use_mail_spf 0
#do_not_use_mail_spf_query   1
#ignore_received_spf_header  1

score SPF_PASS -10.000
score SPF_FAIL 5.00

# Whitelist from SPF.
#whitelist_from_spf     joe@example.com fred@example.com
whitelist_from_spf      *@gmail.com
whitelist_from_spf      *@126.com *@163.com
whitelist_from_spf      *@sina.com *@sohu.com *@tom.com
whitelist_from_spf      *@live.com *@hotmail.com

# Whitelist from DKIM.
whitelist_from_dk       *@gmail.com *@paypal.com

# Whitelist domains.
# Reference: http://wiki.apache.org/spamassassin/ManualWhitelist
#whitelist_from         *@gmail.com

# Locales.
ok_locales          all

Open in new window


So ... somewhere I must be failing to tell spam assassin something it needs to interact with dovecot correctly.  What am I missing?

Thanks!
0
Comment
Question by:Daniel Wilson
3 Comments
 
LVL 19

Accepted Solution

by:
xterm earned 1200 total points
ID: 39661307
Dovecot has no interaction with SpamAssassin - it is only a pop3/imap server which makes mail which has already been received available to connecting clients.  You need to configure Postfix to pipe the messages to the SpamAssassin client so that it scans them as they arrive.

This page here describes it:
http://www.akadia.com/services/postfix_spamassassin.html

It's not the simplest process - I personally find it much easier to use sendmail with procmail, where a simple .procmailrc recipe will post-process the mail after sendmail delivers it and do whatever you want with it (discard it, quarantine it, or just tag the subject line for example.)
0
 
LVL 81

Assisted Solution

by:arnold
arnold earned 800 total points
ID: 39661598
Your spamassassin config whitelisting might be your issue.

You are also missing the Bayesian analysis features
http://wiki.apache.org/spamassassin/BayesInSpamAssassin

You have to train spam assassin to statistically detect spam.

Not that using auto-learn is a two edged sword.

Procmail is a filter that can be used with any mail server not just sendmail.

Maildrop is another tool though have not looked at it for some time.
0
 
LVL 32

Author Closing Comment

by:Daniel Wilson
ID: 39663313
Thanks!

I'm reviewing those and trying to implement the instructions.
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses
Course of the Month13 days, 14 hours left to enroll

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question