1 Topic by miles_hc

  • miles_hc
  • Member
  • Offline
  • Registered: 2011-07-04
  • Posts: 21

Topic: spam checking is not functioning?

hi there, following my previous post, i still have some problems with the spam filtering .

testing process:
using a testing sender, test@gmail.com, with outlook express,
and smtp server pointing to my isp, sending a testing message of GTUBE test text,
here is the mail contents in my maildir.
========================================================================================================
Return-Path: <test@gmail.com>
Delivered-To: rcpt@example.com
Received: from localhost (localhost.localdomain [127.0.0.1])
        by mailserver.example.com (Postfix) with ESMTP id 6B5B06047B
        for <rcpt@example.com>; Thu,  7 Jul 2011 19:49:02 +0800 (HKT)
X-Virus-Scanned: amavisd-new at mailserver.example.com   <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Received: from mailserver.example.com ([127.0.0.1])
        by localhost (mailserver.example.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id IP+tx21tYWR7 for <rcpt@example.com>;
        Thu,  7 Jul 2011 19:49:01 +0800 (HKT)
X-Original-Helo: smtp.wh.com (iRedMail: http://www.iredmail.org/)
Received: from smtp.wh.com (unknown [202.130.xxx.xxx])
        by mailserver.example.com (Postfix) with ESMTP id 86FAF603F4
        for <rcpt@example.com>; Thu,  7 Jul 2011 19:49:01 +0800 (HKT)
Received: (qmail 24644 invoked from network); 7 Jul 2011 11:49:00 -0000
Received: from unknown (HELO wkstation2) ([210.5.xxx.xxx])
          (envelope-sender <test@gmail.com>)
          by smtp.wh.com (qmail-ldap-1.03) with SMTP
          for <rcpt@example.com>; 7 Jul 2011 11:49:00 -0000
Message-ID: <88EFA10A71EC4412B0080C6C9AC66F65@xxx.com>
From: "test" <test@gmail.com>
To: <rcpt@example.com>
Subject: testing spam
Date: Thu, 7 Jul 2011 19:49:01 +0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
        boundary="----=_NextPart_000_0014_01CC3CDE.EB132B10"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6109

This is a multi-part message in MIME format.

------=_NextPart_000_0014_01CC3CDE.EB132B10
Content-Type: text/plain;
        charset="big5"
Content-Transfer-Encoding: quoted-printable


----- Original Message -----=20
From: test=20
To: rcpt@example.com=20
Sent: Monday, July 04, 2011 10:50 AM
Subject: testing spam


XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
------=_NextPart_000_0014_01CC3CDE.EB132B10
Content-Type: text/html;
        charset="big5"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Dbig5" http-equiv=3DContent-Type>
<META name=3DGENERATOR content=3D"MSHTML 8.00.6001.19088">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV>&nbsp;</DIV>
<DIV style=3D"FONT: 10pt =B7s=B2=D3=A9=FA=C5=E9">----- Original Message =
-----=20
<DIV style=3D"BACKGROUND: #e4e4e4; font-color: black"><B>From:</B> <A=20
title=3Dtest@gmail.com href=3D"mailto:test@gmail.com">test</A> </DIV>
<DIV><B>To:</B> <A title=3Drcpt@example.com=20
href=3D"mailto:rcpt@example.com">rcpt@example.com</A> </DIV>
<DIV><B>Sent:</B> Monday, July 04, 2011 10:50 AM</DIV>
<DIV><B>Subject:</B> testing spam</DIV></DIV>
<DIV><BR></DIV>
<DIV><PRE>XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*=
C.34X</PRE></DIV></BODY></HTML>

------=_NextPart_000_0014_01CC3CDE.EB132B10--
========================================================================================================

i can see the avavisd was run and checked that message, as indicated by <<<<<<<<<<<<<<<<<<<<<<<<<<
however, what i expected is something like this: (http://workaround.org/ispmail/lenny/ama … nd-viruses)
X-Spam-Status: Yes, hits=16.0 tagged_above=-9999.0 required=6.31
    tests=BAYES_99, FORGED_MUA_OUTLOOK, MSGID_FROM_MTA_ID,
    RCVD_IN_BL_SPAMCOP_NET, UNDISC_RECIPS, URIBL_OB_SURBL, WORK_AT_HOME
    X-Spam-Level: ***************
    X-Spam-Flag: YES
but, there is no X-Spam-Status flag in the header.

the maillog showed:
Jul  7 19:47:40 mail1 amavis[2732]: (02732-12) Passed SPAM, LOCAL [202.130.xxx.xxx] [210.5.xxx.xxx] <test@gmail.com> -> <rcpt@example.com>, quarantine: spam-qMa+t3jZEL1O.gz, Message-ID: <406E8409282D4ABC93AE82040CE2ACF3@cechk.com>, mail_id: qMa+t3jZEL1O, Hits: 1002.278, size: 2463, queued_as: 8140A6047A, 736 ms

so, it is detected as a SPAM, but why the mail header was not modified according?
i made no change to the /etc/amavisd.conf

anything missed? or someone else has made the same test?

Thanks for advice.

miles_hc

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by miles_hc

  • miles_hc
  • Member
  • Offline
  • Registered: 2011-07-04
  • Posts: 21

Re: spam checking is not functioning?

ps.
i made another test, send a plain-text message of the gtube,

same result, no spam-checking flag in the header.

sad

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: spam checking is not functioning?

Please try the last article in FAQ page:
http://iredmail.org/faq.html

http://www.iredmail.org/forum/post845.html#p845

4 Reply by miles_hc

  • miles_hc
  • Member
  • Offline
  • Registered: 2011-07-04
  • Posts: 21

Re: spam checking is not functioning?

ZhangHuangbin wrote:

Please try the last article in FAQ page:
http://iredmail.org/faq.html

http://www.iredmail.org/forum/post845.html#p845

Thanks for the advice, Chang.

i have tried already to set the

$sa_tag_level_deflt = -1000;
or
$sa_tag_level_deflt = undef;

still no spam information in the header.
and, my question is: no matter the sa_tag_level_deflt is, the GTUBE test mail should be classified as SPAM in my testings.

Anyone got a hint or similar testing done?

Thanks.

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: spam checking is not functioning?

Do you list the mail domain in "@local_domains_maps = ();"?

6 Reply by miles_hc

  • miles_hc
  • Member
  • Offline
  • Registered: 2011-07-04
  • Posts: 21

Re: spam checking is not functioning?

ZhangHuangbin wrote:

Do you list the mail domain in "@local_domains_maps = ();"?

@local_domains_maps = ( [".$mydomain"] );  # list of all local domains
and
$mydomain="mydomainname.com"

anyhow, what i have done next is:
yum remove amavisd-new,
yum install it again,
vi the conf to get final_spam_destination to d_pass
restart service of amavisd
test again
...
no luck. same as before, all spam testing mails goes to inbox,
no spam checking in mail header.

And,
cat /var/maillog | grep spamd returns nothing.
it seems spamassasin was never called for checking mails.

anyone got a hint on that?

Thanks.

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: spam checking is not functioning?

miles_hc wrote:

yum remove amavisd-new,
yum install it again,

Does it mean your amavisd.conf is not created by iRedMail?

8 Reply by miles_hc

  • miles_hc
  • Member
  • Offline
  • Registered: 2011-07-04
  • Posts: 21

Re: spam checking is not functioning?

ZhangHuangbin wrote:
miles_hc wrote:

yum remove amavisd-new,
yum install it again,

Does it mean your amavisd.conf is not created by iRedMail?

thanks, Zhang.

Before i made any modification, i made all possible testing and checking, made the sa_tag_level_deflt to -1000, to undef,
however, still cannot solve the problem, and the spam-flag was not added into the mail header.

so, i yum remove the amavisd and renamed the conf.rpmsave, and then install amavisd-new again, from the iredmail repo.
test again, sad.... getting me crazy...

i just want to know if all people using iredmail can see the spam-flag in mail header? all have done the gtube testing?

i am thinking two ways to try...
1) start from scratch again, setup again all.
2) test the workaround steps. (that method once works for me)

anyone, any hints, please...

thx

9 Reply by miles_hc

  • miles_hc
  • Member
  • Offline
  • Registered: 2011-07-04
  • Posts: 21

Re: spam checking is not functioning?

miles_hc wrote:
ZhangHuangbin wrote:
miles_hc wrote:

yum remove amavisd-new,
yum install it again,

Does it mean your amavisd.conf is not created by iRedMail?

thanks, Zhang.

Before i made any modification, i made all possible testing and checking, made the sa_tag_level_deflt to -1000, to undef,
however, still cannot solve the problem, and the spam-flag was not added into the mail header.

so, i yum remove the amavisd and renamed the conf.rpmsave, and then install amavisd-new again, from the iredmail repo.
test again, sad.... getting me crazy...

i just want to know if all people using iredmail can see the spam-flag in mail header? all have done the gtube testing?

i am thinking two ways to try...
1) start from scratch again, setup again all.
2) test the workaround steps. (that method once works for me)

anyone, any hints, please...

thx


Hi everybody, again sad

still not working...

what i have done...
1) start from brand new.
2) installed iredmail-0.7.2
3) installed iredadmin-pro-mysql
4) send an testing gtube msg to one testing account, just created in iredadmin-pro
5) get the msg from outlook, and check mail header.... >>>>>X-Virus-Scanned: amavisd-new at maiXXX
6) NO Header for X-Spam.....
Why.....!!!!!

Q: anyone tested with Gtube test code? Spam checking header here?

i have tested on the amavisd debug mode, it is working.
any hints of user-permission error, since "amavisd debug" was run with root.

Please help.

Thanks a LOT.....

Miles

10 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: spam checking is not functioning?

I just decrease 'sa_tag_level_deflt' to -100 in amavisd.conf, then send a normal mail (not gtube), it works as expected:

$sa_tag_level_deflt  = 2.0;

11 Reply by miles_hc

  • miles_hc
  • Member
  • Offline
  • Registered: 2011-07-04
  • Posts: 21

Re: spam checking is not functioning?

ZhangHuangbin wrote:

I just decrease 'sa_tag_level_deflt' to -100 in amavisd.conf, then send a normal mail (not gtube), it works as expected:

$sa_tag_level_deflt  = 2.0;

==== Provide basic information to help troubleshoot ====
- iRedMail version:
- Linux/BSD distribution name and version:
- Any related log? Log is helpful for troubleshooting.
====

Just in case if someone get the same question,
please refer to post by cmjnissen
http://www.iredmail.org/forum/topic2354 … tatus.html