1 Topic by himanshu.aggarwal

  • himanshu.aggarwal
  • Member
  • Offline
  • Registered: 2019-11-05
  • Posts: 10

Topic: spam assasin and amavis not functionioning

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx):Apache
- Manage mail accounts with iRedAdmin-Pro? NO
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Can you help us with how our email server can detect spam mail we have seen some previous thread with same issues such as https://forum.iredmail.org/topic12681-i … assin.html
all the setting are commented out

we have send mail with inappropriate subject , with #$% as subject even extension file such as .exe, .COM  even .dll files
all are receiving using webmail( we are using horde for the web support)

please help us in this issue

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,090

Re: spam assasin and amavis not functionioning

Please check file /etc/amavis/conf.d/50-user, parameter "$banned_namepath_re", are "exe", "com", "dll" blocked?

3 Reply by himanshu.aggarwal

  • himanshu.aggarwal
  • Member
  • Offline
  • Registered: 2019-11-05
  • Posts: 10

Re: spam assasin and amavis not functionioning

i checked the setting it is enabled but still we are able to send the files

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,090

Re: spam assasin and amavis not functionioning

Please turn on debug mode in Amavisd and show us the related log for troubleshooting. FYI:
https://docs.iredmail.org/debug.amavisd.html

5 Reply by himanshu.aggarwal (edited by himanshu.aggarwal 2019-12-24 16:31:56)

  • himanshu.aggarwal
  • Member
  • Offline
  • Registered: 2019-11-05
  • Posts: 10

Re: spam assasin and amavis not functionioning

Hi ZhangHuangbin,

As discussed i have enable the log from (vim /etc/amavis/conf.d/50-user-$log_level = 5;             # Amavisd log level.) and captured the log from both email server,
so please check the attached log .
i have sent mail to shivamdwivedi076@gmail.com with COM ext.from powertel.in domain so please check the logs,

Post's attachments

Amavis log email2.txt 17.03 kb, 3 downloads since 2019-12-24 

You don't have the permssions to download the attachments of this post.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,090

Re: spam assasin and amavis not functionioning

I found log in last 2nd line:

Dec 24 13:55:09 DC-EMAIL-02 amavis[11764]: (11764-02) Passed BANNED (application/x-msdownload,.asc,virux.COM) {RelayedTaggedInbound}, [172.20.22.135]:36972 <xxx@powertel.in> -> <xxx@gmail.com>, Queue-ID: 47hq5x0MprzPkmm, Message-ID: <20191224135429.Horde.RQUK7spe1qqCb4MnTO_ew5e@mail.powertel.in>, mail_id: MtV3jyLuyTbK, Hits: -1, size: 1532, queued_as: 47hq5x22lCzPlTK, 228 ms, Tests: [ALL_TRUSTED=-1]

As you can see, Amavisd detects the ".com" file name and supposed to ban it, but your Amavisd is configured to bypass banned mail.

Please check the SQL record in "amavisd.policy" table, with column "policy_name=@." (there's a @ and a dot). it defines the global spam policy, you should update it to discard/reject emails which contain banned files.

banned_files_lover=N
bypass_banned_checks=N
banned_quarantine_to=banned-quarantine