I use RH9, spamass-milter, SA 2.60, sendmail and fetchmail as a front end server for my Win2000/Exchange network. The principal reason for placing a linux box at the edge of the network was to filter all incoming mail with Spamassassin. It works very well (though I do still have some issues with sa-learn, but they're very minor).
With a single exeption, all mail is relayed to the Exchange box. One particular domain gets delivered to my user account on the linux box (magically, without use of any procmail recipes). I can retrieve mail from this account from any machine (internal or external) by pop or imap. I can even authenticate to it and send mail, though it then relays it to the Exchange box which promptly drops it if it appears to be relaying to an external domain. So far, so good.
On the strength of this I have reccommended an RH9 smtp/pop/imap/web server solution for a client (small business, five users, low smtp or http traffic).
It's connected to my windows network at the moment and almost fully set up. However, I cannot get the awl or bayes autolearn to work. All test mail is being filtered by SA - and tagged as spam where appropriate but no matter the score the headers always say autolearn-no and sa-learn --dump all shows zeroes everywhere. Also syslog only shows spamd starting and stopping.
I'll outline the steps I've taken and paste some outputs at the end of this message.
First, install RH9 with SA 2.44
Then (with extreme difficulty!) get up2date to work and update all installed packages.
Get sendmail working - all mail goes to correct mail boxes
Create .procmailrc file in my home folder to test:
:0fw
| spamassassin :0e
{
EXITCODE=$?
} :0:
* ^X-Spam-Status: Yes
SPAM
which shows SA inspecting all messages and moving spam to 'SPAM' in my home folder.
(Also tried .forward file - "|IFS=' ' && exec /usr/bin/procmail -f- || exit 75 #user" - then renamed it; couldn't work out its significance and everything works with or without it)
Then updated to SA 2.60, perl-SA 2.60 and SA 2.60 tools using RPMs
All still appears to work but after playing with local.cf and sending more test messages I start to notice all have autolearn=no, even if I set 'auto_learn_threshold_spam' well below the message scores.
'spamassassin --lint' is fine but 'spamassassin --lint -D' shows something like DB module not present.
Go to CPAN and install DB_File - now a slightly different message (no dbs present) so I run sa-learn --rebuild and bayes_toks and bayes_seen are created (not auto-whitelist). Now --lint -D shows "found bayes db version 2"
Also, as root (because spamd is running as root, by default) run sa-learn --rebuild. Same result.
Still autolearn=no, and ~/.spamassassin/bayes_* = 0kB and no messages in syslog
Then, in frustration, reinstall SA from CPAN this time. Lots of spamd events in syslog during the test part of the install but none after that for any of my own test messages. eg
Oct 16 20:05:53 miglia01 spamd[6271]: Still running as root: user not specified
with -u, not found, or set to root. Fall back to nobody.Oct 16 20:05:53
miglia01 spamd[6271]: processing message
<[EMAIL PROTECTED]> for root:99.Oct 16 20:05:53
miglia01 spamd[6271]: identified spam (37.3/5.0) for root:99 in 1.0 seconds,
8464 bytes. I've tried global bayes and awl options in local.cf and then
commentedthem out when they didn't work (see below).
spamd is started from init.d with SPAMDOPTIONS="-d -c -a -m5-H",
obviously as root.
It's not that SA isn't working - it is and does tag mails properly - just that it isn't adding anything to the bayes database nor is it using awl.
My head's spinning (I'm still a bit of a newbie to linux) and I guess I've overlooked something so simple!
I've looked at the archives and note that others are in a similar position but I can't find a solution. Any suggestions?
Thanks
John
Outputs:
local.cf
# Version #
version_tag jdk.1.0.1
# Basic Settings #
required_hits 8 <---this has been much lower for testing rewrite_subject 1 subject_tag *****SPAM***** fold_headers 1 always_add_headers 1 auto_learn_threshold_spam 12 <---this too report_safe 0 use_terse_report 1 use_bayes 1 auto_learn 1
# Relay Checks #
rbl_timeout 5 num_check_received 5 score RCVD_IN_SPAMCOP_NET 5 score RCVD_IN_SBL 3 score RCVD_IN_NJABL 2 score RCVD_IN_OSIRUSOFT_COM 2
# Globals # <------ following 5 entries vaiously used or commented
#auto_whitelist_path /root/.spamassassin #auto_whitelist_file_mode 0666 #bayes_path /root/.spamassassin #bayes_file_mode 0700 #bayes_use_hapaxes 1
# Whitelists #
whitelist_from [EMAIL PROTECTED]
# Network Checking # skip_rbl_checks 0 use_razor2 0 use_dcc 0 use_pyzor 0
# Accepted Languages #
ok_locales en it fr es de ru # ok_locales all
spamassassin --lint -D as user:
debug: Score set 0 chosen.
debug: running in taint mode? yes
debug: Running in taint mode, removing unsafe env vars, and resetting PATH
debug: PATH included '/usr/local/bin', keeping.
debug: PATH included '/bin', keeping.
debug: PATH included '/usr/bin', keeping.
debug: PATH included '/usr/X11R6/bin', keeping.
debug: PATH included '/home/jkelly/bin', which doesn't exist, dropping.
debug: Final PATH set to: /usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin
debug: ignore: using a test message to lint rules
debug: using "/usr/share/spamassassin" for default rules dir
debug: using "/etc/mail/spamassassin" for site rules dir
debug: using "/home/jkelly/.spamassassin" for user state dir
debug: using "/home/jkelly/.spamassassin/user_prefs" for user prefs file
debug: using "/home/jkelly/.spamassassin" for user state dir
debug: bayes: 8350 tie-ing to DB file R/O /home/jkelly/.spamassassin/bayes_toks
debug: bayes: 8350 tie-ing to DB file R/O /home/jkelly/.spamassassin/bayes_seen
debug: bayes: found bayes db version 2
debug: bayes: Not available for scanning, only 0 spam(s) in Bayes DB < 200
debug: bayes: 8350 untie-ing
debug: bayes: 8350 untie-ing db_toks
debug: bayes: 8350 untie-ing db_seen
debug: Score set 1 chosen.
debug: Initialising learner
debug: using "/home/jkelly/.spamassassin" for user state dir
debug: bayes: 8350 tie-ing to DB file R/O /home/jkelly/.spamassassin/bayes_toks
debug: bayes: 8350 tie-ing to DB file R/O /home/jkelly/.spamassassin/bayes_seen
debug: bayes: found bayes db version 2
debug: bayes: Not available for scanning, only 0 spam(s) in Bayes DB < 200
debug: bayes: 8350 untie-ing
debug: bayes: 8350 untie-ing db_toks
debug: bayes: 8350 untie-ing db_seen
debug: is Net::DNS::Resolver available? yes
debug: trying (3) google.com...
debug: looking up MX for 'google.com'
debug: MX for 'google.com' exists? 1
debug: MX lookup of google.com succeeded => Dns available (set dns_available to
hardcode)
debug: is DNS available? 1
debug: all '*From' addrs: [EMAIL PROTECTED]
debug: running header regexp tests; score so far=0
debug: running body-text per-line regexp tests; score so far=1.27
debug: running raw-body-text per-line regexp tests; score so far=1.27
debug: running uri tests; score so far=1.27
debug: uri tests: Done uriRE
debug: running full-text regexp tests; score so far=1.27
debug: DCCifd is not available: no r/w dccifd socket found.
debug: all '*To' addrs:
debug: RBL: success for 1 of 1 queries
debug: running meta tests; score so far=1.27
debug: is spam? score=1.27 required=8 tests=DATE_MISSING,NO_REAL_NAME
(spamassassin --lint -D as root exactly the same)
sa-learn --dump all (user or root similar)
0.000 0 2 0 non-token data: bayes db version
0.000 0 0 0 non-token data: nspam
0.000 0 0 0 non-token data: nham
0.000 0 0 0 non-token data: ntokens
0.000 0 0 0 non-token data: oldest atime
0.000 0 0 0 non-token data: newest atime
0.000 0 0 0 non-token data: last journal sync atime
0.000 0 0 0 non-token data: last expiry atime
0.000 0 0 0 non-token data: last expire atime delta
0.000 0 0 0 non-token data: last expire reduction
count
sample test spam message:
Return-Path: <[EMAIL PROTECTED]>
Received: from itsmeagain (bilbo.ring.home [192.168.200.40])
by localhost.localdomain (8.12.8/8.12.8) with SMTP id h9GGPrHM004845
for jkelly; Thu, 16 Oct 2003 18:33:02 +0100
Date: Thu, 16 Oct 2003 18:33:02 +0100
From: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
Subject: *****SPAM*****
X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 2.60-jdk.1.0.0 (1.212-2003-09-23-exp) on
miglia01
X-Spam-Level: **************************************************
X-Spam-Status: Yes, hits=1004.7 required=5.0 tests=GTUBE,MSGID_FROM_MTA_SHORT,
NO_DNS_FOR_FROM,NO_REAL_NAME autolearn=no version=2.60-jdk.1.0.0
X-Spam-Report:
* 0.3 NO_REAL_NAME From: does not include a real name
* 1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email
* 1.1 NO_DNS_FOR_FROM Domain in From header has no MX or A DNS records
* 3.3 MSGID_FROM_MTA_SHORT Message-Id was added by a relay
<gtube_string_removed_because_of_bouncing_posts>
eg
There was a SMTP communication problem with the recipient's email server. Please contact your system administrator. <smtp.thelockin.com #5.5.0 smtp;550 SPAM: This message scored 1002.2 points. Congratulations!>
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
