spamassissin filter very broken

[Jeff Portwine]

Hello...  I am a complete newbie with Spamassassin, so I hope you will all bear with me.   The job of fixing our spam filter has fallen on me, as the person who used to handle everything relating to our mail server recently left my company.   We're running spamassassin 3.0.2 with perl 5.8.4, and exim 3.35 on Debian.   In the last 3 weeks or so , we have started receiving a ton of spam, especially a lot of pharmeceutical adds and some other random nonsense.   However, Spamassassin isn't completely broken.. it is actually catching some spam but it's letting a lot go.   When I look at the headers in the spam, I see SA is assigning rediculously low scores to the ones that are getting through but normal scores to the ones it's stopping.    Some of the spam that is getting through is actually receving negative scores, which as I understand it shouldn't even be possible unless the spam is whitelisted somehow.      Here are the SA related headers for a couple of spams that are getting through: X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at veritime.com X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on mail2 X-Spam-Level: * X-Spam-Status: No, score=1.8 required=4.9 tests=BAYES_50,HTML_80_90,  HTML_MESSAGE,PORN_URL_SEX,RAZOR2_CF_RANGE_51_100,RAZOR2_CHECK,  UPPERCASE_25_50 autolearn=no version=3.0.2 X-Spam-Veritime: Valid   X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at veritime.com X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on mail2 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=4.9 tests=BAYES_00 autolearn=ham  version=3.0.2 X-Spam-Veritime: Valid   As opposed to this one which is a spam message that SA caught: X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 3.0.2 (2004-11-16) on mail2 X-Spam-Level: ************* X-Spam-Status: Yes, score=13.2 required=4.9 tests=BAYES_99,DIGEST_MULTIPLE,         DRUGS_ERECTILE,DRUG_DOSAGE,DRUG_ED_CAPS,HELO_DYNAMIC_IPADDR,         HTML_FONT_BIG,HTML_FONT_SIZE_LARGE,HTML_MESSAGE,HTML_SHOUTING5,         INVALID_DATE,PYZOR_CHECK,RAZOR2_CF_RANGE_51_100,RAZOR2_CHECK,         UPPERCASE_25_50 autolearn=spam version=3.0.2 X-Spam-Veritime: Valid X-Spam-Veritime-Spam: True     The first thing I did when I was looking at this was to run spamassassin -lint to see if it was parsing the configuration file properly and it gave me:   config: SpamAssassin failed to parse line, skipping: use_terse_report        0 config: SpamAssassin failed to parse line, skipping: auto_learn              1 lint: 2 issues detected.  please rerun with debug enabled for more information. When I looked these up, I found that they were deprecated options from version 2.6x.   At some point SA must have been updated with a apt-get update or something and the configuration file was not updated along with it.    I'm not sure if this is the cause of the problem though, since it appears that SA was updated about a year ago and we've only been having problems with spam for the last few weeks.       At this point i'm considering just wiping out spamassassin  and reinstalling it fresh and having it relearn all of the spam that we have been saving for a while but it seems there must be a better solution.   Does anybody have any ideas on what could be wrong and how I can fix this?  I'm being barraged by spam complaints from our users and spamassassin isn't trivial to jump right into without knowing something more about how it works.   I've been googling and looking through docs and not coming up with the answer.   Any help is very much appreciated.   Thanks, Jeff [EMAIL PROTECTED]