> sa-blacklist.cf > sa-blacklist.current.uri.cf >Get rid of these! They are evil and probably the root of your problem!
> (They are also long depreciated and very out of date, so wouldn't be doing >much even if they didn't kill your system.) I have removed those from /etc/mail/spamassassin. > occa_phishing.cf > occa_replica.cf >I have no knowledge of these. As far as I can tell these are rules files created by the previous system manager. I am not aware if they are functional or not. The occa_phishing.cf file was setup to stop phishing emails. Here is the content of that file: body OCCA_PHISH_COMFED_RULE /Commercial Federal/ score OCCA_PHISH_COMFED_RULE 0.2 describe OCCA_PHISH_COMFED_RULE This rule tries to eliminate phishing using comfed The occa_replica.cf file was set up to stop spam emails for replica rolex watches. Here is the content of that file: body OCCA_ROLEX_RULE /Rolex/ score OCCA_ROLEX_RULE 0.1 describe OCCA_ROLEX_RULE This rule tries to eliminate Rolex replica spam body OCCA_REPLICA_RULE /Replica/ score OCCA_REPLICA_RULE 0.1 describe OCCA_REPLICA_RULE replica watches meta OCCA_REPL_ROL_RULE (OCCA_ROLEX_RULE + OCCA_REPLICA_RULE > .1) score OCCA_REPL_ROL_RULE 2 > random.cf > random.current.cf >I'm not sure what the 'current' one is, but I strongly suspect one of these >is not necessary. They look identical. I removed the random.current.cf file. > antidrug.cf >You shoudn't be using this unless you are on 2.6x or earlier. Since 3.0 >antidrug has been part of the stock rules. We are running 3.0.4. I removed antidrug.cf > blacklist.cf > blacklist-uri.cf >I'm not sure what these are, but they may be early versions of sa->blacklist, >and probably a bad thing to have. Removed. > 70_sare_whitelist_pre30.cf > 72_sare_bml_post23x.cf > 99_sare_fraud_post25x.cf >And which version of SA are you running? This tells me you are on 2.6x, >since you have to be after 2.5x and before 3.0. Is that really true? If >so, upgrade to a current version of SA and drop the whitelist_pre30 and >replace it with whitelist, and possibly pick other versions of the other >two >files. The information on the Spamassassin version shows that we are running version 3.0.4. I suspect there were several rules sets that were from previous versions of SA. I am not sure how long the previous administrator was using SA. I received no information concerning SA when I came on board so I am trying to understand how and why all of our systems are set up the way they are. This information about what should or should not be used is very helpful. I also have another question concerning the spamassassin control. I understand that I should be able to restart spamassassin by using: /etc/init.d/spamassassin restart However, there are no files in /etc/init.d/ for spamassassin so I get an error message stating: Bash: etc/init.d/spamassassin: no such file or directory. The only way I have been able to restart spamassassin is to restart the server. If spamassassin is not in /etc/init.d where would it be and how can I find it? Thank you, Steve Ingraham
