Hi Michael, Thanks for the answer. Here are some comments.
Michael Scheidell wrote: > > One of the issues might be FreeBsd jail. > (and as earlier poster stated, amavisd-new doesn't call spamd) > We are talking about amavisd-new, NOT amavisd, right? Of course ;-). amavisd (not -new) port refuses to compile anyways. pkg_info says: amavisd-new-2.4.2_2,1 Performance-enhanced daemonized version of amavis-perl Michael Scheidell wrote: > I am the official ports maintainer of SpamAssassin, and would be > interested in making sure it and amaivsd-new worked in a freebsd jail. At the moment, I am mostly sure spamd is called since master.cf spamd filter is named 'spamassassin' and spamd logs some actions with spamd name, while a single line is logged to refer to spamassassin filter call. I do confirm amavisd works perfectly in jail, with appropriately used IP options to bound to jail-ip. It costs a pf rule to bar access from "any but jail" to ports 10023-10025 (I also have postgrey, ...). Michael Scheidell wrote: > Some of the 'jail' issues include NOT lo0 (localhost) ip address. > (yes, you can ping localhost / 127.0.0.1, BUT, I suspect the ACL's in the > amavisd.conf* files are looking for a Reverse ip == to 127.0.0.1 Yes, but spamd is not bound to localhost since I suspected some weird issues as bound to jail @IP and program listing to localhost:783 port. So I forced the -A jail-ip, -i jail-ip -p 783 args on spamd. /etc/rc.conf says: spamd_enable="YES" spamd_flags="-A jail_ip -i jail_ip -p 783 -x -u spamd -C /etc/mail/spamd/spamd.cf" Michael Scheidell wrote: > Things to try (assumes standard postfix/amavisd/spamassassin setup) > > Set $log_level = 9; in amavisd.conf, restart amavisd (you do have > amavisd_enable = "yes" in rc.conf, right? > > Telnet localhost 25 > Telnet localhost 10024 > Telnet localhost 100025 > > See what happens. You SHOULD get banners. > (I just get: > (!)DENIED ACCESS from IP 192.168.1.20, policy bank '' > > Where 192.168.1.20 is the 'jail' ip address. > > Ifconfig (note, NO ip address on lo0?) > > bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > options=b<RXCSUM,TXCSUM,VLAN_MTU> > inet 192.168.1.200 netmask 0xffffffff broadcast 10.70.1.20 > ether 00:0a:22:1f:18:64 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > bge1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500 > options=b<RXCSUM,TXCSUM,VLAN_MTU> > ether 00:0a:22:1f:18:65 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 > Take care, amavisd works perfectly. I added spamassassin (to postfix and not amavisd by the way, realizing that). But amavisd is already bound with ClamAV and EICAR virus test is properly detected & rejected. Also, I tested spamd out of anything: cat sample-spam.txt | spamc -d jail-ip -p port I received exactly a copy (not even a SMTP header added for spamassassin check) as stdout. To me the issue is really on spamassassin itself, without any issue related to postfix or amavisd. Brgrds -- View this message in context: http://www.nabble.com/Issue-with-SpamAssassin-%28spamc-only%29-over-a-FreeBSD-Jail-tp14517297p14529741.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
