Hi guys,
Thanks for the answers!
I feel really stupid now for not having realised this; I was under the
impression that amavisd-new wouldn't need a restart, but sure enough
check the following lines from the amavis.log file after restarting
the daemon manually:
Feb 28 21:15:32 <servername> /usr/local/sbin/amavisd[52560]: INFO: SA
version: 3.2.4, 3.002004, no optional modules: Sys::Hostname::Long
Mail::SpamAssassin::Plugin::DKIM Razor2::Client::Agent
IP::Country::Fast Mail::DKIM Mail::DKIM::Verifier Image::Info
Image::Info::GIF Image::Info::JPEG Image::Info::PNG Image::Info::TIFF
Mail::SPF Mail::SPF::Server Mail::SPF::Request Mail::SPF::Mech
Mail::SPF::Mech::A Mail::SPF::Mech::PTR Mail::SPF::Mech::All
Mail::SPF::Mech::Exists Mail::SPF::Mech::IP4 Mail::SPF::Mech::IP6
Mail::SPF::Mech::Include Mail::SPF::Mech::MX Mail::SPF::Mod
Mail::SPF::Mod::Exp Mail::SPF::Mod::Redirect
Mail::SPF::SenderIPAddrMech Mail::SPF::v1::Record
Mail::SPF::v2::Record NetAddr::IP NetAddr::IP::Util
auto::NetAddr::IP::Util::inet_n2dx auto::NetAddr::IP::Util::ipv6_n2d
Mail::SPF::Query Crypt::OpenSSL::RSA
auto::Crypt::OpenSSL::RSA::new_public_key
auto::Crypt::OpenSSL::RSA::new_key_from_parameters
auto::Crypt::OpenSSL::RSA::get_key_parameters
auto::Crypt::OpenSSL::RSA::import_random_seed Digest::SHA Error
Feb 28 21:15:32 <servername> /usr/local/sbin/amavisd[52560]:
SpamControl: init_pre_chroot done
Indeed SA is loaded at amavisd-new restart time, and at least I am now
certain that indeed v3.2.4 is used!
Also, when looking a little bit further at some of the traces
regarding killed spam, one sees entries like:
Feb 28 21:27:01 <servername> /usr/local/sbin/amavisd[52749]:
(52749-16) SPAM, <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]
>, Yes, score=29.434 tag=2 tag2=3 kill=4.5 tests=[BAYES_99=3.5,
FORGED_MUA_OUTLOOK=3.116, FS_REPLICA=1.041, FS_REPLICAWATCH=2.502,
INVALID_MSGID=1.9, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905,
RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, REPLICA_WATCH=3.396,
SARE_SPEC_REPLICA_OBFU=1.812, SARE_SPEC_ROLEX=1.666,
SARE_SPEC_ROLEX_NOV5A=1.062, SARE_SPEC_ROLEX_REP=1.666,
STOX_REPLY_TYPE=0.001, URIBL_BLACK=1.955, URIBL_JP_SURBL=1.501,
URIBL_SC_SURBL=0.474], autolearn=spam, quarantine 7FeBwDzNY-LD (spam-
quarantine)
Feb 28 21:27:01 <servername> /usr/local/sbin/amavisd[52749]:
(52749-16) Blocked SPAM, [81.202.20.71] <[EMAIL PROTECTED]
> -> <[EMAIL PROTECTED]>, quarantine: spam-7FeBwDzNY-LD.gz,
Message-ID: <[EMAIL PROTECTED]>, mail_id:
7FeBwDzNY-LD, Hits: 29.434, size: 1188, Subject: "Christmas Replica
Watches", From:
"Rupert_Langley"_<[EMAIL PROTECTED]>, X-Mailer:
Microsoft_Outlook_Express_6.00.2800.1106, Tests:
[BAYES_99
=
3.5
,FORGED_MUA_OUTLOOK
=
3.116
,FS_REPLICA
=
1.041
,FS_REPLICAWATCH
=
2.502
,INVALID_MSGID
=
1.9
,RCVD_IN_BL_SPAMCOP_NET
=
1.96
,RCVD_IN_PBL
=
0.905
,RCVD_IN_SORBS_DUL
=
0.877
,RDNS_DYNAMIC
=
0.1
,REPLICA_WATCH
=
3.396
,SARE_SPEC_REPLICA_OBFU
=
1.812
,SARE_SPEC_ROLEX
=
1.666
,SARE_SPEC_ROLEX_NOV5A
=
1.062
,SARE_SPEC_ROLEX_REP
=
1.666
,STOX_REPLY_TYPE
=0.001,URIBL_BLACK=1.955,URIBL_JP_SURBL=1.501,URIBL_SC_SURBL=0.474],
autolearn=spam, 1492 ms
Clearly I now see SARE rules, which I don't think were present before,
so it looks like the SARE channel is being picked up just fine too now!
Same for the autolearn feature, which seems to get set properly too.
Thanks guys, I'm a happy camper again, and I hope (and trust) that
this should indeed aleviate the problem (I'll make the change to the
crontab now).
Cheers!
Olafo
