Postfix - Amavisd-new - Spamassassin Einstellungsprobleme

**Unixdepp** · 22.05.05, 11:08

Bei mir läuft seit einigen Tagen Postfix - Amavisd-new - Spamassassin. Dabei erreichen kommen Spam-Mails durch, die eigentlich gescannt und als Spam erkannt wurden:

mail-log:

May 22 10:46:39 mydomain postfix/smtpd[1590]: connect from pcp03282869pcs.uprtnw01.nj.comcast.net[68.44.138.223]
May 22 10:46:39 mydomain postfix/smtpd[1590]: 466315EC08B: client=pcp03282869pcs.uprtnw01.nj.comcast.net[68.44.138.223]
May 22 10:46:39 mydomain postfix/cleanup[1599]: 466315EC08B: message-id=<blTDk1.squirrel@212.43.237.126>
May 22 10:46:39 mydomain postfix/qmgr[1533]: 466315EC08B: from=<info@yourwebdepot.com>, size=4386, nrcpt=1 (queue active)
May 22 10:46:40 mydomain postfix/smtpd[1590]: disconnect from pcp03282869pcs.uprtnw01.nj.comcast.net[68.44.138.223]
May 22 10:46:42 mydomain postfix/smtpd[1603]: connect from localhost[127.0.0.1]
May 22 10:46:42 mydomain postfix/smtpd[1603]: 7EBAF5EC31E: client=localhost[127.0.0.1]
May 22 10:46:42 mydomain postfix/cleanup[1599]: 7EBAF5EC31E: message-id=<blTDk1.squirrel@212.43.237.126>
May 22 10:46:42 mydomain postfix/smtpd[1603]: disconnect from localhost[127.0.0.1]
May 22 10:46:42 mydomain postfix/qmgr[1533]: 7EBAF5EC31E: from=<info@yourwebdepot.com>, size=4836, nrcpt=1 (queue active)
May 22 10:46:42 mydomain postfix/local[1604]: 7EBAF5EC31E: to=<name@servername.provider.de>, relay=local, delay=0, status=sent (delivered to maildir)
May 22 10:46:42 mydomain postfix/qmgr[1533]: 7EBAF5EC31E: removed
May 22 10:46:42 mydomain postfix/smtp[1600]: 466315EC08B: to=<name@servername.provider.de>, orig_to=<name@mydomain.de>, relay=127.0.0.1[127.0.0.1], delay=3, status=sent (250 2.6.0 Ok, id=00963-03, from MTA: 250 Ok: queued as 7EBAF5EC31E)
May 22 10:46:42 mydomain postfix/qmgr[1533]: 466315EC08B: removed

messages:

May 22 10:46:42 mydomain amavis[963]: (00963-03) Passed SPAM, [212.43.237.126] <info@yourwebdepot.com> -> <name@servername.provider.de>, quarantine: spam-b414e65fa69f2264fd001a49a59f29c8-20050522-104639-00963-03, Message-ID: <blTDk1.squirrel@212.43.237.126>, Hits: 17.164

Dennoch kommt diese Mail durch und hat keine Spam-Markierung(?!?) - der Header enthält nur die Info:

X-Virus-Scanned: by amavisd-new at mydomain

aber keinen Hinweis auf Spamassassin o.ä.(?)

Roger Wilco · 22.05.05, 13:30

Wie sieht deine Policy bzgl. Spam in der amavisd-new Konfiguration aus? D_PASS, D_BOUNCE, D_REJECT?

**Unixdepp** · 22.05.05, 13:57

Zitat von Roger Wilco

Wie sieht deine Policy bzgl. Spam in der amavisd-new Konfiguration aus? D_PASS, D_BOUNCE, D_REJECT?

$final_spam_destiny = D_PASS;

Ziel: Mail sollte durchkommen, aber markiert sein.

Roger Wilco · 22.05.05, 14:06

Und $sa_tag*_level stimmt auch?
Poste mal deine amavisd.conf ohne Kommentare.

PS: Dazu eignet sich der CODE-Tag. Du musst nicht händisch einen anderen Font auswählen.

**Unixdepp** · 23.05.05, 12:51

Inzwischen habe ich herausgefunden, daß SPAM erkannt und im Quarantäne-Verzeichnis (mit Spam-Info im Header) abgelegt wird, gleichzeitig aber ohne diese Info im Header ausgeliefert wird:

amavisd.conf

Code:

use strict;

#@bypass_virus_checks_maps = qw ( . );  # uncomment to DISABLE anti-virus code
#@bypass_spam_checks_maps  = qw ( . );  # uncomment to DISABLE anti-spam code


$max_servers = 2;            # number of pre-forked children (2..15 is common)
$daemon_user = 'vscan';
$daemon_group = 'vscan';

$mydomain = 'xyz.de';

$MYHOME = '/var/amavis';
$TEMPBASE = "$MYHOME/tmp";   # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE;    # environment variable TMPDIR
$QUARANTINEDIR = '/var/amavis/virusmails';

$db_home   = "$MYHOME/db";
$helpers_home = "$MYHOME/var";  # prefer $MYHOME clean and owned by root?
$pid_file  = "$MYHOME/var/amavisd.pid";
$lock_file = "$MYHOME/var/amavisd.lock";

@local_domains_maps = ( [".$mydomain"] );

$log_level = 0;              # verbosity 0..5
$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$DO_SYSLOG = 1;              # log via syslogd (preferred)
$SYSLOG_LEVEL = 'user.info';

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1

$inet_socket_port = 10024;   # listen on this local TCP port(s) (see $protocol)
$unix_socketname = "$MYHOME/amavisd.sock";  # when using sendmail milter

$sa_tag_level_deflt  = -10; # -9999.9;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 4.0;
$sa_kill_level_deflt = 10.0; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent

$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?
$sa_auto_whitelist = 1;      # turn on AWL in SA 2.63 or older (irrelevant
                             # for SA 3.0, cf option is 'use_auto_whitelist')

$virus_admin               = "virusalert\@$mydomain";  # notifications recip.

$mailfrom_notify_admin     = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_recip     = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "virusalert\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

@addr_extension_virus_maps      = ('virus');
@addr_extension_spam_maps       = ('spam');
@addr_extension_banned_maps     = ('banned');
@addr_extension_bad_header_maps = ('badh');

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file   = 'file';   # file(1) utility; use recent versions
$gzip   = 'gzip';
$bzip2  = 'bzip2';
$lzop   = 'lzop';
$rpm2cpio   = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze   = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc        = ['nomarch', 'arc'];
$unarj      = ['arj', 'unarj'];
$unrar      = ['rar', 'unrar'];
$zoo    = 'zoo';
$lha    = 'lha';
$cpio   = ['gcpio','cpio'];
$dspam  = 'dspam';

$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)

$sa_spam_subject_tag = '[SPAM] ';
$defang_virus  = 1;  # MIME-wrap passed infected mail
$defang_banned = 1;  # MIME-wrap passed mail containing banned name

# $final_virus_destiny      = D_DISCARD;
# $final_banned_destiny     = D_BOUNCE;
$final_spam_destiny = D_PASS;
# $final_bad_header_destiny = D_PASS;

[...]

Ich habe jetzt mal testweise die Zeile

$final_spam_destiny = D_PASS;

auskommentiert und jetzt kommt (bisher jedenfalls) kein Spam mehr durch (nur noch in Quarantäne). Ist das die Lösung(?!)