免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 3703 | 回复: 4
打印 上一主题 下一主题

[Mail] 请大家帮忙看看amavisd + clamav + spamassassin问题 [复制链接]

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2013-08-01 16:43 |只看该作者 |倒序浏览
配置amavisd + clamav + spamassassin后
1.测试发送病毒邮件,病毒邮件被删除掉,查看邮件头也有 "X-Virus-Scanned: amavisd-new at test.com"字样, 说明amavisd和clamav的部分是配置成功的.
2.测试发送垃圾邮件,垃圾邮件被正常的接收到,查看邮件头,并没有被标记为垃圾邮件的字样。使用"spamassassin -t < /tmp/spam.txt" 命令来发送垃圾邮件对spamassassin进行测试,测试结果如下:
=====================================================================================
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
        mylinux2.test.com
X-Spam-Flag: YES
X-Spam-Level: *******
X-Spam-Status: Yes, score=8.0 required=6.3 tests=EMPTY_MESSAGE,MISSING_DATE,
        MISSING_FROM,MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,
        NO_RECEIVED,NO_RELAYS autolearn=unavailable version=3.3.2

sex girl adult
Subject: *****SPAM*****
X-Spam-Prev-Subject: (nonexistent)
Spam detection software, running on the system "mylinux2.test.com", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
root for details.
=====================================================================================
结果表明spamassassin工作正常,折旧奇怪了, 感觉问题应该出在amavisd调用spamassassin上,请大家白忙看下

amavisd的sa配置部分如下
=====================================================================================
$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.3;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on hi spam
$bounce_killer_score = 100;  # spam score points to add for joe-jobbed bounces

$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?


=====================================================================================



论坛徽章:
0
2 [报告]
发表于 2013-08-01 17:03 |只看该作者
感觉像是amavisd没有调用spamassassin进行工作
垃圾邮件邮件头:
=================================
Return-Path: <ada.wang@test.com>
Delivered-To: ada.wang@test.com
Received: from localhost (localhost [127.0.0.1])
        by mail.test.com (Postfix) with ESMTP id CC49C32021A;
        Thu,  1 Aug 2013 16:54:05 +0800 (CST)
X-Virus-Scanned: amavisd-new at test.com
Received: from mail.test.com ([127.0.0.1])
        by localhost (mylinux2.test.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id K1AIxo55TzCn; Thu,  1 Aug 2013 16:54:05 +0800 (CST)
Received: from localhost.localdomain (localhost [127.0.0.1])
        by mail.test.com (Postfix) with ESMTP id 6C928320218;
        Thu,  1 Aug 2013 16:54:05 +0800 (CST)
From: "=?GB2312?B?YWRhLndhbmc=?=" <ada.wang@test.com>
To: "=?GB2312?B?amlsbC52YWxsZW50aQ==?=
    =?GB2312?B?bmU=?=" <jill.vallentine@test.com>,
    "=?GB2312?B?YWRhLndhbmc=?=" <ada.wang@test.com>
Subject: =?GB2312?B?tPq/qreixrE=?=
Date: Thu, 01 Aug 2013 16:54:05 +0800
Mime-version: 1.0
X-Originating-Ip: [192.168.61.2]
X-Mailer: ExtMail 1.1.1
Content-Type: text/html; charset="GB2312"
Content-Transfer-Encoding: base64
Message-Id: <20130801085405.6C928320218@mail.test.com>
=============================================
maillog日志
===============================================
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) starting banned checks - traversing message structure tree
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) check_for_banned (p001) text/html,.txt
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) doing banned check for ada.wang@test.com on text/html,.txt
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup_re(["text/html",".txt"]), no matches
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup [check_bann:ada.wang@test.com] => undef, ["text/html",".txt"] does not match
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) skip banned check for jill.vallentine@test.com, same tables as previous, result =>
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup [banned_namepath_re] => undef, "=p001\tL=1\tM=text/html\tT=txt" does not match
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) p.path ada.wang@test.com: "=p001,L=1,M=text/html,T=txt"
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) p.path jill.vallentine@test.com: "=p001,L=1,M=text/html,T=txt"
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) banned check: any=0, all=N (2)
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup_re("MAIL" matches key "(?-xism:^MAIL$)", result="1"
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup [keep_decoded_original] => true,  "MAIL" matches, result="1", matching_key="(?-xism:^MAIL$)"
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) Issued a new file name: p002
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) presenting full original message to scanners as /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts/p002
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) Calling virus scanners, 2 files to scan in /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) invoking av-scanner ClamAV-clamd
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) ask_daemon: proto=DFLT, spawn=0, (ClamAV-clamd) /var/run/clamav/clamd.sock
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) run_av (ClamAV-clamd): query template(1,1): CONTSCAN {}\n
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) get_deadline run_av_pre - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) prolong_timer run_av_pre: timer 336, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) get_deadline run_av_scan - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) prolong_timer run_av_scan: timer 336, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) run_av Using (ClamAV-clamd): (code) CONTSCAN /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts\n
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) get_deadline ask_daemon_internal_connect_pre - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) get_deadline ask_daemon_internal_connect - deadline in 480.0 s, set to 10.000 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) prolong_timer ask_daemon_internal_connect: timer 10, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) ClamAV-clamd: Connecting to socket  /var/run/clamav/clamd.sock
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) new socket by IO::Socket::UNIX to /var/run/clamav/clamd.sock, timeout 10
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) connected to /var/run/clamav/clamd.sock successfully
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) ClamAV-clamd: Sending CONTSCAN /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts\n to socket /var/run/clamav/clamd.sock
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop: needline=0, flush=1, wr=1, timeout=10
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop: sending 69 chars
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop sent 69> CONTSCAN /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts\n
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) get_deadline ask_daemon_internal_scan - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) prolong_timer ask_daemon_internal_scan: timer 336, was 10, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop: needline=0, flush=0, wr=0, timeout=335.997
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop: receiving
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop read 64 chars< /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts: OK\n
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop: needline=0, flush=0, wr=0, timeout=335.997
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop: receiving
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) rw_loop read: got eof
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) get_deadline ask_daemon_internal - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) prolong_timer ask_daemon_internal: timer 336, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) get_deadline run_av_3 - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) prolong_timer run_av_3: timer 336, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) run_av (ClamAV-clamd) result: /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts: OK\n
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) run_av (ClamAV-clamd): CLEAN
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) run_av (ClamAV-clamd) result: clean
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) wbl: checking sender <ada.wang@test.com>
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup [blacklist_recip<ada.wang@test.com>] => undef, "ada.wang@test.com" does not match
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup [blacklist_sender<ada.wang@test.com>,blacklist_sender] => undef, "ada.wang@test.com" does not match
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup [whitelist_recip<ada.wang@test.com>] => undef, "ada.wang@test.com" does not match
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup [whitelist_sender<ada.wang@test.com>,whitelist_sender] => undef, "ada.wang@test.com" does not match
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) query_keys: ada.wang@test.com, ada.wang@, test.com, .test.com, .com, .
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup_hash(ada.wang@test.com) matches keys: "."=>ARRAY(0xa66f760)
Aug  1 16:54:05 mylinux2 amavis[32631]: (32631-01) lookup [score_recip<ada.wang@test.com>,score_sender], 1 matches for "ada.wang@test.com", results: "."=>[Amaviskup::RE=ARRAY(0xa66f4a0),{amavis-user-admin@lists.sourceforge.net=>"-3",owner-postfix-announce@postfix.org=>"-3",ntbugtraq@listserv.ntbugtraq.com=>"-3",donotreply@sendmail.org=>"-3",slashdot@slashdot.org=>"-3",clp-request@comp.nus.edu.sg=>"-3",nobody@cert.org=>"-3",security-alerts@linuxsecurity.com=>"-3",cvs-commits-list-admin@gnome.org=>"-3",amavis-user-bounces@lists.sourceforge.net=>"-3",notification-return@lists.sophos.com=>"-3",mailman-announce-admin@python.org=>"-3",emailnews@genomeweb.com=>"-5",owner-textbreakingnews@cnnimail12.cnn.com=>"-5",ca+envelope@sendmail.org=>"-3",cert-advisory@us-cert.gov=>"-3",returns.groups.yahoo.com=>"-3",owner-postfix-users@postfix.org=>"-3",.example.net=>"1",securityfocus.com=>"-3",yahoo-dev-null@yahoo-inc.com=>"-3",owner-alert@iss.net=>"-3",sendmail-announce-request@lists.sendmail.org=>...
Aug  1 16:54:05 mylinux2 postfix/smtpd[2605]: initializing the server-side TLS engine
Aug  1 16:54:05 mylinux2 postfix/smtpd[2605]: connect from localhost[127.0.0.1]
Aug  1 16:54:05 mylinux2 postfix/smtpd[2605]: CC49C32021A: client=localhost[127.0.0.1]
Aug  1 16:54:05 mylinux2 postfix/cleanup[2599]: CC49C32021A: message-id=<20130801085405.6C928320218@mail.test.com>
Aug  1 16:54:05 mylinux2 postfix/qmgr[32725]: CC49C32021A: from=<ada.wang@test.com>, size=1350, nrcpt=2 (queue active)
Aug  1 16:54:05 mylinux2 authdaemond: received userid lookup request: ada.wang@test.com
Aug  1 16:54:05 mylinux2 authdaemond: authmysql: trying this module
Aug  1 16:54:05 mylinux2 authdaemond: authmysqllib: connected. Versions: header 50169, client 50169, server 50169
Aug  1 16:54:05 mylinux2 authdaemond: SQL query: SELECT username,password,"",uidnumber,gidnumber, CONCAT("/var/mail/",homedir),CONCAT("/var/mail/",maildir),quota,name FROM mailbox WHERE username = "ada.wang@test.com";
Aug  1 16:54:05 mylinux2 authdaemond: Authenticated: sysusername=<null>, sysuserid=1001, sysgroupid=1001, homedir=/var/mail/test.com/ada.wang, address=ada.wang@test.com, fullname=ada, maildir=/var/mail/test.com/ada.wang/Maildir/, quota=524288000S, options=<null>
Aug  1 16:54:05 mylinux2 authdaemond: Authenticated: clearpasswd=<null>, passwd=$1$FieEJMB6$pEPPabJS/ILnniz6RZK140
Aug  1 16:54:05 mylinux2 authdaemond: received userid lookup request: jill.vallentine@test.com
Aug  1 16:54:05 mylinux2 authdaemond: authmysql: trying this module
Aug  1 16:54:05 mylinux2 authdaemond: authmysqllib: connected. Versions: header 50169, client 50169, server 50169
Aug  1 16:54:05 mylinux2 authdaemond: SQL query: SELECT username,password,"",uidnumber,gidnumber, CONCAT("/var/mail/",homedir),CONCAT("/var/mail/",maildir),quota,name FROM mailbox WHERE username = "jill.vallentine@test.com";
Aug  1 16:54:05 mylinux2 authdaemond: Authenticated: sysusername=<null>, sysuserid=1001, sysgroupid=1001, homedir=/var/mail/test.com/jill.vallentine, address=jill.vallentine@test.com, fullname=jill, maildir=/var/mail/test.com/jill.vallentine/Maildir/, quota=524288000S, options=<null>
Aug  1 16:54:05 mylinux2 authdaemond: Authenticated: clearpasswd=<null>, passwd=$1$910AYiix$C/MQG1PU/mJsrFaI3MQ4P/
Aug  1 16:54:05 mylinux2 postfix/smtp[2601]: 6C928320218: to=<ada.wang@test.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.5, delays=0.11/0.01/0.02/0.36, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as CC49C32021A)
Aug  1 16:54:05 mylinux2 postfix/smtp[2601]: 6C928320218: to=<jill.vallentine@test.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.5, delays=0.11/0.01/0.02/0.36, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as CC49C32021A)
Aug  1 16:54:05 mylinux2 postfix/qmgr[32725]: 6C928320218: removed
Aug  1 16:54:06 mylinux2 postfix/pipe[2606]: CC49C32021A: to=<ada.wang@test.com>, relay=maildrop, delay=0.22, delays=0.07/0.01/0/0.14, dsn=2.0.0, status=sent (delivered via maildrop service)
Aug  1 16:54:06 mylinux2 postfix/pipe[2607]: CC49C32021A: to=<jill.vallentine@test.com>, relay=maildrop, delay=0.24, delays=0.07/0.02/0/0.14, dsn=2.0.0, status=sent (delivered via maildrop service)
Aug  1 16:54:06 mylinux2 postfix/qmgr[32725]: CC49C32021A: removed
Aug  1 16:59:05 mylinux2 postfix/smtpd[2605]: timeout after END-OF-MESSAGE from localhost[127.0.0.1]
Aug  1 16:59:05 mylinux2 postfix/smtpd[2605]: disconnect from localhost[127.0.0.1]
[root@mylinux2 etc]#

论坛徽章:
0
3 [报告]
发表于 2013-08-01 18:25 |只看该作者
问题更新,

邮件头中没有X-Spam-Flag X-Spam-Score X-Spam-Level X-Spam-Status ,把$sa_tag_level_deflt  = 2.0改为-999,所有邮件的邮件头就都有垃圾邮件的标记了, 但是之后我发现我发送的垃圾邮见的分数全部小于1分(0.97 , 094, 1.01)等, 很奇怪.难道是local.cf中分数设置有误(required_socre = 5.0),还是我的测试垃圾邮件为达标.我发送的测试垃圾邮件中已经包含"fa piao  dai kai fa piao sex adult "等字眼. 为什么分数这么地呢??? 已经使用了Chinese_rule.cf

论坛徽章:
0
4 [报告]
发表于 2013-08-01 18:26 |只看该作者
上边垃圾邮件关键字本论坛不让输入,所以用拼音, 还有英文的.

论坛徽章:
0
5 [报告]
发表于 2013-08-03 18:57 |只看该作者
问题更新
1.
Chinese_rules.cf刚开始是乱码的,但是我把这个文件放到windows下用记事本另存为UTF-8了,在放回到liux中就乱码了.(问下,源码安装的spamassassin, Chinese_rules.cf是应该放到/usr/local/share/spamassassin下还是应该放到/etc/mail/spamassassin下呢?)
2.
另外我设置local.cf标记超过5.0就算垃圾邮件的,用命令
spamassassin --test-mode < /tmp/testspam.txt ,显示结果如下, 该邮件被判定为垃圾邮件了,分值为8.3分了
============================================================
[root@mylinux2 tmp]# spamassassin --test-mode < /tmp/testspam.txt
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
        mylinux2.summerx-zone.com
X-Spam-Flag: YES
X-Spam-Level: ********
X-Spam-Status: Yes, score=8.2 required=5.0 tests=CN_BODY_124,CN_BODY_197,
        CN_BODY_3,MISSING_DATE,MISSING_FROM,MISSING_HEADERS,MISSING_MID,
        MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS autolearn=spam
        version=3.3.2
X-Spam-Report: =?ISO-8859-1?Q?
        * -0.0 NO_RELAYS Informational: message was not relayed via SMTP
        *  1.0 MISSING_HEADERS Missing To: header
        *  0.3 CN_BODY_197 BODY: Body contains "=e6=9c=ac=e5=85=ac=e5=8f=b8"
        *  0.1 CN_BODY_3 BODY: Body contains "=e5=8f=91=e7=a5=a8"
        *  2.1 CN_BODY_124 BODY: Body contains "=e6=8a=b5=e6=89=a3"
        *  0.5 MISSING_MID Missing Message-Id: header
        *  1.8 MISSING_SUBJECT Missing Subject: header
        *  1.0 MISSING_FROM Missing From: header
        * -0.0 NO_RECEIVED Informational: message has no Received headers
        *  1.4 MISSING_DATE Missing Date: header
        *  0.0 NO_HEADERS_MESSAGE Message appears to be missing most RFC-822
        *      headers?=
香港H公司竭诚问您和您的公司服务
Subject: *****SPAM*****
X-Spam-Prev-Subject: (nonexistent)

本公司问你提供各种增值税发票,抵扣发票,并提供成人服务.请各位领导审阅
Spam detection software, running on the system "mylinux2.summerx-zone.com", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
root for details.

Content preview:  本公司问▒ 提供各种增值税发票,抵扣发票,并提供成人服务.请各位领                                                                             导审阅
   [...]

Content analysis details:   (8.2 points, 5.0 required)

pts rule name              description
---- ---------------------- --------------------------------------------------
-0.0 NO_RELAYS              Informational: message was not relayed via SMTP
1.0 MISSING_HEADERS        Missing To: header
0.3 CN_BODY_197            BODY: Body contains "本公司"
0.1 CN_BODY_3              BODY: Body contains "发票"
2.1 CN_BODY_124            BODY: Body contains "抵扣"
0.5 MISSING_MID            Missing Message-Id: header
1.8 MISSING_SUBJECT        Missing Subject: header
1.0 MISSING_FROM           Missing From: header
-0.0 NO_RECEIVED            Informational: message has no Received headers
1.4 MISSING_DATE           Missing Date: header
0.0 NO_HEADERS_MESSAGE     Message appears to be missing most RFC-822 headers
============================================================
看来spamassassin应该已经生效了,但是我利用extmail发送垃圾邮件(该邮件内容和上边的testspam.txt内容相同测试,查看邮件头,发现分值很低 1.049分,

Return-Path: <test3@summerx-zone.com>
Delivered-To: test3@summerx-zone.com
Received: from localhost (localhost [127.0.0.1])
        by mail.summerx-zone.com (Postfix) with ESMTP id 8C890320245;
        Sat,  3 Aug 2013 18:41:54 +0800 (CST)
X-Virus-Scanned: amavisd-new at summerx-zone.com
X-Spam-Flag: NO
X-Spam-Score: 1.049
X-Spam-Level: *
X-Spam-Status: No, score=1.049 tagged_above=-999 required=5
        tests=[ALL_TRUSTED=-1, AWL=-0.032, FROM_EXCESS_BASE64=0.979,
        HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377,
        MIME_BASE64_BLANKS=0.001, MIME_HTML_ONLY=0.723] autolearn=no
Received: from mail.summerx-zone.com ([127.0.0.1])
        by localhost (mylinux2.summerx-zone.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id IYpXuWiO8yM3; Sat,  3 Aug 2013 18:41:42 +0800 (CST)
Received: from localhost.localdomain (localhost [127.0.0.1])
        by mail.summerx-zone.com (Postfix) with ESMTP id 99CB6320243;
        Sat,  3 Aug 2013 18:41:40 +0800 (CST)
From: "=?GB2312?B?dGVzdDM=?=" <test3@summerx-zone.com>
To: "=?GB2312?B?YWRhLndhbmc=?=" <ada.wang@summerx-zone.com>,
    "=?GB2312?B?dGVzdDM=?=" <test3@summerx-zone.com>
Subject: =?GB2312?B?tPq/qreixrE=?=
Date: Sat, 03 Aug 2013 18:41:40 +0800
Mime-version: 1.0
X-Originating-Ip: [192.168.61.242]
X-Mailer: ExtMail 1.1.1
Content-Type: text/html; charset="GB2312"
Content-Transfer-Encoding: base64
Message-Id: <20130803104140.99CB6320243@mail.summerx-zone.com>
============================================================
奇怪了, 难道是amavis调用spamassassin哪里除了问题, 但是amavisd.conf中没有太多的关于sa的设置啊, amavis的sa部分设定如下.
$sa_tag_level_deflt = -999;
$sa_tag2_level_deflt = 5.0;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 10;  # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 9;   # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on hi spam
$bounce_killer_score = 100;  # spam score points to add for joe-jobbed bounces
============================================================

3.想请问下,训练spamassassin时,能接收类型的文件(txt,msg,html都能接收吗?另外,请问,我用extmail建立了spam和ham帐户, 想让spamassassin定时去/var/mail/summerx-zone.com/spam/Maildir/cur下去取垃圾邮件,但是我直接用vi 打开该文件,发现里边内容是乱码无法直接看的,这样的文件spamassassin能够识别到吗?
/var/mail/summerx-zone.com/spam/Maildir/cur/1375526515.M579656P27418V000000000000FD03I0000000000320243_0.mylinux2.summerx-zone.com\,S\=1547\:2\,S文件内容如下
===========================================================
[root@mylinux2 cur]# cat 1375526515.M579656P27418V000000000000FD03I0000000000320243_0.mylinux2.summerx-zone.com\,S\=1547\:2\,S
Return-Path: <test3@summerx-zone.com>
Delivered-To: test3@summerx-zone.com
Received: from localhost (localhost [127.0.0.1])
        by mail.summerx-zone.com (Postfix) with ESMTP id 8C890320245;
        Sat,  3 Aug 2013 18:41:54 +0800 (CST)
X-Virus-Scanned: amavisd-new at summerx-zone.com
X-Spam-Flag: NO
X-Spam-Score: 1.049
X-Spam-Level: *
X-Spam-Status: No, score=1.049 tagged_above=-999 required=5
        tests=[ALL_TRUSTED=-1, AWL=-0.032, FROM_EXCESS_BASE64=0.979,
        HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377,
        MIME_BASE64_BLANKS=0.001, MIME_HTML_ONLY=0.723] autolearn=no
Received: from mail.summerx-zone.com ([127.0.0.1])
        by localhost (mylinux2.summerx-zone.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id IYpXuWiO8yM3; Sat,  3 Aug 2013 18:41:42 +0800 (CST)
Received: from localhost.localdomain (localhost [127.0.0.1])
        by mail.summerx-zone.com (Postfix) with ESMTP id 99CB6320243;
        Sat,  3 Aug 2013 18:41:40 +0800 (CST)
From: "=?GB2312?B?dGVzdDM=?=" <test3@summerx-zone.com>
To: "=?GB2312?B?YWRhLndhbmc=?=" <ada.wang@summerx-zone.com>,
    "=?GB2312?B?dGVzdDM=?=" <test3@summerx-zone.com>
Subject: =?GB2312?B?tPq/qreixrE=?=
Date: Sat, 03 Aug 2013 18:41:40 +0800
Mime-version: 1.0
X-Originating-Ip: [192.168.61.242]
X-Mailer: ExtMail 1.1.1
Content-Type: text/html; charset="GB2312"
Content-Transfer-Encoding: base64
Message-Id: <20130803104140.99CB6320243@mail.summerx-zone.com>

PFA+z+O420i5q8u+vd+zz87KxPq6zcT6tcS5q8u+t/7O8TwvUD4NCjxQPrG+uavLvs7KxOPM4bmp
uPfW1tT21rXLsLeixrEstda/27eixrEssqLM4bmps8nIy7f+zvEux+u49867wey1vMnz1MQ8QlI+
PC9QPg==
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP