MailScanner & SpamAssassin

Mon Feb 17 22:11:34 GMT 2003

At 22:04 17/02/2003, you wrote:
>I think I understand it now.  Tell me if this is correct:
>MailScanner will never put the SpamAssassin report in the body of a
>message, whether it's spam or not.  MailScanner will always put the report
>in the header if it is spam, and you have the option to put the report in
>the header even if it isn't spam (all messages).

Correct.

>However, I may be confused on the terminology.  The only thing I see in the
>header is something like this:
>
>X-MailScanner-SpamCheck: spam, SpamAssassin (score=12.3, required 9,
>  CALL_FREE, DRASTIC_REDUCED, FROM_AND_TO_SAME_5, HOME_EMPLOYMENT,
>  LINES_OF_YELLING, MAILTO_LINK, ONCE_IN_LIFETIME, OUTLOOK_FW_MSG,
>  RAZOR2_CHECK, REMOVE_SUBJ, SPAM_PHRASE_13_21, USER_AGENT_OE)

which is the standard MailScanner version of the SpamAssassin header. It is
the list of rules that "hit" as given by SpamAssassin.

>But, I thought that the SpamAssassin report was supposed to look something
>like this (I left out some of it to conserve space):
>
>SPAM: -------------------- Start SpamAssassin results ----------------------
>SPAM: This mail is probably spam.  The original message has been altered
>SPAM: so you can recognise or block similar unwanted mail in future.
>SPAM: See http://spamassassin.org/tag/ for more details.
>SPAM:
>SPAM: Content analysis details:   (18.80 hits, 5 required)
>SPAM: INVALID_DATE       (1.5 points)  Invalid Date: header (not RFC 2822)
>SPAM: UNDISC_RECIPS      (1.5 points)  Valid-looking To "undisclosed-
>recipients"
>SPAM: NO_REAL_NAME       (1.3 points)  From: does not include a real name
>SPAM: SMTPD_IN_RCVD      (1.2 points)  Received via SMTPD32 server (SMTPD32-
>n.n)
>SPAM: MSGID_HAS_NO_AT    (0.3 points)  Message-Id has no @ sign
>SPAM: FROM_HAS_MIXED_NUMS (0.3 points)  From: contains numbers mixed in
>with letters
>(etc, etc, etc)
>SPAM: -------------------- End of SpamAssassin results ---------------------

That is the really noisy verbose report that is useful for testing but not
much else. MailScanner never produces this. After all, do your users really
want this at the top of every message they receive? I doubt it.

>I can see this in the output file if I issue the command:
>spamassassin -t < sample-spam.txt > spam.out

Agreed.

>And, the file /usr/share/spamassassin/10_misc.cf contains something like
>this.  So, when MailScanner says it's gonna put this in the body or header,
>why do I never see this?

Because it uses the "brief and to the point" version of the report, rather
than the (overly) verbose version.

>   Have I misconfigured something, or am I just
>confused with the terminology used by SpamAssassin and MailScanner (report
>means one thing to SpamAssasin, but means something different to
>MailScanner).

SpamAssassin can be configured to produce pretty much the same report as
MailScanner produces. The "spamassassin -t" output is only intended for
testing.
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support