redhat 9 n00b problem
Gary Smithe
gsmithe at OFALLON90.NET
Sun Jun 1 03:28:06 IST 2003
-----Original Message-----
From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
Sent: Sat 5/31/2003 3:36 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Cc:
Subject: Re: redhat 9 n00b problem
At 21:15 31/05/2003, you wrote:
>Hi all,
> This is my first posting to a mailing list, so please excuse any
> errs I make...
>
>I have stock RH9, MailScanner-4.20-3, and SpamAssassin-2.55,
>postfix-1.1.11-11. This box will be a relay for an internal M$Exchange box.
>
>When I installed RH9, I installed postfix and spamassassin. RH9
>apparently sets up postfix chrooted, so I followed the MailScanner
>document for setting up MS with postfix, using the MailScanner rpm
>file. All seemed to go fine. I changed some postfix stuff to get
>relaying going, and that works fine. I'm not getting any odd messages in
>/var/log/maillog (I think...).
Check that when you changed the postfix setup, you did a
service MailScanner restart
on not "service postfix restart".
- I restart things via their scripts in init.d, and yes, I did restart MailScanner (I even removed the link to rc3.d for postfix).
>
>Anyway, I have two main issues:
>
>1.- MS seems to be scanning, but is not marking up the subject header: I'm
>currently testing it by "sending mail" via telnet. I have my
>Mailscanner.conf file set to yes for "Spam Modify Subject" nad {Spam?}for
>the text.
>Here's the full transaction from /var/log/maillog:
>
>
>May 31 14:35:53 mail1 postfix/smtpd[11554]: connect from
>MV1-24.217.77.228.charter-stl.com[24.217.77.228]
>May 31 14:36:43 mail1 postfix/smtpd[11554]: 0891D4BB4E:
>client=MV1-24.217.77.228.charter-stl.com[24.217.77.228]
>May 31 14:36:43 mail1 postfix/cleanup[11555]: 0891D4BB4E:
>message-id=<20030531193643.0891D4BB4E at mail1.ofallon90.net>
>May 31 14:36:43 mail1 postfix/nqmgr[9716]: 0891D4BB4E:
>from=<not_a_user at not_a_machine_fake_domain.dom>, size=686, nrcpt=1 (queue
>active)
>May 31 14:36:43 mail1 postfix/nqmgr[9716]: 0891D4BB4E:
>to=<gsmithe at ofallon90.net>, relay=none, delay=0, status=deferred (deferred
>transport)
>May 31 14:36:43 mail1 MailScanner[9804]: New Batch: Scanning 1 messages,
>877 bytes
>May 31 14:36:43 mail1 MailScanner[9804]: Spam Checks: Starting
>May 31 14:36:49 mail1 MailScanner[9804]: Message 0891D4BB4E from
>[24.217.77.228] (not_a_user at not_a_machine_fake_domain.dom) to
>ofallon90.net is spam, SpamAssassin (score=8.3, required 5,
>ALL_CAPS_HEADER, GUARANTEE, LINES_OF_YELLING, NO_MX_FOR_FROM,
>NO_REAL_NAME, SPAM_PHRASE_02_03, SUBJ_ALL_CAPS, UPPERCASE_75_100)
>May 31 14:36:49 mail1 MailScanner[9804]: Spam Checks: Found 1 spam messages
>May 31 14:36:49 mail1 MailScanner[9804]: Spam Actions: message 0891D4BB4E
>actions are deliver
>May 31 14:36:49 mail1 MailScanner[9804]: Virus and Content Scanning: Starting
>May 31 14:36:49 mail1 MailScanner[9804]: Filename Checks: Allowing
>msg-9804-1.txt
>May 31 14:36:49 mail1 postfix/nqmgr[9786]: 9D3BEAF5B2:
>from=<not_a_user at not_a_machine_fake_domain.dom>, size=1028, nrcpt=1 (queue
>active)
>May 31 14:36:49 mail1 MailScanner[9804]: Uninfected: Delivered 1 messages
>May 31 14:36:49 mail1 postfix/smtp[11563]: 9D3BEAF5B2:
>to=<gsmithe at ofallon90.net>, relay=216.124.194.5[216.124.194.5], delay=6,
>status=sent (250 2.6.0 <20030531193643.0891D4BB4E at mail1.ofallon90.net>
>Queued mail for delivery)
>
>When I get the mail, however, the subject line is intact, exactly as I
>sent it (i.e. no "{Spam?}" text)
We cannot tell what is wrong without the relevant section of the
MailScanner.conf file. You have a mistake there somewhere, it works for
everyone else.
- Well, I hate posting the entire MailScanner.conf file. I can assure you that the obvious things are set to "yes" that would enable the above. Is there any section in particular you want me to post, or just include the whole thing?
> 2 - anything that is truly spam we don't want to go to users (i.e.
> delete), but we'd like a copy to go to a designated account (i.e.
> forward) so we can review to make sure it IS spam. If I specify forward
> AND delete for spam actions (or high scoring spam actions) , maillog
> states the only action as forward, and hence the user gets the message
> too. Is it possible to perform the actions I'm asking it?
Are you sure the user really gets the message? Could it just be missing
from the log?
Yes, the user (me) gets the message, and as above, it is unmarked as spam.
Should I try the whole shebang from scratch (i.e. not use any rpms?). I figured since RedHat 9 includes postfix and Spamassassin that everything would be smoother, but I'm thinking that would be flawed. I agree that it seems to be a conf problem, but I've looked the darn thing over so many times...
>
>
>Thanks,
>
>Gary
--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
More information about the MailScanner
mailing list