redhat 9 n00b problem
Julian Field
mailscanner at ecs.soton.ac.uk
Sun Jun 1 12:14:26 IST 2003
At 03:28 01/06/2003, you wrote:
>
>
> -----Original Message-----
> From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
> Sent: Sat 5/31/2003 3:36 PM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Cc:
> Subject: Re: redhat 9 n00b problem
>
>
>
> At 21:15 31/05/2003, you wrote:
> >Hi all,
> > This is my first posting to a mailing list, so please
> excuse any
> > errs I make...
> >
> >I have stock RH9, MailScanner-4.20-3, and SpamAssassin-2.55,
> >postfix-1.1.11-11. This box will be a relay for an internal
> M$Exchange box.
> >
> >When I installed RH9, I installed postfix and spamassassin. RH9
> >apparently sets up postfix chrooted, so I followed the MailScanner
> >document for setting up MS with postfix, using the MailScanner rpm
> >file. All seemed to go fine. I changed some postfix stuff to get
> >relaying going, and that works fine. I'm not getting any odd
> messages in
> >/var/log/maillog (I think...).
>
> Check that when you changed the postfix setup, you did a
> service MailScanner restart
> on not "service postfix restart".
>
> - I restart things via their scripts in init.d, and yes, I did
> restart MailScanner (I even removed the link to rc3.d for postfix).
The tidy way to remove the rc*.d links is with
chkconfig postfix off
>
>
>
> >
> >Anyway, I have two main issues:
> >
> >1.- MS seems to be scanning, but is not marking up the subject
> header: I'm
> >currently testing it by "sending mail" via telnet. I have my
> >Mailscanner.conf file set to yes for "Spam Modify Subject" nad
> {Spam?}for
> >the text.
> >Here's the full transaction from /var/log/maillog:
> >
> >
> >May 31 14:35:53 mail1 postfix/smtpd[11554]: connect from
> >MV1-24.217.77.228.charter-stl.com[24.217.77.228]
> >May 31 14:36:43 mail1 postfix/smtpd[11554]: 0891D4BB4E:
> >client=MV1-24.217.77.228.charter-stl.com[24.217.77.228]
> >May 31 14:36:43 mail1 postfix/cleanup[11555]: 0891D4BB4E:
> >message-id=<20030531193643.0891D4BB4E at mail1.ofallon90.net>
> >May 31 14:36:43 mail1 postfix/nqmgr[9716]: 0891D4BB4E:
> >from=<not_a_user at not_a_machine_fake_domain.dom>, size=686,
> nrcpt=1 (queue
> >active)
> >May 31 14:36:43 mail1 postfix/nqmgr[9716]: 0891D4BB4E:
> >to=<gsmithe at ofallon90.net>, relay=none, delay=0, status=deferred
> (deferred
> >transport)
> >May 31 14:36:43 mail1 MailScanner[9804]: New Batch: Scanning 1
> messages,
> >877 bytes
> >May 31 14:36:43 mail1 MailScanner[9804]: Spam Checks: Starting
> >May 31 14:36:49 mail1 MailScanner[9804]: Message 0891D4BB4E from
> >[24.217.77.228] (not_a_user at not_a_machine_fake_domain.dom) to
> >ofallon90.net is spam, SpamAssassin (score=8.3, required 5,
> >ALL_CAPS_HEADER, GUARANTEE, LINES_OF_YELLING, NO_MX_FOR_FROM,
> >NO_REAL_NAME, SPAM_PHRASE_02_03, SUBJ_ALL_CAPS, UPPERCASE_75_100)
> >May 31 14:36:49 mail1 MailScanner[9804]: Spam Checks: Found 1
> spam messages
> >May 31 14:36:49 mail1 MailScanner[9804]: Spam Actions: message
> 0891D4BB4E
> >actions are deliver
> >May 31 14:36:49 mail1 MailScanner[9804]: Virus and Content
> Scanning: Starting
> >May 31 14:36:49 mail1 MailScanner[9804]: Filename Checks: Allowing
> >msg-9804-1.txt
> >May 31 14:36:49 mail1 postfix/nqmgr[9786]: 9D3BEAF5B2:
> >from=<not_a_user at not_a_machine_fake_domain.dom>, size=1028,
> nrcpt=1 (queue
> >active)
> >May 31 14:36:49 mail1 MailScanner[9804]: Uninfected: Delivered 1
> messages
> >May 31 14:36:49 mail1 postfix/smtp[11563]: 9D3BEAF5B2:
> >to=<gsmithe at ofallon90.net>, relay=216.124.194.5[216.124.194.5],
> delay=6,
> >status=sent (250
> 2.6.0 <20030531193643.0891D4BB4E at mail1.ofallon90.net>
> >Queued mail for delivery)
> >
> >When I get the mail, however, the subject line is intact,
> exactly as I
> >sent it (i.e. no "{Spam?}" text)
>
>
>
> We cannot tell what is wrong without the relevant section of the
> MailScanner.conf file. You have a mistake there somewhere, it
> works for
> everyone else.
>
> - Well, I hate posting the entire MailScanner.conf file. I can
> assure you that the obvious things are set to "yes" that would enable the
> above. Is there any section in particular you want me to post, or just
> include the whole thing?
You can always post it to me off-list.
>
> > 2 - anything that is truly spam we don't want to go to users (i.e.
> > delete), but we'd like a copy to go to a designated account (i.e.
> > forward) so we can review to make sure it IS spam. If I
> specify forward
> > AND delete for spam actions (or high scoring spam actions) ,
> maillog
> > states the only action as forward, and hence the user gets the
> message
> > too. Is it possible to perform the actions I'm asking it?
>
> Are you sure the user really gets the message? Could it just be
> missing
> from the log?
>
> Yes, the user (me) gets the message, and as above, it is unmarked
> as spam.
>
> Should I try the whole shebang from scratch (i.e. not use any
> rpms?). I figured since RedHat 9 includes postfix and Spamassassin that
> everything would be smoother, but I'm thinking that would be flawed. I
> agree that it seems to be a conf problem, but I've looked the darn thing
> over so many times...
Definitely use the RPMs, it makes things a lot simpler. But the one
exception is SpamAssassin. Remove the SA rpm (with rpm -e) and build and
install from source.
And I don't know what mailer you are using, but please can you configure it
to quote text correctly. There is currently no difference between your
additional content and the content you are replying to. Makes it very hard
to read your postings. And "n00b" is spelt "newbie".
>
> >
> >
> >Thanks,
> >
> >Gary
>
> --
> Julian Field
> www.MailScanner.info
> Professional Support Services at www.MailScanner.biz
> MailScanner thanks transtec Computers for their support
>
--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
More information about the MailScanner
mailing list