MailScanner & Postfix

Gerhard Mourani gmourani at privalodc.com
Tue Oct 17 23:59:46 IST 2006


Here is my output of the /usr/bin/spamassassin --lint -D command run as
user postfix, maybe you can see something that is not correctely set.

bash-3.1$ /usr/bin/spamassassin --lint -D
[13265] dbg: logger: adding facilities: all
[13265] dbg: logger: logging level is DBG
[13265] dbg: generic: SpamAssassin version 3.1.7
[13265] dbg: config: score set 0 chosen.
[13265] dbg: util: running in taint mode? yes
[13265] dbg: util: taint mode: deleting unsafe environment variables,
resetting PATH
[13265] dbg: util: PATH included '/usr/bin', keeping
[13265] dbg: util: PATH included '/bin', keeping
[13265] dbg: util: PATH included '/usr/sbin', keeping
[13265] dbg: util: PATH included '/sbin', keeping
[13265] dbg: util: PATH included '/usr/X11R6/bin', which doesn't exist,
dropping
[13265] dbg: util: PATH included '/home/gmourani/bin', which doesn't
exist, dropping
[13265] dbg: util: final PATH set to: /usr/bin:/bin:/usr/sbin:/sbin
[13265] dbg: message: ---- MIME PARSER START ----
[13265] dbg: message: main message type: text/plain
[13265] dbg: message: parsing normal part
[13265] dbg: message: added part, type: text/plain
[13265] dbg: message: ---- MIME PARSER END ----
[13265] dbg: dns: is Net::DNS::Resolver available? yes
[13265] dbg: dns: Net::DNS version: 0.59
[13265] dbg: diag: perl platform: 5.008008 linux
[13265] dbg: diag: module installed: Digest::SHA1, version 2.10
[13265] dbg: diag: module installed: HTML::Parser, version 3.46
[13265] dbg: diag: module installed: MIME::Base64, version 3.07
[13265] dbg: diag: module installed: DB_File, version 1.814
[13265] dbg: diag: module installed: Net::DNS, version 0.59
[13265] dbg: diag: module installed: Net::SMTP, version 2.29
[13265] dbg: diag: module installed: Mail::SPF::Query, version 1.997
[13265] dbg: diag: module installed: IP::Country::Fast, version 309.002
[13265] dbg: diag: module installed: Razor2::Client::Agent, version 2.82
[13265] dbg: diag: module installed: Net::Ident, version 1.20
[13265] dbg: diag: module installed: IO::Socket::INET6, version 2.51
[13265] dbg: diag: module installed: IO::Socket::SSL, version 0.97
[13265] dbg: diag: module installed: Time::HiRes, version 1.86
[13265] dbg: diag: module installed: DBI, version 1.48
[13265] dbg: diag: module installed: Getopt::Long, version 2.35
[13265] dbg: diag: module installed: LWP::UserAgent, version 2.024
[13265] dbg: diag: module installed: HTTP::Date, version 1.46
[13265] dbg: diag: module installed: Archive::Tar, version 1.26
[13265] dbg: diag: module installed: IO::Zlib, version 1.04
[13265] dbg: ignore: using a test message to lint rules
[13265] dbg: config: using "/etc/mail/spamassassin" for site rules pre files
[13265] dbg: config: read file /etc/mail/spamassassin/init.pre
[13265] dbg: config: read file /etc/mail/spamassassin/v310.pre
[13265] dbg: config: read file /etc/mail/spamassassin/v312.pre
[13265] dbg: config: using "/usr/share/spamassassin" for sys rules pre files
[13265] dbg: config: using "/usr/share/spamassassin" for default rules dir
[13265] dbg: config: read file /usr/share/spamassassin/10_misc.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_advance_fee.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_anti_ratware.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_body_tests.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_compensate.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_dnsbl_tests.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_drugs.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_fake_helo_tests.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_head_tests.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_html_tests.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_meta_tests.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_net_tests.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_phrases.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_porn.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_ratware.cf
[13265] dbg: config: read file /usr/share/spamassassin/20_uri_tests.cf
[13265] dbg: config: read file /usr/share/spamassassin/23_bayes.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_accessdb.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_antivirus.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_body_tests_es.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_body_tests_pl.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_dcc.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_dkim.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_domainkeys.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_hashcash.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_pyzor.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_razor2.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_replace.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_spf.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_textcat.cf
[13265] dbg: config: read file /usr/share/spamassassin/25_uribl.cf
[13265] dbg: config: read file /usr/share/spamassassin/30_text_de.cf
[13265] dbg: config: read file /usr/share/spamassassin/30_text_fr.cf
[13265] dbg: config: read file /usr/share/spamassassin/30_text_it.cf
[13265] dbg: config: read file /usr/share/spamassassin/30_text_nl.cf
[13265] dbg: config: read file /usr/share/spamassassin/30_text_pl.cf
[13265] dbg: config: read file /usr/share/spamassassin/30_text_pt_br.cf
[13265] dbg: config: read file /usr/share/spamassassin/50_scores.cf
[13265] dbg: config: read file /usr/share/spamassassin/60_awl.cf
[13265] dbg: config: read file /usr/share/spamassassin/60_whitelist.cf
[13265] dbg: config: read file /usr/share/spamassassin/60_whitelist_dk.cf
[13265] dbg: config: read file /usr/share/spamassassin/60_whitelist_dkim.cf
[13265] dbg: config: read file /usr/share/spamassassin/60_whitelist_spf.cf
[13265] dbg: config: read file
/usr/share/spamassassin/60_whitelist_subject.cf
[13265] dbg: config: using "/etc/mail/spamassassin" for site rules dir
[13265] dbg: config: read file /etc/mail/spamassassin/local.cf
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x931aac8)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::Hashcash=HASH(0x93328d4)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::SPF=HASH(0x9355f14)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC from @INC
[13265] dbg: dcc: local tests only, disabling DCC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::DCC=HASH(0x933d52c)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::Pyzor from @INC
[13265] dbg: pyzor: local tests only, disabling Pyzor
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::Pyzor=HASH(0x93b625c)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC
[13265] dbg: razor2: local tests only, skipping Razor
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::Razor2=HASH(0x93d1440)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::SpamCop from @INC
[13265] dbg: reporter: local tests only, disabling SpamCop
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::SpamCop=HASH(0x93ee850)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::AWL from @INC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::AWL=HASH(0x93fdfdc)
[13265] dbg: plugin: loading
Mail::SpamAssassin::Plugin::AutoLearnThreshold from @INC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::AutoLearnThreshold=HASH(0x9419268)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::WhiteListSubject
from @INC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x88f7254)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::MIMEHeader from @INC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x88f7f38)
[13265] dbg: plugin: loading Mail::SpamAssassin::Plugin::ReplaceTags from
@INC
[13265] dbg: plugin: registered
Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x95db980)
[13265] dbg: config: adding redirector regex:
/^http:\/\/chkpt\.zdnet\.com\/chkpt\/\w+\/(.*)$/i
[13265] dbg: config: adding redirector regex:
/^http:\/\/www(?:\d+)?\.nate\.com\/r\/\w+\/(.*)$/i
[13265] dbg: config: adding redirector regex:
/^http:\/\/.+\.gov\/(?:.*\/)?externalLink\.jhtml\?.*url=(.*?)(?:&.*)?$/i
[13265] dbg: config: adding redirector regex:
/^http:\/\/redir\.internet\.com\/.+?\/.+?\/(.*)$/i
[13265] dbg: config: adding redirector regex:
/^http:\/\/(?:.*?\.)?adtech\.de\/.*(?:;|\|)link=(.*?)(?:;|$)/i
[13265] dbg: config: adding redirector regex:
m'^http.*?/redirect\.php\?.*(?<=[?&])goto=(.*?)(?:$|[&#])'i
[13265] dbg: config: adding redirector regex:
m'^https?:/*(?:[^/]+\.)?emf\d\.com/r\.cfm.*?&r=(.*)'i
[13265] dbg: config: adding redirector regex:
m'/(?:index.php)?\?.*(?<=[?&])URL=(.*?)(?:$|[&#])'i
[13265] dbg: config: adding redirector regex:
m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/url\?.*?(?<=[?&])q=(.*?)(?:$|[&#])'i
[13265] dbg: config: adding redirector regex:
m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%20|..[=+\s])site:(.*?)(?:$|%20|[\s+&#])'i
[13265] dbg: config: adding redirector regex:
m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%20|..[=+\s])(?:"|%22)(.*?)(?:$|%22|["\s+&#])'i
[13265] dbg: config: adding redirector regex:
m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/translate\?.*?(?<=[?&])u=(.*?)(?:$|[&#])'i
[13265] dbg: plugin:
Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x95db980) implements
'finish_parsing_end'
[13265] dbg: replacetags: replacing tags
[13265] dbg: replacetags: done replacing tags
[13265] dbg: bayes: tie-ing to DB file R/O
/var/spool/MailScanner/spamassassin/bayes_toks
[13265] dbg: bayes: tie-ing to DB file R/O
/var/spool/MailScanner/spamassassin/bayes_seen
[13265] dbg: bayes: found bayes db version 3
[13265] dbg: bayes: DB journal sync: last sync: 0
[13265] dbg: bayes: not available for scanning, only 190 spam(s) in bayes
DB < 200
[13265] dbg: bayes: untie-ing
[13265] dbg: bayes: untie-ing db_toks
[13265] dbg: bayes: untie-ing db_seen
[13265] dbg: config: score set 0 chosen.
[13265] dbg: message: ---- MIME PARSER START ----
[13265] dbg: message: main message type: text/plain
[13265] dbg: message: parsing normal part
[13265] dbg: message: added part, type: text/plain
[13265] dbg: message: ---- MIME PARSER END ----
[13265] dbg: bayes: tie-ing to DB file R/O
/var/spool/MailScanner/spamassassin/bayes_toks
[13265] dbg: bayes: tie-ing to DB file R/O
/var/spool/MailScanner/spamassassin/bayes_seen
[13265] dbg: bayes: found bayes db version 3
[13265] dbg: bayes: DB journal sync: last sync: 0
[13265] dbg: bayes: not available for scanning, only 190 spam(s) in bayes
DB < 200
[13265] dbg: bayes: untie-ing
[13265] dbg: bayes: untie-ing db_toks
[13265] dbg: bayes: untie-ing db_seen
[13265] dbg: dns: is DNS available? 0
[13265] dbg: metadata: X-Spam-Relays-Trusted:
[13265] dbg: metadata: X-Spam-Relays-Untrusted:
[13265] dbg: metadata: X-Spam-Relays-Internal:
[13265] dbg: metadata: X-Spam-Relays-External:
[13265] dbg: message: no encoding detected
[13265] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x931aac8)
implements 'parsed_metadata'
[13265] dbg: rules: local tests only, ignoring RBL eval
[13265] dbg: check: running tests for priority: 0
[13265] dbg: rules: running header regexp tests; score so far=0
[13265] dbg: rules: ran header rule __HAS_MSGID ======> got hit: "<"
[13265] dbg: rules: ran header rule __MSGID_OK_DIGITS ======> got hit:
"1161125813"
[13265] dbg: rules: ran header rule __SANE_MSGID ======> got hit:
"<1161125813 at lint_rules>
[13265] dbg: rules: "
[13265] dbg: rules: ran header rule __MSGID_OK_HOST ======> got hit:
"@lint_rules>"
[13265] dbg: eval: all '*From' addrs: ignore at compiling.spamassassin.taint.org
[13265] dbg: eval: all '*To' addrs:
[13265] dbg: rules: ran eval rule NO_RELAYS ======> got hit
[13265] dbg: rules: ran eval rule __UNUSABLE_MSGID ======> got hit
[13265] dbg: rules: running body-text per-line regexp tests; score so
far=-0.001
[13265] dbg: rules: ran body rule __NONEMPTY_BODY ======> got hit: "I"
[13265] dbg: uri: running uri tests; score so far=-0.001
[13265] dbg: bayes: tie-ing to DB file R/O
/var/spool/MailScanner/spamassassin/bayes_toks
[13265] dbg: bayes: tie-ing to DB file R/O
/var/spool/MailScanner/spamassassin/bayes_seen
[13265] dbg: bayes: found bayes db version 3
[13265] dbg: bayes: DB journal sync: last sync: 0
[13265] dbg: bayes: not available for scanning, only 190 spam(s) in bayes
DB < 200
[13265] dbg: bayes: not scoring message, returning undef
[13265] dbg: bayes: DB expiry: tokens in DB: 43279, Expiry max size:
150000, Oldest atime: 1161011302, Newest atime: 1161125619, Last expire:
1160942485, Current time: 1161125814
[13265] dbg: bayes: DB journal sync: last sync: 0
[13265] dbg: bayes: untie-ing
[13265] dbg: bayes: untie-ing db_toks
[13265] dbg: bayes: untie-ing db_seen
[13265] dbg: rules: running raw-body-text per-line regexp tests; score so
far=-0.001
[13265] dbg: rules: running full-text regexp tests; score so far=-0.001
[13265] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x931aac8)
implements 'check_tick'
[13265] dbg: check: running tests for priority: 500
[13265] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x931aac8)
implements 'check_post_dnsbl'
[13265] dbg: rules: running meta tests; score so far=-0.001
[13265] dbg: rules: running header regexp tests; score so far=1.866
[13265] dbg: rules: running body-text per-line regexp tests; score so
far=1.866
[13265] dbg: uri: running uri tests; score so far=1.866
[13265] dbg: rules: running raw-body-text per-line regexp tests; score so
far=1.866
[13265] dbg: rules: running full-text regexp tests; score so far=1.866
[13265] dbg: check: running tests for priority: 1000
[13265] dbg: rules: running meta tests; score so far=1.866
[13265] dbg: rules: running header regexp tests; score so far=1.866
[13265] dbg: rules: running body-text per-line regexp tests; score so
far=1.866
[13265] dbg: uri: running uri tests; score so far=1.866
[13265] dbg: rules: running raw-body-text per-line regexp tests; score so
far=1.866
[13265] dbg: rules: running full-text regexp tests; score so far=1.866
[13265] dbg: check: is spam? score=1.866 required=4.5
[13265] dbg: check: tests=MISSING_SUBJECT,NO_RECEIVED,NO_RELAYS,TO_CC_NONE
[13265] dbg: check:
subtests=__HAS_MSGID,__MSGID_OK_DIGITS,__MSGID_OK_HOST,__NONEMPTY_BODY,__SANE_MSGID,__UNUSABLE_MSGID

Regards,

> On 17 Oct 2006, at 21:03, Gerhard Mourani wrote:
>
>> Hello,
>>
>> I've installed latest version of MailScanner (4.56.8) with Postfix
>> (2.3.3)
>> and SpamAssassin (3.1.7) into my Linux server. At first view, all
>> seem to
>> work fine but it's just an illusion because I receive spam like
>> I've never
>> received in the pass. Without MailScanner, Spam are correctly
>> blocked by
>> Spamassassin.
>
> Check the users that you have called SA with in the past as you will
> now be call them as the postfix user. Is your Bayes correctly set up
> to use this user? Have you run spammassassin --lint -D as the postfix
> user and checked for errors?
>
> Drew
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>


-- 
PrivalODC
Cel: (514) 726-3766
Tel: (450) 761-9973 ext 634

Ce message électronique ainsi que tous les documents annexés s’adressent
exclusivement à la personne ou à l’entité inscrite dans la rubrique
destinataire ; il peut contenir des renseignements de nature
confidentielle ou
privilégiée  aux termes des lois applicables. Nulle autre personne ne doit y
avoir accès.  Si vous n’êtes pas le destinataire convenu, nous vous avisons
par la présente qu'il est strictement interdit d'en divulguer le contenu, de
le distribuer, le copier ou l’utiliser.  Veuillez aviser l’expéditeur
immédiatement par retour de courrier électronique et supprimer ce message de
votre système.  Toute diffusion ou reproduction de ce document ainsi que tout
mesure prise à l’égard de la présente sont formellement interdites .

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the MailScanner mailing list