dave at jonesol.com
Wed Dec 9 15:29:58 UTC 2015
Couple of things:
1. See the URIBL_BLOCKED hit? This means you are using a DNS server
that has been blocked. You should setup a local DNS server on the
MailScanner server and not forward to another DNS server. It needs to
do it's own full recursive lookups to keep it out of the aggregated
queries of the DNS server you are currently using.
2. Setup Postfix to block most of the emails using postscreen with RBL
weighting. Postfix should be blocking most of the spam (>85%) before
it ever gets to MailScanner and Spamassassin.
Download the VM from http://efa-project.org/ and either use it or look
at how it's Postfix is setup. It will have everything setup properly
like DNS, greylisting, Postfix, MailWatch, RBLs, etc. Also there are
lot of examples on locking down Postfix on the Postfix mailing list.
Postscreen is a must.
3. Here are my Pyzor settings:
mailscanner.cf:pyzor_options --homedir /etc/mail/spamassassin
On Tue, Dec 8, 2015 at 7:44 PM, Steve Weigold
<steve at weigoldenterprises.com> wrote:
> Apologies if this has been asked before, but while I found the list archive,
> I couldn't find a means to search it and considering it goes back many
> years, scanning by hand seemed a bit overwhelming. If there's a search
> capability for it that I've missed, please let me know.
> Anyway, I have a new server I've setup to be a spam filter gateway. It's a
> clean install of Debian Jessie with MailScanner and Postfix with what I
> believe to be the latest versions. Generally, the system is working, but
> I'm still getting much more spam than I should be. Reviewing the logs, I
> can see that I'm getting relatively low spam scores even on what I'd
> consider obvious spam emails.
> This lead me down the path of what else could be done with spamassassin,
> which got me to Pyzor, Razor and DCC. At the moment, DCC isn't installed.
> I guess it was removed from the repository because it's non-free? Pyzor and
> Razor are installed, and somehow, I think I have Razor working, at least
> based on the fact that I see log entries like this one:
> Dec 8 20:33:02 gw1 MailScanner: Message 0005D140024.A1747 from
> 18.104.22.168 (amazon-promotional-credit at urfhe.selectweddingbands.com) to
> acnoc.net is not spam, SpamAssassin (not cached, score=5.497, required 6,
> RAZOR2_CF_RANGE_51_100 0.36, RAZOR2_CF_RANGE_E8_51_100 2.43, RAZOR2_CHECK
> 1.73, SPF_SOFTFAIL 0.97, URIBL_BLOCKED 0.00)
> I'm not sure Pyzor is working though, and when I run MailScanner --lint, I
> get this:
> pyzor: check failed: internal error, python traceback seen in response
> I've googled ad nauseum and I'm getting nowhere.
> In spam.assassin.prefs.conf, I have:
> pyzor_options --homedir /var/spool/MailScanner/
> and permissions on that folder seem OK
> drwxr-xr-x 6 postfix postfix 4096 Dec 8 19:52 MailScanner
> Inside it, Pyzor's servers file:
> -rwxrwxr-x 1 postfix postfix 23 Dec 8 19:52 servers
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
More information about the MailScanner