steve at weigoldenterprises.com
Wed Dec 9 15:42:25 UTC 2015
Thanks Dave. I appreciate your response.
I've already addressed the URIBL_BLOCKED issue with local DNS. Watching
the logs, that seems to be working nicely now.
I'll investigate postscreen. Greylisting is in place. Wish I'd have
known about that VM a couple of days ago!
On 12/9/2015 10:29 AM, Dave Jones wrote:
> Couple of things:
> 1. See the URIBL_BLOCKED hit? This means you are using a DNS server
> that has been blocked. You should setup a local DNS server on the
> MailScanner server and not forward to another DNS server. It needs to
> do it's own full recursive lookups to keep it out of the aggregated
> queries of the DNS server you are currently using.
> 2. Setup Postfix to block most of the emails using postscreen with RBL
> weighting. Postfix should be blocking most of the spam (>85%) before
> it ever gets to MailScanner and Spamassassin.
> Download the VM from http://efa-project.org/ and either use it or look
> at how it's Postfix is setup. It will have everything setup properly
> like DNS, greylisting, Postfix, MailWatch, RBLs, etc. Also there are
> lot of examples on locking down Postfix on the Postfix mailing list.
> Postscreen is a must.
> 3. Here are my Pyzor settings:
> mailscanner.cf:pyzor_path /usr/bin/pyzor
> mailscanner.cf:pyzor_options --homedir /etc/mail/spamassassin
> mailscanner.cf:#use_pyzor 0
> mailscanner.cf:pyzor_timeout 5
> On Tue, Dec 8, 2015 at 7:44 PM, Steve Weigold
> <steve at weigoldenterprises.com> wrote:
>> Apologies if this has been asked before, but while I found the list archive,
>> I couldn't find a means to search it and considering it goes back many
>> years, scanning by hand seemed a bit overwhelming. If there's a search
>> capability for it that I've missed, please let me know.
>> Anyway, I have a new server I've setup to be a spam filter gateway. It's a
>> clean install of Debian Jessie with MailScanner and Postfix with what I
>> believe to be the latest versions. Generally, the system is working, but
>> I'm still getting much more spam than I should be. Reviewing the logs, I
>> can see that I'm getting relatively low spam scores even on what I'd
>> consider obvious spam emails.
>> This lead me down the path of what else could be done with spamassassin,
>> which got me to Pyzor, Razor and DCC. At the moment, DCC isn't installed.
>> I guess it was removed from the repository because it's non-free? Pyzor and
>> Razor are installed, and somehow, I think I have Razor working, at least
>> based on the fact that I see log entries like this one:
>> Dec 8 20:33:02 gw1 MailScanner: Message 0005D140024.A1747 from
>> 18.104.22.168 (amazon-promotional-credit at urfhe.selectweddingbands.com) to
>> acnoc.net is not spam, SpamAssassin (not cached, score=5.497, required 6,
>> RAZOR2_CF_RANGE_51_100 0.36, RAZOR2_CF_RANGE_E8_51_100 2.43, RAZOR2_CHECK
>> 1.73, SPF_SOFTFAIL 0.97, URIBL_BLOCKED 0.00)
>> I'm not sure Pyzor is working though, and when I run MailScanner --lint, I
>> get this:
>> pyzor: check failed: internal error, python traceback seen in response
>> I've googled ad nauseum and I'm getting nowhere.
>> In spam.assassin.prefs.conf, I have:
>> pyzor_options --homedir /var/spool/MailScanner/
>> and permissions on that folder seem OK
>> drwxr-xr-x 6 postfix postfix 4096 Dec 8 19:52 MailScanner
>> Inside it, Pyzor's servers file:
>> -rwxrwxr-x 1 postfix postfix 23 Dec 8 19:52 servers
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
More information about the MailScanner