MailScanner not adding headers

Tue Jul 17 11:21:20 UTC 2018

Just to provide feedback on this, it seems I'm mistaken and the headers
just aren't showing in MailWatch, because if I look at a message that
passed through the server to myself, the headers do show..

*SNIP*
Received: by spam.mycompany.co.za (Postfix, from userid 0)
id A4D012C0070; Tue, 17 Jul 2018 13:00:42 +0200 (SAST)
Date: Tue, 17 Jul 2018 13:00:42 +0200
To: neilw at mycompany.co.za
User-Agent: Heirloom mailx 12.5 7/5/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20180717110042.A4D012C0070 at spam.mycompany.co.za>
From: root at mycompany.co.za (root)
X-mycompany-MailScanner-Information: Please contact mycompany for more info
X-mycompany-MailScanner-ID: A4D012C0070.A293B
X-mycompany-MailScanner: Found to be clean
X-mycompany-MailScanner-IP-Protocol: IPv4
X-mycompany-MailScanner-SpamScore: s
X-mycompany-MailScanner-From: root at mycompany.co.za

My question is though, How then can I get emails marked as Junk by
Sanesecurity blocked by spamassassin?

I have configured....
Spam-Virus Header = X-mycompany-MailScanner-SpamVirus-Report:

and...

Virus Names Which Are Spam = Sane*UNOFFICIAL HTML/* *Phish*
Sanesecurity.Junk.*.UNOFFICIAL

...then I've configured the following
in /etc/MailScanner/spamassassin.conf...

header MS_FOUND_SPAMVIRUS exists:X-mycompany-MailScanner-SpamVirus-Report
score MS_FOUND_SPAMVIRUS 3.0

...but I never see the above header in MailWatch when looking at emails
that were flagged by Sanesecurity, eg:...

Jul 17 11:38:10 MailScanner[28945]:
Clamd::INFECTED::Sanesecurity.Junk.47380.UNOFFICIAL :: ./B41AF2C0079.AFBE0/
Jul 17 11:38:10 MailScanner[28945]: Found spam based virus
Sanesecurity.Junk.47380.UNOFFICIAL in B41AF2C0079.AFBE0
Jul 17 11:38:22 MailScanner[28945]: MailWatch: Logging message
B41AF2C0079.AFBE0 to SQL
Jul 17 11:38:22 MailScanner[29735]: MailWatch: B41AF2C0079.AFBE0: Logged to
MailWatch SQL

Any ideas or suggestions please?

Thanks!

On Tue, Jul 17, 2018 at 10:24 AM Neil <nwilson123 at gmail.com> wrote:

> Hi guys,
>
> Please could someone assist me, I can't seem to get MailScanner to add the
> usual message headers.
>
> I'm using MailScanner-5.0.7-2 with MailWatch 1.2.8
>
> I've tried moving my org-name variable from MailScanner.conf to
> my_settings and putting the options in one file, and commenting it out in
> the other, but nothing seems to work, when I look in MailWatch I just don't
> see any headers with my company name showing.
>
> The reason I'm doing this is because I'm wanting Sanesecurity viruses to
> be recognised by spamassassin but I can't seem to get the Spam-Virus-Header
> showing, let alone the other headers.
>
> My --lint test doesn't show any issues either...
>
> [root at freshmail conf.d]# MailScanner --lint
> Trying to setlogsock(unix)
>
> Reading configuration file /etc/MailScanner/MailScanner.conf
> Reading configuration file /etc/MailScanner/conf.d/README
> Reading configuration file /etc/MailScanner/conf.d/my_settings.conf
> Read 1500 hostnames from the phishing whitelist
> Read 15766 hostnames from the phishing blacklists
> Config: calling custom init function SQLBlacklist
> MailWatch: Starting up MailWatch SQL Blacklist
> MailWatch: Read 1544 blacklist entries
> Config: calling custom init function MailWatchLogging
> MailWatch: Started MailWatch SQL Logging child
> Config: calling custom init function SQLWhitelist
> MailWatch: Starting up MailWatch SQL Whitelist
> MailWatch: Read 102 whitelist entries
>
> Checking version numbers...
> Version number in MailScanner.conf (5.0.7) is correct.
>
> Your envelope_sender_header in spamassassin.conf is correct.
> MailScanner setting GID to  (89)
> MailScanner setting UID to  (89)
>
> Any help is appreciated.
>
> Thank you!
>
> Regards.
>
> Neil Wilson.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20180717/59b3ef04/attachment.html>