Improving filtering of SPAM...

Noel Jones njones at
Thu Jun 20 22:31:12 CEST 2013

On 6/20/2013 2:15 PM, Christopher Koeber wrote:
> Hello,
> I have AmavisD with the following software running on Gentoo Linux
> (Kernel Version 3.8.13):
>  1. Postfix (Version 2.10.)
>  2. SpamAssassin (Version 3.3.2-r1)
>  3. ClamAV (Version 0.97.7)
>  4. DCC (Version 1.3.140-r1)
>  5. Razor (Version 2.85-r1)
> There are perhaps quite a few other packages I have installed; I
> just know these are the major ones I have installed.
> Anyway, everything works but quite frankly my users still get a
> significant amount of spam coming through (no viruses whatsoever, so
> the ClamAV aspect works great.)
> The core problem is that, from what I see from the logs the score
> for the spam messages gets rated lower than zero so the system is
> learning these messages as ham and as such the filter becomes less
> effective as time goes on.
> Now, the current install isn't completely ineffective; it catches a
> great deal of spam messages but my question stems from asking what
> can I do to greatly increase the accuracy.

The single most important thing to do is feed "missed" spam back
into spamassassin with "spamassassin -r" or "sa-learn".  See the
spamassassin docs for details.

Also consider using the Sanesecurity addon signatures for clamav.
These catch a lot of spam with extremely low false positives. I
consider these safe and effective.

> Is there a guide somewhere on improving detection of spam with
> AmavisD? I couldn't find such a guide. Much of the items mentioned
> for improving SpamAssassin was within the "
> <>" file but I know AmavisD ignores that (from what I
> read). I also know I can lower the tag/tag2/etc. numbers but then
> valid mail gets caught.

While there are some limitations, amavisd does not ignore
In particular, you can adjust rule scores and add local rules. Note
that changes to require a restart of amavisd to read the
new file.

  -- Noel Jones

More information about the amavis-users mailing list