Scoring questions
Computer Bob
bob at inter-control.com
Mon Jan 29 21:51:02 CET 2018
When I run /etc/init.d/amavis debug, it spits out a bunch of Permissions
denied of basically everything and fails with Server closing!
I tried it under amavis user first, and also under root but always the same.
If I start normally, the mail.log looks like: (don't think this is all,
but most)
----------------------------------------
Jan 29 14:42:53 M1-2 amavis[3173]: starting. /usr/sbin/amavisd-new at
M1-2.dettenwanger.inter-control.com amavisd-new-2.7.1 (20120429),
Unicode aware, LANG="en_US.UTF-8"
Jan 29 14:42:53 M1-2 amavis[3180]: Net::Server: Group Not Defined.
Defaulting to EGID '117 117'
Jan 29 14:42:53 M1-2 amavis[3180]: Net::Server: User Not Defined.
Defaulting to EUID '110'
Jan 29 14:42:53 M1-2 amavis[3180]: Module Amavis::Conf 2.303
Jan 29 14:42:53 M1-2 amavis[3180]: Module Archive::Zip 1.30
Jan 29 14:42:53 M1-2 amavis[3180]: Module BerkeleyDB 0.54
Jan 29 14:42:53 M1-2 amavis[3180]: Module Compress::Zlib 2.06
Jan 29 14:42:53 M1-2 amavis[3180]: Module Convert::TNEF 0.18
Jan 29 14:42:53 M1-2 amavis[3180]: Module Convert::UUlib 1.4
Jan 29 14:42:53 M1-2 amavis[3180]: Module Crypt::OpenSSL::RSA 0.28
Jan 29 14:42:53 M1-2 amavis[3180]: Module DB_File 1.827
Jan 29 14:42:53 M1-2 amavis[3180]: Module Digest::MD5 2.52
Jan 29 14:42:53 M1-2 amavis[3180]: Module Digest::SHA 5.84_01
Jan 29 14:42:53 M1-2 amavis[3180]: Module File::Temp 0.23
Jan 29 14:42:53 M1-2 amavis[3180]: Module IO::Socket::INET6 2.71
Jan 29 14:42:53 M1-2 amavis[3180]: Module MIME::Entity 5.505
Jan 29 14:42:53 M1-2 amavis[3180]: Module MIME::Parser 5.505
Jan 29 14:42:53 M1-2 amavis[3180]: Module MIME::Tools 5.505
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::DKIM::Signer 0.4
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::DKIM::Verifier 0.4
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::Header 2.12
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::Internet 2.12
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::SPF v2.009
Jan 29 14:42:53 M1-2 amavis[3180]: Module Mail::SpamAssassin 3.004000
Jan 29 14:42:53 M1-2 amavis[3180]: Module Net::DNS 0.68
Jan 29 14:42:53 M1-2 amavis[3180]: Module Net::Server 2.007
Jan 29 14:42:53 M1-2 amavis[3180]: Module NetAddr::IP 4.071
Jan 29 14:42:53 M1-2 amavis[3180]: Module Razor2::Client::Version 2.84
Jan 29 14:42:53 M1-2 amavis[3180]: Module Socket6 0.25
Jan 29 14:42:53 M1-2 amavis[3180]: Module Time::HiRes 1.9725
Jan 29 14:42:53 M1-2 amavis[3180]: Module URI 1.60
Jan 29 14:42:53 M1-2 amavis[3180]: Module Unix::Syslog 1.1
Jan 29 14:42:53 M1-2 amavis[3180]: Amavis::DB code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SQL base code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SQL::Log code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SQL::Quarantine NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Lookup::SQL code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Lookup::LDAP code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: AM.PDP-in proto code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SMTP-in proto code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Courier proto code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: SMTP-out proto code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Pipe-out proto code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: BSMTP-out proto code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Local-out proto code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: OS_Fingerprint code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-VIRUS code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-SPAM code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-SPAM-EXT code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-SPAM-C code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: ANTI-SPAM-SA code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Unpackers code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: DKIM code loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Tools code NOT loaded
Jan 29 14:42:53 M1-2 amavis[3180]: Found $file at /usr/bin/file
Jan 29 14:42:53 M1-2 amavis[3180]: No $altermime, not using it
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .mail
Jan 29 14:42:53 M1-2 amavis[3180]: No decoder for .F
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .Z at
/bin/uncompress
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .gz
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .bz2 at
/bin/bzip2 -d
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .xz at
/usr/bin/xz -dc
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .lzma at
/usr/bin/xz -dc --format=lzma
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .lzo at
/usr/bin/lzop -d
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .rpm at
/usr/bin/rpm2cpio
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .cpio at /bin/pax
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .tar at /bin/pax
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .deb at /usr/bin/ar
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .zip
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .kmz
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .7z at
/usr/bin/7zr
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .rar at
/usr/bin/unrar-free
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .arj at
/usr/bin/arj
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .arc at
/usr/bin/arc
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .zoo at
/usr/bin/zoo
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .doc at
/usr/bin/ripole
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .cab at
/usr/bin/cabextract
Jan 29 14:42:53 M1-2 amavis[3180]: No decoder for .tnef
Jan 29 14:42:53 M1-2 amavis[3180]: Internal decoder for .tnef
Jan 29 14:42:53 M1-2 amavis[3180]: Found decoder for .exe at
/usr/bin/unrar-free; /usr/bin/arj
Jan 29 14:42:53 M1-2 amavis[3180]: Using primary internal av scanner
code for ClamAV-clamd
Jan 29 14:42:53 M1-2 amavis[3180]: Using primary internal av scanner
code for AVG Anti-Virus
Jan 29 14:42:53 M1-2 amavis[3180]: Found secondary av scanner
ClamAV-clamscan at /usr/bin/clamscan
Jan 29 14:42:53 M1-2 amavis[3180]: Deleting db files
nanny.db,__db.003,snmp.db,__db.001,__db.002 in /var/lib/amavis/db
Jan 29 14:42:53 M1-2 amavis[3180]: Creating db in /var/lib/amavis/db/;
BerkeleyDB 0.54, libdb 5.3
------------------------------------------------
On 1/29/18 2:33 PM, Dino Edwards wrote:
>
> Please run amavisd in debug mode.
>
> Stop the service
>
> /etc/init.d/amavis stop
>
> Then start in debug mode:
>
> /etc/init.d/amavis debug
>
> Open another session to your mail server and look at you
> /var/log/mail.log and you should see the following upon amavisd
> startup (or similar):
>
> Jan 29 15:30:55.078 mail.domain.tld /usr/sbin/amavisd-new[8330]:
> initializing Mail::SpamAssassin (0)
>
> Jan 29 15:30:55.078 mail.domain.tld /usr/sbin/amavisd-new[8330]:
> SpamAssassin debug facilities: info
>
> Jan 29 15:30:55.712 mail.domain.tld /usr/sbin/amavisd-new[8330]: SA
> info: zoom: able to use 315/360 'body_0' compiled rules (87.5%)
>
> Jan 29 15:30:56.454 mail.domain.tld /usr/sbin/amavisd-new[8330]:
> SpamAssassin loaded plugins: AskDNS, AutoLearnThreshold, Bayes,
> BodyEval, Check, DCC, DKIM, DNSEval, FreeMail, HTMLEval,
> HTTPSMismatch, Hashcash, HeaderEval, ImageInfo, MIMEEval, MIMEHeader,
> Pyzor, Razor2, RelayEval, ReplaceTags, Rule2XSBody, SPF, SpamCop,
> URIDNSBL, URIDetail, URIEval, VBounce, WLBLEval, WhiteListSubject
>
> Jan 29 15:30:56.455 mail.domain.tld /usr/sbin/amavisd-new[8330]:
> SpamControl: init_pre_fork on SpamAssassin done
>
> Jan 29 15:30:56.455 mail.domain.tld /usr/sbin/amavisd-new[8330]: extra
> modules loaded after daemonizing/chrooting:
> /usr/lib/perl5/auto/NetAddr/IP/InetBase/inet_n2dx.al,
> Mail/SpamAssassin/CompiledRegexps/body_0.pm,
> Mail/SpamAssassin/Plugin/FreeMail.pm, Net/DNS/RR/OPT.pm
>
> *From:*Computer Bob [mailto:bob at inter-control.com]
> *Sent:* Monday, January 29, 2018 3:24 PM
> *To:* Dino Edwards <dino.edwards at mydirectmail.net>;
> amavis-users at amavis.org
> *Subject:* Re: Scoring questions
>
> Changes made, amavis restarted.
> I have seen the following on all mails, I just was too lazy to include
> it because I had to blank the server name...skuza..
>
> X-Virus-Scanned: Debian amavisd-new at M1-2.myorganization.org
>
> On 1/29/18 2:15 PM, Dino Edwards wrote:
>
> Please try
>
> $sa_tag_level_deflt = undef;
>
> In
>
> /etc/amavis/conf.d/50-user
>
> Do you see the X-Virus-Scanned header in the emails that amavisd
> processes?
>
> *From:*amavis-users
> [mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org]
> *On Behalf Of *Computer Bob
> *Sent:* Monday, January 29, 2018 2:40 PM
> *To:* amavis-users at amavis.org <mailto:amavis-users at amavis.org>
> *Subject:* Re: Scoring questions
>
> I also agree that at this point auto learn should be off and
> cleared as I have done.
> But I still continue to get garbage mails through showing headers
> such as:
>
> X-Spam-Flag: NO
>
> X-Spam-Score: 0.61
>
> X-Spam-Level:
>
> X-Spam-Status: No, score=0.61 tagged_above=-9999 required=5
>
> tests=[HTML_FONT_LOW_CONTRAST=0.001, HTML_IMAGE_RATIO_04=0.61,
>
> HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001,
>
> T_REMOTE_IMAGE=0.01, T_RP_MATCHES_RCVD=-0.01]
>
> autolearn=no autolearn_force=no
>
>
>
> And as I said, when I run them through SA at the command line they
> seem to score correctly.
> The scores being given in the headers can't be correct as they all
> are similarly low and wrong.
> An interesting note is that if I try and forward one of these
> received, they get flagged and sent to spam.
> Without knowing the intricacies of the amavis procedural steps, or
> were to start, it is not possible for me to troubleshoot.
>
>
> On 1/29/18 1:20 PM, Dino Edwards wrote:
>
> I disagree it's bad advice considering it's autolearn that seems to be creating at least some of the problems he's experiencing.
>
>
>
> However, I do agree, the AutoLearn Threshold should definitely be set IF you are going to be using autolearn but in my experience auto-learn creates more problems than it solves. I believe that only humans should be be used for training the bayes database. Auto-learning has the tendency to exaggerate issues over time.
>
>
>
> Keep it simple for now and train your bayes database and after you've trained it and it's scoring well, then consider using autolearn.
>
>
>
>
>
>
>
>
>
>
>
> -----Original Message-----
>
> From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org] On Behalf Of Benny Pedersen
>
> Sent: Monday, January 29, 2018 1:06 PM
>
> To:amavis-users at amavis.org <mailto:amavis-users at amavis.org>
>
> Subject: Re: Re: Scoring questions
>
>
>
> Computer Bob skrev den 2018-01-29 18:57:
>
> I assume you mean bayes_auto_learn in local.cf. I set it to 0 from 1
>
> and restarted.
>
>
>
> yes its just bad advise, but setting this is what disables autolearn
>
>
>
> i suggest see autolearnthreashold instaed
>
>
>
> https://spamassassin.apache.org/full/3.3.x/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.html
>
>
>
> bayes_auto_learn_threshold_nonspam -5
>
> bayes_auto_learn_threshold_spam 7.5
>
>
>
> let the spammers win now :)
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20180129/9b1bebe7/attachment.html>
More information about the amavis-users
mailing list