spamassassin scannt die mails nicht

MHLInk

MHLInk

Well-Known Member
hi

seit einiger zeit beschaeftige ich mich mit meinem mailserver. inzwischen laeuft es fast. nur spamassassin will nicht sorecht. mein mailserver hat folgende komponenten:
- Postfix 2
- Cyrus-Imap
- fetchmail
- amavisd-new
- spamassassin
- einige virenscanner

so. nun zur sache:
spamassassin prüft die mails nicht. in header der mail steht nichts von X-SPAM... und in der maillog steht auch nicht, das der durchlaufen wurde. die virenscanner, die in der amavisd.conf stehen, erkennen aber testviren (daraus schliesse ich mal, das mindestes einer geht).
in der maillog steht auch, wenn man amavisd neustartet, das spamassassin geladen wurde(oder versucht).
hier die passenden stellen in der maillog:

Code: 
ML2# tail -f /var/log/maillog
[...]
 Jun  1 19:08:23 ML2 amavis[41535]: ANTI-SPAM  code        loaded
[...]
Jun  1 19:08:23 ML2 amavis[41535]: SpamControl: initializing Mail::SpamAssassin
Jun  1 19:08:27 ML2 amavis[41535]: SpamControl: done
Jun  1 19:08:27 ML2 amavis[41536]: TIMING [total 50 ms] - bdb-open: 50 (100%), rundown: 0 (0%)
Jun  1 19:08:27 ML2 amavis[41537]: TIMING [total 93 ms] - bdb-open: 93 (100%), rundown: 0 (0%)


hier noch der abschitt ab dem amavisd die mail uebernimmt, bis er sie wieder abgibt.
Code: 
Jun  1 20:34:44 ML2 amavis[41537]: (41537-01) ESMTP::10024 /var/amavis/tmp/amavis-20050601T203444-41537: <sender@t-online.de> -> <maillinkw@mhlink.dyndns.org> Received: SIZE=838 from xyz.dyndns.org ([127.0.0.1]) by localhost (host.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 41537-01 for <zyx@xyz.dyndns.org>; Wed,  1 Jun 2005 20:34:44 +0200 (CEST)
Jun  1 20:34:44 ML2 amavis[41537]: (41537-01) Checking: <marc.luehr@htp-tel.de> -> <zyx@xyz.dyndns.org>
Jun  1 20:34:44 ML2 amavis[41537]: (41537-01) p001 1 Content-Type: text/plain, size: 6 B, name:
Jun  1 20:34:45 ML2 amavis[41537]: (41537-01) ask_av (ClamAV-clamd) FAILED - unexpected result: /var/amavis/tmp/amavis-20050601T203444-41537/parts: Access denied. ERROR\n
Jun  1 20:34:47 ML2 amavis[41537]: (41537-01) FWD via SMTP: [127.0.0.1]:10025 <sender@t-online.de> -> <zyx@xyz.dyndns.org>
das clamsv nicht geht habe ich auch schon wahrgenommen, aber dagegen machen wir vorerst nichts (das bekomme ich auch so in den griff)


ich habe natuerlich auch schon fleissig gesucht und habe auch etwas gefunden: in den meisten faellen lag es am "@local_domains_acl" eintrag. ich habe den auf @local_domains_acl = qw ( . ). damit meine ich ja eigentlich alle domainnen (hoffe ich, korrigiert mich, wenn ich daneben liege). die andern sachen auf der FAQ seite von amavisd-new habe ich sehr großenteils auch schon abgedecht (http://www.ijs.si/software/amavisd/#faq)

ich hoffe, WIR koennen dieses kleinen letzte problem, das die perfektion des mailservers hintert, schnell wegraeumen.

Mfg

MHLInk
 
Hallo,
da ich genau das selbe Problem habe, füge ich mich hier einfach mal ein.
Ich vermute, dass es auch bei dir der Fall ist, SpamAssassin scant durchaus die Mail, allerdings schneidet Amavis den Eintrag im Header hab, die überreste sind unter /var/amavis/tmp/ zu finden.
Normalerweise ist es, dass der Eintrag auch im Header bestehen bleibt, wenn mehrere Treffer von Spamassassin gefunden wurde. Allerdings wird z.B. der Subject dennoch nicht geändert.
Beim Googlen bin ich natürlich auf die selbe Lösung gestossen, dass es an local_domains_acl = qw(.); liegt, allerdings hat auch dies bei mir nichts gebracht. Auch Änderungen an der @local_domains_maps = qw(.); haben nur teilweise zum Erfolg geführt (aber eben nicht komplett...).

Ich wäre euch also wirklich sehr dankbar, wenn ihr euch auch einmal meine Config-Datei anschauen könntet!

Code: 
use strict;

$max_servers = 2;            # number of pre-forked children (2..15 is common)
$daemon_user  = 'vscan';     # (no default;  customary: vscan or amavis)
$daemon_group = 'vscan';    # (no default;  customary: vscan or amavis)

$mydomain = 'fluhrer';   # a convenient default for other settings

$MYHOME   = '/var/amavis'; # a convenient default for other settings
$TEMPBASE = "$MYHOME/tmp";   # working directory, needs to be created manually
$ENV{TMPDIR} = $TEMPBASE;    # environment variable TMPDIR
$QUARANTINEDIR = '/var/virusmails';

#@local_domains_acl=qw();
#@local_domains_maps = ( [".fluhrer",".cfluhrer.de", "fluhrer", "cfluhrer.de", "localhost.fluhrer", "localhost"] );
@local_domains_maps = qw(.);
#@local_domains_acl = ( [".fluhrer", "fluhrer", "cfluhrer.de"] );
@local_domains_acl = qw(.);
@mynetworks = qw( 127.0.0.0/8 ::1 10.0.0.0/8);

$log_level = 0;              # verbosity 0..5
$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$DO_SYSLOG = 1;              # log via syslogd (preferred)
$SYSLOG_LEVEL = 'mail.debug';

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1

$inet_socket_port = 10024;   # listen on this local TCP port(s) (see $protocol)

$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent

$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?
$sa_auto_whitelist = 1;      # turn on AWL in SA 2.63 or older (irrelevant
                             # for SA 3.0, cf option is 'use_auto_whitelist')

$virus_admin               = "virusalert\@$mydomain";  # notifications recip.

$mailfrom_notify_admin     = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_recip     = "virusalert\@$mydomain";  # notifications sender
$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender
$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef

#@addr_extension_virus_maps      = ('virus');
#@addr_extension_spam_maps       = ('spam');
#@addr_extension_banned_maps     = ('banned');
#@addr_extension_bad_header_maps = ('badh');

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file   = 'file';   # file(1) utility; use recent versions
$gzip   = 'gzip';
$bzip2  = 'bzip2';
$lzop   = 'lzop';
$rpm2cpio   = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze   = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc        = ['nomarch', 'arc'];
$unarj      = ['arj', 'unarj'];
$unrar      = ['rar', 'unrar'];
$zoo    = 'zoo';
$lha    = 'lha';
$cpio   = ['gcpio','cpio'];
$dspam  = 'dspam';

$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enforced)

$sa_spam_subject_tag = '***SPAM*** ';
$defang_virus  = 1;  # MIME-wrap passed infected mail
$defang_banned = 1;  # MIME-wrap passed mail containing banned name

$forward_method = 'smtp:[127.0.0.1]:10025';  # set to undef with milter!

$X_HEADER_TAG = "X-Virus-Scanned";
$X_HEADER_LINE = "by AMaViS";

@viruses_that_fake_sender_maps = (new_RE(
  [qr'\bEICAR\b'i => 0],            # av test pattern name
  [qr'^(WM97|OF97|Joke\.)'i => 0],  # adjust names to match your AV scanner
  [qr/.*/ => 1],  # true for everything else
));

@keep_decoded_original_maps = (new_RE(
# qr'^MAIL$',   # retain full original message for virus checking (can be slow)
  qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));


# for $banned_namepath_re, a new-style of banned table, see amavisd.conf-sample

$banned_filename_re = new_RE(
# qr'^UNDECIPHERABLE$',  # is or contains any undecipherable components

  # block certain double extensions anywhere in the base name
  qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|dll)\.?$'i,

# qr'[{}]',      # curly braces in names (serve as Class ID extensions - CLSID)

  qr'^application/x-msdownload$'i,                  # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,

# qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME types

# [ qr'^\.(Z|gz|bz2)$'           => 0 ],  # allow any type in Unix-compressed
  [ qr'^\.(rpm|cpio|tar)$'       => 0 ],  # allow any type in Unix archives
# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any type within such archives

  qr'.\.(exe|vbs|pif|scr|bat|cmd|com)$'i, # banned extension - basic
  qr'^\.(exe-ms)$',                       # banned file(1) types
# qr'^\.(exe|lha|tnef|cab)$',             # banned file(1) types
);

@score_sender_maps = ({ # a by-recipient hash lookup table,
                        # results from all matching recipient tables are summed

  ## site-wide opinions about senders (the '.' matches any recipient)
  '.' => [  # the _first_ matching sender determines the score boost

   new_RE(  # regexp-type lookup table, just happens to be all soft-blacklist
    [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         => 5.0],
    [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
    [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
    [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   => 5.0],
    [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  => 5.0],
    [qr'^(your_friend|greatoffers)@'i                                => 5.0],
    [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    => 5.0],
   ),

   { # a hash-type lookup table (associative array)
     'nobody@cert.org'                        => -3.0,
     'cert-advisory@us-cert.gov'              => -3.0,
     'owner-alert@iss.net'                    => -3.0,
     'slashdot@slashdot.org'                  => -3.0,
     'bugtraq@securityfocus.com'              => -3.0,
     'ntbugtraq@listserv.ntbugtraq.com'       => -3.0,
     'security-alerts@linuxsecurity.com'      => -3.0,
     'mailman-announce-admin@python.org'      => -3.0,
     'amavis-user-admin@lists.sourceforge.net'=> -3.0,
     'notification-return@lists.sophos.com'   => -3.0,
     'owner-postfix-users@postfix.org'        => -3.0,
     'owner-postfix-announce@postfix.org'     => -3.0,
     'owner-sendmail-announce@lists.sendmail.org'   => -3.0,
     'sendmail-announce-request@lists.sendmail.org' => -3.0,
     'donotreply@sendmail.org'                => -3.0,
     'ca+envelope@sendmail.org'               => -3.0,
     'noreply@freshmeat.net'                  => -3.0,
     'owner-technews@postel.acm.org'          => -3.0,
     'ietf-123-owner@loki.ietf.org'           => -3.0,
     'cvs-commits-list-admin@gnome.org'       => -3.0,
     'rt-users-admin@lists.fsck.com'          => -3.0,
     'clp-request@comp.nus.edu.sg'            => -3.0,
     'surveys-errors@lists.nua.ie'            => -3.0,
     'emailnews@genomeweb.com'                => -5.0,
     'yahoo-dev-null@yahoo-inc.com'           => -3.0,
     'returns.groups.yahoo.com'               => -3.0,
     'clusternews@linuxnetworx.com'           => -3.0,
     lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,
     lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,

     # soft-blacklisting (positive score)
     'sender@example.net'                     =>  3.0,
     '.example.net'                           =>  1.0,

   },
  ],  # end of site-wide tables
});


@av_scanners = (
  ### http://www.hbedv.com/ or http://www.centralcommand.com/
  ['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
    ['antivir','vexira'],
    '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
    qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
         (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
    # NOTE: if you only have a demo version, remove -z and add 214, as in:
    #  '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/,
);


@av_scanners_backup = ();


1;  # insure a defined return

falls es von interesse sein sollte, schicke ich hier auch nocheinmal den angekommenen Header einer Testmail mit. (Das ist die Version, in der der Header bereits entfernt wurde)

Code: 
Return-Path: <Kleinrechner@web.de>
 Received: from murder ([unix socket])
      by fclienttest.fluhrer (Cyrus v2.2.8) with LMTPA;
      Wed, 01 Jun 2005 21:35:16 +0000
 X-Sieve: CMU Sieve 2.2
 Received: from localhost (localhost [127.0.0.1])
      by fserver.fluhrer (Postfix) with ESMTP id 689B7611E
      for <fchristian@localhost.fluhrer>; Wed, 1 Jun 2005 21:35:16 +0000 (UTC)
 Received: from fserver.fluhrer ([127.0.0.1])
      by localhost (fclienttest.fluhrer [127.0.0.1]) (amavisd-new, port 10024)
      with ESMTP id 00916-01 for <fchristian@localhost.fluhrer>;
      Wed, 1 Jun 2005 21:35:11 +0000 (UTC)
 Received: by fserver.fluhrer (Postfix, from userid 65534)
      id DB219610D; Wed, 1 Jun 2005 21:35:11 +0000 (UTC)
 Received: from localhost (localhost [127.0.0.1])
      by fserver.fluhrer (Postfix) with ESMTP id DC1DB6106
      for <fchristian@localhost>; Wed, 1 Jun 2005 21:35:05 +0000 (UTC)
 X-Envelope-From: <Kleinrechner@web.de>
 X-Envelope-To: <test@cfluhrer.de>
 X-Delivery-Time: 1117654477
 Received: from post.strato.de [192.67.198.62]
      by localhost with POP3 (fetchmail-6.2.5)
      for fchristian@localhost (single-drop); Wed, 01 Jun 2005 21:35:05 +0000 (UTC)
 Received: from fmmailgate05.web.de (fmmailgate05.web.de [217.72.192.243])
      by mailin.webmailer.de (8.13.1/8.13.1) with ESMTP id j51JYa82005170
      for <test@cfluhrer.de>; Wed, 1 Jun 2005 21:34:36 +0200 (MEST)
 Received: by fmmailgate05.web.de (8.12.10/8.12.10/webde Linux 0.7) with SMTP id j51JXaW4005906 
      for test@cfluhrer.de; Wed, 1 Jun 2005 21:34:36 +0200
 Received: from [84.149.133.188] by freemailng0202.web.de with HTTP;
      Wed, 01 Jun 2005 21:34:35 +0200
 Date: Wed, 01 Jun 2005 21:34:35 +0200
 Message-Id: <113080814@web.de>
 MIME-Version: 1.0
 From: "Christian Fluhrer" <Kleinrechner@web.de>
 To: test@cfluhrer.de
 Subject: test
 Precedence: fm-user
 Organization: http://freemail.web.de/
 Content-Type: text/plain; charset="iso-8859-1"
 Content-Transfer-Encoding: 7bit
 X-Virus-Scanned: by AMaViS

Ich bin für jede Hilfe wirklich dankbar!

cu
Christian
 
hi

hier meine amavisd.conf
Code: 
ML2# vim /usr/local/etc/amavisd.conf


      1 use strict;
      2
      3 # a minimalistic configuration file for amavisd-new with all necessary s        ettings
      4 #
      5 #   see amavisd.conf-default for a list of all variables with their defa        ults;
      6 #   see amavisd.conf-sample for a traditional-style commented file;
      7 #   for more details see documentation in INSTALL, README_FILES/*
      8 #   and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html
      9
     10
     11 # COMMONLY ADJUSTED SETTINGS:
     12
     13 # @bypass_virus_checks_maps = (1);  # uncomment to DISABLE anti-virus co        de
     14 # @bypass_spam_checks_maps  = (1);  # uncomment to DISABLE anti-spam cod        e
     15
     16 $max_servers = 2;            # number of pre-forked children (2..15 is c        ommon)
     17 $daemon_user  = 'vscan';     # (no default;  customary: vscan or amavis)
     18 $daemon_group = 'vscan';    # (no default;  customary: vscan or amavis)
     19
     20 $mydomain = 'xyz.dyndns.org';   # a convenient default for other sett        ings
     21
     22 $MYHOME   = '/var/amavis'; # a convenient default for other settings
     23 $TEMPBASE = "$MYHOME/tmp";   # working directory, needs to be created ma        nually
     24 $ENV{TMPDIR} = $TEMPBASE;    # environment variable TMPDIR
     25 $QUARANTINEDIR = '/var/virusmails';
     26
     27 # $daemon_chroot_dir = $MYHOME;   # chroot directory or undef
     28
     29 # $db_home   = "$MYHOME/db";
     30 # $helpers_home = "$MYHOME/var";  # prefer $MYHOME clean and owned by ro        ot?
     31 #$pid_file  = "$MYHOME/var/amavisd.pid";
     32 #$lock_file = "$MYHOME/var/amavisd.lock";
     33 #NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually
     34 $LOGFILE = "$MYHOME/amavis.log";
     35 #$log_level = 2;
     36 #$log_templ = '[? %#V |[? %
     37 @local_domains_maps = ( [".$mydomain"] );
     38 #@local_domains_acl = ( ["xyz.dyndns.org"] );
     39 @local_domains_acl = qw( . );
     40 @mynetworks = qw( 127.0.0.0/8 ::1 192.168.0.0/24 0.0.0.0 );
     41
     42 $log_level = 2;              # verbosity 0..5
     43 $log_recip_templ = undef;    # disable by-recipient level-0 log entries
     44 $DO_SYSLOG = 1;              # log via syslogd (preferred)
     45 $SYSLOG_LEVEL = 'mail.debug';
     46
     47 $spam_quarantine_to = 'spam-quarantine';
     48
     49 $remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned         alone #
     50 $remove_existing_spam_headers  = 1 ;     # remove existing spam headers         if
     51
     52                                         # spam scanning is enabled (defa        ult)
     53 $enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and         nanny)
     54 $enable_global_cache = 1;    # enable use of libdb-based cache if $enabl        e_db=1
     55
     56 $inet_socket_port = 10024;   # listen on this local TCP port(s) (see $pr        otocol)
     57 $unix_socketname = "$MYHOME/amavisd.sock";  # when using sendmail milter
     58
     59 #$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above th        at level
     60 #$sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that leve        l
     61 #$sa_kill_level_deflt = 6.31; # triggers spam evasive actions
     62 #$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sen        t
     63
     64 #$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail i        s larger
     65 #$sa_local_tests_only = 0;    # only tests which do not require internet         access?
     66 #$sa_auto_whitelist = 1;      # turn on AWL in SA 2.63 or older (irrelev        ant
     67                              # for SA 3.0, cf option is 'use_auto_whitel        ist')
     68
     69
     70
     71
     72
     73 $sa_local_tests_only = 1;
     74 $sa_mail_body_size_limit = 641024;
     75 $sa_tag_level_deflt  = 3.0;
     76 $sa_tag2_level_deflt = 6.3;
     77 $sa_kill_level_deflt = $sa_tag2_level_deflt;
     78
     79
     80
     81
     82 # @lookup_sql_dsn =
     83 #   ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'pas        swd1'],
     84 #     ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'] )        ;
     85
     86 $virus_admin               = "virusalert\@$mydomain";  # notifications r        ecip.
     87
     88 $mailfrom_notify_admin     = "virusalert\@$mydomain";  # notifications s        ender
     89 $mailfrom_notify_recip     = "virusalert\@$mydomain";  # notifications s        ender
     90 $mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications s        ender
     91 $mailfrom_to_quarantine = ''; # null return path; uses original sender i        f undef
     92
     93 @addr_extension_virus_maps      = ('virus');
     94 @addr_extension_spam_maps       = ('spam');
     95 @addr_extension_banned_maps     = ('banned');
     96 @addr_extension_bad_header_maps = ('badh');
     97 # $recipient_delimiter = '+';  # undef disables address extensions altog        ether
     98 # when enabling addr extensions do also Postfix/main.cf: recipient_delim        iter=+
     99
    100 $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
    101 $file   = 'file';   # file(1) utility; use recent versions
    102 $gzip   = 'gzip';
    103 $bzip2  = 'bzip2';
    104 $lzop   = 'lzop';
    105 $rpm2cpio   = ['rpm2cpio.pl','rpm2cpio'];
    106 $cabextract = 'cabextract';
    107 $uncompress = ['uncompress', 'gzip -d', 'zcat'];
    108 $unfreeze   = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
    109 $arc        = ['nomarch', 'arc'];
    110 $unarj      = ['arj', 'unarj'];
    111 $unrar      = ['rar', 'unrar'];
    112 $zoo    = 'zoo';
    113 $lha    = 'lha';
    114 $pax    = 'pax';
    115 $cpio   = ['gcpio','cpio'];
    116 $ar     = 'ar';
    117 $ripole = 'ripole';
    118 $dspam  = 'dspam';
    119
    120 $MAXLEVELS = 14;
    121 $MAXFILES = 1500;
    122 $MIN_EXPANSION_QUOTA =      100*1024;  # bytes  (default undef, not enfo        rced)
    123 $MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes  (default undef, not enfo        rced)
    124
    125 #$sa_spam_subject_tag = '***SPAM*** ';
    126 $defang_virus  = 1;  # MIME-wrap passed infected mail
    127 $defang_banned = 1;  # MIME-wrap passed mail containing banned name
    128
    129
    130 # OTHER MORE COMMON SETTINGS (defaults may suffice):
    131
    132 $myhostname = 'mhlink.dyndns.org';  # must be a fully-qualified domain n        ame!
    133
    134 $notify_method  = 'smtp:[127.0.0.1]:10025';
    135 $forward_method = 'smtp:[127.0.0.1]:10025';  # set to undef with milter!
    136
    137 $final_virus_destiny      = D_BOUNCE;
    138 $final_banned_destiny     = D_PASS;
    139 $final_spam_destiny       = D_PASS;
    140 $final_bad_header_destiny = D_PASS;
    141
    142
    143 $X_HEADER_TAG = 'X-Virus-Scanned';
    144 $X_HEADER_LINE = "von amavisd-new auf $mydomain gescant";
    145
    146
    147
    148 # SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for a        ll)
    149
    150 # $warnbadhsender,
    151 # $warnvirusrecip, $warnbannedrecip, $warnbadhrecip, (or @warn*recip_map        s)
    152 #
    153 # @bypass_virus_checks_maps, @bypass_spam_checks_maps,
    154 # @bypass_banned_checks_maps, @bypass_header_checks_maps,
    155 #
    156 # @virus_lovers_maps, @spam_lovers_maps,
    157 # @banned_files_lovers_maps, @bad_header_lovers_maps,
    158 #
    159 # @blacklist_sender_maps, @score_sender_maps,
    160 #
    161 # $virus_quarantine_to, $banned_quarantine_to,
    162 # $bad_header_quarantine_to, $spam_quarantine_to,
    163 #
    164 # $defang_bad_header, $defang_undecipherable, $defang_spam
    165
    166
    167 # REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGN        MENTS
    168
    169 @viruses_that_fake_sender_maps = (new_RE(
    170 # [qr'\bEICAR\b'i => 0],            # av test pattern name
    171 # [qr'^(WM97|OF97|Joke\.)'i => 0],  # adjust names to match your AV scan        ner
    172   [qr/.*/ => 1],  # true for everything else
    173 ));
    174
    175 @keep_decoded_original_maps = (new_RE(
    176 # qr'^MAIL$',   # retain full original message for virus checking (can b        e slow)
    177   qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undeciph        erables
    178   qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
    179 # qr'^Zip archive data',     # don't trust Archive::Zip
    180 ));
    181
    182
    183 # for $banned_namepath_re, a new-style of banned table, see amavisd.conf        -sample
    184
    185 $banned_filename_re = new_RE(
    186 # qr'^UNDECIPHERABLE$',  # is or contains any undecipherable components
    187
    188   # block certain double extensions anywhere in the base name
    189   qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
    190
    191 # qr'[{}]',      # curly braces in names (serve as Class ID extensions -         CLSID)
    192
    193   qr'^application/x-msdownload$'i,                  # block these MIME t        ypes
    194   qr'^application/x-msdos-program$'i,
    195   qr'^application/hta$'i,
    196
    197 # qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046 MIME t        ypes
    198
    199 # [ qr'^\.(Z|gz|bz2)$'           => 0 ],  # allow any in Unix-compressed
    200   [ qr'^\.(rpm|cpio|tar)$'       => 0 ],  # allow any in Unix-type archi        ves
    201 # [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ],  # allow any within such archiv        es
    202
    203   qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
    204 # qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta        |
    205 #        inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst|
    206 #        ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs|
    207 #        wmf|wsc|wsf|wsh)$'ix,  # banned ext - long
    208
    209 # qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i,  # banned extension - WinZip vu        lnerab.
    210
    211   qr'^\.(exe-ms)$',                       # banned file(1) types
    212 # qr'^\.(exe|lha|tnef|cab|dll)$',         # banned file(1) types
    213 );
    214 # See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
    215 # and http://www.cknow.com/vtutor/vtextensions.htm
    216
    217
    218 # ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING
    219
    220 @score_sender_maps = ({ # a by-recipient hash lookup table,
    221                         # results from all matching recipient tables are         summed
    222
    223 # ## per-recipient personal tables  (NOTE: positive: black, negative: wh        ite)
    224 # 'user1@example.com'  => [{'bla-mobile.press@example.com' => 10.0}],
    225 # 'user3@example.com'  => [{'.ebay.com'                 => -3.0}],
    226 # 'user4@example.com'  => [{'cleargreen@cleargreen.com' => -7.0,
    227 #                           '.cleargreen.com'           => -5.0}],
    228
    229   ## site-wide opinions about senders (the '.' matches any recipient)
    230   '.' => [  # the _first_ matching sender determines the score boost
    231
    232    new_RE(  # regexp-type lookup table, just happens to be all soft-blac        klist
    233     [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         =>         5.0],
    234     [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=>         5.0],
    235     [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=>         5.0],
    236     [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   =>         5.0],
    237     [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  =>         5.0],
    238     [qr'^(your_friend|greatoffers)@'i                                =>         5.0],
    239     [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    =>         5.0],
    240    ),
    241
    242 #  read_hash("/var/amavis/sender_scores_sitewide"),
    243
    244    { # a hash-type lookup table (associative array)
    245      'nobody@cert.org'                        => -3.0,
    246      'cert-advisory@us-cert.gov'              => -3.0,
    247      'owner-alert@iss.net'                    => -3.0,
    248      'slashdot@slashdot.org'                  => -3.0,
    249      'bugtraq@securityfocus.com'              => -3.0,
    250      'ntbugtraq@listserv.ntbugtraq.com'       => -3.0,
    251      'security-alerts@linuxsecurity.com'      => -3.0,
    252      'mailman-announce-admin@python.org'      => -3.0,
    253      'amavis-user-admin@lists.sourceforge.net'=> -3.0,
    254      'notification-return@lists.sophos.com'   => -3.0,
    255      'owner-postfix-users@postfix.org'        => -3.0,
    256      'owner-postfix-announce@postfix.org'     => -3.0,
    257      'owner-sendmail-announce@lists.sendmail.org'   => -3.0,
    258      'sendmail-announce-request@lists.sendmail.org' => -3.0,
    259      'donotreply@sendmail.org'                => -3.0,
    260      'ca+envelope@sendmail.org'               => -3.0,
    261      'noreply@freshmeat.net'                  => -3.0,
    262      'owner-technews@postel.acm.org'          => -3.0,
    263      'ietf-123-owner@loki.ietf.org'           => -3.0,
    264      'cvs-commits-list-admin@gnome.org'       => -3.0,
    265      'rt-users-admin@lists.fsck.com'          => -3.0,
    266      'clp-request@comp.nus.edu.sg'            => -3.0,
    267      'surveys-errors@lists.nua.ie'            => -3.0,
    268      'emailnews@genomeweb.com'                => -5.0,
    269      'yahoo-dev-null@yahoo-inc.com'           => -3.0,
    270      'returns.groups.yahoo.com'               => -3.0,
    271      'clusternews@linuxnetworx.com'           => -3.0,
    272      lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,
    273      lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
    274
    275      # soft-blacklisting (positive score)
    276      'sender@example.net'                     =>  3.0,
    277      '.example.net'                           =>  1.0,
    278
    279    },
    280   ],  # end of site-wide tables
    281 });
    282
    283
    284 @av_scanners = (
    277      '.example.net'                           =>  1.0,
    278
    279    },
    280   ],  # end of site-wide tables
    281 });

ich hoffe, ihr koennt damit etwas anfangen. den kram mit den virenscannern hab ich weggelassen (viel text, den ich fuer unwichtig halte ).


Mfg

MHLInk
 
Code: 
     49 $remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned         alone #
     50 $remove_existing_spam_headers  = 1 ;     # remove existing spam headers         if
     51

was passiert bei dir, wenn du die beiden Werte negierst, oder zumindest nur den zweiten?

Selltsammer weise fehlt in meiner Config dieser Parameter... werde ich wohl heute abend mal ausprobieren...

cu
Christian
 
hi

ich habe das mit dem negieren mal ausprobiert, und es ist immer noch das selbe -> das wars nicht. ich habe mich nun entschlossen, das es wohl doch basser ist einmal einen ganzen duchlauf einer mail und den komplette amavisd startduchlauf zu posten.
Code: 
Jun  2 17:12:19 ML2 amavis[6103]: starting.  /usr/local/sbin/amavisd at xyz.dyndns.org amavisd-new-2.2.1 (20041222), Unicode aware
Jun  2 17:12:19 ML2 amavis[6103]: user=vscan, EUID: 110 (110);  group=110, EGID: 110 110 (110 110)
Jun  2 17:12:19 ML2 amavis[6103]: Perl version               5.008006
Jun  2 17:12:21 ML2 amavis[6103]: INFO: no optional modules: Mail::SpamAssassin::SQLBasedAddrList DBD::mysql Sys::Hostname::Long Mail::SPF::Query Razor2::Client Net::CIDR::Lite
Jun  2 17:12:21 ML2 amavis[6104]: Net::Server: Process Backgrounded
Jun  2 17:12:21 ML2 amavis[6104]: Net::Server: 2005/06/02-17:12:21 Amavis (type Net::Server::PreForkSimple) starting! pid(6104)
Jun  2 17:12:21 ML2 amavis[6104]: Net::Server: Binding to UNIX socket file /var/amavis/amavisd.sock using SOCK_STREAM
Jun  2 17:12:21 ML2 amavis[6104]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
Jun  2 17:12:21 ML2 amavis[6104]: Net::Server: Group Not Defined.  Defaulting to EGID '110 110'
Jun  2 17:12:21 ML2 amavis[6104]: Net::Server: User Not Defined.  Defaulting to EUID '110'
Jun  2 17:12:21 ML2 amavis[6104]: Module Amavis::Conf        2.034
Jun  2 17:12:21 ML2 amavis[6104]: Module Archive::Tar        1.23
Jun  2 17:12:21 ML2 amavis[6104]: Module Archive::Zip        1.14
Jun  2 17:12:21 ML2 amavis[6104]: Module BerkeleyDB          0.26
Jun  2 17:12:21 ML2 amavis[6104]: Module Compress::Zlib      1.33
Jun  2 17:12:21 ML2 amavis[6104]: Module Convert::TNEF       0.17
Jun  2 17:12:21 ML2 amavis[6104]: Module Convert::UUlib      1.051
Jun  2 17:12:21 ML2 amavis[6104]: Module DB_File             1.810
Jun  2 17:12:21 ML2 amavis[6104]: Module MIME::Entity        5.417
Jun  2 17:12:21 ML2 amavis[6104]: Module MIME::Parser        5.417
Jun  2 17:12:21 ML2 amavis[6104]: Module MIME::Tools         5.417
Jun  2 17:12:21 ML2 amavis[6104]: Module Mail::Header        1.66
Jun  2 17:12:21 ML2 amavis[6104]: Module Mail::Internet      1.66
Jun  2 17:12:21 ML2 amavis[6104]: Module Mail::SpamAssassin  3.000002
Jun  2 17:12:21 ML2 amavis[6104]: Module Net::Cmd            2.26
Jun  2 17:12:21 ML2 amavis[6104]: Module Net::DNS            0.48
Jun  2 17:12:21 ML2 amavis[6104]: Module Net::SMTP           2.29
Jun  2 17:12:21 ML2 amavis[6104]: Module Net::Server         0.87
Jun  2 17:12:21 ML2 amavis[6104]: Module Razor2::Client::Version 2.67
Jun  2 17:12:21 ML2 amavis[6104]: Module Time::HiRes         1.65
Jun  2 17:12:21 ML2 amavis[6104]: Module Unix::Syslog        0.100
Jun  2 17:12:21 ML2 amavis[6104]: Amavis::DB code        loaded
Jun  2 17:12:21 ML2 amavis[6104]: Amavis::Cache code     loaded
Jun  2 17:12:21 ML2 amavis[6104]: Lookup::SQL code       NOT loaded
Jun  2 17:12:21 ML2 amavis[6104]: Lookup::LDAP code      NOT loaded
Jun  2 17:12:21 ML2 amavis[6104]: AMCL-in protocol code  loaded
Jun  2 17:12:21 ML2 amavis[6104]: SMTP-in protocol code  loaded
Jun  2 17:12:21 ML2 amavis[6104]: ANTI-VIRUS code        loaded
Jun  2 17:12:21 ML2 amavis[6104]: ANTI-SPAM  code        loaded
Jun  2 17:12:21 ML2 amavis[6104]: Unpackers  code        loaded
Jun  2 17:12:21 ML2 amavis[6104]: Found $file       at /usr/bin/file
Jun  2 17:12:21 ML2 amavis[6104]: Found $arc        at /usr/local/bin/arc
Jun  2 17:12:21 ML2 amavis[6104]: Found $gzip       at /usr/bin/gzip
Jun  2 17:12:21 ML2 amavis[6104]: Found $bzip2      at /usr/bin/bzip2
Jun  2 17:12:21 ML2 amavis[6104]: Found $lzop       at /usr/local/bin/lzop
Jun  2 17:12:21 ML2 amavis[6104]: Found $lha        at /usr/local/bin/lha
Jun  2 17:12:21 ML2 amavis[6104]: Found $unarj      at /usr/local/bin/unarj
Jun  2 17:12:21 ML2 amavis[6104]: Found $uncompress at /usr/bin/uncompress
Jun  2 17:12:21 ML2 amavis[6104]: Found $unfreeze   at /usr/local/bin/unfreeze
Jun  2 17:12:21 ML2 amavis[6104]: Found $unrar      at /usr/local/bin/unrar
Jun  2 17:12:21 ML2 amavis[6104]: Found $zoo        at /usr/local/bin/zoo
Jun  2 17:12:21 ML2 amavis[6104]: Found $pax        at /bin/pax
Jun  2 17:12:21 ML2 amavis[6104]: Found $cpio       at /usr/bin/cpio
Jun  2 17:12:21 ML2 amavis[6104]: Found $ar         at /usr/bin/ar
Jun  2 17:12:21 ML2 amavis[6104]: Found $rpm2cpio   at /usr/local/bin/rpm2cpio.pl
Jun  2 17:12:21 ML2 amavis[6104]: Found $cabextract at /usr/local/bin/cabextract
[B]Jun  2 17:12:21 ML2 amavis[6104]: No $ripole,       not using it
Jun  2 17:12:21 ML2 amavis[6104]: No $dspam,        not using it[/B]
Jun  2 17:12:21 ML2 amavis[6104]: Using internal av scanner code for (primary) ClamAV-clamd
Jun  2 17:12:21 ML2 amavis[6104]: Found primary av scanner H+BEDV AntiVir or CentralCommand Vexira Antivirus at /usr/bin/antivir
Jun  2 17:12:21 ML2 amavis[6104]: Found secondary av scanner ClamAV-clamscan at /usr/local/bin/clamscan
Jun  2 17:12:21 ML2 amavis[6104]: Found secondary av scanner FRISK F-Prot Antivirus at /usr/local/bin/f-prot
Jun  2 17:12:21 ML2 amavis[6104]: Creating db in /var/amavis/db/; BerkeleyDB 0.26, libdb 3.3
Jun  2 17:12:21 ML2 amavis[6104]: SpamControl: initializing Mail::SpamAssassin
Jun  2 17:12:25 ML2 amavis[6104]: SpamControl: done
Jun  2 17:12:25 ML2 amavis[6106]: TIMING [total 41 ms] - bdb-open: 41 (100%), rundown: 0 (0%)
Jun  2 17:12:25 ML2 amavis[6105]: TIMING [total 96 ms] - bdb-open: 95 (100%), rundown: 0 (0%)

Code: 
Jun  2 17:12:44 ML2 postfix/smtpd[6107]: connect from mail.htp-tel.de[193.254.18.34]
Jun  2 17:12:44 ML2 postfix/smtpd[6107]: 81D6B61AC: client=mail.htp-tel.de[193.254.18.34]
Jun  2 17:12:44 ML2 postfix/cleanup[6108]: 81D6B61AC: message-id=<429F21EB.9070207@htp-tel.de>
Jun  2 17:12:44 ML2 postfix/qmgr[723]: 81D6B61AC: from=<marc.luehr@htp-tel.de>, size=835, nrcpt=1 (queue active)
Jun  2 17:12:44 ML2 postfix/smtpd[6107]: disconnect from mail.htp-tel.de[193.254.18.34]
Jun  2 17:12:44 ML2 amavis[6106]: (06106-01) ESMTP::10024 /var/amavis/tmp/amavis-20050602T171244-06106: <xyz@t-online.de> -> <maillinkw@xyz.dyndns.org> Received: SIZE=835 from xyz.dyndns.org ([127.0.0.1]) by localhost (mhlink.dyndns.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 06106-01 for <maillinkw@xyz.dyndns.org>; Thu,  2 Jun 2005 17:12:44 +0200 (CEST)
Jun  2 17:12:44 ML2 amavis[6106]: (06106-01) Checking: <marc.luehr@htp-tel.de> -> <maillinkw@xyz.dyndns.org>
Jun  2 17:12:44 ML2 amavis[6106]: (06106-01) p001 1 Content-Type: text/plain, size: 9 B, name:
Jun  2 17:12:44 ML2 amavis[6106]: (06106-01) ask_av (ClamAV-clamd) FAILED - unexpected result: /var/amavis/tmp/amavis-20050602T171244-06106/parts: Access denied. ERROR\n
Jun  2 17:12:46 ML2 amavis[6106]: (06106-01) FWD via SMTP: [127.0.0.1]:10025 <xyz@t-online.de> -> <maillinkw@xyz.dyndns.org>
Jun  2 17:12:46 ML2 postfix/smtpd[6112]: connect from localhost.domain-luehr[127.0.0.1]
Jun  2 17:12:46 ML2 postfix/smtpd[6112]: EF9AA61A3: client=localhost.domain-luehr[127.0.0.1]
Jun  2 17:12:47 ML2 postfix/cleanup[6108]: EF9AA61A3: message-id=<429F21EB.9070207@htp-tel.de>
Jun  2 17:12:47 ML2 postfix/qmgr[723]: EF9AA61A3: from=<xyz@t-online.de>, size=1317, nrcpt=1 (queue active)
Jun  2 17:12:47 ML2 postfix/smtpd[6112]: disconnect from localhost.domain-luehr[127.0.0.1]
Jun  2 17:12:47 ML2 postfix/pipe[6114]: EF9AA61A3: to=<maillinkw@xyz.dyndns.org>, relay=cyrus, delay=1, status=sent (xyz.dyndns.org)
Jun  2 17:12:47 ML2 postfix/qmgr[723]: EF9AA61A3: removed
Jun  2 17:12:47 ML2 amavis[6106]: (06106-01) Passed CLEAN, [81.14.177.30] <xyz@t-online.de> -> <maillinkw@xyz.dyndns.org>, Message-ID: <429F21EB.9070207@htp-tel.de>, Hits: 0.24, 2594 ms
Jun  2 17:12:47 ML2 amavis[6106]: (06106-01) TIMING [total 2616 ms] - SMTP EHLO: 32 (1%), SMTP pre-MAIL: 2 (0%), mkdir tempdir: 2 (0%), create email.txt: 3 (0%), SMTP pre-DATA-flush: 14 (1%), SMTP DATA: 87 (3%), body_hash: 4 (0%), mkdir parts: 5 (0%), mime_decode: 51 (2%), get-file-type1: 48 (2%), decompose_part: 2 (0%), parts_decode: 0 (0%), AV-scan-1: 21 (1%), AV-scan-2:
 1268 (48%), spam-wb-list: 10 (0%), SA msg read: 2 (0%), SA parse: 232 (9%), 
SA check: 392 (15%), update_cache: 15 (1%), fwd-connect: 64 (2%), fwd-mail-from: 6 (0%), fwd-rcpt-to: 9 (0%), write-header: 10 (0%),
 fwd-data: 2 (0%), fwd-data-end: 97 (4%), fwd-rundown: 153 (6%), main_log_entry: 73 (3%), update_snmp: 4 (0%), unlink-1-files: 
4 (0%), rundown: 1 (0%)
Jun  2 17:12:47 ML2 postfix/smtp[6109]: 81D6B61AC: to=<maillinkw@xyz.dyndns.org>, relay=127.0.0.1[127.0.0.1], delay=3, status=sent (250 2.6.0 Ok, id=06106-01, from MTA: 250 Ok: queued as EF9AA61A3)
Jun  2 17:12:47 ML2 postfix/qmgr[723]: 81D6B61AC: removed


ich habe da im oberen teil eine zeile fett gemacht, weil da was mit spam drin ist.

Mfg

MHLInk
 
Der Fehler scheint sich nicht so einfach debuggen zu lassen.

Also muß man das ganze mal ganz von vorne und kleinlich angehen.

a) sind alle Verzeichnisrechte richtig gesetzt?
b) sind die Dienste korrekt gestartet?
ba) postfix start
bb) /usr/local/etc/rc.d/amavisd.sh start (amavisd_enable="YES" in /etc/rc.conf?)
bc) nmap localhost -p 10024
bd) nmap localhost -p 10025

Das wären so meine ersten Ideen. Ich hatte anfänglich übrigens das Problem, dass Spamassassin zwar gestartet wurde, aber irgendwie nicht richtig gescannt hat. Im Log stand dazu dann immer "Hits=0.0".
 
guten morgen

@XPectIT:
was soll ich loeschen?

@Steve:
zu a) wie weiss ich welche verzeichnis rechte richtig sind? (soll ich die einfach mal posten?)
zu bb) amavisd laeuft.
zu bc) unds bd) muss ich heute abend erst testen, da ich nmap noch nicht installiert habe.

fuer spamassassin und amavisd habe ich keine logfiles gefunden. wo finde ich die (da, wo ichs in der amavisd.conf angegeben habe, sich sie nicht, und die local.cf von spamassassin ist LEER)

vielen dank fuer die antwort

Mfg

MHLInk
 
Hallo,

nachdem ich
$remove_existing_x_scanned_headers = 0;
$remove_existing_spam_headers = 0 ;
und
bei @local_domains_maps wieder meinen local Domain-Namen eingetragen habe, scheint es zu funktionieren! Auf jeden Fall wird der Spam-Header nicht mehr gelöscht!
Was ich allerdings noch nicht testen konnte ist, ob jetzt auch das Subject geändert wird...

cu
Christian
 
MHLInk schrieb:
@Steve:
zu a) wie weiss ich welche verzeichnis rechte richtig sind? (soll ich die einfach mal posten?)
zu bb) amavisd laeuft.
zu bc) unds bd) muss ich heute abend erst testen, da ich nmap noch nicht installiert habe.

fuer spamassassin und amavisd habe ich keine logfiles gefunden. wo finde ich die (da, wo ichs in der amavisd.conf angegeben habe, sich sie nicht, und die local.cf von spamassassin ist LEER)
Zum Vergrößern anklicken....
statt nmap tut's auch telnet, via "telnet localhost 10024" und "telnet localhost 10025".

amavisd loggt hier direkt nach /var/log/maillog. Die Amavis-Einträge sind mit "amavis[$pid]" getaggt.

Die Rechte sollten so gesetzt sein, das vscan:vscan entsprechenden Zugriff auf die Verzeichnisse unterhalb von /var/amavis hat. Damit sollte dann auch Deine o.g. Fehlermeldung verschwinden.
 
hi

die ports 10024 und 10025 sind offen (waeren sie es nicht, wuerde die mail, denke ich, bei amavisd stecken bleiben und sie wird ja auf viren geprueft). die rechte im ordner /var/amavis sind alle "drwxrwxrwx 3 vscan vscan ", sollte also passen.

mfg

MHLInk
 
hi

ich habe da noch so eine idee.. . undzwar wenn ich spamassassin direkt in postfix haenge (ohne amavisd, ueber content_filter..) waere es viel einfacher, den fehler zu finden. mit einem virenscanner geht es ja, den direkt an postfix anzuschliessen. nur weiss ich nicht, wie ich das mit spamassassin mache.

mfg

MHLInk
 
hi

meine mails werden jetzt auch mit x-spam-... im header markiert. spamassassin hat die mail geprueft. sogar ganz richtig. nur amavisd hat den x-spam-status der email nicht in den header geschrieben, da das level nicht erreicht wurde.
Code: 
     73 $sa_local_tests_only = 1;
     74 $sa_mail_body_size_limit = 641024;
     [B]75 $sa_tag_level_deflt  = 3.0;[/B]
     76 $sa_tag2_level_deflt = 6.3;
     77 $sa_kill_level_deflt = $sa_tag2_level_deflt;
ich habe in zeile 75 den wert auf -999 gelegt, so makiert der jede mail.
also problem geloest.

trotzdem vielen dank fuer euer bemuehen.

mfg

MHLInk
 
Du musst dich einloggen oder registrieren, um hier zu antworten.
Zurück
Oben