[Résolu] Serveur Mail - Postfix, amavis, spamassassin

Vi66cent · Le 13/05/2007, à 19:52

Bonjour

J'ai installé un serveur mail avec Postfix, Courier, MySQL, Amavisd-new, SpamAssassin,... pour une petite entreprise en suivant ce tuto.

Tout fonctionne très bien mais je ne suis pas sur que spamassassin fait son boulot...j'ai encore pas mal de spam qui ne sont pas filtré et quand je fais des tests (ici par exemple) seul les messages avec virus sont filtré, tout ce qui est spam passe.
J'ai aussi "entrainé" le filtre Bayes comme décrit dans le tuto.

Comment puis-je savoir si ca fonctionne et si ca ne fonctionne pas que dois-je faire pour le mettre en fonction ?

Merci de votre aide !

Vincent

Dernière modification par Vi66cent (Le 14/05/2007, à 18:18)

toniotonio · Le 13/05/2007, à 23:06

pour SA verifie dans les logs mail si amavisd remonte un pb lors du scan
cherche les traces du scan par SA dans ces logs (le score notamment)
regarde egalement les entetes des mails pour voir les tests effectués par SA

lance un

su -c "spamassassin -D --lint" virtual

(si virtual est bien le user qui fait tourner amavisd et donc SA)

verifie la sortie pour d'eventuelles erreurs

Vi66cent · Le 14/05/2007, à 00:09

Merci de ta réponse !

J'ai fais le su -c "spamassassin -D --lint" virtual (c'est bien l'user virtual)
Il y avait une erreur de config du rep .spamassassin, je l'ai corrigé.
Comme le chemin était mal configuré la base bayes n'existe pas...
Est-ce que SA scan quand même sans base bayes ?
Parce que je ne vois toujours pas de trace de scan par SA (contrairement a amavis) dans le mail.log ou dans les entêtes des mail...

toniotonio · Le 14/05/2007, à 00:18

a priori une erreur dans le chemin de la base bayes ne devrait pas empecher SA de fonctionner partiellement.

peux tu poster les logs pour voir ?

ainsi que ton local.cf

Vi66cent · Le 14/05/2007, à 01:14

Voilà une partie du mail.log (après 20 lignes ca se répete)

May 13 23:41:23 mail spamd[2167]: spamd: server killed by SIGTERM, shutting down 
May 13 23:41:25 mail spamd[27462]: logger: removing stderr method 
May 13 23:41:28 mail spamd[27464]: rules: meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK' 
May 13 23:41:28 mail spamd[27464]: spamd: server started on port 783/tcp (running version 3.1.7-deb) 
May 13 23:41:28 mail spamd[27464]: spamd: server pid: 27464 
May 13 23:41:28 mail spamd[27464]: spamd: server successfully spawned child process, pid 27465 
May 13 23:41:28 mail spamd[27464]: spamd: server successfully spawned child process, pid 27466 
May 13 23:41:28 mail spamd[27464]: prefork: child states: II
May 13 23:43:19 mail postfix/anvil[27386]: statistics: max connection rate 1/60s for (smtp:220.77.221.148) at May 13 23:38:08
May 13 23:43:19 mail postfix/anvil[27386]: statistics: max connection count 1 for (smtp:220.77.221.148) at May 13 23:38:08
May 13 23:43:19 mail postfix/anvil[27386]: statistics: max cache size 2 at May 13 23:39:51
May 13 23:44:00 mail postfix/smtpd[27472]: connect from unknown[89.113.73.129]
May 13 23:44:08 mail postfix/smtpd[27472]: warning: 129.73.113.89.relays.ordb.org: RBL lookup error: Host or domain name not found. Name service error for name=129.73.113.89.relays.ordb.org type=A: Host not found, try again
May 13 23:44:08 mail postfix/smtpd[27472]: NOQUEUE: reject_warning: RCPT from unknown[89.113.73.129]: 504 5.5.2 <pzrymi>: Helo command rejected: need fully-qualified hostname; from=<bxe@abstract-title.com> to=<xxx@domain.com> proto=SMTP helo=<pzrymi>
May 13 23:44:08 mail postgrey[2158]: delayed 609 seconds: client=89.113.73.129, from=bxe@abstract-title.com, to=xxx@domain.com 
May 13 23:44:08 mail postfix/smtpd[27472]: NOQUEUE: reject: RCPT from unknown[89.113.73.129]: 550 5.1.1 <xxx@domain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<bxe@abstract-title.com> to=<xxx@xx.com> proto=SMTP helo=<pzrymi>
May 13 23:44:08 mail postfix/smtpd[27472]: disconnect from unknown[89.113.73.129]
May 13 23:46:41 mail spamd[27464]: spamd: server killed by SIGTERM, shutting down 
May 13 23:46:43 mail spamd[27491]: logger: removing stderr method 
May 13 23:46:46 mail spamd[27493]: rules: meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK' 
May 13 23:46:46 mail spamd[27493]: spamd: server started on port 783/tcp (running version 3.1.7-deb) 
May 13 23:46:46 mail spamd[27493]: spamd: server pid: 27493 
May 13 23:46:46 mail spamd[27493]: spamd: server successfully spawned child process, pid 27494 
May 13 23:46:46 mail spamd[27493]: spamd: server successfully spawned child process, pid 27495 
May 13 23:46:46 mail spamd[27493]: prefork: child states: II 
May 13 23:47:00 mail amavis[3471]: Net::Server: 2007/05/13-23:47:00 Server closing!
May 13 23:47:03 mail amavis[27504]: starting.  /usr/sbin/amavisd-new at mail.domain.com amavisd-new-2.4.2 (20060627), Unicode aware, LANG=en_US.UTF-8
May 13 23:47:03 mail amavis[27504]: user=, EUID: 0 (0);  group=, EGID: 0 0 (0 0); log_level=2
May 13 23:47:04 mail amavis[27504]: Perl version               5.008008
May 13 23:47:04 mail amavis[27509]: Net::Server: Process Backgrounded
May 13 23:47:04 mail amavis[27509]: Net::Server: 2007/05/13-23:47:04 Amavis (type Net::Server::PreForkSimple) starting! pid(27509)
May 13 23:47:04 mail amavis[27509]: Net::Server: Binding to UNIX socket file /var/run/amavis/amavisd.sock using SOCK_STREAM
May 13 23:47:04 mail amavis[27509]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
May 13 23:47:04 mail amavis[27509]: Net::Server: Setting gid to "5000 5000"
May 13 23:47:04 mail amavis[27509]: Net::Server: Setting uid to "5000"
May 13 23:47:04 mail amavis[27509]: Module Amavis::Conf        2.068
May 13 23:47:04 mail amavis[27509]: Module Archive::Tar        1.30
May 13 23:47:04 mail amavis[27509]: Module Archive::Zip        1.16
May 13 23:47:04 mail amavis[27509]: Module BerkeleyDB          0.31
May 13 23:47:04 mail amavis[27509]: Module Compress::Zlib      1.42
May 13 23:47:04 mail amavis[27509]: Module Convert::TNEF       0.17
May 13 23:47:04 mail amavis[27509]: Module Convert::UUlib      1.06
May 13 23:47:04 mail amavis[27509]: Module Digest::MD5         2.36
May 13 23:47:04 mail amavis[27509]: Module MIME::Entity        5.420
May 13 23:47:04 mail amavis[27509]: Module MIME::Parser        5.420
May 13 23:47:04 mail amavis[27509]: Module MIME::Tools         5.420
May 13 23:47:04 mail amavis[27509]: Module Mail::Header        1.74
May 13 23:47:04 mail amavis[27509]: Module Mail::Internet      1.74
May 13 23:47:04 mail amavis[27509]: Module Net::Cmd            2.26
May 13 23:47:04 mail amavis[27509]: Module Net::SMTP           2.29
May 13 23:47:04 mail amavis[27509]: Module Net::Server         0.94
May 13 23:47:04 mail amavis[27509]: Module Time::HiRes         1.86
May 13 23:47:04 mail amavis[27509]: Module Unix::Syslog        0.100
May 13 23:47:04 mail amavis[27509]: Amavis::DB code      loaded
May 13 23:47:04 mail amavis[27509]: Amavis::Cache code   loaded
May 13 23:47:04 mail amavis[27509]: SQL base code        NOT loaded
May 13 23:47:04 mail amavis[27509]: SQL::Log code        NOT loaded
May 13 23:47:04 mail amavis[27509]: SQL::Quarantine      NOT loaded
May 13 23:47:04 mail amavis[27509]: Lookup::SQL code     NOT loaded
May 13 23:47:04 mail amavis[27509]: Lookup::LDAP code    NOT loaded
May 13 23:47:04 mail amavis[27509]: AM.PDP-in proto code loaded
May 13 23:47:04 mail amavis[27509]: SMTP-in proto code   loaded
May 13 23:47:04 mail amavis[27509]: Courier proto code   NOT loaded
May 13 23:47:04 mail amavis[27509]: SMTP-out proto code  loaded
May 13 23:47:04 mail amavis[27509]: Pipe-out proto code  NOT loaded
May 13 23:47:04 mail amavis[27509]: BSMTP-out proto code NOT loaded
May 13 23:47:04 mail amavis[27509]: Local-out proto code loaded
May 13 23:47:04 mail amavis[27509]: OS_Fingerprint code  NOT loaded
May 13 23:47:04 mail amavis[27509]: ANTI-VIRUS code      NOT loaded
May 13 23:47:04 mail amavis[27509]: ANTI-SPAM code       NOT loaded
May 13 23:47:04 mail amavis[27509]: ANTI-SPAM-SA code    NOT loaded
May 13 23:47:04 mail amavis[27509]: Unpackers code       loaded
May 13 23:47:04 mail amavis[27509]: Found $file            at /usr/bin/file
May 13 23:47:04 mail amavis[27509]: No $dspam,             not using it
May 13 23:47:04 mail amavis[27509]: Internal decoder for .mail
May 13 23:47:04 mail amavis[27509]: Internal decoder for .asc 
May 13 23:47:04 mail amavis[27509]: Internal decoder for .uue 
May 13 23:47:04 mail amavis[27509]: Internal decoder for .hqx 
May 13 23:47:04 mail amavis[27509]: Internal decoder for .ync 
May 13 23:47:04 mail amavis[27509]: No decoder for       .F    tried: unfreeze, freeze -d, melt, fcat
May 13 23:47:04 mail amavis[27509]: Found decoder for    .Z    at /bin/uncompress
May 13 23:47:04 mail amavis[27509]: Internal decoder for .gz  
May 13 23:47:04 mail amavis[27509]: Found decoder for    .gz   at /bin/gzip -d (backup, not used)
May 13 23:47:04 mail amavis[27509]: Found decoder for    .bz2  at /bin/bzip2 -d
May 13 23:47:04 mail amavis[27509]: Found decoder for    .lzo  at /usr/bin/lzop -d
May 13 23:47:04 mail amavis[27509]: No decoder for       .rpm  tried: rpm2cpio.pl, rpm2cpio
May 13 23:47:04 mail amavis[27509]: No decoder for       .cpio tried: pax
May 13 23:47:04 mail amavis[27509]: Found decoder for    .cpio at /bin/cpio
May 13 23:47:04 mail amavis[27509]: No decoder for       .tar  tried: pax
May 13 23:47:04 mail amavis[27509]: Found decoder for    .tar  at /bin/cpio
May 13 23:47:04 mail amavis[27509]: Internal decoder for .tar  (backup, not used)
May 13 23:47:04 mail amavis[27509]: Found decoder for    .deb  at /usr/bin/ar
May 13 23:47:04 mail amavis[27509]: Internal decoder for .zip 
May 13 23:47:04 mail amavis[27509]: No decoder for       .rar  tried: rar, unrar
May 13 23:47:04 mail amavis[27509]: Found decoder for    .arj  at /usr/bin/arj
May 13 23:47:04 mail amavis[27509]: Found decoder for    .arc  at /usr/bin/nomarch
May 13 23:47:04 mail amavis[27509]: Found decoder for    .zoo  at /usr/bin/zoo
May 13 23:47:04 mail amavis[27509]: No decoder for       .lha  tried: lha
May 13 23:47:04 mail amavis[27509]: No decoder for       .doc  tried: ripole
May 13 23:47:04 mail amavis[27509]: No decoder for       .cab  tried: cabextract
May 13 23:47:04 mail amavis[27509]: No decoder for       .tnef
May 13 23:47:04 mail amavis[27509]: Internal decoder for .tnef
May 13 23:47:04 mail amavis[27509]: Found decoder for    .exe  at /usr/bin/arj
May 13 23:47:04 mail amavis[27509]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.31, libdb 4.4
May 13 23:47:05 mail amavis[27510]: TIMING [total 16 ms] - bdb-open: 16 (99%)99, rundown: 0 (1%)100
May 13 23:47:05 mail amavis[27511]: TIMING [total 17 ms] - bdb-open: 17 (99%)99, rundown: 0 (1%)100
May 13 23:47:28 mail postfix/anvil[27474]: statistics: max connection rate 1/60s for (smtp:89.113.73.129) at May 13 23:44:00
May 13 23:47:28 mail postfix/anvil[27474]: statistics: max connection count 1 for (smtp:89.113.73.129) at May 13 23:44:00
May 13 23:47:28 mail postfix/anvil[27474]: statistics: max cache size 1 at May 13 23:44:00
May 13 23:50:41 mail postfix/smtpd[27515]: connect from host.87-118-129-65.airbites.bg[87.118.129.65]
May 13 23:50:48 mail postfix/smtpd[27515]: warning: 65.129.118.87.relays.ordb.org: RBL lookup error: Host or domain name not found. Name service error for name=65.129.118.87.relays.ordb.org type=A: Host not found, try again
May 13 23:50:48 mail postfix/smtpd[27515]: NOQUEUE: reject: RCPT from host.87-118-129-65.airbites.bg[87.118.129.65]: 450 4.7.1 <xxx@domain.com>: Recipient address rejected: Greylisted, see http://isg.ee.ethz.ch/tools/postgrey/help/domain.com.html; from=<hosfordrwi@flex.za.net> to=<xxx@domain.com> proto=SMTP helo=<flex.za.net>
May 13 23:50:48 mail postfix/smtpd[27515]: lost connection after RCPT from host.87-118-129-65.airbites.bg[87.118.129.65]
May 13 23:50:48 mail postfix/smtpd[27515]: disconnect from host.87-118-129-65.airbites.bg[87.118.129.65]
May 13 23:54:08 mail postfix/anvil[27517]: statistics: max connection rate 1/60s for (smtp:87.118.129.65) at May 13 23:50:41
May 13 23:54:08 mail postfix/anvil[27517]: statistics: max connection count 1 for (smtp:87.118.129.65) at May 13 23:50:41
May 13 23:54:08 mail postfix/anvil[27517]: statistics: max cache size 1 at May 13 23:50:41
May 13 23:55:46 mail postfix/smtpd[27542]: connect from unknown[88.237.23.151]
May 13 23:55:55 mail postfix/smtpd[27542]: warning: 151.23.237.88.relays.ordb.org: RBL lookup error: Host or domain name not found. Name service error for name=151.23.237.88.relays.ordb.org type=A: Host not found, try again
May 13 23:55:55 mail postfix/smtpd[27542]: NOQUEUE: reject_warning: RCPT from unknown[88.237.23.151]: 504 5.5.2 <ucjb>: Helo command rejected: need fully-qualified hostname; from=<aiar@consolidated.net> to=<xxx@domain.com> proto=SMTP helo=<ucjb>
May 13 23:55:55 mail postfix/smtpd[27542]: NOQUEUE: reject: RCPT from unknown[88.237.23.151]: 450 4.7.1 <xxx@domain.com>: Recipient address rejected: Greylisted, see http://isg.ee.ethz.ch/tools/postgrey/help/domain.com.html; from=<aiar@consolidated.net> to=<xxx@domain.com> proto=SMTP helo=<ucjb>
May 13 23:55:55 mail postfix/smtpd[27542]: disconnect from unknown[88.237.23.151]
May 13 23:59:15 mail postfix/anvil[27544]: statistics: max connection rate 1/60s for (smtp:88.237.23.151) at May 13 23:55:46
May 13 23:59:15 mail postfix/anvil[27544]: statistics: max connection count 1 for (smtp:88.237.23.151) at May 13 23:55:46
May 13 23:59:15 mail postfix/anvil[27544]: statistics: max cache size 1 at May 13 23:55:46
May 14 00:00:02 mail postfix/pickup[27251]: 1C46F8D022E: uid=0 from=<root>
May 14 00:00:02 mail postfix/cleanup[27558]: 1C46F8D022E: message-id=<20070513220002.1C46F8D022E@mail.domain.com>
May 14 00:00:02 mail postfix/qmgr[3341]: 1C46F8D022E: from=<root@domain.com>, size=623, nrcpt=1 (queue active)
May 14 00:00:02 mail postfix/pickup[27251]: 30FCE8D022D: uid=0 from=<root>
May 14 00:00:02 mail postfix/cleanup[27558]: 30FCE8D022D: message-id=<20070513220002.30FCE8D022D@mail.domain.com>
May 14 00:00:02 mail amavis[27510]: (27510-01) ESMTP::10024 /var/lib/amavis/tmp/amavis-20070514T000002-27510: <root@domain.com> -> <postmaster@domain.com> SIZE=623 Received: from mail.domain.com ([127.0.0.1]) by localhost (mail.domain.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <postmaster@domain.com>; Mon, 14 May 2007 00:00:02 +0200 (CEST)
May 14 00:00:02 mail postfix/qmgr[3341]: 30FCE8D022D: from=<root@domain.com>, size=621, nrcpt=1 (queue active)
May 14 00:00:02 mail amavis[27511]: (27511-01) ESMTP::10024 /var/lib/amavis/tmp/amavis-20070514T000002-27511: <root@domain.com> -> <postmaster@domain.com> SIZE=621 Received: from mail.domain.com ([127.0.0.1]) by localhost (mail.domain.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <postmaster@domain.com>; Mon, 14 May 2007 00:00:02 +0200 (CEST)
May 14 00:00:02 mail amavis[27510]: (27510-01) Checking: aENADTlgIxOb <root@domain.com> -> <postmaster@domain.com>
May 14 00:00:02 mail amavis[27510]: (27510-01) p001 1 Content-Type: text/plain, size: 92 B, name: 
May 14 00:00:02 mail amavis[27511]: (27511-01) Checking: s+DTTwd+rF5H <root@domain.com> -> <postmaster@domain.com>
May 14 00:00:02 mail amavis[27511]: (27511-01) p001 1 Content-Type: text/plain, size: 91 B, name: 
May 14 00:00:02 mail postfix/smtpd[27566]: connect from localhost[127.0.0.1]
May 14 00:00:02 mail postfix/smtpd[27564]: connect from localhost[127.0.0.1]
May 14 00:00:02 mail postfix/smtpd[27566]: EDFEC8D01CE: client=localhost[127.0.0.1]
May 14 00:00:02 mail postfix/smtpd[27564]: F12F08D022F: client=localhost[127.0.0.1]
May 14 00:00:03 mail postfix/cleanup[27558]: EDFEC8D01CE: message-id=<20070513220002.30FCE8D022D@mail.domain.com>
May 14 00:00:03 mail postfix/qmgr[3341]: EDFEC8D01CE: from=<root@domain.com>, size=994, nrcpt=1 (queue active)
May 14 00:00:03 mail postfix/smtpd[27566]: disconnect from localhost[127.0.0.1]
May 14 00:00:03 mail amavis[27511]: (27511-01) FWD via SMTP: <root@domain.com> -> <postmaster@domain.com>, 250 2.6.0 Ok, id=27511-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as EDFEC8D01CE
May 14 00:00:03 mail amavis[27511]: (27511-01) Passed CLEAN, <root@domain.com> -> <postmaster@domain.com>, Message-ID: <20070513220002.30FCE8D022D@mail.domain.com>, mail_id: s+DTTwd+rF5H, Hits: -, queued_as: EDFEC8D01CE, 726 ms
May 14 00:00:03 mail amavis[27511]: (27511-01) TIMING [total 740 ms] - SMTP EHLO: 20 (3%)3, SMTP pre-MAIL: 2 (0%)3, mkdir tempdir: 2 (0%)3, create email.txt: 2 (0%)3, SMTP pre-DATA-flush: 11 (2%)5, SMTP DATA: 170 (23%)28, body_digest: 5 (1%)29, gen_mail_id: 2 (0%)29, mkdir parts: 2 (0%)29, mime_decode: 37 (5%)34, get-file-type1: 30 (4%)38, decompose_part: 3 (0%)38, parts_decode: 0 (0%)38, update_cache: 14 (2%)40, decide_mail_destiny: 2 (0%)41, fwd-connect: 231 (31%)72, fwd-mail-from: 88 (12%)84, fwd-rcpt-to: 9 (1%)85, fwd-data-cmd: 2 (0%)85, write-header: 3 (0%)86, fwd-data-contents: 2 (0%)86, fwd-data-end: 51 (7%)93, fwd-rundown: 5 (1%)93, prepare-dsn: 3 (0%)94, main_log_entry: 37 (5%)99, update_snmp: 4 (1%)99, unlink-1-files: 3 (0%)100, rundown: 1 (0%)100
May 14 00:00:03 mail postfix/smtp[27562]: 30FCE8D022D: to=<postmaster@domain.com>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.1, delays=0.31/0.03/0.03/0.72, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=27511-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as EDFEC8D01CE)
May 14 00:00:03 mail postfix/qmgr[3341]: 30FCE8D022D: removed
May 14 00:00:03 mail postfix/cleanup[27561]: F12F08D022F: message-id=<20070513220002.1C46F8D022E@mail.domain.com>
May 14 00:00:03 mail postfix/qmgr[3341]: F12F08D022F: from=<root@domain.com>, size=996, nrcpt=1 (queue active)
May 14 00:00:03 mail postfix/smtpd[27564]: disconnect from localhost[127.0.0.1]
May 14 00:00:03 mail amavis[27510]: (27510-01) FWD via SMTP: <root@domain.com> -> <postmaster@domain.com>, 250 2.6.0 Ok, id=27510-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as F12F08D022F
May 14 00:00:03 mail amavis[27510]: (27510-01) Passed CLEAN, <root@domain.com> -> <postmaster@domain.com>, Message-ID: <20070513220002.1C46F8D022E@mail.domain.com>, mail_id: aENADTlgIxOb, Hits: -, queued_as: F12F08D022F, 1017 ms
May 14 00:00:03 mail amavis[27510]: (27510-01) TIMING [total 1033 ms] - SMTP EHLO: 21 (2%)2, SMTP pre-MAIL: 2 (0%)2, mkdir tempdir: 2 (0%)2, create email.txt: 2 (0%)2, SMTP pre-DATA-flush: 11 (1%)4, SMTP DATA: 122 (12%)15, body_digest: 5 (1%)16, gen_mail_id: 2 (0%)16, mkdir parts: 2 (0%)16, mime_decode: 37 (4%)20, get-file-type1: 29 (3%)23, decompose_part: 3 (0%)23, parts_decode: 0 (0%)23, update_cache: 13 (1%)24, decide_mail_destiny: 2 (0%)24, fwd-connect: 411 (40%)64, fwd-mail-from: 68 (7%)71, fwd-rcpt-to: 27 (3%)73, fwd-data-cmd: 2 (0%)74, write-header: 3 (0%)74, fwd-data-contents: 2 (0%)74, fwd-data-end: 197 (19%)93, fwd-rundown: 21 (2%)95, prepare-dsn: 3 (0%)95, main_log_entry: 37 (4%)99, update_snmp: 5 (0%)100, unlink-1-files: 4 (0%)100, rundown: 1 (0%)100
May 14 00:00:03 mail postfix/smtp[27560]: 1C46F8D022E: to=<postmaster@domain.com>, orig_to=<root>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.2, delays=0.14/0.04/0.03/1, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=27510-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as F12F08D022F)
May 14 00:00:03 mail postfix/qmgr[3341]: 1C46F8D022E: removed
May 14 00:00:03 mail postfix/virtual[27568]: EDFEC8D01CE: to=<postmaster@domain.com>, relay=virtual, delay=0.36, delays=0.07/0.12/0/0.17, dsn=2.0.0, status=sent (delivered to maildir)
May 14 00:00:03 mail postfix/qmgr[3341]: EDFEC8D01CE: removed
May 14 00:00:03 mail postfix/virtual[27570]: F12F08D022F: to=<postmaster@domain.com>, relay=virtual, delay=0.38, delays=0.23/0.12/0/0.03, dsn=2.0.0, status=sent (delivered to maildir)
May 14 00:00:03 mail postfix/qmgr[3341]: F12F08D022F: removed
May 14 00:01:48 mail postfix/smtpd[27578]: connect from pc-233-73-46-190.cm.vtr.net[190.46.73.233]
May 14 00:02:00 mail postfix/smtpd[27578]: warning: 233.73.46.190.relays.ordb.org: RBL lookup error: Host or domain name not found. Name service error for name=233.73.46.190.relays.ordb.org type=A: Host not found, try again
May 14 00:02:00 mail postfix/smtpd[27578]: NOQUEUE: reject: RCPT from pc-233-73-46-190.cm.vtr.net[190.46.73.233]: 450 4.7.1 <entrepros@domain.com>: Recipient address rejected: Greylisted, see http://isg.ee.ethz.ch/tools/postgrey/help/pym.be.html; from=<xveverest@mail333.com> to=<entrepros@domain.com> proto=SMTP helo=<mail333.com>
May 14 00:02:01 mail postfix/smtpd[27578]: lost connection after RCPT from pc-233-73-46-190.cm.vtr.net[190.46.73.233]
May 14 00:02:01 mail postfix/smtpd[27578]: disconnect from pc-233-73-46-190.cm.vtr.net[190.46.73.233]
May 14 00:03:17 mail postfix/smtpd[27578]: connect from www.domain.com[192.168.100.10]
May 14 00:03:17 mail postfix/smtpd[27578]: E5BB98D01CE: client=www.domain.com[192.168.100.10]
May 14 00:03:17 mail postfix/cleanup[27583]: E5BB98D01CE: message-id=<61241.80.200.101.54.1179093664.squirrel@mail.domain.com>
May 14 00:03:18 mail postfix/qmgr[3341]: E5BB98D01CE: from=<xxx@domain.com>, size=711, nrcpt=1 (queue active)
May 14 00:03:18 mail amavis[27511]: (27511-02) ESMTP::10024 /var/lib/amavis/tmp/amavis-20070514T000002-27511: <xxx@domain.com> -> <xxx@domain.com> SIZE=711 BODY=8BITMIME Received: from mail.domain.com ([127.0.0.1]) by localhost (mail.domain.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <xxx@domain.com>; Mon, 14 May 2007 00:03:18 +0200 (CEST)
May 14 00:03:18 mail postfix/smtpd[27578]: disconnect from www.domain.com[192.168.100.10]
May 14 00:03:18 mail amavis[27511]: (27511-02) Checking: w9W0TwC-DWfj [192.168.100.10] <xxx@domain.com> -> <xxx@domain.com>
May 14 00:03:18 mail amavis[27511]: (27511-02) p001 1 Content-Type: text/plain, size: 6 B, name: 
May 14 00:03:18 mail postfix/smtpd[27587]: connect from localhost[127.0.0.1]
May 14 00:03:18 mail postfix/smtpd[27587]: 5BB208D022D: client=localhost[127.0.0.1]
May 14 00:03:18 mail postfix/cleanup[27588]: 5BB208D022D: message-id=<61241.80.200.101.54.1179093664.squirrel@mail.domain.com>
May 14 00:03:18 mail postfix/qmgr[3341]: 5BB208D022D: from=<xxx@domain.com>, size=1082, nrcpt=1 (queue active)
May 14 00:03:18 mail postfix/smtpd[27587]: disconnect from localhost[127.0.0.1]
May 14 00:03:18 mail amavis[27511]: (27511-02) FWD via SMTP: <xxx@domain.com> -> <xxx@domain.com>, BODY=8BITMIME 250 2.6.0 Ok, id=27511-02, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 5BB208D022D
May 14 00:03:18 mail amavis[27511]: (27511-02) Passed CLEAN, LOCAL [192.168.100.10] [80.200.101.54] <xxx@domain.com> -> <xxx@domain.com>, Message-ID: <61241.80.200.101.54.1179093664.squirrel@mail.domain.com>, mail_id: w9W0TwC-DWfj, Hits: -, queued_as: 5BB208D022D, 472 ms

Et le local.cf

# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################

#   Add *****SPAM***** to the Subject header of spam e-mails
#
rewrite_header Subject *****SPAM*****

#   Save spam messages as a message/rfc822 MIME attachment instead of
#   modifying the original message (0: off, 2: use text/plain instead)
#
# report_safe 1

#   Set which networks or hosts are considered 'trusted' by your mail
#   server (i.e. not spammers)
#
# trusted_networks 212.17.35.

#   Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock

#   Set the threshold at which a message is considered spam (default: 5.0)
#
# required_score 5.0

#   Use Bayesian classifier (default: 1)
#
use_bayes 1

#   Bayesian classifier auto-learning (default: 1)
#
bayes_auto_learn 1

#   Set headers which may provide inappropriate cues to the Bayesian
#   classifier
#
# bayes_ignore_header X-Bogosity
# bayes_ignore_header X-Spam-Flag
# bayes_ignore_header X-Spam-Status

bayes_file_mode         0770

Je n'ai pas fais de gros changement (presque aucun...) le tuto disait pas grand chose pour SA...

Merci !

toniotonio · Le 14/05/2007, à 09:37

d'apres les logs SA n'est pas chargé par amavisd
tu as egalement lancé le demon spamd, ce qui est inutile lors de l'utilsation d'amavisd pour SA
il doit y avoir un probleme dans ta conf d'amavisd:

poste ton amavisd.conf

Vi66cent · Le 14/05/2007, à 11:16

Je n'ai pas de fichier amavisd.conf mais dans le répertoire /etc/amavis/conf.d j'ai plusieurs fichiers de configuration.

Je les ai mis ici.

Dernière modification par Vi66cent (Le 14/05/2007, à 11:19)

toniotonio · Le 14/05/2007, à 13:05

les paquets debian sont assez bizarre quand meme
bon passons

on dirait que la conf amavisd est correcte
tu as peut etre un pb avec ton install de SA

les versions des SA et amavisd ?

Vi66cent · Le 14/05/2007, à 13:37

$ amavisd-new -V
amavisd-new-2.4.2 (20060627)

$ spamassassin -V
SpamAssassin version 3.1.7-deb
running on Perl version 5.8.8

Je t'ai aussi mis les fichiers de config de postfix ici, sait-on jamais...

Encore merci !

Dernière modification par Vi66cent (Le 14/05/2007, à 13:44)

toniotonio · Le 14/05/2007, à 13:43

ton SA n'est pas chargé par amavisd
essaie de faire ca

arrete spamd (inutile)
arrete amavisd
lance amavisd en console par la commande amavisd debug-sa

Vi66cent · Le 14/05/2007, à 14:20

Ca fonctionne pas des masses...

$ /etc/init.d/amavis debug-sa
Trying to run amavisd-new in debug-sa mode...

Et ca reste comme ca...
J'ai vérifié avec top, il n'utilise pas le proco.

toniotonio · Le 14/05/2007, à 14:30

il faut pas le lancer comme ca

arrete le
verifie qu'il ne tourne plus
puis tapes amavisd debug-sa en console simplement

Vi66cent · Le 14/05/2007, à 14:41

Ca fait la même chose...

Par contre je n'ai pas "amavisd" mais "amavisd-new", je sais pas si ca change quelque chose...

toniotonio · Le 14/05/2007, à 14:47

surement une particularité du paquet
bon ajoute $sa_debug = 1 (verifie quand meme avant que le parametre ne soit pas deja present.)

puis relance amavisd normalement

Vi66cent · Le 14/05/2007, à 15:10

J'ai rajouté $sa_debug = 1 dans le fichier de config d'amavis.

Puis quand je le lance normalement il n'affiche rien de spéciale.

toniotonio · Le 14/05/2007, à 15:16

dans le mail.log tu ne vois pas de difference ?

je deteste les paquets debian pour ce genre de soft, c'est un merdier sans nom.

essaye avec $log_level 5 alors

Vi66cent · Le 14/05/2007, à 15:43

Aucune trace de SA même avec le log level 5.

On dirait qu'amavis ne sait même pas que SA existe... Il n'est p-e pas spécifié dans un fichier de conf qu'il doit l'utiliser ?

toniotonio · Le 14/05/2007, à 16:17

c'est specifié dans la conf amavis_helpers

mais j'avoue de rien comprendre a la sauce du package debian

toniotonio · Le 14/05/2007, à 16:49

a ta place j'installerai la derniere version 2.5.0 depuis les sources sur le site officiel

Vi66cent · Le 14/05/2007, à 16:56

Je viens de regarder dans le syslog et j'ai ceci

May 14 16:52:25 mail amavis[31864]: (31864-08) no anti-spam code loaded, skipping spam_scanMay 14 16:52:25 mail amavis[31864]: (31864-08) lookup (spam_tag2_level) => true,  "xxx@domain.com" matches, result="6.31", matching_key="(constant:6.31)"May 14 16:52:25 mail amavis[31864]: (31864-08) lookup (spam_tag3_level) => undef, "xxx@domain.com" does not matchMay 14 16:52:25 mail amavis[31864]: (31864-08) lookup (spam_kill_level) => true,  "xxx@domain.com" matches, result="6.31", matching_key="(constant:6.31)"May 14 16:52:25 mail amavis[31864]: (31864-08) lookup (bypass_spam_checks) => true,  "xxx@domain.com" matches, result="1", matching_key="(constant:1)"

Est-ce que ca veut dire que SA fonctionne ?

Si ca marche toujours pas j'installerais comme tu me le suggère a partir des sources

toniotonio · Le 14/05/2007, à 17:07

lookup (bypass_spam_checks) => true

donc quelque part dans la conf d'amavisd, le code de SA est desactivé.

faut chercher dans les fichiers de conf eclatés

Vi66cent · Le 14/05/2007, à 17:48

Trouvé !

C'était dans le fichier de config d'amavis 15-content_filter_mode

J'ai décommenté ces 2 lignes

@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

Et ca semble fonctionner maintenant.

May 14 17:42:38 mail amavis[32289]: (32289-05) TIMING [total 1390 ms] - SMTP EHLO: 10 (1%)1, SMTP pre-MAIL: 4 (0%)1, SMTP pre-DATA-flush: 10 (1%)2, SMTP DATA: 67 (5%)6, body_digest: 4 (0%)7, gen_mail_id: 1 (0%)7, mime_decode: 35 (2%)9, get-file-type1: 40 (3%)12, parts_decode: 1 (0%)12, spam-wb-list: 18 (1%)14, SA msg read: 3 (0%)14, SA parse: 12 (1%)15, SA check: 838 (60%)75, SA finish: 11 (1%)76, update_cache: 4 (0%)76, decide_mail_destiny: 2 (0%)76, fwd-connect: 150 (11%)87, fwd-mail-from: 5 (0%)87, fwd-rcpt-to: 68 (5%)92, fwd-data-cmd: 2 (0%)92, write-header: 4 (0%)93, fwd-data-contents: 3 (0%)93, fwd-data-end: 45 (3%)96, fwd-rundown: 5 (0%)97, prepare-dsn: 2 (0%)97, main_log_entry: 37 (3%)99, update_snmp: 5 (0%)100, unlink-1-files: 3 (0%)100, rundown: 1 (0%)100

Par contre il envoie les mail identifié comme spam a l'adresse spam-quarantine@domaine.com. Est-il possible qu'il tag le sujet du mail à la place ?

toniotonio · Le 14/05/2007, à 17:52

oui mais encore une fois faut trouver dans les fichiers:

la modif c'est ca:

$sa_tag_level_deflt  = -9999.9;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 4.3; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 9999.9; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
# $sa_quarantine_cutoff_level = 20; # spam level beyond which quarantine is off

et

$final_spam_destiny       = D_PASS;

Dernière modification par toniotonio (Le 14/05/2007, à 17:53)

Vi66cent · Le 14/05/2007, à 18:18

Fantastique ! Tout fonctionne comme je veux

Merci beaucoup pour ton aide !

Ubuntu-fr

Navigation

Liens de recherche

Annonce

#1 Le 13/05/2007, à 19:52

[Résolu] Serveur Mail - Postfix, amavis, spamassassin

#2 Le 13/05/2007, à 23:06

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#3 Le 14/05/2007, à 00:09

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#4 Le 14/05/2007, à 00:18

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#5 Le 14/05/2007, à 01:14

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#6 Le 14/05/2007, à 09:37

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#7 Le 14/05/2007, à 11:16

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#8 Le 14/05/2007, à 13:05

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#9 Le 14/05/2007, à 13:37

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#10 Le 14/05/2007, à 13:43

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#11 Le 14/05/2007, à 14:20

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#12 Le 14/05/2007, à 14:30

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#13 Le 14/05/2007, à 14:41

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#14 Le 14/05/2007, à 14:47

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#15 Le 14/05/2007, à 15:10

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#16 Le 14/05/2007, à 15:16

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#17 Le 14/05/2007, à 15:43

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#18 Le 14/05/2007, à 16:17

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#19 Le 14/05/2007, à 16:49

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#20 Le 14/05/2007, à 16:56

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#21 Le 14/05/2007, à 17:07

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#22 Le 14/05/2007, à 17:48

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#23 Le 14/05/2007, à 17:52

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

#24 Le 14/05/2007, à 18:18

Re : [Résolu] Serveur Mail - Postfix, amavis, spamassassin

Pied de page des forums