我正在运行 Postfix + amavis + SpamAssassin。消息传递得很好,它们得到X-Spam-Score了我所期望的,连同X-Spam-Status价值观,暗示 SA 正在与他们一起做某事。不幸的是,amavis 似乎并不想真正将它们标记为垃圾邮件,因为所有邮件都以X-Spam-Flag: NO.
我现在正在查看的示例消息具有以下标头:
X-Virus-Scanned: Debian amavisd-new at magni
X-Spam-Flag: NO
X-Spam-Score: 11.733
X-Spam-Level: ***********
X-Spam-Status: No, score=11.733 tests=[BAYES_99=3.5, HTML_MESSAGE=0.001,
MIME_HTML_ONLY=1.457, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_PBL=0.905,
RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033] autolearn=no
这是我的 amavisd.conf 文件:
$mydomain = "";
$MYHOME = '/var/amavisd';
$TEMPBASE = "$MYHOME/tmp";
$inet_socket_port = 10024;
$forward_method = 'smtp:127.0.0.1:10025';
$notify_method = $forward_method;
# @local_domains_acl = qw( "." ); # you may want to use qw() to check all in and out
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 999; # triggers spam evasive actions
$sa_debug = 1;
$final_virus_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_banned_destiny = D_REJECT; # (defaults to D_BOUNCE)
$final_spam_destiny = D_PASS; # (defaults to D_REJECT but we're tagging and passing)
$spam_admin = "postmaster\@$mydomain";
$spam_lovers{lc("postmaster\@$mydomain")} = 1;
$virus_admin = "postmaster\@$mydomain";
$QUARANTINEDIR = undef;
$virus_quarantine_to = undef;
#$spam_quarantine_to = 'spam-quarantine';
$remove_existing_spam_headers = 0;
$sa_local_tests_only = 0; # (default: false)
$SYSLOG_LEVEL = 'mail.err';
$DO_SYSLOG = 1;
$log_level = 2;
$enable_dkim_verification = 0;
# @bypass_spam_checks_maps = (1);
@lookup_sql_dsn = ( 'DBI:mysql:database=postfix;host=127.0.0.1;port=3306', '', '' );
$sql_select_policy = 'SELECT "Y" as local FROM aliases WHERE source IN (%k) UNION SELECT "Y" as local FROM users WHERE address IN (%k)';
1;
有任何想法吗?
更新:我一直坚持的一条消息:
X-Spam-Flag: NO
X-Spam-Score: 14.085
X-Spam-Level: **************
X-Spam-Status: No, score=14.085 tests=[BAYES_99=3.5, NO_DNS_FOR_FROM=1.496,
RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5,
RAZOR2_CHECK=0.5, RCVD_IN_XBL=3.033, RDNS_NONE=0.1,
URIBL_BLACK=1.955,
URIBL_JP_SURBL=1.501] autolearn=no
在邮件日志中有这个条目:
mail.log.1:Sep 5 21:43:39 magni amavis[25486]: (25486-10) Passed CLEAN, [78.189.26.137] [88.206.193.68] <[email protected]> -> <gms8994>, Message-ID: <[email protected]>, mail_id: 4Moi5p2dOV-I, Hits: 14.085, size: 891, queued_as: AFF8C2C367, 1156 ms
正如Dave Drager所建议的,我将尝试停止 spamd,看看会发生什么。
UPDATE2:停止 spamassassin,让 amavis 运行,刚刚收到以下消息:
X-Spam-Flag: NO
X-Spam-Score: 17.712
X-Spam-Level: *****************
X-Spam-Status: No, score=17.712 tests=[BAYES_99=3.5, FH_FROMEML_NOTLD=2.696,
RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E8_51_100=1.5,
RAZOR2_CHECK=0.5, RCVD_ILLEGAL_IP=1.908, RCVD_IN_SORBS_WEB=0.619,
RCVD_IN_XBL=3.033, URIBL_BLACK=1.955, URIBL_JP_SURBL=1.501]
autolearn=failed
在日志中有这个:
mail.log:Sep 9 08:49:11 magni amavis[13604]: (13604-10) Passed CLEAN, [77.70.121.78] [77.70.121.78] <trfq@pc-2bb82028ef37> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: Lg-rCSg9x0rr, Hits: 17.712, size: 844, queued_as: 8269D2BF6B, 2312 ms
根据@cite,我查看了 /etc/amavis/conf.d/50-user (我实际上正在运行 debian)。它是空的。我将配置从 /etc/amavis/amavisd.conf 移动到 50-user,然后重新启动,消息现在被标记为X-Spam-Flag: YES. 要引用的点。
你需要提供更详细的日志输出来解决这个问题:停止 amavisd 并在调试模式下重新启动它(
amavisd debug在 Debian/Ubuntu 上可能是amavisd-new debug,但由于你提到你配置了 amavisdamavisd.conf而不是/etc/amavis/conf.d/50-user,我猜你不在 Debian/Ubuntu 上) . 当您这样做时,您可能希望禁用邮件服务器外部接口上的 Postfix SMTP 端口 25 侦听器(您始终可以在本地提交邮件),否则您可能会获得过多的日志记录,因此请在其中找到/etc/postfix/master.cf并取消注释适当的条目(之后不要忘记postfix reload)。此外,为避免屏幕混乱,请暂时删除该
$sa_debug设置amavisd.conf- 但如果您无法找出问题的原因,请重新启用它(并尝试检查自动学习失败的原因)。关于您的配置的另外两条评论与您的问题无关:
$sa_kill_level_deflt为 -无论如何$sa_tag2_level_deflt,您最终的垃圾邮件命运。D_PASS$sa_tag_level_deflt为undef。针对 Dave 的评论:amavisd-new 默认不使用 spamd,因此重新启动 spamd 毫无意义。此外,您无法从 Spamassassin 的配置中修改 amavisd-new 处理给定内容类别(此处为 CC_SPAM)的消息的方式。
检查 Amavis 日志。我发现如果 Spamassassin 已经在运行(使用不同的配置文件,具有不同的变量集),Amavis 发送给 Spamassassin 的值可能不起作用。我想你会发现 Spamassassin 正在运行,而 Amavis 正在使用它,而不是为其生成自己的进程。尝试杀死 Spamassassin 并查看 Amavis 是否开始使用上述变量(因为它会产生自己的进程)。