| View previous topic :: View next topic |
| Author |
Message |
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
 Posted: Fri Sep 24, 2010 8:51 pm Post subject: Amavisd-new skips email from own domain [solved] |
 |
|
I just installed Amavisd-new and Spamassassin, to bust the load of spam, flooding my mailbox. It seems to work fine, except for the part that it seems to skip all emails, that come from my own domain. This includes all the spam with fake senders, that use adresses from my own domain. And since lots of spammessages are doing this, lots of spammessages are not put in the spamfolder.
I certainly hope someone can tell me what option I should change 
Thanks anyway 
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all.
Last edited by mariourk on Mon Sep 27, 2010 1:38 pm; edited 1 time in total |
|
| Back to top |
|
 |
gerdesj
l33t
Joined: 29 Sep 2005
Posts: 622
Location: Yeovil, Somerset, UK
|
| Posted: Sat Sep 25, 2010 10:15 am Post subject: Re: Spamassassin (Amavisd-new) skips email from own domain |
|
|
What MTA do you use - Exim, Postfix etc?
I've just had a quick look on the Amavis FAQs and it seems the decision to run Spam Assassin is taken by Amavis - ie not everything is passed over. Also the MTA may decide whether to use Amavis, so start with your MTA config, then look at Amavis confi, then Spamd.
So could we see your MTA's configuration relating to Amavis please?
Cheers
Jon |
|
| Back to top |
|
|
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
| Posted: Sat Sep 25, 2010 1:14 pm Post subject: |
|
|
I'm using Postfix as MTA. Amavisd-new is the software that uses Spamassassin to test for spam.
This is amavisd.conf
| Code: |
$MYHOME = '/var/amavis';
$mydomain = 'mijndomein.nl';
$myhostname = 'mail.mijndomein.nl';
@mynetworks = qw( 127.0.0.0/8 192.168.1.0/24 );
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis)
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis)
$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean?
$ENV{TMPDIR} = $TEMPBASE; # wise, but usually not necessary
$max_servers = 5; # number of pre-forked children (default 2)
$max_requests = 20; # retire a child after that many accepts (default 10)
$child_timeout=5*60; # abort child if it does not complete each task in n sec
@local_domains_acl = ( ".$mydomain", ".myotherdomain.nl", ".anotherdomain.nl" ); # $mydomain and its subdomains
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
@inet_acl = qw(127.0.0.1 [::1]); # (default is qw( 127.0.0.1 ) )
$DO_SYSLOG = 0; # (defaults to false)
$LOGFILE = "/var/log/amavis/amavis.log"; # (defaults to empty, no log)
$log_level = 3; # (defaults to 0)
$log_templ = '[? %#V |[? %#F |[?%#D|Not-Delivered|Passed]|BANNED name/type (%F)]|INFECTED (%V)], #
<%o> -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';
$final_virus_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_spam_destiny = D_PASS; # (defaults to D_REJECT)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
$viruses_that_fake_sender_re = new_RE(
qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i,
qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i,
qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i,
qr'@mm|@MM', # mass mailing viruses as labeled by f-prot and uvscan
qr'Worm'i, # worms as labeled by ClamAV, Kaspersky, etc
[qr'^(EICAR|Joke\.|Junk\.)'i => 0],
[qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i => 0],
[qr/.*/ => 1], # true by default (remove or comment-out if undesired)
);
$virus_admin = "Virusscanner\@$mydomain";
$mailfrom_notify_admin = "spamfilter\@$mydomain";
$mailfrom_notify_recip = "spamfilter\@$mydomain";
$mailfrom_notify_spamadmin = "spamfilter\@$mydomain";
$mailfrom_to_quarantine = undef; # original sender if undef, or set explicitly
$QUARANTINEDIR = '/var/virusmails';
$spam_quarantine_to = undef;
# Add X-Virus-Scanned header field to mail?
$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: undef)
# Leave empty to add no header field # (default: undef)
$X_HEADER_LINE = "by amavisd-new at $mydomain";
$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
#$remove_existing_x_scanned_headers= 1; # remove existing headers
# (defaults to false)
#$remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone
$remove_existing_spam_headers = 1; # remove existing spam headers if
# spam scanning is enabled (default)
$keep_decoded_original_re = new_RE(
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
);
$banned_filename_re = new_RE(
qr'\.[a-zA-Z][a-zA-Z0-9]{0,3}\.(vbs|pif|scr|bat|com|exe|dll)$'i, # double extension
);
$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting
$recipient_delimiter = '+'; # (default is '+')
$localpart_is_case_sensitive = 0; # (default is false)
@whitelist_sender_acl = qw( spamfilter@mijndomein.nl );
$blacklist_sender_re = new_RE(
qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
qr'^(investments|lose_weight_today|market.alert|money2you|MyGreenCard)@'i,
qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
);
#Whitelist
read_hash(\%whitelist_sender, '/var/amavis/whitelist');
# Maximum recursion level for extraction/decoding (0 or undef disables limit)
$MAXLEVELS = 14; # (default is undef, no limit)
# Maximum number of extracted files (0 or undef disables the limit)
$MAXFILES = 1500; # (default is undef, no limit)
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified)
$MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified)
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj']; # both can extract, same options
$unrar = ['rar', 'unrar']; # both can extract, same options
$zoo = 'zoo';
$lha = 'lha';
$cpio = 'cpio'; # comment out if cpio does not support GNU options
# SpamAssassin settings
$sa_local_tests_only = 0; # (default: false)
#$sa_auto_whitelist = 1; # turn on AWL (default: false)
$sa_mail_body_size_limit = 150*1024; # don't waste time on SA if mail is larger
$sa_tag_level_deflt = 0.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 4.5; # add 'spam detected' headers at that level
$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
@av_scanners = (
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
#-------------
1; # insure a defined return
|
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all. |
|
| Back to top |
|
|
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
| Posted: Mon Sep 27, 2010 10:26 am Post subject: |
|
|
A minor change to what I said earlier. Not emails FROM mydomain are ignored bij spamassassin, but emails TO mydomain are ignored bij spamassassin.
To be more specific, we use more that one domain. All of these are used as final destination. So it doesn't matter wich one is used, they all end up in the same
mailbox, of the adressed user. It is one of these domains that is ignored. If an email is adressed to another domain, it works fine.
Adressed to:
me@main-domain.com -> Works fine, is scanned and header info is added
me@second-domain.com -> Ignored by spamassassin. scanned for virusses, but not for spam. Headerinfo only added for virusscan, not for spamscan.
me@thirth-domain.com -> Works fine, is scanned and header info is added
me@forth-domain.com -> Works fine, is scanned and header info is added
Does anyone have a clue?
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all. |
|
| Back to top |
|
|
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1497
Location: Oxfordshire, UK
|
| Posted: Mon Sep 27, 2010 1:10 pm Post subject: |
|
|
Set your local_domains_maps to be ".":
| Code: | | @local_domains_maps = ( ["."] ); # $mydomain and its subdomains |
This means that any email you get sent is classed as a "local domain" so gets the amavis headers added to it.
Rich. |
|
| Back to top |
|
|
mariourk
l33t
Joined: 11 Jul 2003
Posts: 807
Location: Urk, Netherlands
|
| Posted: Mon Sep 27, 2010 1:37 pm Post subject: |
|
|
The problem was this variable:
It had all my domains, except the one that was giving problems. After adding it to the list, everything worked fine.
I hope this helps someone. It has been driving me crazy for a few days now. Glad I got it fixed. 
_________________
If there is one thing to learn from history, it's that we usualy don't learn anything from it, at all. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
