[FUG-BR] Amavis não detecta spam
Elton Clemente
elton.kairos em gmail.com
Quinta Março 25 08:31:42 BRT 2010
Pessoal,
Gostaria de saber se alguém poderia me ajudar a descobrir porque o
amavisd-new não está detectando spams.
Todos estão sendo assinalados como "clean". A uns 2 dias estou quebrando
a cabeça com isso.
Vírus são perfeitamente detectados e bloqueados. As notificações são
entregues.
Bad-header são detectados, mas permito.
Cenário:
FreeBSD 8.0-STABLE i386
Postfix-2.6.5,1
amavisd-new-2.6.4_5,1
perl v5.8.9
p5-Mail-SpamAssassin-3.3.0_3
Meus arquivos de configuração:
amavisd.conf:
(...)
@spam_scanners = (['SpamAssassin', 'Amavis::SpamControl::SpamAssassin'],
['SpamdClient', 'Amavis::SpamControl::SpamdClient' ]);
$sa_debug = '3,all';
$sa_spam_report_header = 1;
$sa_spam_level_char = '*';
$sa_spawned = 0;
$sa_tag_level_deflt = 3.0; # add spam info headers if at, or above that
level
$sa_tag2_level_deflt = 4.2; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 4.9; # triggers spam evasive actions (e.g. blocks
mail)
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid
From
$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi
spam
$bounce_killer_score = 100; # spam score points to add for joe-jobbed
bounces
$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is
larger
$sa_local_tests_only = 0; # only tests which do not require internet
access?
(..)
read_l10n_templates('/etc/mail/amavis/pt_BR');
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_BOUNCE;
$final_spam_destiny = D_BOUNCE;
$final_bad_header_destiny = D_PASS;
$bad_header_quarantine_method = undef;
(...)
local.cf:
rewrite_header Subject *****SPAM*****
report_safe 2
trusted_networks 192.168.0.
internal_networks 192.168.0.
lock_method flock
ok_locales all
skip_rbl_checks 0
use_pyzor 0
required_score 4.0
use_bayes 1
bayes_auto_learn 1
use_bayes_rules 1
bayes_ignore_header X-Bogosity
bayes_ignore_header X-Spam-Flag
bayes_ignore_header X-Spam-Status
main.cf:
content_filter = smtp-amavis:[127.0.0.1]:10024
master.cf:
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1
Executando spamassassin -t < teste.txt > spam.out :
Received: from localhost by intranet.dominio.com.br
with SpamAssassin (version 3.3.0);
Wed, 24 Mar 2010 23:29:36 -0300
Subject: *****SPAM*****
X-Spam-Checker-Version: SpamAssassin 3.3.0 (2010-01-18) on
intranet.dominio.com.br
X-Spam-Flag: YES
X-Spam-Level: ****
X-Spam-Status: Yes, score=4.5 required=4.0
tests=MISSING_DATE,MISSING_HEADERS,
MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS
autolearn=no version=3.3.0
MIME-Version: 1.0
Pelo que entendi, está tudo certo com o SpamAssassim.
Log do amavis quando inicia:
Mar 24 23:33:53 intranet amavis[42013]: starting. /usr/local/sbin/amavisd
at intranet.dominio.com.br amavisd-new-2.6.4 (20090625), Unicode aware,
LC_ALL="p
t_BR.ISO8859-1", LC_CTYPE="ISO-8859-1", LANG="pt_BR.ISO8859-1"
Mar 24 23:33:53 intranet amavis[42013]: user=, EUID: 110 (110); group=,
EGID: 110 110 (110 110)
Mar 24 23:33:53 intranet amavis[42013]: Perl version 5.008009
Mar 24 23:33:54 intranet amavis[42013]: SpamControl: init_pre_chroot on
SpamAssassin done
Mar 24 23:33:54 intranet amavis[42014]: Net::Server: Process Backgrounded
Mar 24 23:33:54 intranet amavis[42014]: Net::Server: 2010/03/24-23:33:54
Amavis (type Net::Server::PreForkSimple) starting! pid(42014)
Mar 24 23:33:54 intranet amavis[42014]: Net::Server: Binding to UNIX socket
file /var/amavis/amavisd.sock using SOCK_STREAM
Mar 24 23:33:54 intranet amavis[42014]: Net::Server: Binding to TCP port
10024 on host *
Mar 24 23:33:54 intranet amavis[42014]: Net::Server: Binding to TCP port
10026 on host *
Mar 24 23:33:54 intranet amavis[42014]: Net::Server: Group Not Defined.
Defaulting to EGID '110 110'
Mar 24 23:33:54 intranet amavis[42014]: Net::Server: User Not Defined.
Defaulting to EUID '110'
Mar 24 23:33:54 intranet amavis[42014]: Module Amavis::Conf 2.207
Mar 24 23:33:54 intranet amavis[42014]: Module Archive::Zip 1.30
Mar 24 23:33:54 intranet amavis[42014]: Module BerkeleyDB 0.41
Mar 24 23:33:54 intranet amavis[42014]: Module Compress::Zlib 2.015
Mar 24 23:33:54 intranet amavis[42014]: Module Convert::TNEF 0.17
Mar 24 23:33:54 intranet amavis[42014]: Module Convert::UUlib 1.33
Mar 24 23:33:54 intranet amavis[42014]: Module Crypt::OpenSSL::RSA 0.26
Mar 24 23:33:54 intranet amavis[42014]: Module DBD::mysql 4.013
Mar 24 23:33:54 intranet amavis[42014]: Module DBI 1.609
Mar 24 23:33:54 intranet amavis[42014]: Module DB_File 1.817
Mar 24 23:33:54 intranet amavis[42014]: Module Digest::MD5 2.37
Mar 24 23:33:54 intranet amavis[42014]: Module Digest::SHA 5.48
Mar 24 23:33:54 intranet amavis[42014]: Module Digest::SHA1 2.12
Mar 24 23:33:54 intranet amavis[42014]: Module IO::Socket::INET6 2.56
Mar 24 23:33:54 intranet amavis[42014]: Module MIME::Entity 5.427
Mar 24 23:33:54 intranet amavis[42014]: Module MIME::Parser 5.427
Mar 24 23:33:54 intranet amavis[42014]: Module MIME::Tools 5.427
Mar 24 23:33:54 intranet amavis[42014]: Module Mail::DKIM::Signer 0.37
Mar 24 23:33:54 intranet amavis[42014]: Module Mail::DKIM::Verifier 0.37
Mar 24 23:33:54 intranet amavis[42014]: Module Mail::Header 2.06
Mar 24 23:33:54 intranet amavis[42014]: Module Mail::Internet 2.06
Mar 24 23:33:54 intranet amavis[42014]: Module Mail::SPF v2.007
Mar 24 23:33:54 intranet amavis[42014]: Module Mail::SpamAssassin 3.003000
Mar 24 23:33:54 intranet amavis[42014]: Module Net::DNS 0.66
Mar 24 23:33:54 intranet amavis[42014]: Module Net::Server 0.97
Mar 24 23:33:54 intranet amavis[42014]: Module NetAddr::IP 4.027
Mar 24 23:33:54 intranet amavis[42014]: Module Razor2::Client::Version 2.84
Mar 24 23:33:54 intranet amavis[42014]: Module Socket6 0.23
Mar 24 23:33:54 intranet amavis[42014]: Module Time::HiRes 1.9719
Mar 24 23:33:54 intranet amavis[42014]: Module URI 1.52
Mar 24 23:33:54 intranet amavis[42014]: Module Unix::Syslog 1.1
Mar 24 23:33:54 intranet amavis[42014]: Amavis::DB code loaded
Mar 24 23:33:54 intranet amavis[42014]: Amavis::Cache code loaded
Mar 24 23:33:54 intranet amavis[42014]: SQL base code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: SQL::Log code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: SQL::Quarantine NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: Lookup::SQL code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: Lookup::LDAP code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: AM.PDP-in proto code loaded
Mar 24 23:33:54 intranet amavis[42014]: SMTP-in proto code loaded
Mar 24 23:33:54 intranet amavis[42014]: Courier proto code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: SMTP-out proto code loaded
Mar 24 23:33:54 intranet amavis[42014]: Pipe-out proto code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: BSMTP-out proto code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: Local-out proto code loaded
Mar 24 23:33:54 intranet amavis[42014]: OS_Fingerprint code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: ANTI-VIRUS code loaded
Mar 24 23:33:54 intranet amavis[42014]: ANTI-SPAM code loaded
Mar 24 23:33:54 intranet amavis[42014]: ANTI-SPAM-EXT code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: ANTI-SPAM-C code loaded
Mar 24 23:33:54 intranet amavis[42014]: ANTI-SPAM-SA code loaded
Mar 24 23:33:54 intranet amavis[42014]: Unpackers code loaded
Mar 24 23:33:54 intranet amavis[42014]: DKIM code loaded
Mar 24 23:33:54 intranet amavis[42014]: Tools code NOT loaded
Mar 24 23:33:54 intranet amavis[42014]: Found $file at
/usr/local/bin/file
Mar 24 23:33:54 intranet amavis[42014]: Found $altermime at
/usr/local/bin/altermime
Mar 24 23:33:54 intranet amavis[42014]: Internal decoder for .mail
Mar 24 23:33:54 intranet amavis[42014]: Internal decoder for .asc
Mar 24 23:33:54 intranet amavis[42014]: Internal decoder for .uue
Mar 24 23:33:54 intranet amavis[42014]: Internal decoder for .hqx
Mar 24 23:33:54 intranet amavis[42014]: Internal decoder for .ync
Mar 24 23:33:54 intranet amavis[42014]: Found decoder for .F at
/usr/local/bin/unfreeze
(...)
Mar 24 23:33:54 intranet amavis[42014]: Found decoder for .exe at
/usr/local/bin/unrar; /usr/local/bin/lha; /usr/local/bin/arj
Mar 24 23:33:54 intranet amavis[42014]: Using primary internal av scanner
code for ClamAV-clamd
Mar 24 23:33:54 intranet amavis[42014]: Found secondary av scanner
ClamAV-clamscan at /usr/local/bin/clamscan
Mar 24 23:33:54 intranet amavis[42014]: Creating db in /var/amavis/db/;
BerkeleyDB 0.41, libdb 4.1
Mar 24 23:33:54 intranet amavis[42014]: initializing Mail::SpamAssassin
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: logger: adding facilities:
info, all
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: logger: logging level is DBG
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: generic: SpamAssassin
version 3.3.0
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: generic: Perl 5.008009,
PREFIX=/usr/local, DEF_RULES_DIR=/usr/local/share/spamassassin,
LOCAL_RULES_DIR=/usr
/local/etc/mail/spamassassin, LOCAL_STATE_DIR=/var/db/spamassassin
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: config: timing enabled
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: config: score set 0 chosen.
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: util: running in taint mode?
yes
(..)
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: util: final PATH set to:
/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: dns: is Net::DNS::Resolver
available? yes
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: dns: Net::DNS version: 0.66
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: config: using
"/usr/local/etc/mail/spamassassin" for site rules pre files
Mar 24 23:33:54 intranet amavis[42014]: SA dbg: config: read file
/usr/local/etc/mail/spamassassin/init.pre
(...)
Mar 24 23:34:01 intranet amavis[42014]: SA dbg: check:
tests=DCC_CHECK,DKIM_ADSP_NXDOMAIN,MISSING_DATE,MISSING_HEADERS,MISSING_SUBJECT,NO_REAL_NAME,NO_RECEI
VED,NO_RELAYS
Mar 24 23:34:01 intranet amavis[42014]: SA dbg: check:
subtests=__DKIM_DEPENDABLE,__GATED_THROUGH_RCVD_REMOVER,__HAS_MESSAGE_ID,__HAS_MSGID,__MISSING_REF,__
MSGID_OK_DIGITS,__MSGID_OK_HOST,__MSOE_MID_WRONG_CASE,__NONEMPTY_BODY,__NO_REAL_NAME,__SANE_MSGID,__SARE_WHITELIST_FLAG,__TO_NO_ARROWS_R,__UNUSABLE_MSGID
Mar 24 23:34:01 intranet amavis[42014]: SA dbg: plugin:
Mail::SpamAssassin::Plugin::Bayes=HASH(0xa53629c) implements
'learner_close', priority 0
Mar 24 23:34:01 intranet amavis[42014]: SA dbg: bayes: untie-ing
Mar 24 23:34:01 intranet amavis[42014]: SpamControl: init_pre_fork on
SpamAssassin done
Elton
Mais detalhes sobre a lista de discussão freebsd