[SWLUG] help required with spamassassin
Andy Dixon
astleycoder at yahoo.co.uk
Sun Jul 30 07:26:11 UTC 2006
Hello,
If you can move any spam messages you get into a mailspool file, you can use sa-learn to learn the spam messages.
http://spamassassin.apache.org/full/3.0.x/dist/doc/sa-learn.html
If afterwards you then run through all your legit mail as ham, that will help to eliminate false positives.
HTH
Andy
----- Original Message ----
From: bascule <asura at theexcession.co.uk>
To: discuss at swlug.org.uk
Sent: Sunday, 30 July, 2006 7:43:33 AM
Subject: [SWLUG] help required with spamassassin
i'm getting really low detection rates with spamassassin and i can't work out
why. mail is received by postfix from fetchmail and handed off to spamd (via
spamc) and then received back and passed to cyrus, it seems i have sa set up
right or else i wouldn't get any spam detected right? i have sa configured to
add an identifier to the subject line and i do get a few everyday, i think my
config for sa and postfix may be slightly non-standard in that i have a mail
user (or more than one if i so chose) that isn't a system user, but has a
user_prefs stored under /var/spool/spamassassin/prefs that is referenced by
the command that runs spamd:
SPAMDOPTIONS="-d -c -u cyrus -x
--virtual-config-dir=/var/spool/spamassassin/prefs/%l"
this tells spamd to use the user prefs of whatever user postfix has destined
the mail for, my user_prefs is very simple:
required_hits 5
rewrite_header Subject [SPAM]
report_safe 0
auto_whitelist_path /var/spool/spamassassin/auto-whitelist
auto_whitelist_file_mode 0666
dcc_home /var/lib/dcc
whitelist_to cardifffreecycle at yahoogroups.com
under /etc/mail/spamassassin i have a few rulesets:
[root at watson bascule]# ls /etc/mail/spamassassin/
70_sare_adult.cf 70_sare_genlsubj0.cf 70_sare_html0.cf
70_sare_random.cf 70_sare_uri_eng.cf local.cf
70_sare_bayes_poison_nxm.cf 70_sare_genlsubj1.cf 70_sare_html1.cf
70_sare_specific.cf 70_sc_top200.cf RulesDuJour/
70_sare_evilnum0.cf 70_sare_genlsubj_eng.cf 70_sare_html_eng.cf
70_sare_spoof.cf 72_sare_bml_post25x.cf spamassassin-default.rc
70_sare_evilnum1.cf 70_sare_header0.cf 70_sare_obfu0.cf
70_sare_unsub.cf 99_sare_fraud_post25x.cf spamassassin-spamc.rc
70_sare_evilnum2.cf 70_sare_header1.cf 70_sare_obfu1.cf
70_sare_uri0.cf antidrug.cf tripwire.cf
70_sare_genlsub0.cf 70_sare_header_eng.cf 70_sare_oem.cf
70_sare_uri1.cf init.pre user_prefs.template
and i use rules_du_jour to keep them updated, i've begun to wonder though if
my setup is somehow bypassing all these rulesets, because although there is
an argument that sa is not necessarily the best spam tool today i would
expect it to get over half my spam instead of less then half!
if someone with knowledge and time is able to help me trouble shoot this i'd
be grateful, just ask for any info you need
bascule
--
"there's nothing an agnostic can't do if he really doesn't know if he believes
in anything or not" - M.Python
_______________________________________________
SWLUG Discussion List - Discuss at swlug.org
http://swlug.org/mailman/listinfo/discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/swlug/attachments/20060730/df0927d0/attachment.html>
More information about the Swlug
mailing list