-
All replies
-
Helpful answers
-
Jun 1, 2014 10:27 AM in response to Buckiejoeby scottl31,Thanks for your patience and your help as as it seems these two items are related.
1. So I found the two lines, but they aren't looking in "/etc/mail/spamassassin/local.cf" like you said. Here they are, should they be changed? If so, how?:
Jun 1 09:10:13.045 [49258] dbg: config: using "/Library/Server/Mail/Config/spamassassin" for site rules dir
Jun 1 09:10:13.045 [49258] dbg: config: read file /Library/Server/Mail/Config/spamassassin/local.cf
2. I have already created the junkmail account and was feeding it via POP. After weeks of doing so, there seemed to be no difference in the spam. So I made an IMAP account in apple mail and found it a lot easier to feed messages to. But still no letup in the spam, and never any messages marked ***Junk***. In both cases the messages were gone from the account the next day. This is why I thought I needed to have junkmail inside the quotes in "mail:imap:junk_mail_userid = """
Although it "seems" to be working, my boss still gets about 400 spams a day. I just thought it wasn't working because of your info above that it may be the wrong path we are using.
Thanks again for your help,
Scott
-
Jun 1, 2014 10:43 AM in response to scottl31by Matt Domenici,It may be easier to install spamtrainer as it will help you not only with the configuration but provides numerous features not included in Apple's standard scripts. It also has an optional nightly report from when it runs.
-
Jun 1, 2014 10:56 AM in response to Matt Domeniciby scottl31,I thought I was getting close here.
I have installed spamtrainer, but am embarrassed to say I haven't yet figured out how to use it.
-
Jun 1, 2014 11:28 AM in response to scottl31by Matt Domenici,Did you try reading the documentation? Try sudo spamtrainer help
-
Jun 1, 2014 12:03 PM in response to scottl31by Buckiejoe,If messages are gone from junkmail's inbox folder then filter is being trained. It takes a while before spamassassin's database fills up and actually starts acting on spam. It doesn't work right away because it has too little data. You also need to create "notjunkmail" user and copy non-spam emails to it so that the filter knows what is NOT spam for you. That is equally very important. It works the same way as junkmail.
Check that you have "blacklist filtering" enabled in serveradmin's mail section. It should point to zen.spamhaus.org. Check the "minimum score for junk mail", it may be set too high, but don't change it just yet.
There are two things to try to check if filtering is actually working properly.
First, check the headers of your incoming email (especiall spam). You must see a line similar to
X-Spam-Status: No, score=5.226 tagged_above=1 required=5.8 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.513, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506, T_DKIM_INVALID=0.01, URIBL_DBL_SPAM=1.7, URIBL_RED=0.001, URIBL_SBL=1.623]
Look if you have BAYES_xx in there. If you don't have it at all, it may indicate that spamassassin isn't working properly.
So, second, save one of your spam messages as 'source', put it on the server somewhere and try feeding it to spamassassin:
sudo cat spammessage.eml | spamassassin -D
You will see the usual debug output and in the end the message itself with X-Spam-Status line added somewhere. Check to see what BAYES_ value your mail message has there. If there isn't one, study the output to see if there are any problems with bayes database. Specifically you should see lines very similar to
dbg: bayes: tie-ing to DB file R/O /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_toks
dbg: bayes: tie-ing to DB file R/O /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_seen
dbg: bayes: found bayes db version 3
dbg: bayes: DB journal sync: last sync: 1401648815
If there are errors, you will see those there.
Your /Library/Server/Mail/Config/spamassassin/local.cf file location is perfectly fine. No need to change anything. It means if you ever wish to change spamassassin settings, you would edit that file and not any other local.cf anywhere else on the system.
I wouldn't recommend spamtrainer personally as stock server functionality works just fine.
If you do indeed have X-Spam-Status and BAYES in every email you get, then look carefully at the score. Your message gets a certain spam score that doesn't exceed the threshold marked as "required=xx". You need to understand why that happens.
-
Jun 1, 2014 12:05 PM in response to Matt Domeniciby scottl31,The help just shows a list of things like:
-d to delete read/learned mailboxes
but no info on how to actually use it.
Anyway, when I ran what you said above, I got the following repeated for about a minute:
bayes: cannot open bayes databases /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_* R/O: tie failed: Permission denied
bayes: cannot open bayes databases /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_* R/O: tie failed: Permission denied
bayes: cannot open bayes databases /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_* R/W: tie failed: Permission denied
ERROR: the Bayes learn function returned an error, please re-run with -D for more information at /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn line 493.
Then at the end:
Learned new SPAM (junk mail)
Learning HAM...
Learned new HAM (not junk mail)
Syncing SpamAssassin Database
bayes: cannot open bayes databases /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_* R/O: tie failed: Permission denied
bayes: cannot open bayes databases /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_* R/W: tie failed: Permission denied
Displaying SpamAssassin Database Stats
bayes: cannot open bayes databases /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_* R/O: tie failed: Permission denied
bayes: cannot open bayes databases /Library/Server/Mail/Data/scanner/amavis/.spamassassin/bayes_* R/O: tie failed: Permission denied
ERROR: Bayes dump returned an error, please re-run with -D for more information
Done!
Output produced by spamtrainer Version 2.0.0
Then based on that last ine I tried:
sudo spamtrainer -D
Then I got:
/usr/sbin/spamtrainer: illegal option -- D
Junk Mail Training Script for OS X 10.9, 10.8
usage: [ -p mailpartition] [ -j junk_mailbox] [ -n notjunk_mailbox] [ -b filename] [ -r filename] [ -s path_to_sa-learn] [ -d ] [ -x number_of_days] [ -l] [ -c]
-p to specify a mail partition or store other than default
-d to delete read/learned mailboxes
-x to specify how old mail must be to be deleted
-j to specify the name of the mailbox containing junk
-n to specify the name of the mailbox containing good mail
-b to backup spamassassin bayes database to file
-r to restore spamassassin bayes database from file
-s to specify the path to the sa-learn program
-c to clean/purge the SpamAssassin database
-l to log bayes stats into /var/log/spamtrainer.log
-i to install/check the automatic startup item
-v to display the version of this script
-t to to use shared/top level folders instead of a user mailbox
-h to display this help message
So, I know I've got something broken in both the default and the spamtrainer usages.
-
Jun 1, 2014 12:09 PM in response to scottl31by Buckiejoe,Yep. That's a known problem. Was this an upgrade from an older version of Server?
Anyhow, to fix this (albeit, temporarily) you need to issue the following commands:
sudo chown -R amavisd:amavisd /Library/Server/Mail/Data/scanner/amavis/.spamassassin/
sudo chmod u+rw /Library/Server/Mail/Data/scanner/amavis/.spamassassin/*
Then re-run spamassassin -D --lint to see if the problem with permissions is gone.
-
Jun 1, 2014 12:14 PM in response to Buckiejoeby scottl31,Buckiejoe,
I did make a "notjunkmail" account but have not been feeding it anything becausae I thought it was only to feed messages marked as spam. I have not been getting any messages marked as spam.
So are you saying that I should be feeding the notjunkmail account with good messages and then it might start working?
I'll check the rest of the stuff you mentioned. Thanks!
-
Jun 1, 2014 12:19 PM in response to scottl31by Buckiejoe,No, that's just good practice. The reason why it's not working is because your ownership rights on spam database are not correct. Perhaps it hasn't even been trained once. Take a look at the size of the database (bayes_seen, bayes_toks)
ls -lh /Library/Server/Mail/Data/scanner/amavis/.spamassassin/
If it's only a few kilobytes in size then it's empty.
-
Jun 1, 2014 12:30 PM in response to Buckiejoeby Matt Domenici,This can also happen if commands have been run by a user other than amavisd. When you run ls -al on the command line from your usual admin account's home directory (do cd ~) what so you see as output?
-
Jun 1, 2014 4:52 PM in response to Buckiejoeby scottl31,Buckiejoe,
I ran that and got:
total 15288
-rw------- 1 _amavisd _amavisd 2.5M Jun 1 02:27 bayes_seen
-rw------- 1 root _amavisd 5.0M Jun 1 02:27 bayes_toks
So I guess not empty, but I just don't see any spam control happening.
-
Jun 1, 2014 4:57 PM in response to Matt Domeniciby scottl31,Matt,
so here is what that gives me:
prepress:~ server2$ cd ~
prepress:~ server2$ ls -al
total 11800
drwxr-xr-x+ 25 server2 staff 850 May 23 14:18 .
drwxr-xr-x+ 18 root admin 612 Apr 23 17:30 ..
-rw-------+ 1 server2 staff 3 Jan 24 2013 .CFUserTextEncoding
-rw-r--r--@ 1 server2 staff 24580 Mar 9 18:02 .DS_Store
drwx------+ 2 server2 staff 68 May 23 15:32 .Trash
-rw-------+ 1 server2 staff 56532 Jun 1 12:15 .bash_history
-rw-r--r--+ 1 server2 staff 185 Aug 29 2013 .bash_profile
drwxr-xr-x+ 3 root staff 102 May 23 14:18 .cpan
drwx------+ 3 server2 staff 102 May 22 17:41 .cups
drwx------+ 7 server2 staff 238 Sep 17 2013 .filezilla
-rw-r--r--@ 1 server2 staff 230 Sep 17 2013 .htaccess
-rw-------+ 1 server2 staff 57 May 23 09:37 .lesshst
-rw-------+ 1 server2 staff 1024 Sep 10 2013 .rnd
drwx------+ 2 server2 staff 68 Jan 21 12:06 .spamassassin
-rw-------+ 1 root staff 1118 Aug 19 2013 .viminfo
-rw-r--r--+ 1 server2 staff 0 Oct 8 2013 1000K
drwx------+ 26 server2 staff 884 May 29 07:43 Desktop
drwx------+ 3 server2 staff 102 Jan 24 2013 Documents
drwx------+ 6 server2 staff 204 Feb 4 11:04 Downloads
drwx------@ 43 server2 staff 1462 Sep 11 2013 Library
drwx------+ 3 server2 staff 102 Jan 24 2013 Movies
drwx------+ 4 server2 staff 136 Sep 10 2013 Music
drwx------+ 5 server2 staff 170 Feb 5 12:36 Pictures
drwxr-xr-x+ 4 server2 staff 136 Jan 24 2013 Public
-rw-r--r--@ 1 server2 staff 1977464 Sep 5 2013 Users
prepress:~ server2$
So waht is this telling me?
-
Jun 1, 2014 5:33 PM in response to scottl31by scottl31,OK, so also I was checking the headers of a bunch spam messages and this was a typical one:
X-Spam-Flag: NO X-Spam-Score: 2.822 X-Spam-Level: ** X-Spam-Status: No, score=2.822 tagged_above=2 required=7 tests=[HTML_MESSAGE=0.001, INVALID_DATE=0.432, MIME_HTML_ONLY=1.105, RDNS_NONE=1.274, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=no Nothing about Bayes in there.
Now before sending this, I went in and turned the filter down to 2. Now some messages are getting tagged with ***JUNK*** and Bayes is in the haeder. Did I just have the filter set too high?
Also, do I continue to feed the messages tagged with ***JUNK*** into the junkmail account?
-
Jun 1, 2014 6:08 PM in response to scottl31by Matt Domenici,The .spamassassin shouldn't exist in the user folder for your admin account; I suspect the script was invoked by your admin user instead of the amavisd user at some point. I'd delete .spamassassin from your admin account home folder and then try to run spamtrainer again; it should run with no errors. If it does, you can set it up to run instead of Apple's scripts, which we can walk you through in terms of setup.
-
Jun 1, 2014 6:10 PM in response to scottl31by Matt Domenici,With regards to junk mail filtering, and moving those messages into the junk folder, that will require setting up sieve scripts. First you need to enable sieve on the command line, and then setup an admin UI for the scripts (or manage them from the command line) to do the filtering.
Many people use Roundcube to do this on OS X Server, which has a plugin to manage the filtering scrips and also gives you a webmail interface.