Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
09-20-2014, 05:47 PM
|
#1
|
Member
Registered: Mar 2013
Posts: 110
Rep: 
|
Postfix header_checks oddity
Hello there!
I'd highly appreciate it if anybody could advise on the following oddity I ran into with simple header_checks in Postfix.
When I type *****SPAM***** blablabla in my subject field and send it to myself it gets rejected OK. However, when spamassassin adds the same *****SPAM***** tag to my subject line it's not rejected and gets delivered right into my inbox.
subject_rewrite is set correctly because I see all these extra headers added by SA.
postmap - q returns no errors and matches my rules which are correct:
Code:
/^Subject:.**{5}SPAM*{5}/ REJECT No spammers allowed here.
/^Subject:.*\*\*\*\*\*SPAM\*\*\*\*\*/ REJECT No spammers allowed.
/^X-Spam-Flag: YES/ REJECT No spamming here.
/^Subject:(.*)SPAM/ REJECT No spam.
I have no -o receive_override_options=no_unknown_recipient_checks, no_header_checks set anywhere.
I am totally clueless. It's just beyond me. When SA appends it to *****spam***** the email gets through as if postfix doesn't see the headers at all, but when I type the word *****spam***** into the subject line myself it works OK.
Would be really thankful for any pointers / suggestions / comments at all.
|
|
|
09-21-2014, 04:10 PM
|
#2
|
LQ Guru
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 17,278
|
If it gets through after spamassassin adds ***SPAM***, it's a mail delivery problem.
How do you deliver the mail to the user? That's where the error is. Spamassassin (spamc presumably) exits with a non zero number IIRC, when the mail is spam
Last edited by business_kid; 09-21-2014 at 05:52 PM.
|
|
|
09-22-2014, 02:23 AM
|
#3
|
Member
Registered: Mar 2013
Posts: 110
Original Poster
Rep: 
|
Quote:
Originally Posted by business_kid
If it gets through after spamassassin adds ***SPAM***, it's a mail delivery problem.
How do you deliver the mail to the user? That's where the error is. Spamassassin (spamc presumably) exits with a non zero number IIRC, when the mail is spam
|
Hey! Thank you for responding and for your suggestion. Appreciate.
How come then that delivery works OK when I type the word spam into my subject line manually? The delivery doesn't work / has a problem only when Spamassassin tags it as spam.
The mail is delivered via dovecot-deliver through Postfix, Spamassassins is used as a filter and it is running daemonized that is spamd (daemon).
How do I check if Spamassassin really exits with a non zero number IIRC when the mail is spam? Many thanks!
|
|
|
09-22-2014, 08:16 AM
|
#4
|
LQ Guru
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 17,278
|
Spamassassin has or may need a setting for what to do with files marked spam.
I did all this 12 years back and set up procmail for local delivery. I was getting amounts of devious spam at the time, and relying on email addresses well known to spammers. I used procmail and ran through
1. Vipul's Razor - which caught about 50%
2. DCC - caught ~ managed 5-10% that wouldn't otherwise have been caught. Most spammers have random crap at the bottom of each message in an attempt to fool these checksum methods now.
3. Spamassassin with many extra rulesets; some rules caught nothing, and could be left out. Others caught loads.
Total caught was slightly over 100% - which didn't bother me as I would check the spam folder occasionally. The same setup I had would not work for me today, as my spam input has changed. For some reason the rule "designed by Microsoft Frontpage" was my most successful spam indicating rule.
|
|
|
09-23-2014, 12:51 PM
|
#5
|
Member
Registered: Mar 2013
Posts: 110
Original Poster
Rep: 
|
Quote:
Originally Posted by business_kid
Spamassassin has or may need a setting for what to do with files marked spam.
I did all this 12 years back and set up procmail for local delivery. I was getting amounts of devious spam at the time, and relying on email addresses well known to spammers. I used procmail and ran through
1. Vipul's Razor - which caught about 50%
2. DCC - caught ~ managed 5-10% that wouldn't otherwise have been caught. Most spammers have random crap at the bottom of each message in an attempt to fool these checksum methods now.
3. Spamassassin with many extra rulesets; some rules caught nothing, and could be left out. Others caught loads.
Total caught was slightly over 100% - which didn't bother me as I would check the spam folder occasionally. The same setup I had would not work for me today, as my spam input has changed. For some reason the rule "designed by Microsoft Frontpage" was my most successful spam indicating rule.
|
Well, I use all these extra filters like DCC and Razor and they do a pretty good job in addition to everything else. It is working but only partially. I mean that most probably there is something wrong with Spamassassin. That is it was your suggestion that it exits at some point. My MTA works but I found something was wrong at some point. It is all in testing now. I wrote my own, browsed for and installed quite a few trap-scripts in hopes to catch my error.
Do you happen to know how do I check if Spamassassin really exits with a non zero number IIRC when the mail is spam? That's what you suggested and I am trying to focus on that as another option to check. Many thanks!
Last edited by Klaipedaville; 09-23-2014 at 12:53 PM.
|
|
|
09-23-2014, 01:23 PM
|
#6
|
LQ Guru
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 17,278
|
surely you can call it from a script( rename to spamc-bin and call your script spamc) and trap the value? or read the docs?
|
|
|
09-23-2014, 02:27 PM
|
#7
|
Member
Registered: Mar 2013
Posts: 110
Original Poster
Rep: 
|
Quote:
Originally Posted by business_kid
surely you can call it from a script( rename to spamc-bin and call your script spamc) and trap the value? or read the docs?
|
No, no, that's not the point.
In fact, I have just finally spotted the issue! Whoopee! The problem is that Postfix does not see Spamassassin's headers. The headers are added OK but Postfix won't react at the ***SPAM*** or any other tags / headers that Spamassassin creates at all... Now have to give it some shelf time and to think it over, trying to come up with any solutions by reading the docs over again, etc. Unless someone advises where and how to begin to troubleshoot it. Any ideas anyone? Many thanks!
|
|
|
09-24-2014, 04:07 AM
|
#8
|
LQ Guru
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 17,278
|
I used
postifx --> procmail.
Procmail ran:
-->razor -->dcc-->spamassassin-->inbox, with exits after each. Razor alone caught spem, or dcc. My box hadn't the ooomph to do everything with spamassassin. I was using an amd i586, which was a glorified 486.
|
|
|
09-24-2014, 07:51 AM
|
#9
|
Member
Registered: Mar 2013
Posts: 110
Original Poster
Rep: 
|
Quote:
Originally Posted by business_kid
I used
postifx --> procmail.
Procmail ran:
-->razor -->dcc-->spamassassin-->inbox, with exits after each. Razor alone caught spem, or dcc. My box hadn't the ooomph to do everything with spamassassin. I was using an amd i586, which was a glorified 486.
|
Thank you for taking part, business kid. My scripts did the trick. It appeared to be that delivery was passed over to Dovecot. That means that no milters of any kind such as spamass-milter, spampd, etc., will ever work. Dovecot handles it via dovecot sieve. I will set it up a little later today and it will all work. Now, if you are interested to know the setup I was fighting with works like this: 1. All the headers that are added by Spamassassin are handled by dovecot.sieve, that is reject, discard, save to a separate file, redirect and so on are handled by the rules you create in sieve. 2. All the rest of the headers that are not added by Spamassassin are handled directly by Postfix's header_checks. Consequently, you have to bear these two in mind and you'll be OK.
Plus, it explains my initial question. Actually, I am replying to myself. When I typed any "spam" words into my subject filed it was handled directly by Postfix's header_checks (without SA involved) and it worked. When Spamassassin WAS involved and added its "spam" tags it did not work because delivery in this case was done by Dovecot and Dovecot did not have its mail filters (Dovecot sieve) setup... Man, took me a long time to figure that out. Hope it will help someone else. The key lines to search for are virtual transport = dovecot. If it is set then your trouble is in setting up dovecot sieve to enable mail filtering based on headers / tags added by Spamassassin.
I am still to go with further testing though because it looks like dovecot sieve filters override header_checks set in Postfix. That is when Dovecot sieve filters do the job Postfix simply backs the heck off :-)
|
|
|
All times are GMT -5. The time now is 08:44 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|