LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 09-07-2016, 04:39 AM   #1
bagstone
LQ Newbie
 
Registered: Sep 2016
Posts: 3

Rep: Reputation: Disabled
Spamassassin doesn't scan "internal" mail


After marking spam manually for a long time, I've finally come around to install Spamassassin yesterday. However, for some reason it doesn't scan "internal" mails, i.e., if I send an email to myself it doesn't get evaluated at all. The issue is that sometimes spam fakes my host and thus looks like it's internal - and it's not evaluated either. I've tried to search for this issue but always find the opposite (people complain that Spamassassin by default scans internal email and want to turn it off).

I'm not sure what info you need to help. The server is running Ubuntu 12.04.5 with Postfix+Dovecot, and I used this guide yesterday, so the configs look like that as well:

https://www.digitalocean.com/communi...n-ubuntu-12-04
 
Old 09-11-2016, 06:29 PM   #2
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Pi OS & Android
Posts: 12,036

Rep: Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418
Spamassassin & friends usually run from proc mail. When your mail server has a msil for you, it invokes the MDA procmail to deliver it. Procmail starts with the privileges of the mail recipient.
You're obviously using another option, but it's not working on the internal emails. Procmail is probably the best way to go.
 
Old 09-12-2016, 08:12 AM   #3
bagstone
LQ Newbie
 
Registered: Sep 2016
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thanks for your reply!

I remember somewhere in one of the configs or the logs seeing proc mail - I just can't find it anymore (looked through all configs and logs I can think of). Any suggestions for which config files I could post here to help to resolve this? I'm completely in a dead end and don't know where to look anymore to figure out how to get this working properly...
 
Old 09-13-2016, 02:51 AM   #4
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Pi OS & Android
Posts: 12,036

Rep: Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418
I don't even know what programs you are running. You never mentioned.

in every mail server setup, there's a line for saying what to do with received mail. On that line invoke procmail. Each user has a ~/.procmailrc, which configures procmail for them.I used it once to
  1. Check the mail with Vipul's razor
  2. Pass it through the DCC (Distributed Checksum Clearinghouse). That is/was an insurance against bulk mail, and some of the mailing lists I was on were soft targets for bulk mail.
  3. Then pass mails to spamc. That was for a normal spam check. I had plenty of extra rulesets installed. Some were very effective, and some useless.
  4. There was a while when I also used some other anti spam test, ( Another razor type test in python) but most of the time mail got delivered to the luser at this point.
Vipul's razor got about 50% of the spam (It works on whether people have reported that mail as spam) DCC got a steady percentage and spamassassin got the rest. It did require regular tuning.

Last edited by business_kid; 09-13-2016 at 02:53 AM.
 
Old 09-13-2016, 05:31 AM   #5
bagstone
LQ Newbie
 
Registered: Sep 2016
Posts: 3

Original Poster
Rep: Reputation: Disabled
Hm... I've mentioned Postfix+Dovecot and Spamassassin. Is there anything else? I just Googled to understand the terminology better and it says that if procmail is involved, it should be in Postfix's main.cf in the "mailbox_command" line. It's not the case, in our config it only links to Dovecot.

Also note that I'm not talking about the spam detection as such - I'm pretty happy with how Spamassassin's detection works. My issue is only that for some reason mails that have one of my domains as *sender* don't get scanned at all. Basically, I'm trying to figure out in which of the configurations of Postfix/Dovecot/Spamassassin this filtering happens; where does the MDA decide that certain email shouldn't get scanned.

Oh, one thing to add, because you mentioned "user folders": Email accounts don't have home folders on my system, but everything is set up using a PostgreSQL DB.

Anyways, since I think my issue is with the routing of emails and I've added spamassassin into the loop in one file according to the guide, here's /etc/postfix/master.cf, maybe that helps.

Code:
#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
    -o content_filter=spamassassin
spamassassin unix -      n       n       -       -       pipe
    user=spamd argv=/usr/bin/spamc -f -e
    /usr/sbin/sendmail -oi -f ${sender} ${recipient}
#smtp      inet  n       -       -       -       1       postscreen
#smtpd     pass  -       -       -       -       -       smtpd
#dnsblog   unix  -       -       -       -       0       dnsblog
#tlsproxy  unix  -       -       -       -       0       tlsproxy
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_tls_security_level=encrypt
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
#628       inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# ====================================================================
#
# Recent Cyrus versions can use the existing "lmtp" master.cf entry.
#
# Specify in cyrus.conf:
#   lmtp    cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4
#
# Specify in main.cf one or more of the following:
#  mailbox_transport = lmtp:inet:localhost
#  virtual_transport = lmtp:inet:localhost
#
# ====================================================================
#
# Cyrus 2.1.5 (Amos Gouaux)
# Also specify in main.cf: cyrus_destination_recipient_limit=1
#
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
#
# ====================================================================
# Old example of delivery via Cyrus.
#
#old-cyrus unix  -       n       n       -       -       pipe
#  flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
#
# ====================================================================
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
 
Old 09-14-2016, 02:31 AM   #6
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Pi OS & Android
Posts: 12,036

Rep: Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418Reputation: 1418
It's been nearly 15 years since I was doing this stuff. Postfix has separate settings for how it handles internal & external or internet mail. It is suspicious of The internet, but trusts internal mail. Google that and fix it. It's probably in the local settings or aliases.


Procmail is for internal Unix mailboxes. Your use of Dovecot effectively means that your user folders are dovecot's folders. I never used dovecot.At that time I was using fetchmail for pop3 from my ISP, and throwing that at postfix. Now I'm on webmail and don't bother with any of it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] What is "Internal" and "External" parts in DNS configuration? hack3rcon Linux - Server 10 09-01-2015 03:00 AM
Warning: mail() [function.mail]: "sendmail_from" not set in php.ini or custom "From:" nothing07 Programming 2 06-22-2012 03:57 PM
spamassassin: sa-learn --sync -> "Argument "M-HM-JM-J" isn't numeric" XXLRay Linux - Server 8 06-22-2010 11:10 AM
E-mail client "Nail" doesn't work... And no error message/logfile that I know of! Nathan-H2-Dog Linux - Software 1 01-05-2006 10:36 AM
Thunderbird doesn't "see" some of my mail bad_andy Linux - Software 0 10-24-2004 10:19 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 08:41 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration