Difference between revisions of "Amavis and Spamassassin howto"
From Finninday
(Created page with "<h3>per-user spam configuration</h3> * make sure the local user has a ~/.spamassassin directory <h3>global configuration</h3> * /etc/spamassassin/local.cf <h3>test</h3> <pre> r…") |
|||
| Line 5: | Line 5: | ||
* /etc/spamassassin/local.cf | * /etc/spamassassin/local.cf | ||
| − | <h3>test</h3> | + | <h3>smoke test</h3> |
<pre> | <pre> | ||
rday@weasel:/usr/share/doc/spamassassin/examples$ spamc -R <sample-nonspam.txt | rday@weasel:/usr/share/doc/spamassassin/examples$ spamc -R <sample-nonspam.txt | ||
| Line 45: | Line 45: | ||
1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email | 1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email | ||
-0.0 NO_RECEIVED Informational: message has no Received headers | -0.0 NO_RECEIVED Informational: message has no Received headers | ||
| + | </pre> | ||
| + | |||
| + | <h3>test a real mail sample</h3> | ||
| + | * ctrl-u in thunderbird to view the full source of an email | ||
| + | * copy and paste to a text file | ||
| + | * feed to spamc | ||
| + | <pre> | ||
| + | rday@weasel:~$ spamc -R <spam.txt | ||
| + | 9.9/5.0 | ||
| + | Spam detection software, running on the system "weasel.finninday.net", has | ||
| + | identified this incoming email as possible spam. The original message | ||
| + | has been attached to this so you can view it (if it isn't spam) or label | ||
| + | similar future email. If you have any questions, see | ||
| + | @@CONTACT_ADDRESS@@ for details. | ||
| + | |||
| + | Content preview: FtP://tbk.dOWnsizEWherevEr.NeT/index.html [...] | ||
| + | |||
| + | Content analysis details: (9.9 points, 5.0 required) | ||
| + | |||
| + | pts rule name description | ||
| + | ---- ---------------------- -------------------------------------------------- | ||
| + | 10 NEWMAN_FROM_RULE Stop mail from yahoo that uses my facebook contacts | ||
| + | 0.0 FREEMAIL_FROM Sender email is freemail (bishtalpanaghx[at]yahoo.com) | ||
| + | -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, low | ||
| + | trust | ||
| + | [98.138.229.72 listed in list.dnswl.org] | ||
| + | 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines | ||
| + | -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's | ||
| + | domain | ||
| + | 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid | ||
| + | -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature | ||
| + | |||
</pre> | </pre> | ||
<h3>References</h3> | <h3>References</h3> | ||
http://www.stearns.org/doc/spamassassin-setup.current.html | http://www.stearns.org/doc/spamassassin-setup.current.html | ||
Revision as of 01:03, 10 February 2013
Contents
per-user spam configuration
- make sure the local user has a ~/.spamassassin directory
global configuration
- /etc/spamassassin/local.cf
smoke test
rday@weasel:/usr/share/doc/spamassassin/examples$ spamc -R <sample-nonspam.txt 0.0/5.0 Spam detection software, running on the system "weasel.finninday.net", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for details. Content preview: -----BEGIN PGP SIGNED MESSAGE----- TBTF ping for 2001-04-20: Reviving T a s t y B i t s f r o m t h e T e c h n o l o g y F r o n t [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- rday@weasel:/usr/share/doc/spamassassin/examples$ spamc -R <sample-spam.txt 1000.0/5.0 Spam detection software, running on the system "weasel.finninday.net", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see @@CONTACT_ADDRESS@@ for details. Content preview: This is the GTUBE, the Generic Test for Unsolicited Bulk Email If your spam filter supports it, the GTUBE provides a test by which you can verify that the filter is installed correctly and is detecting incoming spam. You can send yourself a test mail containing the following string of characters (in upper case and with no white spaces and line breaks): [...] Content analysis details: (1000.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 NO_RELAYS Informational: message was not relayed via SMTP 1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email -0.0 NO_RECEIVED Informational: message has no Received headers
test a real mail sample
- ctrl-u in thunderbird to view the full source of an email
- copy and paste to a text file
- feed to spamc
rday@weasel:~$ spamc -R <spam.txt
9.9/5.0
Spam detection software, running on the system "weasel.finninday.net", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
@@CONTACT_ADDRESS@@ for details.
Content preview: FtP://tbk.dOWnsizEWherevEr.NeT/index.html [...]
Content analysis details: (9.9 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
10 NEWMAN_FROM_RULE Stop mail from yahoo that uses my facebook contacts
0.0 FREEMAIL_FROM Sender email is freemail (bishtalpanaghx[at]yahoo.com)
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, low
trust
[98.138.229.72 listed in list.dnswl.org]
0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
