歡迎您光臨本站 註冊首頁

請大家幫忙看看amavisd + clamav + spamassassin問題

←手機掃碼閱讀     火星人 @ 2014-03-04 , reply:0

請大家幫忙看看amavisd + clamav + spamassassin問題

配置amavisd + clamav + spamassassin后
1.測試發送病毒郵件,病毒郵件被刪除掉,查看郵件頭也有 "X-Virus-Scanned: amavisd-new at test.com"字樣, 說明amavisd和clamav的部分是配置成功的.
2.測試發送垃圾郵件,垃圾郵件被正常的接收到,查看郵件頭,並沒有被標記為垃圾郵件的字樣。使用"spamassassin -t < /tmp/spam.txt" 命令來發送垃圾郵件對spamassassin進行測試,測試結果如下:
=====================================================================================
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
        mylinux2.test.com
X-Spam-Flag: YES
X-Spam-Level: *******
X-Spam-Status: Yes, score=8.0 required=6.3 tests=EMPTY_MESSAGE,MISSING_DATE,
        MISSING_FROM,MISSING_HEADERS,MISSING_MID,MISSING_SUBJECT,NO_HEADERS_MESSAGE,
        NO_RECEIVED,NO_RELAYS autolearn=unavailable version=3.3.2

sex girl adult
Subject: *****SPAM*****
X-Spam-Prev-Subject: (nonexistent)
Spam detection software, running on the system "mylinux2.test.com", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
root for details.
=====================================================================================
結果表明spamassassin工作正常,折舊奇怪了, 感覺問題應該出在amavisd調用spamassassin上,請大家白忙看下

amavisd的sa配置部分如下
=====================================================================================
$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.3;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on hi spam
$bounce_killer_score = 100;  # spam score points to add for joe-jobbed bounces

$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?


=====================================================================================



《解決方案》

感覺像是amavisd沒有調用spamassassin進行工作
垃圾郵件郵件頭:
=================================
Return-Path: <ada.wang@test.com>
Delivered-To: ada.wang@test.com
Received: from localhost (localhost )
        by mail.test.com (Postfix) with ESMTP id CC49C32021A;
        Thu,  1 Aug 2013 16:54:05 +0800 (CST)
X-Virus-Scanned: amavisd-new at test.com
Received: from mail.test.com ()
        by localhost (mylinux2.test.com ) (amavisd-new, port 10024)
        with ESMTP id K1AIxo55TzCn; Thu,  1 Aug 2013 16:54:05 +0800 (CST)
Received: from localhost.localdomain (localhost )
        by mail.test.com (Postfix) with ESMTP id 6C928320218;
        Thu,  1 Aug 2013 16:54:05 +0800 (CST)
From: "=?GB2312?B?YWRhLndhbmc=?=" <ada.wang@test.com>
To: "=?GB2312?B?amlsbC52YWxsZW50aQ==?=
    =?GB2312?B?bmU=?=" <jill.vallentine@test.com>,
    "=?GB2312?B?YWRhLndhbmc=?=" <ada.wang@test.com>
Subject: =?GB2312?B?tPq/qreixrE=?=
Date: Thu, 01 Aug 2013 16:54:05 +0800
Mime-version: 1.0
X-Originating-Ip:
X-Mailer: ExtMail 1.1.1
Content-Type: text/html; charset="GB2312"
Content-Transfer-Encoding: base64
Message-Id: <20130801085405.6C928320218@mail.test.com>
=============================================
maillog日誌
===============================================
Aug  1 16:54:05 mylinux2 amavis: (32631-01) starting banned checks - traversing message structure tree
Aug  1 16:54:05 mylinux2 amavis: (32631-01) check_for_banned (p001) text/html,.txt
Aug  1 16:54:05 mylinux2 amavis: (32631-01) doing banned check for ada.wang@test.com on text/html,.txt
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup_re(["text/html",".txt"]), no matches
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup => undef, ["text/html",".txt"] does not match
Aug  1 16:54:05 mylinux2 amavis: (32631-01) skip banned check for jill.vallentine@test.com, same tables as previous, result =>
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup => undef, "=p001\tL=1\tM=text/html\tT=txt" does not match
Aug  1 16:54:05 mylinux2 amavis: (32631-01) p.path ada.wang@test.com: "=p001,L=1,M=text/html,T=txt"
Aug  1 16:54:05 mylinux2 amavis: (32631-01) p.path jill.vallentine@test.com: "=p001,L=1,M=text/html,T=txt"
Aug  1 16:54:05 mylinux2 amavis: (32631-01) banned check: any=0, all=N (2)
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup_re("MAIL") matches key "(?-xism:^MAIL$)", result="1"
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup => true,  "MAIL" matches, result="1", matching_key="(?-xism:^MAIL$)"
Aug  1 16:54:05 mylinux2 amavis: (32631-01) Issued a new file name: p002
Aug  1 16:54:05 mylinux2 amavis: (32631-01) presenting full original message to scanners as /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts/p002
Aug  1 16:54:05 mylinux2 amavis: (32631-01) Calling virus scanners, 2 files to scan in /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts
Aug  1 16:54:05 mylinux2 amavis: (32631-01) invoking av-scanner ClamAV-clamd
Aug  1 16:54:05 mylinux2 amavis: (32631-01) ask_daemon: proto=DFLT, spawn=0, (ClamAV-clamd) /var/run/clamav/clamd.sock
Aug  1 16:54:05 mylinux2 amavis: (32631-01) run_av (ClamAV-clamd): query template(1,1): CONTSCAN {}\n
Aug  1 16:54:05 mylinux2 amavis: (32631-01) get_deadline run_av_pre - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) prolong_timer run_av_pre: timer 336, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) get_deadline run_av_scan - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) prolong_timer run_av_scan: timer 336, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) run_av Using (ClamAV-clamd): (code) CONTSCAN /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts\n
Aug  1 16:54:05 mylinux2 amavis: (32631-01) get_deadline ask_daemon_internal_connect_pre - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) get_deadline ask_daemon_internal_connect - deadline in 480.0 s, set to 10.000 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) prolong_timer ask_daemon_internal_connect: timer 10, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) ClamAV-clamd: Connecting to socket  /var/run/clamav/clamd.sock
Aug  1 16:54:05 mylinux2 amavis: (32631-01) new socket by IO::Socket::UNIX to /var/run/clamav/clamd.sock, timeout 10
Aug  1 16:54:05 mylinux2 amavis: (32631-01) connected to /var/run/clamav/clamd.sock successfully
Aug  1 16:54:05 mylinux2 amavis: (32631-01) ClamAV-clamd: Sending CONTSCAN /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts\n to socket /var/run/clamav/clamd.sock
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop: needline=0, flush=1, wr=1, timeout=10
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop: sending 69 chars
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop sent 69> CONTSCAN /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts\n
Aug  1 16:54:05 mylinux2 amavis: (32631-01) get_deadline ask_daemon_internal_scan - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) prolong_timer ask_daemon_internal_scan: timer 336, was 10, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop: needline=0, flush=0, wr=0, timeout=335.997
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop: receiving
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop read 64 chars< /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts: OK\n
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop: needline=0, flush=0, wr=0, timeout=335.997
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop: receiving
Aug  1 16:54:05 mylinux2 amavis: (32631-01) rw_loop read: got eof
Aug  1 16:54:05 mylinux2 amavis: (32631-01) get_deadline ask_daemon_internal - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) prolong_timer ask_daemon_internal: timer 336, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) get_deadline run_av_3 - deadline in 480.0 s, set to 336.000 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) prolong_timer run_av_3: timer 336, was 336, deadline in 480.0 s
Aug  1 16:54:05 mylinux2 amavis: (32631-01) run_av (ClamAV-clamd) result: /var/amavis/tmp/amavis-20130801T165405-32631-MRJUJiyf/parts: OK\n
Aug  1 16:54:05 mylinux2 amavis: (32631-01) run_av (ClamAV-clamd): CLEAN
Aug  1 16:54:05 mylinux2 amavis: (32631-01) run_av (ClamAV-clamd) result: clean
Aug  1 16:54:05 mylinux2 amavis: (32631-01) wbl: checking sender <ada.wang@test.com>
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup ada.wang@test.com>] => undef, "ada.wang@test.com" does not match
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup ada.wang@test.com>,blacklist_sender] => undef, "ada.wang@test.com" does not match
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup ada.wang@test.com>] => undef, "ada.wang@test.com" does not match
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup ada.wang@test.com>,whitelist_sender] => undef, "ada.wang@test.com" does not match
Aug  1 16:54:05 mylinux2 amavis: (32631-01) query_keys: ada.wang@test.com, ada.wang@, test.com, .test.com, .com, .
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup_hash(ada.wang@test.com) matches keys: "."=>ARRAY(0xa66f760)
Aug  1 16:54:05 mylinux2 amavis: (32631-01) lookup ada.wang@test.com>,score_sender], 1 matches for "ada.wang@test.com", results: "."=>amavis-user-admin@lists.sourceforge.net=>"-3",owner-postfix-announce@postfix.org=>"-3",ntbugtraq@listserv.ntbugtraq.com=>"-3",donotreply@sendmail.org=>"-3",slashdot@slashdot.org=>"-3",clp-request@comp.nus.edu.sg=>"-3",nobody@cert.org=>"-3",security-alerts@linuxsecurity.com=>"-3",cvs-commits-list-admin@gnome.org=>"-3",amavis-user-bounces@lists.sourceforge.net=>"-3",notification-return@lists.sophos.com=>"-3",mailman-announce-admin@python.org=>"-3",emailnews@genomeweb.com=>"-5",owner-textbreakingnews@cnnimail12.cnn.com=>"-5",ca+envelope@sendmail.org=>"-3",cert-advisory@us-cert.gov=>"-3",returns.groups.yahoo.com=>"-3",owner-postfix-users@postfix.org=>"-3",.example.net=>"1",securityfocus.com=>"-3",yahoo-dev-null@yahoo-inc.com=>"-3",owner-alert@iss.net=>"-3",sendmail-announce-request@lists.sendmail.org=>...
Aug  1 16:54:05 mylinux2 postfix/smtpd: initializing the server-side TLS engine
Aug  1 16:54:05 mylinux2 postfix/smtpd: connect from localhost
Aug  1 16:54:05 mylinux2 postfix/smtpd: CC49C32021A: client=localhost
Aug  1 16:54:05 mylinux2 postfix/cleanup: CC49C32021A: message-id=<20130801085405.6C928320218@mail.test.com>
Aug  1 16:54:05 mylinux2 postfix/qmgr: CC49C32021A: from=<ada.wang@test.com>, size=1350, nrcpt=2 (queue active)
Aug  1 16:54:05 mylinux2 authdaemond: received userid lookup request: ada.wang@test.com
Aug  1 16:54:05 mylinux2 authdaemond: authmysql: trying this module
Aug  1 16:54:05 mylinux2 authdaemond: authmysqllib: connected. Versions: header 50169, client 50169, server 50169
Aug  1 16:54:05 mylinux2 authdaemond: SQL query: SELECT username,password,"",uidnumber,gidnumber, CONCAT("/var/mail/",homedir),CONCAT("/var/mail/",maildir),quota,name FROM mailbox WHERE username = "ada.wang@test.com";
Aug  1 16:54:05 mylinux2 authdaemond: Authenticated: sysusername=<null>, sysuserid=1001, sysgroupid=1001, homedir=/var/mail/test.com/ada.wang, address=ada.wang@test.com, fullname=ada, maildir=/var/mail/test.com/ada.wang/Maildir/, quota=524288000S, options=<null>
Aug  1 16:54:05 mylinux2 authdaemond: Authenticated: clearpasswd=<null>, passwd=$1$FieEJMB6$pEPPabJS/ILnniz6RZK140
Aug  1 16:54:05 mylinux2 authdaemond: received userid lookup request: jill.vallentine@test.com
Aug  1 16:54:05 mylinux2 authdaemond: authmysql: trying this module
Aug  1 16:54:05 mylinux2 authdaemond: authmysqllib: connected. Versions: header 50169, client 50169, server 50169
Aug  1 16:54:05 mylinux2 authdaemond: SQL query: SELECT username,password,"",uidnumber,gidnumber, CONCAT("/var/mail/",homedir),CONCAT("/var/mail/",maildir),quota,name FROM mailbox WHERE username = "jill.vallentine@test.com";
Aug  1 16:54:05 mylinux2 authdaemond: Authenticated: sysusername=<null>, sysuserid=1001, sysgroupid=1001, homedir=/var/mail/test.com/jill.vallentine, address=jill.vallentine@test.com, fullname=jill, maildir=/var/mail/test.com/jill.vallentine/Maildir/, quota=524288000S, options=<null>
Aug  1 16:54:05 mylinux2 authdaemond: Authenticated: clearpasswd=<null>, passwd=$1$910AYiix$C/MQG1PU/mJsrFaI3MQ4P/
Aug  1 16:54:05 mylinux2 postfix/smtp: 6C928320218: to=<ada.wang@test.com>, relay=127.0.0.1:10024, delay=0.5, delays=0.11/0.01/0.02/0.36, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp::10025): 250 2.0.0 Ok: queued as CC49C32021A)
Aug  1 16:54:05 mylinux2 postfix/smtp: 6C928320218: to=<jill.vallentine@test.com>, relay=127.0.0.1:10024, delay=0.5, delays=0.11/0.01/0.02/0.36, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp::10025): 250 2.0.0 Ok: queued as CC49C32021A)
Aug  1 16:54:05 mylinux2 postfix/qmgr: 6C928320218: removed
Aug  1 16:54:06 mylinux2 postfix/pipe: CC49C32021A: to=<ada.wang@test.com>, relay=maildrop, delay=0.22, delays=0.07/0.01/0/0.14, dsn=2.0.0, status=sent (delivered via maildrop service)
Aug  1 16:54:06 mylinux2 postfix/pipe: CC49C32021A: to=<jill.vallentine@test.com>, relay=maildrop, delay=0.24, delays=0.07/0.02/0/0.14, dsn=2.0.0, status=sent (delivered via maildrop service)
Aug  1 16:54:06 mylinux2 postfix/qmgr: CC49C32021A: removed
Aug  1 16:59:05 mylinux2 postfix/smtpd: timeout after END-OF-MESSAGE from localhost
Aug  1 16:59:05 mylinux2 postfix/smtpd: disconnect from localhost
#
《解決方案》

問題更新,

郵件頭中沒有X-Spam-Flag X-Spam-Score X-Spam-Level X-Spam-Status ,把$sa_tag_level_deflt  = 2.0改為-999,所有郵件的郵件頭就都有垃圾郵件的標記了, 但是之後我發現我發送的垃圾郵見的分數全部小於1分(0.97 , 094, 1.01)等, 很奇怪.難道是local.cf中分數設置有誤(required_socre = 5.0),還是我的測試垃圾郵件為達標.我發送的測試垃圾郵件中已經包含"fa piao  dai kai fa piao sex adult "等字眼. 為什麼分數這麼地呢??? 已經使用了Chinese_rule.cf
《解決方案》

上邊垃圾郵件關鍵字本論壇不讓輸入,所以用拼音, 還有英文的.
《解決方案》

問題更新
1.
Chinese_rules.cf剛開始是亂碼的,但是我把這個文件放到windows下用記事本另存為UTF-8了,在放回到liux中就亂碼了.(問下,源碼安裝的spamassassin, Chinese_rules.cf是應該放到/usr/local/share/spamassassin下還是應該放到/etc/mail/spamassassin下呢?)
2.
另外我設置local.cf標記超過5.0就算垃圾郵件的,用命令
spamassassin --test-mode < /tmp/testspam.txt ,顯示結果如下, 該郵件被判定為垃圾郵件了,分值為8.3分了
============================================================
# spamassassin --test-mode < /tmp/testspam.txt
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
        mylinux2.summerx-zone.com
X-Spam-Flag: YES
X-Spam-Level: ********
X-Spam-Status: Yes, score=8.2 required=5.0 tests=CN_BODY_124,CN_BODY_197,
        CN_BODY_3,MISSING_DATE,MISSING_FROM,MISSING_HEADERS,MISSING_MID,
        MISSING_SUBJECT,NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS autolearn=spam
        version=3.3.2
X-Spam-Report: =?ISO-8859-1?Q?
        * -0.0 NO_RELAYS Informational: message was not relayed via SMTP
        *  1.0 MISSING_HEADERS Missing To: header
        *  0.3 CN_BODY_197 BODY: Body contains "=e6=9c=ac=e5=85=ac=e5=8f=b8"
        *  0.1 CN_BODY_3 BODY: Body contains "=e5=8f=91=e7=a5=a8"
        *  2.1 CN_BODY_124 BODY: Body contains "=e6=8a=b5=e6=89=a3"
        *  0.5 MISSING_MID Missing Message-Id: header
        *  1.8 MISSING_SUBJECT Missing Subject: header
        *  1.0 MISSING_FROM Missing From: header
        * -0.0 NO_RECEIVED Informational: message has no Received headers
        *  1.4 MISSING_DATE Missing Date: header
        *  0.0 NO_HEADERS_MESSAGE Message appears to be missing most RFC-822
        *      headers?=
香港H公司竭誠問您和您的公司服務
Subject: *****SPAM*****
X-Spam-Prev-Subject: (nonexistent)

本公司問你提供各種增值稅發票,抵扣發票,並提供成人服務.請各位領導審閱
Spam detection software, running on the system "mylinux2.summerx-zone.com", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
root for details.

Content preview:  本公司問▒ 提供各種增值稅發票,抵扣發票,並提供成人服務.請各位領                                                                             導審閱
   [...]

Content analysis details:   (8.2 points, 5.0 required)

pts rule name              description
---- ---------------------- --------------------------------------------------
-0.0 NO_RELAYS              Informational: message was not relayed via SMTP
1.0 MISSING_HEADERS        Missing To: header
0.3 CN_BODY_197            BODY: Body contains "本公司"
0.1 CN_BODY_3              BODY: Body contains "發票"
2.1 CN_BODY_124            BODY: Body contains "抵扣"
0.5 MISSING_MID            Missing Message-Id: header
1.8 MISSING_SUBJECT        Missing Subject: header
1.0 MISSING_FROM           Missing From: header
-0.0 NO_RECEIVED            Informational: message has no Received headers
1.4 MISSING_DATE           Missing Date: header
0.0 NO_HEADERS_MESSAGE     Message appears to be missing most RFC-822 headers
============================================================
看來spamassassin應該已經生效了,但是我利用extmail發送垃圾郵件(該郵件內容和上邊的testspam.txt內容相同測試,查看郵件頭,發現分值很低 1.049分,

Return-Path: <test3@summerx-zone.com>
Delivered-To: test3@summerx-zone.com
Received: from localhost (localhost )
        by mail.summerx-zone.com (Postfix) with ESMTP id 8C890320245;
        Sat,  3 Aug 2013 18:41:54 +0800 (CST)
X-Virus-Scanned: amavisd-new at summerx-zone.com
X-Spam-Flag: NO
X-Spam-Score: 1.049
X-Spam-Level: *
X-Spam-Status: No, score=1.049 tagged_above=-999 required=5
        tests=[ALL_TRUSTED=-1, AWL=-0.032, FROM_EXCESS_BASE64=0.979,
        HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377,
        MIME_BASE64_BLANKS=0.001, MIME_HTML_ONLY=0.723] autolearn=no
Received: from mail.summerx-zone.com ()
        by localhost (mylinux2.summerx-zone.com ) (amavisd-new, port 10024)
        with ESMTP id IYpXuWiO8yM3; Sat,  3 Aug 2013 18:41:42 +0800 (CST)
Received: from localhost.localdomain (localhost )
        by mail.summerx-zone.com (Postfix) with ESMTP id 99CB6320243;
        Sat,  3 Aug 2013 18:41:40 +0800 (CST)
From: "=?GB2312?B?dGVzdDM=?=" <test3@summerx-zone.com>
To: "=?GB2312?B?YWRhLndhbmc=?=" <ada.wang@summerx-zone.com>,
    "=?GB2312?B?dGVzdDM=?=" <test3@summerx-zone.com>
Subject: =?GB2312?B?tPq/qreixrE=?=
Date: Sat, 03 Aug 2013 18:41:40 +0800
Mime-version: 1.0
X-Originating-Ip:
X-Mailer: ExtMail 1.1.1
Content-Type: text/html; charset="GB2312"
Content-Transfer-Encoding: base64
Message-Id: <20130803104140.99CB6320243@mail.summerx-zone.com>
============================================================
奇怪了, 難道是amavis調用spamassassin哪裡除了問題, 但是amavisd.conf中沒有太多的關於sa的設置啊, amavis的sa部分設定如下.
$sa_tag_level_deflt = -999;
$sa_tag2_level_deflt = 5.0;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 10;  # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 9;   # spam level beyond which a DSN is not sent
$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on hi spam
$bounce_killer_score = 100;  # spam score points to add for joe-jobbed bounces
============================================================

3.想請問下,訓練spamassassin時,能接收類型的文件(txt,msg,html都能接收嗎?另外,請問,我用extmail建立了spam和ham帳戶, 想讓spamassassin定時去/var/mail/summerx-zone.com/spam/Maildir/cur下去取垃圾郵件,但是我直接用vi 打開該文件,發現裡邊內容是亂碼無法直接看的,這樣的文件spamassassin能夠識別到嗎?
/var/mail/summerx-zone.com/spam/Maildir/cur/1375526515.M579656P27418V000000000000FD03I0000000000320243_0.mylinux2.summerx-zone.com\,S\=1547\:2\,S文件內容如下
===========================================================
# cat 1375526515.M579656P27418V000000000000FD03I0000000000320243_0.mylinux2.summerx-zone.com\,S\=1547\:2\,S
Return-Path: <test3@summerx-zone.com>
Delivered-To: test3@summerx-zone.com
Received: from localhost (localhost )
        by mail.summerx-zone.com (Postfix) with ESMTP id 8C890320245;
        Sat,  3 Aug 2013 18:41:54 +0800 (CST)
X-Virus-Scanned: amavisd-new at summerx-zone.com
X-Spam-Flag: NO
X-Spam-Score: 1.049
X-Spam-Level: *
X-Spam-Status: No, score=1.049 tagged_above=-999 required=5
        tests=[ALL_TRUSTED=-1, AWL=-0.032, FROM_EXCESS_BASE64=0.979,
        HTML_MESSAGE=0.001, HTML_MIME_NO_HTML_TAG=0.377,
        MIME_BASE64_BLANKS=0.001, MIME_HTML_ONLY=0.723] autolearn=no
Received: from mail.summerx-zone.com ()
        by localhost (mylinux2.summerx-zone.com ) (amavisd-new, port 10024)
        with ESMTP id IYpXuWiO8yM3; Sat,  3 Aug 2013 18:41:42 +0800 (CST)
Received: from localhost.localdomain (localhost )
        by mail.summerx-zone.com (Postfix) with ESMTP id 99CB6320243;
        Sat,  3 Aug 2013 18:41:40 +0800 (CST)
From: "=?GB2312?B?dGVzdDM=?=" <test3@summerx-zone.com>
To: "=?GB2312?B?YWRhLndhbmc=?=" <ada.wang@summerx-zone.com>,
    "=?GB2312?B?dGVzdDM=?=" <test3@summerx-zone.com>
Subject: =?GB2312?B?tPq/qreixrE=?=
Date: Sat, 03 Aug 2013 18:41:40 +0800
Mime-version: 1.0
X-Originating-Ip:
X-Mailer: ExtMail 1.1.1
Content-Type: text/html; charset="GB2312"
Content-Transfer-Encoding: base64
Message-Id: <20130803104140.99CB6320243@mail.summerx-zone.com>

PFA+z+O420i5q8u+vd+zz87KxPq6zcT6tcS5q8u+t/7O8TwvUD4NCjxQPrG+uavLvs7KxOPM4bmp
uPfW1tT21rXLsLeixrEstda/27eixrEssqLM4bmps8nIy7f+zvEux+u49867wey1vMnz1MQ8QlI+
PC9QPg==

[火星人 ] 請大家幫忙看看amavisd + clamav + spamassassin問題已經有937次圍觀

http://coctec.com/docs/service/show-post-11250.html