[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Chequeo de Spam con Amavis

On Sat, Oct 24, 2009 at 3:45 PM, Federico Juarez <vafe@vafe.com.ar> wrote:
> Carlos Eduardo Velásquez Chaves escribió:
>> Carlos Eduardo Velásquez Chaves escribió:
>>> Federico Juarez escribió:
>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>
>>>>> Federico Juarez escribió:
>>>>>
>>>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>>>
>>>>>>
>>>>>>> Saludos a todos,
>>>>>>> Tengo un servidor de correo con Postix en Debian Lenny, usando
>>>>>>> amavis
>>>>>>> con Clamav y Spamassassin, el asunto es que no logro hacer que en la
>>>>>>> cabecera del mensaje de correo aparezca algo como esto:
>>>>>>> |X-Spam-Score: 0
>>>>>>> X-Spam-Level:
>>>>>>> X-Spam-Status: No, score=0 tagged_above=-9999 required=6.31
>>>>>>> tests=[none]
>>>>>>>
>>>>>>> |Solamente aparece lo del chequeo de antivirus:
>>>>>>> |X-Virus-Scanned: Debian amavisd-new at mymailserver
>>>>>>>
>>>>>>> |He seguido estos pasos para la implementación del mismo:
>>>>>>> http://www.esdebian.org/wiki/tutorial-ispmail-debian-50-lenny-0#14.
>>>>>>>
>>>>>>> Alguna sugerencia porfa.
>>>>>>>
>>>>>>> Saludos
>>>>>>> |
>>>>>>> |
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> hace un postconf -n y mandalo
>>>>>>
>>>>>> tambien fijate que en el master tengas algo parecido a esto:
>>>>>>
>>>>>> # AMaViS => Antivir /
>>>>>> Antispam
>>>>>>
>>>>>> amavis    unix  -       -       n       -       2
>>>>>> smtp
>>>>>>
>>>>>>    -o
>>>>>> smtp_data_done_timeout=1200
>>>>>>
>>>>>>    -o
>>>>>> smtp_send_xforward_command=yes
>>>>>>
>>>>>>    -o
>>>>>> disable_dns_lookups=yes
>>>>>>
>>>>>>
>>>>>> localhost:10025 inet  n -       n       -      -        smtpd
>>>>>>    -o content_filter=                                          -o
>>>>>> local_recipient_maps=                                    -o
>>>>>> relay_recipient_maps=                                    -o
>>>>>> smtpd_restriction_classes=                               -o
>>>>>> smtpd_client_restrictions=                               -o
>>>>>> smtpd_helo_restrictions=                                 -o
>>>>>> smtpd_sender_restrictions=                               -o
>>>>>> smtpd_recipient_restrictions=permit_mynetworks,reject    -o
>>>>>> smtpd_override_options=no_address_mappings               -o
>>>>>> mynetworks=127.0.0.0/8                                   -o
>>>>>> strict_rfc821_envelopes=yes                              -o
>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
>>>>>>
>>>>>>
>>>>>>
>>>>>> saludos
>>>>>>
>>>>>>
>>>>> Gracias pos la ayuda, efectivamente tengo esas líneas que mencionas en
>>>>> el master.cr sin embargo pongo la configuración del mismo:
>>>>>
>>>>> #Amavis configuracion
>>>>> smtp-amavis unix -      -       n     -       2  smtp
>>>>>    -o smtp_data_done_timeout=1200
>>>>>    -o smtp_send_xforward_command=yes
>>>>>    -o disable_dns_lookups=yes
>>>>>    -o max_use=20
>>>>>
>>>>> 127.0.0.1:10025 inet n  -       -     -       -  smtpd
>>>>>    -o content_filter=
>>>>>    -o local_recipient_maps=
>>>>>    -o relay_recipient_maps=
>>>>>    -o smtpd_restriction_classes=
>>>>>    -o smtpd_delay_reject=no
>>>>>    -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>>    -o smtpd_helo_restrictions=
>>>>>    -o smtpd_sender_restrictions=
>>>>>    -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>>    -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>>    -o smtpd_end_of_data_restrictions=
>>>>>    -o mynetworks=127.0.0.0/8
>>>>>    -o smtpd_error_sleep_time=0
>>>>>    -o smtpd_soft_error_limit=1001
>>>>>    -o smtpd_hard_error_limit=1000
>>>>>    -o smtpd_client_connection_count_limit=0
>>>>>    -o smtpd_client_connection_rate_limit=0
>>>>>    -o
>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
>>>>>
>>>>>
>>>>>    -o local_header_rewrite_clients=
>>>>>
>>>>> Esto lo he tomado del enlace que puse al principio de la página,
>>>>> también descomenté las línas de
>>>>>
>>>>> /etc/amavis/conf.d/15-content_filter_mode
>>>>>
>>>>> Aqui dejo la configuración:
>>>>>
>>>>> @bypass_virus_checks_maps = (
>>>>>   \%bypass_virus_checks, \@bypass_virus_checks_acl,
>>>>> \$bypass_virus_checks_re);
>>>>>
>>>>> @bypass_spam_checks_maps = (
>>>>>   \%bypass_spam_checks, \@bypass_spam_checks_acl,
>>>>> \$bypass_spam_checks_re);
>>>>>
>>>>>
>>>>> Saludos
>>>>>
>>>>>
>>>>>
>>>>>
>>>> Postea el postconf -n
>>>> y fijate si tenes esta linea en el main.cf
>>>> content_filter               = amavis:[127.0.0.1]:10024
>>>>
>>>> si esta la linea hay que ir mirando los logs, fijate que dicen cuando
>>>> entre o sale un mail, o tambien postealos asi vamos mirando.
>>>>
>>>> saludos
>>>>
>>>
>>> Este es el postconf -n
>>>
>>> alias_database = hash:/etc/aliases
>>> alias_maps = hash:/etc/aliases
>>> append_dot_mydomain = no
>>> biff = no
>>> config_directory = /etc/postfix
>>> content_filter = smtp-amavis:[127.0.0.1]:10024
>>> home_mailbox = Mailbox
>>> inet_interfaces = all
>>> mailbox_command = procmail -a "$EXTENSION"
>>> mailbox_size_limit = 52428800
>>> maps_rbl_domains = multi.surbl.org
>>> blackholes.mail-abuse.org        dialups.mail-abuse.org
>>> relays.mail-abuse.org        zen.spamhaus.org
>>> message_size_limit = 5242880
>>> mydestination = $myhostname, /etc/postfix/virtual/domains
>>> mydomain = dominio.ac.cr
>>> myhostname = dominio.utn.ac.cr
>>> mynetworks = XXX.XX.XX.0/24, 127.0.0.0/8
>>> notify_classes = resource,software,bounce,delay,policy
>>> recipient_delimiter = +
>>> relayhost =
>>> smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
>>> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
>>> smtpd_client_restrictions = permit_mynetworks
>>> reject_maps_rbl        check_relay_domains
>>> smtpd_sender_restrictions = hash:/etc/postfix/access
>>> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
>>> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
>>> smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
>>> smtpd_use_tls = yes
>>>
>>> También en el main.cf tengo la línea:
>>>
>>> content_filter               = amavis:[127.0.0.1]:10024
>>>
>>>
>>> Saludos
>>
>> Aqui envío una parte del /var/log/mail.log cuando un correo llega:
>>
>> Oct 22 15:51:11 aliso postfix/smtpd[4575]: connect from
>> mail-vw0-f187.google.com[209.85.212.187]
>> Oct 22 15:51:11 aliso postfix/smtpd[4575]: warning: support for
>> restriction "reject_maps_rbl" will be removed from Postfix; use
>> "reject_rbl_client domain-name" instead
>> Oct 22 15:51:12 aliso postfix/smtpd[4575]: warning: support for
>> restriction "check_relay_domains" will be removed from Postfix; use
>> "reject_unauth_destination" instead
>> Oct 22 15:51:12 aliso postfix/smtpd[4575]: 4631015207B:
>> client=mail-vw0-f187.google.com[209.85.212.187]
>> Oct 22 15:51:12 aliso postfix/cleanup[4579]: 4631015207B:
>> message-id=<5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>
>> Oct 22 15:51:12 aliso postfix/qmgr[31760]: 4631015207B:
>> from=<carvelch@gmail.com>, size=2084, nrcpt=1 (queue active)
>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: connect from
>> localhost[127.0.0.1]
>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: 68F59152093:
>> client=localhost[127.0.0.1]
>> Oct 22 15:51:16 aliso postfix/cleanup[4579]: 68F59152093:
>> message-id=<5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>
>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 68F59152093:
>> from=<carvelch@gmail.com>, size=2533, nrcpt=1 (queue active)
>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: disconnect from
>> localhost[127.0.0.1]
>> Oct 22 15:51:16 aliso amavis[31776]: (31776-08) Passed CLEAN,
>> [209.85.212.187] [209.85.212.187] <carvelch@gmail.com> ->
>> <carlos@estu.utn.ac.cr>, Message-ID:
>> <5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>, mail_id:
>> tqTH0hKOo8ie, Hits: 0.111, size: 2083, queued_as: 68F59152093, 4006 ms
>> Oct 22 15:51:16 aliso postfix/smtp[4580]: 4631015207B:
>> to=<carlos@estu.utn.ac.cr>, relay=127.0.0.1[127.0.0.1]:10024,
>> delay=5.2, delays=1.2/0.01/0/4, dsn=2.0.0, status=sent (250 2.0.0 Ok,
>> id=31776-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
>> 68F59152093)
>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 4631015207B: removed
>> Oct 22 15:51:16 aliso postfix/local[4585]: 68F59152093:
>> to=<carlos@estu.utn.ac.cr>, relay=local, delay=0.12,
>> delays=0.06/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to command:
>> procmail -a "$EXTENSION")
>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 68F59152093: removed
>>
>> Me parece que en esta línea es donde pasa el mail a amavis, o me
>> equivoco?
>>
>> Oct 22 15:51:16 aliso postfix/smtp[4580]: 4631015207B:
>> to=<carlos@estu.utn.ac.cr>, relay=127.0.0.1[127.0.0.1]:10024,
>> delay=5.2, delays=1.2/0.01/0/4, dsn=2.0.0, status=sent (250 2.0.0 Ok,
>> id=31776-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
>> 68F59152093)
>>
>> Saludos
>>
>>
> tonces el problema esta netamente en la conf del amavis y el
> spamassassin, a cuanto tenes puesto el puntaje para considerar un mail
> spam?, por que apartir de ahi es cuando impremi el tag ***SPAM*** o lo
> que tengas configurado
>
>

hiciste la prueba de enviarte un correo que el sistema considere spam ?

intenta con esto:

cat /usr/share/doc/spamassassin/examples/sample-spam.txt | mail -s
"Correo con Spam" turirecciondecorreo@dominio

Adicionalmente, pregunto si es necesario que tengas habilitado el
demonio en /etc/default/spamassassain

Saludos

Johnnatan
Reply to: