Re: Chequeo de Spam con Amavis

To: Lista Debian-user-spanish <debian-user-spanish@lists.debian.org>
Subject: Re: Chequeo de Spam con Amavis
From: Johnnatan Malpica <jmalpica@gmail.com>
Date: Tue, 27 Oct 2009 13:32:26 +1930
Message-id: <[🔎] dfe849760910261102j70d4d254lede061c74854ef00@mail.gmail.com>
In-reply-to: <[🔎] 4AE5BC8B.6030801@uncu.edu.ar>
References: <[🔎] 4ADF2C11.9090500@cuna.ac.cr> <[🔎] 4ADFC45C.1090100@vafe.com.ar> <[🔎] 4AE06AF9.4060204@cuna.ac.cr> <[🔎] 4AE0BF32.90807@vafe.com.ar> <[🔎] 4AE0C86C.8040205@cuna.ac.cr> <[🔎] 4AE0D4C9.2020005@cuna.ac.cr> <[🔎] 4AE20EDC.7050001@vafe.com.ar> <[🔎] 4AE5BA42.5000803@cuna.ac.cr> <[🔎] 4AE5BC8B.6030801@uncu.edu.ar>

On Tue, Oct 27, 2009 at 10:43 AM, Federico Alberto Sayd
<fsayd@uncu.edu.ar> wrote:
> Carlos Eduardo Velásquez Chaves escribió:
>>
>> Federico Juarez escribió:
>>>
>>> Carlos Eduardo Velásquez Chaves escribió:
>>>
>>>>
>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>
>>>>>
>>>>> Federico Juarez escribió:
>>>>>
>>>>>>
>>>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>>>
>>>>>>>
>>>>>>> Federico Juarez escribió:
>>>>>>>
>>>>>>>>
>>>>>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Saludos a todos,
>>>>>>>>> Tengo un servidor de correo con Postix en Debian Lenny, usando
>>>>>>>>> amavis
>>>>>>>>> con Clamav y Spamassassin, el asunto es que no logro hacer que en
>>>>>>>>> la
>>>>>>>>> cabecera del mensaje de correo aparezca algo como esto:
>>>>>>>>> |X-Spam-Score: 0
>>>>>>>>> X-Spam-Level:
>>>>>>>>> X-Spam-Status: No, score=0 tagged_above=-9999 required=6.31
>>>>>>>>> tests=[none]
>>>>>>>>>
>>>>>>>>> |Solamente aparece lo del chequeo de antivirus:
>>>>>>>>> |X-Virus-Scanned: Debian amavisd-new at mymailserver
>>>>>>>>>
>>>>>>>>> |He seguido estos pasos para la implementación del mismo:
>>>>>>>>> http://www.esdebian.org/wiki/tutorial-ispmail-debian-50-lenny-0#14.
>>>>>>>>>
>>>>>>>>> Alguna sugerencia porfa.
>>>>>>>>>
>>>>>>>>> Saludos
>>>>>>>>> |
>>>>>>>>> |
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> hace un postconf -n y mandalo
>>>>>>>>
>>>>>>>> tambien fijate que en el master tengas algo parecido a esto:
>>>>>>>>
>>>>>>>> # AMaViS => Antivir /
>>>>>>>> Antispam
>>>>>>>>
>>>>>>>>
>>>>>>>> amavis    unix  -       -       n       -       2    smtp
>>>>>>>>
>>>>>>>>
>>>>>>>>   -o
>>>>>>>> smtp_data_done_timeout=1200
>>>>>>>>
>>>>>>>>
>>>>>>>>   -o
>>>>>>>> smtp_send_xforward_command=yes
>>>>>>>>
>>>>>>>>
>>>>>>>>   -o
>>>>>>>> disable_dns_lookups=yes
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> localhost:10025 inet  n -       n       -      -        smtpd
>>>>>>>>   -o content_filter=                                          -o
>>>>>>>> local_recipient_maps=                                    -o
>>>>>>>> relay_recipient_maps=                                    -o
>>>>>>>> smtpd_restriction_classes=                               -o
>>>>>>>> smtpd_client_restrictions=                               -o
>>>>>>>> smtpd_helo_restrictions=                                 -o
>>>>>>>> smtpd_sender_restrictions=                               -o
>>>>>>>> smtpd_recipient_restrictions=permit_mynetworks,reject    -o
>>>>>>>> smtpd_override_options=no_address_mappings               -o
>>>>>>>> mynetworks=127.0.0.0/8                                   -o
>>>>>>>> strict_rfc821_envelopes=yes                              -o
>>>>>>>>
>>>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> saludos
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> Gracias pos la ayuda, efectivamente tengo esas líneas que mencionas
>>>>>>> en
>>>>>>> el master.cr sin embargo pongo la configuración del mismo:
>>>>>>>
>>>>>>> #Amavis configuracion
>>>>>>> smtp-amavis unix -      -       n     -       2  smtp
>>>>>>>   -o smtp_data_done_timeout=1200
>>>>>>>   -o smtp_send_xforward_command=yes
>>>>>>>   -o disable_dns_lookups=yes
>>>>>>>   -o max_use=20
>>>>>>>
>>>>>>> 127.0.0.1:10025 inet n  -       -     -       -  smtpd
>>>>>>>   -o content_filter=
>>>>>>>   -o local_recipient_maps=
>>>>>>>   -o relay_recipient_maps=
>>>>>>>   -o smtpd_restriction_classes=
>>>>>>>   -o smtpd_delay_reject=no
>>>>>>>   -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>>>>   -o smtpd_helo_restrictions=
>>>>>>>   -o smtpd_sender_restrictions=
>>>>>>>   -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>>>>   -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>>>>   -o smtpd_end_of_data_restrictions=
>>>>>>>   -o mynetworks=127.0.0.0/8
>>>>>>>   -o smtpd_error_sleep_time=0
>>>>>>>   -o smtpd_soft_error_limit=1001
>>>>>>>   -o smtpd_hard_error_limit=1000
>>>>>>>   -o smtpd_client_connection_count_limit=0
>>>>>>>   -o smtpd_client_connection_rate_limit=0
>>>>>>>   -o
>>>>>>>
>>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
>>>>>>>
>>>>>>>
>>>>>>>   -o local_header_rewrite_clients=
>>>>>>>
>>>>>>> Esto lo he tomado del enlace que puse al principio de la página,
>>>>>>> también descomenté las línas de
>>>>>>>
>>>>>>> /etc/amavis/conf.d/15-content_filter_mode
>>>>>>>
>>>>>>> Aqui dejo la configuración:
>>>>>>>
>>>>>>> @bypass_virus_checks_maps = (
>>>>>>>  \%bypass_virus_checks, \@bypass_virus_checks_acl,
>>>>>>> \$bypass_virus_checks_re);
>>>>>>>
>>>>>>> @bypass_spam_checks_maps = (
>>>>>>>  \%bypass_spam_checks, \@bypass_spam_checks_acl,
>>>>>>> \$bypass_spam_checks_re);
>>>>>>>
>>>>>>>
>>>>>>> Saludos
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Postea el postconf -n
>>>>>> y fijate si tenes esta linea en el main.cf
>>>>>> content_filter               = amavis:[127.0.0.1]:10024
>>>>>>
>>>>>> si esta la linea hay que ir mirando los logs, fijate que dicen cuando
>>>>>> entre o sale un mail, o tambien postealos asi vamos mirando.
>>>>>>
>>>>>> saludos
>>>>>>
>>>>>
>>>>> Este es el postconf -n
>>>>>
>>>>> alias_database = hash:/etc/aliases
>>>>> alias_maps = hash:/etc/aliases
>>>>> append_dot_mydomain = no
>>>>> biff = no
>>>>> config_directory = /etc/postfix
>>>>> content_filter = smtp-amavis:[127.0.0.1]:10024
>>>>> home_mailbox = Mailbox
>>>>> inet_interfaces = all
>>>>> mailbox_command = procmail -a "$EXTENSION"
>>>>> mailbox_size_limit = 52428800
>>>>> maps_rbl_domains = multi.surbl.org       blackholes.mail-abuse.org
>>>>>    dialups.mail-abuse.org       relays.mail-abuse.org
>>>>>  zen.spamhaus.org
>>>>> message_size_limit = 5242880
>>>>> mydestination = $myhostname, /etc/postfix/virtual/domains
>>>>> mydomain = dominio.ac.cr
>>>>> myhostname = dominio.utn.ac.cr
>>>>> mynetworks = XXX.XX.XX.0/24, 127.0.0.0/8
>>>>> notify_classes = resource,software,bounce,delay,policy
>>>>> recipient_delimiter = +
>>>>> relayhost =
>>>>> smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
>>>>> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
>>>>> smtpd_client_restrictions = permit_mynetworks       reject_maps_rbl
>>>>>    check_relay_domains
>>>>> smtpd_sender_restrictions = hash:/etc/postfix/access
>>>>> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
>>>>> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
>>>>> smtpd_tls_session_cache_database =
>>>>> btree:${queue_directory}/smtpd_scache
>>>>> smtpd_use_tls = yes
>>>>>
>>>>> También en el main.cf tengo la línea:
>>>>>
>>>>> content_filter               = amavis:[127.0.0.1]:10024
>>>>>
>>>>>
>>>>> Saludos
>>>>>
>>>>
>>>> Aqui envío una parte del /var/log/mail.log cuando un correo llega:
>>>>
>>>> Oct 22 15:51:11 aliso postfix/smtpd[4575]: connect from
>>>> mail-vw0-f187.google.com[209.85.212.187]
>>>> Oct 22 15:51:11 aliso postfix/smtpd[4575]: warning: support for
>>>> restriction "reject_maps_rbl" will be removed from Postfix; use
>>>> "reject_rbl_client domain-name" instead
>>>> Oct 22 15:51:12 aliso postfix/smtpd[4575]: warning: support for
>>>> restriction "check_relay_domains" will be removed from Postfix; use
>>>> "reject_unauth_destination" instead
>>>> Oct 22 15:51:12 aliso postfix/smtpd[4575]: 4631015207B:
>>>> client=mail-vw0-f187.google.com[209.85.212.187]
>>>> Oct 22 15:51:12 aliso postfix/cleanup[4579]: 4631015207B:
>>>> message-id=<5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>
>>>> Oct 22 15:51:12 aliso postfix/qmgr[31760]: 4631015207B:
>>>> from=<carvelch@gmail.com>, size=2084, nrcpt=1 (queue active)
>>>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: connect from
>>>> localhost[127.0.0.1]
>>>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: 68F59152093:
>>>> client=localhost[127.0.0.1]
>>>> Oct 22 15:51:16 aliso postfix/cleanup[4579]: 68F59152093:
>>>> message-id=<5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>
>>>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 68F59152093:
>>>> from=<carvelch@gmail.com>, size=2533, nrcpt=1 (queue active)
>>>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: disconnect from
>>>> localhost[127.0.0.1]
>>>> Oct 22 15:51:16 aliso amavis[31776]: (31776-08) Passed CLEAN,
>>>> [209.85.212.187] [209.85.212.187] <carvelch@gmail.com> ->
>>>> <carlos@estu.utn.ac.cr>, Message-ID:
>>>> <5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>, mail_id:
>>>> tqTH0hKOo8ie, Hits: 0.111, size: 2083, queued_as: 68F59152093, 4006 ms
>>>> Oct 22 15:51:16 aliso postfix/smtp[4580]: 4631015207B:
>>>> to=<carlos@estu.utn.ac.cr>, relay=127.0.0.1[127.0.0.1]:10024,
>>>> delay=5.2, delays=1.2/0.01/0/4, dsn=2.0.0, status=sent (250 2.0.0 Ok,
>>>> id=31776-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
>>>> 68F59152093)
>>>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 4631015207B: removed
>>>> Oct 22 15:51:16 aliso postfix/local[4585]: 68F59152093:
>>>> to=<carlos@estu.utn.ac.cr>, relay=local, delay=0.12,
>>>> delays=0.06/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to command:
>>>> procmail -a "$EXTENSION")
>>>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 68F59152093: removed
>>>>
>>>> Me parece que en esta línea es donde pasa el mail a amavis, o me
>>>> equivoco?
>>>>
>>>> Oct 22 15:51:16 aliso postfix/smtp[4580]: 4631015207B:
>>>> to=<carlos@estu.utn.ac.cr>, relay=127.0.0.1[127.0.0.1]:10024,
>>>> delay=5.2, delays=1.2/0.01/0/4, dsn=2.0.0, status=sent (250 2.0.0 Ok,
>>>> id=31776-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
>>>> 68F59152093)
>>>>
>>>> Saludos
>>>>
>>>>
>>>>
>>>
>>> tonces el problema esta netamente en la conf del amavis y el
>>> spamassassin, a cuanto tenes puesto el puntaje para considerar un mail
>>> spam?, por que apartir de ahi es cuando impremi el tag ***SPAM*** o lo
>>> que tengas configurado
>>>
>>
>> El asunto no es que me marque el correo Spam como Spam, sino que revise si
>> es Spam o no, si revisa el correo y lo evalúa antes de entregarlo, debería
>> aparecer en los headers del mensaje esto:
>>
>> |X-Spam-Score: 0
>> X-Spam-Level:
>> X-Spam-Status: No, score=0 tagged_above=-9999 required=6.31
>> tests=[none]
>>
>> Pero, solo me sale este:
>>
>> |X-Virus-Scanned: Debian amavisd-new at mymailserver
>>
>> Osea, solo me revisa si el correo tiene virus, el spam parece que no lo
>> está revisando.
>>
>> Saludos
>>
>>
>>
>>
>>
> Te fijaste si habilitaste el modulo antispam en la configuración del amavis?
>
> Tienes que ver en el archivo 15-content-filter-mode
>
> Allí tienes que descomentar la línea que hace filtrado de spam a través de
> spamassasin.
>
> Saludos
>
>
> --
> To UNSUBSCRIBE, email to debian-user-spanish-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>

Hola, estuve investigando un rato acerca de esto. Creo el problema
este relacionado al uso del parametro content_filter en el postfix

En mi equipo en el archivo master.cf tengo una linea como esta:

spamassassin unix - n n - - pipe user=spam argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}

tambien, revisa  el /etc/spamassassin/local.cf que tengas las opciones
habilitadas.


-- 
Johnnatan Malpica
GNU/Linux - Debian Sid
+584168043248

Reply to:

Follow-Ups:
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>

References:
- Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Federico Juarez <vafe@vafe.com.ar>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Federico Juarez <vafe@vafe.com.ar>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Federico Juarez <vafe@vafe.com.ar>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Federico Alberto Sayd <fsayd@uncu.edu.ar>

Prev by Date: Re: Servidores
Next by Date: Re: Servidores
Previous by thread: Re: Chequeo de Spam con Amavis
Next by thread: Re: Chequeo de Spam con Amavis
Index(es):
- Date
- Thread