Re: Chequeo de Spam con Amavis

To: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
Cc: Lista Debian-user-spanish <debian-user-spanish@lists.debian.org>
Subject: Re: Chequeo de Spam con Amavis
From: Johnnatan Malpica <jmalpica@gmail.com>
Date: Tue, 27 Oct 2009 15:20:21 +1930
Message-id: <[🔎] dfe849760910261250v793a91d6q69d8406565dd7311@mail.gmail.com>
In-reply-to: <[🔎] 4AE5E8DA.9020907@cuna.ac.cr>
References: <[🔎] 4ADF2C11.9090500@cuna.ac.cr> <[🔎] 4AE06AF9.4060204@cuna.ac.cr> <[🔎] 4AE0BF32.90807@vafe.com.ar> <[🔎] 4AE0C86C.8040205@cuna.ac.cr> <[🔎] 4AE0D4C9.2020005@cuna.ac.cr> <[🔎] 4AE20EDC.7050001@vafe.com.ar> <[🔎] 4AE5BA42.5000803@cuna.ac.cr> <[🔎] 4AE5BC8B.6030801@uncu.edu.ar> <[🔎] dfe849760910261102j70d4d254lede061c74854ef00@mail.gmail.com> <[🔎] 4AE5E8DA.9020907@cuna.ac.cr>

On Tue, Oct 27, 2009 at 1:52 PM, Carlos Eduardo Velásquez Chaves
<debianlist@cuna.ac.cr> wrote:
> Johnnatan Malpica escribió:
>>
>> On Tue, Oct 27, 2009 at 10:43 AM, Federico Alberto Sayd
>> <fsayd@uncu.edu.ar> wrote:
>>
>>>
>>> Carlos Eduardo Velásquez Chaves escribió:
>>>
>>>>
>>>> Federico Juarez escribió:
>>>>
>>>>>
>>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>>
>>>>>
>>>>>>
>>>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>>>
>>>>>>
>>>>>>>
>>>>>>> Federico Juarez escribió:
>>>>>>>
>>>>>>>
>>>>>>>>
>>>>>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>> Federico Juarez escribió:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Carlos Eduardo Velásquez Chaves escribió:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Saludos a todos,
>>>>>>>>>>> Tengo un servidor de correo con Postix en Debian Lenny, usando
>>>>>>>>>>> amavis
>>>>>>>>>>> con Clamav y Spamassassin, el asunto es que no logro hacer que en
>>>>>>>>>>> la
>>>>>>>>>>> cabecera del mensaje de correo aparezca algo como esto:
>>>>>>>>>>> |X-Spam-Score: 0
>>>>>>>>>>> X-Spam-Level:
>>>>>>>>>>> X-Spam-Status: No, score=0 tagged_above=-9999 required=6.31
>>>>>>>>>>> tests=[none]
>>>>>>>>>>>
>>>>>>>>>>> |Solamente aparece lo del chequeo de antivirus:
>>>>>>>>>>> |X-Virus-Scanned: Debian amavisd-new at mymailserver
>>>>>>>>>>>
>>>>>>>>>>> |He seguido estos pasos para la implementación del mismo:
>>>>>>>>>>>
>>>>>>>>>>> http://www.esdebian.org/wiki/tutorial-ispmail-debian-50-lenny-0#14.
>>>>>>>>>>>
>>>>>>>>>>> Alguna sugerencia porfa.
>>>>>>>>>>>
>>>>>>>>>>> Saludos
>>>>>>>>>>> |
>>>>>>>>>>> |
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> hace un postconf -n y mandalo
>>>>>>>>>>
>>>>>>>>>> tambien fijate que en el master tengas algo parecido a esto:
>>>>>>>>>>
>>>>>>>>>> # AMaViS => Antivir /
>>>>>>>>>> Antispam
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> amavis    unix  -       -       n       -       2    smtp
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>  -o
>>>>>>>>>> smtp_data_done_timeout=1200
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>  -o
>>>>>>>>>> smtp_send_xforward_command=yes
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>  -o
>>>>>>>>>> disable_dns_lookups=yes
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> localhost:10025 inet  n -       n       -      -        smtpd
>>>>>>>>>>  -o content_filter=                                          -o
>>>>>>>>>> local_recipient_maps=                                    -o
>>>>>>>>>> relay_recipient_maps=                                    -o
>>>>>>>>>> smtpd_restriction_classes=                               -o
>>>>>>>>>> smtpd_client_restrictions=                               -o
>>>>>>>>>> smtpd_helo_restrictions=                                 -o
>>>>>>>>>> smtpd_sender_restrictions=                               -o
>>>>>>>>>> smtpd_recipient_restrictions=permit_mynetworks,reject    -o
>>>>>>>>>> smtpd_override_options=no_address_mappings               -o
>>>>>>>>>> mynetworks=127.0.0.0/8                                   -o
>>>>>>>>>> strict_rfc821_envelopes=yes                              -o
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> saludos
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Gracias pos la ayuda, efectivamente tengo esas líneas que mencionas
>>>>>>>>> en
>>>>>>>>> el master.cr sin embargo pongo la configuración del mismo:
>>>>>>>>>
>>>>>>>>> #Amavis configuracion
>>>>>>>>> smtp-amavis unix -      -       n     -       2  smtp
>>>>>>>>>  -o smtp_data_done_timeout=1200
>>>>>>>>>  -o smtp_send_xforward_command=yes
>>>>>>>>>  -o disable_dns_lookups=yes
>>>>>>>>>  -o max_use=20
>>>>>>>>>
>>>>>>>>> 127.0.0.1:10025 inet n  -       -     -       -  smtpd
>>>>>>>>>  -o content_filter=
>>>>>>>>>  -o local_recipient_maps=
>>>>>>>>>  -o relay_recipient_maps=
>>>>>>>>>  -o smtpd_restriction_classes=
>>>>>>>>>  -o smtpd_delay_reject=no
>>>>>>>>>  -o smtpd_client_restrictions=permit_mynetworks,reject
>>>>>>>>>  -o smtpd_helo_restrictions=
>>>>>>>>>  -o smtpd_sender_restrictions=
>>>>>>>>>  -o smtpd_recipient_restrictions=permit_mynetworks,reject
>>>>>>>>>  -o smtpd_data_restrictions=reject_unauth_pipelining
>>>>>>>>>  -o smtpd_end_of_data_restrictions=
>>>>>>>>>  -o mynetworks=127.0.0.0/8
>>>>>>>>>  -o smtpd_error_sleep_time=0
>>>>>>>>>  -o smtpd_soft_error_limit=1001
>>>>>>>>>  -o smtpd_hard_error_limit=1000
>>>>>>>>>  -o smtpd_client_connection_count_limit=0
>>>>>>>>>  -o smtpd_client_connection_rate_limit=0
>>>>>>>>>  -o
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>  -o local_header_rewrite_clients=
>>>>>>>>>
>>>>>>>>> Esto lo he tomado del enlace que puse al principio de la página,
>>>>>>>>> también descomenté las línas de
>>>>>>>>>
>>>>>>>>> /etc/amavis/conf.d/15-content_filter_mode
>>>>>>>>>
>>>>>>>>> Aqui dejo la configuración:
>>>>>>>>>
>>>>>>>>> @bypass_virus_checks_maps = (
>>>>>>>>>  \%bypass_virus_checks, \@bypass_virus_checks_acl,
>>>>>>>>> \$bypass_virus_checks_re);
>>>>>>>>>
>>>>>>>>> @bypass_spam_checks_maps = (
>>>>>>>>>  \%bypass_spam_checks, \@bypass_spam_checks_acl,
>>>>>>>>> \$bypass_spam_checks_re);
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Saludos
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> Postea el postconf -n
>>>>>>>> y fijate si tenes esta linea en el main.cf
>>>>>>>> content_filter               = amavis:[127.0.0.1]:10024
>>>>>>>>
>>>>>>>> si esta la linea hay que ir mirando los logs, fijate que dicen
>>>>>>>> cuando
>>>>>>>> entre o sale un mail, o tambien postealos asi vamos mirando.
>>>>>>>>
>>>>>>>> saludos
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> Este es el postconf -n
>>>>>>>
>>>>>>> alias_database = hash:/etc/aliases
>>>>>>> alias_maps = hash:/etc/aliases
>>>>>>> append_dot_mydomain = no
>>>>>>> biff = no
>>>>>>> config_directory = /etc/postfix
>>>>>>> content_filter = smtp-amavis:[127.0.0.1]:10024
>>>>>>> home_mailbox = Mailbox
>>>>>>> inet_interfaces = all
>>>>>>> mailbox_command = procmail -a "$EXTENSION"
>>>>>>> mailbox_size_limit = 52428800
>>>>>>> maps_rbl_domains = multi.surbl.org       blackholes.mail-abuse.org
>>>>>>>   dialups.mail-abuse.org       relays.mail-abuse.org
>>>>>>>  zen.spamhaus.org
>>>>>>> message_size_limit = 5242880
>>>>>>> mydestination = $myhostname, /etc/postfix/virtual/domains
>>>>>>> mydomain = dominio.ac.cr
>>>>>>> myhostname = dominio.utn.ac.cr
>>>>>>> mynetworks = XXX.XX.XX.0/24, 127.0.0.0/8
>>>>>>> notify_classes = resource,software,bounce,delay,policy
>>>>>>> recipient_delimiter = +
>>>>>>> relayhost =
>>>>>>> smtp_tls_session_cache_database =
>>>>>>> btree:${queue_directory}/smtp_scache
>>>>>>> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
>>>>>>> smtpd_client_restrictions = permit_mynetworks       reject_maps_rbl
>>>>>>>   check_relay_domains
>>>>>>> smtpd_sender_restrictions = hash:/etc/postfix/access
>>>>>>> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
>>>>>>> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
>>>>>>> smtpd_tls_session_cache_database =
>>>>>>> btree:${queue_directory}/smtpd_scache
>>>>>>> smtpd_use_tls = yes
>>>>>>>
>>>>>>> También en el main.cf tengo la línea:
>>>>>>>
>>>>>>> content_filter               = amavis:[127.0.0.1]:10024
>>>>>>>
>>>>>>>
>>>>>>> Saludos
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> Aqui envío una parte del /var/log/mail.log cuando un correo llega:
>>>>>>
>>>>>> Oct 22 15:51:11 aliso postfix/smtpd[4575]: connect from
>>>>>> mail-vw0-f187.google.com[209.85.212.187]
>>>>>> Oct 22 15:51:11 aliso postfix/smtpd[4575]: warning: support for
>>>>>> restriction "reject_maps_rbl" will be removed from Postfix; use
>>>>>> "reject_rbl_client domain-name" instead
>>>>>> Oct 22 15:51:12 aliso postfix/smtpd[4575]: warning: support for
>>>>>> restriction "check_relay_domains" will be removed from Postfix; use
>>>>>> "reject_unauth_destination" instead
>>>>>> Oct 22 15:51:12 aliso postfix/smtpd[4575]: 4631015207B:
>>>>>> client=mail-vw0-f187.google.com[209.85.212.187]
>>>>>> Oct 22 15:51:12 aliso postfix/cleanup[4579]: 4631015207B:
>>>>>>
>>>>>> message-id=<5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>
>>>>>> Oct 22 15:51:12 aliso postfix/qmgr[31760]: 4631015207B:
>>>>>> from=<carvelch@gmail.com>, size=2084, nrcpt=1 (queue active)
>>>>>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: connect from
>>>>>> localhost[127.0.0.1]
>>>>>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: 68F59152093:
>>>>>> client=localhost[127.0.0.1]
>>>>>> Oct 22 15:51:16 aliso postfix/cleanup[4579]: 68F59152093:
>>>>>>
>>>>>> message-id=<5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>
>>>>>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 68F59152093:
>>>>>> from=<carvelch@gmail.com>, size=2533, nrcpt=1 (queue active)
>>>>>> Oct 22 15:51:16 aliso postfix/smtpd[4584]: disconnect from
>>>>>> localhost[127.0.0.1]
>>>>>> Oct 22 15:51:16 aliso amavis[31776]: (31776-08) Passed CLEAN,
>>>>>> [209.85.212.187] [209.85.212.187] <carvelch@gmail.com> ->
>>>>>> <carlos@estu.utn.ac.cr>, Message-ID:
>>>>>> <5e78e1df0910221451l1e5238aq89ee3d5fa17b00c0@mail.gmail.com>, mail_id:
>>>>>> tqTH0hKOo8ie, Hits: 0.111, size: 2083, queued_as: 68F59152093, 4006 ms
>>>>>> Oct 22 15:51:16 aliso postfix/smtp[4580]: 4631015207B:
>>>>>> to=<carlos@estu.utn.ac.cr>, relay=127.0.0.1[127.0.0.1]:10024,
>>>>>> delay=5.2, delays=1.2/0.01/0/4, dsn=2.0.0, status=sent (250 2.0.0 Ok,
>>>>>> id=31776-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
>>>>>> 68F59152093)
>>>>>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 4631015207B: removed
>>>>>> Oct 22 15:51:16 aliso postfix/local[4585]: 68F59152093:
>>>>>> to=<carlos@estu.utn.ac.cr>, relay=local, delay=0.12,
>>>>>> delays=0.06/0.01/0/0.04, dsn=2.0.0, status=sent (delivered to command:
>>>>>> procmail -a "$EXTENSION")
>>>>>> Oct 22 15:51:16 aliso postfix/qmgr[31760]: 68F59152093: removed
>>>>>>
>>>>>> Me parece que en esta línea es donde pasa el mail a amavis, o me
>>>>>> equivoco?
>>>>>>
>>>>>> Oct 22 15:51:16 aliso postfix/smtp[4580]: 4631015207B:
>>>>>> to=<carlos@estu.utn.ac.cr>, relay=127.0.0.1[127.0.0.1]:10024,
>>>>>> delay=5.2, delays=1.2/0.01/0/4, dsn=2.0.0, status=sent (250 2.0.0 Ok,
>>>>>> id=31776-08, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
>>>>>> 68F59152093)
>>>>>>
>>>>>> Saludos
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> tonces el problema esta netamente en la conf del amavis y el
>>>>> spamassassin, a cuanto tenes puesto el puntaje para considerar un mail
>>>>> spam?, por que apartir de ahi es cuando impremi el tag ***SPAM*** o lo
>>>>> que tengas configurado
>>>>>
>>>>>
>>>>
>>>> El asunto no es que me marque el correo Spam como Spam, sino que revise
>>>> si
>>>> es Spam o no, si revisa el correo y lo evalúa antes de entregarlo,
>>>> debería
>>>> aparecer en los headers del mensaje esto:
>>>>
>>>> |X-Spam-Score: 0
>>>> X-Spam-Level:
>>>> X-Spam-Status: No, score=0 tagged_above=-9999 required=6.31
>>>> tests=[none]
>>>>
>>>> Pero, solo me sale este:
>>>>
>>>> |X-Virus-Scanned: Debian amavisd-new at mymailserver
>>>>
>>>> Osea, solo me revisa si el correo tiene virus, el spam parece que no lo
>>>> está revisando.
>>>>
>>>> Saludos
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>> Te fijaste si habilitaste el modulo antispam en la configuración del
>>> amavis?
>>>
>>> Tienes que ver en el archivo 15-content-filter-mode
>>>
>>> Allí tienes que descomentar la línea que hace filtrado de spam a través
>>> de
>>> spamassasin.
>>>
>>> Saludos
>>>
>>>
>>> --
>>> To UNSUBSCRIBE, email to debian-user-spanish-REQUEST@lists.debian.org
>>> with a subject of "unsubscribe". Trouble? Contact
>>> listmaster@lists.debian.org
>>>
>>>
>>>
>>
>> Hola, estuve investigando un rato acerca de esto. Creo el problema
>> este relacionado al uso del parametro content_filter en el postfix
>>
>> En mi equipo en el archivo master.cf tengo una linea como esta:
>>
>> spamassassin unix - n n - - pipe user=spam argv=/usr/bin/spamc -f -e
>> /usr/sbin/sendmail -oi -f ${sender} ${recipient}
>>
>
> Con respecto a este línea del master.cf veo que usas sendmail, en mi caso es
> postfix y efectivamente no la tengo, lo que  si tengo es lo de redireccionar
> el correo a amavis que es el que a su vez se encarga de enviarlo a
> spamassassin, cierto?
>
>
> --
> To UNSUBSCRIBE, email to debian-user-spanish-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>


pido disculpas,  te estaba enviando lo que encontraba por la web y
validaba con un server virtual de prueba. (algo un tanto
irresponsable, pero al final revise un poco mas y me percate que me
marcaba la info de spam para unos si y otros no. Creo esto es lo que
estas buscando)

Revisando el archivo
/etc/amavis/conf.d/20-debian_defaults

Encontre estos parametros:
$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level

No olvides reiniciar los servicios.

Olvida lo que te comente antes e intenta con esto a ver si funciona.

Nuevamente mis disculpas por probar y hacerte probar.

salu2

-- 
Johnnatan Malpica
GNU/Linux - Debian Sid
+584168043248

Reply to:

Follow-Ups:
- Re: Chequeo de Spam con Amavis
  - From: Johnnatan Malpica <jmalpica@gmail.com>

References:
- Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Federico Juarez <vafe@vafe.com.ar>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Federico Juarez <vafe@vafe.com.ar>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>
- Re: Chequeo de Spam con Amavis
  - From: Federico Alberto Sayd <fsayd@uncu.edu.ar>
- Re: Chequeo de Spam con Amavis
  - From: Johnnatan Malpica <jmalpica@gmail.com>
- Re: Chequeo de Spam con Amavis
  - From: Carlos Eduardo Velásquez Chaves <debianlist@cuna.ac.cr>

Prev by Date: Re: Acceder a PC detrás de firewall
Next by Date: Re: Chequeo de Spam con Amavis
Previous by thread: Re: Chequeo de Spam con Amavis
Next by thread: Re: Chequeo de Spam con Amavis
Index(es):
- Date
- Thread