Spamassasin+exim

EXIM, sendmail, postfix, Dovecot и прочие. Решение проблем связанных с работой электронной почты

Модератор: xM

Правила форума
Убедительная просьба юзать теги [code] при оформлении листингов.
Сообщения не оформленные должным образом имеют все шансы быть незамеченными.
Аватара пользователя
digital_punk
мл. сержант
Сообщения: 143
Зарегистрирован: 2010-07-02 11:40:24

Spamassasin+exim

Непрочитанное сообщение digital_punk » 2013-10-02 16:34:56

Система: FreeBSD-8.2
Spamassassin 3.3.2
Exim 4.80.1

Собственно проблема - никакой реакции со стороны spamassassina. То есть он обучен, вроде бы все ок. Но когда приходит явный спам - он не помечает его как таковой.Конфиг ассасина прилагается:

Код: Выделить всё

# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################

#   Add *****SPAM***** to the Subject header of spam e-mails
#
rewrite_header Subject *****SPAM*****
add_header all Score _STARS(*)_
add_header all Status _YESNO_ score=_SCORE_

#   Save spam messages as a message/rfc822 MIME attachment instead of
#   modifying the original message (0: off, 2: use text/plain instead)
#
report_safe 1


#   Set which networks or hosts are considered 'trusted' by your mail
#   server (i.e. not spammers)
#
trusted_networks 192.168.105.


#   Set file-locking method (flock is not safe over NFS, but is faster)
#
# lock_method flock


#   Set the threshold at which a message is considered spam (default: 5.0)
#
required_score 5.0


#   Use Bayesian classifier (default: 1)
#
use_bayes 1
use_bayes_rules 1

bayes_file_mode 0777
#   Bayesian classifier auto-learning (default: 1)
#
bayes_auto_learn 1
use_dcc 1

bayes_min_spam_num 200
bayes_min_ham_num 200

#   Set headers which may provide inappropriate cues to the Bayesian
#   classifier
#
# bayes_ignore_header X-Bogosity
 bayes_ignore_header X-Spam-Flag
 bayes_ignore_header X-Spam-Status

whitelist_from		*@diwaeve.com
whitelist_from		*@ab-com.nl
whitelist_from		*@elsi.com.ua
whitelist_from		*@rozetka.com.ua

blacklist_from		*@seomaster.kiev.ua
blacklist_from		*@delivery-city.com

ok_locales		ru en
ok_languages		ru en
report_charset		windows-1251
#lang			ru

#score NAME_OF_TEST 3.0
score MIME_HTML_ONLY 2.0
#score HTML_FONTCOLOR_RED 2.0
#score FROM_ILLEGAL_CHARS 1.5
#score HEAD_ILLEGAL_CHARS 1.5
#score SUBJ_FULL_OF_8BITS 0.0
#score HEADER_8BITS 0.0
#score HTML_COMMENT_8BITS 0.01
score TO_NO_USER 0.01
score FORGED_MUA_OUTLOOK 0.5
score X_AUTH_WARNING 0.01
score SUBJ_HAS_UNIQ_ID 9.99
score HTTP_USERNAME_USED 9.99
score FORGED_YAHOO_RCVD 9.99
score FORGED_JUNO_RCVD 16
score UNWANTED_LANGUAGE_BODY 1.02
score MLM 5.55
score RCVD_NUMERIC_HELO 4.95

score BAYES_00 0.0001 0.0001 -6.0 -6.0
score BAYES_05 0.0001 0.0001 -3.0 -3.0
score BAYES_20 0.0001 0.0001 -1.0 -1.0
score BAYES_50 0.0001 0.0001 1.6 1.6
score BAYES_60 0.0001 0.0001 2.0 2.0
score BAYES_80 0.0001 0.0001 4.0 4.0
score BAYES_95 0.0001 0.0001 6.5 6.5
score BAYES_99 0.0001 0.0001 10.0 10.0
score RDNS_NONE 0.0001 0.0001 3.0 3.0

#   Some shortcircuiting, if the plugin is enabled
# 
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
#   default: strongly-whitelisted mails are *really* whitelisted now, if the
#   shortcircuiting plugin is active, causing early exit to save CPU load.
#   Uncomment to turn this on
#
 shortcircuit USER_IN_WHITELIST       on
# shortcircuit USER_IN_DEF_WHITELIST   on
# shortcircuit USER_IN_ALL_SPAM_TO     on
# shortcircuit SUBJECT_IN_WHITELIST    on

#   the opposite; blacklisted mails can also save CPU
#
 shortcircuit USER_IN_BLACKLIST       on
# shortcircuit USER_IN_BLACKLIST_TO    on
# shortcircuit SUBJECT_IN_BLACKLIST    on

#   if you have taken the time to correctly specify your "trusted_networks",
#   this is another good way to save CPU
#
 shortcircuit ALL_TRUSTED             on

#   and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99                spam
# shortcircuit BAYES_00                ham

endif # Mail::SpamAssassin::Plugin::Shortcircuit
В чем я не прав?
У Шамана три руки!!!

Хостинговая компания Host-Food.ru
Хостинг HostFood.ru
 

Услуги хостинговой компании Host-Food.ru

Хостинг HostFood.ru

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

ChihPih
ст. прапорщик
Сообщения: 568
Зарегистрирован: 2009-09-04 12:23:30
Откуда: Где-то в России...
Контактная информация:

Re: Spamassasin+exim

Непрочитанное сообщение ChihPih » 2013-10-03 14:59:14

А конфиг exim,а где?
www.info-x.org - информационный ресурс о ОС FreeBSD.

Аватара пользователя
digital_punk
мл. сержант
Сообщения: 143
Зарегистрирован: 2010-07-02 11:40:24

Re: Spamassasin+exim

Непрочитанное сообщение digital_punk » 2013-10-04 15:07:48

Код: Выделить всё

MY_IP = 333.444.222.111

primary_hostname = example.com

smtp_banner = "mail.example.com"
daemon_smtp_ports = 25 : 2525

hide mysql_servers = localhost/vexim/vexim/ffggff

VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}'
RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay'  AND domain = '${quote_mysql:$domain}'
ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'

system_filter = /usr/local/etc/exim/system_filter.conf
HELOREJECTRCPT1=/usr/local/etc/exim/helorejectrcpt

domainlist local_domains = ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
#domainlist relay_to_domains = :
domainlist relay_to_domains = ${lookup mysql{RELAY_DOMAINS}}
hostlist   relay_from_hosts = 127.0.0.0/8 : 192.168.105.2 : 192.168.105.3 : 192.168.105.4

qualify_domain = example.com

hostlist whiteip = /usr/local/etc/exim/whitehost

trusted_users = www:clamav

acl_smtp_rcpt = acl_check_rcpt

acl_smtp_data = acl_check_content

acl_smtp_helo = acl_check_helo

acl_smtp_connect = acl_4_denyhosts

av_scanner = clamd:127.0.0.1 3310

spamd_address = 127.0.0.1 783

exim_user = mailnull
exim_group = mail
never_users = root

host_lookup = *

#rfc1413_hosts = *
rfc1413_query_timeout = 0s

smtp_accept_max = 1000
smtp_receive_timeout = 10m
remote_max_parallel = 300
return_size_limit = 70k

ignore_bounce_errors_after = 2d

timeout_frozen_after = 7d

log_file_path = /var/log/exim/%s.log

message_size_limit = 64M
smtp_enforce_sync = true

# log section;

log_selector =  \
+all_parents \
+connection_reject \
+delay_delivery \
+delivery_size \
+deliver_time \
+queue_time \
+dnslist_defer \
+incoming_interface \
-incoming_port \
+lost_incoming_connection \
+received_sender \
+received_recipients \
+retry_defer \
+sender_on_delivery \
+size_reject \
+skip_delivery \
+smtp_confirmation \
+smtp_connection \
+smtp_protocol_error \
+smtp_syntax_error \
-subject \
-queue_run

# acl section;

begin acl

#    .include /usr/local/etc/exim/vexim-acl-check-spf.conf

#greylist_acl:
#    .include /usr/local/etc/exim/greylists-acl-check.conf

acl_check_helo:

    .include /usr/local/etc/exim/vexim-acl-check-helo.conf

acl_4_denyhosts:

    accept  hosts = :
    drop    hosts = /usr/local/etc/exim/ip.txt
            message = "Connect not allowed, your ip: $sender_host_address in my spam-list\n"
    accept

acl_check_rcpt:

    accept	hosts = :

    deny	domains = +local_domains
	local_parts = ^.*[@%!+/|] : ^\\.
	message = "Use legal symbols in address!"

    deny	domains = !+local_domains
	local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
	message = "Use legal symbols in address!"

#    deny	message = "Address ($sender_address) does not match with authenticated data ($authenticated_id). Check your email program settings."
#		authenticated = *
#		condition = ${if !eq{$authenticated_id}{$sender_address} {yes}{no}}

#    deny	hosts = !+relay_from_hosts
#		domains = +local_domains
#		condition = ${if or{ {eq{$sender_address}{$local_part@$domain}}}}
#		log_message = The same local addresses or domain in MAIL FROM and RCPT TO from nonlocal relay
#		message = Access denied

    accept	authenticated = *
	verify = recipient

    deny	!hosts = +relay_from_hosts:+whiteip
	message = "Your hostname is bad (adsl, poll, ppp & etc). Use SMTP your providers."
	condition = ${if match{$sender_host_name}{dsl|adsl|ppp|pool|peer|dhcp|user|dynamic|cable}{yes}{no}}

    .include /usr/local/etc/exim/vexim-acl-check-rcpt.conf

	accept	local_parts = postmaster
	domains	= +local_domains
#    require verify	= sender

    accept	domains = +local_domains
	endpass
	message = Not user in this domain!
	verify = recipient

    accept	domains = +relay_to_domains
	endpass
	message = Unroutable address!
	verify = recipient

    accept	hosts = +relay_from_hosts

    deny	message = Relay not permitted!


acl_check_content:

    .include /usr/local/etc/exim/vexim-acl-check-content.conf

  accept


begin routers

#smart_route:
#  driver = manualroute
#  domains = !+local_domains : !+relay_to_domains
#  transport = remote_smtp
#  route_list = * email.com.ua
#  no_more

dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more
#  headers_remove = received

ditch_maxmsgsize:
  driver = redirect
  allow_fail
  condition = ${if >{$message_size}{${lookup mysql{select users.maxmsgsize from users,domains \
  		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and users.maxmsgsize > 0 \
		and users.domain_id=domains.domain_id }{${value}K}fail}} {yes}{no}}
  data = :fail:\n\Your message is too big.\n \
	 	Your message was rejected because the user $local_part@$domain\n \
		does not accept messages larger than \
		${lookup mysql{select users.maxmsgsize from users,domains \
		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and users.maxmsgsize > 0 \
		and users.domain_id=domains.domain_id}{${value}K}fail} Kb.
  #local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part

ditch_malware:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if and { {match {$h_X-ACL-Warn:}{.*malware.*}} \
                         {eq {${lookup mysql{select users.on_avscan from users,domains \
		                where localpart = '${quote_mysql:$local_part}' \
		                and domain = '${quote_mysql:$domain}' \ 
		                and users.on_avscan = '1' \
		                and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }

ditch_spam:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if >{$spam_score_int}{${lookup mysql{select users.sa_refuse * 10 from users,domains \
                where localpart = '${quote_mysql:$local_part}' \
                and domain = '${quote_mysql:$domain}' \
        	    and users.on_spamassassin = '1' \
                and users.domain_id=domains.domain_id \
		        and users.sa_refuse > 0 }{$value}fail}} {yes}{no}}
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part

#redire_spam:
#  driver = redirect
#  condition = ${if >{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains \
#                 where localpart = 'support' \
#                 and domain = '${quote_mysql:$domain}'}{$value}fail}}{yes}{no}}
#  data = spam@lip.net.ua


virtual_vacation:
  driver = accept
  condition = ${if and { {!match {$h_precedence:}{(?i)junk|bulk|list}} \
                         {eq {${lookup mysql{select users.on_vacation from users,domains \
		                where localpart = '${quote_mysql:$local_part}' \
		                and domain = '${quote_mysql:$domain}' \ 
		                and users.on_vacation = '1' \
		                and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
  no_verify
  no_expn
  unseen
  transport = virtual_vacation_delivery

virtual_forward:
  driver = redirect
  check_ancestor
  unseen = ${if eq {${lookup mysql{select unseen from users,domains \
		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and users.on_forward = '1' \
		and users.domain_id=domains.domain_id}}}{1} {yes}{no}}
  data = ${lookup mysql{select forward from users,domains \
	where localpart='${quote_mysql:$local_part}' \
	and domain='${quote_mysql:$domain}' \
	and users.domain_id=domains.domain_id \
	and on_forward = '1'}}
  condition = ${if and { {!match {$h_precedence:}{(?i)junk}} \
                         {eq {${lookup mysql{select users.on_forward from users,domains \
		                where localpart = '${quote_mysql:$local_part}' \
		                and domain = '${quote_mysql:$domain}' \ 
		                and users.on_forward = '1' \
		                and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
  
virtual_domains:
  driver = redirect
  allow_fail
  data = ${lookup mysql{select smtp from users,domains \
  		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and domains.enabled = '1' \
		and users.enabled = '1' \
		and users.domain_id = domains.domain_id}}
  headers_add = ${if >{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains \
  		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and users.on_spamassassin = '1' \
		and users.domain_id=domains.domain_id }{$value}fail}} {X-Spam-Flag: YES\n}{} }
  headers_remove = ${if or { { <{$spam_score_int}{1} } \
  			     { <{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains \
			       where localpart = '${quote_mysql:$local_part}' \
			       and domain = '${quote_mysql:$domain}' \
			       and users.on_spamassassin = 1 \
			       and users.domain_id=domains.domain_id}{$value}fail}} } \
			     { eq {0}{${lookup mysql{select users.sa_tag * 10 from users,domains \
			       where localpart = '${quote_mysql:$local_part}' \
			       and domain = '${quote_mysql:$domain}' \
			       and users.on_spamassassin = 0 \
			       and users.domain_id=domains.domain_id}{$value}fail}}} \
			   } {X-Spam-Score:X-Spam-Report} }
#  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part
  file_transport = virtual_delivery
  reply_transport = address_reply
  pipe_transport = address_pipe

.include /usr/local/etc/exim/vexim-group-router.conf

virtual_domains_catchall:
  driver = redirect
  allow_fail
  data = ${lookup mysql{select smtp from users,domains where localpart = '*' \
  		and domain = '${quote_mysql:$domain}' \
		and users.domain_id = domains.domain_id}}
  retry_use_local_part
  file_transport = virtual_delivery
  reply_transport = address_reply
  pipe_transport = address_pipe_catchall

virtual_domain_alias:
  driver = redirect
  allow_fail
  data = ${lookup mysql{select concat('${quote_mysql:$local_part}@', domain) \
  		from domains,domainalias where domainalias.alias = '${quote_mysql:$domain}' \
		and domainalias.domain_id = domains.domain_id}}
  retry_use_local_part



begin transports

remote_smtp:
  driver = smtp


virtual_delivery:
  driver = appendfile
  envelope_to_add
  return_path_add
  mode = 0660
  directory_mode = 0770
  maildir_format = true
  create_directory = true
  directory = ${lookup mysql{select smtp from users,domains \
		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and users.domain_id = domains.domain_id}}
  user = ${lookup mysql{select users.uid  from users,domains \
		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and users.domain_id = domains.domain_id}}
  group = ${lookup mysql{select users.gid from users,domains \
		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and users.domain_id = domains.domain_id}}
  quota = ${lookup mysql{select users.quota from users,domains \
  		where localpart = '${quote_mysql:$local_part}' \
		and domain = '${quote_mysql:$domain}' \
		and users.domain_id = domains.domain_id}{${value}M}}
  quota_is_inclusive = false
  quota_warn_threshold = 75%
  maildir_use_size_file = false
  quota_warn_message = "To: $local_part@$domain\n\
  			Subject: Mailbox quota warning\n\n\
			This message was automatically generated by the mail delivery software.\n\n\
			You are now using over 75% of your allocated mail storage quota.\n\n\
			If your mailbox fills completely, further incoming messages will be automatically\n\
			returned to their senders.\n\n\
			Please take note of this and remove unwanted mail from your mailbox.\n"

virtual_vacation_delivery:
  driver   = autoreply
  from     = "${local_part}@${domain}"
  to       = ${sender_address}
  once     = /var/spool/exim/vacation/$local_part.db
  once_repeat = 7d
  subject  = "Autoreply from ${local_part}@${domain}"
  text     = ${lookup mysql{select vacation from users,domains \
		where domain='${quote_mysql:$domain}' \
		and localpart='${quote_mysql:$local_part}' \
		and users.domain_id=domains.domain_id}}

address_pipe:
  driver = pipe
  return_output
  user = ${lookup mysql{select users.uid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
  group = ${lookup mysql{select users.gid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}

address_pipe_catchall:
  driver = pipe
  return_output
  user = ${lookup mysql{select users.uid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
  group = ${lookup mysql{select users.gid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}

address_pipe_local:
  driver = pipe
  return_output



address_file:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add



address_reply:
  driver = autoreply




begin retry

*                      *           F,2h,5m; G,16h,1h,1.5; F,14d,6h

begin rewrite

begin authenticators

plain_login:
        driver = plaintext
        public_name = PLAIN
        server_condition = ${lookup mysql{SELECT '1' FROM users \
				WHERE username = '${quote_mysql:$2}' \
				AND clear = '${quote_mysql:$3}'} {yes}{no}}
        server_prompts = ":"
        server_set_id = $2

fixed_login:
        driver = plaintext
        public_name = LOGIN
        server_prompts = "Username:: : Password::"
        server_condition = ${lookup mysql{SELECT '1' FROM users \
				WHERE username = '${quote_mysql:$1}' \
				AND clear = '${quote_mysql:$2}'} {yes}{no}}                    
        server_set_id = $1

fixed_cram:
        driver = cram_md5
        public_name = CRAM-MD5
        server_secret = ${lookup mysql{SELECT clear FROM users \
				WHERE username = '${quote_mysql:$1}'}{$value}fail}
        server_set_id = $1
У Шамана три руки!!!

ChihPih
ст. прапорщик
Сообщения: 568
Зарегистрирован: 2009-09-04 12:23:30
Откуда: Где-то в России...
Контактная информация:

Re: Spamassasin+exim

Непрочитанное сообщение ChihPih » 2013-10-04 16:20:57

отлаживать пробуйте через
exim -bhc
www.info-x.org - информационный ресурс о ОС FreeBSD.

Аватара пользователя
digital_punk
мл. сержант
Сообщения: 143
Зарегистрирован: 2010-07-02 11:40:24

Re: Spamassasin+exim

Непрочитанное сообщение digital_punk » 2013-10-04 16:48:42

Ок. Попробую. Спасибо.
У Шамана три руки!!!

Аватара пользователя
digital_punk
мл. сержант
Сообщения: 143
Зарегистрирован: 2010-07-02 11:40:24

Re: Spamassasin+exim

Непрочитанное сообщение digital_punk » 2013-12-02 11:11:54

Все ок. Обучился и стало работать:)
У Шамана три руки!!!

Аватара пользователя
xM
ст. лейтенант
Сообщения: 1316
Зарегистрирован: 2009-01-15 23:57:41
Откуда: Königsberg
Контактная информация:

Re: Spamassasin+exim

Непрочитанное сообщение xM » 2013-12-02 13:14:36

В вашем конфиг Exim я не увидел правила с вызовом spamd.
IT voodoo blog https://kostikov.co

Аватара пользователя
digital_punk
мл. сержант
Сообщения: 143
Зарегистрирован: 2010-07-02 11:40:24

Re: Spamassasin+exim

Непрочитанное сообщение digital_punk » 2013-12-02 13:49:49

Дело в том, что он подключается в другом месте через include
У Шамана три руки!!!

Аватара пользователя
xM
ст. лейтенант
Сообщения: 1316
Зарегистрирован: 2009-01-15 23:57:41
Откуда: Königsberg
Контактная информация:

Re: Spamassasin+exim

Непрочитанное сообщение xM » 2013-12-02 14:09:44

digital_punk писал(а):Дело в том, что он подключается в другом месте через include
Я так и подумал.
IT voodoo blog https://kostikov.co