Gossamer Forum
Home : Products : Gossamer Mail : Discussion :

is spamassasin working

Quote Reply
is spamassasin working
Hello, I recently installed the spamassassin plugin and ran a test by sending myself an email with "viagra penis enlargement medication cheap" in the subject and the body. This message was not placed in the junk folder so I am wondering if spamassassin is working. This installation of Gmail is on a virtual dedicated server which is running WHM/Cpanel and has about a dozen accounts. All accounts have the option to run spamassassin through Cpanel so I figure all necessary files are on the server for the plugin to work.

Any suggestions?

Thanks,

Bob


.:SEAWEAD:.
Quote Reply
Re: [baidarkabob] is spamassasin working In reply to
Hey Bob,

Try sending the test spam message included with SA and see what happens:

Code:
This is the GTUBE, the
Generic
Test for
Unsolicited
Bulk
Email

If your spam filter supports it, the GTUBE provides a test by which you
can verify that the filter is installed correctly and is detecting incoming
spam. You can send yourself a test mail containing the following string of
characters (in upper case and with no white spaces and line breaks):

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

You should send this test mail from an account outside of your network.

~Charlie
Quote Reply
Re: [baidarkabob] is spamassasin working In reply to
That is if the Admin has Spamassassin configured in the Services thru WHM, which normally is by default.
pstree should reveal a proess spamd.

Try spamassassin --lint -D from shell if you have access and see the output...
Whether or not your mail would be picked up with Viagra stuff is all dependent on the rules there... GTUBE test as suggested by Chaz is in fact *the test* which is normally run in case you would want to check from web, provided your admin has not setup to block such high score messages altogether... GTUBE would result in score of 1000+ or so ... i do not remeber the exact figures though.

So you could save the content in a sample file called samplespam.txt and then run it thru spamassassin from shell and see what you get ...


HyTC...
Quote Reply
Re: [HyperTherm] is spamassasin working? In reply to
Thanks for the responses. I would like to show you what I am seeing via shell but I do not know how to copy and past from Putty. Can you advise me here? I have sent the test email from above and it is going into the spambox. It does not arrive at all unless i turn spamassassin off of the account catchall.

I should also ask my big picture question - I am running Gmail on an account using the catchall method. If I enable spamassassin through Cpanel for this account does it already scan messages as they go into the catchall? If so, that would make the gmail sa plugin redundant, right? Ideally i would like to run spamassassin on the catchall with a score of 6 or 7 to get rid of most messages and then allow individual users to tighten restrictions through the gmail plugin. That sound doable? Bad idea?

Thanks,

bob


.:SEAWEAD:.

Last edited by:

baidarkabob: Sep 3, 2004, 1:10 PM
Quote Reply
Re: [baidarkabob] is spamassasin working? In reply to
If your server has lots of cpu cycles to spare then you could do that, but the best way would be to just turn on SpamAssassin through cpanel and let your users filter mail themselves. With the headers which are added by SpamAssassin they can determine what they want to do with the spam.

Adrian
Quote Reply
Re: [baidarkabob] is spamassasin working? In reply to
Why don't you try doing it in Exim since you must be having access through WHM do all edits to configuration through WHM so that your customization is not overwritten during subsequent Exim Upgrades or cPanel upgrades.

You could set your exim to reject all Obvious SPAM (say score of 20+) to reject at SMTP level which would also mark all mail as SPAM depending upon the score that you have set in server wide .cf file.

In case you would like to do then follwoing could be done:
Login to WHM and Click on Service Configuration>Exim Configuration Editor In Advanced Mode.

In the top box... Add the following line:

spamd_address = 127.0.0.1 783

Scroll down to ACL section (a set of three text areas). In the middle one, Add the following:

Just before the last line Add following (last line is accept)

##### SpamAssassin check #####
warn message = X-Spam-Score: $spam_score
spam = nobody:true
warn message = X-Spam-Report: $spam_report
spam = nobody:true
warn message = Subject: *** SPAM *** $h_Subject
spam = nobody

deny message = This message scored $spam_score spam points. Sorry we do not allow Mails Which Are SPAM .
spam = nobody:true
condition = ${if >{$spam_score_int}{200}{1}{0}}
###Spam Assassin Check End###

Scroll right down and hit on
Save

Above config's will always remain there despite all upgrades ... You could modify the default score of 5 to whaever you feel fit ...

I presume that you are Not having mailscanner+clamav combination. In case you are then switch to exiscan+clamav combination which would reduce the load and also reject all Virus infected messages at SMTP level...

783 is the port where spamd is listening. In case it's confugured on some other port, you could do a check by running netstat -nlp and see which port spamd is on...

HyTC.

Last edited by:

HyperTherm: Sep 4, 2004, 12:44 AM
Quote Reply
Re: [HyperTherm] is spamassasin working? In reply to
HyTC, thanks for the reply. This is a bit above my head. If I do the edits you suggest and leave the Gmail SA plugin out of the equation will users receive emails marked as likely spam with scores below 20 if I do an account by account configuration in addition to the server wide config that you suggest?

Bob


.:SEAWEAD:.
Quote Reply
Re: [baidarkabob] is spamassasin working? In reply to
Hi.

20 and above would never reach your server.
The threshold above which the emails get marked as SPAM would depend on any custom settings you must have done (local.cf). If not then default of 5 is what is taken as threshold above which mails get marked as SPAM server wide. I find that too consevative. So i have a setting of 10 in local.cf to over-ride the default setting. So any mail with score >10 is marked as SPAM server wide...

I personally feel that letting users do too much is more telling on resources. So no GMail SpamAssassin plugin and still users get mails marked as SPAM ...

As Admin your responsibility of whitelisting etc is never ending depending upon the client base that you may have, but it's worth it. Account by account configuration to me is not really needed once you have the above in place. That's my personal experience. I have never really plugged in GMail Spam Assassin plugin as i did not find the need for it...

Do all editing thru WHM as manual edit of exim.conf would be lost in subsequent upgrades. In fact after you have edited, you would see the same in /etc/exim.conf.local file... :-)

HyTC