Why isn’t spamassassin using my local.cf rules for some spam email?

Following on from this unsolved issue, I have an update Why isn't spamassassin using my local.cf rules for some spam email?.

A lot of the spam I have that is bypassing my local.cf rules are forwarded onto another account usingt he users forwarding rules. So myname@mydomain.co.uk which forwards to myname@myotherdomain.co.uk is getting the spam that I am reporting as by passing local.cf.

Saying that, its not just this setup, I still get emails delivered to my normal info@ account by-passing local.cf sometimes, and that has no forwarding.

what does running the below say? post any warnings/errors here…

spamassassin --lint

you better also add rbl check in postfix (easy with plenty of guides around), it’s faster and needs less resources than spamassassin.

spamassassin --lint says nothing, blank.

[root@mail ~]# spamassassin --lint
[root@mail ~]#

This is my postfix config, I will look to see how to add more.

smtpd_recipient_restrictions = permit_mynetworks, permit_inet_interfaces, permit_sasl_authenticated, reject_unauth_pipelining, reject_unknown_recipient_domain, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, permit

I have changed it to this, as they often seem to be in sorbs. Although I am sure one got through that was on a spamhaus blacklist. Lets see if it helps! Although doesnt explain why spamassassin is not using the blacklists I added in local.cf

smtpd_recipient_restrictions = permit_mynetworks, permit_inet_interfaces, permit_sasl_authenticated, reject_unauth_pipelining, reject_unknown_recipient_domain, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client multi.uribl.com, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, permit

dont use too many rbls, it’ll be much slower to check all of them, for every message…
i usually pick 1 or 2, it’s mostly fine with zen.spamhaus.org & b.barracudacentral.org (eg.)

concerning spamassassin , can you send a print screen from $webmin_url/config.cgi?spam ?

I dont mind it slowing a little as long as it does not affect the whole server, as its a mail, no one knows its slower, only when you’re on the phone and someone says I just sent you an email and your like its not arrived yet, wait, wait, oh its come! :slight_smile:

Do you know if when its rejected the sender gets a bounce back, like if a real user sends an email and they are on the blacklist, to bounce back and be told?

Screenshot attached.

Oh darn it, those postfix rules are blocking legit emails now.

use single rbl (personal favorite : zen.spamhaus.org) or 2 max. some of these other rbls might not work correctly, have stricter rules, etc…start removing some and/or check logs to find blaming rbl…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.