Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: Spam gets no REJECT

30 views
Skip to first unread message

franc...@gmx.net

unread,
Jun 7, 2013, 8:00:46 AM6/7/13
to
Am 05.06.2013 um 03:39 schrieb Gary V:

>
> On Sun, Jun 2, 2013 at 4:33 PM, <franc...@gmx.net> wrote:
> Hello,
>
> I have on my Ubuntu 12.04 LTS server a postfix 2.9.3-2 MTA with AMaViS 2.6.5 and Spamassassin 3.3.2.
> I set in my 50-user setting file for amavis:
>
> $sa_tag2_level_deflt = 5
> $sa_kill_level_deflt = 6.13
> $sa_dsn_cutoff_level = 100 (only to test, normally 10)
>
> In my blacklist.cf of spamassassin config I set a special E-Mail-address to 11.11 score, so each mail from this address gets +11.11 on its score.
>
> But I never get a message from the Mailer Daemon of this spam-test-address (it is a gmx.net address, by the way) that this mail got rejected by my server.
> I find the mail in the quarantine folder (/var/lib/amavis/virusmails), but there is never a message from the Mailer Daemon.
>
> I thought if the score is higher than $sa_kill_level_deflt (6.13 in my case) than it is rejected with a notice, only if the score is higher than $sa_dsn_cutoff_level (100 here) the mail is just dropped, without notice, no message then from the Mailer Daemon of the transfering MTA (gmx in this case).
>
> What do I need to do, that postfix gives a appropriate REJECT to a spam mail?
> What could I have overseen?
> Is there maybe a postfix setting which touches this behaviour?
>
> Thank you for hints,
>
> frank
>
>
> Generally speaking, you never want your server to send a bounce notice back to a spammer - since nearly all spam has a spoofed sender address, so it's a good thing that a bounce was not sent.
>
> Look at your $final_spam_destiny setting.
>
> $final_spam_destiny = D_DISCARD;
> will not send a bounce.
>
> http://www200.pair.com/mecham/spam/amavisd-settings.html

Thank you for the hint and thank you for the link, it is very good explained there.

In my configuration, which I found lastly in:

/etc/amavis/conf.d/21-ubuntu_defaults

it was like you wrote:

$final_spam_destiny = D_DISCARD;

which overwrote my settings in 20-debian_defaults (I had the setting there D_REJECT, which was the reason why it irritated me).

It is clear, that I don’t want a BOUNCE, because most Spam is with wrong sender, but I want a REJECT, at least when the Score is not that high, to avoid a silent discard of maybe false positive.
So I set $final_spam_destiny to D_REJECT, and only with score higher than $sa_dsn_cutoff_level it will be silently discarded, is this right?

So with:
$final_spam_destiny = D_REJECT
in amavis configuration and in spamassassin conf. this:

$sa_tag_level_deflt = undef;
$sa_tag2_level_deflt = 5;
$sa_kill_level_deflt = 6.31;
$sa_dsn_cutoff_level = 10;

a mail with score 7 will be rejected and a mail with score 11 will be discarded, do I understand it right now?
The setting $final_spam_destiny is working together with $sa_kill_level_deflt.
And with a higher score than in $sa_dsn_cutoff_level the setting for $final_spam_destiny is ignored, any mail is discarded, is it right?

frank

franc...@gmx.net

unread,
Jun 8, 2013, 1:57:36 AM6/8/13
to
Now, after a little more research and practice I can reduce my questions to this:

Is the setting of $sa_dsn_cutoff_level only considered if $final_spam_destiny = D_BOUNCE?

In my experience I can say, that with $final_spam_destiny = D_REJECT a mail with score higher than $sa_dsn_cutoff_level is REJECTED. It is not discarded, which I expected before and which would be more useful.

Frank

0 new messages