Facebook
TwitterHey guys,
I've been trying to setup SpamAssassin but it doesn't seem to scan my mail. I sent myself a message I was quite convinced would be seen as spam, but don't see any score back in the headers (or anywhere else).
Could anyone point me in the right direction? Below are the steps I took:
I've been trying to setup SpamAssassin but it doesn't seem to scan my mail. I sent myself a message I was quite convinced would be seen as spam, but don't see any score back in the headers (or anywhere else).
Could anyone point me in the right direction? Below are the steps I took:
- Activated from Tools & Settings > Spam Filter > Switch on server-wide SpamAssassin spam filtering
- Checked that it was running : systemctl status spamassassin (enabled, active)
- plesk bin spamassasssin --info-server ouput:
plesk bin spamassassin --info-server
Spam filter configuration for *@*.
Status true
Apply individual settings to spam true
filtering
The score that a message must 7.00
receive to qualify as spam
Add the following text to the true
beginning of subject of each
message recognized as spam
Modify spam mail subject text *****SPAM***** _SCORE_
Black list
================================
Server-wide black list:
White list
================================
Server-wide white list:
SUCCESS: Gathering server wide information complete.
- Example from /var/log/maillog:
Apr 17 12:39:44 plesk postfix/anvil[26807]: statistics: max connection rate 1/60s for (smtp:198.53.60.171) at Apr 17 12:36:22
Apr 17 12:39:44 plesk postfix/anvil[26807]: statistics: max connection count 1 for (smtp:198.53.60.171) at Apr 17 12:36:22
Apr 17 12:39:44 plesk postfix/anvil[26807]: statistics: max cache size 1 at Apr 17 12:36:22
Apr 17 12:39:54 plesk postfix/smtpd[26847]: connect from mail-ve1eur01hn0300.outbound.protection.outlook.com[2a01:111:f400:fe1f::300]
Apr 17 12:39:55 plesk postfix/smtpd[26847]: 1BB40869FFC: client=mail-ve1eur01hn0300.outbound.protection.outlook.com[2a01:111:f400:fe1f::300]
Apr 17 12:39:55 plesk postfix/cleanup[26852]: 1BB40869FFC: message-id=<AM4PR02MB12674F2F90E4DB17C10D39D1BCB70@AM4PR02MB1267.eurprd02.prod.outlook.com>
Apr 17 12:39:55 plesk /usr/lib64/plesk-9.0/psa-pc-remote[5739]: handlers_stderr: SKIP
Apr 17 12:39:55 plesk /usr/lib64/plesk-9.0/psa-pc-remote[5739]: SKIP during call 'limit-out' handler
Apr 17 12:39:55 plesk check-quota[26854]: Starting the check-quota filter...
Apr 17 12:39:55 plesk /usr/lib64/plesk-9.0/psa-pc-remote[5739]: handlers_stderr: SKIP
Apr 17 12:39:55 plesk /usr/lib64/plesk-9.0/psa-pc-remote[5739]: SKIP during call 'check-quota' handler
Apr 17 12:39:55 plesk postfix/qmgr[5782]: 1BB40869FFC: from=<steven@*******.nl>, size=6423, nrcpt=1 (queue active)
Apr 17 12:39:55 plesk postfix-local[26856]: postfix-local: from=steven@*******.nl, to=example@*******.com, dirname=/var/qmail/mailnames
Apr 17 12:39:55 plesk postfix/smtpd[26847]: disconnect from mail-ve1eur01hn0300.outbound.protection.outlook.com[****:111:f400:fe1f::300]
Apr 17 12:39:55 plesk dovecot: service=lda, user=example@*******.com, ip=[]. sieve: msgid=<AM4PR02MB12674F2F90E4DB17C10D39D1BCB70@AM4PR02MB1267.eurprd02.prod.outlook.com>:$
Apr 17 12:39:55 plesk postfix/pipe[26855]: 1BB40869FFC: to=<example@*******.com>, relay=plesk_virtual, delay=0.44, delays=0.3/0.02/0/0.12, dsn=2.0.0, status=sent (delivere$
Apr 17 12:39:55 plesk postfix/qmgr[5782]: 1BB40869FFC: removed
- sample headers (I noticed there's no x-spam part in them?):
Return-Path: <steven@*******.nl>
X-Original-To: example@*******.com
Delivered-To: example@*******.com
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-am5eur03hn0330.outbound.protection.outlook.com [IPv6:*******:111:f400:fe08::330])
by plesk.*******.nl (Postfix) with ESMTPS id 3C72586BFA6
for <example@*******.com>; Tue, 17 Apr 2018 11:26:00 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=*******.nl;
s=selector1; h=From
ate:Subject:Message-ID:Content-Type:MIME-Version;
bh=wupsgMaP1Z/wD5Yy6Lwam8WMH8lrIsEdUuiIo0Jpd2w=;
b=KauuQoHi19r7/V0JdMPSLc8onMoLKXHNzu1EumeLXUKkOz3BaPdbyBYZOvQM/y0OgVYOWUCWJ8zRKITcXwYXCYF5b/ZIMKQ3hKnq6M8hC0veOpjKb8cjmCFdj3gRcKtX841UnUw9KncENCjTiFUDP/yfunvQOxdLlM6/JRwDVnM=
Received: from AM4PR02MB1267.eurprd02.prod.outlook.com (***.***.241.141) by
AM4PR02MB3010.eurprd02.prod.outlook.com (***.***.125.147) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id
15.20.675.11; Tue, 17 Apr 2018 09:25:58 +0000
Received: from AM4PR02MB1267.eurprd02.prod.outlook.com
([fe80::cdd:d746:b527:1c2b]) by AM4PR02MB1267.eurprd02.prod.outlook.com
([fe80::cdd:d746:b527:1c2b%5]) with mapi id 15.20.0675.015; Tue, 17 Apr 2018
09:25:58 +0000
From: Steven<steven@*******.nl>
To: "example@*******.com" <example@*******.com>
Subject: buy viagra today
Thread-Topic: buy viagra today
Thread-Index: AQHT1i4Xk5MRgELa9k6wm0l+Vj0+pQ==
Date: Tue, 17 Apr 2018 09:25:58 +0000
Message-ID: <AM4PR02MB126792BF7F2F5368B3252642BCB70@AM4PR02MB1267.eurprd02.prod.outlook.com>
Accept-Language: nl-NL, en-US
Content-Language: nl-NL
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is )
smtp.mailfrom=steven@*******.nl;
x-originating-ip: [***.***.210.150]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1;AM4PR02MB3010;7:LIK8N1o4kuI9nX50/pwFiRZyj4VgyDXfrs25akzwG2MBOcUjwTHBEsQtZFl9S4OmnDWu1a3KcsV/cIffC/kCE5qZfZSfRe7npATXvvufJLfXY16iNTD6nlFDO9uy97+8ld/+p8pkJPPE4yCv5SmF5dsGfEpW0vJ0gLimZYtiuYsbOYSBM2XDq3IiQoTPVFE2iZFPgedCofSbmPizno1X6c4ulRA3BLje+KrYp9Dnz+MuBN7psk67QO/OwCNYDC6H
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID7020095)(4652020)(7021125)(5600026)(4534165)(7022125)(4603075)(4627221)(201702281549075)(7048125)(7024125)(7027125)(7028125)(7023125)(2017052603328)(7153060)(7193020);SRVR:AM4PR02MB3010;
x-ms-traffictypediagnostic: AM4PR02MB3010:
x-microsoft-antispam-prvs: <AM4PR02MB30103405DC75918A688419BCBCB70@AM4PR02MB3010.eurprd02.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(3231232)(944501327)(52105095)(93006095)(93001095)(6041310)(20161123558120)(20161123562045)(20161123560045)(2016111802025)(20161123564045)(6043046)(6072148)(201708071742011);SRVR:AM4PR02MB3010;BCL:0;PCL:0;RULEID:;SRVR:AM4PR02MB3010;
x-forefront-prvs: 0645BEB7AA
x-forefront-antispam-report: SFV:SPM;SFS10019020)(39380400002)(396003)(366004)(39830400003)(376002)(346002)(299900001)(189003)(199004)(476003)(1730700003)(7696005)(74482002)(6436002)(81156014)(106356001)(5660300001)(81166006)(2906002)(3480700004)(8676002)(2351001)(105586002)(7116003)(74316002)(19627405001)(14454004)(99286004)(558084003)(6506007)(8936002)(5250100002)(486006)(66066001)(3660700001)(2501003)(55016002)(6916009)(102836004)(26005)(97736004)(186003)(2900100001)(3846002)(6606003)(53936002)(25786009)(6116002)(478600001)(33656002)(3280700002)(86362001)(7736002)(54896002)(316002)(5640700003)(68736007)(9686003)(398444003)(152743003);DIR:OUT;SFP:1501;SCL:5;SRVR:AM4PR02MB3010;H:AM4PR02MB1267.eurprd02.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1;
received-spf: None (protection.outlook.com: *******.nl does not designate
permitted sender hosts)
x-microsoft-antispam-message-info: 4Me/WLIYaI8NEIl+k95Yi/3nZDGWcBgcT/ithWlKkbOresbUH7NVJanqAjI4ZH36i/kl/3VgVRq3qJzIG87jS/e96pNMrrzPoAOhJqaNhxt6+YFztTq8V2eimwuXgVw7Mej+Z98MnjNPI03gh+BB4C4Ed43fs99U0EzAI0UMItob9l9Uc4p6ai8rcQ8SmRr7v+1ldoccNLK/rLnSHTbZQ0jlyi4Ms+CyCvFxIdBYzx9fSJKvNsxhCsPVyEsRJ2JNDQI6om8eJvc8LK5NNSwtapRNzPHQ+4nHOYqYISCjJnXDlf9Qbyw7aaXjPx/B1UNmtC1sbYkgmVhzuR0e3R0ippRXmAwpycnhNvxzAtcWsciWTnwShoBD4gVsnpIC2sM1F+pKgMTPA85Ot8BrU9EWlPY5PW6HJ0Jv6ZZQBXChCQM=
spamdiagnosticoutput: 1:22
Content-Type: multipart/alternative;
boundary="_000_AM4PR02MB126792BF7F2F5368B3252642BCB70AM4PR02MB1267eurp_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: 02d7315f-020a-4e5f-d70a-08d5a4453a7d
X-OriginatorOrg: *******.nl
X-MS-Exchange-CrossTenant-Network-Message-Id: 02d7315f-020a-4e5f-d70a-08d5a4453a7d
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Apr 2018 09:25:58.3036
(UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a4e75c98-a80e-4605-9b02-f5c4db1859b9
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM4PR02MB3010
--_000_AM4PR02MB126792BF7F2F5368B3252642BCB70AM4PR02MB1267eurp_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi dear,
BUY VIAGRA AT LOW PRICE!!!
Enlarge your penis today!
Only $$$$$$
Regards,
Viagra sales team
--_000_AM4PR02MB126792BF7F2F5368B3252642BCB70AM4PR02MB1267eurp_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-=
1">
<style type=3D"text/css" style=3D"display:none;"><!-- P {margin-top:0;margi=
n-bottom:0;} --></style>
</head>
<body dir=3D"ltr">
<div id=3D"divtagdefaultwrapper" style=3D"font-size:12pt;color:#000000;font=
-family:Calibri,Helvetica,sans-serif;" dir=3D"ltr">
<div>
<p style=3D"margin-top:0; margin-bottom:0">Hi dear,</p>
<p style=3D"margin-top:0; margin-bottom:0"><br>
</p>
<p style=3D"margin-top:0; margin-bottom:0"><span>BUY VIAGRA AT LOW PRICE!!!=
</span></p>
<p style=3D"margin-top:0; margin-bottom:0"><br>
</p>
<p style=3D"margin-top:0; margin-bottom:0">Enlarge your penis today!</p>
<p style=3D"margin-top:0; margin-bottom:0"><br>
</p>
<p style=3D"margin-top:0; margin-bottom:0">Only $$$$$$ <br>
</p>
<p style=3D"margin-top:0; margin-bottom:0"><br>
</p>
<p style=3D"margin-top:0; margin-bottom:0">Regards,</p>
Viagra sales team</div>
<br>
<div id=3D"Signature"></div>
</div>
</body>
</html>
--_000_AM4PR02MB126792BF7F2F5368B3252642BCB70AM4PR02MB1267eurp_--
