我在使用 SpamAssassin 时遇到了问题;它为电子邮件分配的分数远低于应有的分数。此外,它在收到电子邮件时分配的分数与spamassassin -t
事后对同一封电子邮件运行的结果不同。例如,以下是从我的电子邮件客户端中的电子邮件标题中提取的垃圾邮件分数报告:
Content analysis details: (1.3 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: goatkoo.us]
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to
background
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 T_REMOTE_IMAGE Message contains an external image
同时,结果如下spamassassin -t
:
Content analysis details: (4.5 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: wilsonbiggs.com]
1.9 URIBL_ABUSE_SURBL Contains an URL listed in the ABUSE SURBL blocklist
[URIs: goatkoo.us]
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?185.73.200.38>]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 DATE_IN_FUTURE_06_12 Date: is 6 to 12 hours after Received: date
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
0.0 HTML_MESSAGE BODY: HTML included in message
0.0 HTML_FONT_LOW_CONTRAST BODY: HTML font color similar or identical to
background
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
0.0 T_REMOTE_IMAGE Message contains an external image
我没有设置自定义规则。我有 exim4 和 courier,并使用 ajenti-v 作为控制面板;在 ajenti-v 中,我为 exim4 设置了以下配置:
自定义配置:
SMTP_PORT == 25:587
LOCAL_INTERFACES == <; 0.0.0.0.25 ; 0.0.0.0.587 ; 0.0.0.0.465 ; [::0]:25 ; [::0]:587 ; [::0]:465
smtp_accept_max = 50
spamd_address = 127.0.0.1 783
ACL_SMTP_DATA == acl_custom_check_data
USE = "exiscan"
自定义 ACL:
acl_custom_check_data:
deny
message = Message headers fail syntax check
!verify = header_syntax
warn spam = nobody:true
add_header = X-Spam-Score: $spam_score ($spam_bar)
add_header = X-Spam-Report: $spam_report
warn spam = nobody
remove_header = Subject
add_header = Subject: ***SPAM (score: $spam_score)*** $rh_Subject:
warn message = Content Policy Restriction: Mails to undisclosed recipients are not permitted
condition = ${if eq{$h_TO:}{undisclosed-recipients:;} {true}{false}}
accept
自定义路由器:
maildir_spam:
driver = accept
transport = maildir_spam_delivery
condition = ${if def:h_X-Spam_score: {true}}
定制运输:
maildir_spam_delivery:
driver = appendfile
maildir_format = true
directory = /var/vmail/$domain/$local_part/.Spam
user = mail
create_directory
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0600
由于这些问题,我每天收到 120 多条垃圾邮件。感谢大家的帮助!
答案1
正如 Rodolfo Saccani 所评论的,这些 IP 可以在您收到消息后列出,因此这会产生差异。
从您收到的第一个分数警告来看,似乎您在 DNS 解析检查 RBL 时遇到了问题。在第一个标头上,SpamAssassin 没有根据 RBL 分配任何分数,但在第二个标头上,由于该邮件来自 RBL 列出的 IP 地址,您获得了一些分数。
custom.cf
编辑/创建spamassassing 配置文件夹(通常是 /etc/mail/spamassassin 或类似文件)上的文件并添加以下内容:
dns_server 8.8.8.8
dns_server 8.8.4.4
dns_server 1.1.1.1
或您喜欢的 DNS 服务器。如果您的问题是由于 SpamAssassin 的 DNS 解析引起的,那么这些行将对您有所帮助。请记住重新启动 spamd 守护程序。