我有一台装有 posfix、amavis 和 spamassassin 的 Debian 10 服务器。
我管理的另一台服务器每天都会发一封没有内容的邮件,只有一个 gif 作为附件。我已在 spamassassin 的 local.cf 中将发件人地址列入白名单。
收到的邮件的标题包含以下内容:
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on ~~~.~~~.net
X-Spam-Level:
X-Spam-Status: No, score=-93.2 required=5.0 tests=ALL_TRUSTED,BAYES_50,
DC_GIF_UNO_LARGO,DC_IMAGE_SPAM_TEXT,MISSING_HEADERS,PYZOR_CHECK,
SB_GIF_AND_NO_URIS,TVD_SPACE_RATIO,USER_IN_WHITELIST autolearn=no
autolearn_force=no version=3.4.2
这表明该邮件不被视为垃圾邮件,因为发件人地址在白名单中。
问题是主题字段包含[SPAM]垃圾邮件标记。此垃圾邮件标记在我的 spamassassin local.cf 和 amavis 中定义。我还不知道这两个中的哪一个添加了此垃圾邮件标记。
根据 amavis 配置,它不应该放置垃圾邮件标签,因为我在配置中有这个
$sa_tag2_level_deflt = 5.0; #add spam tag to subject for score greater than this value
$sa_spam_subject_tag = '[SPAM]';
我们可以看到,分数较低。amavis 不应该添加此垃圾邮件标签。
那么,如何在主题行中获得垃圾邮件标签?
我确信问题出在我的邮件服务器上,因为当我将该邮件发送到另一个地址时,我没有收到垃圾邮件标签。
另一件奇怪的事情是,当我从我的桌面使用相同的发件人地址发送完全相同的邮件时,它没有获得垃圾邮件标签。
编辑:我还有另外两封与 amavis 行为不一致的邮件。
我有一封邮件,内容如下:
Received: from localhost by xxx.xxx.net
with SpamAssassin (version 3.4.2);
Wed, 11 Nov 2020 17:08:01 +0100
From: huixin0010 <[email protected]>
Subject: [*SPAM*] [~SPAM~]Re: Leather bags manufacturer with 14 years experience
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on xxx.xxx.net
X-Spam-Flag: YES
X-Spam-Level: ******
X-Spam-Status: Yes, score=6.3 required=5.0 tests=BAYES_50,DEAR_SOMETHING,
FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,
HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,PYZOR_CHECK,
RCVD_IN_MSPIKE_BL,RCVD_IN_MSPIKE_L5,RDNS_NONE,T_SPF_HELO_PERMERROR
autolearn=no autolearn_force=no version=3.4.2
[*SPAM*]spamassassin 添加的垃圾邮件标签和[~SPAM~]amavis 添加的垃圾邮件标签在哪里。
该规则设置为当分数高于 5 时,amavis 会添加垃圾邮件标签。
出乎意料的是下面这封邮件,尽管分数高于 5,但 amavis 并未在主题中添加垃圾邮件标签。
Received: from localhost by xxx.xxx.net
with SpamAssassin (version 3.4.2);
Wed, 11 Nov 2020 18:08:24 +0100
From: liyulan029 <[email protected]>
To: xxx <[email protected]>
Subject: [*SPAM*] Re: new design eyeglasses frame and sunglasses
Date: Thu, 12 Nov 2020 01:10:33 +0800 (CST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on xxx.xxx.net
X-Spam-Flag: YES
X-Spam-Level: ******
X-Spam-Status: Yes, score=6.2 required=5.0 tests=BAYES_50,DEAR_SOMETHING,
FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,
HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,MIME_HTML_ONLY,RCVD_IN_RP_RNBL,
RDNS_NONE autolearn=no autolearn_force=no version=3.4.2
这两封邮件之间服务器上没有任何变化。
答案1
主要有两个问题。
第一个是我试图耍小聪明,为 amavis 配置了两套不同的规则。一套用于外部邮件,另一套用于内部邮件(提交到端口 587 或 465 的邮件)。这使得 postfix 和 amavis 的配置更加复杂。它可能会出现错误。
第二个是final_virus_destiny和final_spam_destiny的配置是D_PASS。它们现在的配置是D_DISCARD。可能是在D_PASS模式下,amavis 有问题。我不确定。现在,使用D_DISCARD,邮件被隔离,并向邮政局长发送报告。
这是存储在中的 amavis 配置/etc/amavis/conf.d/99-local。
use strict;
# Place your configuration directives here. They will override those in
# earlier files.
# -- General configuration options
$myhostname = 'smtp.xxx.xxx';
@local_domains_acl = (".xxx.xxx",".yyy.yyy");
@mynetworks = qw(127.0.0.0/8 ::1/128);
$X_HEADER_LINE = "by Amavis at $mydomain"; # Customize header line (don’t show version)
#$log_level = 5;
# -- Parameters for anti-virus
@bypass_virus_checks_maps = (
\%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
$final_virus_destiny = D_DISCARD; # Quarantine virus mails for science
$virus_admin = "postmaster\@$mydomain"; # Where to send virus notification (the default)
# -- Parameters for anti-spam
@bypass_spam_checks_maps = (
\%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
$final_spam_destiny = D_DISCARD; # Quarantine spam mails for recovery if no spam
$spam_admin = "postmaster\@$mydomain"; # Where to send spam notification
$sa_tag_level_deflt = -999; # Add X-Spam headers when score is above that level
$sa_tag2_level_deflt = 5.0; # Add spam subject tag when score above that level
$sa_spam_subject_tag = '[SPAM] '; # Spam subject tag
$sa_kill_level_deflt = 5.0; # DISCARD mail when score is above that level
# -- Parameters for banned mails
$final_banned_destiny = D_DISCARD; # Quarantine banned mails for debugging
$banned_admin = "postmaster\@$mydomain"; # Where to send notification
# -- Parameters for bad header mails
$final_bad_header_destiny = D_DISCARD; # Quarantine bad header mails for debugging
$bad_header_admin = "postmaster\@$mydomain"; # Where to send notification
... <skip dkim configuration> ...
1; # ensure a defined return