Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- centos:mail_c7:spam_8 [19.11.2014 22:10. ] – [SPAM (GTUBE)] django
+++ centos:mail_c7:spam_8 [22.07.2019 15:01. ] (aktuell) – Externe Bearbeitung 127.0.0.1
@@ Zeile 390: / Zeile 390: @@
 # Header-Checks basierend auf "From" im Mailheader  (Nummerierung 2000 - 2999):
-header          HEADER_FROM_CHECKS_NR_2004       From =~ /^*.bild-nachrichten.net/im
+header          HEADER_FROM_CHECKS_NR_2004       From =~ /^.*bild-nachrichten.net/im
 score           HEADER_FROM_CHECKS_NR_2004       20
 tflags          HEADER_FROM_CHECKS_NR_2004       noautolearn
@@ Zeile 554: / Zeile 554: @@
    enabled
 Die Rückmeldung **enabled** zeigt an, dass der Dienst automatisch startet; ein **disabled** zeigt entsprechend an, dass der Dienst __nicht__ automatisch startet.
 ===== Tests =====
+Haben wir die Konfiguration unseres **[[centos:mail_c7:spam_6|AMaViS]]** fertiggestellt, können wir uns auch daransetzen unsere **[[centos:mail_c7:spam_6?&#programmstart|Spamassassin]]**-Installation zu überprüfen.
 ==== HAM ====
-Haben wir unsere **AMaViS**-Konfiguration abgeschlossen, schicken wir uns entweder via **telnet** eine Nachricht, oder nutzen das Hilfsprogramm **[[http://www.jetmore.org/john/code/swaks/|swaks]]** für den Tippfaulen Admin.
+Haben wir unsere **AMaViS**-Konfiguration abgeschlossen, schicken wir uns entweder via **telnet** eine Nachricht, oder nutzen das Hilfsprogramm **[[http://www.jetmore.org/john/code/swaks/|swaks]]** für den tippfaulen Admin.
    # swaks --to django@nausch.org --from michael@nausch.org --header-X-Test "test email" --server 10.0.0.87
 <code>=== Trying 10.0.0.87:25...
@@ Zeile 608: / Zeile 609: @@
 </code>
-Auf Seiten unseres **AS/AV**((**A**nti**S**pam/**A**nti**Virus**))-Hosts wird die Prüfung im Maillog dokumentiert.
+Auf Seiten unseres **AS/AV**((**A**nti**S**pam und **A**nti**V**irus))-Hosts wird die Prüfung im Maillog dokumentiert.
    # less /var/log/maillog
 <code>Nov 19 19:17:34 vml000067 amavis[12129]: loaded policy bank "AM.PDP-SOCK"
@@ Zeile 693: / Zeile 694: @@
 ==== SPAM (blacklist) ====
+Haben wir unsere **AMaViS**-Konfiguration abgeschlossen, schicken wir uns entweder via **telnet** eine Nachricht, oder nutzen das Hilfsprogramm **[[http://www.jetmore.org/john/code/swaks/|swaks]]** für den tippfaulen Admin.
+   # swaks --to django@nausch.org --from me@example.com --server 10.0.0.87 --header "From: Euro Dice Casino"
+<code>=== Trying 10.0.0.87:25...
+=== Connected to 10.0.0.87.
+<-  220 mx01.nausch.org ESMTP Postfix
+ -> EHLO vml000067.dmz.nausch.org
+<-  250-mx01.nausch.org
+<-  250-PIPELINING
+<-  250-SIZE 52428800
+<-  250-ETRN
+<-  250-STARTTLS
+<-  250-ENHANCEDSTATUSCODES
+<-  250-8BITMIME
+<-  250 DSN
+ -> MAIL FROM:<me@example.com>
+<-  250 2.1.0 Ok
+ -> RCPT TO:<django@nausch.org>
+<-  250 2.1.5 Ok
+ -> DATA
+<-  354 End data with <CR><LF>.<CR><LF>
+ -> Date: Thu, 20 Nov 2014 09:14:37 +0100
+ -> To: django@nausch.org
+ -> From: Euro Dice Casino
+ -> Subject: test Thu, 20 Nov 2014 09:14:37 +0100
+ -> X-Mailer: swaks v20130209.0 jetmore.org/john/code/swaks/
+ ->
+ -> This is a test mailing
+ ->
+ -> .
+<** 554 5.7.0 Reject, id=02244-01 - spam. Contact your postmaster/admin for technical assistance. He can achieve our postmaster via email: postmaster@nausch.org or via fax: +49 8121 883179. In any case, please provide the following information in your problem report: This error message, time (Nov 20 09:14:37), client (10.0.0.67) and server (mx01.nausch.org).
+ -> QUIT
+<-  221 2.0.0 Bye
+=== Connection closed with remote host.
+</code>
+Im Maillog des **MTA**((**M**ail **T**ransport **A**gent)) finden wir die Einträge des Zustellungsversuch.
+   # less /var/log/maillog
+<code>Nov 20 09:14:37 vml000087 postfix/smtpd[11331]: connect from vml000067.dmz.nausch.org[10.0.0.67]
+Nov 20 09:14:37 vml000087 postfix/smtpd[11331]: 195FFC00088: client=vml000067.dmz.nausch.org[10.0.0.67]
+Nov 20 09:14:37 vml000087 postfix/cleanup[11337]: 195FFC00088: message-id=<>
+Nov 20 09:14:37 vml000087 postfix/cleanup[11337]: 195FFC00088: milter-reject: END-OF-MESSAGE from vml000067.dmz.nausch.org[10.0.0.67]: 5.7.0 Reject, id=02244-01 - spam; from=<me@example.com> to=<django@nausch.org> proto=ESMTP helo=<vml000067.dmz.nausch.org>
+Nov 20 09:14:37 vml000087 postfix/smtpd[11331]: disconnect from vml000067.dmz.nausch.org[10.0.0.67]
+</code>
+Mit der id **02244-01** können wir dann im Maillog des **AS/AV**((**A**nti**S**pam und **A**nti**V**irus))-Host Details zur SPAM-Bewertung herausfinden.
+   # less /var/log/maillog
+<code>Nov 20 09:14:19 vml000067 amavis[2243]: (02243-01) extra modules loaded: unicore/lib/Gc/Nd.pl
+Nov 20 09:14:19 vml000067 amavis[2243]: (02243-01) load: 100 %, total idle 0.000 s, busy 0.557 s
+Nov 20 09:14:37 vml000067 amavis[2244]: loaded policy bank "AM.PDP-SOCK"
+Nov 20 09:14:37 vml000067 amavis[2244]: process_request: fileno sock=13, STDIN=0, STDOUT=1
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: request=AM.PDP
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: queue_id=195FFC00088
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: sender=<me@example.com>
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: recipient=<django@nausch.org>
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: tempdir=/var/spool/amavisd/afXXXXSMIW7c
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: tempdir_removed_by=client
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: mail_file=/var/spool/amavisd/afXXXXSMIW7c/email.txt
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: delivery_care_of=client
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: client_address=10.0.0.67
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: client_name=vml000067.dmz.nausch.org
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: helo_name=vml000067.dmz.nausch.org
+Nov 20 09:14:37 vml000067 amavis[2244]: policy protocol: policy_bank=mx01.nausch.org
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) Request: AM.PDP  /var/spool/amavisd/afXXXXSMIW7c: <me@example.com> -> <django@nausch.org>
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) loaded policy bank "MYNETS" over "AM.PDP-SOCK"
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) body hash: 5e4a6c05336dff65870f1c8870955b2a
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) ip_trace: 10.0.0.67
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) Checking: vHWwCUxVEbSn AM.PDP-SOCK/MYNETS [10.0.0.67] <me@example.com> -> <django@nausch.org>
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) 2822.From: <"Euro Dice Casino">, 2821.Mail_From: <me@example.com>
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) p001 1 Content-Type: text/plain, size: 24 B, name:
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) inspect_dsn: not a bounce
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) Checking for banned types and filenames
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) skipping banned check: all recipients bypass banned checks
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) presenting full original message to scanners as /var/spool/amavisd/afXXXXSMIW7c/parts/p002
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) run_av Using (ClamAV-clamd): (code) CONTSCAN /var/spool/amavisd/afXXXXSMIW7c/parts\n
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) ClamAV-clamd: Connecting to socket  /var/run/clamd.amavisd/clamd.sock
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) new socket by IO::Socket::UNIX to /var/run/clamd.amavisd/clamd.sock, timeout 10
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) ClamAV-clamd: Sending CONTSCAN /var/spool/amavisd/afXXXXSMIW7c/parts\n to socket /var/run/clamd.amavisd/clamd.sock
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) rw_loop read: got eof
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) run_av (ClamAV-clamd): CLEAN
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) run_av (ClamAV-clamd) result: clean
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) calling SA parse (0), SA vers 3.3.2, 3.003002, data as STRING, recips_ind [0], user: "amavis"
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) spam_scan: score=19.14 autolearn=no tests=[ALL_TRUSTED=-1,HEADER_FROM_CHECKS_NR_2001=20,MISSING_MID=0.14] recips=0
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) blocking contents category is (6) for django@nausch.org, final_destiny -3
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) do_notify_and_quar: ccat=Spam (6,0) ("6":Spam, "5":Spammy, "1,1":CleanTag, "1":Clean, "0":CatchAll) ccat_block=(6), qar_mth=
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) delivery method is 1, recips: django@nausch.org
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) DSN: sender is credible (orig), SA: 19.140, <me@example.com>
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) status counters: InMsgsStatus{Rejected,RejectedInternal,RejectedOriginating}
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) Blocked SPAM {RejectedInternal}, AM.PDP-SOCK/MYNETS LOCAL [10.0.0.67] <me@example.com> -> <django@nausch.org>, Queue-ID: 195FFC00088, mail_id: vHWwCUxVEbSn, Hits: 19.14, size: 413, 373 ms
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) TIMING-SA total 318 ms - parse: 1.04 (0.3%), extract_message_metadata: 3 (0.8%), get_uri_detail_list: 0.25 (0.1%), tests_pri_-1000: 6 (1.9%), tests_pri_-950: 1.82 (0.6%), tests_pri_-900: 1.19 (0.4%), tests_pri_-400: 0.93 (0.3%), tests_pri_0: 279 (87.8%), check_spf: 0.33 (0.1%), check_razor2: 249 (78.4%), check_pyzor: 0.34 (0.1%), tests_pri_500: 9 (2.9%), get_report: 0.88 (0.3%)
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) mail checking ended: version_server=2\nlog_id=02244-01\nsetreply=554 5.7.0 Reject,%20id=02244-01%20-%20spam\nreturn_value=reject\nexit_code=69
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) size: 413, TIMING [total 376 ms] - got data: 0.0 (0%)0, check_init: 3.7 (1%)1, digest_hdr: 1.0 (0%)1, digest_body_dkim: 0.4 (0%)1, collect_info: 1.7 (0%)2, mkdir parts: 1.5 (0%)2, mime_decode: 10 (3%)5, get-file-type1: 14 (4%)9, parts_decode: 0.1 (0%)9, check_header: 0.4 (0%)9, AV-scan-1: 8 (2%)11, spam-wb-list: 0.6 (0%)11, SA msg read: 0.6 (0%)11, SA parse: 2.7 (1%)12, SA check: 311 (82%)94, decide_mail_destiny: 8 (2%)96, notif-quar: 0.5 (0%)97, prepare-dsn: 0.7 (0%)97, report: 1.4 (0%)97, main_log_entry: 8 (2%)99, update_snmp: 1.6 (0%)100, rundown: 1.2 (0%)100
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) extra modules loaded: unicore/lib/Gc/Nd.pl
+Nov 20 09:14:37 vml000067 amavis[2244]: (02244-01) load: 100 %, total idle 0.000 s, busy 0.408 s
+</code>
+Der SPAM Score von **19.14** wird hauptsächlich von Wert **HEADER_FROM_CHECKS_NR_2001=20** gespeist. Somit wissen wir auch, welche unserer Definitionen aus der Spamassassin-Konfigurationsdatei //**/etc/mail/spamassassin/local.cf**// angesprochen hat.
 ==== SPAM (GTUBE) ====
-Zum Testen des Spamassassin schicken wir uns nun eine eMail via **telnet** und schicken im Mailbody den **[[http://spamassassin.apache.org/gtube/|GTUBE]]**((**G**eneric **T**est for **U**nsolicited **B**ulk **E**mail))-Teststring von der Seite [[http://spamassassin.apache.org/gtube/gtube.txt]] mit.
+Zum Testen des Spamassassin schicken wir uns nun eine eMail via **telnet** und schicken im Mailbody den **[[http://spamassassin.apache.org/gtube/|GTUBE]]**((**G**eneric **T**est for **U**nsolicited **B**ulk **E**mail))-Teststring von der Seite [[http://spamassassin.apache.org/gtube/gtube.txt]] bzw. von //**/usr/share/doc/spamassassin-3.3.2/sample-spam.txt**// mit.
    $ telnet 10.0.0.87 25
 <code>Trying 10.0.0.87...
@@ Zeile 809: / Zeile 909: @@
 ====== Links ======
-FIXME
+  * **⇐ [[centos:mail_c7:spam_7|Zurück zum Kapitel "ClamAV für AMaViS unter CentOS 7.x"]]**
+  * **⇐ [[centos:mail_c7:spam_7|Zurück zum Kapitel "Grundinstallation von AMaViS unter CentOS 7.x"]]**
+  * **⇒ [[centos:mail_c7:spam_9|Weiter zum Kapitel "DKIM - Domain Key Identified Mail unter CentOS 7.x"]]**
+  * **[[centos:mail_c7:start|Zurück zum Kapitel >>Mailserverinstallation unter CentOS 7<<]]**
+  * **[[wiki:start|Zurück zu >>Projekte und Themenkapitel<<]]**
+  * **[[http://dokuwiki.nausch.org/doku.php/|Zurück zur Startseite]]**