Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

centos:mail_c7:spam_8 [20.04.2018 10:33. ]
centos:mail_c7:spam_8 [22.07.2019 15:01. ] (aktuell)
Zeile 1: Zeile 1:
 +====== Spamassassin für AMaViS unter CentOS 7.x ======
 +{{:​centos:​mail_c7:​spamassassin-logobar.png?​nolink&​400 |Bild: Logo Apache Spamassassin}} ​
 +===== Grundlagen =====
 +**[[http://​spamassassin.apache.org/​|SpamAssassin]]** ist ein weitverbreitetes Filterprogramm,​ mit dem unerwünschte eMails (Spam) automatisch erkannt und aussortiert werden können. Ebenso wie **[[centos:​mail_c7:​spam_6|AMaViS]]** ist **SpamAssassin** ein Perl-Programm,​ mit der eine inhaltliche Bewertung einer eMail erfolgt. SpamAssassin selbst ermittelt und berechnet einen Scoring-Wert einer jeden eMail und übergibt diesen Wert an AMaVis. AMaViS selbst kann nun an Hand des übermittelten Scoringwertes eine eMail durchlassen,​ taggen (also z.B. die Betreffzeile manipulieren) oder ablehnen. SpamAssassin ist also nur ein Backendsystem von AMaViS. ​
 +
 +{{page>​centos:​mail_c7:​amavis&​nofooter}} ​
 +
 +Für die Unterscheidung zwischen **HAM**((erwünschten Nachrichten)) und **SPAM**((unerwünschten Nachrichten)) bedient sich SpamAssassin unterschiedlicher Techniken:
 +  * Abfrage von **RBLs**((**R**eal **B**lackhole **L**ists)).
 +  * Abfrage von Prüfsummenbasierten Filtern wie DCC, Pyzor und Razor.
 +  * Nutzung regulärer Ausdrücke zum statischen Bewerten der eMails
 +  * Nutzung interner Bayesscher Filter, die auf Grund der Einteilung der bisher empfangenen eMails statistisch die Wahrscheinlichkeit von HAM zu SPAM ermitteln.
 +
 +===== Installation =====
 +Wie üblich installieren wir die benötigten Programmpakete via **YUM**, falls das Paket nicht gleich bei der Installation von [[centos:​mail_c7:​spam_6?&#​amavisd|AMaViS]] mitinstalliert wurde.
 +   # yum install spamassassin -y
 +
 +===== Programminfo =====
 + Was uns das Paket alle bei der Installation mitgebracht hat, zeigt uns ein Blick in das installierte **rpm**.
 +   # rpm -qil spamassassin
 +<​code>​Name ​       : spamassassin ​                                                                                                                                  
 +Version ​    : 3.3.2                                                                                                                                          ​
 +Release ​    : 18.el7 ​                                                                                                                                        
 +Architecture:​ x86_64 ​                                                                                                                                        
 +Install Date: Fri 14 Nov 2014 02:10:06 PM CET                                                                                                                ​
 +Group       : Applications/​Internet ​                                                                                                                         ​
 +Size        : 3332061 ​                                                                                                                                       ​
 +License ​    : ASL 2.0                                                                                                                                        ​
 +Signature ​  : RSA/SHA256, Fri 04 Jul 2014 07:03:21 AM CEST, Key ID 24c6a8a7f4a80eb5 ​                                                                         ​
 +Source RPM  : spamassassin-3.3.2-18.el7.src.rpm ​                                                                                                             ​
 +Build Date  : Tue 10 Jun 2014 07:31:27 AM CEST                                                                                                               
 +Build Host  : worker1.bsys.centos.org ​                                                                                                                       ​
 +Relocations : (not relocatable) ​                                                                                                                             ​
 +Packager ​   : CentOS BuildSystem <​http://​bugs.centos.org> ​                                                                                                   ​
 +Vendor ​     : CentOS ​                                                                                                                                        
 +URL         : http://​spamassassin.apache.org/ ​                                                                                                               ​
 +Summary ​    : Spam filter for email which can be invoked from mail delivery agents ​                                                                          
 +Description :                                                                                                                                                ​
 +SpamAssassin provides you with a way to reduce if not completely eliminate ​                                                                                  
 +Unsolicited Commercial Email (SPAM) from your incoming email. ​ It can                                                                                        ​
 +be invoked by a MDA such as sendmail or postfix, or can be called from                                                                                       
 +a procmail script, .forward file, etc.  It uses a genetic-algorithm ​                                                                                         ​
 +evolved scoring system to identify messages which look spammy, then                                                                                          ​
 +adds headers to the message so they can be filtered by the user's mail                                                                                       
 +reading software. ​ This distribution includes the spamd/spamc components ​                                                                                    
 +which create a server that considerably speeds processing of mail.                                                                                           
 +
 +To enable spamassassin,​ if you are receiving mail locally, simply add
 +this line to your ~/​.procmailrc: ​                                    
 +INCLUDERC=/​etc/​mail/​spamassassin/​spamassassin-default.rc ​            
 +
 +To filter spam for all users, add that line to /​etc/​procmailrc
 +(creating if necessary). ​                                     ​
 +/​etc/​cron.d/​sa-update ​                                        
 +/​etc/​logrotate.d/​sa-update ​                                   ​
 +/​etc/​mail ​                                                    
 +/​etc/​mail/​spamassassin ​                                       ​
 +/​etc/​mail/​spamassassin/​channel.d ​                             ​
 +/​etc/​mail/​spamassassin/​channel.d/​sought.conf ​                 ​
 +/​etc/​mail/​spamassassin/​channel.d/​spamassassin-official.conf ​  
 +/​etc/​mail/​spamassassin/​init.pre ​                              
 +/​etc/​mail/​spamassassin/​local.cf ​                              
 +/​etc/​mail/​spamassassin/​sa-update-keys ​                        
 +/​etc/​mail/​spamassassin/​spamassassin-default.rc ​               ​
 +/​etc/​mail/​spamassassin/​spamassassin-helper.sh ​                
 +/​etc/​mail/​spamassassin/​spamassassin-spamc.rc ​                 ​
 +/​etc/​mail/​spamassassin/​v310.pre ​                              
 +/​etc/​mail/​spamassassin/​v312.pre ​                              
 +/​etc/​mail/​spamassassin/​v320.pre ​                              
 +/​etc/​mail/​spamassassin/​v330.pre ​                              
 +/​etc/​portreserve/​spamd ​                                       ​
 +/​etc/​sysconfig/​sa-update ​                                     ​
 +/​etc/​sysconfig/​spamassassin ​                                  
 +/​usr/​bin/​sa-awl ​                                              
 +/​usr/​bin/​sa-check_spamd ​                                      
 +/​usr/​bin/​sa-compile ​                                          
 +/​usr/​bin/​sa-learn ​                                            
 +/​usr/​bin/​sa-update ​                                           ​
 +/​usr/​bin/​spamassassin ​                                        
 +/​usr/​bin/​spamc ​                                               ​
 +/​usr/​bin/​spamd ​                                               ​
 +/​usr/​lib/​systemd/​system/​spamassassin.service ​                 ​
 +/​usr/​share/​doc/​spamassassin-3.3.2 ​                            
 +/​usr/​share/​doc/​spamassassin-3.3.2/​CREDITS ​                    
 +/​usr/​share/​doc/​spamassassin-3.3.2/​Changes ​                    
 +/​usr/​share/​doc/​spamassassin-3.3.2/​LICENSE ​                    
 +/​usr/​share/​doc/​spamassassin-3.3.2/​NOTICE ​                     ​
 +/​usr/​share/​doc/​spamassassin-3.3.2/​README ​                     ​
 +/​usr/​share/​doc/​spamassassin-3.3.2/​README.RHEL.Fedora ​         ​
 +/​usr/​share/​doc/​spamassassin-3.3.2/​TRADEMARK ​                  
 +/​usr/​share/​doc/​spamassassin-3.3.2/​UPGRADE ​                    
 +/​usr/​share/​doc/​spamassassin-3.3.2/​USAGE ​                      
 +/​usr/​share/​doc/​spamassassin-3.3.2/​sample-nonspam.txt ​         ​
 +/​usr/​share/​doc/​spamassassin-3.3.2/​sample-spam.txt ​            
 +/​usr/​share/​man/​man1/​sa-awl.1.gz ​                              
 +/​usr/​share/​man/​man1/​sa-compile.1.gz ​                          
 +/​usr/​share/​man/​man1/​sa-learn.1.gz ​                            
 +/​usr/​share/​man/​man1/​sa-update.1.gz ​                           ​
 +/​usr/​share/​man/​man1/​spamassassin-run.1.gz ​                    
 +/​usr/​share/​man/​man1/​spamassassin.1.gz ​                        
 +/​usr/​share/​man/​man1/​spamc.1.gz ​                               ​
 +/​usr/​share/​man/​man1/​spamd.1.gz ​                               ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin.3pm.gz ​                
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​AICache.3pm.gz ​       ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​ArchiveIterator.3pm.gz
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​AsyncLoop.3pm.gz ​     ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​AutoWhitelist.3pm.gz  ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Bayes.3pm.gz ​         ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​BayesStore.3pm.gz ​    
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​BayesStore::​BDB.3pm.gz
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​BayesStore::​MySQL.3pm.gz
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​BayesStore::​PgSQL.3pm.gz
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​BayesStore::​SQL.3pm.gz  ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Client.3pm.gz ​          
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Conf.3pm.gz ​            
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Conf::​LDAP.3pm.gz ​      
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Conf::​Parser.3pm.gz ​    
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Conf::​SQL.3pm.gz ​       ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​DnsResolver.3pm.gz ​     ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Logger.3pm.gz ​          
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Logger::​File.3pm.gz ​    
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Logger::​Stderr.3pm.gz ​  
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Logger::​Syslog.3pm.gz ​  
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Message.3pm.gz ​         ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Message::​Metadata.3pm.gz
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Message::​Node.3pm.gz ​   ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​PerMsgLearner.3pm.gz ​   ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​PerMsgStatus.3pm.gz ​    
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​PersistentAddrList.3pm.gz
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin.3pm.gz ​           ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​ASN.3pm.gz ​      
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​AWL.3pm.gz ​      
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​AccessDB.3pm.gz  ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​AntiVirus.3pm.gz ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​AutoLearnThreshold.3pm.gz
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Bayes.3pm.gz ​            
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​BodyRuleBaseExtractor.3pm.gz
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Check.3pm.gz ​               ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​DCC.3pm.gz ​                 ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​DKIM.3pm.gz ​                
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Hashcash.3pm.gz ​            
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​MIMEHeader.3pm.gz ​          
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​OneLineBodyRuleType.3pm.gz  ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​PhishTag.3pm.gz ​            
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Pyzor.3pm.gz ​               ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Razor2.3pm.gz ​              
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​RelayCountry.3pm.gz ​        
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​ReplaceTags.3pm.gz ​         ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Reuse.3pm.gz ​               ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Rule2XSBody.3pm.gz ​         ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​SPF.3pm.gz ​                 ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Shortcircuit.3pm.gz ​        
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​SpamCop.3pm.gz ​             ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​Test.3pm.gz ​                
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​TextCat.3pm.gz ​             ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​URIDNSBL.3pm.gz ​            
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​URIDetail.3pm.gz ​           ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​VBounce.3pm.gz ​             ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Plugin::​WhiteListSubject.3pm.gz ​    
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​PluginHandler.3pm.gz ​               ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​SQLBasedAddrList.3pm.gz ​            
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​SubProcBackChannel.3pm.gz ​          
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Timeout.3pm.gz ​                     ​
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Util.3pm.gz ​                        
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Util::​DependencyInfo.3pm.gz ​        
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Util::​Progress.3pm.gz ​              
 +/​usr/​share/​man/​man3/​Mail::​SpamAssassin::​Util::​RegistrarBoundaries.3pm.gz ​   ​
 +/​usr/​share/​man/​man3/​spamassassin-run.3pm.gz ​                                
 +/​usr/​share/​perl5/​vendor_perl/​Mail ​                                          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin ​                             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin.pm ​                          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​AICache.pm ​                  
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​ArchiveIterator.pm ​          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​AsyncLoop.pm ​                
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​AutoWhitelist.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Bayes ​                       ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Bayes.pm ​                    
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Bayes/​CombineChi.pm ​         ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Bayes/​CombineNaiveBayes.pm ​  
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​BayesStore ​                  
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​BayesStore.pm ​               ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​BayesStore/​BDB.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​BayesStore/​DBM.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​BayesStore/​MySQL.pm ​         ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​BayesStore/​PgSQL.pm ​         ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​BayesStore/​SDBM.pm ​          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​BayesStore/​SQL.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Client.pm ​                   ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Conf ​                        
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Conf.pm ​                     ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Conf/​LDAP.pm ​                
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Conf/​Parser.pm ​              
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Conf/​SQL.pm ​                 ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Constants.pm ​                
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​DBBasedAddrList.pm ​          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Dns.pm ​                      
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​DnsResolver.pm ​              
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​HTML.pm ​                     ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Locales.pm ​                  
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Locker ​                      
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Locker.pm ​                   ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Locker/​Flock.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Locker/​UnixNFSSafe.pm ​       ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Locker/​Win32.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Logger ​                      
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Logger.pm ​                   ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Logger/​File.pm ​              
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Logger/​Stderr.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Logger/​Syslog.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​MailingList.pm ​              
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Message ​                     ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Message.pm ​                  
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Message/​Metadata ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Message/​Metadata.pm ​         ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Message/​Metadata/​Received.pm ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Message/​Node.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​NetSet.pm ​                   ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​PerMsgLearner.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​PerMsgStatus.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​PersistentAddrList.pm ​       ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin ​                      
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin.pm ​                   ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​ASN.pm ​               ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​AWL.pm ​               ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​AccessDB.pm ​          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​AntiVirus.pm ​         ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​AutoLearnThreshold.pm ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Bayes.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​BodyEval.pm ​          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​BodyRuleBaseExtractor.pm
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Check.pm ​               ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​DCC.pm ​                 ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​DKIM.pm ​                
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​DNSEval.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​FreeMail.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​HTMLEval.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​HTTPSMismatch.pm ​       ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Hashcash.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​HeaderEval.pm ​          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​ImageInfo.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​MIMEEval.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​MIMEHeader.pm ​          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​OneLineBodyRuleType.pm  ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​PhishTag.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Pyzor.pm ​               ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Razor2.pm ​              
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​RelayCountry.pm ​        
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​RelayEval.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​ReplaceTags.pm ​         ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Reuse.pm ​               ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Rule2XSBody.pm ​         ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​SPF.pm ​                 ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Shortcircuit.pm ​        
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​SpamCop.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​Test.pm ​                
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​TextCat.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​URIDNSBL.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​URIDetail.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​URIEval.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​VBounce.pm ​             ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​WLBLEval.pm ​            
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Plugin/​WhiteListSubject.pm ​    
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​PluginHandler.pm ​              
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Reporter.pm ​                   ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​SQLBasedAddrList.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​SpamdForkScaling.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​SubProcBackChannel.pm ​         ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Timeout.pm ​                    
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Util ​                          
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Util.pm ​                       ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Util/​DependencyInfo.pm ​        
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Util/​Progress.pm ​              
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Util/​RegistrarBoundaries.pm ​   ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Util/​ScopedTimer.pm ​           ​
 +/​usr/​share/​perl5/​vendor_perl/​Mail/​SpamAssassin/​Util/​TieOneStringHash.pm ​      
 +/​usr/​share/​perl5/​vendor_perl/​spamassassin-run.pod ​                            
 +/​usr/​share/​spamassassin ​                                                      
 +/​usr/​share/​spamassassin/​10_default_prefs.cf ​                                  
 +/​usr/​share/​spamassassin/​20_advance_fee.cf ​                                    
 +/​usr/​share/​spamassassin/​20_aux_tlds.cf ​                                       ​
 +/​usr/​share/​spamassassin/​20_body_tests.cf ​                                     ​
 +/​usr/​share/​spamassassin/​20_compensate.cf ​                                     ​
 +/​usr/​share/​spamassassin/​20_dnsbl_tests.cf ​                                    
 +/​usr/​share/​spamassassin/​20_drugs.cf ​                                          
 +/​usr/​share/​spamassassin/​20_dynrdns.cf ​                                        
 +/​usr/​share/​spamassassin/​20_fake_helo_tests.cf ​                                
 +/​usr/​share/​spamassassin/​20_freemail.cf ​                                       ​
 +/​usr/​share/​spamassassin/​20_freemail_domains.cf
 +/​usr/​share/​spamassassin/​20_head_tests.cf
 +/​usr/​share/​spamassassin/​20_html_tests.cf
 +/​usr/​share/​spamassassin/​20_imageinfo.cf
 +/​usr/​share/​spamassassin/​20_meta_tests.cf
 +/​usr/​share/​spamassassin/​20_net_tests.cf
 +/​usr/​share/​spamassassin/​20_phrases.cf
 +/​usr/​share/​spamassassin/​20_porn.cf
 +/​usr/​share/​spamassassin/​20_ratware.cf
 +/​usr/​share/​spamassassin/​20_uri_tests.cf
 +/​usr/​share/​spamassassin/​20_vbounce.cf
 +/​usr/​share/​spamassassin/​23_bayes.cf
 +/​usr/​share/​spamassassin/​25_accessdb.cf
 +/​usr/​share/​spamassassin/​25_antivirus.cf
 +/​usr/​share/​spamassassin/​25_asn.cf
 +/​usr/​share/​spamassassin/​25_dcc.cf
 +/​usr/​share/​spamassassin/​25_dkim.cf
 +/​usr/​share/​spamassassin/​25_hashcash.cf
 +/​usr/​share/​spamassassin/​25_pyzor.cf
 +/​usr/​share/​spamassassin/​25_razor2.cf
 +/​usr/​share/​spamassassin/​25_replace.cf
 +/​usr/​share/​spamassassin/​25_spf.cf
 +/​usr/​share/​spamassassin/​25_textcat.cf
 +/​usr/​share/​spamassassin/​25_uribl.cf
 +/​usr/​share/​spamassassin/​30_text_de.cf
 +/​usr/​share/​spamassassin/​30_text_fr.cf
 +/​usr/​share/​spamassassin/​30_text_it.cf
 +/​usr/​share/​spamassassin/​30_text_nl.cf
 +/​usr/​share/​spamassassin/​30_text_pl.cf
 +/​usr/​share/​spamassassin/​30_text_pt_br.cf
 +/​usr/​share/​spamassassin/​50_scores.cf
 +/​usr/​share/​spamassassin/​60_adsp_override_dkim.cf
 +/​usr/​share/​spamassassin/​60_awl.cf
 +/​usr/​share/​spamassassin/​60_shortcircuit.cf
 +/​usr/​share/​spamassassin/​60_whitelist.cf
 +/​usr/​share/​spamassassin/​60_whitelist_dkim.cf
 +/​usr/​share/​spamassassin/​60_whitelist_spf.cf
 +/​usr/​share/​spamassassin/​60_whitelist_subject.cf
 +/​usr/​share/​spamassassin/​72_active.cf
 +/​usr/​share/​spamassassin/​72_scores.cf
 +/​usr/​share/​spamassassin/​73_sandbox_manual_scores.cf
 +/​usr/​share/​spamassassin/​STATISTICS-set0-72_scores.cf.txt
 +/​usr/​share/​spamassassin/​STATISTICS-set1-72_scores.cf.txt
 +/​usr/​share/​spamassassin/​STATISTICS-set2-72_scores.cf.txt
 +/​usr/​share/​spamassassin/​STATISTICS-set3-72_scores.cf.txt
 +/​usr/​share/​spamassassin/​languages
 +/​usr/​share/​spamassassin/​local.cf
 +/​usr/​share/​spamassassin/​regression_tests.cf
 +/​usr/​share/​spamassassin/​sa-update-pubkey.txt
 +/​usr/​share/​spamassassin/​sa-update.cron
 +/​usr/​share/​spamassassin/​user_prefs.template
 +/​var/​lib/​spamassassin
 +/​var/​run/​spamassassin
 +</​code>​
 +
 +===== Konfiguration =====
 +==== spamassassin ====
 +Eine besondere Konfiguration von SpamAssassin ist eigentlich nicht notwendig. Im Verzeichnis //​**/​etc/​mail/​spamassassin/​**//​ befindet sich die Konfigurationsdatei **local.cf** mit Hilfe derer lokale Anpassungen an der Installation vorgenommen werden können.
 +   # vim /​etc/​mail/​spamassassin/​local.cf
 +
 +<file bash /​etc/​mail/​spamassassin/​local.cf>​ These values can be overridden by editing ~/​.spamassassin/​user_prefs.cf
 +# (see spamassassin(1) for details)
 +
 +# These should be safe assumptions and allow for simple visual sifting
 +# without risking lost emails.
 +
 +# Ab welchem Punktestand soll eine eMail als Spam betrachtet werden?
 +required_hits 5
 +
 +# Diese Option legt fest, wie SpamAssassin eine als Spam eingestufte E-Mail markieren soll. Sofern ​
 +# report_safe 0 definiert wurde, fügt Spamassassin lediglich einige X-Spam-Header ein und lässt die
 +# E-Mail ansonsten unverändert.
 +report_safe 0
 +
 +# Mit dieser Option wird definiert, daß eine Nachricht, welche als SPAM klassifiziert wurde, zusätzlich ​
 +# mit dem Hinweis "​[SPAM]"​ in der Betreffzeile gekennzeichnet werden sollen.
 +rewrite_header Subject [SPAM]
 +
 +# Diese Direktive bestimmt, welche Sperrmethode verwendet wird, um die beiden Datenbanken (Bayes- und 
 +# Autowhitelisting) vor gleichzeitigen Zugriffen zu schützen. Wenn sichergestellt ist, daß auf die beiden ​
 +# Datenbanken nie über ein NFS zugegriffen wird, kann auf Unix-Plattformen ​ erheblich an Performance ​
 +# gewonnen werden, indem die Sperrmethode flock verwendet wird.
 +lock_method flock
 +
 +# lokale Headerchecks
 +# Änderungen werden aufsteigend eingetragen,​ d.h. die neuesten Einträge sind *immer* oben zu finden!
 +# /i = i Case-Insensitivity (die Nichtbeachtung von Groß- und Kleinschreibung) einschalten
 +# /m = m Multiline-Faehigkeit - Zeilenumbrueche ignorieren
 +
 +# Header-Checks basierend auf IP-Adressen im Mailheader (Nummerierung 1000 - 1999):
 +
 +# whitelisting
 +header ​         HEADER_RECEIVED_CHECKS_NR_1001 ​  ​Received =~ /​^.*198.51.100/​im
 +score           ​HEADER_RECEIVED_CHECKS_NR_1001 ​  -5
 +tflags ​         HEADER_RECEIVED_CHECKS_NR_1001 ​  ​noautolearn
 +
 +# blacklisting
 +header ​         HEADER_RECEIVED_CHECKS_NR_1000 ​  ​Received =~ /​^.*203.0.113/​im
 +score           ​HEADER_RECEIVED_CHECKS_NR_1000 ​  20
 +tflags ​         HEADER_RECEIVED_CHECKS_NR_1000 ​  ​noautolearn
 +
 +
 +# Header-Checks basierend auf "​From"​ im Mailheader ​ (Nummerierung 2000 - 2999):
 +
 +header ​         HEADER_FROM_CHECKS_NR_2004 ​      From =~ /​^.*bild-nachrichten.net/​im
 +score           ​HEADER_FROM_CHECKS_NR_2004 ​      20
 +tflags ​         HEADER_FROM_CHECKS_NR_2004 ​      ​noautolearn
 +
 +header ​         HEADER_FROM_CHECKS_NR_2003 ​      From =~ /^Gold Ring Support.*/​im
 +score           ​HEADER_FROM_CHECKS_NR_2003 ​      20
 +tflags ​         HEADER_FROM_CHECKS_NR_2003 ​      ​noautolearn
 +
 +header ​         HEADER_FROM_CHECKS_NR_2002 ​      From =~ /​^.*Ruby.*/​im
 +score           ​HEADER_FROM_CHECKS_NR_2002 ​      20
 +tflags ​         HEADER_FROM_CHECKS_NR_2002 ​      ​noautolearn
 +
 +header ​         HEADER_FROM_CHECKS_NR_2001 ​      From =~ /^.*Euro Dice Casino/im
 +score           ​HEADER_FROM_CHECKS_NR_2001 ​      20
 +tflags ​         HEADER_FROM_CHECKS_NR_2001 ​      ​noautolearn
 +
 +header ​         HEADER_FROM_CHECKS_NR_2000 ​      From =~ /​^.*belohnungs-abteilung/​im
 +score           ​HEADER_FROM_CHECKS_NR_2000 ​      20
 +tflags ​         HEADER_FROM_CHECKS_NR_2000 ​      ​noautolearn
 +
 +
 +# Header-Checks basierend auf "​Subject"​ im Mailheader ​ (Nummerierung 3000 - 3999):
 +
 +header ​         HEADER_SUBJECT_CHECKS_NR_3002 ​   Subject =~ /​.*Risk.net.*/​im
 +score           ​HEADER_SUBJECT_CHECKS_NR_3002 ​   20
 +tflags ​         HEADER_SUBJECT_CHECKS_NR_3002 ​   noautolearn
 +
 +header ​         HEADER_SUBJECT_CHECKS_NR_3001 ​   Subject =~ /.*Ruby Palace.*/im
 +score           ​HEADER_SUBJECT_CHECKS_NR_3001 ​   20
 +tflags ​         HEADER_SUBJECT_CHECKS_NR_3001 ​   noautolearn
 +
 +# Header-Checks basierend auf "​X-Mailer"​ im Mailheader ​ (Nummerierung 4000 - 4999):
 +
 +header ​         HEADER_XMAILER_CHECKS_NR_4000 ​   X-Mailer =~ /​.*\b(E-Broadcaster|Emailer Platinum|eMarksman|Extractor|e-Merge|from stealth[^.]|Global Messenger|GroupMaster|Mailcast|MailKing|Match10|MassE-Mail|massmail\.pl|News Breaker|Powermailer|Quick Shot|Ready Aim Fire|WindoZ|WorldMerge|Yourdora|SEKOFOXM|Blat.v3.1.1)\b/​im
 +score           ​HEADER_XMAILER_CHECKS_NR_4000 ​   20
 +tflags ​         HEADER_XMAILER_CHECKS_NR_4000 ​   noautolearn
 +</​file>​
 +
 +==== amavisd ====
 +Zur Konfiguration von **AMaViS** haben wir bei der zugehörigen Konfigurationsdatei //​**/​etc/​amavisd/​amavisd.conf**//​ bei der Installation und [[|Konfiguration]] von AMaViS bereits die Section **SPAM POLICY** angelegt.
 +   # vim /​etc/​amavisd/​amavisd.conf
 +
 +<code perl>################################################################################​
 +## SPAM POLICY
 +#
 +
 +# Check aktivieren?
 +# @bypass_spam_checks_maps ​ = (1);
 +
 +# In Quarantäne?​
 +$spam_quarantine_to = undef;
 +
 +# Admin benachrichtigen?​
 +$spam_admin = undef;
 +
 +# Recipient-Adresse bei Release erweitern?
 +@addr_extension_spam_maps = ('​spam'​);​
 +
 +# E-Mail bei Release wrappen?
 +$defang_spam = undef;
 +
 +# Wollen wir Content transportieren?​
 +$final_spam_destiny = D_REJECT;
 +
 +# add spam info headers if at, or above that level
 +$sa_tag_level_deflt ​ = -1000.0;
 +# add 'spam detected'​ headers at that level
 +$sa_tag2_level_deflt = 6.31;
 +# triggers spam evasive actions (e.g. blocks mail)
 +$sa_kill_level_deflt = 6.31;
 +# spam level beyond which a DSN is not sent
 +$sa_dsn_cutoff_level = 10;
 +# likewise, but for a likely valid From
 +$sa_crediblefrom_dsn_cutoff_level = 18;
 +# spam level beyond which quarantine is off
 +# $sa_quarantine_cutoff_level = 25;
 +
 +# (no effect without a @storage_sql_dsn database)
 +$penpals_bonus_score = 8;
 +# don't waste time on hi spam
 +$penpals_threshold_high = $sa_kill_level_deflt;​
 +# spam score points to add for joe-jobbed bounces
 +$bounce_killer_score = 100;
 +# don't waste time on SA if mail is larger
 +$sa_mail_body_size_limit = 400*1024;
 +# only tests which do not require internet access?
 +$sa_local_tests_only = 0;
 +
 +$sa_spam_subject_tag = '​***Spam*** ';
 +</​code>​
 +
 +Somit müssen wir auf Seiten von AMaViS keine zusätzlichen Einstellungen vornehmen.
 +
 +===== Programmstart =====
 +==== erster Systemstart ====
 +Nun können wir unseren Anti-SMAP-Daemon das erste mal starten.
 +   # systemctl start spamassassin
 +
 +Den Status des Daemon fragen wir bei Bedarf wie folgt ab.
 +   # systemctl status spamassassin
 +
 +<​code>​spamassassin.service - Spamassassin daemon
 +   ​Loaded:​ loaded (/​usr/​lib/​systemd/​system/​spamassassin.service;​ disabled)
 +   ​Active:​ active (running) since Wed 2014-11-19 18:52:53 CET; 2s ago
 +  Process: 12346 ExecStart=/​usr/​bin/​spamd --pidfile /​var/​run/​spamd.pid $SPAMDOPTIONS (code=exited,​ status=0/​SUCCESS)
 +  Process: 12345 ExecStartPre=/​sbin/​portrelease spamd (code=exited,​ status=0/​SUCCESS)
 + Main PID: 12350 (/​usr/​bin/​spamd )
 +   ​CGroup:​ /​system.slice/​spamassassin.service
 +           ​├─12350 /​usr/​bin/​spamd --pidfile /​var/​run/​spamd.pid -d -c -m5 -H
 +           ​├─12351 spamd child
 +           ​└─12352 spamd child
 +
 +Nov 19 18:52:46 vml000067.dmz.nausch.org systemd[1]: Starting Spamassassin daemon...
 +Nov 19 18:52:46 vml000067.dmz.nausch.org spamd[12346]:​ logger: removing stderr method
 +Nov 19 18:52:53 vml000067.dmz.nausch.org spamd[12350]:​ spamd: server started on port 783/tcp (running version 3.3.2)
 +Nov 19 18:52:53 vml000067.dmz.nausch.org spamd[12350]:​ spamd: server pid: 12350
 +Nov 19 18:52:53 vml000067.dmz.nausch.org spamd[12350]:​ spamd: server successfully spawned child process, pid 12351
 +Nov 19 18:52:53 vml000067.dmz.nausch.org spamd[12350]:​ spamd: server successfully spawned child process, pid 12352
 +Nov 19 18:52:53 vml000067.dmz.nausch.org systemd[1]: Started Spamassassin daemon.
 +Nov 19 18:52:53 vml000067.dmz.nausch.org spamd[12350]:​ prefork: child states: IS
 +Nov 19 18:52:53 vml000067.dmz.nausch.org spamd[12350]:​ prefork: child states: II
 +</​code>​
 +
 +Im Maillog wird der Start des Daemon entsprechend protokolliert. ​
 +
 +   # less /​var/​log/​maillog
 +<​code>​Nov 19 18:52:32 vml000067 spamd[11411]:​ spamd: server killed by SIGTERM, shutting down
 +Nov 19 18:52:46 vml000067 spamd[12346]:​ logger: removing stderr method
 +Nov 19 18:52:53 vml000067 spamd[12350]:​ spamd: server started on port 783/tcp (running version 3.3.2)
 +Nov 19 18:52:53 vml000067 spamd[12350]:​ spamd: server pid: 12350
 +Nov 19 18:52:53 vml000067 spamd[12350]:​ spamd: server successfully spawned child process, pid 12351
 +Nov 19 18:52:53 vml000067 spamd[12350]:​ spamd: server successfully spawned child process, pid 12352
 +Nov 19 18:52:53 vml000067 spamd[12350]:​ prefork: child states: IS
 +Nov 19 18:52:53 vml000067 spamd[12350]:​ prefork: child states: II
 +</​code>​
 +
 +In der Prozessübersicht finden wir dazu dann auch entsprechend folgene Prozesse.
 +   # ps auxwww | grep spam
 +<​code>​root ​    ​12350 ​ 0.3  3.3 283472 64072 ?        Ss   ​18:​52 ​  0:02 /​usr/​bin/​spamd --pidfile /​var/​run/​spamd.pid -d -c -m5 -H
 +root     ​12351 ​ 0.0  3.2 283472 61148 ?        S    18:52   0:00 spamd child
 +root     ​12352 ​ 0.0  3.2 283472 61152 ?        S    18:52   0:00 spamd child</​code>​
 +
 +Mit folgendem Befehl kann überprüft werden, auf welchem Port unser SpamAssassin horcht: ​
 +   # lsof -i :783
 +<​code>​COMMAND ​    PID USER   ​FD ​  TYPE DEVICE SIZE/OFF NODE NAME
 +/usr/bin/ 12350 root    5u  IPv4 122819 ​     0t0  TCP localhost:​783 (LISTEN)
 +spamd     12351 root    5u  IPv4 122819 ​     0t0  TCP localhost:​783 (LISTEN)
 +spamd     12352 root    5u  IPv4 122819 ​     0t0  TCP localhost:​783 (LISTEN)</​code>​
 +
 +Das gleiche können wir natürlich auch via **netstat** abrufen.
 +   # netstat -tulpen | grep spamd
 +
 +   ​tcp ​       0      0 127.0.0.1:​783 ​          ​0.0.0.0:​* ​              ​LISTEN ​     0          122819 ​    ​12350/​spamd.pid -d
 +
 +==== automatisches Starten des Dienste beim Systemstart ====
 +Damit nun unser AMaViS-Server beim Booten automatisch gestartet wird, nehmen wir noch folgende Konfigurationsschritte vor.
 +   # systemctl enable spamassassin
 +
 +   ln -s '/​usr/​lib/​systemd/​system/​spamassassin.service'​ '/​etc/​systemd/​system/​multi-user.target.wants/​spamassassin.service'​
 +
 +Wollen wir überprüfen ob der Dienst automatisch startet, verwenden wir folgenden Aufruf. ​
 +   # systemctl is-enabled spamassassin
 +
 +   ​enabled
 +
 +Die Rückmeldung **enabled** zeigt an, dass der Dienst automatisch startet; ein **disabled** zeigt entsprechend an, dass der Dienst __nicht__ automatisch startet.
 +
 +===== Tests =====
 +Haben wir die Konfiguration unseres **[[centos:​mail_c7:​spam_6|AMaViS]]** fertiggestellt,​ können wir uns auch daransetzen unsere **[[centos:​mail_c7:​spam_6?&#​programmstart|Spamassassin]]**-Installation zu überprüfen.
 +
 +==== HAM ====
 +Haben wir unsere **AMaViS**-Konfiguration abgeschlossen,​ schicken wir uns entweder via **telnet** eine Nachricht, oder nutzen das Hilfsprogramm **[[http://​www.jetmore.org/​john/​code/​swaks/​|swaks]]** für den tippfaulen Admin. ​
 +   # swaks --to django@nausch.org --from michael@nausch.org --header-X-Test "test email" --server 10.0.0.87
 +<​code>​=== Trying 10.0.0.87:​25...
 +=== Connected to 10.0.0.87.
 +<-  220 mx01.nausch.org ESMTP Postfix
 + -> EHLO vml000087.dmz.nausch.org
 +<-  250-mx01.nausch.org
 +<-  250-PIPELINING
 +<-  250-SIZE 52428800
 +<-  250-ETRN
 +<-  250-STARTTLS
 +<-  250-ENHANCEDSTATUSCODES
 +<-  250-8BITMIME
 +<-  250 DSN
 + -> MAIL FROM:<​michael@nausch.org>​
 +<-  250 2.1.0 Ok
 + -> RCPT TO:<​django@nausch.org>​
 +<-  250 2.1.5 Ok
 + -> DATA
 +<-  354 End data with <​CR><​LF>​.<​CR><​LF>​
 + -> Date: Wed, 19 Nov 2014 19:17:33 +0100
 + -> To: django@nausch.org
 + -> From: michael@nausch.org
 + -> Subject: test Wed, 19 Nov 2014 19:17:33 +0100
 + -> X-Mailer: swaks v20130209.0 jetmore.org/​john/​code/​swaks/​
 + -> X-Test: test email
 + ​-> ​
 + -> This is a test mailing
 + ​-> ​
 + -> .
 +<-  250 2.0.0 Ok: queued as C24B9C00088
 + -> QUIT
 +<-  221 2.0.0 Bye
 +=== Connection closed with remote host.
 +</​code>​
 +
 +Im Maillog des **MTA**((**M**ail **T**ransport **A**gent)) finden wir die einträge der erfolgreichen Zustellung.
 +   # less /​var/​log/​maillog
 +
 +<​code>​Nov 19 19:17:34 vml000087 postfix/​smtpd[10464]:​ connect from vml000087.dmz.nausch.org[10.0.0.87]
 +Nov 19 19:17:34 vml000087 postfix/​smtpd[10464]:​ C24B9C00088:​ client=vml000087.dmz.nausch.org[10.0.0.87]
 +Nov 19 19:17:34 vml000087 postfix/​cleanup[10470]:​ C24B9C00088:​ message-id=<​20141119181734.C24B9C00088@mx01.nausch.org>​
 +Nov 19 19:17:36 vml000087 postfix/​qmgr[8701]:​ C24B9C00088:​ from=<​michael@nausch.org>,​ size=535, nrcpt=1 (queue active)
 +Nov 19 19:17:36 vml000087 postfix/​smtpd[10464]:​ disconnect from vml000087.dmz.nausch.org[10.0.0.87]
 +Nov 19 19:17:36 vml000087 postfix/​lmtp[10471]:​ C24B9C00088:​ to=<​django@nausch.org>,​ relay=10.0.0.77[10.0.0.77]:​24,​ delay=2.9, delays=2.7/​0.02/​0.03/​0.13,​ dsn=2.0.0, status=sent (250 2.0.0 <​django@nausch.org>​ 6jMkM8DebFTdFwAArK2B9Q Saved)
 +Nov 19 19:17:36 vml000087 postfix/​qmgr[8701]:​ C24B9C00088:​ removed
 +</​code>​
 +
 +Auf Seiten unseres **AS/​AV**((**A**nti**S**pam und **A**nti**V**irus))-Hosts wird die Prüfung im Maillog dokumentiert.
 +   # less /​var/​log/​maillog
 +<​code>​Nov 19 19:17:34 vml000067 amavis[12129]:​ loaded policy bank "​AM.PDP-SOCK"​
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ process_request:​ fileno sock=13, STDIN=0, STDOUT=1
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: request=AM.PDP
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: queue_id=C24B9C00088
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: sender=<​michael@nausch.org>​
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: recipient=<​django@nausch.org>​
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: tempdir=/​var/​spool/​amavisd/​afXXXXulTBQB
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: tempdir_removed_by=client
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: mail_file=/​var/​spool/​amavisd/​afXXXXulTBQB/​email.txt
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: delivery_care_of=client
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: client_address=10.0.0.87
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: client_name=vml000087.dmz.nausch.org
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: helo_name=vml000087.dmz.nausch.org
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ policy protocol: policy_bank=mx01.nausch.org
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) Request: AM.PDP ​ /​var/​spool/​amavisd/​afXXXXulTBQB:​ <​michael@nausch.org>​ -> <​django@nausch.org>​
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) loaded policy bank "​MYNETS"​ over "​AM.PDP-SOCK"​
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) body hash: 5e4a6c05336dff65870f1c8870955b2a
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) ip_trace: 10.0.0.87
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) Checking: rMpVKZqRt9Zi AM.PDP-SOCK/​MYNETS [10.0.0.87] <​michael@nausch.org>​ -> <​django@nausch.org>​
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) 2822.From: <​michael@nausch.org>​
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) p001 1 Content-Type:​ text/plain, size: 24 B, name:
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) inspect_dsn:​ not a bounce
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) Checking for banned types and filenames
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) skipping banned check: all recipients bypass banned checks
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) presenting full original message to scanners as /​var/​spool/​amavisd/​afXXXXulTBQB/​parts/​p002
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) run_av Using (ClamAV-clamd):​ (code) CONTSCAN /​var/​spool/​amavisd/​afXXXXulTBQB/​parts\n
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) ClamAV-clamd:​ Connecting to socket ​ /​var/​run/​clamd.amavisd/​clamd.sock
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) new socket by IO::​Socket::​UNIX to /​var/​run/​clamd.amavisd/​clamd.sock,​ timeout 10
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) ClamAV-clamd:​ Sending CONTSCAN /​var/​spool/​amavisd/​afXXXXulTBQB/​parts\n to socket /​var/​run/​clamd.amavisd/​clamd.sock
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) rw_loop read: got eof
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) run_av (ClamAV-clamd):​ CLEAN
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) run_av (ClamAV-clamd) result: clean
 +Nov 19 19:17:34 vml000067 amavis[12129]:​ (12129-01) calling SA parse (0), SA vers 3.3.2, 3.003002, data as STRING, recips_ind [0], user: "​amavis"​
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) spam_scan: score=-1.01 autolearn=ham tests=[ALL_TRUSTED=-1,​T_RP_MATCHES_RCVD=-0.01] recips=0
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) do_notify_and_quar:​ ccat=CleanTag (1,1) ("​1,​1":​CleanTag,​ "​1":​Clean,​ "​0":​CatchAll) ccat_block=(),​ qar_mth=
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) delivery method is 1, recips: django@nausch.org
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) spam-tag, <​michael@nausch.org>​ -> <​django@nausch.org>,​ No, score=-1.01 tagged_above=-1000 required=6.31 tests=[ALL_TRUSTED=-1,​ T_RP_MATCHES_RCVD=-0.01] autolearn=ham
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) dkim: candidate originators:​ From:<​michael@nausch.org>​
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) dkim: not signing, empty signing domain, From: <​michael@nausch.org>​
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) DSN: sender is credible (orig), SA: -1.010, <​michael@nausch.org>​
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) status counters: InMsgsStatus{Accepted,​AcceptedInternal,​AcceptedOriginating}
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) Passed CLEAN {AcceptedInternal},​ AM.PDP-SOCK/​MYNETS LOCAL [10.0.0.87] <​michael@nausch.org>​ -> <​django@nausch.org>,​ Queue-ID: C24B9C00088,​ Message-ID: <​20141119181734.C24B9C00088@mx01.nausch.org>,​ mail_id: rMpVKZqRt9Zi,​ Hits: -1.01, size: 497, 1923 ms
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) TIMING-SA total 1851 ms - parse: 1.30 (0.1%), extract_message_metadata:​ 32 (1.7%), poll_dns_idle:​ 12 (0.7%), get_uri_detail_list:​ 0.58 (0.0%), tests_pri_-1000:​ 3 (0.2%), tests_pri_-950:​ 1.71 (0.1%), tests_pri_-900:​ 1.23 (0.1%), tests_pri_-400:​ 0.94 (0.1%), tests_pri_0:​ 1514 (81.8%), check_dkim_adsp:​ 14 (0.7%), check_spf: 0.88 (0.0%), check_razor2:​ 1449 (78.3%), check_pyzor:​ 0.22 (0.0%), tests_pri_500:​ 3 (0.2%), learn: 274 (14.8%), get_report: 2 (0.1%)
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) mail checking ended: version_server=2\nlog_id=12129-01\nsetreply=250 2.5.0 Ok,​%20id=12129-01,​%20continue%20delivery\ninsheader=0 X-Spam-Status No,​%20score=-1.01%20tagged_above=-1000%20required=6.31%0a%09tests=[ALL_TRUSTED=-1,​%20T_RP_MATCHES_RCVD=-0.01]%20autolearn=ham\ninsheader=0 X-Spam-Level \ninsheader=0 X-Spam-Score -1.01\ninsheader=0 X-Spam-Flag NO\nreturn_value=continue\nexit_code=0
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) size: 497, TIMING [total 1927 ms] - got data: 0.1 (0%)0, check_init: 4.3 (0%)0, digest_hdr: 1.2 (0%)0, digest_body_dkim:​ 0.3 (0%)0, collect_info:​ 1.6 (0%)0, mkdir parts: 1.3 (0%)0, mime_decode:​ 10 (1%)1, get-file-type1:​ 17 (1%)2, parts_decode:​ 0.2 (0%)2, check_header:​ 0.4 (0%)2, AV-scan-1: 9 (0%)2, spam-wb-list:​ 4.6 (0%)3, SA msg read: 0.7 (0%)3, SA parse: 3.1 (0%)3, SA check: 1839 (95%)98, decide_mail_destiny:​ 15 (1%)99, notif-quar: 1.1 (0%)99, prepare-dsn:​ 4.7 (0%)99, report: 1.4 (0%)99, main_log_entry:​ 9 (0%)100, update_snmp:​ 1.4 (0%)100, rundown: 1.3 (0%)100
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) extra modules loaded: unicore/​lib/​Gc/​Nd.pl
 +Nov 19 19:17:36 vml000067 amavis[12129]:​ (12129-01) load: 100 %, total idle 0.000 s, busy 1.953 s
 +</​code>​
 +
 +In der Inbox unseres **MUA**((**M**ail **U**ser **A**gent))s POP3/​IMAP-Servers finden wir auch die zugestellte Nachricht.
 +<​code>​Return-Path:​ <​michael@nausch.org>​
 +Delivered-To:​ django@nausch.org
 +Received: from mx01.nausch.org ([10.0.0.87])
 + by imap.nausch.org (Dovecot) with LMTP id 6jMkM8DebFTdFwAArK2B9Q
 + for <​django@nausch.org>;​ Wed, 19 Nov 2014 19:17:36 +0100
 +X-Spam-Flag:​ NO
 +X-Spam-Score:​ -1.01
 +X-Spam-Level: ​
 +X-Spam-Status:​ No, score=-1.01 tagged_above=-1000 required=6.31
 + tests=[ALL_TRUSTED=-1,​ T_RP_MATCHES_RCVD=-0.01] autolearn=ham
 +Received: from vml000087.dmz.nausch.org (vml000087.dmz.nausch.org [10.0.0.87])
 + by mx01.nausch.org (Postfix) with ESMTP id C24B9C00088
 + for <​django@nausch.org>;​ Wed, 19 Nov 2014 19:17:34 +0100 (CET)
 +Date: Wed, 19 Nov 2014 19:17:33 +0100
 +To: django@nausch.org
 +From: michael@nausch.org
 +Subject: test Wed, 19 Nov 2014 19:17:33 +0100
 +X-Mailer: swaks v20130209.0 jetmore.org/​john/​code/​swaks/​
 +X-Test: test email
 +Message-Id: <​20141119181734.C24B9C00088@mx01.nausch.org>​
 +
 +This is a test mailing
 +</​code>​
 +
 +AMavis hat gemäß unserer Einstellung entsprechende **X-Spam-Header** des Spamassassin-Backends im Mailheader der eMail eingetragen.
 +<​code>​X-Spam-Flag:​ NO
 +X-Spam-Score:​ -1.01
 +X-Spam-Level: ​
 +X-Spam-Status:​ No, score=-1.01 tagged_above=-1000 required=6.31
 + tests=[ALL_TRUSTED=-1,​ T_RP_MATCHES_RCVD=-0.01] autolearn=ham
 +</​code>​
 +
 +==== SPAM (blacklist) ====
 +Haben wir unsere **AMaViS**-Konfiguration abgeschlossen,​ schicken wir uns entweder via **telnet** eine Nachricht, oder nutzen das Hilfsprogramm **[[http://​www.jetmore.org/​john/​code/​swaks/​|swaks]]** für den tippfaulen Admin.
 +   # swaks --to django@nausch.org --from me@example.com --server 10.0.0.87 --header "From: Euro Dice Casino"​
 +
 +<​code>​=== Trying 10.0.0.87:​25...
 +=== Connected to 10.0.0.87.
 +<-  220 mx01.nausch.org ESMTP Postfix
 + -> EHLO vml000067.dmz.nausch.org
 +<-  250-mx01.nausch.org
 +<-  250-PIPELINING
 +<-  250-SIZE 52428800
 +<-  250-ETRN
 +<-  250-STARTTLS
 +<-  250-ENHANCEDSTATUSCODES
 +<-  250-8BITMIME
 +<-  250 DSN
 + -> MAIL FROM:<​me@example.com>​
 +<-  250 2.1.0 Ok
 + -> RCPT TO:<​django@nausch.org>​
 +<-  250 2.1.5 Ok
 + -> DATA
 +<-  354 End data with <​CR><​LF>​.<​CR><​LF>​
 + -> Date: Thu, 20 Nov 2014 09:14:37 +0100
 + -> To: django@nausch.org
 + -> From: Euro Dice Casino
 + -> Subject: test Thu, 20 Nov 2014 09:14:37 +0100
 + -> X-Mailer: swaks v20130209.0 jetmore.org/​john/​code/​swaks/​
 + ->
 + -> This is a test mailing
 + ->
 + -> .
 +<** 554 5.7.0 Reject, id=02244-01 - spam. Contact your postmaster/​admin for technical assistance. He can achieve our postmaster via email: postmaster@nausch.org or via fax: +49 8121 883179. In any case, please provide the following information in your problem report: This error message, time (Nov 20 09:14:37), client (10.0.0.67) and server (mx01.nausch.org).
 + -> QUIT
 +<-  221 2.0.0 Bye
 +=== Connection closed with remote host.
 +</​code>​
 +
 +Im Maillog des **MTA**((**M**ail **T**ransport **A**gent)) finden wir die Einträge des Zustellungsversuch. ​
 +   # less /​var/​log/​maillog
 +<​code>​Nov 20 09:14:37 vml000087 postfix/​smtpd[11331]:​ connect from vml000067.dmz.nausch.org[10.0.0.67]
 +Nov 20 09:14:37 vml000087 postfix/​smtpd[11331]:​ 195FFC00088:​ client=vml000067.dmz.nausch.org[10.0.0.67]
 +Nov 20 09:14:37 vml000087 postfix/​cleanup[11337]:​ 195FFC00088:​ message-id=<>​
 +Nov 20 09:14:37 vml000087 postfix/​cleanup[11337]:​ 195FFC00088:​ milter-reject:​ END-OF-MESSAGE from vml000067.dmz.nausch.org[10.0.0.67]:​ 5.7.0 Reject, id=02244-01 - spam; from=<​me@example.com>​ to=<​django@nausch.org>​ proto=ESMTP helo=<​vml000067.dmz.nausch.org>​
 +Nov 20 09:14:37 vml000087 postfix/​smtpd[11331]:​ disconnect from vml000067.dmz.nausch.org[10.0.0.67]
 +</​code>​
 +
 +Mit der id **02244-01** können wir dann im Maillog des **AS/​AV**((**A**nti**S**pam und **A**nti**V**irus))-Host Details zur SPAM-Bewertung herausfinden.
 +   # less /​var/​log/​maillog
 +
 +<​code>​Nov 20 09:14:19 vml000067 amavis[2243]:​ (02243-01) extra modules loaded: unicore/​lib/​Gc/​Nd.pl
 +Nov 20 09:14:19 vml000067 amavis[2243]:​ (02243-01) load: 100 %, total idle 0.000 s, busy 0.557 s
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ loaded policy bank "​AM.PDP-SOCK"​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ process_request:​ fileno sock=13, STDIN=0, STDOUT=1
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: request=AM.PDP
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: queue_id=195FFC00088
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: sender=<​me@example.com>​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: recipient=<​django@nausch.org>​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: tempdir=/​var/​spool/​amavisd/​afXXXXSMIW7c
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: tempdir_removed_by=client
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: mail_file=/​var/​spool/​amavisd/​afXXXXSMIW7c/​email.txt
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: delivery_care_of=client
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: client_address=10.0.0.67
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: client_name=vml000067.dmz.nausch.org
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: helo_name=vml000067.dmz.nausch.org
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ policy protocol: policy_bank=mx01.nausch.org
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) Request: AM.PDP ​ /​var/​spool/​amavisd/​afXXXXSMIW7c:​ <​me@example.com>​ -> <​django@nausch.org>​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) loaded policy bank "​MYNETS"​ over "​AM.PDP-SOCK"​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) body hash: 5e4a6c05336dff65870f1c8870955b2a
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) ip_trace: 10.0.0.67
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) Checking: vHWwCUxVEbSn AM.PDP-SOCK/​MYNETS [10.0.0.67] <​me@example.com>​ -> <​django@nausch.org>​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) 2822.From: <"​Euro Dice Casino">,​ 2821.Mail_From:​ <​me@example.com>​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) p001 1 Content-Type:​ text/plain, size: 24 B, name:
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) inspect_dsn:​ not a bounce
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) Checking for banned types and filenames
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) skipping banned check: all recipients bypass banned checks
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) presenting full original message to scanners as /​var/​spool/​amavisd/​afXXXXSMIW7c/​parts/​p002
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) run_av Using (ClamAV-clamd):​ (code) CONTSCAN /​var/​spool/​amavisd/​afXXXXSMIW7c/​parts\n
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) ClamAV-clamd:​ Connecting to socket ​ /​var/​run/​clamd.amavisd/​clamd.sock
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) new socket by IO::​Socket::​UNIX to /​var/​run/​clamd.amavisd/​clamd.sock,​ timeout 10
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) ClamAV-clamd:​ Sending CONTSCAN /​var/​spool/​amavisd/​afXXXXSMIW7c/​parts\n to socket /​var/​run/​clamd.amavisd/​clamd.sock
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) rw_loop read: got eof
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) run_av (ClamAV-clamd):​ CLEAN
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) run_av (ClamAV-clamd) result: clean
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) calling SA parse (0), SA vers 3.3.2, 3.003002, data as STRING, recips_ind [0], user: "​amavis"​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) spam_scan: score=19.14 autolearn=no tests=[ALL_TRUSTED=-1,​HEADER_FROM_CHECKS_NR_2001=20,​MISSING_MID=0.14] recips=0
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) blocking contents category is (6) for django@nausch.org,​ final_destiny -3
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) do_notify_and_quar:​ ccat=Spam (6,0) ("​6":​Spam,​ "​5":​Spammy,​ "​1,​1":​CleanTag,​ "​1":​Clean,​ "​0":​CatchAll) ccat_block=(6),​ qar_mth=
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) delivery method is 1, recips: django@nausch.org
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) DSN: sender is credible (orig), SA: 19.140, <​me@example.com>​
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) status counters: InMsgsStatus{Rejected,​RejectedInternal,​RejectedOriginating}
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) Blocked SPAM {RejectedInternal},​ AM.PDP-SOCK/​MYNETS LOCAL [10.0.0.67] <​me@example.com>​ -> <​django@nausch.org>,​ Queue-ID: 195FFC00088,​ mail_id: vHWwCUxVEbSn,​ Hits: 19.14, size: 413, 373 ms
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) TIMING-SA total 318 ms - parse: 1.04 (0.3%), extract_message_metadata:​ 3 (0.8%), get_uri_detail_list:​ 0.25 (0.1%), tests_pri_-1000:​ 6 (1.9%), tests_pri_-950:​ 1.82 (0.6%), tests_pri_-900:​ 1.19 (0.4%), tests_pri_-400:​ 0.93 (0.3%), tests_pri_0:​ 279 (87.8%), check_spf: 0.33 (0.1%), check_razor2:​ 249 (78.4%), check_pyzor:​ 0.34 (0.1%), tests_pri_500:​ 9 (2.9%), get_report: 0.88 (0.3%)
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) mail checking ended: version_server=2\nlog_id=02244-01\nsetreply=554 5.7.0 Reject,​%20id=02244-01%20-%20spam\nreturn_value=reject\nexit_code=69
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) size: 413, TIMING [total 376 ms] - got data: 0.0 (0%)0, check_init: 3.7 (1%)1, digest_hdr: 1.0 (0%)1, digest_body_dkim:​ 0.4 (0%)1, collect_info:​ 1.7 (0%)2, mkdir parts: 1.5 (0%)2, mime_decode:​ 10 (3%)5, get-file-type1:​ 14 (4%)9, parts_decode:​ 0.1 (0%)9, check_header:​ 0.4 (0%)9, AV-scan-1: 8 (2%)11, spam-wb-list:​ 0.6 (0%)11, SA msg read: 0.6 (0%)11, SA parse: 2.7 (1%)12, SA check: 311 (82%)94, decide_mail_destiny:​ 8 (2%)96, notif-quar: 0.5 (0%)97, prepare-dsn:​ 0.7 (0%)97, report: 1.4 (0%)97, main_log_entry:​ 8 (2%)99, update_snmp:​ 1.6 (0%)100, rundown: 1.2 (0%)100
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) extra modules loaded: unicore/​lib/​Gc/​Nd.pl
 +Nov 20 09:14:37 vml000067 amavis[2244]:​ (02244-01) load: 100 %, total idle 0.000 s, busy 0.408 s
 +</​code>​
 +
 +Der SPAM Score von **19.14** wird hauptsächlich von Wert **HEADER_FROM_CHECKS_NR_2001=20** gespeist. Somit wissen wir auch, welche unserer Definitionen aus der Spamassassin-Konfigurationsdatei //​**/​etc/​mail/​spamassassin/​local.cf**//​ angesprochen hat.
 +
 +==== SPAM (GTUBE) ====
 +Zum Testen des Spamassassin schicken wir uns nun eine eMail via **telnet** und schicken im Mailbody den **[[http://​spamassassin.apache.org/​gtube/​|GTUBE]]**((**G**eneric **T**est for **U**nsolicited **B**ulk **E**mail))-Teststring von der Seite [[http://​spamassassin.apache.org/​gtube/​gtube.txt]] bzw. von //​**/​usr/​share/​doc/​spamassassin-3.3.2/​sample-spam.txt**//​ mit.
 +   $ telnet 10.0.0.87 25
 +<​code>​Trying 10.0.0.87...
 +Connected to 10.0.0.87.
 +Escape character is '​^]'​.
 +220 mx01.nausch.org ESMTP Postfix
 +helo pml010049
 +250 mx01.nausch.org
 +mail from:<​michael@nausch.org>​
 +250 2.1.0 Ok
 +rcpt to:<​django@nausch.org>​
 +250 2.1.5 Ok
 +DATA
 +354 End data with <​CR><​LF>​.<​CR><​LF>​
 +Subject: Test spam mail (GTUBE)
 +Message-ID: <​GTUBE1.1010101@example.net>​
 +Date: Wed, 19 Nov 2014 20:04:38 +0000
 +From: Sender <​sender@example.net>​
 +To: Recipient <​recipient@example.net>​
 +Precedence: junk
 +MIME-Version:​ 1.0
 +Content-Type:​ text/plain; charset=us-ascii
 +Content-Transfer-Encoding:​ 7bit
 +
 +This is the GTUBE, the
 +        Generic
 +        Test for
 +        Unsolicited
 +        Bulk
 +        Email
 +
 +If your spam filter supports it, the GTUBE provides a test by which you
 +can verify that the filter is installed correctly and is detecting incoming
 +spam. You can send yourself a test mail containing the following string of
 +characters (in upper case and with no white spaces and line breaks):
 +
 +XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
 +
 +You should send this test mail from an account outside of your network.
 +
 +.
 +554 5.7.0 Reject, id=12129-03 - spam. Contact your postmaster/​admin for technical assistance. He can achieve our postmaster via email: postmaster@nausch.org or via fax: +49 8121 883179. In any case, please provide the following information in your problem report: This error message, time (Nov 19 22:53:37), client (10.0.0.20) and server (mx01.nausch.org).
 +quit
 +221 2.0.0 Bye
 +Connection closed by foreign host.
 +</​code>​
 +
 +Dem einliefernden SMTP-Client wird also die eMail nicht abgenommen und mit einem Fehlercode **554 5.7.0 Reject, id=12129-03 - spam.** abgewiesen; d.h. der Sender erfährt also auch direkt sofort, dass ihm die Nachricht nicht abgenommen wurde.
 +
 +Im Maillog unseres MTAs finden wir nun wiederum einen Hinweis, warum die Nachricht mit dem Fehlercode **554 5.7.0 Reject, id=12129-03 - spam.** abgewiesen wurde. ​
 +   # less /​var/​log/​maillog
 +<​code>​Nov 19 22:52:17 vml000087 postfix/​smtpd[10708]:​ connect from vml000020.dmz.nausch.org[10.0.0.20]
 +Nov 19 22:52:43 vml000087 postfix/​smtpd[10708]:​ 48FF5C00088:​ client=vml000020.dmz.nausch.org[10.0.0.20]
 +Nov 19 22:53:36 vml000087 postfix/​cleanup[10714]:​ 48FF5C00088:​ message-id=<​GTUBE1.1010101@example.net>​
 +Nov 19 22:53:37 vml000087 postfix/​cleanup[10714]:​ 48FF5C00088:​ milter-reject:​ END-OF-MESSAGE from vml000020.dmz.nausch.org[10.0.0.20]:​ 5.7.0 Reject, id=12129-03 - spam; from=<​michael@nausch.org>​ to=<​django@nausch.org>​ proto=SMTP helo=<​pml010049>​
 +Nov 19 22:53:42 vml000087 postfix/​smtpd[10708]:​ disconnect from vml000020.dmz.nausch.org[10.0.0.20]
 +</​code>​
 +
 +Im Maillog unseres AS/AV-Host können wir dann den Zustellversuch und die Bewertungen dazu einsehen. ​
 +
 +   # less /​var/​log/​maillog
 +<​code>​Nov 19 22:45:02 vml000067 amavis[12130]:​ (12130-02) load: 0 %, total idle 555.690 s, busy 2.718 s
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ loaded policy bank "​AM.PDP-SOCK"​
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ process_request:​ fileno sock=13, STDIN=0, STDOUT=1
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: request=AM.PDP
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: queue_id=48FF5C00088
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: sender=<​michael@nausch.org>​
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: recipient=<​django@nausch.org>​
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: tempdir=/​var/​spool/​amavisd/​afXXXXPaVp4C
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: tempdir_removed_by=client
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: mail_file=/​var/​spool/​amavisd/​afXXXXPaVp4C/​email.txt
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: delivery_care_of=client
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: client_address=10.0.0.20
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: client_name=vml000020.dmz.nausch.org
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: helo_name=pml010049
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ policy protocol: policy_bank=mx01.nausch.org
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) Request: AM.PDP ​ /​var/​spool/​amavisd/​afXXXXPaVp4C:​ <​michael@nausch.org>​ -> <​django@nausch.org>​
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) loaded policy bank "​MYNETS"​ over "​AM.PDP-SOCK"​
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) body hash: 51d53ffa32db4873fdf05a6e976eb0c7
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) ip_trace: 10.0.0.20
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) Checking: nCETkk_ruRal AM.PDP-SOCK/​MYNETS [10.0.0.20] <​michael@nausch.org>​ -> <​django@nausch.org>​
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) 2822.From: <​sender@example.net>,​ 2821.Mail_From:​ <​michael@nausch.org>​
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) p001 1 Content-Type:​ text/plain, size: 540 B, name:
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) inspect_dsn:​ not a bounce
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) Checking for banned types and filenames
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) skipping banned check: all recipients bypass banned checks
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) presenting full original message to scanners as /​var/​spool/​amavisd/​afXXXXPaVp4C/​parts/​p002
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) run_av Using (ClamAV-clamd):​ (code) CONTSCAN /​var/​spool/​amavisd/​afXXXXPaVp4C/​parts\n
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) ClamAV-clamd:​ Connecting to socket ​ /​var/​run/​clamd.amavisd/​clamd.sock
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) new socket by IO::​Socket::​UNIX to /​var/​run/​clamd.amavisd/​clamd.sock,​ timeout 10
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) ClamAV-clamd:​ Sending CONTSCAN /​var/​spool/​amavisd/​afXXXXPaVp4C/​parts\n to socket /​var/​run/​clamd.amavisd/​clamd.sock
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) rw_loop read: got eof
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) run_av (ClamAV-clamd):​ CLEAN
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) run_av (ClamAV-clamd) result: clean
 +Nov 19 22:53:36 vml000067 amavis[12129]:​ (12129-03) calling SA parse (0), SA vers 3.3.2, 3.003002, data as STRING, recips_ind [0], user: "​amavis"​
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) spam_scan: score=998.99 autolearn=no tests=[ALL_TRUSTED=-1,​GTUBE=1000,​T_RP_MATCHES_RCVD=-0.01] recips=0
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) blocking contents category is (6) for django@nausch.org,​ final_destiny -3
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) do_notify_and_quar:​ ccat=Spam (6,0) ("​6":​Spam,​ "​5":​Spammy,​ "​1,​1":​CleanTag,​ "​1":​Clean,​ "​0":​CatchAll) ccat_block=(6),​ qar_mth=
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) delivery method is 1, recips: django@nausch.org
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) DSN: sender is credible (orig), SA: 998.990, <​michael@nausch.org>​
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) status counters: InMsgsStatus{Rejected,​RejectedInternal,​RejectedOriginating}
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) Blocked SPAM {RejectedInternal},​ AM.PDP-SOCK/​MYNETS LOCAL [10.0.0.20] <​michael@nausch.org>​ -> <​django@nausch.org>,​ Queue-ID: 48FF5C00088,​ Message-ID: <​GTUBE1.1010101@example.net>,​ mail_id: nCETkk_ruRal,​ Hits: 998.99, size: 1043, 1565 ms
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) TIMING-SA total 1498 ms - parse: 1.78 (0.1%), extract_message_metadata:​ 4 (0.3%), get_uri_detail_list:​ 0.92 (0.1%), tests_pri_-1000:​ 8 (0.5%), tests_pri_-950:​ 1.67 (0.1%), tests_pri_-900:​ 1.18 (0.1%), tests_pri_-400:​ 2 (0.1%), tests_pri_0:​ 1457 (97.3%), check_dkim_adsp:​ 269 (18.0%), check_spf: 0.34 (0.0%), check_razor2:​ 1119 (74.7%), check_pyzor:​ 0.20 (0.0%), tests_pri_500:​ 3 (0.2%), get_report: 1.53 (0.1%)
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) mail checking ended: version_server=2\nlog_id=12129-03\nsetreply=554 5.7.0 Reject,​%20id=12129-03%20-%20spam\nreturn_value=reject\nexit_code=69
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) size: 1043, TIMING [total 1571 ms] - got data: 0.0 (0%)0, check_init: 2.9 (0%)0, digest_hdr: 1.0 (0%)0, digest_body_dkim:​ 0.2 (0%)0, collect_info:​ 1.6 (0%)0, mkdir parts: 1.1 (0%)0, mime_decode:​ 10 (1%)1, get-file-type1:​ 24 (2%)3, parts_decode:​ 0.2 (0%)3, check_header:​ 0.6 (0%)3, AV-scan-1: 15 (1%)4, spam-wb-list:​ 0.8 (0%)4, SA msg read: 0.9 (0%)4, SA parse: 2.5 (0%)4, SA check: 1489 (95%)99, decide_mail_destiny:​ 9 (1%)99, notif-quar: 0.5 (0%)99, prepare-dsn:​ 0.6 (0%)99, report: 1.4 (0%)99, main_log_entry:​ 4.0 (0%)100, update_snmp:​ 5.0 (0%)100, rundown: 1.0 (0%)100
 +Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) load: 0 %, total idle 12954.550 s, busy 8.537 s
 +</​code>​
 +
 +Hier suche wir dann nach besagter ID 12129-03 und erfahren den eigentlichen Grund, warum die Annahme der Nachricht verweigert wurde.
 +
 +   Nov 19 22:53:37 vml000067 amavis[12129]:​ (12129-03) spam_scan: score=998.99 autolearn=no tests=[ALL_TRUSTED=-1,​GTUBE=1000,​T_RP_MATCHES_RCVD=-0.01] recips=0
 +
 +Der SPAM-Score liegt mit **998.99** geringfügig über unserem Schwellwert von **6.31**, was natürlich die Annahmeverweigerung entsprechend begründet.
 +
 +====== Links ======
 +  * **⇐ [[centos:​mail_c7:​spam_7|Zurück zum Kapitel "​ClamAV für AMaViS unter CentOS 7.x"​]]**
 +  * **⇐ [[centos:​mail_c7:​spam_7|Zurück zum Kapitel "​Grundinstallation von AMaViS unter CentOS 7.x"​]]**
 +  * **⇒ [[centos:​mail_c7:​spam_9|Weiter zum Kapitel "DKIM - Domain Key Identified Mail unter CentOS 7.x"​]]**
 +  * **[[centos:​mail_c7:​start|Zurück zum Kapitel >>​Mailserverinstallation unter CentOS 7<<​]]**
 +  * **[[wiki:​start|Zurück zu >>​Projekte und Themenkapitel<<​]]**
 +  * **[[http://​dokuwiki.nausch.org/​doku.php/​|Zurück zur Startseite]]**
 +