[FUGSPBR] off spamassassin ainda nao funciona....
Eicke
eickeaf em yahoo.com.br
Qua Jun 16 10:00:23 BRT 2004
Pessoal, to rodando o spamassassin com o clamav mas acredito que os spans
nao estao sendo bloqueados.
Iniciei o spamd assim:
/usr/local/bin/spamd -a -c -d -C /etc/mail/spamassassin
Dentro de /etc/mail/spamassassin tem o local.cf que esta assim:
> # This is the right place to customize your installation of SpamAssassin.
> #
> # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
> # tweaked.
> #
>
###########################################################################
> #
> # rewrite_subject 0
> # report_safe 1
> # trusted_networks 212.17.35.
> rewrite_subject 1
> report_header 1
> subject_tag *****SPAM DETECTADO*****
> use_terse_report 0
> required_hits 5.0
> skip_rbl_checks 0
> use_bayes 1
> auto_learn 1
> awl->add_known_bad_address($addr);
Como exemplo peguei o log de duas mensagens que sao spam:
Jun 16 02:05:54 postfix/smtpd[58830]: connect from
mx53.tagamater.com[69.42.65.53]
Jun 16 02:05:54 postfix/smtpd[58830]: connect from
mx53.tagamater.com[69.42.65.53]
Jun 16 02:05:55 postfix/smtpd[58830]: 80DBE40E9E:
client=mx53.tagamater.com[69.42.65.53]
Jun 16 02:05:55 postfix/smtpd[58830]: 80DBE40E9E:
client=mx53.tagamater.com[69.42.65.53]
Jun 16 02:05:56 postfix/cleanup[58834]: 80DBE40E9E:
message-id=<I1A7A9A3I9Q7$C5K9C9A1S$J4T8F8V4 em user>
Jun 16 02:05:56 postfix/cleanup[58834]: 80DBE40E9E:
message-id=<I1A7A9A3I9Q7$C5K9C9A1S$J4T8F8V4 em user>
Jun 16 02:05:56 postfix/qmgr[39141]: 80DBE40E9E:
from=<ShenaPrazma em Shena588707955.tagamater.com>, size=3077, nrcpt=1 (queue
active)
Jun 16 02:05:56 postfix/qmgr[39141]: 80DBE40E9E:
from=<ShenaPrazma em Shena588707955.tagamater.com>, size=3077, nrcpt=1 (queue
active)
Jun 16 02:05:56 spamd[49144]: connection from localhost.domain.com.br
[127.0.0.1] at port 4816
Jun 16 02:05:56 spamd[49144]: connection from localhost.domain.com.br
[127.0.0.1] at port 4816
Jun 16 02:05:56 spamd[58864]: info: setuid to clamav succeeded
Jun 16 02:05:56 spamd[58864]: info: setuid to clamav succeeded
Jun 16 02:05:56 spamd[58864]: processing message
<I1A7A9A3I9Q7$C5K9C9A1S$J4T8F8V4 em user> for clamav:1007.
Jun 16 02:05:56 spamd[58864]: processing message
<I1A7A9A3I9Q7$C5K9C9A1S$J4T8F8V4 em user> for clamav:1007.
Jun 16 02:05:56 postfix/smtpd[58830]: disconnect from
mx53.tagamater.com[69.42.65.53]
Jun 16 02:05:56 postfix/smtpd[58830]: disconnect from
mx53.tagamater.com[69.42.65.53]
Jun 16 04:03:35 postfix/smtpd[60242]:
EBB1540EDB:client=f.ss01.net[69.6.21.155]
Jun 16 04:03:37 postfix/cleanup[60244]: EBB1540EDB:
message-id=<200406160549.WAA69723 em f.ss01.net>
Jun 16 04:03:37 postfix/cleanup[60244]: EBB1540EDB:
message-id=<200406160549.WAA69723 em f.ss01.net>
Jun 16 04:03:37 postfix/qmgr[39141]: EBB1540EDB:
from=<b.TailWaggingOffer.0-3896d1c-305d.empresa.com.br.-usuario em f.ss01.net>,
size=3018, nrcpt=1 (queue
active)
Jun 16 04:03:37 postfix/qmgr[39141]: EBB1540EDB:
from=<b.TailWaggingOffer.0-3896d1c-305d.empresa.com.br.-usuario em f.ss01.net>,
size=3018, nrcpt=1 (queue
active)
Jun 16 04:03:37 spamd[49144]: connection from localhost.empresa.com.br
[127.0.0.1] at port 4931
Jun 16 04:03:37 spamd[49144]: connection from localhost.empresa.com.br
[127.0.0.1] at port 4931
Jun 16 04:03:37 spamd[60407]: info: setuid to clamav succeeded
Jun 16 04:03:37 spamd[60407]: info: setuid to clamav succeeded
Jun 16 04:03:37 spamd[60407]: processing message
<200406160549.WAA69723 em f.ss01.net> for clamav:1007.
Jun 16 04:03:37 spamd[60407]: processing message
<200406160549.WAA69723 em f.ss01.net> for clamav:1007.
Jun 16 04:03:37 spamd[60407]: clean message (0.0/5.0) for clamav:1007 in
0.2 seconds, 3034 bytes.
Jun 16 04:03:37 spamd[60407]: clean message (0.0/5.0) for clamav:1007 in
0.2 seconds, 3034 bytes.
Jun 16 04:03:37 postfix/pickup[60151]: 4E12F40EE1: uid=1007
from=<b.TailWaggingOffer.0-3896d1c-305d.empresa.com.br.-usuario em f.ss01.net>
Jun 16 04:03:37 postfix/pickup[60151]: 4E12F40EE1: uid=1007
from=<b.TailWaggingOffer.0-3896d1c-305d.empresa.com.br.-usuario em f.ss01.net>
Jun 16 04:03:37 postfix/pipe[60247]: EBB1540EDB:
to=<usuario em empresa.com.br>, relay=clamav, delay=2, status=sent (clamav)
Jun 16 04:03:37 postfix/pipe[60247]: EBB1540EDB:
to=<usuario em empresa.com.br>, relay=clamav, delay=2, status=sent (clamav)
Jun 16 04:03:37 postfix/cleanup[60243]: 4E12F40EE1:
message-id=<200406160549.WAA69723 em f.ss01.net>
Jun 16 04:03:37 postfix/cleanup[60243]: 4E12F40EE1:
message-id=<200406160549.WAA69723 em f.ss01.net>
Jun 16 04:03:37 postfix/qmgr[39141]: 4E12F40EE1:
from=<b.TailWaggingOffer.0-3896d1c-305d.empresa.com.br.-usuario em f.ss01.net>,
size=3306, nrcpt=1 (queue
active)
Jun 16 04:03:37 postfix/qmgr[39141]: 4E12F40EE1:
from=<b.TailWaggingOffer.0-3896d1c-305d.empresa.com.br.-usuario em f.ss01.net>,
size=3306, nrcpt=1 (queue
active)
Jun 16 04:03:37 postfix/local[60309]: 4E12F40EE1:
to=<usuario em empresa.com.br>, orig_to=<usuario em empresa.com.br>, relay=local,
delay=0, status=sent (delivered to mailbox)
Jun 16 04:03:37 postfix/local[60309]: 4E12F40EE1:
to=<usuario em empresa.com.br>, orig_to=<usuario em empresa.com.br>, relay=local,
delay=0, status=sent (delivered to mailbox)
Jun 16 04:03:39 postfix/smtpd[60242]: disconnect from
f.ss01.net[69.6.21.155]
Jun 16 04:03:39 postfix/smtpd[60242]: disconnect from
f.ss01.net[69.6.21.155]
Entao as pessoas esta recebendo varios spans por aqui...o negocio ta
feio....
Valeu.
Eicke.
_______________________________________________________________
Para enviar um novo email para a lista: fugspbr em fugspbr.org
Sair da Lista: http://lists.fugspbr.org/listinfo.cgi
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/
Mais detalhes sobre a lista de discussão freebsd