spamassassin - läuft es oder nicht?

[EPMS]

Hallo Zusammen,
ich habe hier bei mir einen Suse 10.3 Server mit postfix, courier, amavis, avguard und spamassassin.
Jetzt habe ich das Problem, dass ich nicht weiss ob spamassassin auch arbeitet, also ob die E-Mails kontrolliert werden.
Muss ich dafür eigentlich procmail auch mit einbinden? Oder ist das nicht nötig? Wie kann ich jetzt testen, ob die Mail von spamassassin überprüft wurden ist?

Muss ich dafür was in die main.cf oder master.cf von postfix was eintragen?

Sorry für die vielen Fragen und danke im voraus.

 

[Spin-Doc]

Eine von SpamAssassin überprüfte Mail sollte normalerweise so etwas ähnliches wie das hier im Mailheader haben

X-Spam-Checker-Version: SpamAssassin 3.2.1-gr1 (2007-05-02) on
	foo.bar
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
	version=3.2.1-gr1

 

[EPMS]

Also,
ich habe im Header folgendes stehen:

X-Spam-Flag: No
X-Spam-Score: 0
X-Spam-Staus: No, score=0 tagged_above=-1000 required=4 tests=[none]

Heisst das, dass die Mail auf Spam überprüfut wurden ist?

Nächste Frage wäre, ich habe meine Domain jetzt auf den Server umziehen lassen. Auf dem alten Server hatte ich ca. 100 Spam Mails am Tag. Mit dem neuen Server habe ich momentan überhaupt keine Spam Mails mehr. Werde die jetzt von Haus aus abgeblockt?
Kann ich Spamassassin auch sagen, dass die Spammails in einen gesonderten Ordner geschickt werden sollen?

 

[Marco]

Ja, wurde auf Spam geprüft.

Kann sein dass sie von Haus aus geblockt werden. Vielleicht auch nicht. Die Putzfrau hat meine Glaskugel runtergeschmissen. Also entweder postest du uns in die Config oder du wartest ein paar Wochen bis ich ne neue hab.

Spamassassin kann das nicht, aber *beliebiger MDA* kann das für dich machen. Zum Beispiel Dovecot (Sieve), Maildrop, Procmail, ...

 

[EPMS]

Welche Configs wären nötig?

spamassassin
amavisd
postfix

Oder noch mehr?

 

[Marco]

Die Ausgabe von "postconf -n" und die master.cf reichen schon.

 

[Firewire2002]

Alternativ könnte man auch einfach die Logs heranziehen und schauen ob überhaupt versucht wird Spam Mails zuzustellen und falls ja, was mit diesen passiert.

 

[EPMS]

Also, postconf erzählt folgendes

biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
html_directory = /usr/share/doc/packages/postfix/html
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mydomain = meinedomain.de
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix/README_FILES
receive_override_options = no_address_mappings
sample_directory = /usr/share/doc/packages/postfix/samples
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_non_fqdn_hostname, reject_invalid_hostname, reject_rhsbl_client rhsbl.sorbs.net, reject_rhsbl_sender rhsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client unconfirmed.dsbl.org, reject_rbl_client list.dsbl.org, reject_rbl_client dialup.blacklist.jippg.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client multihop.dsbl.org, reject_unauth_pipelining
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client cbl.abuseat.org, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client unconfirmed.dsbl.org, reject_rbl_client list.dsbl.org, reject_rbl_client dialup.blacklist.jippg.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client multihop.dsbl.org,
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /srv/email
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_transport = virtual
virtual_uid_maps = static:1001

In der master.cf steht folgendes

#
# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes
# -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#submission inet n - n - - smtpd
# -o smtpd_etrn_restrictions=reject
# -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
#628 inet n - n - - qmqpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
#tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
#localhost:10025 inet n - n - - smtpd -o content_filter=
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
procmail unix - n n - - pipe
flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc ${sender} ${recipient}
retry unix - - n - - error

amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_bind_address=127.0.0.1

 

[EPMS]

So, hier ist dann auch nochmal ein Ausschnitt von meiner mail-log

May 19 20:56:56 openSUSE-103-64-LAMP postfix/smtpd[26714]: lost connection after DATA from unknown[84.36.15 0.149]
May 19 20:56:56 openSUSE-103-64-LAMP postfix/smtpd[26714]: disconnect from unknown[84.36.150.149]
May 19 20:56:56 openSUSE-103-64-LAMP postfix/smtpd[26678]: NOQUEUE: reject: RCPT from c-76-108-29-68.hsd1.f l.comcast.net[76.108.29.68]: 554 5.7.1 Service unavailable; Client host [76.108.29.68] blocked using cbl.ab useat.org; Blocked - see CBL Lookup for 76.108.29.68 from=<eplyynbm@bollore-industri es.com> to=<dwrevolution@domain.de> proto=ESMTP helo=<c-76-108-29-68.hsd1.fl.comcast.net>
May 19 20:56:57 openSUSE-103-64-LAMP postfix/smtpd[26678]: lost connection after DATA from c-76-108-29-68.h sd1.fl.comcast.net[76.108.29.68]
May 19 20:56:57 openSUSE-103-64-LAMP postfix/smtpd[26678]: disconnect from c-76-108-29-68.hsd1.fl.comcast.n et[76.108.29.68]
May 19 20:56:57 openSUSE-103-64-LAMP postfix/smtpd[26708]: connect from public24500.xdsl.centertel.pl[79.16 3.95.180]
May 19 20:56:57 openSUSE-103-64-LAMP postfix/smtpd[26708]: NOQUEUE: reject: RCPT from public24500.xdsl.cent ertel.pl[79.163.95.180]: 504 5.5.2 <abcv-5a1ec2a7d2>: Helo command rejected: need fully-qualified hostname; from=<gminatel@deloitte.it> to=<gminatare@domain.de> proto=SMTP helo=<abcv-5a1ec2a7d2>
May 19 20:56:57 openSUSE-103-64-LAMP postfix/smtpd[26708]: disconnect from public24500.xdsl.centertel.pl[79 .163.95.180]
May 19 20:56:58 openSUSE-103-64-LAMP postfix/smtpd[26703]: NOQUEUE: reject: RCPT from c-24-129-41-198.hsd1. fl.comcast.net[24.129.41.198]: 550 5.1.1 <dwkbelvedere@domain.de>: Recipient address rejected: User unk nown in virtual mailbox table; from=<tegz3heq@mirafiori.com> to=<dwkbelvedere@domain.de> proto=ESMTP he lo=<shipwreck.hsd1.fl.comcast.net.>
May 19 20:56:59 openSUSE-103-64-LAMP postfix/smtpd[26703]: disconnect from c-24-129-41-198.hsd1.fl.comcast. net[24.129.41.198]
May 19 20:57:02 openSUSE-103-64-LAMP postfix/smtpd[26714]: warning: 84.52.73.172: hostname 172.73.co-locati on.westcall.net verification failed: Name or service not known
May 19 20:57:02 openSUSE-103-64-LAMP postfix/smtpd[26714]: connect from unknown[84.52.73.172]
May 19 20:57:02 openSUSE-103-64-LAMP postfix/smtpd[26780]: connect from 84.123.176.210.dyn.user.ono.com[84.123.176.210]
May 19 20:57:03 openSUSE-103-64-LAMP postfix/smtpd[26678]: connect from unknown[92.82.202.123]
May 19 20:57:03 openSUSE-103-64-LAMP postfix/smtpd[26678]: NOQUEUE: reject: RCPT from unknown[92.82.202.123]: 504 5.5.2 <cotet-219059933>: Helo command rejected: need fully-qualified hostname; from=<jhinesdd@guilford.com> to=<jhinesburg@domain.de> proto=SMTP helo=<cotet-219059933>
May 19 20:57:03 openSUSE-103-64-LAMP postfix/smtpd[26708]: connect from unknown[190.41.22.201]
May 19 20:57:03 openSUSE-103-64-LAMP postfix/smtpd[26678]: disconnect from unknown[92.82.202.123]
May 19 20:57:03 openSUSE-103-64-LAMP postfix/smtpd[26708]: NOQUEUE: reject: RCPT from unknown[190.41.22.201]: 504 5.5.2 <190.41.22.201>: Helo command rejected: need fully-qualified hostname; from=<kronvold@damocles.com> to=<kgberkley@domain.de> proto=ESMTP helo=<190.41.22.201>
May 19 20:57:03 openSUSE-103-64-LAMP postfix/smtpd[26703]: connect from 119.sub-75-211-120.myvzw.com[75.211.120.119]
May 19 20:57:04 openSUSE-103-64-LAMP postfix/smtpd[26708]: lost connection after DATA from unknown[190.41.22.201]
May 19 20:57:04 openSUSE-103-64-LAMP postfix/smtpd[26708]: disconnect from unknown[190.41.22.201]
May 19 20:57:04 openSUSE-103-64-LAMP postfix/smtpd[26714]: NOQUEUE: reject: RCPT from unknown[84.52.73.172]: 554 5.7.1 Service unavailable; Client host [84.52.73.172] blocked using cbl.abuseat.org; Blocked - see CBL Lookup for 84.52.73.172 from=<soberx75@telsmithparts.com> to=<marfa256@domain.de> proto=ESMTP helo=<172.73.co-location.westcall.net>
May 19 20:57:04 openSUSE-103-64-LAMP postfix/smtpd[26714]: NOQUEUE: reject: RCPT from unknown[84.52.73.172]: 554 5.7.1 Service unavailable; Client host [84.52.73.172] blocked using cbl.abuseat.org; Blocked - see CBL Lookup for 84.52.73.172 from=<soberx75@telsmithparts.com> to=<hthomson@domain.de> proto=ESMTP helo=<172.73.co-location.westcall.net>
May 19 20:57:04 openSUSE-103-64-LAMP postfix/smtpd[26714]: NOQUEUE: reject: RCPT from unknown[84.52.73.172]: 554 5.7.1 Service unavailable; Client host [84.52.73.172] blocked using cbl.abuseat.org; Blocked - see CBL Lookup for 84.52.73.172 from=<soberx75@telsmithparts.com> to=<hthrall@domain.de> proto=ESMTP helo=<172.73.co-location.westcall.net>
May 19 20:57:04 openSUSE-103-64-LAMP postfix/smtpd[26714]: NOQUEUE: reject: RCPT from unknown[84.52.73.172]: 554 5.7.1 Service unavailable; Client host [84.52.73.172] blocked using cbl.abuseat.org; Blocked - see CBL Lookup for 84.52.73.172 from=<soberx75@telsmithparts.com> to=<hthrowaway@domain.de> proto=ESMTP helo=<172.73.co-location.westcall.net>
May 19 20:57:04 openSUSE-103-64-LAMP postfix/smtpd[26714]: lost connection after DATA from unknown[84.52.73.172]
May 19 20:57:04 openSUSE-103-64-LAMP postfix/smtpd[26714]: disconnect from unknown[84.52.73.172]
May 19 20:57:05 openSUSE-103-64-LAMP postfix/smtpd[26678]: connect from 201-0-11-13.dsl.telesp.net.br[201.0.11.13]
May 19 20:57:05 openSUSE-103-64-LAMP postfix/smtpd[26703]: NOQUEUE: reject: RCPT from 119.sub-75-211-120.myvzw.com[75.211.120.119]: 504 5.5.2 <Barry>: Helo command rejected: need fully-qualified hostname; from=<tellis@quark.com> to=<dxomodesto@domain.de> proto=ESMTP helo=<Barry>
May 19 20:57:05 openSUSE-103-64-LAMP postfix/smtpd[26703]: NOQUEUE: reject: RCPT from 119.sub-75-211-120.myvzw.com[75.211.120.119]: 504 5.5.2 <Barry>: Helo command rejected: need fully-qualified hostname; from=<tellis@quark.com> to=<dxsgrantee@domain.de> proto=ESMTP helo=<Barry>
May 19 20:57:05 openSUSE-103-64-LAMP postfix/smtpd[26703]: NOQUEUE: reject: RCPT from 119.sub-75-211-120.myvzw.com[75.211.120.119]: 504 5.5.2 <Barry>: Helo command rejected: need fully-qualified hostname; from=<tellis@quark.com> to=<dxtwitch@domain.de> proto=ESMTP helo=<Barry>
May 19 20:57:06 openSUSE-103-64-LAMP postfix/smtpd[26708]: connect from ppp78-37-171-19.pppoe.avangarddsl.ru[78.37.171.19]
May 19 20:57:06 openSUSE-103-64-LAMP postfix/smtpd[26678]: NOQUEUE: reject: RCPT from 201-0-11-13.dsl.telesp.net.br[201.0.11.13]: 554 5.7.1 Service unavailable; Client host [201.0.11.13] blocked using cbl.abuseat.org; Blocked - see CBL Lookup for 201.0.11.13 from=<recruit@wemploy.com> to=<jwhatboro@domain.de> proto=ESMTP helo=<201-0-11-13.dsl.telesp.net.br>
May 19 20:57:06 openSUSE-103-64-LAMP postfix/smtpd[26703]: lost connection after DATA from 119.sub-75-211-120.myvzw.com[75.211.120.119]
May 19 20:57:06 openSUSE-103-64-LAMP postfix/smtpd[26703]: disconnect from 119.sub-75-211-120.myvzw.com[75.211.120.119]
May 19 20:57:06 openSUSE-103-64-LAMP postfix/smtpd[26678]: lost connection after DATA from 201-0-11-13.dsl.telesp.net.br[201.0.11.13]
May 19 20:57:06 openSUSE-103-64-LAMP postfix/smtpd[26678]: disconnect from 201-0-11-13.dsl.telesp.net.br[201.0.11.13]
May 19 20:57:08 openSUSE-103-64-LAMP postfix/smtpd[26708]: NOQUEUE: reject: RCPT from ppp78-37-171-19.pppoe.avangarddsl.ru[78.37.171.19]: 504 5.5.2 <?????>: Helo command rejected: need fully-qualified hostname; from=<akstculucaymnsdgs@ulucay.net> to=<fusual@domain.de> proto=ESMTP helo=<?????>
May 19 20:57:08 openSUSE-103-64-LAMP postfix/smtpd[26708]: lost connection after DATA from ppp78-37-171-19.pppoe.avangarddsl.ru[78.37.171.19]
May 19 20:57:08 openSUSE-103-64-LAMP postfix/smtpd[26708]: disconnect from ppp78-37-171-19.pppoe.avangarddsl.ru[78.37.171.19]
May 19 20:57:09 openSUSE-103-64-LAMP postfix/smtpd[26780]: NOQUEUE: reject: RCPT from 84.123.176.210.dyn.user.ono.com[84.123.176.210]: 554 5.7.1 Service unavailable; Client host [84.123.176.210] blocked using cbl.abuseat.org; Blocked - see CBL Lookup for 84.123.176.210 from=<pr@lulu.com> to=<kgfmerrillan@domain.de> proto=ESMTP helo=<84.123.176.210.dyn.user.ono.com>
May 19 20:57:09 openSUSE-103-64-LAMP postfix/smtpd[26780]: lost connection after DATA from 84.123.176.210.dyn.user.ono.com[84.123.176.210]
May 19 20:57:09 openSUSE-103-64-LAMP postfix/smtpd[26780]: disconnect from 84.123.176.210.dyn.user.ono.com[84.123.176.210]
May 19 20:57:11 openSUSE-103-64-LAMP postfix/smtpd[26714]: connect from 173-38-50.adsl.terra.cl[200.50.38.173]
May 19 20:57:12 openSUSE-103-64-LAMP postfix/smtpd[26714]: NOQUEUE: reject: RCPT from 173-38-50.adsl.terra.cl[200.50.38.173]: 554 5.7.1 Service unavailable; Client host [200.50.38.173] blocked using cbl.abuseat.org; Blocked - see CBL Lookup for 200.50.38.173 from=<gibson2005@jaxnet.net> to=<kgjkurtistown@domain.de> proto=ESMTP helo=<173-38-50.adsl.terra.cl>
May 19 20:57:12 openSUSE-103-64-LAMP postfix/smtpd[26714]: lost connection after DATA from 173-38-50.adsl.terra.cl[200.50.38.173]
May 19 20:57:12 openSUSE-103-64-LAMP postfix/smtpd[26714]: disconnect from 173-38-50.adsl.terra.cl[200.50.38.173]
May 19 20:57:15 openSUSE-103-64-LAMP postfix/smtpd[26678]: connect from unknown[190.65.213.12]
May 19 20:57:15 openSUSE-103-64-LAMP postfix/smtpd[26703]: connect from unknown[89.254.129.145]
May 19 20:57:15 openSUSE-103-64-LAMP postfix/smtpd[26703]: NOQUEUE: reject: RCPT from unknown[89.254.129.145]: 504 5.5.2 <1-3945A20438694>: Helo command rejected: need fully-qualified hostname; from=<nrjtrexx@icqmail.com> to=<nrjtruly@domain.de> proto=SMTP helo=<1-3945A20438694>
May 19 20:57:15 openSUSE-103-64-LAMP postfix/smtpd[26703]: disconnect from unknown[89.254.129.145]
May 19 20:57:15 openSUSE-103-64-LAMP postfix/smtpd[26678]: NOQUEUE: reject: RCPT from unknown[190.65.213.12]: 504 5.5.2 <190.65.213.12>: Helo command rejected: need fully-qualified hostname; from=<mclcjones@jaxnet.net> to=<kgrammar@domain.de> proto=ESMTP helo=<190.65.213.12>
May 19 20:57:16 openSUSE-103-64-LAMP postfix/smtpd[26678]: lost connection after DATA from unknown[190.65.213.12]
May 19 20:57:16 openSUSE-103-64-LAMP postfix/smtpd[26678]: disconnect from unknown[190.65.213.12]

Hier ist mal ein Log-Eintrag einer Mail, die an meine richtige E-Mai gesendet wird (meinemail@domain.de). Wenn ich das richtig sehe, wird Spam gebloggt, oder?

May 19 21:17:16 openSUSE-103-64-LAMP postfix/smtpd[27224]: lost connection after DATA from cable201-233-125-213.epm.net.co[201.233.125.213]
May 19 21:17:16 openSUSE-103-64-LAMP postfix/smtpd[27224]: disconnect from cable201-233-125-213.epm.net.co[201.233.125.213]
May 19 21:17:16 openSUSE-103-64-LAMP postfix/smtpd[27235]: NOQUEUE: reject: RCPT from 87-253-5-121.pppoe.yaroslavl.ru[87.253.5.121]: 504 5.5.2 <DIALOG>: Helo command rejected: need fully-qualified hostname; from=<sinhalesesjc@ibsiusa.com> to=<aaanahola@domain.de> proto=ESMTP helo=<DIALOG>
May 19 21:17:17 openSUSE-103-64-LAMP postfix/smtpd[27235]: lost connection after DATA from 87-253-5-121.pppoe.yaroslavl.ru[87.253.5.121]
May 19 21:17:17 openSUSE-103-64-LAMP postfix/smtpd[27235]: disconnect from 87-253-5-121.pppoe.yaroslavl.ru[87.253.5.121]
May 19 21:17:20 openSUSE-103-64-LAMP amavis[2835]: (02835-19) Blocked SPAM, [121.246.232.77] [121.246.232.77] <espousal@yapost.com> -> <meinemail@domain.de>, quarantine: spam-4i7gJdbndzLt.gz, Message-ID: <62612772.52268808@geminate.com>, mail_id: 4i7gJdbndzLt, Hits: 25.507, size: 3209, 6701 ms
May 19 21:17:20 openSUSE-103-64-LAMP postfix/smtp[27292]: 4B5432534184: to=<meinemail@domain.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=8.7, delays=2/0.01/0.01/6.7, dsn=2.5.0, status=sent (250 2.5.0 Ok, id=02835-19, DISCARD(bounce.suppressed))
May 19 21:17:20 openSUSE-103-64-LAMP postfix/qmgr[27200]: 4B5432534184: removed
May 19 21:17:25 openSUSE-103-64-LAMP postfix/smtpd[27237]: connect from unknown[

 

[Timon323]

So wie es aussieht steht bei dir in der amavisd.conf

$final_spam_destiny = D_BOUNCE;

Somit wird dein Spam geblock und und kommt nicht durch. Möchtest du deinen Spam erhalten ändere die einstellung auf

D_PASS;

 

[Huschi]

$final_spam_destiny = D_BOUNCE;

Bounce ist sowieso immer eine schlechte Wahl. Sowohl für Spam als auch für Viren.
Da der Absender in 99% der Fälle gefakt ist, belästigt man mit seinen Bounces nur unnötig andere Server und evtl. fremde User.

huschi.

 

[EPMS]

$final_spam_destiny = D_BOUNCE;

stand tatsächlich in meiner amavisd.conf. Allerdings mit einem "#" davor. Wird das dann überhaupt beachtet?

 

[Marco]

Nein, die Aussage ist auch nicht korrekt, siehe Logfile

May 19 21:17:20 openSUSE-103-64-LAMP postfix/smtp[27292]: 4B5432534184: to=<meinemail@domain.de>, relay=127.0.0.1[127.0.0.1]:10024, delay=8.7, delays=2/0.01/0.01/6.7, dsn=2.5.0, status=sent (250 2.5.0 Ok, id=02835-19, DISCARD(bounce.suppressed))

Um deine Frage von oben zu beantworten:
Dein Server blockt auf jeden Fall eine ganze Menge Spam schon auf Postfix Ebene. Hier gibt es aber noch Verbesserungsbedarf (vgl. smtpd_helo_restrictions und smtpd_recipient_restrictions => vieles ist doppelt vorhanden, ausserdem gehören Restrictions NUR nach smtpd_recipient_restrictions). Ausserdem halte ich eine Überprüfung der BLs für angebracht, da sind sicher etliche Einträge doppelt vorhanden. Ich persönlich verwende nur zen.spamhaus.org und *nix Spam, die reichen vollkommen.

Ausserdem erhältst du keine Spam Mails weil dein Amavis als Spam klassifizierte Mails nicht wieder an Postfix übergibt sondern in der Quarantäne ablegt und discarded. Wirf mal nen Blick ins Quarantäneverzeichnis, da findest sicher deine ganzen Spam Mails

 

[EPMS]

Hallo Marco,
hast recht mit dem Quarantäneverzeichnis. Da sind die Spammails. Wie kann ich amavis denn sagen, dass er die durchlassen soll?

final_smap_destiny habe ich so gesetzt

$final_spam_destiny = D_PASS;

Edit
So, es funktioniert. Die Spammails werden jetzt durch gelassen. Danke für die Hilfe.