Linode Forum
https://forum.linode.com/

Spam filter, false positive... Please help...
https://forum.linode.com/viewtopic.php?f=11&t=5018		 Page 3 of 3
Author:  sblantipodi [ Fri Feb 26, 2010 7:49 pm ]
Post subject: 
Hi,
in /etc/amavisd.conf I have deleted the comments from this line

@bypass_spam_checks_maps

it seems that false positive has been reduced a lot.
Can you tell me how it is possible that some mail continue to go to spam folder also if I disabled it in this way?

Thanks.
Author:  Xan [ Sat Feb 27, 2010 1:19 am ]
Post subject: 
The only way to guarantee that you never get a false positive is to quit doing spam filtering.

Spam filtering isn't going to be perfect.
Author:  sblantipodi [ Sat Feb 27, 2010 6:18 am ]
Post subject: 
Ok Xan but if I have disabled spam filtering (@bypass_spam_checks_maps
) in amavisd.conf
why I got spam in the spam folder?

who put the spam in that folder since?
my configuration uses:
Postfix,
dovecot,
amavisd-new,
spamassassin
Author:  Xan [ Tue Mar 02, 2010 2:18 am ]
Post subject: 
Oh, I hadn't realized you were disabling the spam filter entirely (or trying to). Sorry.

Unfortunately I have no idea how amavis works.
Author:  sblantipodi [ Fri Mar 05, 2010 7:54 am ]
Post subject: 
Hi,
this is the email that my brother received from my server when he try to send me an email on my server.


How can I disable the CBL abuseat?

554 5.7.1 Service unavailable; Client host [151.81.11.38] blocked using cbl.abuseat.org; Blocked - see http://cbl.abuseat.org/lookup.cgi?ip=151.81.11.38
Author:  hoopycat [ Fri Mar 05, 2010 10:18 am ]
Post subject: 
You can either tell your mail server to not check the cbl.abuseat.org DNSBL by removing any mention of it from your mail server config (usually /etc/postfix/main.cf), or he can read what that page says about 151.81.11.38 being hijacked and fix the problem.

In short, there's two problems here: you're enabling DNSBLs without understanding the implications, and your brother's computer has been taken over by criminals. That said, if I had to pick one or the other, I'd say your problem is easier to fix than his :-)
Author:  sblantipodi [ Fri Mar 05, 2010 10:29 am ]
Post subject: 
hoopycat wrote:
You can either tell your mail server to not check the cbl.abuseat.org DNSBL by removing any mention of it from your mail server config (usually /etc/postfix/main.cf), or he can read what that page says about 151.81.11.38 being hijacked and fix the problem.

In short, there's two problems here: you're enabling DNSBLs without understanding the implications, and your brother's computer has been taken over by criminals. That said, if I had to pick one or the other, I'd say your problem is easier to fix than his :-)


it seems that the problem isn't mine and isn't of my brother but is related to the SMTP that my brothers is using since it got the same error also when sending email to gmail...
Author:  arjones85 [ Fri Mar 05, 2010 5:14 pm ]
Post subject: 
Here is how to set a whitelist in Postfix so that you can whitelist specific IP's against being checked in your RBL's:

http://www.howtoforge.com/how-to-whitel ... in-postfix


I had to use it to whitelist a Xerox scanner at a school that sends you what you scanned in your email. It somehow ended up on zen.spamhaus.org. It works beautifully.


Other than that, I will reiterate what others have said, SpamAssassin and RBL's are not going to be perfect. The only false positive I have ever had using SpamAssassin + SpamHaus is that Xerox scanner, which probably wasn't a "false" positive to begin with.

It sounds like you are also still learning quite a bit about how to properly configure a mail server and its spam scanners and RBL's. I would recommend perhaps gutting your server and installing Virtualmin from scratch (http://www.virtualmin.com/). It will properly configure Postfix + SpamAssassin + ClamD for you, and give you a nice GUI interface to be able to whitelist different addresses and network ranges if you experience false positives.

In short, it will make your life easier.
Author:  sblantipodi [ Fri Mar 05, 2010 5:24 pm ]
Post subject: 
thanks for your reply...
I have just setted up something similar.

In my main.cf I got:
check_sender_access
hash:/etc/postfix/file


your guide told us to put:
check_client_access
hash:/etc/postfix/file

what is the difference between this two lines?
Author:  Stever [ Fri Mar 05, 2010 5:57 pm ]
Post subject: 
http://www.postfix.org/postconf.5.html

A sender is who sent the mail, for example user@example.com.

A client is what machine they sent it from, for example mail.example.com.
Author:  sblantipodi [ Fri Mar 05, 2010 6:36 pm ]
Post subject: 
Stever wrote:
http://www.postfix.org/postconf.5.html

A sender is who sent the mail, for example user@example.com.

A client is what machine they sent it from, for example mail.example.com.


ok, thanks :)
Author:  sblantipodi [ Sat Mar 06, 2010 6:33 am ]
Post subject: 
sblantipodi wrote:
Ok Xan but if I have disabled spam filtering (@bypass_spam_checks_maps
) in amavisd.conf
why I got spam in the spam folder?

who put the spam in that folder since?
my configuration uses:
Postfix,
dovecot,
amavisd-new,
spamassassin


I requote this question since I got other spam in spam folder...
Author:  arjones85 [ Sun Mar 07, 2010 1:57 am ]
Post subject: 
Check your SpamAssassin configuration
Page 3 of 3 All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/