Sendmail/SpamAssassin/Procmail/Roundcube

L

Lego

HEHE! sorry but I think it warrants a new thread, So I have Sendmail/SpamAssassin/ClamAV & Roundcube all working together... mind you I think Roundcube doesn't matter because its just a client to interact with the IMAP server. But On the Tutorial Site, http://www.hart.co.jp/spam/sa-clamav-e.html, I was working with It suggested installing Procmail to Handle mail filtered by SpamAssassin to make it go to a Junk Mail folder, if its still junkmail. He doesn't go into much depth, so I found this tutorial, http://www.puresimplicity.net/~hemi/freebsd/procmail.html, Followed it even created the .procmailrc file and put the log line in it, changed my MAILER(local)dnl to MAILER(promail)dnl (in the blurr-ink.com.mc file), and left MAILER(smtp)dnl alone, Anyway, after doing all that 'cd /etc/mail && make' 'cp blurr-ink.com.cf sendmail.cf' 'make restart' sent a few mails from hotmail to my blurr-ink.com accounts, still receiving mail, but the procmail.log hasn't been created, so is procmail working or not? I know i have to set filters in a file, but I think i've done something wrong.
 
I think you need

Code: 
FEATURE(local_procmail)
and
Code: 
MAILER(local)
not
Code: 
MAILER(procmail)

At least, that's how I've had it for about a decade.

It shows up in sendmail.cf as

Code: 
Mlocal,         P=/usr/local/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
                T=DNS/RFC822/X-Unix,
                A=procmail -Y -a $h -d $u

And make sure .procmailrc is owned by the correct user.

This should be enough to get some verbose logging thru .procmailrc:

Code: 
LOGFILE=$HOME/pm.log
VERBOSE=yes

procmailrc(5)
procmailex(5)
 
who does it need to be owned by? pretty sure both are owned by root.
blurr-ink.com.mc:
Code: 
divert(-1)
define('SMART_HOST','out.mnsi.net')
INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass-milter.sock, F=, T=C:1
INPUT_MAIL_FILTER(`clmilter', `S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;
FEATURE(dnsbl,`sbl-xbl.spamhaus.org')dnl
FEATURE(local_procmail)dnl
#
# Copyright (c) 1983 Eric P. Allman
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
#    must display the following acknowledgement:
#       This product includes software developed by the University of
#       California, Berkeley and its contributors.
# 4. Neither the name of the University nor the names of its contributors
#    may be used to endorse or promote products derived from this software
#    without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#

#
#  This is a generic configuration file for FreeBSD 5.X and later systems.
#  If you want to customize it, copy it to a name appropriate for your
#  environment and do the modifications there.
#
#  The best documentation for this .mc file is:
#  /usr/share/sendmail/cf/README or
#  /usr/src/contrib/sendmail/cf/README
#

divert(0)
VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.34.2.3.2.1 2008/11/25 02:59:
OSTYPE(freebsd6)
DOMAIN(generic)

FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
FEATURE(blacklist_recipients)
FEATURE(local_lmtp)
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')

dnl Uncomment to allow relaying based on your MX records.
dnl NOTE: This can allow sites to use your server as a backup MX without
dnl       your permission.
dnl FEATURE(relay_based_on_MX)

dnl DNS based black hole lists
dnl --------------------------------
dnl DNS based black hole lists come and go on a regular basis
dnl so this file will not serve as a database of the available servers.
dnl For that, visit
dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/

dnl Uncomment to activate Realtime Blackhole List
dnl information available at http://www.mail-abuse.com/
dnl NOTE: This is a subscription service as of July 31, 2001
dnl FEATURE(dnsbl)
dnl Alternatively, you can provide your own server and rejection message:
dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', ``"550 Mail from " $&{client_addr

dnl Dialup users should uncomment and define this appropriately
dnl define(`SMART_HOST', `your.isp.mail.server')

dnl Uncomment the first line to change the location of the default
dnl /etc/mail/local-host-names and comment out the second line.
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
define(`confCW_FILE', `-o /etc/mail/local-host-names')

dnl Enable for both IPv4 and IPv6 (optional)
DAEMON_OPTIONS(`Name=IPv4, Family=inet')
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')

define(`confBIND_OPTS', `WorkAroundBrokenAAAA')
define(`confNO_RCPT_ACTION', `add-to-undisclosed')
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')
define(`confINPUT_MAIL_FILTERS', `clmilter,spamassassin')dnl
MAILER(local)dnl
MAILER(smtp)dnl

then 'make install restart' and in my sendmail.cf I get this:
Code: 
Mlocal,         P=/usr/libexec/mail.local, F=lsDFMAw5:/|@qPSXmnz9, S=EnvFromSMTP/
                T=DNS/RFC822/SMTP,
                A=mail.local -l
 
If I put:
Code: 
MAILER(local)dnl
MAILER(procmail)dnl
MAILER(smtp)dnl

Then in sendmail I get this:
Code: 
######################*****##############
###   PROCMAIL Mailer specification   ###
##################*****##################

#####  $Id: procmail.m4,v 8.22 2001/11/12 23:11:34 ca Exp $  #####

Mprocmail,      P=/usr/local/bin/procmail, F=DFMSPhnu9, S=EnvFromSMTP/HdrFromSMTP
                T=DNS/RFC822/X-Unix,
                A=procmail -Y -m $h $f $u

And further down:
Code: 
Mlocal,         P=/usr/libexec/mail.local, F=lsDFMAw5:/|@qPSXmnz9, S=EnvFromSMTP/
                T=DNS/RFC822/SMTP,
                A=mail.local -l
Mprog,          P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=
                T=X-Unix/X-Unix/X-Unix,
                A=sh -c $u

#####################################
###   SMTP Mailer specification   ###
#####################################

#####  $Id: smtp.m4,v 8.65 2006/07/12 21:08:10 ca Exp $  #####

Code: 
blurr-ink# tail /usr/home/lego/procmail.log

blurr-ink# tail /root/procmail.log

blurr-ink#
 
i have a .procmailrc in both /root/ and /usr/home/lego/.... but I also have a .mailrc file in /usr/home/lego/ does that make a difference?? no it doesn't... just renamed it and tried again.. no luck
 
Don't put additions to your .mc file above the other settings, as the ones below will likely overrule or alter your additions. Try to keep the file in a logical running order (features with features, defines with defines, mailers with mailers, etc.), and remove/^dnl stuff you don't need.

The .procmailrc files should be owned by the user whose mail you're handling (so root-owned for mail to root -> ~root/.procmailrc, lego-owned for mail to lego -> ~lego/.procmailrc, etc.).
 
ok i deleted the too log files, because it says they would be created once i received some mail, and they hadn't so i made them, and now they are gone....... so, I made the changes to my mc file (arrangment and what not like you said) and make install restart again:
Code: 
Mlocal,         P=/usr/local/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
                T=DNS/RFC822/X-Unix,
                A=procmail -Y -a $h -d $u
Mprog,          P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
                T=X-Unix/X-Unix/X-Unix,
                A=sh -c $u

So, It looks like yours now... but still no logs when I send mail or when I recieve mail to the accounts

MC file now:
Code: 
#
# Copyright (c) 1983 Eric P. Allman
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
#    must display the following acknowledgement:
#       This product includes software developed by the University of
#       California, Berkeley and its contributors.
# 4. Neither the name of the University nor the names of its contributors
#    may be used to endorse or promote products derived from this software
#    without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#

#
#  This is a generic configuration file for FreeBSD 5.X and later systems.
#  If you want to customize it, copy it to a name appropriate for your
#  environment and do the modifications there.
#
#  The best documentation for this .mc file is:
#  /usr/share/sendmail/cf/README or
#  /usr/src/contrib/sendmail/cf/README
#

divert(0)
VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.34.2.3.2.1 2008/11/25 02:59:29 kensmith Exp $')
OSTYPE(freebsd6)
DOMAIN(generic)
INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
INPUT_MAIL_FILTER(`clmilter', `S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m')dnl
FEATURE(dnsbl,`sbl-xbl.spamhaus.org')dnl
FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
FEATURE(blacklist_recipients)
dnl FEATURE(local_lmtp)
FEATURE(local_procmail)
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')

dnl Uncomment to allow relaying based on your MX records.
dnl NOTE: This can allow sites to use your server as a backup MX without
dnl       your permission.
dnl FEATURE(relay_based_on_MX)

dnl DNS based black hole lists
dnl --------------------------------
dnl DNS based black hole lists come and go on a regular basis
dnl so this file will not serve as a database of the available servers.
dnl For that, visit
dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/

dnl Uncomment to activate Realtime Blackhole List
dnl information available at http://www.mail-abuse.com/
dnl NOTE: This is a subscription service as of July 31, 2001
dnl FEATURE(dnsbl)
dnl Alternatively, you can provide your own server and rejection message:
dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', ``"550 Mail from " $&{client_addr} " 
rejected, see http://mail-abuse.o

dnl Dialup users should uncomment and define this appropriately
dnl define(`SMART_HOST', `your.isp.mail.server')

dnl Uncomment the first line to change the location of the default
dnl /etc/mail/local-host-names and comment out the second line.
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
define(`confCW_FILE', `-o /etc/mail/local-host-names')

dnl Enable for both IPv4 and IPv6 (optional)
DAEMON_OPTIONS(`Name=IPv4, Family=inet')
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')

define(`confBIND_OPTS', `WorkAroundBrokenAAAA')
define(`confNO_RCPT_ACTION', `add-to-undisclosed')
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')
define(`confINPUT_MAIL_FILTERS', `clmilter,spamassassin')dnl
define('SMART_HOST','out.mnsi.net')
MAILER(local)
MAILER(smtp)
 
and the .procmailrc in /lego/ 'ee /usr/home/lego/.procmailrc'
Code: 
LOGFILE=$HOME/procmail.log
VERBOSE=yes

OK OK!!!!! Im a retard... the .procmailrc file in the /usr/home/lego was owned by root so it wasn't working... once I deleted it, and recreated it, I have a log file now. Now do I need the .procmailrc file in the /root/ folder???

Deleted the /root/.procmailrc file... when i send mail to root it gets forwarded to lego so it gets checked and loged ing lego's procmail.log
 
And your file permissions are in line with the user directory where .procmailrc is in, right? Does [cmd=]sendmail -bv lego[/cmd] indicate that the 'local' mailer is being used? Oh, and I'm assuming you restarted Sendmail, of course.
 
Ok, So I guess, the Next step would be putting some filters in the .procmailrc file?? so it sends stuff marked spam to the spam folder??
 
yes, i've restarted send mail :p yes mail is being sent proper now... was sending mail to root@blurr-ink.com and lego@blurr-ink.com, and both were delieverd to lego's box, and both showed up in the promail.log
Code: 
blurr-ink# sendmail -bv lego
lego... deliverable: mailer local, user lego
 
Ok, when the logfile works (showing that procmail actually handles local delivery), you can add rules. I posted the necessary manuals above. Make sure you use locks when dropping mail in mailboxes.
 
It shows up as
Code: 
:0[B][color="Red"]:[/color][/B]
  ^
in a procmail recipe. It will lock the mailbox being written to, so the next email will wait for the lock to be cleared.
 
Ok, did a quick google search for using procmail to process spam; found this: http://www1.cs.columbia.edu/~crf/howto/procmail-howto.html, which had this:
Code: 
#########################################################################
#                                                                       #
#               STANDARD .PROCMAILRC TO FILTER SPAM                     #
#                                                                       #
#               COMPUTER SCIENCE DEPARTMENT                             #
#                   COLUMBIA UNIVERSITY                                 #
#                                                                       #
#########################################################################

#### Customize the configuration to fit your need. *********
#
## Make sure that this file is only writable by the owner, otherwise
## procmail will not use it (considered "Suspicious" by procmail)
## and complain (silently to you) in the mail log file of the delivering
## machine.
#

# All folders (spam, log, procmailbackup) are in $MAILDIR/mail
MAILDIR=$HOME/mail

# Please empty the mail log ($MAILDIR/log) frequently because it gets very 
# big quickly. This file is a good place to check your filtered email to 
# make sure they are all spam.
LOGFILE=$MAILDIR/log
VERBOSE=off


##### uncomment below to keep backups of all incoming mail
#
# Uncomment the following 3 lines if you want to backup your mail 
# BEFORE filtering, please empty the folder frequently because it gets very 
# big, very quickly.

#BACKUPSPOOL=$MAILDIR/procmailbackup
#:0 c:
#$BACKUPSPOOL

# If email is marked with 90% or higher probability of being spam, filter it.
:0:
* ^X-PerlMx-Spam: Gauge=XXXXXXXXX

# Put the spam in $MAILDIR/spam.
# Please empty the spam folder frequently.
spam

##### or you can delete it
#/dev/null

############################## E N D ######################################

Thats not going to work for me is it?

Or This, But this kinda confusing to me considering spamassassin is already scanning mail isn't it?

http://www.bsdnet.us/doc/examples/F...assin on FreeBSD with Sendmail + Procmail.pdf
 
or I would use that script but change the X-Perl part to X-Spam-Status: YES or something like X-Spam-Level: ******* for 70% chance? And I just checked tail /var/log/maillog and spamassassin is scanning the emails
 
All the questions you're asking can only be answered by yourself, because you get to decide how Spamassassin handles email it considers to be spam. It either rejects it (meaning it won't enter your system at all) or it merely tags it (which means it will accept the email and add certain headers for you to process/filter with e.g. procmail). Just look at your configuration files and try to imagine the mail flow instead of staring blankly at other people's specific setups, which may or may not be applicable to your situation.
 
Yea, understood, I did look at that config, and realized it does exactly what I want it to do, all I changed was verbose=yes and X-Spam-Status: Yes to look for, if that doesn't work Im sure I can use the X-Spam-Level: ***** im assuming 1 * for each 10%.

oh and my home maildir was different, as was the logfile. so I fixed that. Now its just a waiting game to have some spam sent to me :p

my non-spam mail sends/receive's fine.
 
You may have to change that '*' character to something else (like 'S' or 'X') in SA, because it's quite difficult to match on '*' with e.g. procmail.
 
Im using the X-Spam-Status: Yes instead of the X-Spam-Level: ** at the moment. But I don't see it being a problem since that script has the Guage=**** and in the maillog i see X-Spam-Status: No, etc..... and on the next line X-Spam-Level: *, etc..... and Im pretty sure it's working properly now because in the maillog i just found.
Code: 
Sep 14 21:56:01 blurr-ink sm-mta[51563]: ruleset=check_relay, arg1=[189.152.134.200], 
arg2=127.0.0.4, relay=dsl-189-152-134-200-dyn.prod-infinitum.com.mx [189.152.134.200] 
(may be forged), reject=550 5.7.1 Rejected: 189.152.134.200 listed at sbl-xbl.spamhaus.org

So, Im assuming that because its listed on spamhaus it was rejected, so spam assassin didn't even pass it to procmail, but had it not been listed on spamhaus (like my dynamic mail server / I have to remove it when my ip resets everytime, but it works fine) it would have been marked spam and sent to the spam folder, right?


HEHE!!!!! Anyone want to send me a known test virus file, so I can verify that ClamAV will scan the file either before delivery or before I actually open it?? Please :p Seriously....
 
Another Mail that just came; maillog:
Code: 
Sep 14 22:02:25 blurr-ink sm-mta[51671]: n8F22INv051671: from=<qulat-hamburg@debitel.net>, size=1658, class=0, nrcpts=
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: connection from localhost [127.0.0.1] at port 61018
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: setuid to root succeeded
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: still running as root: user not specified with -u, not found, or set to
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: processing message <223765921.06763920415876@debitel.net> for root:65534
Sep 14 22:02:25 blurr-ink spamd[1177]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot c
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: clean message (3.5/5.0) for root:65534 in 0.1 seconds, 1973 bytes.
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: result: . 3 - DATE_IN_FUTURE_06_12,DIET_1,HTML_MESSAGE,RDNS_NONE scantim
Sep 14 22:02:25 blurr-ink sm-mta[51671]: n8F22INv051671: Milter add: header: X-Spam-Status: No, score=3.5 required=5.0
Sep 14 22:02:25 blurr-ink spamd[1176]: prefork: child states: II
Sep 14 22:02:25 blurr-ink sm-mta[51671]: n8F22INv051671: Milter add: header: X-Spam-Level: ***
Sep 14 22:02:25 blurr-ink sm-mta[51671]: n8F22INv051671: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.2.
Sep 14 22:02:25 blurr-ink sm-mta[51673]: n8F22INv051671: to=<lego@blurr-ink.com>, delay=00:00:01, xdelay=00:00:00, mai
Sep 14 22:02:37 blurr-ink imapd[51675]: Login user=Lego host=localhost [127.0.0.1]

procmail.log:
Code: 
procmail: [51674] Mon Sep 14 22:02:25 2009
procmail: No match on "^X-Spam-Status: Yes"
procmail: Bypassed locking "/var/mail/lego.lock"
procmail: Assigning "LASTFOLDER=/var/mail/lego"
procmail: Opening "/var/mail/lego"
procmail: Acquiring kernel-lock
procmail: Notified comsat: "lego@1594190:/var/mail/lego"
From qulat-hamburg@debitel.net  Mon Sep 14 22:02:25 2009
 Subject: G*et The power of A.cai wo_rking for you
  Folder: /var/mail/lego                                                   2188

So if I were to use X-Spam-Level: ***, in theory it should have gone to the spam folder....
 
Lego said:
So, Im assuming that because its listed on spamhaus it was rejected, so spam assassin didn't even pass it to procmail, but had it not been listed on spamhaus it would have been marked spam and sent to the spam folder, right?
Click to expand...

That's not certain at all. If SpamAssassin doesn't find anything wrong with the message (header and body checks), it will not mark it as spam. And, again: you have the choice to reject or accept/tag email. That's the fundamental choice between rejecting (not accepting at the SMTP stage) and tagging (accepting all email at the SMTP stage).

BTW: greylisting alone will stop 99% of spam (attempts), especially when combining it with blacklists.
 
Not quite sure I follow 100%, I'm going to wait until I've got a bunch of mail sent to me from various sources and see how it tags each one, then make a choice I guess...
 
ok So...mail just received....
/var/log/maillog:
Code: 
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: from=<quintonaltfarr@matthey.com>, size=4651, class=0, nrcpts=1, msgid=<892100635.03514595497328@mat
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: connection from localhost [127.0.0.1] at port 63998
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: setuid to root succeeded
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: processing message <892100635.03514595497328@matthey.com> for root:65534
Sep 17 16:24:47 blurr-ink spamd[1010]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /nonexistent/.spamas
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: identified spam (10.8/5.0) for root:65534 in 0.2 seconds, 5010 bytes.
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: result: Y 10 - DATE_IN_FUTURE_06_12,DIET_1,FH_HELO_EQ_D_D_D_D,FM_SEX_HELODDDD,HELO_DYNAMIC_DHCP,HELO_DYNAMIC_IP
Sep 17 16:24:47 blurr-ink spamd[964]: prefork: child states: II
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter add: header: X-Spam-Flag: YES
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter add: header: X-Spam-Status: Yes, score=10.8 required=5.0 tests=DATE_IN_FUTURE_06_12,DIET_1,\n
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter add: header: X-Spam-Level: **********
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on blurr-ink.com
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter change: header Content-Type: from  multipart/alternative;\n  boundary="----------C38D38D3F219
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter message: body replaced
Sep 17 16:24:47 blurr-ink sm-mta[53926]: n8HKOVC1053921: to=<lego@blurr-ink.com>, delay=00:00:01, xdelay=00:00:00, mailer=local, pri=38795, dsn=2.0.0, stat=Sent

procmail.log:
Code: 
procmail: [53927] Thu Sep 17 16:24:47 2009
procmail: Match on "^X-Spam-Status: Yes"
procmail: Locking "Junk.lock"
procmail: Assigning "LASTFOLDER=Junk/msg.GhiX"
procmail: Opening "Junk/msg.GhiX"
procmail: Acquiring kernel-lock
procmail: Unlocking "Junk.lock"
procmail: Notified comsat: "lego@0:/home/lego//Junk/msg.GhiX"
From quintonaltfarr@matthey.com  Thu Sep 17 16:24:47 2009
 Subject: Colo Cl'ean_se Plus has s.aved liv-es , let it help y-ours ,get your 
  Folder: Junk/msg.GhiX							   8894

But I didn't receive it to the spam folder....

.procmailrc:
Code: 
#########################################################################
#                                                                       #
#               STANDARD .PROCMAILRC TO FILTER SPAM                     #
#                                                                       #
#               COMPUTER SCIENCE DEPARTMENT                             #
#                   COLUMBIA UNIVERSITY                                 #
#                                                                       #
#########################################################################

#### Customize the configuration to fit your need. *********
#
## Make sure that this file is only writable by the owner, otherwise
## procmail will not use it (considered "Suspicious" by procmail)
## and complain (silently to you) in the mail log file of the delivering
## machine.
#

# All folders (spam, log, procmailbackup) are in $MAILDIR/mail
MAILDIR=$HOME/

# Please empty the mail log ($MAILDIR/log) frequently because it gets very
# big quickly. This file is a good place to check your filtered email to
# make sure they are all spam.
LOGFILE=$MAILDIR/procmail.log
VERBOSE=yes


##### uncomment below to keep backups of all incoming mail
#
# Uncomment the following 3 lines if you want to backup your mail
# BEFORE filtering, please empty the folder frequently because it gets very
# big, very quickly.

#BACKUPSPOOL=$MAILDIR/procmailbackup
#:0 c:
#$BACKUPSPOOL

# If email is marked with 90% or higher probability of being spam, filter it.
:0:
* ^X-Spam-Status: Yes

# Put the spam in $MAILDIR/spam.
# Please empty the spam folder frequently.
Junk

##### or you can delete it
#/dev/null

############################## E N D ######################################

I have mail folders in /usr/home/lego/
Code: 
.cshrc                  .mailboxlist            .rhosts                 Junk E-mail             WebalizerReports
.login                  .mailrc-backup          .shrc                   Saved                   procmail.log
.login_conf             .procmailrc             Drafts                  Sent                    spamhaus
.mail_aliases           .profile                Junk                    Trash

Shouldn't it have been sent to the Junk folder?? I did not receive the mail in my inbox or the Junk box....
 
You must log in or register to reply here.
Back
Top