Spamassassin 3.03, ClamAV 0.84

[interfasys]

ClamAV 0.84:
This version improves detection of JPEG (MS04-028) based exploits, introduces support for TNEF files and new detection mechanisms. Various bugfixes (including problems with scanning of digest mail files) and improvements have been made.

Spamassassin 3.03:
- Fixed possible memory bloat from large AutoWhitelist db files
- Fixed where user defined rules scores became ignored
- Updated parsing code for several Received: header formats
- Increased some BAYES_* scores for the network+bayes score set
- Document set_tag for Plugin API and added get_tag
- Additional bug fixes.

 

[dannygoh]

Anyone have instruction to upgrade both package?

 

[servertweak]

2nd this request

 

[werwin01]

Here's for SpamAssassin.
I'm running FreeBSD 5.3.

cd /usr/local/directadmin/scripts/
pico spam.sh

Gonna have to change the version

VERSION=3.0.3

Change where we get the file, edit it.

WEBPATH=http://apache.seekmeup.com/spamassassin/source

Exit and save.
Then run the script

./spam.sh

 

[sander815]

does this also apply when upgrading from 2.63?

 

[werwin01]

does this also apply when upgrading from 2.63?

It should work, so yes.

 

[servertweak]

upgraded CentOS 3.4

 

[plugin]

update from 3.0.0 to 3.0.3 successful on RH90: Exim 4.50-2 + Spamassassin, ClamAV not yet tried.

 

[vandal]

is anyone having problems with SA? every week or so (seems random) users start getting error messages and the exim mainlog shows the message coming in but never being completed.

i have a bunch of funny exim processess when this is going on like messages are being stuck but i can't figure out what is causing it, just that it has something to do with spam assassin.

ps aux | grep exim

mail 16328 0.0 0.0 6576 1840 ? S 19:21 0:00 /usr/sbin/exim -bd -q15m -oP /var/run/exim.pid

root 16517 0.0 0.1 6588 2204 ? S 19:22 0:00 /usr/sbin/exim -Mc 1DSlAw-0004IN-2n

mail 16518 0.0 0.1 6592 2228 ? S 19:22 0:00 /usr/sbin/exim -Mc 1DSlAw-0004IN-2n

mail 16519 0.0 0.0 6580 1836 ? S 19:22 0:00 /usr/sbin/exim -oMr spam-scanned -bS

mail 16520 0.0 0.1 6592 2224 ? S 19:22 0:00 /usr/sbin/exim -Mc 1DSlAw-0004IN-2n

mail 16522 0.0 0.0 0 0 ? Z 19:22 0:00 [exim <defunct>]

mail 16596 0.0 0.1 6608 2092 ? S 19:24 0:00 /usr/sbin/exim -bd -q15m -oP /var/run/exim.pid

root 16606 0.0 0.1 6580 2200 ? S 19:24 0:00 /usr/sbin/exim -Mc 1DSlDL-0004Jo-69

mail 16607 0.0 0.1 6584 2224 ? S 19:24 0:00 /usr/sbin/exim -Mc 1DSlDL-0004Jo-69

mail 16609 0.0 0.0 6580 1836 ? S 19:24 0:00 /usr/sbin/exim -oMr spam-scanned -bS

mail 16610 0.0 0.1 6584 2220 ? S 19:24 0:00 /usr/sbin/exim -Mc 1DSlDL-0004Jo-69

mail 16612 0.0 0.0 0 0 ? Z 19:24 0:00 [exim <defunct>]

mail 16662 0.0 0.1 6636 2092 ? S 19:25 0:00 /usr/sbin/exim -bd -q15m -oP /var/run/exim.pid

root 16671 0.0 0.0 3688 664 pts/0 S 19:25 0:00 grep exim


i'm using exim 4.5 / SA 3.0.2 and 3.0.3 both do the same thing. only way to fix it is to remove the spam assassin directives from exim.conf.

oh yes i have the latest exim.conf/exim.pl from files.directadmin.com/services/

 

[blacknight]

If you are still running the 2.6* series of SA then you should read the UPGRADE file which ships with the download. There are significant changes between the two versions and your Bayes will stop working unless you follow the instructions for upgrading.

 

[qlsys]

Hi,

Upgraded without any problems
(OS: Fedora Core 3)

Regards,

 

[ballyn]

I just noticed that at some point recently my SA 3.0.3 install on Centos 3.4 stopped doing any dns tests. Looking closely, this is apparently because I didn't have a current version of the perl Net-DNS module. Nothing was failing, but none of the RBL tests were ocurring...

I also noticed that the DA install doesn't install the prerequisites for SPF testing, even though it's enabled in init.pre. To enable spf, you'll need to install:

perl-Sys-Hostname-Long-1.2-1.rhel3.noarch.rpm
perl-Net-CIDR-Lite-0.15-3.rhel3.noarch.rpm
perl-Mail-SPF-Query-1.997-4.rhel3.noarch.rpm

I grabbed them from:
http://www.city-fan.org/ftp/contrib/perl-modules/RPMS.rhel3/

To test if SA is working as you expect, call spamassassin -D rbl=-3 then paste in a raw e-mail and hit ctrl-d.

 

[Titam]

I would like to custom the message received when spamassassin detects a SPAM. Do you know how to do ?

Thanks

 

[matrixx]

I would like to custom the message received when spamassassin detects a SPAM. Do you know how to do ?

Thanks

Theres a setting in the user level control panel to custom the subject line.

Rob

 

[Titam]

Theres a setting in the user level control panel to custom the subject line.

Rob

This line is only for the subject line, i have ever changed this line.

Now when a spam is detected, that is send :

------------------ Début de Rapport SpamAssassin ---------------------
Ce message est probablement du SPAM (message non sollicité envoyé en
masse, publicité, escroquerie...).

Cette notice a été ajoutée par le système d'analyse "SpamAssassin" sur
votre serveur de courrier pour vous
aider à identifier ce type de messages.

Le système SpamAssassin ajoute un en-tête "X-Spam-Flag: YES" aux
messages qu'il considère comme étant probablement du Spam.
Vous pouvez si vous le souhaitez utiliser cette caractéristique
pour régler un filtre dans votre logiciel de lecture de courrier,
afin de détruire ou de classer à part ce type de message.

Si ce robot a classifié incorrectement un message qui vous était
destiné, ou pour toute question, veuillez contacter l'administrateur
du système par e-mail à the administrator of that system .

Voir http://spamassassin.apache.org/tag/ pour plus de détails (en anglais).

Détails de l'analyse du message: (9.3 points, 5.0 requis)
2.8 HELO_DYNAMIC_IPADDR Relay HELO'd using suspicious hostname (IP addr 1)
1.1 FORGED_HOTMAIL_RCVD2 From hotmail.com, mais sans "Received:"
1.4 DOMAIN_RATIO BODY: Message body mentions many internet domains
0.0 HTML_MESSAGE BODY: HTML inclus dans le message
2.0 HTML_IMAGE_ONLY_08 BODY: HTML contient images avec 600 à 800 octets de texte
1.0 HTML_FONT_LOW_CONTRAST BODY: Police HTML de la même couleur que le fond
1.2 MIME_HTML_ONLY BODY: Le message possède uniquement des parties MIME text/html

-------------------- Fin de Rapport SpamAssassin ---------------------

Le message original n'étant pas au format text brut, il est peut-être
dangereux de l'ouvrir avec votre logiciel e-mail ; en particulier il
pourrait contenir un virus, ou confirmer à l'expéditeur que votre
adresse e-mail est active, et peut recevoir du spam. Si vous voulez
lire ce message, et n'êtes pas certain de la sécurité de votre logiciel
e-mail, il est plus prudent d'enregistrer ce message sur votre disque
dur, et de l'afficher ensuite avec un éditeur de texte.

And it's this message i would like to change

 

[sander815]

what more needs to be changed when upgrading from SA 2.x to 3.x?

 

[MagnuM]

Installed SA and working good on RHEL AS3!

Many thanks!

 

[blueice]

any info for clamav? the latest exim (4.51) support this. need just some config in exim.conf.
Any info for this?

 

[sander815]

when i upgrade to 3.03 from 2.64, do i also have to edit the startupscript in /etc/rc.d/init.d/spamd?

caus it still starts with /usr/bin/spamd -d -a -c -m 5

 

[Chrysalis]

remove the -a and should be all good.