Spamassassin letting lots of (obvious) spam through

M

Mattie

Verified User
Joined
Jun 1, 2008
Messages
123
Hi all,

I have spamassassin (and DA in general) running for 5+ year and I've never had big issues with spamassassin. However a month of 2 ago I started to see lots of spam getting in my inbox. I tried several things, from updating spamassassin to creating the "teach-isspam" folder and a cron reading it every hour however noting seems te be helping.

For example an email message (including header) what is obvious spam to me:
http://pastebin.com/YNspwaWm
(for obvious anti-spam reasons I masked my email address)

X-Spam-Status: No, score=0.0 required=5.0 tests=AC_BR_BONANZA,DKIM_SIGNED,
DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,HTML_IMAGE_ONLY_32,HTML_MESSAGE
autolearn=ham autolearn_force=no version=3.4.0
Click to expand...

So it seems as it is not detected as spam. But why?

An other message for example:
http://pastebin.com/tNN2gMtZ

X-Spam-Level: ****
X-Spam-Status: No, score=4.1 required=5.0 tests=DKIM_ADSP_NXDOMAIN,DKIM_SIGNED,
DKIM_VALID,FORGED_MUA_MOZILLA,HTML_MESSAGE,HTML_MIME_NO_HTML_TAG,
MIME_HTML_ONLY,SUBJ_DOLLARS autolearn=no autolearn_force=no version=3.4.0
Click to expand...

My limit is set to 5 so I can understand this message is in my inbox, but I never had mails like this (again it is so obvious spam) in my mailbox. Did the spammers become smarter? Is spamassassin not "the" tool anymore?

If I send a message with the "GTUBE" text in it the message is correctly put into the spam folder.

Also to confirm it is running:

root@vps:~# ps auxf | grep spamd
root 20500 0.0 0.0 1892 584 pts/0 S+ 10:10 0:00 \_ grep spamd
root 20998 0.0 0.2 44756 3084 ? Ss May11 1:06 /usr/bin/spamd -d -c -m 15
root 21011 0.0 0.1 50160 1152 ? S May11 0:03 \_ spamd child
root 3462 0.0 3.6 64612 38552 ? S May13 0:46 \_ spamd child
Click to expand...

Can anybody point me in the right direction on how to be spam-free again :)
 
Perhaps SPAM fighting is more complicated nowadays, or the linkage between the various tools is not working properly anymore. I have problems with EasySpamFighter (ESF) not working (see https://forum.directadmin.com/showthread.php?t=53249&p=273149).

High scores should be given to obvious spam (e.g. rDNS not working) but this does not get added to the tally. Perhaps a different (less sensitive to soft failure) spam solution should be considered? I am getting a lot of complaints from customers about the sharp rise in spam and not much can be done if the tools don't work as they are supposed to (to avoid correct emails from being deleted).
 
You must log in or register to reply here.
Back
Top