SpamAssassin is not checking mails

eduardo.mejia

Verified User
Joined
Mar 30, 2012
Messages
15
Hello Forum

Today I folllow the steps to add spamassassin to the new server http://help.directadmin.com/item.php?id=36
And when I see the ../exim/mainlog queue

I never found spamd process running.


tail -f /var/log/exim/mainlog

2012-04-03 16:54:18 1SFBgA-00080b-FH => prueba <prueba@da-domain.com> F=<user@senderdomain.com> R=virtual_user T=virtual_localdelivery S=2422

2012-04-03 16:54:18 1SFBgA-00080b-FH Completed

2012-04-03 16:55:59 1SFBhn-000819-1r <= user@senderdomain.com H=mail-iy0-f176.google.com [209.85.210.176] P=esmtps X=TLSv1:RC4-SHA:128 S=1846 id=CALeGGkh919uF1-iw8Ma04FMfGWmvyCH00huKQdqve4E9vzC3vA@mail.gmail.com T="viagra" from <user@senderdomain.com> for prueba@da-domain.com

2012-04-03 16:55:59 1SFBhn-000819-1r => prueba <prueba@da-domain.com> F=<user@senderdomain.com> R=virtual_user T=virtual_localdelivery S=1964

2012-04-03 16:55:59 1SFBhn-000819-1r Completed

2012-04-03 17:50:37 exim 4.77 daemon started: pid=32353, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4)

2012-04-03 17:51:47 1SFCZn-0008Pz-Qm <= user@senderdomain.com H=mail-iy0-f176.google.com [209.85.210.176] P=esmtps X=TLSv1:RC4-SHA:128 S=2394 id=CALeGGkiQiWqO+tVR8nEtTTooi8sKkVUK-2_z0t=+Hq8ewrFFsw@mail.gmail.com T="viagra" from <user@senderdomain.com> for prueba@da-domain.com

2012-04-03 17:51:48 1SFCZn-0008Pz-Qm => prueba <prueba@da-domain.com> F=<user@senderdomain.com> R=virtual_user T=virtual_localdelivery S=2512

2012-04-03 17:51:48 1SFCZn-0008Pz-Qm Completed

2012-04-03 18:01:15 exim 4.77 daemon started: pid=32464, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)
ps aux | grep spamd
root 26246 0.0 1.1 37368 34996 ?? Ss 8:53AM 0:09.47 /usr/bin/spamd -d -c -m 15 (perl)
root 26247 0.0 1.1 37368 35000 ?? I 8:53AM 0:00.08 spamd child (perl)
root 26248 0.0 1.1 37368 35000 ?? I 8:53AM 0:00.09 spamd child (perl)
root 32600 0.0 0.0 3368 1216 p1 S+ 6:07PM 0:00.01 grep spamd
[root@perseus /home/admin/.spamassassin]#
Just In case I've update Exim follow this steps http://help.directadmin.com/item.php?id=51
And this....http://help.directadmin.com/item.php?id=117 But the problem persists.

Can somebody give me your help

Thank You very Much
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,932
Location
GMT +7.00
Hello,

Make sure SpamAssassin is enabled for da-domain.com (check it on user level).
 

eduardo.mejia

Verified User
Joined
Mar 30, 2012
Messages
15
Hello.
The Option of SpamAssassin is enabled by default for all users.
Even the user was migrated from a server is running spamd normally.



Thank You.
 

eduardo.mejia

Verified User
Joined
Mar 30, 2012
Messages
15
When I run.


# /usr/bin/spamd
Apr 4 11:24:24.612 [38928] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:25.622 [38928] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:26.632 [38928] warn: server socket setup failed, retry 3: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:27.642 [38928] warn: server socket setup failed, retry 4: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:28.652 [38928] warn: server socket setup failed, retry 5: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:29.662 [38928] warn: server socket setup failed, retry 6: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:30.672 [38928] warn: server socket setup failed, retry 7: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:31.682 [38928] warn: server socket setup failed, retry 8: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
:confused:
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,932
Location
GMT +7.00
spamd is a daemon, you should use

Code:
service exim restart
to restart spamd, as well as stop and start
 

eduardo.mejia

Verified User
Joined
Mar 30, 2012
Messages
15
Hello
I did this procedure.

But I can find other and change the Socket Spamd use to connect with 127.0.0.1


[root@perseus /mega/home/eduardo]# /usr/bin/spamd -d -c -m 15 -p 10025
[root@perseus /mega/home/eduardo]#
And now the mails are checked by Spamd.

2012-04-04 12:14:05 1SFTmX-000AGL-LV <= user@senderdomain.com H=mail-yw0-f48.google.com [209.85.213.48] P=esmtps X=TLSv1:RC4-SHA:128 S=4255 id=CALeGGkg4Gj5iTn9eubbhJfqB0zeMSvOM2Pc+FN+xGrm-7Qi1AA@mail.gmail.com T="Re: viagra1" from <user@senderdomain.com> for prueba@da-domain.com

2012-04-04 12:14:07 1SFTmX-000AGO-Q5 <= user@senderdomain.com U=mail P=spam-scanned S=4719 id=CALeGGkg4Gj5iTn9eubbhJfqB0zeMSvOM2Pc+FN+xGrm-7Qi1AA@mail.gmail.com T="Re: viagra1" from <user@senderdomain.com> for prueba@da-domain.com

2012-04-04 12:14:07 1SFTmX-000AGO-Q5 => prueba <prueba@da-domain.com> F=<user@senderdomain.com> R=virtual_user T=virtual_localdelivery S=4837

2012-04-04 12:14:07 1SFTmX-000AGO-Q5 Completed

2012-04-04 12:14:07 1SFTmX-000AGL-LV => prueba <prueba@da-domain.com> F=<user@senderdomain.com> R=spamcheck_director T=spamcheck S=4588

2012-04-04 12:14:07 1SFTmX-000AGL-LV Completed

But I can't find what process is using 783 Spamd's default port.
How can I set manually this?

Best Regards
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,932
Location
GMT +7.00
OK, run this


Code:
# grep spamd /etc/init.d/exim
and if you see something like this

Code:
        #if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -d -c -m 5 1>/dev/null 2>/dev/null; fi
        #if [ -e /usr/bin/spamd ]; then killall -9 spamd 1>/dev/null 2>/dev/null; fi
change the lines in /etc/init.d/exim to

Code:
        if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -d -c -m 5 1>/dev/null 2>/dev/null; fi
        if [ -e /usr/bin/spamd ]; then killall -9 spamd 1>/dev/null 2>/dev/null; fi
and restart exim.

To find, which process is bind to a port 783, run this
Code:
lsof -i:783
Install lsof if you have not it.
 

eduardo.mejia

Verified User
Joined
Mar 30, 2012
Messages
15
Hello.
I have this



# grep spamd /usr/local/etc/rc.d/exim
if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -d -c -m 5 1>/dev/null 2>/dev/null; fi
killall -9 spamd 1>/dev/null 2>/dev/null
I kill the process attached to 783 port (was 3) and 10025 too, just in case.

Well, after that I restarted exim

And now the mails are passing normally :cool:



2012-04-04 13:35:33 1SFV3I-0000qv-0F DKIM: d=gmail.com s=20120113 c=relaxed/relaxed a=rsa-sha256 [verification succeeded]

2012-04-04 13:35:33 1SFV3I-0000qv-0F <= sender1@senderdom1.com H=mail-wi0-f170.google.com [209.85.212.170] P=esmtps X=TLSv1:RC4-SHA:128 S=2480 id=CAFfG9cJ3BxjO2wvy7akH4b0+pWJovpR7NOXjtEPpbAqrt62YQg@mail.gmail.com T="hola como estas" from <sender1@senderdom1.com> for prueba@diradmin_domain.com

2012-04-04 13:35:35 1SFV3N-0000qy-Bw <= sender1@senderdom1.com U=mail P=spam-scanned S=2955 id=CAFfG9cJ3BxjO2wvy7akH4b0+pWJovpR7NOXjtEPpbAqrt62YQg@mail.gmail.com T="hola como estas" from <sender1@senderdom1.com> for prueba@diradmin_domain.com

2012-04-04 13:35:35 1SFV3N-0000qy-Bw => prueba <prueba@diradmin_domain.com> F=<sender1@senderdom1.com> R=virtual_user T=virtual_localdelivery S=3070

2012-04-04 13:35:35 1SFV3N-0000qy-Bw Completed

2012-04-04 13:35:35 1SFV3I-0000qv-0F => prueba <prueba@diradmin_domain.com> F=<sender1@senderdom1.com> R=spamcheck_director T=spamcheck S=2824

2012-04-04 13:35:35 1SFV3I-0000qv-0F Completed


2012-04-04 13:35:49 1SFV3c-0000r5-PZ <= sender2@sender_dom2.com H=mail-iy0-f176.google.com [209.85.210.176] P=esmtps X=TLSv1:RC4-SHA:128 S=93303 id=CALeGGkg3A+9si61cSqsCNv-Hg--bDKSnSFCKe5mbYO-6b1u-8g@mail.gmail.com T="HOLA EDUARD" from <sender2@sender_dom2.com> for prueba@diradmin_domain.com

2012-04-04 13:35:51 1SFV3d-0000r8-BM <= sender2@sender_dom2.com U=mail P=spam-scanned S=93741 id=CALeGGkg3A+9si61cSqsCNv-Hg--bDKSnSFCKe5mbYO-6b1u-8g@mail.gmail.com T="HOLA EDUARD" from <sender2@sender_dom2.com> for prueba@diradmin_domain.com

2012-04-04 13:35:51 1SFV3d-0000r8-BM => prueba <prueba@diradmin_domain.com> F=<sender2@sender_dom2.com> R=virtual_user T=virtual_localdelivery S=93859

2012-04-04 13:35:51 1SFV3d-0000r8-BM Completed

2012-04-04 13:35:51 1SFV3c-0000r5-PZ => prueba <prueba@diradmin_domain.com> F=<sender2@sender_dom2.com> R=spamcheck_director T=spamcheck S=93610

2012-04-04 13:35:51 1SFV3c-0000r5-PZ Completed
I willl continue testing and testing if I found something weird I will post.


THANK YOU VERY MUCH
TO ALL

Best Regards

Lima - Peru
 
Top