SpamAssassin is not checking mails

[eduardo.mejia]

Hello Forum

Today I folllow the steps to add spamassassin to the new server http://help.directadmin.com/item.php?id=36
And when I see the ../exim/mainlog queue

I never found spamd process running.

tail -f /var/log/exim/mainlog

2012-04-03 16:54:18 1SFBgA-00080b-FH => prueba <[email protected]> F=<[email protected]> R=virtual_user T=virtual_localdelivery S=2422

2012-04-03 16:54:18 1SFBgA-00080b-FH Completed

2012-04-03 16:55:59 1SFBhn-000819-1r <= [email protected] H=mail-iy0-f176.google.com [209.85.210.176] P=esmtps X=TLSv1:RC4-SHA:128 S=1846 id=CALeGGkh919uF1-iw8Ma04FMfGWmvyCH00huKQdqve4E9vzC3vA@mail.gmail.com T="viagra" from <[email protected]> for [email protected]

2012-04-03 16:55:59 1SFBhn-000819-1r => prueba <[email protected]> F=<[email protected]> R=virtual_user T=virtual_localdelivery S=1964

2012-04-03 16:55:59 1SFBhn-000819-1r Completed

2012-04-03 17:50:37 exim 4.77 daemon started: pid=32353, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4)

2012-04-03 17:51:47 1SFCZn-0008Pz-Qm <= [email protected] H=mail-iy0-f176.google.com [209.85.210.176] P=esmtps X=TLSv1:RC4-SHA:128 S=2394 id=CALeGGkiQiWqO+tVR8nEtTTooi8sKkVUK-2_z0t=+Hq8ewrFFsw@mail.gmail.com T="viagra" from <[email protected]> for [email protected]

2012-04-03 17:51:48 1SFCZn-0008Pz-Qm => prueba <[email protected]> F=<[email protected]> R=virtual_user T=virtual_localdelivery S=2512

2012-04-03 17:51:48 1SFCZn-0008Pz-Qm Completed

2012-04-03 18:01:15 exim 4.77 daemon started: pid=32464, -q1h, listening for SMTP on port 25 (IPv6 and IPv4) port 587 (IPv6 and IPv4) and for SMTPS on port 465 (IPv6 and IPv4)

ps aux | grep spamd
root 26246 0.0 1.1 37368 34996 ?? Ss 8:53AM 0:09.47 /usr/bin/spamd -d -c -m 15 (perl)
root 26247 0.0 1.1 37368 35000 ?? I 8:53AM 0:00.08 spamd child (perl)
root 26248 0.0 1.1 37368 35000 ?? I 8:53AM 0:00.09 spamd child (perl)
root 32600 0.0 0.0 3368 1216 p1 S+ 6:07PM 0:00.01 grep spamd
[root@perseus /home/admin/.spamassassin]#

Just In case I've update Exim follow this steps http://help.directadmin.com/item.php?id=51
And this....http://help.directadmin.com/item.php?id=117 But the problem persists.

Can somebody give me your help

Thank You very Much

 

[zEitEr]

Hello,

Make sure SpamAssassin is enabled for da-domain.com (check it on user level).

 

[eduardo.mejia]

Hello.
The Option of SpamAssassin is enabled by default for all users.
Even the user was migrated from a server is running spamd normally.



Thank You.

 

[eduardo.mejia]

When I run.

# /usr/bin/spamd
Apr 4 11:24:24.612 [38928] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:25.622 [38928] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:26.632 [38928] warn: server socket setup failed, retry 3: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:27.642 [38928] warn: server socket setup failed, retry 4: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:28.652 [38928] warn: server socket setup failed, retry 5: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:29.662 [38928] warn: server socket setup failed, retry 6: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:30.672 [38928] warn: server socket setup failed, retry 7: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
Apr 4 11:24:31.682 [38928] warn: server socket setup failed, retry 8: spamd: could not create INET socket on 127.0.0.1:783: Address already in use

 

[zEitEr]

spamd is a daemon, you should use

service exim restart

to restart spamd, as well as stop and start

 

[eduardo.mejia]

Hello
I did this procedure.

But I can find other and change the Socket Spamd use to connect with 127.0.0.1

[root@perseus /mega/home/eduardo]# /usr/bin/spamd -d -c -m 15 -p 10025
[root@perseus /mega/home/eduardo]#

And now the mails are checked by Spamd.

2012-04-04 12:14:05 1SFTmX-000AGL-LV <= [email protected] H=mail-yw0-f48.google.com [209.85.213.48] P=esmtps X=TLSv1:RC4-SHA:128 S=4255 id=CALeGGkg4Gj5iTn9eubbhJfqB0zeMSvOM2Pc+FN+xGrm-7Qi1AA@mail.gmail.com T="Re: viagra1" from <[email protected]> for [email protected]

2012-04-04 12:14:07 1SFTmX-000AGO-Q5 <= [email protected] U=mail P=spam-scanned S=4719 id=CALeGGkg4Gj5iTn9eubbhJfqB0zeMSvOM2Pc+FN+xGrm-7Qi1AA@mail.gmail.com T="Re: viagra1" from <[email protected]> for [email protected]

2012-04-04 12:14:07 1SFTmX-000AGO-Q5 => prueba <[email protected]> F=<[email protected]> R=virtual_user T=virtual_localdelivery S=4837

2012-04-04 12:14:07 1SFTmX-000AGO-Q5 Completed

2012-04-04 12:14:07 1SFTmX-000AGL-LV => prueba <[email protected]> F=<[email protected]> R=spamcheck_director T=spamcheck S=4588

2012-04-04 12:14:07 1SFTmX-000AGL-LV Completed

But I can't find what process is using 783 Spamd's default port.
How can I set manually this?

Best Regards

 

[zEitEr]

OK, run this

# grep spamd /etc/init.d/exim

and if you see something like this

        #if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -d -c -m 5 1>/dev/null 2>/dev/null; fi
        #if [ -e /usr/bin/spamd ]; then killall -9 spamd 1>/dev/null 2>/dev/null; fi

change the lines in /etc/init.d/exim to

        if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -d -c -m 5 1>/dev/null 2>/dev/null; fi
        if [ -e /usr/bin/spamd ]; then killall -9 spamd 1>/dev/null 2>/dev/null; fi

and restart exim.

To find, which process is bind to a port 783, run this

lsof -i:783

Install lsof if you have not it.

 

[eduardo.mejia]

Hello.
I have this

# grep spamd /usr/local/etc/rc.d/exim
if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -d -c -m 5 1>/dev/null 2>/dev/null; fi
killall -9 spamd 1>/dev/null 2>/dev/null

I kill the process attached to 783 port (was 3) and 10025 too, just in case.

Well, after that I restarted exim

And now the mails are passing normally

2012-04-04 13:35:33 1SFV3I-0000qv-0F DKIM: d=gmail.com s=20120113 c=relaxed/relaxed a=rsa-sha256 [verification succeeded]

2012-04-04 13:35:33 1SFV3I-0000qv-0F <= [email protected] H=mail-wi0-f170.google.com [209.85.212.170] P=esmtps X=TLSv1:RC4-SHA:128 S=2480 id=CAFfG9cJ3BxjO2wvy7akH4b0+pWJovpR7NOXjtEPpbAqrt62YQg@mail.gmail.com T="hola como estas" from <[email protected]> for prueba@diradmin_domain.com

2012-04-04 13:35:35 1SFV3N-0000qy-Bw <= [email protected] U=mail P=spam-scanned S=2955 id=CAFfG9cJ3BxjO2wvy7akH4b0+pWJovpR7NOXjtEPpbAqrt62YQg@mail.gmail.com T="hola como estas" from <[email protected]> for prueba@diradmin_domain.com

2012-04-04 13:35:35 1SFV3N-0000qy-Bw => prueba <prueba@diradmin_domain.com> F=<[email protected]> R=virtual_user T=virtual_localdelivery S=3070

2012-04-04 13:35:35 1SFV3N-0000qy-Bw Completed

2012-04-04 13:35:35 1SFV3I-0000qv-0F => prueba <prueba@diradmin_domain.com> F=<[email protected]> R=spamcheck_director T=spamcheck S=2824

2012-04-04 13:35:35 1SFV3I-0000qv-0F Completed


2012-04-04 13:35:49 1SFV3c-0000r5-PZ <= sender2@sender_dom2.com H=mail-iy0-f176.google.com [209.85.210.176] P=esmtps X=TLSv1:RC4-SHA:128 S=93303 id=CALeGGkg3A+9si61cSqsCNv-Hg--bDKSnSFCKe5mbYO-6b1u-8g@mail.gmail.com T="HOLA EDUARD" from <sender2@sender_dom2.com> for prueba@diradmin_domain.com

2012-04-04 13:35:51 1SFV3d-0000r8-BM <= sender2@sender_dom2.com U=mail P=spam-scanned S=93741 id=CALeGGkg3A+9si61cSqsCNv-Hg--bDKSnSFCKe5mbYO-6b1u-8g@mail.gmail.com T="HOLA EDUARD" from <sender2@sender_dom2.com> for prueba@diradmin_domain.com

2012-04-04 13:35:51 1SFV3d-0000r8-BM => prueba <prueba@diradmin_domain.com> F=<sender2@sender_dom2.com> R=virtual_user T=virtual_localdelivery S=93859

2012-04-04 13:35:51 1SFV3d-0000r8-BM Completed

2012-04-04 13:35:51 1SFV3c-0000r5-PZ => prueba <prueba@diradmin_domain.com> F=<sender2@sender_dom2.com> R=spamcheck_director T=spamcheck S=93610

2012-04-04 13:35:51 1SFV3c-0000r5-PZ Completed

I willl continue testing and testing if I found something weird I will post.


THANK YOU VERY MUCH
TO ALL

Best Regards

Lima - Peru