[CLOSED] alternatives to Spamassassin?

[trossachs]

I am having difficulties with Spamassassin and in the same way that I lept forth from the Sendmail train in order to take up the last late night shuttle with Postfix, I am looking for an alternative to the proprietary Spam destroyer.

So pls can you any of you post your pro's and cons in order that all, myself included, can benefit from your vast experiences.

It would probabaly be wise to note that I have various header_checks enabled with Postfix. The relevant section of my main.cf is noted below:

[Dr_Stein]

What problems are you having with SpamAssassin? It's also not proprietary at all, and is quite flexable.

I'd take a look at www.securitysage.com - lots of Postfix information and free *_checks files. Quite useful stuff.

Also, you might want to check out http://www.exit0.us - the SpamAssassin Wiki. Additional rulesets can be found there.

[trossachs]

It is with securitysage.com that I have sorted out my header and mime checks. They do work quite well although, securitysage are now moving away from the header_check system and are now posting shorter versions.

I just can't seem to get SA to work even though I have emerged it. And also, I can find no easy config files or web pages that I can go to for easy documentation. Can you advise on this point?

[Chris W]

Without knowing what difficulty you are having we are unable to give specific assistance. What do:

[Dr_Stein]

Oh, geez.. what would you like to do with it?
What kind of hardware?
How much mail will pass through it every day?

Lots of stuff you can do.. have procmail call "spamassassin," run the spamd daemon and pass mail through it, have the MTA (Postfix, whatever) pass the mail through SpamAssassin, all kinds of stuff.

Let us know what you'd like to do with it, and perhaps we can help.
What problems did you have when trying to emerge spamassassin?

[trossachs]

OK. I have spamd working in the background, but Spamassassin does not identify any of the spam that gets thru to my maildir's.

For example, at the bottom of my .procmailrc file, I have the following entry for SA:

[ivor_orrible]

If you are running spamd you need to feed mail to spamc not spamassasin
spamassasin is a perl script and spamd and spamc are binaries that run faster
for systems with a high load.
Try feeding to spamc are stop spamd and try it.

Ivor Cave

[trossachs]

Thx for this Ivor, but I would I direct Postfix or Procmail to send all mail to be processed thru spamd before I see it and then to put all suspected spam mail into my .SPAMMERS_BEWARE maildir?

Also, where does Razor come into the equasion or does it not?

[ivor_orrible]

[trossachs]

SA should mark up my subject with *****SPAM***** if it detects something, but this is not happening. So am I to assume that spamd does not work? The spamd daemon is currently active but not doing anything.

What is your own setup like and how does SA report the interception of mail?

[ivor_orrible]

[nevynxxx]

As far as I know Jules you have to Train spam assasin to recognise spam. Though I have never used it. It should tag all messages it sees with some headers, but only ones it recognises will get the subject line tagged. Look for spamassasin stuff in the headers to see if it is processing.

As for not getting the tags in the subject, if you havn't trained it it wont think anything is spam, hence it wont tag the subject. I have some good docs on this at work, I will mail you a link tomorrow
_________________
My Public Key

Wanted: Instructor in the art of Bowyery

[Dr_Stein]

7.5 is kind of high for a score, too.. try lowering that to 5.0 (default) and restart spamd.

Also, the others are right.. you'd be better off piping it to spamc via procmailrc (system wide)

Check www.spamassassin.org too - some sample procmailrc stuff there.

[trossachs]

OK cool. Have taken all of your very welcome advice on board, especially what was said about the global reference to .procmailrc. Guess we now have to wait and see what happens.

Does spamassassin need to 'get updates' on new spamming methods, or will the internal rules and recipes that were installed with it surfice for some considerable time? The reason I ask is that as with Virus software, new spamming methods are deployed all the time. How will SA keep up with this?

PS: Btw, on a completely separate note, by placing my .vimrc and .viminfo files in /etc, will this ensure that all usr's get the same settings for use with Vim?

[Dr_Stein]

Oh, I forgot to tell you one thing - bayes won't kick in until it's learned from 200 SPAM and 200 HAM.

you can use "sa-learn" and teach it from your spam & ham.

ie: sa-learn --spam --showdots --dir /home/vmail/blah.com/spam/.maildir (or whatever directory your spam is sitting in)

Check www.exit0.us for "RulesDuJour" - the closest thing to automatic rule updates. Run it out of cron every week... it'll download updated rulesets that volunteers have contributed.

[trossachs]

I will have to check this out. I have placed the .procmailrc file in /etc, but when I return to my machine I find that no mail has been delivered for the last 2 hrs! The maillog shows lots of mail, but none in the maildirs; so I have had to put the .procmailrc file back into the $home directory.

Should I leave an empty .procmailrc file in the $home directory and place the correct file in /etc?

[ivor_orrible]

[en_jones]

if you want it to add ****SPAM**** to your subject line then you might want to try changing the rewrite_subject 0 to a 1 (indicating a TRUE boolean value).

[swimmer]

[trossachs]

Thx en_jones. I have made this change and restarted spamd. Will see in the morning if any spam comes printed with this text in the subject line.

What should I put in .procmailrc to ensure that all spam mail get's sent directly into a certain maildir; except to do the usual:

[trossachs]

Well, I have looked at my mail all day today and no mail has been identified as being spam mail. Spam still populates my INBOX as ever before. Any ideas as to why this could be? thanks.

[Chris W]

You have increased the spam threshold from the default 5 to 7.5, which is probably part of the problem. Pick a spam message from your inbox and feed it to spamassassin thus:

[trossachs]

Thanks for this Chris as I had no idea how to feed into into SA until your good example. The prob I have is that I have looked at the msg id of a particular spam message:

[trossachs]

OK, I have isolated a spam msg in a separate maildir and put the id within /cur into SA as per your example. The output is simply gumpf and not the detailed SA report that your example demonstrated.

Such as:

[Chris W]

Hmm, I have a standard Spam Assassin 2.63 install from portage. No changes in configuration files, no local config etc. Perhaps you only get the detailed report on items identified as spam.

Try running with a -t option.
_________________
Cheers,
Chris W
"Common sense: The collection of prejudices acquired by age 18." -- Einstein