#amavis — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #amavis, aggregated by home.social.
-
Request for advice from Linux sysadmins with Postfix-based mail stack experience:
I've set up a new mail stack on Ubuntu Server 24.04, with Postfix, Dovecot, OpenDMARC, OpenDKIM, Postscreen, Postgrey and Postwhite, and it's all working fine. Now I want to add on virus scanning with ClamAV and spam checking.
In the past, I used Amavis and SpamAssassin.
Now, ChatGPT claims that Amavis is getting old and deprecated, and SpamAssassin in getting very little support now.
So, ChatGPT recommends Rspamd instead, which it says is much faster, is well maintained, and is a whole lot more up to date in design and functionality.
Advice, thoughts and recommendations?
Please boost!
-
@blindcoder
Have a look at
/etc/spamassassin/local.cf
whitelist_from *@anymail.comIf spamassassin works with amavis you will find more settings in
/etc/amavis/conf.d/20-debian_defaultsSearch for $whitelist_sender or @whitelist_sender_maps. These entries are self-explanatory.
In the same file search for
ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTINGThis allows you to control the scoring. (NOTE: positive: black, negative: white)
Go to the array definition an add something like the following to the whitelist part:
'.foo.example.com' => -6.0,
'[email protected]' => -3.0,Then restart your services like #amavis, #spamassassin, #postfix, #dovecot ...
-
Hop, reconfiguration de mon serveur de courriel personnel pour me passer d'Amavis qui n'est plus maintenu depuis 2018.
Comme souvent, aide trouvée sur le wiki de « L'Internet Rapide et Permanent » : https://irp.nain-t.net/doku.php/200messagerie:020postfix2:065_plus_simple
-
So, apparently I can't inspect the `Authentication-Results` in Amavis/SpamAssassin rules. Presumably because it isn't written when the rules are evaluated.
So I can see the DKIM_SIGNED and DKIM_INVALID rules, but I don't seem to be able to see _why_ it is invalid (e.g. it timed out) in other rules. Which is annoying when one server keeps getting DNS timeouts in the lookup even though it's legit 😐
-
There's an awful lot of "change these two settings and things Just Work™" and not a lot of "You need to make sure that these settings exist".
Apparently part of the "not signing emails" is because I'm using SASL auth, so it comes from an "external" server (my local machine). But it's locked down. But Amavis sees it as external. And all the blogs and tutorials and docs either do nothing or go "yeah, just change this setting (that's not in your config)" 😐
-
Does any (open!) email classifiers (and no, not just the simple spam/ham, proper) exist ?
That would just add a simple header to email saying what it might be ? #postfix #amavis #selfhosting #llm #ai -
I've had an inbound email fail DKIM checks because the DNS lookup timed out.
But the Amavis log entry says 8943ms. Which is ~9s. Which isn't (normally) long enough for something to time out. And if I restart Unbound (to clear the cache) and do a `dig` then it still gets the DKIM TXT record almost instantly.Is there a way to increase the DNS lookup time for DKIM in Amavis? I'm not finding anything in the docs or Arch wiki.
-
Ahah!
$quarantine_subdir_levels - "add level of subdirs to disperse quarantine"
That should be what I need 🙂
-
@aeris souci dans la méthode de filtrage ? Je ne laisse que le minimum de mails atteindre mon antispam (économie de temps CPU et de ressources au sens large). La majorité des nuisibles sont bloqués bien avant.
Le premier rideau correspond à postscreen. Le second rideau correspond aux filtrages SMTPd classiques. Le troisième rideau correspond à Amavis/SA/Clamav.
#antispam #amavis #postfix -
Building my first #rspamd #spam #filter system. I've used #Amavis for years, and I had hoped the learning curve would be less steep this time.
It seems to be really, really nice stuff, but like Amavis, it will take some time to get used to.
And I may be thinking too much in Amavis style, this is something else. Amavis decides if it's incoming or outgoing mail by the interface a message arrives on, and then applies the specified policy.
But rspamd is just one milter...
-
Turns out I looked in all the wrong places, I should have looked at #rspamd a bit closer:
https://www.rspamd.com/doc/modules/reputation.html
That will probably mean the end to #Amavis in my environments.
-
I've just written a snippet about how I've written my own custom Amavis spam rule!
I hope it's useful for anybody out there that uses Amavis on their mail servers, but hasn't been able to squash particular spam campaigns with the Bayesian filters alone.
https://seantodd.co.uk/snippets/adding-custom-rules-to-amavis/
-
Unpatched Zimbra flaw under attack is letting hackers backdoor servers - Enlarge (credit: Jeremy Brooks / Flickr)
An unpatched code-exe... - https://arstechnica.com/?p=1888336 #remotecodeexploit #biz&it #amavis #zimbra
-
[EN] Another sysadmin rant, again about email, but this time Amavis:
Seriously, what is wrong with the concept of documentation ?!
When I was younger and had way more time and energy, I managed to figure out how to set up "per user" filtering policies by trial and error, and I documented it, and I integrated that into Mailboy.
Since, the configuration has changed, but there is ZERO DOCUMENTATION. This alone is reason enough for many to just say "fuck it".
-
Amavis project handed over to new project leaders
https://lists.amavis.org/pipermail/amavis-users/2018-October/005458.html
>> We're looking forward to new features and continous bug fixes. <<