# spamassassin & settings

## eltech

ok .. so syslog shows the below info

```
Oct 28 12:48:48 pcns spamd[1488]: connection from localhost.localdomain [127.0.0.1] at port 32806 

Oct 28 12:48:48 pcns spamd[3677]: info: setuid to qmailq succeeded 

Oct 28 12:48:48 pcns spamd[3677]: Creating default_prefs [/var/qmail/.spamassassin/user_prefs] 

Oct 28 12:48:48 pcns spamd[3677]: Cannot write to /var/qmail/.spamassassin/user_prefs: No such file or directory 

Oct 28 12:48:48 pcns spamd[3677]: Couldn't create readable default_prefs for [/var/qmail/.spamassassin/user_prefs] 

Oct 28 12:48:48 pcns spamd[3677]: checking message <20031028175532.4215.cpmta@c002.snv.cp.net> for qmailq:204. 

Oct 28 12:48:51 pcns spamd[3677]: clean message (0.3/5.0) for qmailq:204 in 3.3 seconds, 3669 bytes. 
```

i dont have a /var/qmail/.spamassassin so what is it trying to do here?

what i do have are settings in /etc/mail/spamassassin that look like this ..

```

# SpamAssassin config file for version 2.5x

# generated by http://www.yrex.com/spam/spamconfig.php (version 1.01)

# How many hits before a message is considered spam.

required_hits           5.0

# Whether to change the subject of suspected spam

rewrite_subject         1

# Text to prepend to subject if rewrite_subject is used

subject_tag             *****SPAM*****

# Encapsulate spam in an attachment

report_safe             1

# Use terse version of the spam report

use_terse_report        0

# Enable the Bayes system

use_bayes               1

# Enable Bayes auto-learning

auto_learn              1

# Enable or disable network checks

skip_rbl_checks         0

use_razor2              0

use_dcc                 0

use_pyzor               0

# Mail using languages used in these country codes will not be marked

# as being possibly spam in a foreign language.

ok_languages            all

# Mail using locales used in these country codes will not be marked

# as being possibly spam in a foreign language.

ok_locales              all
```

not sure if they are all needed .. 

in my /var/vpopmail/domains/ directory i have a file mailfilter

in it is the following

```

import EXT

import HOST

import HOME

 

SPAMBOX=".Spam"

VERBOSE=0

logfile "/var/log/maildrop-filter-log"

SHELL="/bin/sh"

VHOME=`/var/vpopmail/bin/vuserinfo -d $EXT@$HOST`

VDOMHOME=`/var/vpopmail/bin/vdominfo -d $HOST`

VPOP=`cat $VDOMHOME/.qmail-default`

#VPOP="$VHOME/Maildir/"

if ((/^X-Spam-Status:.*YES/))

{

   `test -d $VHOME/Maildir/.Spam`

   if( $RETURNCODE == 1 )

   {

   `/usr/bin/maildirmake $VHOME/Maildir/.Spam;chown -R vpopmail.vpopmail $VHOME/Maildir/.Spam`

   `echo "INBOX.Spam" >> $VHOME/Maildir/courierimapsubscribed`

   }

   to "$VHOME/Maildir/.Spam/"

}

 

to "$VHOME/Maildir/"
```

it works with /var/vpopmail/domains/domain.com/user/.qmail

which reads

```
| /var/qmail/bin/preline /usr/bin/maildrop /var/vpopmail/domains/mailfilter
```

it basically triggers the mailfilter file, creats a directory called Spam and puts the suspected spam in that folder .. 

problems?

1. it doesnt tag the mail in anyway.. 

2. it doesnt seem like everything is set up correctly .. 

3. why is it that its looking for the .spamassassin directory? 

4. is it not reading the local.cf file?

5. is my setup correct?

can anyone give me a hand with this .. as to why i get these errors in syslog and how i can start stamping the mail as spam?

also i am running

qmail

spamassassin

qmail-scanner

courier-imap

clamav

squirrelmail

qmail-pop3d

vpopmail

this all works with no problem and spamassassin seems to be doing its job somewhat, but how can i fix it completley?

----------

## eltech

anyone out there?

----------

## eltech

last try and i will go to the mailing list

----------

## Souperman

 *eltech wrote:*   

> ok .. so syslog shows the below info
> 
> ```
> Oct 28 12:48:48 pcns spamd[1488]: connection from localhost.localdomain [127.0.0.1] at port 32806 
> 
> ...

 

Disclaimer: I know nothing at all about the internal workings of qmail.

SpamAssassin looks in $HOME/.spamassassin/user_prefs for each user's preferences.  It seems to create the file if it doesn't find it, which is what you're seeing.  The reason it's trying to store it in /var/qmail seems to be because it setuid itself to the 'qmailq' user and /var/qmail is probably the $HOME dir for that account.  See if you can make the warnings go away by doing 'mkdir /var/qmail/.spamassassin && touch /var/qmail/.spamassassin/user_prefs'.

HTH

----------

## eltech

 *gpd wrote:*   

>  *eltech wrote:*   ok .. so syslog shows the below info
> 
> ```
> Oct 28 12:48:48 pcns spamd[1488]: connection from localhost.localdomain [127.0.0.1] at port 32806 
> 
> ...

 

Thanks for the help .. am sure that will fix the problem, but am wondering how to stop it from looking at that file or even better; what is it looking for? similar info to what local.cf contains?

----------

## Souperman

It seems to just contain example settings and info on where to get more details.  Here's mine (I've never modified it, since I'm not using per-user settings):

```
graeme@wizard[pts/4]:/home/graeme$ cat .spamassassin/user_prefs

# SpamAssassin user preferences file.  See 'perldoc Mail::SpamAssassin::Conf'

# for details of what can be tweaked.

###########################################################################

# How many hits before a mail is considered spam.

# required_hits         5

# Whitelist and blacklist addresses are now file-glob-style patterns, so

# "friend@somewhere.com", "*@isp.com", or "*.domain.net" will all work.

# whitelist_from        someone@somewhere.com

# Add your own customised scores for some tests below.  The default scores are

# read from the installed spamassassin rules files, but you can override them

# here.  To see the list of tests and their default scores, go to

# http://spamassassin.org/tests.html .

#

# score SYMBOLIC_TEST_NAME n.nn

# Speakers of Asian languages, like Chinese, Japanese and Korean, will almost

# definitely want to uncomment the following lines.  They will switch off some

# rules that detect 8-bit characters, which commonly trigger on mails using CJK

# character sets, or that assume a western-style charset is in use.

#

# score HTML_COMMENT_8BITS      0

# score UPPERCASE_25_50         0

# score UPPERCASE_50_75         0

# score UPPERCASE_75_100        0
```

----------

## eltech

so here is a good question, because it is what i am trying to achieve .. what is your setup like for system wide filtering??

as this is what i would like to do also ..?

----------

## eltech

 *gpd wrote:*   

> 
> 
> SpamAssassin looks in $HOME/.spamassassin/user_prefs for each user's preferences.  It seems to create the file if it doesn't find it, which is what you're seeing.  The reason it's trying to store it in /var/qmail seems to be because it setuid itself to the 'qmailq' user and /var/qmail is probably the $HOME dir for that account.  See if you can make the warnings go away by doing 'mkdir /var/qmail/.spamassassin && touch /var/qmail/.spamassassin/user_prefs'.
> 
> HTH

 

since making these changes .. its all quiet now, but it doesnt seem like the filtering is working ...

----------

