# Sendmail/SpamAssassin/Procmail/Roundcube



## Lego (Sep 14, 2009)

HEHE! sorry but I think it warrants a new thread, So I have Sendmail/SpamAssassin/ClamAV & Roundcube all working together... mind you I think Roundcube doesn't matter because its just a client to interact with the IMAP server.  But On the Tutorial Site, http://www.hart.co.jp/spam/sa-clamav-e.html,  I was working with It suggested installing Procmail to Handle mail filtered by SpamAssassin to make it go to a Junk Mail folder, if its still junkmail.  He doesn't go into much depth, so I found this tutorial, http://www.puresimplicity.net/~hemi/freebsd/procmail.html, Followed it even created the .procmailrc file and put the log line in it, changed my MAILER(local)dnl to MAILER(promail)dnl (in the blurr-ink.com.mc file), and left MAILER(smtp)dnl alone, Anyway, after doing all that 'cd /etc/mail && make' 'cp blurr-ink.com.cf sendmail.cf' 'make restart' sent a few mails from hotmail to my blurr-ink.com accounts, still receiving mail, but the procmail.log hasn't been created, so is procmail working or not? I know i have to set filters in a file, but I think i've done something wrong.


----------



## DutchDaemon (Sep 14, 2009)

I think you need


```
FEATURE(local_procmail)
```
and

```
MAILER(local)
```
not 

```
MAILER(procmail)
```

At least, that's how I've had it for about a decade. 

It shows up in sendmail.cf as


```
Mlocal,         P=/usr/local/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
                T=DNS/RFC822/X-Unix,
                A=procmail -Y -a $h -d $u
```

And make sure .procmailrc is owned by the correct user.

This should be enough to get some verbose logging thru .procmailrc:


```
LOGFILE=$HOME/pm.log
VERBOSE=yes
```

procmailrc(5)
procmailex(5)


----------



## Lego (Sep 14, 2009)

who does it need to be owned by? pretty sure both are owned by root.
blurr-ink.com.mc:

```
divert(-1)
define('SMART_HOST','out.mnsi.net')
INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass-milter.sock, F=, T=C:1
INPUT_MAIL_FILTER(`clmilter', `S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;
FEATURE(dnsbl,`sbl-xbl.spamhaus.org')dnl
FEATURE(local_procmail)dnl
#
# Copyright (c) 1983 Eric P. Allman
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
#    must display the following acknowledgement:
#       This product includes software developed by the University of
#       California, Berkeley and its contributors.
# 4. Neither the name of the University nor the names of its contributors
#    may be used to endorse or promote products derived from this software
#    without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#

#
#  This is a generic configuration file for FreeBSD 5.X and later systems.
#  If you want to customize it, copy it to a name appropriate for your
#  environment and do the modifications there.
#
#  The best documentation for this .mc file is:
#  /usr/share/sendmail/cf/README or
#  /usr/src/contrib/sendmail/cf/README
#

divert(0)
VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.34.2.3.2.1 2008/11/25 02:59:
OSTYPE(freebsd6)
DOMAIN(generic)

FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
FEATURE(blacklist_recipients)
FEATURE(local_lmtp)
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')

dnl Uncomment to allow relaying based on your MX records.
dnl NOTE: This can allow sites to use your server as a backup MX without
dnl       your permission.
dnl FEATURE(relay_based_on_MX)

dnl DNS based black hole lists
dnl --------------------------------
dnl DNS based black hole lists come and go on a regular basis
dnl so this file will not serve as a database of the available servers.
dnl For that, visit
dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/

dnl Uncomment to activate Realtime Blackhole List
dnl information available at http://www.mail-abuse.com/
dnl NOTE: This is a subscription service as of July 31, 2001
dnl FEATURE(dnsbl)
dnl Alternatively, you can provide your own server and rejection message:
dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', ``"550 Mail from " $&{client_addr

dnl Dialup users should uncomment and define this appropriately
dnl define(`SMART_HOST', `your.isp.mail.server')

dnl Uncomment the first line to change the location of the default
dnl /etc/mail/local-host-names and comment out the second line.
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
define(`confCW_FILE', `-o /etc/mail/local-host-names')

dnl Enable for both IPv4 and IPv6 (optional)
DAEMON_OPTIONS(`Name=IPv4, Family=inet')
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')

define(`confBIND_OPTS', `WorkAroundBrokenAAAA')
define(`confNO_RCPT_ACTION', `add-to-undisclosed')
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')
define(`confINPUT_MAIL_FILTERS', `clmilter,spamassassin')dnl
MAILER(local)dnl
MAILER(smtp)dnl
```

then 'make install restart' and in my sendmail.cf I get this:

```
Mlocal,         P=/usr/libexec/mail.local, F=lsDFMAw5:/|@qPSXmnz9, S=EnvFromSMTP/
                T=DNS/RFC822/SMTP,
                A=mail.local -l
```


----------



## Lego (Sep 14, 2009)

If I put:

```
MAILER(local)dnl
MAILER(procmail)dnl
MAILER(smtp)dnl
```

Then in sendmail I get this:

```
######################*****##############
###   PROCMAIL Mailer specification   ###
##################*****##################

#####  $Id: procmail.m4,v 8.22 2001/11/12 23:11:34 ca Exp $  #####

Mprocmail,      P=/usr/local/bin/procmail, F=DFMSPhnu9, S=EnvFromSMTP/HdrFromSMTP
                T=DNS/RFC822/X-Unix,
                A=procmail -Y -m $h $f $u
```

And further down:

```
Mlocal,         P=/usr/libexec/mail.local, F=lsDFMAw5:/|@qPSXmnz9, S=EnvFromSMTP/
                T=DNS/RFC822/SMTP,
                A=mail.local -l
Mprog,          P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=
                T=X-Unix/X-Unix/X-Unix,
                A=sh -c $u

#####################################
###   SMTP Mailer specification   ###
#####################################

#####  $Id: smtp.m4,v 8.65 2006/07/12 21:08:10 ca Exp $  #####
```


```
blurr-ink# tail /usr/home/lego/procmail.log

blurr-ink# tail /root/procmail.log

blurr-ink#
```


----------



## Lego (Sep 14, 2009)

i have a .procmailrc in both /root/ and /usr/home/lego/.... but I also have a .mailrc file in /usr/home/lego/ does that make a difference?? no it doesn't... just renamed it and tried again.. no luck


----------



## DutchDaemon (Sep 14, 2009)

Don't put additions to your .mc file above the other settings, as the ones below will likely overrule or alter your additions. Try to keep the file in a logical running order (features with features, defines with defines, mailers with mailers, etc.), and remove/^dnl stuff you don't need.

The .procmailrc files should be owned by the user whose mail you're handling (so root-owned for mail to root -> ~root/.procmailrc, lego-owned for mail to lego -> ~lego/.procmailrc, etc.).


----------



## Lego (Sep 14, 2009)

ok i deleted the too log files, because it says they would be created once i received some mail, and they hadn't so i made them, and now they are gone....... so, I made the changes to my mc file (arrangment and what not like you said) and make install restart again:

```
Mlocal,         P=/usr/local/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
                T=DNS/RFC822/X-Unix,
                A=procmail -Y -a $h -d $u
Mprog,          P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
                T=X-Unix/X-Unix/X-Unix,
                A=sh -c $u
```

So, It looks like yours now... but still no logs when I send mail or when I recieve mail to the accounts

MC file now:

```
#
# Copyright (c) 1983 Eric P. Allman
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
#    must display the following acknowledgement:
#       This product includes software developed by the University of
#       California, Berkeley and its contributors.
# 4. Neither the name of the University nor the names of its contributors
#    may be used to endorse or promote products derived from this software
#    without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#

#
#  This is a generic configuration file for FreeBSD 5.X and later systems.
#  If you want to customize it, copy it to a name appropriate for your
#  environment and do the modifications there.
#
#  The best documentation for this .mc file is:
#  /usr/share/sendmail/cf/README or
#  /usr/src/contrib/sendmail/cf/README
#

divert(0)
VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.34.2.3.2.1 2008/11/25 02:59:29 kensmith Exp $')
OSTYPE(freebsd6)
DOMAIN(generic)
INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl
INPUT_MAIL_FILTER(`clmilter', `S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m')dnl
FEATURE(dnsbl,`sbl-xbl.spamhaus.org')dnl
FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
FEATURE(blacklist_recipients)
dnl FEATURE(local_lmtp)
FEATURE(local_procmail)
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')

dnl Uncomment to allow relaying based on your MX records.
dnl NOTE: This can allow sites to use your server as a backup MX without
dnl       your permission.
dnl FEATURE(relay_based_on_MX)

dnl DNS based black hole lists
dnl --------------------------------
dnl DNS based black hole lists come and go on a regular basis
dnl so this file will not serve as a database of the available servers.
dnl For that, visit
dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/

dnl Uncomment to activate Realtime Blackhole List
dnl information available at http://www.mail-abuse.com/
dnl NOTE: This is a subscription service as of July 31, 2001
dnl FEATURE(dnsbl)
dnl Alternatively, you can provide your own server and rejection message:
dnl FEATURE(dnsbl, `blackholes.mail-abuse.org', ``"550 Mail from " $&{client_addr} " 
rejected, see http://mail-abuse.o

dnl Dialup users should uncomment and define this appropriately
dnl define(`SMART_HOST', `your.isp.mail.server')

dnl Uncomment the first line to change the location of the default
dnl /etc/mail/local-host-names and comment out the second line.
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
define(`confCW_FILE', `-o /etc/mail/local-host-names')

dnl Enable for both IPv4 and IPv6 (optional)
DAEMON_OPTIONS(`Name=IPv4, Family=inet')
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')

define(`confBIND_OPTS', `WorkAroundBrokenAAAA')
define(`confNO_RCPT_ACTION', `add-to-undisclosed')
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')
define(`confINPUT_MAIL_FILTERS', `clmilter,spamassassin')dnl
define('SMART_HOST','out.mnsi.net')
MAILER(local)
MAILER(smtp)
```


----------



## Lego (Sep 14, 2009)

and the .procmailrc in /lego/ 'ee /usr/home/lego/.procmailrc'

```
LOGFILE=$HOME/procmail.log
VERBOSE=yes
```

OK OK!!!!! Im a retard... the .procmailrc file in the /usr/home/lego was owned by root so it wasn't working... once I deleted it, and recreated it, I have a log file now.   Now do I need the .procmailrc file in the /root/ folder???

Deleted the /root/.procmailrc file... when i send mail to root it gets forwarded to lego so it gets checked and loged ing lego's procmail.log


----------



## DutchDaemon (Sep 14, 2009)

And your file permissions are in line with the user directory where .procmailrc is in, right? Does [cmd=]sendmail -bv lego[/cmd] indicate that the 'local' mailer is being used? Oh, and I'm assuming you restarted Sendmail, of course.


----------



## Lego (Sep 14, 2009)

Ok, So I guess, the Next step would be putting some filters in the .procmailrc file?? so it sends stuff marked spam to the spam folder??


----------



## Lego (Sep 14, 2009)

yes, i've restarted send mail  yes mail is being sent proper now... was sending mail to root@blurr-ink.com and lego@blurr-ink.com, and both were delieverd to lego's box, and both showed up in the promail.log

```
blurr-ink# sendmail -bv lego
lego... deliverable: mailer local, user lego
```


----------



## DutchDaemon (Sep 14, 2009)

Ok, when the logfile works (showing that procmail actually handles local delivery), you can add rules. I posted the necessary manuals above. Make sure you use locks when dropping mail in mailboxes.


----------



## Lego (Sep 14, 2009)

ok, thanks, not sure what locks are yet, but i'll find out.


----------



## DutchDaemon (Sep 14, 2009)

It shows up as 

```
:0[B][color="Red"]:[/color][/B]
  ^
```
 in a procmail recipe. It will lock the mailbox being written to, so the next email will wait for the lock to be cleared.


----------



## Lego (Sep 14, 2009)

Ok, did a quick google search for using procmail to process spam; found this: http://www1.cs.columbia.edu/~crf/howto/procmail-howto.html, which had this:

```
#########################################################################
#                                                                       #
#               STANDARD .PROCMAILRC TO FILTER SPAM                     #
#                                                                       #
#               COMPUTER SCIENCE DEPARTMENT                             #
#                   COLUMBIA UNIVERSITY                                 #
#                                                                       #
#########################################################################

#### Customize the configuration to fit your need. *********
#
## Make sure that this file is only writable by the owner, otherwise
## procmail will not use it (considered "Suspicious" by procmail)
## and complain (silently to you) in the mail log file of the delivering
## machine.
#

# All folders (spam, log, procmailbackup) are in $MAILDIR/mail
MAILDIR=$HOME/mail

# Please empty the mail log ($MAILDIR/log) frequently because it gets very 
# big quickly. This file is a good place to check your filtered email to 
# make sure they are all spam.
LOGFILE=$MAILDIR/log
VERBOSE=off


##### uncomment below to keep backups of all incoming mail
#
# Uncomment the following 3 lines if you want to backup your mail 
# BEFORE filtering, please empty the folder frequently because it gets very 
# big, very quickly.

#BACKUPSPOOL=$MAILDIR/procmailbackup
#:0 c:
#$BACKUPSPOOL

# If email is marked with 90% or higher probability of being spam, filter it.
:0:
* ^X-PerlMx-Spam: Gauge=XXXXXXXXX

# Put the spam in $MAILDIR/spam.
# Please empty the spam folder frequently.
spam

##### or you can delete it
#/dev/null

############################## E N D ######################################
```

Thats not going to work for me is it?

Or This, But this kinda confusing to me considering spamassassin is already scanning mail isn't it?

http://www.bsdnet.us/doc/examples/F...assin on FreeBSD with Sendmail + Procmail.pdf


----------



## Lego (Sep 14, 2009)

Ok, I have to ask here.... Trail is: champagne_dan@hotmail.com sends mail to lego@blurr-ink.com sendmail? gets it and spamassin scans it, if its listed on spamhaus it gets rejected if it gets listed as spam? then sent to procmail to be delivered? to either spam folder or inbox


----------



## Lego (Sep 14, 2009)

or I would use that script but change the X-Perl part to X-Spam-Status: YES or something like X-Spam-Level: ******* for 70% chance?  And I just checked tail /var/log/maillog and spamassassin is scanning the emails


----------



## DutchDaemon (Sep 14, 2009)

All the questions you're asking can only be answered by yourself, because you get to decide how Spamassassin handles email it considers to be spam. It either rejects it (meaning it won't enter your system at all) or it merely tags it (which means it will accept the email and add certain headers for you to process/filter with e.g. procmail). Just look at your configuration files and try to imagine the mail flow instead of staring blankly at other people's specific setups, which may or may not be applicable to your situation.


----------



## Lego (Sep 15, 2009)

Yea, understood, I did look at that config, and realized it does exactly what I want it to do, all I changed was verbose=yes and X-Spam-Status: Yes to look for, if that doesn't work Im sure I can use the X-Spam-Level: ***** im assuming 1 * for each 10%.

oh and my home maildir was different, as was the logfile. so I fixed that. Now its just a waiting game to have some spam sent to me 

my non-spam mail sends/receive's fine.


----------



## DutchDaemon (Sep 15, 2009)

You may have to change that '*' character to something else (like 'S' or 'X') in SA, because it's quite difficult to match on '*' with e.g. procmail.


----------



## Lego (Sep 15, 2009)

Im using the X-Spam-Status: Yes instead of the X-Spam-Level: ** at the moment.  But I don't see it being a problem since that script has the Guage=**** and in the maillog i see X-Spam-Status: No, etc..... and on the next line X-Spam-Level: *, etc..... and Im pretty sure it's working properly now because in the maillog i just found.

```
Sep 14 21:56:01 blurr-ink sm-mta[51563]: ruleset=check_relay, arg1=[189.152.134.200], 
arg2=127.0.0.4, relay=dsl-189-152-134-200-dyn.prod-infinitum.com.mx [189.152.134.200] 
(may be forged), reject=550 5.7.1 Rejected: 189.152.134.200 listed at sbl-xbl.spamhaus.org
```

So, Im assuming that because its listed on spamhaus it was rejected, so spam assassin didn't even pass it to procmail, but had it not been listed on spamhaus (like my dynamic mail server / I have to remove it when my ip resets everytime, but it works fine) it would have been marked spam and sent to the spam folder, right?


HEHE!!!!! Anyone want to send me a known test virus file, so I can verify that ClamAV will scan the file either before delivery or before I actually open it?? Please  Seriously....


----------



## Lego (Sep 15, 2009)

Another Mail that just came; maillog:

```
Sep 14 22:02:25 blurr-ink sm-mta[51671]: n8F22INv051671: from=<qulat-hamburg@debitel.net>, size=1658, class=0, nrcpts=
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: connection from localhost [127.0.0.1] at port 61018
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: setuid to root succeeded
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: still running as root: user not specified with -u, not found, or set to
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: processing message <223765921.06763920415876@debitel.net> for root:65534
Sep 14 22:02:25 blurr-ink spamd[1177]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot c
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: clean message (3.5/5.0) for root:65534 in 0.1 seconds, 1973 bytes.
Sep 14 22:02:25 blurr-ink spamd[1177]: spamd: result: . 3 - DATE_IN_FUTURE_06_12,DIET_1,HTML_MESSAGE,RDNS_NONE scantim
Sep 14 22:02:25 blurr-ink sm-mta[51671]: n8F22INv051671: Milter add: header: X-Spam-Status: No, score=3.5 required=5.0
Sep 14 22:02:25 blurr-ink spamd[1176]: prefork: child states: II
Sep 14 22:02:25 blurr-ink sm-mta[51671]: n8F22INv051671: Milter add: header: X-Spam-Level: ***
Sep 14 22:02:25 blurr-ink sm-mta[51671]: n8F22INv051671: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.2.
Sep 14 22:02:25 blurr-ink sm-mta[51673]: n8F22INv051671: to=<lego@blurr-ink.com>, delay=00:00:01, xdelay=00:00:00, mai
Sep 14 22:02:37 blurr-ink imapd[51675]: Login user=Lego host=localhost [127.0.0.1]
```

procmail.log:

```
procmail: [51674] Mon Sep 14 22:02:25 2009
procmail: No match on "^X-Spam-Status: Yes"
procmail: Bypassed locking "/var/mail/lego.lock"
procmail: Assigning "LASTFOLDER=/var/mail/lego"
procmail: Opening "/var/mail/lego"
procmail: Acquiring kernel-lock
procmail: Notified comsat: "lego@1594190:/var/mail/lego"
From qulat-hamburg@debitel.net  Mon Sep 14 22:02:25 2009
 Subject: G*et The power of A.cai wo_rking for you
  Folder: /var/mail/lego                                                   2188
```

So if I were to use X-Spam-Level: ***, in theory it should have gone to the spam folder....


----------



## DutchDaemon (Sep 15, 2009)

Lego said:
			
		

> So, Im assuming that because its listed on spamhaus it was rejected, so spam assassin didn't even pass it to procmail, but had it not been listed on spamhaus it would have been marked spam and sent to the spam folder, right?



That's not certain at all. If SpamAssassin doesn't find anything wrong with the message (header and body checks), it will not mark it as spam. And, again: _you_ have the choice to reject or accept/tag email. That's the fundamental choice between rejecting (not accepting at the SMTP stage) and tagging (accepting all email at the SMTP stage).

BTW: greylisting alone will stop 99% of spam (attempts), especially when combining it with blacklists.


----------



## Lego (Sep 17, 2009)

Not quite sure I follow 100%, I'm going to wait until I've got a bunch of mail sent to me from various sources and see how it tags each one, then make a choice I guess...


----------



## Lego (Sep 17, 2009)

ok So...mail just received....
/var/log/maillog:

```
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: from=<quintonaltfarr@matthey.com>, size=4651, class=0, nrcpts=1, msgid=<892100635.03514595497328@mat
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: connection from localhost [127.0.0.1] at port 63998
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: setuid to root succeeded
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: processing message <892100635.03514595497328@matthey.com> for root:65534
Sep 17 16:24:47 blurr-ink spamd[1010]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /nonexistent/.spamas
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: identified spam (10.8/5.0) for root:65534 in 0.2 seconds, 5010 bytes.
Sep 17 16:24:47 blurr-ink spamd[1010]: spamd: result: Y 10 - DATE_IN_FUTURE_06_12,DIET_1,FH_HELO_EQ_D_D_D_D,FM_SEX_HELODDDD,HELO_DYNAMIC_DHCP,HELO_DYNAMIC_IP
Sep 17 16:24:47 blurr-ink spamd[964]: prefork: child states: II
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter add: header: X-Spam-Flag: YES
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter add: header: X-Spam-Status: Yes, score=10.8 required=5.0 tests=DATE_IN_FUTURE_06_12,DIET_1,\n
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter add: header: X-Spam-Level: **********
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on blurr-ink.com
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter change: header Content-Type: from  multipart/alternative;\n  boundary="----------C38D38D3F219
Sep 17 16:24:47 blurr-ink sm-mta[53921]: n8HKOVC1053921: Milter message: body replaced
Sep 17 16:24:47 blurr-ink sm-mta[53926]: n8HKOVC1053921: to=<lego@blurr-ink.com>, delay=00:00:01, xdelay=00:00:00, mailer=local, pri=38795, dsn=2.0.0, stat=Sent
```

procmail.log:

```
procmail: [53927] Thu Sep 17 16:24:47 2009
procmail: Match on "^X-Spam-Status: Yes"
procmail: Locking "Junk.lock"
procmail: Assigning "LASTFOLDER=Junk/msg.GhiX"
procmail: Opening "Junk/msg.GhiX"
procmail: Acquiring kernel-lock
procmail: Unlocking "Junk.lock"
procmail: Notified comsat: "lego@0:/home/lego//Junk/msg.GhiX"
From quintonaltfarr@matthey.com  Thu Sep 17 16:24:47 2009
 Subject: Colo Cl'ean_se Plus has s.aved liv-es , let it help y-ours ,get your 
  Folder: Junk/msg.GhiX							   8894
```

But I didn't receive it to the spam folder....

.procmailrc:

```
#########################################################################
#                                                                       #
#               STANDARD .PROCMAILRC TO FILTER SPAM                     #
#                                                                       #
#               COMPUTER SCIENCE DEPARTMENT                             #
#                   COLUMBIA UNIVERSITY                                 #
#                                                                       #
#########################################################################

#### Customize the configuration to fit your need. *********
#
## Make sure that this file is only writable by the owner, otherwise
## procmail will not use it (considered "Suspicious" by procmail)
## and complain (silently to you) in the mail log file of the delivering
## machine.
#

# All folders (spam, log, procmailbackup) are in $MAILDIR/mail
MAILDIR=$HOME/

# Please empty the mail log ($MAILDIR/log) frequently because it gets very
# big quickly. This file is a good place to check your filtered email to
# make sure they are all spam.
LOGFILE=$MAILDIR/procmail.log
VERBOSE=yes


##### uncomment below to keep backups of all incoming mail
#
# Uncomment the following 3 lines if you want to backup your mail
# BEFORE filtering, please empty the folder frequently because it gets very
# big, very quickly.

#BACKUPSPOOL=$MAILDIR/procmailbackup
#:0 c:
#$BACKUPSPOOL

# If email is marked with 90% or higher probability of being spam, filter it.
:0:
* ^X-Spam-Status: Yes

# Put the spam in $MAILDIR/spam.
# Please empty the spam folder frequently.
Junk

##### or you can delete it
#/dev/null

############################## E N D ######################################
```

I have mail folders in /usr/home/lego/

```
.cshrc                  .mailboxlist            .rhosts                 Junk E-mail             WebalizerReports
.login                  .mailrc-backup          .shrc                   Saved                   procmail.log
.login_conf             .procmailrc             Drafts                  Sent                    spamhaus
.mail_aliases           .profile                Junk                    Trash
```

Shouldn't it have been sent to the Junk folder??  I did not receive the mail in my inbox or the Junk box....


----------



## Lego (Sep 17, 2009)

Please look at the post prior to this one, then look at this one please; Thanks!
I found the emails marked as spam, I had to go into the roundcube settings and well just look its odd....
I had to select each msg.XXXX to be able to view the messages, and only one message exists in each folder????


----------



## Lego (Sep 18, 2009)

Anyone Know how to fix this????

its kinda retarted..... To check if I have spam I have to go to my folders, and see if there's a new folder in my Junk folder..... and then select it and go back to my email and check the folder for 1 email....... This can't be the only way to set it up?  right now I have 7 spam emails, so I have 7 folders listed under my Junk Folder.... each with 1 email in it.....


----------



## DutchDaemon (Sep 18, 2009)

I think you may have created 'Junk' as a *directory*, which procmail will write into. If 'Junk' doesn't exist when procmail first writes to it, it should create a *mailbox*, and add new mails to it.


----------



## Lego (Sep 18, 2009)

Ok, yes I did create the dir 'Junk' so I should delete it and let procmail create the directory?

Also, I was reading through the 2 links you gave me and checking out some of the examples, and not all of them use the extra ':' to lock the file, what exactly is that doing, I thought that maybe that extra ':' was making it lock the file and thats why it was in a folder by it self...


----------



## DutchDaemon (Sep 18, 2009)

If you tell procmail to write to 'Junk' and it doesn't exist, procmail will create a mailbox file called 'Junk'. So remove that Junk directory and let procmail create the mailbox.

The extra ':' is for writing to mailboxes. You typically don't need it when writing the mail to a pipe or when you're sending the mail on to a different address (forward). The general rule is: when you drop the mail in a local mailbox, add the lock, or two mails may coincide and produce a garbled mess.


----------



## Lego (Sep 18, 2009)

I see, awesome thanks.


----------



## Lego (Sep 18, 2009)

Ok, is there anyway to make my ( /usr/home/lego/.procmailrc ) the standard file, for everyone/mailbox.. like for my 2 friends that have made email address for mel@blurr-ink.com and jay@blurr-ink.com, and anyone else i create an email address for?? like when I create a user, have it automatically create the .procmailrc file from my template in there home directory??? because at the moment they don't have the .procmailrc file... well i haven't created one for them....

IT WORKED!!! Thanks a ton, as soon as I deleted the folder, and some spam came in it created the folder and placed the messages in it!! Hurry! Thanks again!


----------



## dennylin93 (Sep 19, 2009)

Lego said:
			
		

> Ok, is there anyway to make my ( /usr/home/lego/.procmailrc ) the standard file, for everyone/mailbox..



The /usr/local/etc/procmailrc file can be used for global settings. However, remember to change the variables within the file since the paths to the mailboxes all vary. See the -a flag for procmail.


----------

