Hello guys,
i’ve configured Hestia with SMTP Relay - SMTP2GO. I did some e-mail test and in spamhaus some tests are failed:
I configured spamassassin with following tutorial: GitHub - spamhaus/spamassassin-dqs: Spamhaus code for the Spamassassin plugin. See https://docs.spamhaustech.com/40-real-world-usage/SpamAssassin/000-intro.html
But nothing changed, do anyone knows how to configure exim with spamassasin to get all tests in green?
Thanks
You have touched local.cf / dns_server 127.0.0.1 ? Anyway, I couldn’t get it to work. When querying, the mail.log is full of such lines.
async: aborting after 6.686 s, deadline shrunk: URIBL, A/6.4.86.99.zen.spamhaus.org, rules: URIBL_SBL_A, URIBL_CSS_A
Try this. Rejected because [ip] is in black list at zen.spamhaus.org.
If you use SMTP2Go you should contact them all outgoing traffic goes trough them…
I’ve tested it with Spamassassin 4.0.0 and this is the result:
You should check that your mail domain is configured to reject spam:
Also check the SPAM_REJECT_SCORE configured in Exim (by default it is 100 but I changed it to 80):
❯ grep 'SPAM.*SCORE' /etc/exim4/exim4.conf.template
SPAM_SCORE = 50
SPAM_REJECT_SCORE = 80
I’ve also modified some scores in conf file /etc/mail/spamassassin/sh_scores.cf:
❯ diff -u /root/apps/spamassassin-dqs/4.0.0+/sh_scores.cf /etc/mail/spamassassin/sh_scores.cf
--- /root/apps/spamassassin-dqs/4.0.0+/sh_scores.cf 2024-02-25 23:33:52.190396816 +0100
+++ /etc/mail/spamassassin/sh_scores.cf 2024-02-26 00:04:21.761163078 +0100
@@ -6,7 +6,7 @@
score SH_BODYURI_REVERSE_CSS 3
score SH_BODYURI_REVERSE_DROP 8
score SH_BODYURI_REVERSE_XBL 2
- score RCVD_IN_ZEN_LASTEXTERNAL 8
+ score RCVD_IN_ZEN_LASTEXTERNAL 10
score RCVD_IN_XBL 1
score RCVD_IN_PBL 0.001
score RCVD_IN_SBL 6
@@ -32,20 +32,20 @@
score SH_DBL_BODY 8
score SH_DBL_HEADERS 8
score SH_DBL_HEADERS_ABUSED 0.001
- score SH_ZRD_HEADERS_VERY_FRESH 8
- score SH_ZRD_HEADERS_FRESH 6
- score SH_REVERSE_ZRD_VERY_FRESH 8
- score SH_REVERSE_ZRD_FRESH 6
+ score SH_ZRD_HEADERS_VERY_FRESH 10
+ score SH_ZRD_HEADERS_FRESH 8
+ score SH_REVERSE_ZRD_VERY_FRESH 10
+ score SH_REVERSE_ZRD_FRESH 8
score SH_REVERSE_DBL 8
score SH_REVERSE_DBL_ABUSED 0.001
- score SH_HELO_ZRD_VERY_FRESH 8
- score SH_HELO_ZRD_FRESH 6
- score SH_HELO_DBL 8
+ score SH_HELO_ZRD_VERY_FRESH 10
+ score SH_HELO_ZRD_FRESH 8
+ score SH_HELO_DBL 10
score SH_HELO_DBL_ABUSED 0.001
score SH_AUTHBL_AND_DBL_ABUSED 6
- score SH_ZRD_BODY_FRESH 6
- score SH_ZRD_BODY_VERY_FRESH 8
+ score SH_ZRD_BODY_FRESH 8
+ score SH_ZRD_BODY_VERY_FRESH 10
# DQS wont block queries for open dns usage
score URIBL_DBL_BLOCKED_OPENDNS 0
So, with above conf all smtp tests are rejected.
If you modify Exim or Spamassassin conf, remember to restart the services:
systemctl restart exim4
systemctl restart spamd
After I set it up, I still see these lines. Is it okay or am I wrong somewhere?
2024-02-26T12:24:55.933242+02:00 panel spamd[1835151]: spamd: connection from localhost [127.0.0.1]:59834 to port 783, fd 6
2024-02-26T12:24:55.936563+02:00 panel spamd[1835151]: spamd: setuid to debian-spamd succeeded
2024-02-26T12:24:55.952916+02:00 panel spamd[1835151]: spamd: checking message <8db36fb9fef0e49dc5698346f.70f0e069f3.20240226102443.7cd7a033b9.e49f3e7a@mail177.atl271.mcdlv.net> for debian-spamd:110
2024-02-26T12:25:01.851257+02:00 panel spamd[1835151]: async: aborting after 5.776 s, deadline shrunk: URIBL, A/205.91.108.193.HereMyDQSKey.zen.dq.spamhaus.net, rules: URIBL_SBL_A, SH_BODYURI_REVERSE_SBL, SH_BODYURI_REVERSE_CSS, SH_BODYURI_REVERSE_DROP, URIBL_CSS_A, SH_BODYURI_REVERSE_XBL
2024-02-26T12:25:01.851569+02:00 panel spamd[1835151]: async: aborting after 5.755 s, deadline shrunk: URIBL, A/37.138.120.34.HereMyDQSKey.zen.dq.spamhaus.net, rules: SH_BODYURI_REVERSE_XBL, SH_BODYURI_REVERSE_DROP, URIBL_CSS_A, SH_BODYURI_REVERSE_CSS, URIBL_SBL_A, SH_BODYURI_REVERSE_SBL
2024-02-26T12:25:01.851978+02:00 panel spamd[1835151]: async: aborting after 5.761 s, deadline shrunk: URIBL, A/106.38.239.216.HereMyDQSKey.zen.dq.spamhaus.net, rules: SH_BODYURI_REVERSE_SBL, URIBL_SBL_A, SH_BODYURI_REVERSE_CSS, URIBL_CSS_A, SH_BODYURI_REVERSE_DROP, SH_BODYURI_REVERSE_XBL
2024-02-26T12:25:01.852162+02:00 panel spamd[1835151]: async: aborting after 5.758 s, deadline shrunk: URIBL, A/dns1.safenames.com, rules: SH_BODYURI_REVERSE_SBL, URIBL_SBL_A, SH_BODYURI_REVERSE_CSS, URIBL_CSS_A, SH_BODYURI_REVERSE_DROP, SH_BODYURI_REVERSE_XBL
2024-02-26T12:25:01.852287+02:00 panel spamd[1835151]: async: aborting after 5.756 s, deadline shrunk: URIBL, A/106.32.239.216.HereMyDQSKey.zen.dq.spamhaus.net, rules: URIBL_SBL_A, SH_BODYURI_REVERSE_SBL, SH_BODYURI_REVERSE_CSS, URIBL_CSS_A, SH_BODYURI_REVERSE_DROP, SH_BODYURI_REVERSE_XBL
2024-02-26T12:25:01.852630+02:00 panel spamd[1835151]: async: aborting after 5.774 s, deadline shrunk: URIBL, A/66.133.211.23.HereMyDQSKey.zen.dq.spamhaus.net, rules: URIBL_CSS_A, SH_BODYURI_REVERSE_DROP, SH_BODYURI_REVERSE_XBL, URIBL_SBL_A, SH_BODYURI_REVERSE_SBL, SH_BODYURI_REVERSE_CSS
2024-02-26T12:25:01.853026+02:00 panel spamd[1835151]: async: aborting after 5.760 s, deadline shrunk: URIBL, A/106.36.239.216.HereMyDQSKey.zen.dq.spamhaus.net, rules: SH_BODYURI_REVERSE_XBL, URIBL_CSS_A, SH_BODYURI_REVERSE_DROP, SH_BODYURI_REVERSE_CSS, URIBL_SBL_A, SH_BODYURI_REVERSE_SBL
2024-02-26T12:25:01.853425+02:00 panel spamd[1835151]: async: aborting after 5.762 s, deadline shrunk: URIBL, A/65.168.100.95.HereMyDQSKey.zen.dq.spamhaus.net, rules: SH_BODYURI_REVERSE_CSS, SH_BODYURI_REVERSE_SBL, URIBL_SBL_A, SH_BODYURI_REVERSE_XBL, SH_BODYURI_REVERSE_DROP, URIBL_CSS_A
2024-02-26T12:25:01.853773+02:00 panel spamd[1835151]: async: aborting after 5.758 s, deadline shrunk: URIBL, A/dns2.safenames.net, rules: URIBL_CSS_A, SH_BODYURI_REVERSE_DROP, SH_BODYURI_REVERSE_XBL, URIBL_SBL_A, SH_BODYURI_REVERSE_SBL, SH_BODYURI_REVERSE_CSS
2024-02-26T12:25:01.854275+02:00 panel spamd[1835151]: async: aborting after 5.757 s, deadline shrunk: URIBL, A/dns3.safenames.org, rules: URIBL_SBL_A, SH_BODYURI_REVERSE_SBL, SH_BODYURI_REVERSE_CSS, URIBL_CSS_A, SH_BODYURI_REVERSE_DROP, SH_BODYURI_REVERSE_XBL
2024-02-26T12:25:01.854732+02:00 panel spamd[1835151]: async: aborting after 5.771 s, deadline shrunk: URIBL, A/65.46.246.72.HereMyDQSKey.zen.dq.spamhaus.net, rules: SH_BODYURI_REVERSE_CSS, URIBL_SBL_A, SH_BODYURI_REVERSE_SBL, SH_BODYURI_REVERSE_XBL, URIBL_CSS_A, SH_BODYURI_REVERSE_DROP
2024-02-26T12:25:01.867655+02:00 panel spamd[1835151]: spamd: clean message (1.4/5.0) for debian-spamd:110 in 5.9 seconds, 53547 bytes.
2024-02-26T12:25:01.868035+02:00 panel spamd[1835151]: spamd: result: . 1 - DICT_DUMP_CUSTOM01,DKIM_INVALID,DKIM_SIGNED,DMARC_REJECT,HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,MIME_QP_LONG_LINE,RCVD_IN_DNSWL_NONE,RCVD_IN_IADB_DK,RCVD_IN_IADB_LISTED,RCVD_IN_IADB_RDNS,RCVD_IN_IADB_SENDERID,RCVD_IN_IADB_SPF,SPF_HELO_PASS,SPF_PASS,T_KAM_HTML_FONT_INVALID,T_SCC_BODY_TEXT_LINE,URIBL_GREY scantime=5.9,size=53547,user=debian-spamd,uid=110,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=59834,mid=<8db36fb9fef0e49dc5698346f.70f0e069f3.20240226102443.7cd7a033b9.e49f3e7a@mail177.atl271.mcdlv.net>,autolearn=no autolearn_force=no
2024-02-26T12:25:01.908229+02:00 panel spamd[1835145]: prefork: child states: II
Seems your system can’t get a response from spamhaus in a timely manner.
Try to get them manually to see how much time your server takes to resolve them:
Example (replace HereMyDQSKey by the actual key):
dig 205.91.108.193.HereMyDQSKey.zen.dq.spamhaus.net
If that only happens sometimes, I won’t be worried.
root@panel:~# dig 205.91.108.193.HereMyDQSKey.zen.dq.spamhaus.net
; <<>> DiG 9.18.24-1-Debian <<>> 205.91.108.193.HereMyDQSKey.zen.dq.spamhaus.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65518
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;205.91.108.193.HereMyDQSKey.zen.dq.spamhaus.net. IN A
;; Query time: 0 msec
;; SERVER: 192.168.0.15#53(192.168.0.15) (UDP)
;; WHEN: Mon Feb 26 16:22:24 EET 2024
;; MSG SIZE rcvd: 90
root@panel:~# dig 205.91.108.193.HereMyDQSKey.zen.dq.spamhaus.net
; <<>> DiG 9.18.24-1-Debian <<>> 205.91.108.193.HereMyDQSKey.zen.dq.spamhaus.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56299
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: ac2a13d6ef38195d0100000065dc9f7ae8fa79910c4a924b (good)
;; QUESTION SECTION:
;205.91.108.193.HereMyDQSKey.zen.dq.spamhaus.net. IN A
;; AUTHORITY SECTION:
zen.dq.spamhaus.net. 1 IN SOA need.to.know.only. hostmaster.spamhaus.org. 2402261424 3600 600 432000 1
;; Query time: 108 msec
;; SERVER: 192.168.0.15#53(192.168.0.15) (UDP)
;; WHEN: Mon Feb 26 16:26:02 EET 2024
;; MSG SIZE rcvd: 213
Those outputs look fine, well, the first one seems a cached response but as I said, if it doesn’t happen always, I won’t be worried.
Thank you very much! I’ve been looking for this answer for a while.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.