Spam assassin rules not working

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi Guys,

I'm having a problem at work and was wondering if someone could help me. My boss is getting a lot of spam and i'm trying to add a rule to the local.cf file in /etc/mail/spamassassin directory but it is just not working. I'v tested my regular expression and it is finding the phrase in the body but when i put the rule in restart spamaassassin and send a test email from another account it still lets the email through, if I paste the rule down here could someone advise me if I'm doing something wrong:


body DAVE_SPAM_RULE /467411.htm/
score DAVE_SPAM_RULE 100 100 100 100
describe DAVE_SPAM_RULE Detected the link 467411.htm in the email

Spam assassin is used with amavisd as the daemon and postfix and the MTA

Thanks in advance

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Can't really help you with spamassassin as I've not used it in ages(well apart from switching it off when its replaced ) but I would recommend that you look into something called ASSP

 

have you tried using lint on your rules to make sure its not throwing any errors?

Try ditching the 4 parameters for your scoring:

Other than that I'm not sure I'm afraid.

Edit: Just had another thought, as your looking for a web address why not use a URI rule?

 

Tried both of these and although it seemed like it was going to work...it still got through

I'm writing the rule as it says on the spamassassin website and it just doesn't work!! This is so frustrating, I hate this peice of software!

 

Anyone got any ideas about this, I tried with a different rule for a similar problem and even thought the regex is telling me it is catching the phrases, the spam mail is still being delivered?

 

one other idea to try, apart from ripping the damn thing out and replacing it..... (oh for the day I get to do that here)

small change but might do it, perl regex reads . as a wildcard so it might be spazzing out on that (despite the regex apparently working fine).

 

Thanks Josiah, I entered this into a regex tester and it threw an error in one but worked in another.
Anyway tried sending mail with bad content in the body again and...suprise suprise it bloody got through!!
I will not be defeated!

 

Seems to work fine over here

--lint -D deffo not showing anything?

 

maybe?

configuring custom rules is a complete pain in the arse, we had to make an adjustment to the banned words list we stuck into ours soon after it went live (because we didn't test it properly) it blocked any email containing the word specialislist.

 

Did just think, is your test email triggering any other rules on its way through?

 

Another reason why you should be using ASSP already Josiahb


Also just to add, your using another external email to test? and not [email protected] -> [email protected].
I'm using gmail to fire in the test emails and its hitting everytime

 

Maybe I should go and do some more homework on Spamassassin, I don't even know what these are, how was that log file created Thomas?

 

Its an email header buddy, outlook will hide it from you so look at the emails properties

 

I wish, I'd love to be running anything except spamassassin but our outsourcing company are absolutely convinced its the best you can get and they'll be here longer than I will!

 

If thats is the case then its time to kill the contract, SA is a POS, also you could just plop it in the middle and set SA to allow everything, they wouldn't even notice it