Dan*_*iel 5 logging spamassassin flags
我有 Spamassassin 3.4 + Ubuntu 14 + Qmail + Clamav。一切都运行正常。检测到垃圾邮件时,会将其标记为 [垃圾邮件] 并发送给收件人。阅读垃圾邮件日志(对我来说是 mail.log),我 grep 这些行:
Jul 14 17:32:36 mail spamd[2575]: spamd: identified spam (11.3/7.0) for foo.user@foodomain.com.br:89 in 1.9 seconds, 5217 bytes.
Jul 14 17:32:36 mail spamd[2575]: spamd: result: Y 11 - BAYES_00,DCC_CHECK,DIGEST_MULTIPLE,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HELO_DYNAMIC_DHCP,HTML_IMAGE_ONLY_24,HTML_IMAGE_RATIO_02,HTML_MESSAGE,MPART_ALT_DIFF,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_BRBL_LASTEXT,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL scantime=1.9,size=5217,user=foo.user@foodomain.com.br,uid=89,required_score=7.0,rhost=localhost,raddr=127.0.0.1,rport=46216,mid=<20170714203234.33D342666A8E7@node225.7sete7corp.com>,bayes=0.000000,autolearn=no autolearn_force=no
我知道垃圾邮件被标记是因为达到 11.3 分;在第二行,我知道垃圾邮件有标记/规则。
我的问题:是否可以更改 Spamassassin 上的一些配置以将单个标志分数添加到日志中?
Spamassassin 会发送报告,并将原始邮件附加到收件人。我知道摘要包含与分数相同的标志。
这些分数也可以记录下来,这对我很有用。
小智 1
您需要更改 spamd(位于 /usr/bin/spamd 或 /usr/local/bin/spamd)查找 2050 到 2060 左右的行号,您将看到
my $tests = join(",", sort(grep(length,$status->get_names_of_tests_hit())));
将其更改为
my $tests = join(",", sort(grep(length,$status->get_names_of_tests_hit_with_scores())));
然后重新启动 spamd,你会看到这样的日志
Apr 12 12:10:33 mail spamd[3108]: spamd: result: . 0 - BAYES_00=-1.9,DKIM_INVALID=0.1,DKIM_SIGNED=0.1,DOS_RCVD_IP_TWICE_B=3.299,HTML_MESSAGE=0.001,KAM_DMARC_STATUS=0.01,RCVD_IN_DNSWL_MED=-2.3,RCVD_IN_MSPIKE_H5=0.001,RCVD_IN_MSPIKE_WL=0.001,SPF_HELO_NONE=0.001,SPF_PASS=-0.001,T_SCC_BODY_TEXT_LINE=-0.01 scantime=3.1,size=35652,user=mail,uid=8,required_score=12.0,rhost=1.2.3.4,raddr=1.2.3.4,rport=44736,mid=<534734.78070.23526@email.mail.com>,bayes=0.000000,autolearn=no autolearn_force=no,shortcircuit=no