| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
03-08-2011, 12:10 AM
| | |  [SOLVED] Spam headers missing after upgrading to Zimbra CS 7
I have recently upgraded Zimbra-6.0.10(OSS) to Zimbra-7 (GA). Everything went smoothly except SPAM filters. The zimbra.log shows all the services are working perfectly. However, the spam filters doesn't seem to work properly and the *show original* doesn't display any of the SPAM headers.
I tried by sending the GTUBE and it is also directly delivered in inbox without any spam headers.
How can I troubleshoot this issue?
thanks in advance. |
03-15-2011, 05:04 AM
| | |
What do you get with zmcontrol status?
zimbra.log should actually show the entire path of incoming mail, not only SMTP reception from remote host, but also internal SMTP relay to amavis and then back for final delivery into mailboxes. It might help to post a log excerpt showing delivery. |
03-15-2011, 05:49 AM
| | |
Code: [zimbra@indigo ~]$ zmcontrol status
Host abc.xyz.com
antispam Running
antivirus Running
ldap Running
logger Running
mailbox Running
mta Running
snmp Running
spell Running
stats Running
zmconfigd Running Here is the log when I tried to send a mail from my gmail account to our domain(I have changed the actual domain name to prevent spammers) Code: 2011-03-15T08:41:59.940703-04:00 indigo postfix/smtpd[24220]: E5A2728079: client=mail-ww0-f43.google.com[74.125.82.43]
2011-03-15T08:42:00.131201-04:00 indigo postfix/cleanup[30467]: E5A2728079: message-id=<AANLkTim60ks6rpyimh_GDfSKgzwzTMWgLAoVNX84OV_M@mail.gmail.com>
2011-03-15T08:42:00.193191-04:00 indigo postfix/qmgr[25208]: E5A2728079: from=<sender@gmail.com>, size=1841, nrcpt=1 (queue active)
2011-03-15T08:42:00.223728-04:00 indigo amavis[26076]: (26076-02) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20110315T081002-26076: <sender@gmail.com> -> <receiver@abc.com> SIZE=1841 Received: from xyz.abc.com ([127.0.0.1]) by localhost (xyz.abc.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <receiver@abc.com>; Tue, 15 Mar 2011 08:42:00 -0400 (EDT)
2011-03-15T08:42:08.095623-04:00 indigo zmmailboxdmgr[30834]: status requested
2011-03-15T08:42:08.095713-04:00 indigo zmmailboxdmgr[30834]: status OK
2011-03-15T08:42:20.268268-04:00 indigo amavis[26076]: (26076-02) Checking: 72ClEiJ8diC7 [74.125.82.43] <sender@gmail.com> -> <receiver@abc.com>
2011-03-15T08:42:20.345481-04:00 indigo postfix/smtpd[31013]: connect from localhost.localdomain[127.0.0.1]
2011-03-15T08:42:20.349703-04:00 indigo postfix/smtpd[31013]: 555A32807A: client=localhost.localdomain[127.0.0.1]
2011-03-15T08:42:20.350935-04:00 indigo postfix/cleanup[30467]: 555A32807A: message-id=<AANLkTim60ks6rpyimh_GDfSKgzwzTMWgLAoVNX84OV_M@mail.gmail.com>
2011-03-15T08:42:20.405912-04:00 indigo postfix/qmgr[25208]: 555A32807A: from=<sender@gmail.com>, size=2619, nrcpt=1 (queue active)
2011-03-15T08:42:20.405960-04:00 indigo postfix/smtpd[31013]: disconnect from localhost.localdomain[127.0.0.1]
2011-03-15T08:42:20.406780-04:00 indigo amavis[26076]: (26076-02) FWD via SMTP: <sender@gmail.com> -> <receiver@abc.com>,BODY=7BIT 250 2.0.0 Ok, id=26076-02, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 555A32807A
2011-03-15T08:42:20.413484-04:00 indigo amavis[26076]: (26076-02) Passed CLEAN, [74.125.82.43] [74.125.82.43] <sender@gmail.com> -> <receiver@abc.com>, Message-ID: <AANLkTim60ks6rpyimh_GDfSKgzwzTMWgLAoVNX84OV_M@mail.gmail.com>, mail_id: 72ClEiJ8diC7, Hits: -, size: 1841, queued_as: 555A32807A, dkim_id=sender@gmail.com, 20197 ms
2011-03-15T08:42:20.415107-04:00 indigo postfix/smtp[30472]: E5A2728079: to=<receiver@abc.com>, orig_to=<receiver1@abc.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=86, delays=66/0.02/0/20, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=26076-02, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 555A32807A)
2011-03-15T08:42:20.429638-04:00 indigo postfix/qmgr[25208]: E5A2728079: removed
2011-03-15T08:42:20.533271-04:00 indigo postfix/lmtp[31014]: 555A32807A: to=<receiver@abc.com>, relay=xyz.abc.com[nn.nnn.nnn.nnn]:7025, delay=0.18, delays=0.06/0.03/0/0.1, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
2011-03-15T08:42:20.533507-04:00 indigo postfix/qmgr[25208]: 555A32807A: removed
2011-03-15T08:42:25.755427-04:00 indigo postfix/smtpd[30445]: connect from xyz.abc.com[nn.nnn.nnn.nnn]
2011-03-15T08:42:25.755519-04:00 indigo postfix/smtpd[30445]: disconnect from xyz.abc.com[nn.nnn.nnn.nnn]
2011-03-15T08:42:30.278952-04:00 indigo postfix/smtpd[24220]: disconnect from mail-ww0-f43.google.com[74.125.82.43]  |
03-15-2011, 06:32 AM
| | |
Well, it is being passed through amavis, but amavis isn't showing any hits at all. This is probably why no spam headers are added.
You might want to examine your /opt/zimbra/conf/amavisd.conf -- or post it here. Also post output of ls -l /opt/zimbra/conf/spamassassin to make sure all the files are there. |
03-15-2011, 05:40 PM
| | |
Try: Code: grep content_filter /opt/zimbra/postfix/conf/main.cf |
03-16-2011, 11:17 PM
| | |
@ewilen
Here is the output of ls -l /opt/zimbra/conf/spamassassin: Code: # ls -l /opt/zimbra/conf/spamassassin/
total 1264
-r--r--r-- 1 zimbra zimbra 8318 Mar 5 00:16 10_default_prefs.cf
-r--r--r-- 1 zimbra zimbra 7612 Mar 5 00:16 20_advance_fee.cf
-r--r--r-- 1 zimbra zimbra 7986 Mar 5 00:16 20_aux_tlds.cf
-r--r--r-- 1 zimbra zimbra 7005 Mar 5 00:16 20_body_tests.cf
-r--r--r-- 1 zimbra zimbra 1894 Mar 5 00:16 20_compensate.cf
-r--r--r-- 1 zimbra zimbra 11832 Mar 5 00:16 20_dnsbl_tests.cf
-r--r--r-- 1 zimbra zimbra 14998 Mar 5 00:16 20_drugs.cf
-r--r--r-- 1 zimbra zimbra 11492 Mar 5 00:16 20_dynrdns.cf
-r--r--r-- 1 zimbra zimbra 8117 Mar 5 00:16 20_fake_helo_tests.cf
-r--r--r-- 1 zimbra zimbra 3159 Mar 5 00:16 20_freemail.cf
-r--r--r-- 1 zimbra zimbra 36137 Mar 5 00:16 20_freemail_domains.cf
-r--r--r-- 1 zimbra zimbra 25738 Mar 5 00:16 20_head_tests.cf
-r--r--r-- 1 zimbra zimbra 10504 Mar 5 00:16 20_html_tests.cf
-r--r--r-- 1 zimbra zimbra 5287 Mar 5 00:16 20_imageinfo.cf
-r--r--r-- 1 zimbra zimbra 3330 Mar 5 00:16 20_meta_tests.cf
-r--r--r-- 1 zimbra zimbra 1880 Mar 5 00:16 20_net_tests.cf
-r--r--r-- 1 zimbra zimbra 8069 Mar 5 00:16 20_phrases.cf
-r--r--r-- 1 zimbra zimbra 2062 Mar 5 00:16 20_****.cf
-r--r--r-- 1 zimbra zimbra 15856 Mar 5 00:16 20_ratware.cf
-r--r--r-- 1 zimbra zimbra 5535 Mar 5 00:16 20_uri_tests.cf
-r--r--r-- 1 zimbra zimbra 19305 Mar 5 00:16 20_vbounce.cf
-r--r--r-- 1 zimbra zimbra 2549 Mar 5 00:16 23_bayes.cf
-r--r--r-- 1 zimbra zimbra 1544 Mar 5 00:16 25_accessdb.cf
-r--r--r-- 1 zimbra zimbra 1536 Mar 5 00:16 25_antivirus.cf
-r--r--r-- 1 zimbra zimbra 1544 Mar 5 00:16 25_asn.cf
-r--r--r-- 1 zimbra zimbra 2331 Mar 5 00:16 25_dcc.cf
-r--r--r-- 1 zimbra zimbra 4407 Mar 5 00:16 25_dkim.cf
-r--r--r-- 1 zimbra zimbra 2929 Mar 5 00:16 25_hashcash.cf
-r--r--r-- 1 zimbra zimbra 1310 Mar 5 00:16 25_pyzor.cf
-r--r--r-- 1 zimbra zimbra 3389 Mar 5 00:16 25_razor2.cf
-r--r--r-- 1 zimbra zimbra 7672 Mar 5 00:16 25_replace.cf
-r--r--r-- 1 zimbra zimbra 3100 Mar 5 00:16 25_spf.cf
-r--r--r-- 1 zimbra zimbra 1768 Mar 5 00:16 25_textcat.cf
-r--r--r-- 1 zimbra zimbra 8618 Mar 5 00:16 25_uribl.cf
-r--r--r-- 1 zimbra zimbra 28494 Mar 5 00:16 30_text_de.cf
-r--r--r-- 1 zimbra zimbra 20805 Mar 5 00:16 30_text_fr.cf
-r--r--r-- 1 zimbra zimbra 1858 Mar 5 00:16 30_text_it.cf
-r--r--r-- 1 zimbra zimbra 22043 Mar 5 00:16 30_text_nl.cf
-r--r--r-- 1 zimbra zimbra 18189 Mar 5 00:16 30_text_pl.cf
-r--r--r-- 1 zimbra zimbra 3331 Mar 5 00:16 30_text_pt_br.cf
-r--r--r-- 1 zimbra zimbra 49608 Mar 5 00:16 50_scores.cf
-r--r--r-- 1 zimbra zimbra 9288 Mar 5 00:16 60_adsp_override_dkim.cf
-r--r--r-- 1 zimbra zimbra 1304 Mar 5 00:16 60_awl.cf
-r--r--r-- 1 zimbra zimbra 2178 Mar 5 00:16 60_shortcircuit.cf
-r--r--r-- 1 zimbra zimbra 4984 Mar 5 00:16 60_whitelist.cf
-r--r--r-- 1 zimbra zimbra 6148 Mar 5 00:16 60_whitelist_dkim.cf
-r--r--r-- 1 zimbra zimbra 3584 Mar 5 00:16 60_whitelist_spf.cf
-r--r--r-- 1 zimbra zimbra 1914 Mar 5 00:16 60_whitelist_subject.cf
-r--r--r-- 1 zimbra zimbra 266322 Mar 5 00:16 72_active.cf
-r--r--r-- 1 zimbra zimbra 5236 Mar 5 00:16 72_scores.cf
-r--r--r-- 1 zimbra zimbra 2123 Mar 5 00:16 73_sandbox_manual_scores.cf
-rw-r--r-- 1 zimbra zimbra 896 Sep 1 2010 FromNotReturnPath.pm
-r--r--r-- 1 zimbra zimbra 1495 Mar 5 00:16 STATISTICS-set0-72_scores.cf.txt
-r--r--r-- 1 zimbra zimbra 61569 Mar 5 00:16 STATISTICS-set0.txt
-r--r--r-- 1 zimbra zimbra 1494 Mar 5 00:16 STATISTICS-set1-72_scores.cf.txt
-r--r--r-- 1 zimbra zimbra 69230 Mar 5 00:16 STATISTICS-set1.txt
-r--r--r-- 1 zimbra zimbra 0 Mar 5 00:16 STATISTICS-set2-72_scores.cf.txt
-r--r--r-- 1 zimbra zimbra 61568 Mar 5 00:16 STATISTICS-set2.txt
-r--r--r-- 1 zimbra zimbra 0 Mar 5 00:16 STATISTICS-set3-72_scores.cf.txt
-r--r--r-- 1 zimbra zimbra 69236 Mar 5 00:16 STATISTICS-set3.txt
-r--r--r-- 1 zimbra zimbra 9238 Mar 5 00:16 active.list
-rw-r----- 1 zimbra zimbra 9418 Sep 6 2010 header_check.cf
-r--r--r-- 1 zimbra zimbra 1299 Mar 5 00:16 init.pre
-r--r--r-- 1 zimbra zimbra 101479 Mar 5 00:16 languages
-r--r--r-- 1 zimbra zimbra 2214 Mar 5 00:16 local.cf
-rw-r----- 1 zimbra zimbra 7709 Sep 6 2010 malware_list.cf
-r--r--r-- 1 zimbra zimbra 2762 Mar 5 00:16 regression_tests.cf
drwx------ 2 zimbra zimbra 4096 Feb 23 10:18 sa-update-keys
-r--r--r-- 1 zimbra zimbra 4777 Mar 5 00:16 sa-update-pubkey.txt
-r--r--r-- 1 zimbra zimbra 1869 Mar 5 00:16 user_prefs.template
-r--r--r-- 1 zimbra zimbra 2524 Mar 5 00:16 v310.pre
-r--r--r-- 1 zimbra zimbra 1194 Mar 5 00:16 v312.pre
-r--r--r-- 1 zimbra zimbra 2416 Mar 5 00:16 v320.pre
-r--r--r-- 1 zimbra zimbra 1237 Mar 5 00:16 v330.pre Please find the attached amavisd.conf.
Thanks |
03-16-2011, 11:19 PM
| | |
@John Siu
[zimbra@indigo ~]$ grep content_filter /opt/zimbra/postfix/conf/main.cf
content_filter = smtp-amavis:[127.0.0.1]:10024 |
03-17-2011, 10:47 AM
| | |
The content_filter setting looks good, or at least it matches my system.
Your spamassassin directory looks like it has all the necessary files although I didn't examine the listing in detail.
Your amavisd.conf differs quite a bit from mine. Not sure if that's because you have ZCS 7 and I'm still on 6.
One thing that caught my eye is the query_filter value in amavisd.conf. You have Code: query_filter => '(&(objectClass=amavisAccount)(|(mail=%m)(zimbraDomainName=%m)))', while I have Code: query_filter => '(&(objectClass=amavisAccount)(mail=%m))', So you might try changing that line (in amavisd.conf. in actually) and then restarting zimbra. (Or if you prefer, restart just amavis; zmamavisdctl restart should do the trick.) |
03-17-2011, 09:09 PM
| | |
Quote:
Originally Posted by ewilen  ...
One thing that caught my eye is the query_filter value in amavisd.conf. You have Code: query_filter => '(&(objectClass=amavisAccount)(|(mail=%m)(zimbraDomainName=%m)))', ... | That line is the same with my 7.0.1 testing box. And I get the x-spam header even I do a self email in that box. |
03-17-2011, 11:09 PM
| | |
@ewilen, @John Siu
I tried changing the query_filter in amavisd.conf and now the spam headers appear in the mail. But when I tried a sending GTUBE, the mail got discarded instead of dropping it to *Junk* folder. Any hint? | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
