Tuneups and Tweaks for the Better Spam-Trap - Page 2
Just for fun, you may customize the spam subject header to suit yourself. The default is this:
$sa_spam_subject_tag = '***SPAM*** ';
Logging FunEvery piece of this puzzle has its own logfile. These are the logfiles to pay the most attention to:
Refer to /etc/syslog.conf to find the locations for your various syslogs. Amavisd-new should be configured to have its own logfile, instead of dumping everything into /var/log/syslog. See Section III in amavisd.conf:
# true (e.g. 1) => syslog; false (e.g. 0) => logging to file $DO_SYSLOG = 0; # (defaults to false) # Log file (if not using syslog) $LOGFILE = "/var/log/amavis.log"; $log_level =0;
The higher the log level, the more verbose. If you are having problems, kick it up to level 3 for debugging. It goes all the way up to level 5, if you really get stuck. Once everything is working smoothly, level 0 is fine. This records startup, exit, and failure messages, and lists viruses detected. You don't want to leave the log level high, unless you enjoy rapidly filling your drives, and generating oceans of output to wade through.
/var/log/mail.log is for Postfix. The different Postfix processes each generate their own log entries: master, smtpd, cleanup, qmgr, cleanup, postfix-script, and smtp. Here's snippet showing Amavisd-new and ClamAV starting up:
Aug 21 12:54:25 windbag amavis: Using internal av scanner code for (primary) Clam Antivirus-clamd Aug 21 12:54:25 windbag amavis: Found secondary av scanner Clam Antivirus - clamscan at /usr/bin/clamscan Aug 21 12:54:39 windbag postfix/postfix-script: starting the Postfix mail system Aug 21 12:54:39 windbag postfix/master: daemon started -- version 2.1.3
Postfix has the loveliest way of setting your logging levels: if you have problems with a particular domain, you can increase the log level for that domain only. Let's say that mail from a user with a yahoo.com address is not getting through. In main.cf , use the debug_peer_level directive :
debug_peer_list = yahoo.com debug_peer_level = 3
Run postfix reload, then send messages to your server from yahoo.com and see what happens. Use this simple regexp to quickly find errors in the Postfix log:
$ egrep '(reject|warning|error|fatal|panic):' /var/log/mail.log
See Postfix's DEBUG_README for a complete debugging howto.