Navigation: »No topics above this level«
Q: Why do I still receive spam mails when SpamAssassin in a Box was just installed?
A: SpamAssassin in a Box is not a mail router. This means, the included spam filter just scores mails that have been passed to it and reports the result back to the invoker. Therefore the mail server you are using has to support an interface to SpamAssassin in order to make use of it's spam filter functionality. If you use Microsoft Exchange, you should have a look at the Exchange Server Toolbox which is a completely pre-configured server add-on for Microsoft Exchange that already contains SpamAssassin in a Box, besides several other powerful features.
Q: How can I configure SpamAssassin in a Box?
A: SpamAssassin in a Box can be configured via a config file named Service.config. Further information can be found at the topic Configuration.
Q: How can I check if SpamAssassin in a Box is working?
A: When it is started SpamAssassin in a Box creates an instance of the SpamAssassin daemon 'SpamD'. To check if SpamD is accessible please proceed as follows:
- Open task manager and make sure there is a process called 'spamd.exe'. You may need to click 'Show processes from all users' to achieve this.
- Open a dos prompt (run -> cmd.exe) and locate your SpamAssassin in a Box installation directory (e.g. 'C:\Program Files (x86)\JAM Software\SpamAssassin in a Box').
- Connect to the SpamAssassin daemon via the client program ('spamc.exe') via the following command:
spamc.exe < sample-spam.txt
- If the test was successful you should see the so called 'X-Spam-Headers' at the top of the console output. They contain information about the likeliness of the scanned mail being spam. Since the 'sample-spam.txt' is a spam test mail, SpamAssassin should have clearly identified it as a spam mail, see the 'X-Spam-Status' information: X-Spam-Status: Yes, hits=1000.0, required=5.0
Q: How can I check if SpamAssassin in a Box is accessible over the network?
A: SpamAssassin in a Box configures the SpamAssassin daemon to accept only local requests per default (listening port 783). If you want to make it accept requests over the network, you need to change the startup parameters of SpamD using the SpamD.config under C:\ProgramData\JAM Software\spamdService\. To allow a remote host connections to SpamD, please add the address of the host under "AllowedIPs", e.g. "192.168.0.1". To allow conncetions from all clients of the subnet 192.168.0.*, please specify "192.168.0.". In addition to the AllowedIPs options, please ensure that the "ListenIP" is set to "0.0.0.0." so that connections on any network interface of the the machine that is running the SpamAssassin service are allowed. For further information on the parameters please see chapter Configuration or refer to the official SpamAssassin documentation. When you have applied the changes, please restart the 'SpamAssassin Daemon Control' service over the Service Control Manager (run -> services.msc) so the daemon can use the new configuration settings. Please also ensure that port 783 (default port of the SpamAssassin daemon) is opened in the Windows firewall or any other similar program. During the installation of SpamAssassin in a Box the port is automatically opened in the Windows firewall, if this option hasn't been explicitly disabled in the setup dialogue.
You can now check the network availability of the SpamAssassin daemon by connecting to it from a remote host in your network. You need a program like telnet, putty or the SpamAssassin client 'spamc.exe' that is located in your SpamAssassin in a Box installation directory to establish a connection. If you use the spamc.exe please proceed as follows:
- On the remote host open a DOS prompt and locate the directory you have copied the spamc.exe to.
- Create a text file with an arbitrary content which we will used to be checked by SpamAssassin.
- Use spamc.exe to send the request to the SpamAssassin daemon. You need to know the IP address or hostname of the machine on which you have installed SpamAssassin in a Box, for example:
spamc.exe -d 192.168.0.1 < textfile.txt
- If the request was successful it should contain an according spam report (X-Spam-Status headers, ...), see the above FAQ point "How can I check if SpamAssassin in a Box is working?"
Q: Do I need to open any additional ports for the integrated SpamAssassin?
A: Yes, the integrated SpamAssassin does not only use RBL which need ICMP for requesting, you also need to open TCP Port 2703 to make SpamAssassin able to use Razor2. Otherwise spam scans may last longer than a minute or you need to disable Razor2:
- Create a CF file like "XMySettings.cf" (text files) and put "score RAZOR2_CHECK 0" in it.
- Put this file in "C:\ProgramData\JAM Software\spamdService\sa-config\"
Q: I would like to use SpamAssassin in a Box for the spam filtering on multiple domains (*.example.de, *.example.com), how many licenses must I buy for this?
A: In general, you need one license per installation. Therefore you only need one license if you administer multiple domains with a single installation.
Q: How can I manually train the SpamAssassin Bayes filter?
A: The SpamAssassin Bayes filter can be trained either using the sa-learn.exe or the spamc.exe. The main difference on a Windows system is that sa-learn will run under the currents user credentials while spamc will pass the mails that shall be trained to spamd (the SpamAssassin Daemon) which then trains the mail under the user credentials of spamd. This is especially important if you run SpamD for spam filtering under a separate user account, e.g. the Windows system user account (which is the default when using SpamAssassin in a Box for example). In this case you have to use spamc for training, as using sa-learn would just train the Bayes database for the local user.
For manual training we provide a batch script which can be used to train messages in a specific folder either as spam or ham. Besides the directory where the messages that shall be learned reside, the script requires you to decide whether the messages shall be learned as spam or ham. Please note that messages must be conform to the RFC822 format in order to make the Bayes filter work properly. For converting an Outlook message into a RFC822 conform message there are several tools available, for example "MSG to EML Converter". The script tries learning using spamc first - if that fails because there is no local spamd instance available, it will "fallback" to sa-learn (assuming that learning shall be done using the local user account). To use the batch script, please follow these steps:
1. Open a command line prompt (run > cmd.exe).
2. Change directory (cd) to the installation directory of SpamAssassin in a Box.
3. Execute command: trainbayes.bat
4. Follow the instructions of the batch script.
Q: How can I adjust the threshold/score at which mails are being tagged as spam?
A: The threshold can be configured in the "local.cf" configuration file which resides in the configuration directory (C:\ProgramData\JAM Software\spamdService\sa-config\) of SpamAssassin in a Box. Please open the text file with an appropriate text editor and search for the following line:
# required_score 5.0
Remove the comment sign (#) in front of the line and adjust the score to the desired value. Please note that any changes in the configuration files in the configuration directory will require a restart of the SpamAssassin daemon in order to take effect.
Q: How can I add custom rules?
A: To add your own SpamAssassin rules, please create a plain text file that has the file extension .cf and place it into the configuration directory (C:\ProgramData\JAM Software\spamdService\sa-config\) of SpamAssassin in a Box. You can now add your own rules using the following syntax:
header JAM_ERECTION Subject =~ /e.?r.?e.?c.?t.?[i1|l!].?[o0].?n/i
describe JAM_ERECTION Subject contains "erection"
score JAM_ERECTION 1.0
This will create a rule which catches various spellings of the word "erection" in the subject of a mail. For more information on writing custom rules, please refer to the following topic in the official SpamAssassin Wiki: http://wiki.apache.org/spamassassin/WritingRules
Alternatively you can also define your rules in the "user_prefs" configuration file which is located in the user profile directory. For a regular user this is the following directory:
When executing SpamAssassin using the Windows system service account (which is the default when using SpamAssassin in a Box for example) the file will typically be located at the following directory (assuming a 64 bit system):
When using the SpamAssassin daemon (spamd.exe) for spam filtering, testing rules in the "user_prefs" file has the advantage that its contents are read for each mail and not only at the start of the process. This way you won't have to stop and start the SpamAssassin daemon each time you want to check if a certain change to your custom rule has the desired effect. If the rule is working as intended you can still copy it to a .cf file in the configuration directory (C:\ProgramData\JAM Software\spamdService\sa-config\). This is a good practice as a huge "user_prefs" file would decrease performance of the SpamAssassin daemon.
Q: Why is there no information about configuration?
Q: spamassassin.exe / spamd.exe fails with the following message:
config: no rules were found! Do you need to run 'sa-update'?
A: Most likely SpamAssassin is not able to find a valid rule set. Please run sa-update.bat to download the latest rules.
Q: sa-update fails with the following message, what can I do?
config: no configuration text or files found! do you need to run 'sa-update'?
check: no loaded plugin implements 'check_main': cannot scan!
Check the necessary '.pre' files are in the config directory.
A: The path to rules and/or config dir is invalid. Make sure you run the executable (spamd.exe, spamassassin.exe, ...) from their main directory instead of specifying an absolute path to run.
Q: When starting SpamAssassin I get the following notification. What is this for?
|info: rules: meta test __SOME_TEST_NAME has dependency 'YET_ANOTHER_TEST' with a zero score|
|A:||This happens if SpamAssassin finds rules with a score of zero. Tests with such a score a generally used in third party rule sets.|
They check for a specific spam or ham sign but do not actually assign a score to leave it to the SpamAssassin admin if they want to use it or not to optimize their spam detection.
The message can be avoided by assigning a score to the related test or by removing the channel which belongs the particular rule from the sa-update call.
To assign a score, open 'local.cf' in the configuration directory (C:\ProgramData\JAM Software\spamdService\sa-config\) and add the line following line:
score YET_ANOTHER_TEST 0.0001
Q: Q: How can I make use of SpamAssassin plugins, that are not part of the Windows distribution?
|A:||This is described in the topic "Components and Plugins".|
Q: Why does the "URIBL_BLOCKED ADMINISTRATOR NOTICE" rule hit on any of my messages, what is it for and how can I avoid this?
A: URIBL (http://www.uribl.com) is a DNS-based Blackhole List which tracks IP addresses which are commonly used for sending spam mails. URIBL is enabled by default for SpamAssassin installations but allows only a certain amount of requests from the same IP every day. If this amount is exceeded, any further requests will be blocked by the URIBL servers with the info notification above. This typically happens for SpamAssassin installations that use public DNS resolvers such as Google. As any request that is forwarded via the Google servers has the same IP when it reaches the Blackhole list, all requests will share the same limit. For usage of an alternative DNS, please follow these instructions.