From owner-freebsd-questions@FreeBSD.ORG Tue Aug 14 16:01:46 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2137A1065676 for ; Tue, 14 Aug 2012 16:01:46 +0000 (UTC) (envelope-from bonomi@mail.r-bonomi.com) Received: from mail.r-bonomi.com (mx-out.r-bonomi.com [204.87.227.120]) by mx1.freebsd.org (Postfix) with ESMTP id BB8EE8FC18 for ; Tue, 14 Aug 2012 16:01:45 +0000 (UTC) Received: (from bonomi@localhost) by mail.r-bonomi.com (8.14.4/rdb1) id q7EG45cE061565; Tue, 14 Aug 2012 11:04:05 -0500 (CDT) Date: Tue, 14 Aug 2012 11:04:05 -0500 (CDT) From: Robert Bonomi Message-Id: <201208141604.q7EG45cE061565@mail.r-bonomi.com> To: andy@neu.net, freebsd-questions@freebsd.org In-Reply-To: Cc: Subject: Re: sendmail + clamav + spamassasin config help X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Aug 2012 16:01:46 -0000 > From owner-freebsd-questions@freebsd.org Mon Aug 13 21:55:24 2012 > Date: Tue, 14 Aug 2012 02:51:17 -0400 (EDT) > From: AN > To: freebsd-questions@freebsd.org > Subject: sendmail + clamav + spamassasin config help > > FreeBSD mail.neu.net 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #2 r239243: > Mon Aug 13 19:20:19 EDT 2012 > root@mail.neu.net:/usr/obj/usr/src/sys/GENERIC amd64 > > I am trying to configure sendmail + clamav + spamassasin. The problem I > have is that neither clamav or spamassasin runs when I send or receive > email. I would like the server to do the following: > > 1. check dns blacklists, which is working (see below) > > Aug 14 02:00:54 mail sm-mta[38461]: ruleset=check_relay, > arg1=[37.121.149.208], arg2=127.0.0.4, relay=[37.121.149.208], reject=550 > 5.7.1 Rejected: 37.121.149.208 listed at sbl-xbl.spamhaus.org Confirm. FEATURE dsnsbl is functioning. > > 2. run spamd > 3. run clamav > Aug 14 02:04:41 mail sm-mta[38464]: q7E64eCv038464: milter=clmilter, action=rcpt, continue > Aug 14 02:04:41 mail sm-mta[38464]: q7E64eCv038464: milter=clmilter, action=header, continue > Aug 14 02:04:41 mail lastmessage repeated 12 times > Aug 14 02:04:41 mail sm-mta[38464]: q7E64eCv038464: milter=clmilter, action=body, continue > Aug 14 02:04:42 mail sm-mta[38464]: q7E64eCv038464: Milter accept: message > Aug 14 02:04:42 mail sm-mta[38464]: q7E64eCv038464: --- 250 2.0.0 q7E64eCv038464 Message accepted for delivery > > spamd and clamav never execute. The above logfile entries appear to show that the milter interfae for clamav _is_ being invoked. Although nothing shows for 'spamassassin'. NOTE: your copy/paste of the .mc file, etc. *LOST* critical line-break formatting. I've had to _guess_ where breaks occured in ressurecting the files. There are 'dnl' verbs below that appear to have nothing after them. *IF* what appears below as a separate line following such a 'dnl' is actually on the same line with the dnl, then _that_ directive will *NOT* be acted on. YOU will have to double-check for that. > > # cat mail.neu.net.mc > divert(-1) > # > # Copyright (c) 1983 Eric P. Allman > # Copyright (c) 1988, 1993 > # The Regents of the University of California. All rights reserved. > # > # > # > > # > # This is a generic configuration file for FreeBSD 6.X and later systems. > # If you want to customize it, copy it to a name appropriate for your > # environment and do the modifications there. > # > # The best documentation for this .mc file is: > # /usr/share/sendmail/cf/README or > # /usr/src/contrib/sendmail/cf/README > # > > divert(0) > VERSIONID(`$FreeBSD: release/9.0.0/etc/sendmail/freebsd.mc 223068 2011-06-14 04:33:43Z gshapiro $') > OSTYPE(freebsd6) > DOMAIN(generic) > > FEATURE(access_db, `hash -o -T /etc/mail/access') > FEATURE(blacklist_recipients) > FEATURE(local_lmtp) > FEATURE(mailertable,`hash -o /etc/mail/mailertable') > FEATURE(virtusertable, `hash -o > /etc/mail/virtusertable') > > dnl Uncomment to allow relaying based on your MX records. > dnl NOTE: This can allow sites to use your server as a backup MX without > dnl your permission. > dnl FEATURE(relay_based_on_MX) > > dnl DNS based black hole lists > dnl -------------------------------- > dnl DNS based black hole lists come and go on a regular basis > dnl so this file will not serve as a database of the available servers. > dnl For that, visit > dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/ > > dnl Uncomment to activate your chosen DNS based blacklist > dnl FEATURE(dnsbl,`dnsbl.example.com') > dnl Alternatively, you can provide your own server and rejection message: > dnl FEATURE(dnsbl,`dnsbl.example.com',``"550 Mail from " $&{client_addr}" rejected'') > FEATURE(dnsbl,`sbl-xbl.spamhaus.org') > FEATURE(dnsbl,`bl.spamcop.net') > > > dnl Dialup users should uncomment and define this appropriately > dnl define(`SMART_HOST',`your.isp.mail.server') > > dnl Uncomment the first line to change the location of the default > dnl /etc/mail/local-host-names and comment out the second line. > dnl define(`confCW_FILE',`-o /etc/mail/sendmail.cw') > define(`confCW_FILE',`-o /etc/mail/local-host-names') > > INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock,F=,T=S:4m;R:4m')dnl > INPUT_MAIL_FILTER(`spamassassin',`S=local:/var/run/spamass-milter.sock,F=,T=C:15m;S:4m;R:4m;E:10m')dnl > define(`confINPUT_MAIL_FILTERS',`clmilter,spamassassin')dnl The 'dnl' at the end of the above lines is superfluous, and should be removed. > > dnl Enable for both IPv4 and IPv6 (optional) > DAEMON_OPTIONS(`Name=IPv4,Family=inet') > DAEMON_OPTIONS(`Name=IPv6,Family=inet6,Modifiers=O') > > define(`confBIND_OPTS',`WorkAroundBrokenAAAA') > define(`confNO_RCPT_ACTION',`add-to-undisclosed') > define(`confPRIVACY_FLAGS',`authwarnings,noexpn,novrfy') > MAILER(local) > MAILER(smtp) > > [root@mail /etc/mail]#ps -aux > root 1268 0.0 0.3 41200 2668 ?? Is 11:47PM 0:00.07 /usr/local/sbin/spamass-milter -f -p /var/run/spamass-milter.sock > root 1276 0.0 3.8 125724 39080 ?? Ss 11:47PM 0:02.85 /usr/local/bin/spamd -c -d -r /var/run/spamd/spamd.pid (perl) > root 1277 0.0 4.5 133916 45908 ?? I 11:47PM 0:07.54 spamd child (perl) > root 1278 0.0 3.7 125724 37996 ?? I 11:47PM 0:00.01 spamd child (perl) > clamav 1284 0.0 7.7 217948 79456 ?? Is 11:47PM 0:04.89 /usr/local/sbin/clamd > clamav 1290 0.0 0.2 27540 2328 ?? Is 11:47PM 0:00.08 /usr/local/sbin/clamav-milter -c /usr/local/etc/clamav-milter.conf > clamav 1296 0.0 0.2 45080 2312 ?? Is 11:47PM 0:03.12 /usr/local/bin/freshclam --daemon -p /var/run/clamav/freshclam.pid > > > Clamav was compiled with the milter enabled. Please let me know what > other info I can provide to help troubleshoot this, any help is > appreciated. You may want to run sendmail -- just long enough for it to process a few incoming messages -- with a higher level of debugging enabled. You'll need to see the sendmail documentation (or the 'bat' book) for details of an appropriate value for the '-D' switch to sendmail invocation.