Skip to content

Spamassassin

Manually learning Spam/Ham

To manually learn spam: 

cat email.mime | kubectl exec -ti  deployment/postfix -c amavis -- sa-learn --spam

To manually learn ham: 

cat email.mime | kubectl exec -ti  deployment/postfix -c amavis -- sa-learn --ham

Migrating the bayes database

Export the database: 

kubectl exec -ti deployment/postfix -c amavis -- sa-learn --backup > datasalearnbackup.txt

Import the database: 

kubectl cp -c amavis data/salearnbackup.txt "$(kubectl get pods | grep postfix | head -1 | cut -d ' ' -f 1):/tmp/"
kubectl exec -ti deployment/postfix -c amavis -- sa-learn --restore /tmp/salearnbackup.txt

Inspecting the bayes database

Inspecting the bayes database: 

$ kolabctl shell postfix -c amavis -- sa-learn --dump magic

0.000          0          3          0  non-token data: bayes db version
0.000          0       1328          0  non-token data: nspam
0.000          0     571286          0  non-token data: nham
0.000          0          0          0  non-token data: ntokens
0.000          0          0          0  non-token data: oldest atime
0.000          0          0          0  non-token data: newest atime
0.000          0          0          0  non-token data: last journal sync atime
0.000          0          0          0  non-token data: last expiry atime
0.000          0          0          0  non-token data: last expire atime delta
0.000          0          0          0  non-token data: last expire reduction count

nspam is the number of spam messages learned, and nham the number of ham messages learned.

Wipe the bayes database

To completely delete the bayes database 

kubectl exec -ti deployments/redis -- redis-cli -a $(yq .redis.password values.yaml) -n 4 FLUSHDB

Validation

Trigger delivery of a spam test message to port 25: 

podman run --rm -t kolab-utils:latest ./mailtransporttest.py --sender-username christian@kolab.org --sender-password "simple123" --sender-host kolab.kolab.org --recipient-username admin@kolab.kolab.org --smtp --bulk-send 1 --verbose --spam

Note

It may not be possible to send from a regular mail service, because outgoing mail may be spam checked as well.

Note

A spam test message always gets a score of 1000

$ kubectl logs pod/postfix-6d65d48b78-gtb8h
Sep 30 18:21:46 postfix postfix/smtpd[13734]: connect from 84.123.123.123.ftth.isp.org[84.123.123.123]
Sep 30 18:21:47 postfix postfix/smtpd[13734]: 0EFD95C: client=84.123.123.123.ftth.isp.org[84.123.123.123]
Sep 30 18:21:47 postfix postfix/cleanup[13739]: 0EFD95C: message-id=<d89e2960-1e31-4a7f-8a2e-9a558e5b8cca@deliverycheck.org>
Sep 30 18:21:47 postfix postfix/qmgr[660]: 0EFD95C: from=<christian@kolab.org>, size=765, nrcpt=1 (queue active)
Sep 30 18:21:47 postfix postfix/smtpd[13734]: disconnect from 84.123.123.123.ftth.isp.org[84.123.123.123] ehlo=1 mail=1 rcpt=1 data=1 noop=1 quit=1 commands=6
Sep 30 18:21:52 postfix postfix/smtp[13704]: 0EFD95C: to=<admin@kolab.kolab.org>, relay=127.0.0.1[127.0.0.1]:13024, delay=5.8, delays=0.49/0/0.01/5.3, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=00052-17 - spam)

$ kubectl logs pod/postfix-6d65d48b78-gtb8h -c amavis  -f
<5>(00052-17) Blocked SPAM {DiscardedInbound,Quarantined}, [84.123.123.123]:64754 [84.123.123.123] <christian@kolab.org> -> <admin@kolab.kolab.org>, Queue-ID: 0EFD95C, Message-ID: <d89e2960-1e31-4a7f-8a2e-9a558e5b8cca@deliverycheck.org>, mail_id: 0fFjsCUDvyxX, Hits: 1001.695, size: 764, 5318 ms

spamc can be used to check an individual mail: 

$ cat email.mime | kubectl exec -ti deployment/postfix -c amavis -- spamc -R

$ cat email.mime | kubectl exec -ti deployment/postfix -c amavis -- spamc --headers