[BlueOnyx:03854] Re: Spamassassin gone plum crazy! - fixed

[Michael Stauber]

Hi Jeffrey,

> Unfortunately, although the settings save they don't do anything.
>
> You can change the SpamAssassin settings to stop scanning outgoing mail but
> this has no effect. SpamAssassin seems to be treating outgoing mail as
> incoming, and it tags all the mail as Spam - mostly because the pop3 users
> have DUL or dynamic IPs.

Run this command on your box:

ps axf | grep spamass-milter

It should produce an output like this:

[root at cbx ~]# ps axf|grep spamass-milter
 2045 ?        Ssl    0:00 spamass-milter -p /var/run/spamass.sock -f -x -u 
mailnull -r 10 -i 192.168.1.1/255.255.255.255 -i 127.0.0.1 -- -U 
/var/run/spamd.sock -s 200000

If you disable the scanning for outgoing emails in the GUI, then each of the 
IPs bound to your eth0 network interface gets added to that parameter with an 
"-i" switch like in the above example, where it added 
192.168.1.1/255.255.255.255 (the "public" IP of that server) and 127.0.0.1 
(localhost).

Please toggle between "scan outgoing" "yes" and "no" and in between check with 
"ps axf | grep spamass-milter" to see the difference. When you choose to scan 
outgoing emails, it'll remove the -i switches and the network addresses.

The -i switch means "ignore" and will make sure that emails received from 
those IPs won't be processed. That includes emails generated by scripts and 
emails received by SMTP-Auth authenticated senders.

If your users don't use SMTP-Auth, then this could indeed already be the 
culprit and they need to reconfigure their email clients to authenticate with 
their username and password against your mailsender when sending emails.

-- 
With best regards

Michael Stauber