Different results from spamassassin and spamc

Question

I have installed and configured and trained my spamassassin and all seemed to work just fine. Then when I tried to deploy it via spamc I get partial results.

Why is this happening?

I like spamc for the fact i can get it to output just the report but it seems to be missing checks: SPF, DKIM, BAYES.

I have not managed to figure it out or find any similar reports online. This has been going on for days now and I am out of ideas.

spamassassin works:

# spamassassin -t < /path/to/spam.eml

Content analysis details:   (3.3 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 0.0 FSL_HELO_NON_FQDN_1    FSL_HELO_NON_FQDN_1
 0.7 SPF_SOFTFAIL           SPF: sender does not match SPF record (softfail)
 0.8 BAYES_50               BODY: Bayes spam probability is 40 to 60%
                            [score: 0.5000]
 0.5 MISSING_MID            Missing Message-Id: header
 0.0 HELO_NO_DOMAIN         Relay reports its domain incorrectly
 1.4 MISSING_DATE           Missing Date: header

spamc only partial:

# spamc -R  < /path/to/spam.eml

Content analysis details:   (1.5 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 0.0 FSL_HELO_NON_FQDN_1    FSL_HELO_NON_FQDN_1
 0.1 MISSING_MID            Missing Message-Id: header
 0.0 HELO_NO_DOMAIN         Relay reports its domain incorrectly
 1.4 MISSING_DATE           Missing Date: header

Answer 1

I figured the same problem.

• Here is the answer to your question: http://spamassassin.apache.org/full/3.3.x/doc/Mail_SpamAssassin_Conf.html#filename

The bayes databases are saved in the home directory of the user which runs spamassassin:

bayes_path /path/filename   (default: ~/.spamassassin/bayes)
This is the directory and filename for Bayes databases. Several databases will be created, with this as the base directory and filename, with _toks, _seen, etc. appended to the base. The default setting results in files called ~/.spamassassin/bayes_seen, ~/.spamassassin/bayes_toks, etc.

By default, each user has their own in their ~/.spamassassin directory with mode 0700/0600. For system-wide SpamAssassin use, you may want to reduce disk space usage by sharing this across all users. However, Bayes appears to be more effective with individual user databases.

• And here is the solution that worked for me:

According to this wiki: http://wiki.apache.org/spamassassin/SiteWideBayesSetup , I added in /etc/mail/spamassassin/local.cf the following two lines:

bayes_path /var/spamassassin/bayes_db/bayes
bayes_file_mode 0777

and I created the needed directory: /var/spamassassin/bayes_db/

Please note that the last "bayes" in the path is the prefix for the database files (bayes_journal, bayes_seen, etc.)

Ok, after I restared the spamassassin, nothing happened. No Bayes test yet. Hmm...

So, I copied the already created databases from /root/.spamassassin/* to /var/spamassassin/bayes_db

Update: It seems that I had to change the permissions to these 4 bayes_* files to 0666. Otherwise the autolearner will not save the new data. I don't agree with 0666 permission, but I hope I will find another solution soon.

I ran another test in spamc and... I got the Bayes!! :)

Results for spamassassin

# spamassassin -t -D spf,dkim < /path/to/spam.eml

Content analysis details:   (8.2 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 3.5 BAYES_99               BODY: Bayes spam probability is 99 to 100%
                            [score: 1.0000]
 1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
                [Blocked - see <http://www.spamcop.net/bl.shtml?141.146.5.61>]
 1.0 DATE_IN_PAST_12_24     Date: is 12 to 24 hours before Received: date
-0.0 SPF_PASS               SPF: sender matches SPF record
 1.3 TRACKER_ID             BODY: Incorporates a tracking ID number
 0.2 BAYES_999              BODY: Bayes spam probability is 99.9 to 100%
                            [score: 1.0000]
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.8 RDNS_NONE              Delivered to internal network by a host with no rDNS

Results for spamc:

# spamc -R  < /path/to/spam.eml

Content analysis details:   (8.2 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
                [Blocked - see <http://www.spamcop.net/bl.shtml?141.146.5.61>]
 3.5 BAYES_99               BODY: Bayes spam probability is 99 to 100%
                            [score: 1.0000]
 1.0 DATE_IN_PAST_12_24     Date: is 12 to 24 hours before Received: date
-0.0 SPF_PASS               SPF: sender matches SPF record
 1.3 TRACKER_ID             BODY: Incorporates a tracking ID number
 0.2 BAYES_999              BODY: Bayes spam probability is 99.9 to 100%
                            [score: 1.0000]
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.8 RDNS_NONE              Delivered to internal network by a host with no rDNS

Content analysis details:   (8.2 points, 5.0 required)