Bonjour, J'ai installé une colution complète postfix amavids-new clamav spamassassin. Cette formule est assez classique et j'espère que vous aller pouvoir m'orienter vers la solution. tout le système marche impeccablement bien a un détail près : en srutant le log mail.info de ma debian je peux observer que le mail reçu est bien passé de postfix a amavisd amavisd lance bien clamav qui fait son taf et spamassassin qui fait sont taf, le mail est retransférer à postfix pour ma livraison virtuel seulement que le mail soit spam ou non spam aucun flag X-spam... n'aparait dans le header du mail reçu. Seul la signature X-virus-scan apparait. le sujet n'est pas taguer lui non plus même si spamassassin ressort une note de 9 par exemple et que j'ai mi un scoring max à 5 J'ai un spamassassin 3.0.3 voici le fichier local.cf de spamassassin [code] # How many hits before a message is considered spam. required_score 5.0 # Change the subject of suspected spam rewrite_header subject *****SPAM (_SCORE_)***** add_header all Flag _YESNOCAPS_ add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_, pyzor=_PYZOR_, rbl=_RBL_ add_header all Level _STARS(*)_ add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_ # Encapsulate spam in an attachment (0=no, 1=yes, 2=safe) report_safe 0 # Enable the Bayes system use_bayes 1 # Enable Bayes auto-learning bayes_auto_learn 1 # Enable or disable network checks skip_rbl_checks 0 use_razor2 1 use_dcc 1 use_pyzor 1 # Mail using languages used in these country codes will not be marked # as being possibly spam in a foreign language. # - english french ok_languages en fr # Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales en fr whitelist_from *@paradoxal.org razor_config /var/amavis/.razor/razor-agent.conf bayes_path /var/lib/amavis/.spamassassin/bayes auto_whitelist_path /var/lib/amavis/.spamassassin/auto-whitelist lock_method flock [/code] Voici la config que j'ai pour le amavisd.conf [code] $MYHOME = '/var/lib/amavis'; # (default is '/var/amavis') $mydomain = 'local.paradoxal.org'; # (no useful default) $myhostname = 'sv1.local.paradoxal.org'; # fqdn of this host, default by uname(3) $daemon_user = 'amavis'; # (no default (undef)) $daemon_group = 'amavis'; # (no default (undef)) $TEMPBASE = $MYHOME; # (must be set if other config vars use is) #$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean? $pid_file = "/var/run/amavis/amavisd.pid"; # (default: "$MYHOME/amavisd.pid") $lock_file = "/var/run/amavis/amavisd.lock"; # (default: "$MYHOME/amavisd.lock") $ENV{TMPDIR} = $TEMPBASE; # wise to set TMPDIR, but not obligatory $forward_method = 'smtp:127.0.0.1:10025'; # where to forward checked mail $notify_method = $forward_method; # where to submit notifications $max_servers = 2; # number of pre-forked children (default 2) $max_requests = 10; # retire a child after that many accepts (default 10) $child_timeout = 5*60; # abort child if it does not complete each task in n sec # @bypass_virus_checks_acl = qw( . ); # uncomment to DISABLE anti-virus code # @bypass_spam_checks_acl = qw( . ); # uncomment to DISABLE anti-spam code @local_domains_acl = ( ".$mydomain" ); # $mydomain and its subdomains $relayhost_is_client = 0; # (defaults to false) $insert_received_line = 1; # behave like MTA: insert 'Received:' header $inet_socket_port = 10024; # accept SMTP on this local TCP port $inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface @inet_acl = qw( 127.0.0.1 ); # allow SMTP access only from localhost IP $DO_SYSLOG = 1; # (defaults to false) $SYSLOG_LEVEL = 'mail.info'; # (facility.priority, default 'mail.info') $LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log) # 0: startup/exit/failure messages, viruses detected # 1: args passed from client, some more interesting messages # 2: virus scanner output, timing # 3: server, client # 4: decompose parts # 5: more debug details $log_level = 5; # (defaults to 0) $final_virus_destiny = D_PASS; # (defaults to D_BOUNCE) $final_banned_destiny = D_PASS; # (defaults to D_BOUNCE) $final_spam_destiny = D_PASS; # (defaults to D_REJECT) $final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested $viruses_that_fake_sender_re = new_RE( qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i, qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i, qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i, qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i, qr'@mm|@MM', # mass mailing viruses as labeled by f-prot and uvscan qr'Worm'i, # worms as labeled by ClamAV, Kaspersky, etc [qr'^(EICAR|Joke\.|Junk\.)'i => 0], [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i => 0], [qr/.*/ => 1], # true by default (remove or comment-out if undesired) ); $virus_admin = undef; # do not send virus admin notifications (default) $spam_admin = undef; # do not send spam admin notifications (default) $mailfrom_to_quarantine = undef; # override sender address with null return path $QUARANTINEDIR = '/var/lib/amavis/virusmails'; #$QUARANTINEDIR = undef; $virus_quarantine_method = "local:virus-%i-%n"; # default $spam_quarantine_method = "local:spam-%b-%i-%n"; # default $virus_quarantine_to = 'virus-quarantine'; # traditional local quarantine #$virus_quarantine_to = undef; # no quarantine $spam_quarantine_to = 'spam-quarantine'; #$spam_quarantine_to = undef; $X_HEADER_TAG = 'X-Virus-Scanned'; # (default: undef) $X_HEADER_LINE = "by SZ antivirus at $mydomain"; #$X_HEADER_LINE = "by $myversion (Debian) at $mydomain"; $undecipherable_subject_tag = '***UNCHECKED*** '; # undef disables it $remove_existing_x_scanned_headers = 1; # remove existing X-Virus-Scanned alone $remove_existing_spam_headers = 1; # remove existing spam headers #$bypass_decode_parts = 1; # (defaults to false) $keep_decoded_original_re = new_RE( # qr'^MAIL$', # retain full original message for virus checking (can be slow) qr'^MAIL-UNDECIPHERABLE$', # retain full mail if it contains undecipherables qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, # qr'^Zip archive data', ); $banned_filename_re = new_RE( # qr'^UNDECIPHERABLE$', # is or contains any undecipherable components qr'\.[^.]*\.(exe|vbs|pif|scr|bat|cmd|com|dll)$'i, # some double extensions qr'[{}]', # curly braces in names (serve as Class ID extensions - CLSID) qr'.\.(exe|vbs|pif|scr|bat|cmd|com)$'i, # banned extension - basic # qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js| # jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb| # vbe|vbs|wsc|wsf|wsh)$'ix, # banned extension - long qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. # qr'^\.(zip|lha|tnef|cab)$'i, # banned file(1) types # qr'^\.exe$'i, # banned file(1) types qr'^application/x-msdownload$'i, # banned MIME types qr'^application/x-msdos-program$'i, qr'^message/partial$'i, # rfc2046. this one is deadly for Outcrook # qr'^message/external-body$'i, # block rfc2046 ); $sql_select_white_black_list = undef; # undef disables SQL white/blacklisting # $addr_extension_virus = 'virus'; # (default is undef, same as empty) # $addr_extension_spam = 'spam'; # (default is undef, same as empty) # $addr_extension_banned = 'banned'; # (default is undef, same as empty) $recipient_delimiter = '+'; # (default is '+') $replace_existing_extension = 0; # (default is false) $localpart_is_case_sensitive = 0; # (default is false) # %whitelist_sender, @whitelist_sender_acl, $whitelist_sender_re # %blacklist_sender, @blacklist_sender_acl, $blacklist_sender_re $blacklist_sender_re = new_RE( qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i, qr'^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@'i, qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonl|smoking2002k)@'i, qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i, qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i, qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i, ); $smtpd_recipient_limit = 1000; # (default is 1000) # Maximum recursion level for extraction/decoding (0 or undef disables limit) $MAXLEVELS = 14; # (default is undef, no limit) # Maximum number of extracted files (0 or undef disables the limit) $MAXFILES = 1500; # (default is undef, no limit) $MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) $MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) $MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified) $MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified) $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; $file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability $gzip = 'gzip'; $bzip2 = 'bzip2'; $lzop = 'lzop'; $uncompress = ['uncompress', 'gzip -d', 'zcat']; $unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat']; $arc = ['nomarch', 'arc']; $unarj = ['arj', 'unarj']; # both can extract, arj is recommended $unrar = ['rar', 'unrar']; # both can extract, same options $zoo = 'zoo'; $lha = 'lha'; $cpio = 'cpio'; # comment out if cpio does not support GNU options $sa_local_tests_only = 0; # (default: false) $sa_auto_whitelist = 1; # turn on AWL (default: false) $sa_timeout = 30; # timeout in seconds for a call to SpamAssassin $sa_tag_level_deflt = 0.0; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 5.0; # add 'spam detected' headers at that level $sa_kill_level_deflt = 2000.0; # triggers spam evasive actions $sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent $sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disabled) $sa_spam_modifies_subj = 1; # may be a ref to a lookup table, default is true $first_infected_stops_scan = 1; # default is false, all scanners are called @av_scanners = ( ['Clam Antivirus-clamd', \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"], qr/\bOK$/, qr/\bFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], ); @av_scanners_backup = ( ['Clam Antivirus - clamscan', 'clamscan', "--stdout --no-summary -r --tempdir=$TEMPBASE {}", [0], [1], qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ], ); #@debug_sender_acl = ( "test-sender\@$mydomain" ); #@debug_sender_acl = qw( debug@example.com ); #$keep_decoded_original_re = new_RE( qr/.*/ ); # Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd debug') $sa_debug = 1; # defaults to false #------------- 1; # insure a defined return [/code] En espérant que vous pourrez m'aider