Yesterday I realized that I hadn’t been getting any emails from my web/mail server. It was quite odd.
Looking in my SPAM folder I found all of the system emails that had been tagged and sent there. Every once in a while some legitimate (“HAM”) gets marked as SPAM and put in there.
I wasn’t expecting Logwatch emails to be easily marked as SPAM.
So, I checked out why it was listing them as such, and it led me to this line:
X-Spam-Status: Yes, score=6.4 required=5.0tests=ALL_TRUSTED,URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,WHOIS_DMNBYPROXY,WHOIS_PRIVACYPOST autolearn=no version=3.2.1
As the Logwatch file reports on SPAM and associated information, I can see why it might have tripped the URI Black Lists (URIBL) and maybe the WHOIS rules, but it still didn’t make sense to me.
Usually if something is marked ALL_TRUSTED, no further checking is done, but I realize that in CentOS-5, this no longer appears to be the case. You are expected to set it up.
So, I edited /usr/share/spamassassin/60_shortcircuit.cf and uncommented the following line:
# if you have taken the time to correctly specify your "trusted_networks",# this is another good way to save CPUshortcircuit ALL_TRUSTED on
I think this should work.