Hi Michael,

Thanks for the answer. Here are some comments.

Michael Scheidell wrote:
> One of the issues might be FreeBsd jail.
> (and as earlier poster stated, amavisd-new doesn't call spamd)

We are talking about amavisd-new, NOT amavisd, right?
Of course ;-). amavisd (not -new) port refuses to compile anyways.
pkg_info says:
amavisd-new-2.4.2_2,1 Performance-enhanced daemonized version of amavis-perl

Michael Scheidell wrote:
> I am the official ports maintainer of SpamAssassin, and would be
> interested in making sure it and amaivsd-new worked in a freebsd jail.

At the moment, I am mostly sure spamd is called since master.cf spamd filter
is named 'spamassassin' and spamd logs some actions with spamd name, while a
single line is logged to refer to spamassassin filter call.
I do confirm amavisd works perfectly in jail, with appropriately used IP
options to bound to jail-ip.
It costs a pf rule to bar access from "any but jail" to ports 10023-10025 (I
also have postgrey, ...).

Michael Scheidell wrote:
> Some of the 'jail' issues include NOT lo0 (localhost) ip address.
> (yes, you can ping localhost /, BUT, I suspect the ACL's in the
> amavisd.conf* files are looking for a Reverse ip == to

Yes, but spamd is not bound to localhost since I suspected some weird issues
as bound to jail @IP and program listing to localhost:783 port. So I forced
the -A jail-ip, -i jail-ip -p 783 args on spamd.
/etc/rc.conf says:
spamd_flags="-A jail_ip -i jail_ip -p 783 -x -u spamd -C

Michael Scheidell wrote:
> Things to try (assumes standard postfix/amavisd/spamassassin setup)
> Set $log_level = 9; in amavisd.conf, restart amavisd (you do have
> amavisd_enable = "yes" in rc.conf, right?
> Telnet localhost 25
> Telnet localhost 10024
> Telnet localhost 100025
> See what happens. You SHOULD get banners.
> (I just get:
> (!)DENIED ACCESS from IP, policy bank ''
> Where is the 'jail' ip address.
> Ifconfig (note, NO ip address on lo0?)
> bge0: flags=8843 mtu 1500
> options=b
> inet netmask 0xffffffff broadcast
> ether 00:0a:22:1f:18:64
> media: Ethernet autoselect (100baseTX )
> status: active
> bge1: flags=8802 mtu 1500
> options=b
> ether 00:0a:22:1f:18:65
> media: Ethernet autoselect (100baseTX )
> status: active
> lo0: flags=8049 mtu 16384

Take care, amavisd works perfectly.
I added spamassassin (to postfix and not amavisd by the way, realizing
But amavisd is already bound with ClamAV and EICAR virus test is properly
detected & rejected.

Also, I tested spamd out of anything: cat sample-spam.txt | spamc -d jail-ip
-p port
I received exactly a copy (not even a SMTP header added for spamassassin
check) as stdout.

To me the issue is really on spamassassin itself, without any issue related
to postfix or amavisd.

View this message in context: http://www.nabble.com/Issue-with-Spa...p14529741.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.