I'm having a lot of problems with Spam passing through our Postfix+Amavisd-new solution.
What happens: an phishing attack arrives, it is not detected as spam with the bayesian filter and since it was originated from an authenticated user (stolen password) and from a know MTA it receives an negative score from AWL and the spam/phishing attack get in the system and finally is relayed to our Exchange Server that uses our postfix as an Smarthost.
The question is: how can I debug this? I'm getting tired to use sa-learn to train our bayesian filter without success. From months, the same message get passed through our system and it never get caught.
This is weird since when we use spamassassin -r to report the message, it was detected with 100% of confidence that it is spam.
Re: Completely wrong spam detection in SpamAssassin
I have a generic solution for you:
1. Get some sound sleep
2. Make sure the mail that gets trough passes through your
(hint: don't trust headers completely, look at logs for Message-Id:
on client and serverS )
3. Drink <($your_favorite_drink) to celebrate