I'm running eFa-4.0.4
The RelayCountry plugin was working great, then stopped working for me. (This was quite some months ago - I didn't have time to work on it at the time, so I just set all scores near zero.)
The plugin seems to work flawlessly when calling spamassassin from the command line on a specific queue file, but not when mail is flowing through the system. It does not add the X-Spam-Relay-Countries header, nor does it insert the appropriate matching rules to the spam report.
Here is the config in /etc/mail/spamassassin/local.cf:
Code: Select all
ifplugin Mail::SpamAssassin::Plugin::RelayCountry
country_db_type GeoIP2
country_db_path /usr/share/GeoIP/GeoLite2-Country.mmdb
add_header all Relay-Country _RELAYCOUNTRY_
header RC_BAD X-Spam-Relay-Countries =~ /(IN|CN|RU)/
describe RC_BAD Relayed through a prohibited country at some point
score RC_BAD 0.1
header RC_FIRST_USCA X-Spam-Relay-Countries =~ /(^US)/
describe RC_FIRST_USCA First relay is in United States/Canada
score RC_FIRST_USCA -0.1
header RC_ANY_USCA X-Spam-Relay-Countries =~ /(US)/
describe RC_ANY_USCA At least one relay is in United States/Canada
score RC_ANY_USCA -0.1
meta RC_NOT_ANY_USCA !RC_ANY_USCA
describe RC_NOT_ANY_USCA No relays are in United States
score RC_NOT_ANY_USCA 0.1
meta RC_NOT_FIRST_US !RC_FIRST_USCA
describe RC_NOT_FIRST_US First trusted relay is not in the US
score RC_NOT_FIRST_US 0.1
endif Mail::SpamAssassin::Plugin::RelayCountry
Code: Select all
loadplugin Mail::SpamAssassin::Plugin::RelayCountry
GeoIP DB is updating fine:
Code: Select all
# ls -l /usr/share/GeoIP/GeoLite2-Country.mmdb /var/www/html/mailscanner/temp/GeoLite2-Country.mmdb
lrwxrwxrwx. 1 root root 52 Sep 20 2020 /usr/share/GeoIP/GeoLite2-Country.mmdb -> /var/www/html/mailscanner/temp/GeoLite2-Country.mmdb
-rw-r--r--. 1 php-fpm php-fpm 3977956 Mar 24 04:02 /var/www/html/mailscanner/temp/GeoLite2-Country.mmdb
But that's not the case. If the X-Spam-Relay-Countries header is not there, RC_ANY_USCA will be false, and since RC_NOT_ANY_USCA is a meta rule that's simply an inversion of RC_ANY_USCA, then RC_NOT_ANY_USCA will be true. Here is a message from the US, and RC_NOT_ANY_USCA appears. But Spamassassin is clearly working properly, because it works perfectly from the command line. So the only explanation that makes sense to me is that the X-Spam-Relay-Countries header is not being inserted into the version of the message that Mailscanner is looking at.
What am I missing?