Should you happen to notice that SpamAssassin does not check incoming emails, or to see lines similar to the following in mail logs:
Wed Sep 2 21:03:57 2015 [12881] warn: spamd: unauthorized connection from server.domain.com [11.22.33.xx]:56486 to port 783, fd 6 at /usr/bin/spamd line 1603. Wed Sep 2 21:03:57 2015 [12842] info: prefork: child states: II Wed Sep 2 21:13:12 2015 [12881] warn: spamd: unauthorized connection from server.domain.com [11.22.33.xx]:57262 to port 783, fd 6 at /usr/bin/spamd line 1603. Wed Sep 2 21:13:12 2015 [12842] info: prefork: child states: II Wed Sep 2 21:13:39 2015 [12881] warn: spamd: unauthorized connection from server.domain.com [11.22.33.xx]:57274 to port 783, fd 6 at /usr/bin/spamd line 1603. Wed Sep 2 21:13:39 2015 [12842] info: prefork: child states: II Wed Sep 2 21:14:05 2015 [12881] warn: spamd: unauthorized connection from server.domain.com [11.22.33.xx]:57293 to port 783, fd 6 at /usr/bin/spamd line 1603. Wed Sep 2 21:14:05 2015 [12842] info: prefork: child states: II
here is a possible solution for a directadmin powered server:
Find a line with:
if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -d -c -m 15 1>/dev/null 2>/dev/null; fi
and append it with IP address(es) of your server :
-A 11.22.33.xxx, 127.0.0.1
so it would look like:
if [ -e /usr/bin/spamd ]; then /usr/bin/spamd -A 11.22.33.xxx, 127.0.0.1 -d -c -m 15 1>/dev/null 2>/dev/null; fi
Note to replace 11.22.33.xxx with an actual IP of your server.
Save changes, quit editing the file and restart exim.
/etc/init.d/exim restart
If successful you will see lines similar to:
Thu Sep 3 00:44:07 2015 [6636] info: spamd: connection from server.domain.com [11.22.33.xx]:48004 to port 783, fd 6 Thu Sep 3 00:44:07 2015 [6636] info: spamd: setuid to userbob succeeded Thu Sep 3 00:44:07 2015 [6636] info: spamd: processing message <20150902184336.665991849A9@gmail.com> for userbob:507 Thu Sep 3 00:44:13 2015 [6636] info: spamd: clean message (-0.0/5.0) for userbob:507 in 5.3 seconds, 1058 bytes.
-A host,..., --allowed-ips=host,... Specify a comma-separated list of authorized hosts or networks which can connect to this spamd instance. Each element of the list is either a single IP addresses, or a range of IP addresses in address/masklength CIDR notation, or ranges of IPv4 addresses by specifying 3 or less octets with a trailing dot. Hostnames are not supported, only IPv4 or IPv6 addresses. This option can be specified multiple times, or can take a list of addresses separated by commas. IPv6 addresses may be (but need not be) enclosed in square brackets for consistency with option --listen. Examples: -A 10.11.12.13 -- only allow connections from 10.11.12.13. -A 10.11.12.13,10.11.12.14 -- only allow connections from 10.11.12.13 and 10.11.12.14. -A 10.200.300.0/24 -- allow connections from any machine in the range "10.200.300.*". -A 10. -- allow connections from any machine in the range "10.*.*.*". -A [2001:db8::]/32,192.0.2.0/24,::1,127.0.0.0/8 -- only accept connections from specified test networks and from localhost. In absence of the -A option, connections are only accepted from IP address 127.0.0.1 or ::1, i.e. from localhost on a loopback interface.