Dec 132014
4 days ago

I’ve been filtering my domain mail through a local mail server for a bit. This has cut down on the amount of spam that 1&1 forwards unfiltered, and ensures that I can send outbound mail when their servers are blacklisted.

I’ve been working with tweaking spamassassin performance for aggressive filtering for some time now. Due to the OSX server configuration (10.8 and 10.9), I’ve made most adjustments with amavisd (conf file). Some rules were not effective so I made further adjustments by altering the postfix queue to do additional header checks and redirect filtered messages to a catch all mailbox.

Later, I added blacklist and whitelist files to spamassassin which greatly improved frequency of false positives on inbound mail.

On my personal mail filter, I was having difficulty (again) getting amavisd to adjust spamassassin points for a specific alias that redirects to my mailbox.

After a few attempts, I was able to get the desired result by creating a custom spamassassin rule that is parsed during filtering. Along the way, I learned not to patch amavisd on the Apple specific builds. I’m hoping to have some time over the Christmas break to compare the source code of Apples configuration versus the corresponding open source build.

Dec 112014
6 days ago

I like to see where my mail is coming from.  I like to see how Spamassassin is scoring messages so that I can fine tune the settings.  I have a lot of plugins for OSX Mail, so the prospect of moving to a third party mail client and losing all of my Mailtags/Devonthink/Omnifocus/Things integration doesn’t seem worth it.  Clicking the stupid icon to show headers on every message is a real pain in the ass as well.  Why the option to show all as default was removed is beyond me.  Here’s a peek at the foolishness I had to endure just to get the default view back to what I was used to under Mavericks:

I'm sure I've missed some!

I’m sure I’ve missed some!

 Posted by at 5:30 pm
Nov 112014
1 month, 6 days ago

I never realized just how bitchy and elitist Apple’s syslog was…

Because I’ve upgraded this system through 6 generations of OS X, there are some deprecated extensions that load on boot.  Syslog isn’t shy about telling you what it thinks about these…


Screen Shot 2014-11-11 at 9.21.42 PM

Nov 112014
1 month, 6 days ago

My 2009 Mac Mini is in desperate need of an SSD upgrade.  Unfortunately, I have close to 1TB of data there (mostly PLEX media), so upgrading the two drives would be cost prohibitive.  I will probably pick up a 2012 MD388LL/A with i7 CPU at some point…  I hope.  The new ones are pretty much not upgradeable.

Since my website and mail server are running on Mavericks, I dare not load Yosemite on that system.  Lord only knows what would happen to PLEX.  It was just recently updated to solve a memory leak issue which pretty much crippled the machine on more than one occasion.  I even bought an APC Masterswitch in case I had to remote hard boot the server in case my mail stopped working.

I’ve replicated most of the shell configuration from the Mac Mini Server I setup at work to the one at home.  There were some pretty helpful blogs which outlined how to include command aliases in bash.  This makes it real easy to execute a multi tail of all three mail server logs.  I think It might be useful to consider customizing the log system on the new servers to make data mining easier.  Everyone is so convinced that the mail server is broken, that I am constantly providing proof of delivery from the mail log data.  It’s actually really useful when dealing with another company’s IT – especially if they’re outsourced.

multitail of Mavericks mail server

multitail of Mavericks mail server


I’ve got a Linux box that I’m messing around with here as well.  I think I can do port mirroring on the switch and send all mail traffic to both servers.  Maybe even a simpler configuration until the Linux box goes live.  In either event, Mavericks handling of spam messages, (assuming you want to use spamtrainer to update bayesian filter rules) leaves much to be desired.  Accounts have to be created on the system for “junkman” and “notjunkmail”.  This looks ridiculous on the login screen for starters…  Messages meant to be used for training must be redirected to the other accounts.  This is easy for experienced IMAP users, but for novices using a PC based mail client, it may be very difficult at best.