Suddenly I'm seeing the following message in my maillog:
Mar 2 02:07:21 systemname spamc: skipped message, greater than max message size (512000 bytes)This is not a spamassassin problem, it is actually a spamc configuration issue. By default, spamc seems to refuse to handle emails larger than 512000 bytes. I'm suddenly seeing a lot of spam just larger than this which makes me believe the spammers have figured this out and are intentionally thwarting it regardless of the fact that larger messages take longer to deliver thus reducing their overall throughput. Anyways, it was hours of reading through old email threads to find how to fix this.
Mar 2 02:07:21 systemname spamass-milter: Could not extract score from <>
First task is to look through your maillog in an editor and search for "skipped", and check out the sizes of the mail causing the skip. Pick a nice slightly larger number. Most of my obvious spam oversized mails were ~549k, so I'm rounding up to a nice 600k. I'm leery of going up to 1MB as I don't know what the performance hit will be, but I'll keep an eye on it.
If interested spamc config file help, for details on the file format and options, there was no problem finding this. The one I'm concerned with is simply '-s'.
Here's the tricky part... When searching for where the config
file should go, all the different locations I found mentioned were
bogus, or at least did not work on my FreeBSD 5.4 system. Some
claimed the file should be called 'spamassassin', but eventually I
found one that said it should be 'spamc.conf'. What finally works on
my system is:
In the config file add the line:
Revisited logfile. Am seeing scantimes up to 19 seconds with a setting of 1024000. I have hundreds, possibly thousands of distinct rules to be parsed. The machine is possibly 10 year old dual proc 1.8(?)GHz with 15krpm scsi, probably only 4G ram. A modern machine would do much better, so it's probably safe to go with an even bigger number.