There were 2 different problems affecting this machines.

Keyboard not working after kernel boot, non responsive.

This happens even when installing the machine, I had to install this machine in graphical mode (it works when booting in graphical mode) but it didn’t work at all on a forced text installation.

This bug can be solved disconnecting the USB subsystem in the BIOS, after that the keyboard is operative again.

Machine freezes with a kernel panic after approx 24h. of operation, no logs or traces left.

This one was a hard bone to catch! Did a memory test, updates both BIOS and network cards firmware to the last version and did several extended checks on the hardware, there was not a single error.

After roaming around the RedHat and CentOS forums for a while looking for an answer, I saw a similar error in RedHat RHEL4 (the one CentOS is based on) about an xServer that had the same problem. It seems the problem is realted with the old version of ACPI this motherboard has, and it only happens with 2.6.9-42.x.EL versions of the kernel, just adding the noapic option in /etc/grub.conf to the kernel boot solved the issue.

title CentOS (2.6.9-42.0.8.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-42.0.8.EL ro noapic root=LABEL=/
initrd /initrd-2.6.9-42.0.8.EL.img

This two factors together mean that I’ve got a lot more work maintaining my spamassassin installation :) and also that the standard config or some deviations on the scoring is not good enough, even with score tweaking I still got lots of Stocks and embedded gif spam, after some checking around I found some solutions in Rules Emporium. Also updating is a must so try always to keep up to date, right now I’m running Spam Assassin 3.1.7.
Finally after some tweaking and more tweaking I arrived to this config:

• Auto White-list and Bayes using MySQL DB Engine
• user_pref integrated into our user control panel
• Razor2 integration
• SPF Integration
• Score tweaking
• New rules added using Rules Emporium ImageInfo and Stock Rules

With this method the false positives have gone down and the stock and image spam is being stopped (finally!).

The Rules Emporium ImageInfo plugin consumes a lot less CPU than using an OCR plug-in and even if it’s based on broader rules it catches even the hardest embedded image spam, you can get the plugin here. Also the stock ruleset got rid of most of the stock spam that I was receiving, this spam is quite hard to guess indeed! You can get the ruleset here.
Here is the final tweaked local.cf config in SpamAssassin

required_score 3
report_safe 0
rewrite_header Subject [SPAM]
use_dcc 0 # DCC is quite useless
use_razor2 # Activate Razor 2 module
razor_timeout 10
lock_method flock # For local bayes files
use_bayes 1
use_auto_whitelist 1
bayes_store_module Mail::SpamAssassin::BayesStore::SQL
bayes_sql_dsn DBI:mysql:spamassassin:bayesdb
bayes_sql_username mail bayes_sql_password xxxxx
bayes_auto_expire 1
bayes_auto_learn_threshold_spam 3.5
bayes_auto_learn_threshold_nonspam 0.1
bayes_use_hapaxes 1
bayes_journal_max_size 20000 # This doesn't affect SQL
bayes_expiry_max_db_size 50000 # This doesn't affect SQL
auto_whitelist_factory Mail::SpamAssassin::SQLBasedAddrList
user_awl_dsn DBI:mysql:spamassassin:bayesdb
user_awl_sql_username mail
user_awl_sql_password xxxxx
user_awl_sql_table awl
user_scores_dsn DBI:mysql:spamassassin:control_panel
user_scores_sql_username mail
user_scores_sql_password xxxxx
report_contact abuse@devroot.org
# Score increases (manually change scores)
score RAZOR2_CHECK 2.000
score RAZOR2_CF_RANGE_51_100 2.000
score BAYES_99 3.500
score BAYES_90 3.000
score BAYES_80 2.500
score HTML_IMAGE_ONLY_04 3.000
score HTML_IMAGE_ONLY_08 2.500
score HTML_IMAGE_ONLY_12 2.000
score HTML_IMAGE_ONLY_16 1.500
score HTML_IMAGE_ONLY_20 1.000
score HTML_IMAGE_ONLY_24 0.500
score MIME_HTML_ONLY 1.100

Also it’s important to have this modules loaded in your v310.pre file:

loadplugin Mail::SpamAssassin::Plugin::Pyzor
loadplugin Mail::SpamAssassin::Plugin::Razor2
loadplugin Mail::SpamAssassin::Plugin::SpamCop
loadplugin Mail::SpamAssassin::Plugin::AWL
loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold
loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject
loadplugin Mail::SpamAssassin::Plugin::MIMEHeader
loadplugin Mail::SpamAssassin::Plugin::ReplaceTags
loadplugin Mail::SpamAssassin::Plugin::ImageInfo # RulesEmporium

The way to install the additional config and plugins should be as follows:

Copy the new .cf (configuration) files into the directory where SpamAssassin keeps the configuration in your install. In Red Hat machines this directory is /usr/share/spamassassin.

Copy the new .pm (modules) into the SpamAssassin PlugIn module which is by default /usr/lib/perl5/vendor_perl/5.8.3/Mail/SpamAssassin/Plugin/ (this directory of course, is for Perl version 5.8.3, change the version to the one you have installed).

Don’t forget to restart SpamAssassin after adding the new files!

It’s always a good idea to start spamd with -D after activating modules, since most of the times you’re missing a perl module which one of your modules have a dependency with.

This configuration is not really CPU hungry so it’s great for people who are running on a tight server budget.