There are too many different problems regarding email flow troubleshooting.  I can only provide a 'starting point' for you.

Troubleshooting Video - Video 6

Warning - do not run 'yum update' on the spam filter.  It will update amavisd and spamassassin, which will break the entire filter VM.  If you need to update a component, just update that individual component - example: 'yum update postfix'

Virtual Machine Problems

The one problem I have found is with Broadcomm network chipsets - the broadcomm network chipset is built into many motherboards, and it is simply horrible.  If your host computer has it, you need to drop in a network card for the Virtual Machine to use.  I have had great success with cards from Linksys, the Trendnet 10/100/1000 works well, and the Intel 1000-mbit card that is optional with Dell Servers is excellent.  In general, VMWare and Intel network cards seems to equal happiness.

IMAP

Exchange 2007 and 2010 don't just accept plain text auth by default on their IMAP connectors.  Best results come from the following:

• Plain Text Authorization
• A dedicated IP on the Exchange server that goes to a new IMAP connector
• the new IMAP connector should only accept connections from the spam filter(s), since plain basic auth is used on that connector

Mail Size

To allow attachments larger than 1MB, you need to change the MySQL max allowed packet size: /etc/my.conf
set-variable = max_allowed_packet=30M
Then go into the MAIA system administration, and change the max allowed email size to 29000000 - just a bit smaller than the MySql packet size.  Then reboot the filter.

Logs

All log files are kept in /var/log on the filter.  The most important logs will be maillog and messages.  You can view these with webmin, or use WinSCP to copy the logfiles to your workstation and view them with a capable text editor like Crimson Editor.

Logwatch is installed.  You can use the file manager in Webmin to edit /etc/logwatch/conf/logwatch.conf and add the following line:

MailTo: This e-mail address is being protected from spambots. You need JavaScript enabled to view it

replace user@ with your administrator email address.  The system will send you an overall system report once per day, including detailed email reports.

A script called pflogsumm is also installed, and will email stats once per day to your administrator account.  Simply use the webmin file manager to edit /etc/postfix-report.sh and replace the word root at the end of the line with your email address.

Config Files

The data for MAIA, as well as your spamassassin training, are kept in MySQL.  Use the MySQL Administrator program to look at tables and data in the tables.

Postfix:  all configs are in /etc/postfix

• main.cf - contains the majority of important configs
• master.cf - tells postfix processes how to listen to email
• transport - contains the IP addresses for email domains that the filter relays for (i.e. your exchange domains should be in this file)
• /etc/aliases - contains the aliases for the system - root: should be setup to point to your exchange admin account

Amavisd - uses /etc/amavisd.conf - you can set the log verbosity (how much information it logs) from 0 to 5 in this config file - generally, a setting of 3 or higher is sufficient to really see what is happening to each email - make sure to put it back to 1 or 0 when finished, as this much logging really bogs the system down

SpamAssassin - the main configuration file is /etc/mail/spamassassin/local.cf, and all the rules files are in /usr/share/spamassassin - these are updated automatically by a CRON job

Maia

• the main config file is /etc/maia.conf
• the website config file is /var/www/html/maia/config.php
• the website is located in /var/www/html/maia

Relay Recipients - the relay_recipients.vbs script (used to populate the spamfilter with a list of valid email addresses for your exchange server) uses /etc/updaterelays.sh to finish the process.

Headers

Every email processed by the spam filter will have lots of HEADERS added.  These headers will show every spamassassin test that scored for that email, as well as the overall email flow from system to system.  You can then adjust the scores in /etc/mail/spamassassin/local.cf to suit your tastes.  You can set your mail client to react to these headers also, as needed.

X-Spam-Flag: YES
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on relay1.acme.com
X-Spam-Level: **************************************************
X-Spam-Status: Yes, score=1006.7 required=5.0 tests=DCC_CHECK,DIGEST_MULTIPLE,
        GTUBE,NO_RECEIVED,NO_RELAYS,PYZOR_CHECK,RAZOR2_CF_RANGE_51_100,
        RAZOR2_CF_RANGE_E4_51_100,RAZOR2_CHECK autolearn=no version=3.2.5
X-Spam-Report:
        * -0.0 NO_RELAYS Informational: message was not relayed via SMTP
        * 1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email
        *  1.5 RAZOR2_CF_RANGE_E4_51_100 Razor2 gives engine 4 confidence level
        *      above 50%
        *      [cf: 100]
        *  0.5 RAZOR2_CHECK Listed in Razor2 (http://razor.sf.net/)
        *  0.5 RAZOR2_CF_RANGE_51_100 Razor2 gives confidence level above 50%
        *      [cf: 100]
        *  2.8 PYZOR_CHECK Listed in Pyzor (http://pyzor.sf.net/)
        *  1.4 DCC_CHECK Listed in DCC (http://rhyolite.com/anti-spam/dcc/)
        *  0.0 DIGEST_MULTIPLE Message hits more than one network digest check
        * -0.0 NO_RECEIVED Informational: message has no Received headers

Postfix Queue

You can view the queue from webmin (you have seen how to access webmin, and the postfix configuration tool, in the various videos).  You can also use Putty to open a command prompt to the spamfilter itself (it is linux, so its gots to have SSH), and run the command pfqueue to view the postfix queue.  Run the command man pfqueue to view the manual for pfqueue.

Another neat command to run is iptraf, again from the SSH command line.  This will give you some detailed stats regarding network traffic on the spamfilter's network card.  This is a great network troubleshooting tool.

Community Support 

No matter how much content I put up to assist you with the filter, there will still be a point where you will scream 'HELP ME' after encountering a weird problem.  Obviously, it would be good to join the mailing lists below ahead of time - quicker to ask questions that way.

If you think the problem is with the MAIA mailguard interface, or with the AMAVISD daemon:

MAIA Mailing Lists
MAIA Documentation 

If you think the problem is with Postfix:

Postfix Docs
Postfix Mailing Lists

And general linux problems / questions - the Centos site has support forums and mailing lists, documentation, and quite a bit more:

CentOS