Trevor,
>perl 5.8.8
Why you don't use a separate system with linux or windows, with perl
5.10.1 ?
In this example '98.138.91.153' is the related IP. Try to detect any IP
that is sending such spam - an put it in to 'DebugIP'. Assp will start
debugging if it is connected by such IP.
>Has anyone else experienced this problem?
I don't saw such problems. But some days ago, Matti reported unexpected
restarts of assp to me - how ever there was a bad regex load on his system
?
Thomas
Von: Trevor Jacques <tre...@videlicet.com>
An: ASSP development mailing list <assp-test@lists.sourceforge.net>
Datum: 08.05.2011 16:09
Betreff: [Assp-test] Rise in killer spam from Yahoo
Hello.
Recently, I've experienced a considerable rise in the amount of a type of
spam coming from/through Yahoo. It kills assp stone dead in the preHeader
handshaking (please see appended snippets). I have also experienced other,
legitimately forwarded spam (i.e. from a trusted server) that behaves the
same way.
A great deal of this spam, but by no means all, comes from addresses
spoofed as coming from accounts at att.net (even though the sending server
is Yahoo or that server I trust). I can't put the IPs in the preHeader
blocks, because the sending servers are legitimate, i.e. ham often comes
from these servers. It's the individual messages that are the problem;
they break assp at or before the header 'handshaking.' Thomas even added a
preHeaderRe so that I can manually set assp to drop the bits of these
messages on the floor. But, this is really only treating the symptom, not
the cause, and it requires manual intervention almost every time a new
problem message comes in and the sending server legitimately retries,
given that it failed to send on the previous occasion because assp dropped
the bits on the floor.
The only means I've found of narrowing the blocking is to use the sender
e-mail addresses and/or domains (for example, the problems below were
caused by mail 'from' andr0id.org. Note the couple of quick retries, and
then retries every three hours). (I COULD put the IP in the preHeaderRe,
temporarily, but it's time-consuming, I have to remember to take the IP
out of preHeaderRe after a couple of days (i.e. when the sending server
gives up retrying), but this prevents legitimate mail with att.net in it
and this procedure should be unnecessary.) I have to note that I have seen
some, apparently real, mail with att.net in the header, so I can't
completely block att.net (other than on a temporary basis, which requires
tiresome manual interaction to block att.net for a couple of days and then
unblocking of it).
With these killer spams, I'm damned if I do and damned if I don't.
While it's truly great that assp reliably restarts in about ten seconds
(see below), this spam can rise to bothersome levels, as it can be
perceived by my users as though my server is down (because there's no way
that assp can be available from the instant it begins the startup process,
or because real mail is blocked in this 'temporary' period).
Has anyone else experienced this problem? I'd REALLY like this tiresome
problem to stop (it's been happening to me for a year or so). Please post
your experiences of unusual restarts to the list. I find it hard to
believe that I'm the only one experiencing mysterious restarts like this;
ones that can be sourced to particular e-mails coming in.
Thanks,
Trevor.
assp 2.0.2(3.0.19)
Mac OS X Leopard Server (10.5.8)
perl 5.8.8 (there's no way to change this on my server, and I can't afford
to upgrade the server to Snow Leopard, just to get an approved
installation of perl)
May-07-11 14:24:19 [Worker_1] Worker_1 wakes up
May-07-11 14:24:19 [Worker_1] Info: Worker_1 got connection from
MainThread
May-07-11 14:24:19 [Worker_1] Connected: 98.138.91.153:40086 >
nnn.nnn.nnn.nnn:25 > 127.0.0.1:mmm
May-07-11 14:24:19 [Main_Thread] Info: Main_Thread freed by idle Worker_1
in 0.010 seconds
May-07-11 14:24:33 [startup] Starting in console mode
May-07-11 14:26:41 [Worker_2] Worker_2 wakes up
May-07-11 14:26:41 [Worker_2] Info: Worker_2 got connection from
MainThread
May-07-11 14:26:41 [Main_Thread] Info: Main_Thread freed by idle Worker_2
in 0.017 seconds
May-07-11 14:26:41 [Worker_2] Connected: 98.138.91.153:44551 >
nnn.nnn.nnn.nnn:25 > 127.0.0.1:mmm
May-07-11 14:26:48 [startup] Starting in console mode
May-07-11 14:28:57 [Worker_1] Worker_1 wakes up
May-07-11 14:28:57 [Worker_1] Info: Worker_1 got connection from
MainThread
May-07-11 14:28:57 [Worker_1] Connected: 98.138.91.153:48491 >
nnn.nnn.nnn.nnn:25 > 127.0.0.1:mmm
May-07-11 14:28:57 [Main_Thread] Info: Main_Thread freed by idle Worker_1
in 0.007 seconds
May-07-11 14:29:03 [startup] Starting in console mode
May-07-11 17:25:02 [Worker_1] Worker_1 wakes up
May-07-11 17:25:02 [Worker_1] Info: Worker_1 got connection from
MainThread
May-07-11 17:25:02 [Worker_1] Connected: 98.138.91.153:24866 >
nnn.nnn.nnn.nnn:25 > 127.0.0.1:mmm
May-07-11 17:25:02 [Main_Thread] Info: Main_Thread freed by idle Worker_1
in 0.007 seconds
May-07-11 17:25:13 [startup] Starting in console mode
May-07-11 20:25:14 [Worker_1] Worker_1 wakes up
May-07-11 20:25:14 [Worker_1] Info: Worker_1 got connection from
MainThread
May-07-11 20:25:14 [Worker_1] Connected: 98.138.91.153:37843 >
nnn.nnn.nnn.nnn:25 > 127.0.0.1:mmm
May-07-11 20:25:14 [Main_Thread] Info: Main_Thread freed by idle Worker_1
in 0.007 seconds
May-07-11 20:25:25 [startup] Starting in console mode
May-07-11 23:25:47 [Main_Thread] Info: Main_Thread got connection request
May-07-11 23:25:47 [Worker_1] Worker_1 wakes up
May-07-11 23:25:47 [Worker_1] Info: Worker_1 got connection from
MainThread
May-07-11 23:25:47 [Worker_1] Connected: 98.138.91.153:28219 >
nnn.nnn.nnn.nnn:25 > 127.0.0.1:mmm
May-07-11 23:25:47 [Main_Thread] Info: Main_Thread freed by idle Worker_1
in 0.008 seconds
May-07-11 23:25:57 [startup] Starting in console mode
May-08-11 02:26:31 [Worker_1] Worker_1 wakes up
May-08-11 02:26:31 [Worker_1] Info: Worker_1 got connection from
MainThread
May-08-11 02:26:31 [Worker_1] Connected: 98.138.91.153:20733 >
nnn.nnn.nnn.nnn:25 > 127.0.0.1:mmm
May-08-11 02:26:31 [Main_Thread] Info: Main_Thread freed by idle Worker_1
in 0.007 seconds
May-08-11 02:26:42 [startup] Starting in console mode
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
