Re: [Dspam-user] "Performance" tab not updating, and spam not going to quarantine folder

[Jesse Mundis]

Apologies if anyone gets this multiple times.  dspam list software still
holding this for being over 40K.  deleting debugging info from thread as
well below.

Jesse

On Mon, Jul 19, 2010 at 2:52 PM, Jesse Mundis <jesse.mun...@gmail.com>wrote:

> Looks like with my dspam.conf attached, this message was too big, and is
> awaiting moderator approval.
>
> Here is a resend, without the dspam.conf attachment
>
>
> On Mon, Jul 19, 2010 at 2:45 PM, Jesse Mundis <jesse.mun...@gmail.com>wrote:
>
>> Hi Stevan.
>>
>> I've made some progress in fixing dspam up, but I am still unable to get
>> spam to go into a quarantine folder.  Everything is updated to the newest
>> version of dspam.
>>
>> dpsm is now correctly identifying spam and ham, and adding the headers and
>> signatures in both cases.  At the very least, this will be a functional
>> solution if I set it to "Tag" all mail, then do final filtering in my email
>> client.  However, I'd like to make use of dspam's quarantine feature, and
>> not have to download the spam mail at all, and just deal with it in the web
>> interface.
>>
>> My intent is to have dspam set up with the "domain" settings for large
>> installs and virtual users "--enable-domain-scale" and
>> "--enable-virtual-users"  and a single, shared, group-trained database for
>> all users.   That seems to be working so far.
>>
>> What appears to be happening is, all the training database and filtering
>> is being built up for the common "dspam" user, ("dspam_dump dspam" produces
>> all the trained token signatures, many and more) but the quarantine folder
>> the CGI is looking in is either:
>>
>>  /var/spool/dspam/<DOMAIN>/<TESTUSER>/<TESTUSER>.mbox
>>
>> or
>>
>> /var/spool/dspam/local/dspam/dspam.mbox
>>
>> neither of which has anything in it.  Nothing in quarantine yields no info
>> on the cgi page.
>>
>> So, I'm still left puzzling out why, with dspam.conf set to "tag,"
>> everything works fine, but when set to "quarantine" nothing ends up in
>> either of these boxes.  And since the boxes are empty, the CGI has nothing
>> to display.
>>
>> Any ideas where I can look next to find out how I may have misconfigured
>> things?  Any pointers to the code that show what dspam should be doing when
>> it tries to "Quarantine" a message?  Whatever that is, it is correctly
>> recognizing the spam, but not putting it where the CGI expects to find it.
>>
>> I'm close to finally figuring this out, and would appreciate any insight
>> the dspam list can share.
>>
>>
>> Is it possible that somehow, "--deliver=innocent,spam" overrides the
>> placing of email into quarantine?  That's the only thing I can think of, but
>> I'd expect it to deliver *and* place a copy in quarantine for possible
>> (re)training.  Just a thought.
>>
>> Thanks,
>>
>> Jesse
>>
>>
>>
>>  Please let me know if there is any other information I can provide, and
>>> once again, thank you for your time.
>>>
>>> (dspam incorrectly thinks this is _not_ spam, but it is. because dspam
>>> thinks it is innocent, it adds the headers)
>>> ===========================================
>>> 24296: [07/14/2010 11:42:05] Loading preferences for uid 0
>>> 24296: [07/14/2010 11:42:05] Loading preferences for uid 0
>>> 24296: [07/14/2010 11:42:05] default preferences empty. reverting to
>>> dspam.conf preferences.
>>> 24296: [07/14/2010 11:42:05] Loading preferences from dspam.conf
>>> 24296: [07/14/2010 11:42:05] using /var/spool/dspam/opt-in/
>>> gamergeeks.com/jesse.dspam as path
>>> 24296: [07/14/2010 11:42:05] using /var/spool/dspam/opt-out/
>>> gamergeeks.com/jesse.nodspam as path
>>> 24296: [07/14/2010 11:42:05] assigning user je...@gamergeeks.com to
>>> shared group dspam
>>> 24296: [07/14/2010 11:42:05] sedation level set to: 5
>>> 24296: [07/14/2010 11:42:05] _mysql_drv_getpwnam: successful returning
>>> struct for name: dspam
>>> 24296: [07/14/2010 11:42:05] Connecting to 127.0.0.1:3310 for virus
>>> check
>>> 24296: [07/14/2010 11:42:05] Connecting to 127.0.0.1:1162 for virus
>>> stream transmission
>>> 24296: [07/14/2010 11:42:05] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> Jul 14 11:42:05 kosh postfix/smtpd[24394]: warning: dict_nis_init: NIS
>>> domain name not set - NIS lookups disabled
>>> Jul 14 11:42:05 kosh postfix/smtpd[24394]: connect from
>>> intrepid.concentric.com[207.155.248.167]
>>> Jul 14 11:42:05 kosh postfix/smtpd[24394]: NOQUEUE: filter: RCPT from
>>> intrepid.concentric.com[207.155.248.167]: 
>>> <intrepid.concentric.com[207.155.248.167]>:
>>> Client host triggers FILTER dspam:dspam; from=<k8erv...@51job.com> to=<
>>> je...@gamergeeks.com> proto=ESMTP helo=<intrepid.concentric.com>
>>> Jul 14 11:42:05 kosh postfix/smtpd[24394]: 472FFC622: client=
>>> intrepid.concentric.com[207.155.248.167]
>>> Jul 14 11:42:05 kosh postfix/cleanup[24398]: 472FFC622: message-id=<
>>> 7365543171.2d0n9iv4231...@jmjnrnud.miooruspjqynsf.org>
>>> Jul 14 11:42:05 kosh postfix/qmgr[24049]: 472FFC622: from=<
>>> k8erv...@51job.com>, size=1634, nrcpt=1 (queue active)
>>> Jul 14 11:42:05 kosh postfix/smtpd[24394]: disconnect from
>>> intrepid.concentric.com[207.155.248.167]
>>> 24296: [07/14/2010 11:42:05] Loading 78 BNR patterns
>>> 24296: [07/14/2010 11:42:05] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:42:05] Whitelist threshold: 10
>>> 24296: [07/14/2010 11:42:05] [graham] [0.993068] Received*sw.xo.com>
>>> (2frq, 121s, 1i)
>>> [...]
>>> 24296: [07/14/2010 11:42:05] Graham-Bayesian Probability: 0.000002
>>> Samples: 15
>>> 24296: [07/14/2010 11:42:05] Burton-Bayesian Probability: 0.000000
>>> Samples: 27
>>> 24296: [07/14/2010 11:42:05] no factors specified; using default
>>> 24296: [07/14/2010 11:42:05] Result Confidence: 0.52
>>> 24296: [07/14/2010 11:42:05] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:42:05] Control: [10 10] [10 11] Delta: [0 1]
>>> 24296: [07/14/2010 11:42:05] total processing time: 0.60892s
>>> 24296: [07/14/2010 11:42:05] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:42:05] saving signature as 4c3e04fd242962088214739
>>> 24296: [07/14/2010 11:42:05] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:42:05] libdspam returned probability of 0.000002
>>> 24296: [07/14/2010 11:42:05] message result: NOT SPAM
>>> 24296: [07/14/2010 11:42:05] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:42:05] delivering message
>>> 24296: [07/14/2010 11:42:05] Establishing connection to 127.0.0.1:10026
>>> 24296: [07/14/2010 11:42:05] Connection established
>>> 24296: [07/14/2010 11:42:06] DSPAM Instance Shutdown.  Exit Code: 0
>>> 24296: [07/14/2010 11:42:06] checking trusted user list for dspam(106)
>>> Jul 14 11:42:05 kosh postfix/smtpd[24403]: warning: dict_nis_init: NIS
>>> domain name not set - NIS lookups disabled
>>> Jul 14 11:42:05 kosh postfix/smtpd[24403]: connect from
>>> localhost[127.0.0.1]
>>> Jul 14 11:42:06 kosh postfix/smtpd[24403]: 075E4C628:
>>> client=localhost[127.0.0.1]
>>> Jul 14 11:42:06 kosh postfix/cleanup[24398]: 075E4C628: message-id=<
>>> 7365543171.2d0n9iv4231...@jmjnrnud.miooruspjqynsf.org>
>>> Jul 14 11:42:06 kosh postfix/qmgr[24049]: 075E4C628: from=<
>>> k8erv...@51job.com>, size=2024, nrcpt=1 (queue active)
>>> Jul 14 11:42:06 kosh postfix/smtpd[24403]: disconnect from
>>> localhost[127.0.0.1]
>>> Jul 14 11:42:06 kosh postfix/pipe[24399]: 472FFC622: to=<
>>> je...@gamergeeks.com>, relay=dspam, delay=0.93, delays=0.05/0.01/0/0.88,
>>> dsn=2.0.0, status=sent (delivered via dspam service)
>>> Jul 14 11:42:06 kosh postfix/qmgr[24049]: 472FFC622: removed
>>> Jul 14 11:42:06 kosh postfix/pipe[24404]: 075E4C628: to=<
>>> je...@gamergeeks.com>, relay=dovecot, delay=0.46,
>>> delays=0.16/0.01/0/0.3, dsn=2.0.0, status=sent (delivered via dovecot
>>> service)
>>> Jul 14 11:42:06 kosh postfix/qmgr[24049]: 075E4C628: removed
>>> ===========================================
>>>
>>>
>>> (dspam correctly thinks this is spam, but it doesn't get quarantined
>>>  ===========================================
>>> 24296: [07/14/2010 11:51:33] checking trusted user list for dspam(106)
>>> 24296: [07/14/2010 11:51:33] process mode: '--client
>>> --deliver=innocent,spam --mail-from=m_magnolia...@gathergroup.com '
>>> 24296: [07/14/2010 11:51:33] MAIL FROM: m_magnolia...@gathergroup.com
>>> 24296: [07/14/2010 11:51:33] No QuarantineAgent option found. Using
>>> standard quarantine.
>>> 24296: [07/14/2010 11:51:33] using database handle id 1
>>> 24296: [07/14/2010 11:51:33] handle locked
>>> 24296: [07/14/2010 11:51:33] DSPAM Instance Startup
>>> 24296: [07/14/2010 11:51:33] input args: dspam --client
>>> --deliver=innocent,spam --mail-from=m_magnolia...@gathergroup.com
>>> 24296: [07/14/2010 11:51:33] pass-thru args: /usr/bin/procmail
>>> 24296: [07/14/2010 11:51:33] processing user je...@gamergeeks.com
>>> 24296: [07/14/2010 11:51:33] uid = 106, euid = 106, gid = 110, egid = 110
>>> 24296: [07/14/2010 11:51:33] loading preferences for user
>>> je...@gamergeeks.com
>>> 24296: [07/14/2010 11:51:33] _mysql_drv_getpwnam: returning NULL for
>>> query on name: je...@gamergeeks.com
>>> 24296: [07/14/2010 11:51:33] _ds_pref_load: unable to
>>> _mysql_drv_getpwnam(je...@gamergeeks.com)
>>> 24296: [07/14/2010 11:51:33] Loading preferences for uid 0
>>>  24296: [07/14/2010 11:51:33] Loading preferences for uid 0
>>> 24296: [07/14/2010 11:51:33] default preferences empty. reverting to
>>> dspam.conf preferences.
>>> 24296: [07/14/2010 11:51:33] Loading preferences from dspam.conf
>>> 24296: [07/14/2010 11:51:33] using /var/spool/dspam/opt-in/
>>> gamergeeks.com/jesse.dspam as path
>>> 24296: [07/14/2010 11:51:33] using /var/spool/dspam/opt-out/
>>> gamergeeks.com/jesse.nodspam as path
>>> 24296: [07/14/2010 11:51:33] assigning user je...@gamergeeks.com to
>>> shared group dspam
>>> 24296: [07/14/2010 11:51:33] sedation level set to: 5
>>> 24296: [07/14/2010 11:51:33] _mysql_drv_getpwnam: successful returning
>>> struct for name: dspam
>>> 24296: [07/14/2010 11:51:33] Connecting to 127.0.0.1:3310 for virus
>>> check
>>> 24296: [07/14/2010 11:51:33] Connecting to 127.0.0.1:1519 for virus
>>> stream transmission
>>> 24296: [07/14/2010 11:51:33] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:51:33] Loading 46 BNR patterns
>>> 24296: [07/14/2010 11:51:33] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:51:33] Whitelist threshold: 10
>>> 24296: [07/14/2010 11:51:33] [graham] [0.994501]
>>> X-Concentric-MX-Info*sro=6 (1frq, 153s, 0i)
>>> 24296: [07/14/2010 11:51:33] [burton] [0.994501]
>>> X-Concentric-MX-Info*sro=6 (1frq, 153s, 0i)
>>> [...]
>>> 24296: [07/14/2010 11:51:33] [burton] [0.990000]
>>> X-Concentric-MX-Info*trb=3+sro=6 (1frq, 13s, 0i)
>>> 24296: [07/14/2010 11:51:33] Graham-Bayesian Probability: 1.000000
>>> Samples: 15
>>> 24296: [07/14/2010 11:51:33] Burton-Bayesian Probability: 1.000000
>>> Samples: 27
>>> 24296: [07/14/2010 11:51:33] using Graham factors
>>> 24296: [07/14/2010 11:51:33] Result Confidence: 0.99
>>> 24296: [07/14/2010 11:51:33] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:51:33] Control: [10 10] [11 10] Delta: [1 0]
>>> 24296: [07/14/2010 11:51:33] total processing time: 0.19783s
>>> 24296: [07/14/2010 11:51:33] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:51:33] saving signature as 4c3e0735242961745836787
>>> 24296: [07/14/2010 11:51:33] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:51:33] libdspam returned probability of 1.000000
>>> 24296: [07/14/2010 11:51:33] message result: SPAM
>>> 24296: [07/14/2010 11:51:34] _mysql_drv_getpwnam returning cached name
>>> dspam.
>>> 24296: [07/14/2010 11:51:34] delivering message
>>> 24296: [07/14/2010 11:51:34] Establishing connection to 127.0.0.1:10026
>>> 24296: [07/14/2010 11:51:34] Connection established
>>> 24296: [07/14/2010 11:51:34] DSPAM Instance Shutdown.  Exit Code: 0
>>> 24296: [07/14/2010 11:51:34] checking trusted user list for dspam(106)
>>> ===========================================
>>>
>>

------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
Dspam-user mailing list
Dspam-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspam-user