On Sat, Aug 26, 2006 at 03:04:59PM -0600, Gary V wrote: > After I installed 0.1.13 beta over the top of 0.1.13 beta 1, I got: > Aug 26 14:25:29 sfa postfix/policydweight[6299]: warning: cache: syntax > error in file /etc/policyd-weight.conf: Global symbol "$BIND_ADDRESS" > requires explicit package name at (eval 15) line 15.
Yes. "Old" versions cannot make use of new settings as the default value for that variable must be initialized by policyd-weight. This is done by calling "my $VAR" in plicyd-weight first, then evaluating the config file. Old versions don't know that, so perl gets irritated. That's the flipsite of using use strict; If you want to use "old" versions you need to remove "new" parameters from the config file (otherwise it uses builtin defaults). > This is after I stopped policyd-weight and the cache. Looks like I > should have also deleted the cache file after doing so. A reboot must > have done it for me. I assume /tmp/policyd-weight is the cache file I > should have deleted (after stopping the processes). Actually it should be /tmp/.poliyd-weight/polw.sock I've noticed the bug in the sample config file and updated. (NOTE: changing socket locations is always a bit not so flaw-less) > ######################################## > > I am confused about something. You say: > > $DEFER_ACTION = "450"; # possible values: DEFER_IF_PERMIT, > # DEFER_IFREJECT, > # 4xx response codes. See also access(5) > > $DEFER_LEVEL = 5; # DEFER mail only up to this level > # scores greater than DEFER_LEVEL will be > # rejected > > So I would think at a score of 1.5, policyd-weight would send a 450 > code, but I see a 550 code: > > Aug 26 14:31:54 sfa postfix/policydweight[2543]: weighted check: > NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_BL_NJABL=-1.5 NOT_IN_SPAMCOP=-1.5 > CL_IP_NE_HELO=1.5 RESOLVED_IP_IS_NOT_HELO=1.5 (check from: > .example. - helo: .gary.) FROM_NOT_FAILED_HELO=3 > <client=192.168.1.41> <helo=gary> <[EMAIL PROTECTED]> > <[EMAIL PROTECTED]>, rate: 1.5 > > Aug 26 14:31:54 sfa postfix/policydweight[2543]: decided action=550 > Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator > to correct HELO and DNS MX settings or to get removed from DNSBLs; > MTA helo: gary, MTA hostname: unknown[192.168.1.41] (helo/hostname > mismatch) > > Maybe I don't understand. Personally, I would rather see the 5xx code > as happened here. You have not noticed: $DEFER_STRING = "IN_SPAMCOP= BOGUS_MX="; # a space separated case-sensitive list of # strings on which if found in the $RET # logging-string policyd-weight changes # its action to $DEFER_ACTION in case ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ # of rejects. # USE WITH CAUTION! > and then manually whitelist chosen clients, I don't see why a > mechanism like policyd-weight would ever want to say there has been a > temporary failure. This is to make exceptions for certain things which *could* mean a temporary issue. Spamcop is such a case. BOGUS_MX is questionable, I've kept it because of I was unsure whether such thing can be temporarily. I.e. the above query would have let to a 4xx if the client would have been in spamcop, and its score under 5. This is because spamcop is *very* aggressive, but also very effective. However, I am thinking about a way to chain DNSBL results with after-qeue results from amavis (just to make optimal safe use of spamcop). Problem with after-qeue (amavis) results is, I have seen mail from the amavis-user and postfix-user list in the quarantine. So we need a way to make safe use of after-queue results. -- Robert Felber (PGP: 896CF30B) Munich, Germany ____________________________________________________________ Policyd-weight Mailinglist - http://www.policyd-weight.org/