Am Mittwoch, 25. Oktober 2006 16:21 schrieb Robert Felber: > On Wed, Oct 25, 2006 at 03:34:07PM +0200, Urban Hillebrand wrote:
[...] > Note the multirecipient mail. > Policyd-weight checks before RBL checks whether the multirecipient mail has > already been reject. > > i.e.: > RCPT TO: [EMAIL PROTECTED] > < 5xx too many rbls > > > RCPT TO: [EMAIL PROTECTED] > > < 5xx $REJECTMSG with multirecipient statement I see - I suspected that some HELO-checks were still active (even if $dnsbl_checks_only is set). Good to see that I was wrong :) Thanks for the explanation. > > (2) Probably related: Which scores are computed for $REJECTLEVEL? HELO + > > RHSBL? > > Too many to name: [...] If I understand this correctly, you have 2 completly discrete scores: One for RBLs, one for all other checks (HELO, client IP & RR, sender domain + RHSBLs). I have to admit that this was not clear to me after reading the conffile, so thanks for the clarification. > > (3) This is probably to early to report, as I have not yet been able to > > reproduce this problem. Has anyone had problems with policyd-weight and > > perl taint checking? > > DO _NOT_ use taint (yet), DO _NOT_ use -w > Perl is too chatty on STDERR. Postfix reads also STDERR messages (at least > this goes for the master.cf mode). Thus we have to be very strict on what > we output to STDERR|STDOUT or manage without ill module hacks that STDERR > gets redirected to mylog(). > > And taint leads to unexpected exits. > (NOTE: personally I avoid modules as much as possible for single point of > failure reasons.) Well, ok, the thing is, we did not change your script in any way to turn it on! What´s interesting as well: policyd-weight did run on 1 machine for about 2 hours before it showed the problem I described, one the 2nd machine it showed the error right away. Could some error in the config file have led to this? Right now they are like this: $TCP_PORT = 12525 $LOCKPATH = '/var/tmp/.policyd-weight/'; $dnsbl_checks_only = 1; $VERBOSE = 0; Previously, I also had left the comment about $LOCKPATH (as shown with "policyd-weight defaults") in the file: my $LOCKPATH = '/tmp/.policyd-weight/'; # must be a directory (add # trailing slash) <wild guess>Could the second line starting with "# t" have caused this??</wild guess> Anyway, this still would not explain why it was running without problems for several hours, or would it? Thanks for your time! U. ____________________________________________________________ Policyd-weight Mailinglist - http://www.policyd-weight.org/
