using report in userpref sql table
I'm using the latest SpamAssassin, 3.1.7, with perl 5.8.8 with Slack 11.0, MySQL 5.0.24a, DBD-mysql-3.0008, DBI-1.53. I should also mention I am using MIMEDefang to call the Mail::SpamAssassin routines versus running spamc and spamd, but my question (I believe) is independent of that usage. I tested the standard userpref table and was able to store settings for report for a user with a single line value. However the standard loading of userprefs from the table doesn't give me a way to ORDER BY things like report which will have multiple entries but for which the order DOES matter (unlike, say, a list of whitelist_from's). So I just want to make sure I am on the right track, because I see two options: * Some way encode my line breaks for my report into a giant long line (yuck, unless there is some cool automagical way to do this in MySQL). * Create a custom query in SA and have another column which I can use as line number for ORDER BY after I sort %GLOBAL, users, etc. If anyone else is storing different reports in userpref SQL tables and has some advice, I'd appreciate it. Thanks! Matt -- Matthew S. Cramer [EMAIL PROTECTED] Office: 717-396-5032 Project Manager, Planning and Service ManagementFax:717-396-5590 Armstrong World Industries, Inc.Cell: 717-917-7099
Re: Bayes mysql db error
On Wed, Nov 02, 2005 at 01:23:54PM -0600, Mike Loiterman wrote: spamassassin -D --lint debug.txt 21 [22511] dbg: bayes: database connection established [22511] dbg: bayes: found bayes db version 3 [22511] dbg: bayes: unable to initialize database for root user, aborting! [22511] dbg: bayes: not scoring message, returning undef [22511] dbg: bayes: opportunistic call attempt failed, DB not readable Have you tried running sa-learn with a piece of mail? I run sitewide bayes (not per-user) in MySQL and after setting up the access and making the tables, my lint was failing like your's above. Doing an sa-learn to populate the tables with some data first allowed the lint to work without any bayes errors. Matt -- Matthew S. Cramer [EMAIL PROTECTED] Office: 717-396-5032 Project Manager, Planning and Service ManagementFax:717-396-5590 Armstrong World Industries, Inc.Cell: 717-917-7099
Re: Do we need a Joe job bounce message blacklist?
On Mon, May 30, 2005 at 11:48:53AM -0400, Kevin Peuhkurinen wrote:
Matthew S. Cramer wrote:
If an email is from or MAILER-DAEMON then I check the mail for a
line that looks like /^Received.*one.of.our.ip.addresses/. If it
doesn't have the line, then I reject the mail with a 554 and Bounced
message did not originate here.
I was intrigued by this idea and started looking at some of the mail
coming in from the address. One thing I've noticed is that lots of
Read reciepts are sent using this address. Have you done something
to allow these through or do you reject them as well?
Here is my perl code for MIMEDefang. I took this from something
another member of that list had posted.
# Confirm bounces originated from Armstrong
if ($Sender =~ /^$|^mailer-daemon\@/i) {
my $found = 0;
my $receivedline = 0;
# Skip header
if (open(IN,./INPUTMSG)) {
while(IN) {
s/[\r\n]+//g;
last if /^$/;
}
# Search body
while(IN) {
next unless /Received:/i;
$receivedline++;
# Look for our ip-range.
if (/x\.y\.z\./) {
$found++;
last;
}
}
close IN;
if ($receivedline !$found) {
return action_bounce(Bounced message has no Received line from
Armstrong);
}
}
}
So to answer the couple of questions - this doesn't break DSN since I am
looking for the Received line itself. Hope that clarifies some
things.
Matt
--
Matthew S. Cramer [EMAIL PROTECTED] Office: 717-396-5032
Infrastructure Security Analyst Fax:717-396-5590
Armstrong World Industries, Inc.Cell: 717-917-7099
Re: Do we need a Joe job bounce message blacklist?
On Fri, May 27, 2005 at 12:16:52PM -0500, [EMAIL PROTECTED] wrote: I think this is an awesome idea! I hate getting stupid emails about how my spam or virus was rejected from someone I've never heard of. I can't very well be sending out Outlook viruses from a Linux box! Its just adding to the problem of wasting bandwith with worthless mail. You could probably do this with a SA rule. I do it with MIMEDefang milter. If an email is from or MAILER-DAEMON then I check the mail for a line that looks like /^Received.*one.of.our.ip.addresses/. If it doesn't have the line, then I reject the mail with a 554 and Bounced message did not originate here. This has eliminated all the bogus bounces of spam and bogus virus alerts. I think virtually all MTAs include original message headers when bouncing (even the ones that are sending the bogus spam and virus bounces) so we haven't had any issues with this for the 6 months we've been doing it. Theoretically a legitimate bounce that didn't include the original message headers would be rejected, but then it should end up with the postmaster of the original bouncer and they will see the cause of the error and fix their MTA. But if that has happened to us, no one has complained. Matt -- Matthew S. Cramer [EMAIL PROTECTED] Office: 717-396-5032 Infrastructure Security Analyst Fax:717-396-5590 Armstrong World Industries, Inc.Cell: 717-917-7099
Re: Comparison of SA and commercial solutions
monthly cost/user: $0.03 So I can market too: we block 90% of the spam before [the DATA phase of SMTP] comes onto our network. Our FP percent is less than 1/100th of a percent. Only 0.35% of people who are emailed an executable need it right away and call the Helpdesk. I have no way for users to report missed spam, so I use my anecdotal experience and guess we get about 97-99%. (Hopefully I will give users a report as spam button in their MUA in the near future, but then someone will have to manually review it for accuracy if there is a lot, i.e. AOL user confusion over Delete vs. Delete as Spam.) I use as reference this study http://www.networkworld.com/reviews/2004/122004spampkg.html from Network World, and calculate my numbers the same they do their numbers (PPV etc.). HTH, Matt -- Matthew S. Cramer [EMAIL PROTECTED] Office: 717-396-5032 Infrastructure Security Analyst Fax:717-396-5590 Armstrong World Industries, Inc.Cell: 717-917-7099
