Re: [AMaViS-user] Amavisd and canonical maps?
Marcel, > Because in my postfix, i use virtual domains. A Mailbox is > Named like this: [EMAIL PROTECTED] And then > i use canonical maps, to get the outgoing E-Mails rewritten to > Theyr real names whith the original domains like this: [EMAIL PROTECTED] > ... i must set the email adresses like the original: > [EMAIL PROTECTED] > To get it working, a entry in users like [EMAIL PROTECTED] or test.org doesn't > Match, only the @. Matched then. > > Is there a way to get my virtual Table, witch is used as canonical too > working in amavisd so that he uses the real E-mail adresses? Sure, just configure your Postfix to do canonical mapping where you like it (before or after the content filter). See README.postfix and search for: TO DO 'VIRTUAL ALIAS' MAPPING AND OTHER CLEANUP PROCESSING BEFORE OR AFTER CONTENT FILTERING? Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SQL quarantine, quarantine table not optimized
Paolo, > As expected, there was no significant speedup/slowdown. Ok, thanks for your investigation. > You might want to add a note for MySQL users to read Chapter 15 of the > reference manual On chapter 15.17 I found: >... > So, do not waste time and resources by creating a specific index on > quarantine.mail_id since it doesn't speedup COUNT(*) queries, which are > anyway meaningless without a WHERE chunk_ind=1 clause. Thanks, will add a note to README.sql (already on the web page now). Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] f-prot DIED on signal 11 (008b)
> > > [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive > > > -packed /var/amavis/tmp/amavis-20050801T172532-40177 > > > truss: cannot open /proc/82371/mem: No such file or directory > > > truss: cannot open /proc/curproc/mem: No such file or directory > > > > > > Seems like it's trying to access directories within /proc > According to the original post (unless I misread it) the f-prot was > installed from the ports collection. So it was claimed. > This version is a native FreeBSD > binary, not run under Linux emulation. > > $ file /usr/local/f-prot/f-prot > /usr/local/f-prot/f-prot: ELF 32-bit LSB executable, Intel 80386, > version 1 (FreeBSD), for FreeBSD 4.9, statically linked, stripped Andy, you are right. But then again, the version I install from ports (observed through truss -f) does not attempt to access /proc, yet the version GM runs apparently wants it. Perhaps it wasn't installed from ports after all. > Additionally, it does not need the /proc filesystem mounting, as far as > I can see. Certainly this version is running on my system without a > procfs. Ditto here (FreeBSD 5.4). (I do have a /proc on this test machine, but f-prot does not access it). > The one caveat for running it on FreeBSD 5.x is that the compat4x > libraries need to be in place, either as part of the world build or by > installing the misc/compat4x port. Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Amavisd and canonical maps?
Hello, I have a working web-cyradm installation with amavisd-new. Because in my postfix, i use virtual domains. A Mailbox is Named like this: [EMAIL PROTECTED] And then i use canonical maps, to get the outgoing E-Mails rewritten to Theyr real names whith the original domains like this: [EMAIL PROTECTED] No wonder about the names, i have installed them in my lokal dns server. When i use sql_lookups in amavisd-new, all works fine. But i must set The email adresses like the original: [EMAIL PROTECTED] To get it working, a entry in users like [EMAIL PROTECTED] or test.org doesn't Match, only the @. Matched then. Is there a way to get my virtual Table, witch is used as canonical too (from the web-cyradm installation!), working in amavisd so that he uses the real E-mail adresses? Like [EMAIL PROTECTED] Greets Marcel --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] f-prot DIED on signal 11 (008b)
Hi, On Monday 01 August 2005 21:46, Mark Martinec wrote: > GM, > > > [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive > > -packed /var/amavis/tmp/amavis-20050801T172532-40177 > > truss: cannot open /proc/82371/mem: No such file or directory > > truss: cannot open /proc/curproc/mem: No such file or directory > > > > Seems like it's trying to access directories within /proc > > To run linux emulation binaries on FreeBSD, you most likely also > need the /proc file system available. According to the original post (unless I misread it) the f-prot was installed from the ports collection. This version is a native FreeBSD binary, not run under Linux emulation. $ file /usr/local/f-prot/f-prot /usr/local/f-prot/f-prot: ELF 32-bit LSB executable, Intel 80386, version 1 (FreeBSD), for FreeBSD 4.9, statically linked, stripped Additionally, it does not need the /proc filesystem mounting, as far as I can see. Certainly this version is running on my system without a procfs. The one caveat for running it on FreeBSD 5.x is that the compat4x libraries need to be in place, either as part of the world build or by installing the misc/compat4x port. -- Andy Fawcett | [EMAIL PROTECTED] | [EMAIL PROTECTED] "In an open world without walls and fences, | [EMAIL PROTECTED] we wouldn't need Windows and Gates." -- anon | [EMAIL PROTECTED] --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Stripping attachments
Thank you for taking the time to completely and thoroughly answer my questions. Cheers, Gordon Mark Martinec wrote: Gordon, Is it possible to strip an attachment in the case of "$final_banned_destiny" with other Amavisd-NEW options so that the attachment is saved to, say, /var/virusmails, and still the original email text is delivered to the user's mailbox with a notification that the executable attachment has been stripped and quarantined? No, this is currently not possible nor planned for immediate future. Oh, I think I see what you mean - by using the info included here? http://www.ijs.si/software/amavisd/README.customize.txt Which of these options do you think would give me what I'm looking for? The most you can get with using a built-in macro processor is to include the full mail header (macro %H), which is not exactly what you need. Mail body is not available through macros, one reason is that it is not stored in memory. One approach would be to modify sub defanged_mime_entity() to re-assemble a replacement MIME::Entity object out of original mail, based on some filtering rules. Some people have modified the source code to pass the email.txt to altermime and to forward to recipients its results. While tricks like that are certainly possible and not too difficult to implement, these are currently just more or less successful experiments. A quarantine management GUI may offer ability to let recipient look into his quarantined message, and only display plain text parts. may I suggest this functionality be included in future revs of the product? I know that other Anti-SPAM/VIRUS/BLOCKED utilities have this capability and it just seems like another nicety to add to an already very nice tool. You may suggest, but it is way down on a priority list. Adding such functionality is another can of worms / a project all in itself. Amavis* project(s) so far stayed on the position that a mail body should not be changed apart from some added/edited header fields (partly because we don't want to be culpable when something goes wrong). While I did give-in somewhat when I introduced a simple form of 'mail defanging' (wrapping a message/rfc822 MIME container around original mail in certain cases), I have no immediate plans to refine/extend such functionality. Stripping away MIME parts may have some niche use, but as a general approach I believe it is less useful than may appear at a first glance. Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] f-prot DIED on signal 11 (008b)
GM, > [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed > /var/amavis/tmp/amavis-20050801T172532-40177 > truss: cannot open /proc/82371/mem: No such file or directory > truss: cannot open /proc/curproc/mem: No such file or directory > Seems like it's trying to access directories within /proc To run linux emulation binaries on FreeBSD, you most likely also need the /proc file system available. Into the /etc/fstab you need to add an entry like: proc /proc procfs rw 0 0 and mount the /proc partition. > I have taken the libirty to create the directory /proc/curproc/mem ,, but > I'm not sure about the random /proc/82371/mem directories. Anyway, this is > what I then get :- /proc is not supposed to be a regular file system. Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] f-prot DIED on signal 11 (008b)
GM wrote: GM wrote: Hi Mark I guess we are getting closer to the problem perhaps... Seems like it's trying to access directories within /proc [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/82371/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84362/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84610/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory I have taken the libirty to create the directory /proc/curproc/mem ,, but I'm not sure about the random /proc/82371/mem directories. Anyway, this is what I then get :- [EMAIL PROTECTED] /]# truss f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84690/mem: No such file or directory truss: cannot open /proc/curproc/mem: Is a directory [EMAIL PROTECTED] /]# Much apreciated ! GM. Hi, /proc/82371/mem isn't random. /proc is a virtual file system. 82371 is a directory containing info about process 82371. mem is a file containing memory usage info for that process. If the directory/file doesn't exist. Chances are process 82371 ended before f-prot got to read it. That or it is not allowed (ie. permissions). If your using Linux, check out 'man proc'. David Hi David I have the following permissions on my /proc directory :- drwxrwxrwx 3 root wheel 512B Aug 1 17:45 proc/ I am using freeBSD 5.3 ad 5.4 and getting the same error on both versions / releases. PS: Thanx for the prompt reponse... GM. Check the permissions on the directories within /proc. Also, get the pid of a running process and go into it's directory and check the permissions there. For example, I did the following as my amavisd user: (PID 29659 is the pid of the master amavisd on my system.) $ cd / $ ls -l | grep proc dr-xr-xr-x 145 root root0 Jan 18 2005 proc/ $ cd /proc $ ls -l | grep 29659 dr-xr-xr-x 3 amavisd amavisd 0 Aug 1 12:40 29659/ $ cd 29659 $ ls -l $ ls -l ls: cannot read symbolic link cwd: Permission denied ls: cannot read symbolic link root: Permission denied ls: cannot read symbolic link exe: Permission denied total 0 -r 1 root root 0 Aug 1 13:40 auxv -r--r--r-- 1 root root 0 Aug 1 13:40 cmdline lrwxrwxrwx 1 root root 0 Aug 1 13:40 cwd -r 1 root root 0 Aug 1 13:40 environ lrwxrwxrwx 1 root root 0 Aug 1 13:40 exe dr-x-- 2 root root 0 Aug 1 13:40 fd/ -r--r--r-- 1 root root 0 Aug 1 13:40 maps -rw--- 1 root root 0 Aug 1 13:40 mem<-- file in question -r--r--r-- 1 root root 0 Aug 1 13:40 mounts lrwxrwxrwx 1 root root 0 Aug 1 13:40 root -r--r--r-- 1 root root 0 Aug 1 13:40 stat -r--r--r-- 1 root root 0 Aug 1 13:40 statm -r--r--r-- 1 root root 0 Aug 1 13:40 status dr-xr-xr-x 3 root root 0 Aug 1 13:40 task/ -r--r--r-- 1 root root 0 Aug 1 13:40 wchan $ As you can see, there are certain file that on root can read. mem is one of them. So.. $ cat mem cat: mem: Permission denied $ f-prot is trying to read a file it does not have access to when it is not running as root. Looks like the f-prot writers didn't add code to handle IO errors such as "permission denied". Now, I did this is on a linux system, try following the same steps on a *BSD system and see what happens. HTH David --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: [Mailzu-users] Quarantining Virus Mails
Brian Wong wrote: Chris, On 8/1/05, Chris Phillips <[EMAIL PROTECTED]> wrote: Hi there, I'm very new to mailzu & have a few questions, but will start with this one for now: - I would like to be able to see any emails stopped for containing viruses, in the quarantine area, but I can not. This is currently not implemented. Sam and I thought that it wasnt really useful at the time, and figured it would be rare that people would ever want viruses released due to the amount of possible FPs to occur. Bad headers is also not implemented, and I believe the reason was we just didnt get around to it. We based alot of our work around what our site needed, but now that MailZu is publicly used, we are starting to add feature requests. Consider the two above missing implementations added to our TODO list. It isnt much work so possibly in the upcoming RC3. Sorry for the inconvenience. Is there some config tweak I have missed in mailzu, or is this related to my amavisd-new config? Nope, nothing wrong with your config at all. Ah! Thanks Brian, that's set my mind at rest :) It's really good to know that they're on the TODO, cool. I'll keep my eyes peeled for future releases... --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
RE: [AMaViS-user] f-prot DIED on signal 11 (008b)
GM wrote: > Hi Mark > > I guess we are getting closer to the problem perhaps... > > Seems like it's trying to access directories within /proc > > [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive > -packed > /var/amavis/tmp/amavis-20050801T172532-40177 > truss: cannot open /proc/82371/mem: No such file or directory > truss: cannot open /proc/curproc/mem: No such file or directory > > > [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive > -packed > /var/amavis/tmp/amavis-20050801T172532-40177 > truss: cannot open /proc/84362/mem: No such file or directory > truss: cannot open /proc/curproc/mem: No such file or directory > > > [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive > -packed > /var/amavis/tmp/amavis-20050801T172532-40177 > truss: cannot open /proc/84610/mem: No such file or directory > truss: cannot open /proc/curproc/mem: No such file or directory > > I have taken the libirty to create the directory /proc/curproc/mem ,, > but I'm not sure about the random /proc/82371/mem directories. Anyway, > this is what I then get :- > > [EMAIL PROTECTED] /]# truss f-prot f-prot -dumb -archive -packed > /var/amavis/tmp/amavis-20050801T172532-40177 > truss: cannot open /proc/84690/mem: No such file or directory > truss: cannot open /proc/curproc/mem: Is a directory > [EMAIL PROTECTED] /]# > > > Much apreciated ! > > > GM. Hi, /proc/82371/mem isn't random. /proc is a virtual file system. 82371 is a directory containing info about process 82371. mem is a file containing memory usage info for that process. If the directory/file doesn't exist. Chances are process 82371 ended before f-prot got to read it. That or it is not allowed (ie. permissions). If your using Linux, check out 'man proc'. David Hi David I have the following permissions on my /proc directory :- drwxrwxrwx 3 root wheel 512B Aug 1 17:45 proc/ I am using freeBSD 5.3 ad 5.4 and getting the same error on both versions / releases. PS: Thanx for the prompt reponse... GM. --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] f-prot DIED on signal 11 (008b)
GM wrote: Hi Mark I guess we are getting closer to the problem perhaps... Seems like it's trying to access directories within /proc [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/82371/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84362/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84610/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory I have taken the libirty to create the directory /proc/curproc/mem ,, but I'm not sure about the random /proc/82371/mem directories. Anyway, this is what I then get :- [EMAIL PROTECTED] /]# truss f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84690/mem: No such file or directory truss: cannot open /proc/curproc/mem: Is a directory [EMAIL PROTECTED] /]# Much apreciated ! GM. Hi, /proc/82371/mem isn't random. /proc is a virtual file system. 82371 is a directory containing info about process 82371. mem is a file containing memory usage info for that process. If the directory/file doesn't exist. Chances are process 82371 ended before f-prot got to read it. That or it is not allowed (ie. permissions). If your using Linux, check out 'man proc'. David --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
RE: [AMaViS-user] f-prot DIED on signal 11 (008b)
Hi Mark I guess we are getting closer to the problem perhaps... Seems like it's trying to access directories within /proc [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/82371/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84362/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory [EMAIL PROTECTED] /]# truss -o 0.log f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84610/mem: No such file or directory truss: cannot open /proc/curproc/mem: No such file or directory I have taken the libirty to create the directory /proc/curproc/mem ,, but I'm not sure about the random /proc/82371/mem directories. Anyway, this is what I then get :- [EMAIL PROTECTED] /]# truss f-prot f-prot -dumb -archive -packed /var/amavis/tmp/amavis-20050801T172532-40177 truss: cannot open /proc/84690/mem: No such file or directory truss: cannot open /proc/curproc/mem: Is a directory [EMAIL PROTECTED] /]# Much apreciated ! GM. -Original Message- From: Mark Martinec [mailto:[EMAIL PROTECTED] Sent: Monday, August 01, 2005 2:05 AM To: [EMAIL PROTECTED] Subject: Re: [AMaViS-user] f-prot DIED on signal 11 (008b) GM, > # su vscan -c 'f-prot -dumb -archive -packed > /var/amavis/tmp/amavis-20050731T034318-00618 Segmentation fault > > # f-prot -dumb -archive -packed > /var/amavis/tmp/amavis-20050731T034318-00618 scanning report - 31 July 2005 @ 3:45 If the program f-prot runs well as root, but fails on SEGV when running as user vscan, I would suspect some problem with its internal files (like virus signatures), or perhaps with its environment or account vscan, triggering a bug in f-prot, unprepared to handle the unexpected situation. Does it run under your ordinary user account? Try running it through truss, both as root and as user vscan, save trace on a file, and compare the two. It may narrow down the problem to a nearby operation that f-prot executed: # truss -o 0.log f-prot f-prot -dumb -archive -packed some-directory # su vscan $ truss -o 1.log f-prot f-prot -dumb -archive -packed some-directory (make sure the truss log file can be created, considering uid) Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SQL quarantine, quarantine table not optimized
Mark Martinec wrote: it would be more informative to ask for: SELECT count(*) FROM quarantine WHERE chunk_ind = 1; to get the number of quarantined messages, regardless of their size, which may span multiple 16 kB chunks. Got it. Now I understand the meaning of chunk_ind. :) Since the primary key on table quarantine is: PRIMARY KEY (mail_id,chunk_ind) I would expect that this may be quicker, even if there is no index on mail_id alone. In Oracle terms, a SELECT COUNT(*) would hit the first PK field when the WHERE clause is composed of just one field and not both. I don't know in MySQL InnoDB ... Could you please try it, and if there is no speedup, I'll add your suggestion to README.sql. As expected, there was no significant speedup/slowdown. You might want to add a note for MySQL users to read Chapter 15 of the reference manual On chapter 15.17 I found: "InnoDB does not keep an internal count of rows in a table. (This would actually be somewhat complicated because of multi-versioning.) To process a SELECT COUNT(*) FROM T statement, InnoDB must scan an index of the table, which takes some time if the index is not entirely in the buffer pool. To get a fast count, you have to use a counter table you create yourself and let your application update it according to the inserts and deletes it does. If your table does not change often, using the MySQL query cache is a good solution. SHOW TABLE STATUS also can be used if an approximate row count is sufficient. See Section 15.12, “InnoDB Performance Tuning Tips”." So, do not waste time and resources by creating a specific index on quarantine.mail_id since it doesn't speedup COUNT(*) queries, which are anyway meaningless without a WHERE chunk_ind=1 clause. Thank you all for your support! Paolo --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SQL quarantine, quarantine table not optimized
On 8/1/05, Paolo Cravero as2594 <[EMAIL PROTECTED]> wrote: > Mark Martinec wrote: > > Dobar Dan Mark > > > I think that instead of asking for: > > SELECT count(*) FROM quarantine; > > (which gives the number of records in the database) > > > > it would be more informative to ask for: > > SELECT count(*) FROM quarantine WHERE chunk_ind = 1; > > > > to get the number of quarantined messages, regardless of their size, > > which may span multiple 16 kB chunks. > > Those two queries return different results. Did you mean "chunk_ind >= > 1", perhaps? In that case the count corresponds. > No. It is "WHERE chunk_ind = 1". Otherwise you may count some quarantined messages multiple times. Do a "SELECT * FROM quarantine" for the mail_id of a message larger than 16kB. You will understand then. Sam --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_idt77&alloc_id492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Auto Forward/Redirect eBay Phishing Spoofs
Chris Phillips wrote: I would like to have eBay spoof emails, automagically forwarded/redirected to the anti-phishing squad at eBay <[EMAIL PROTECTED]> & am hoping that you may be able to point me in the right direction. It would be cool if I could add something like '*PHISHING*', to the subject & perhaps have the outbound email come from '<>', as the response email from eBay is almost as annoying as the spoof! Interresting idea. We're using clamav to scan for viruses in addition to another antivirus and clam detects a lot of phishing scams. I was hoping that clam would give a different return code for viruses and phishing scams but it doesn't appear to be the case. However in my email I get a copy of the scanning results and the subject looks like: VIRUS (HTML.Phishing.Pay-16) FROM <[EMAIL PROTECTED]> I suppose i could then write a procmail rule that would send the message somewhere based on some parameters like phishing.pay gets sent to paypal, etc. Probably not what you had in mind, someone else might have a better idea. --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SQL quarantine, quarantine table not optimized
Mark Martinec wrote: Dobar Dan Mark I think that instead of asking for: SELECT count(*) FROM quarantine; (which gives the number of records in the database) it would be more informative to ask for: SELECT count(*) FROM quarantine WHERE chunk_ind = 1; to get the number of quarantined messages, regardless of their size, which may span multiple 16 kB chunks. Those two queries return different results. Did you mean "chunk_ind >= 1", perhaps? In that case the count corresponds. Could you please try it, and if there is no speedup, I'll add your suggestion to README.sql. I tried both queries and noticed no speed difference. Then I removed my additional index on the mail_id and did other things to the database and now all queries are deadly long: above 3 minutes for 167k rows for both queries, on an zero-load MySQL instance. I also used FLUSH QUERY CACHE before each query. I will dump the quarantine table and recreate it from scratch before giving a definitive answer for speed comparison. In any case, as repoted in my self-reply, MySQL InnoDB tables are not optimized for SELECT COUNT(*). Paolo --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Problem processing messages, more
Jay, > (03014-01) run_command: [3023] /usr/local/bin/file p001 &1 > (03014-01) TROUBLE in check_mail: parts_decode_ext FAILED: parsing > file(1) results - missing last 1 results at (eval 39) line 156. > Very strange. . . > This all worked just fine, until I had to reboot yesterday. > I get the exact same error for every message. > It lookslike "file" failed somehow, yet when I run the command: > /usr/local/bin/file p001 > p001: ASCII make commands text For some reason no result seems to be coming back from file(1), it just terminates with a success status. Does it work when you run the exact same command under user vscan? su vscan /usr/local/bin/file p001 &1 echo $? Mark --- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/