[AMaViS-user] RE: Content_filter exceptions
Mark, Steve, I am having a problem where my content filter (amavisd-new) is failing to deal with large messages, even though it knows to bypass all filtering on messages over 1M and pass it up to the second postfix smtpd. We need to be able to receive these large messages (I know, I know...) How large is your 'large'? See detailed amavisd-new timing log (at $log_level=2) and identify what operation is taking excessively long time. Fix the problem where it occurs. (followups if any to the amavis-user ML please) Mark Well, 40MB in this case. And I am using the amavis-new variant from Maia, so I didn't want to bug you guys ;) But, since you asked...This is what the log looks like at level 5. As you can see, spam filtering is being bypassed and we aren't hitting any timeouts. Just seems to fall over. Jan 18 14:29:55 spam amavis[8890]: (08890-01) SMTP 220 [127.0.0.1] ESMTP amavisd-new service ready Jan 18 14:29:55 spam amavis[8890]: (08890-01) idle_proc, 4: was busy, 40.9 ms, total idle 0.000 s, busy 0.041 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) idle_proc, 5: was idle, 1.9 ms, total idle 0.002 s, busy 0.041 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) prolong_timer after reading SMTP command: remaining time = 600 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) SMTP EHLO spam.example.com\\r\\n Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP 250-[127.0.0.1] Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP 250-PIPELINING Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP 250-SIZE Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP 250-8BITMIME Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP 250-ENHANCEDSTATUSCODES Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP 250 XFORWARD NAME ADDR PROTO HELO Jan 18 14:29:55 spam amavis[8890]: (08890-01) idle_proc, 6: was busy, 8.4 ms, total idle 0.002 s, busy 0.049 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) idle_proc, 5: was idle, 1.1 ms, total idle 0.003 s, busy 0.049 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) prolong_timer after reading SMTP command: remaining time = 600 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP MAIL FROM:[EMAIL PROTECTED] SIZE=40107064\\r\\n Jan 18 14:29:55 spam amavis[8890]: (08890-01) prolong_timer after MAIL FROM received - timer reset: remaining time = 600 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) prepare_tempdir: creating directory /var/spool/spamassassin/tmp/amavis-20060118T142955-08890 Jan 18 14:29:55 spam amavis[8890]: (08890-01) prepare_tempdir: creating file /var/spool/spamassassin/tmp/amavis-20060118T142955-08890/email.txt Jan 18 14:29:55 spam amavis[8890]: (08890-01) lookup (debug_sender) = undef, [EMAIL PROTECTED] does not match Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP 250 2.1.0 Sender [EMAIL PROTECTED] OK Jan 18 14:29:55 spam amavis[8890]: (08890-01) idle_proc, 6: was busy, 17.0 ms, total idle 0.003 s, busy 0.066 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) idle_proc, 5: was idle, 0.8 ms, total idle 0.004 s, busy 0.066 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) prolong_timer after reading SMTP command: remaining time = 600 s Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP RCPT TO:[EMAIL PROTECTED]\\r\\n Jan 18 14:29:55 spam amavis[8890]: (08890-01) Connecting to SQL database server Jan 18 14:29:55 spam amavis[8890]: (08890-01) connect_to_sql: trying 'DBI:mysql:maia:localhost' Jan 18 14:29:55 spam amavis[8890]: (08890-01) connect_to_sql: 'DBI:mysql:maia:localhost' succeeded Jan 18 14:29:55 spam amavis[8890]: (08890-01) lookup_acl([EMAIL PROTECTED]) matches key .example.com, result=1 Jan 18 14:29:55 spam amavis[8890]: (08890-01) lookup (local_domains) = true, [EMAIL PROTECTED] matches, result=1, matching_key=.nth-inc.com Jan 18 14:29:55 spam amavis[8890]: (08890-01) query_keys: [EMAIL PROTECTED], fred, @example.com, @.example.com, @.com, @. Jan 18 14:29:55 spam amavis[8890]: (08890-01) SQL prepare(6): SELECT *,users.id FROM users,policy WHERE (users.policy_id=policy.id) AND (users.email IN (?,?,?,?,?,?)) ORDER BY users.priority DESC Jan 18 14:29:55 spam amavis[8890]: (08890-01) lookup_sql [EMAIL PROTECTED], query keys: [EMAIL PROTECTED], fred, @example.com, @.example.com, @.com, @. Jan 18 14:29:55 spam amavis[8890]: (08890-01) lookup_sql select: SELECT *,users.id FROM users,policy WHERE (users.policy_id=policy.id) AND (users.email IN (?,?,?,?,?,?)) ORDER BY users.priority DESC Jan 18 14:29:55 spam amavis[8890]: (08890-01) lookup_sql: [EMAIL PROTECTED] matches catchall, local=undef Jan 18 14:29:55 spam amavis[8890]: (08890-01) lookup_sql([EMAIL PROTECTED]) matches, result=(id=11, priority=2, policy_id=12, email=@nth-inc.com, maia_user_id=11, maia_domain_id=3, id=11, policy_name=@nth-inc.com, virus_lover=N, spam_lover=N, banned_files_lover=N, bad_header_lover=Y, bypass_virus_checks=N, bypass_spam_checks=N, bypass_banned_checks=N, bypass_header_checks=Y, discard_viruses=N, discard_spam=N, discard_banned_files=N,
[AMaViS-user] sql_select_white_black_list question...
I am trying to execute the following query: set @rid=?; (select wb FROM cfu_email.amavis_wblist,cfu_email.amavis_mailaddr WHERE ([EMAIL PROTECTED]) AND (sid=cfu_email.amavis_mailaddr.id) AND (cfu_email.amavis_mailaddr.email IN (%k)) ORDER BY cfu_email.amavis_mailaddr.priority DESC) UNION (select w as wb from horde_config.turba_objects where horde_config.turba_objects.object_email in (%k) and horde_config.turba_objects.owner_id in (select email from cfu_email.users where id = @rid)) I need to query 2 database tables for information on whitelisting users that are found in a whitelist/blacklist table and also in an address book. Unfortunately, I can't get the id passed to the query twice (in this case, id=40). Is there a simpler way to accomplish this other than rebuilding the apps to store everything in a single table? -- Thanks, - Joseph W. Breu, CCNA phone : +1.319.268.5228 Senior Network Administratorfax : +1.319.266.8158 Cedar Falls Utilities cell : +1.319.493.1686 support: +1.319.268.5221 url : http://www.cfu.net --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] how to enforce message size restrictions for a single address?
Is it possible to enforce message size restrictions per recipient in amavisd-new and to bounce oversized messages? Regards, Gregory --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavis-stats 0.1.20 problem - Is this the right place to ask?
On Jan 19, 2006, at 03:54 , Stephen Carter wrote: Stephen Carter Retrac Networking Limited www: http://www.retnet.co.uk Ph: +44 (0)7870 218 693 Fax: +44 (0)870 7060 056 CNA, CNE, CNS, CCNA, MCP Dale Walsh [EMAIL PROTECTED] 01/18/06 9:30 PM On Jan 18, 2006, at 14:38 , Stephen Carter wrote: I didn't find a current amavis-stats list or openly available e- mail address for dale walsh (at least not in the amavis-stats download) so I thought I'd ask here. I'm running SuSE 9.3 and have amavis-stats v 0.1.20 pretty much running fine, apart from the following php errors when I access the stats web page: Warning: Cannot modify header information - headers already sent by (output started at /usr/local/share/amavis-stats/amavis-stats.php: 277) in /usr/local/share/amavis-stats/includes/page_header.php on line 41 Warning: Cannot modify header information - headers already sent by (output started at /usr/local/share/amavis-stats/amavis-stats.php: 277) in /usr/local/share/amavis-stats/includes/page_header.php on line 47 Warning: Cannot modify header information - headers already sent by (output started at /usr/local/share/amavis-stats/amavis-stats.php: 277) in /usr/local/share/amavis-stats/includes/page_header.php on line 48 This occurs when some output is generated in the web interface before it outputs the html page. I did a little hunting around and found some general coding errors that can cause this and couldn't find anything similar in amavis- stats although I'm not a programmer so I wasn't counting on finding the problem there. Can someome tell me how to fix this problem? The alternative I have is to comment out the offending lines, but this disables what appears to be some no-cache directives in the original php code which I'd like to keep if possible. I see a small error in my logic where I don't test for the existence of virus data before calling rrd_graph, I'll correct this and have a solution soon but seeing as how you now have virus data you wont be experiencing this problem anymore. Thanks, Stephen Carter -- Dale Thanks Dale. Some time after I posted the e-mail I continued testing by sending through bogus e-mails, thus generating the required data and the errors went away. Although I didn't post the url, I suppose it was easy enough to guess! from the URL I can see how you installed it and where all of the files used for it are on your drive, this aids in debugging. One problem that remains which I'm still trying to track down though is that banned files are counted twice per e-mail. As a guess I think the amavis-stats code counts the number of 'BLOCKED Banned' instances it finds, as when I run a grep on the amavis log file I find 2 instances of this tag for each banned file e-mail it comes across. There also appears to be a unique processing ID (I think) that amavisd adds to each line in the log as it processes an e-mail which I can see has the same ID for each Banned instance found so I know it's for the same e-mail. I'm running amavisd-new v2.2.0 with a log level of 2 so will look into tweaking it to see if I can remove the 2nd instance of this appearing, although I like seeing the additional info that loglevel 2 gives, which helps when I very occasionally troubleshoot scoring. I don't believe the log_level is the issue since I've run it using log level 5 and it doesn't get confused. mustangrestomods:/SourceCache root# cat /etc/amavisd.conf|grep log_level = $log_level = 2; # (defaults to 0) mustangrestomods:/SourceCache root# The version of amavisd I'm using is actually the Maia Mailgaurd modified version so maybe that is playing a part in this somewhere.. This might have something to do with it however, amavis-stats checks the processing ID to ensure that it's not counted more than once so I can't see how this could be a problem. Also looking at the page, I'm not sure it's really counting the same processing ID twice but since I'm not sure what affect the maia mods have on it, it may just be a re-injection that your seeing because the function that catches Blocked BANNED also catches Blocked INFECTED and it only caught this once. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavis-stats 0.1.20 problem - Is this the right place to ask?
Dale Walsh wrote: On Jan 19, 2006, at 03:54 , Stephen Carter wrote: One problem that remains which I'm still trying to track down though is that banned files are counted twice per e-mail. As a guess I think the amavis-stats code counts the number of 'BLOCKED Banned' instances it finds, as when I run a grep on the amavis log file I find 2 instances of this tag for each banned file e-mail it comes across. There also appears to be a unique processing ID (I think) that amavisd adds to each line in the log as it processes an e-mail which I can see has the same ID for each Banned instance found so I know it's for the same e-mail. I'm running amavisd-new v2.2.0 with a log level of 2 so will look into tweaking it to see if I can remove the 2nd instance of this appearing, although I like seeing the additional info that loglevel 2 gives, which helps when I very occasionally troubleshoot scoring. I don't believe the log_level is the issue since I've run it using log level 5 and it doesn't get confused. mustangrestomods:/SourceCache root# cat /etc/amavisd.conf|grep log_level = $log_level = 2; # (defaults to 0) mustangrestomods:/SourceCache root# Hi Dale Like I already wrote you before, this really seems to BE a problem, I'm running at 3. But it doesn't come up in lower levels (at least not in 0). Here is a problematic snip: BTW: There's a bug in the statistics if one uses a debug level greater than 0 For some viruses it then happens that it gets reported twice. once as VIRUS and once as BANNED That happens because amavisd-new spits out some intermediate results in debug levels 1 and more. This might look like this: Jan 6 09:31:13 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) Blocked INFECTED (Worm.SomeFool.Gen-2), [62.2.174.133] - [EMAIL PROTECTED], quarantine: virus/virus-20060106-093112-20255-06.gz, Message-ID: [EMAIL PROTECTED], mail_id: YmNLvRSucV83, Hits: -, 524 ms server:/var/log # grep Jan 6 09:31:1 amavis.log Jan 6 09:31:12 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) LMTP::10024 /var/spool/amavis/tmp/amavis-20060106T054228-20255: - [EMAIL PROTECTED] Received: SIZE=34169 from server.mindblow.ch ([127.0.0.1]) by localhost (www.mindblow.ch [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 20255-06 for [EMAIL PROTECTED]; Fri, 6 Jan 2006 09:31:12 +0100 (CET) Jan 6 09:31:12 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) Checking: YmNLvRSucV83 - [EMAIL PROTECTED] Jan 6 09:31:13 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) p.path BANNED:1 [EMAIL PROTECTED]: P=p005,L=1,M=multipart/report | P=p006,L=1/3,M=message/rfc822 | P=p007,L=1/3/1,M=multipart/mixed | P=p004,L=1/3/1/2,M=application/x-zip-compressed,T=zip,N=ps.zip | P=p008,L=1/3/1/2/1,T=exe,N=ps.rtf.scr, matching_key=(?i-xsm:\\.[^./]*[A-Za-z][^./]*\\.(exe|vbs|pif|lnk|scr|bat|cmd|com|cpl|dll)\\.?$) Jan 6 09:31:13 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) local delivery: - virus-quarantine, mbx=/var/spool/amavis/quarantine/virus/virus-20060106-093112-20255-06.gz Jan 6 09:31:13 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) Blocked INFECTED (Worm.SomeFool.Gen-2), [62.2.174.133] - [EMAIL PROTECTED], quarantine: virus/virus-20060106-093112-20255-06.gz, Message-ID: [EMAIL PROTECTED], mail_id: YmNLvRSucV83, Hits: -, 524 ms As far as I could find out, the p.path BANNED is just an intermediate information which should NOT be taken into account by the script.. ! Matt --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavis-stats 0.1.20 problem - Is this the right place to ask?
On Jan 19, 2006, at 15:45 , Matthias Keller wrote: Dale Walsh wrote: On Jan 19, 2006, at 03:54 , Stephen Carter wrote: One problem that remains which I'm still trying to track down though is that banned files are counted twice per e-mail. As a guess I think the amavis-stats code counts the number of 'BLOCKED Banned' instances it finds, as when I run a grep on the amavis log file I find 2 instances of this tag for each banned file e-mail it comes across. There also appears to be a unique processing ID (I think) that amavisd adds to each line in the log as it processes an e-mail which I can see has the same ID for each Banned instance found so I know it's for the same e-mail. I'm running amavisd-new v2.2.0 with a log level of 2 so will look into tweaking it to see if I can remove the 2nd instance of this appearing, although I like seeing the additional info that loglevel 2 gives, which helps when I very occasionally troubleshoot scoring. I don't believe the log_level is the issue since I've run it using log level 5 and it doesn't get confused. mustangrestomods:/SourceCache root# cat /etc/amavisd.conf|grep log_level = $log_level = 2; # (defaults to 0) mustangrestomods:/SourceCache root# Hi Dale Like I already wrote you before, this really seems to BE a problem, I'm running at 3. But it doesn't come up in lower levels (at least not in 0). I've upped the log level to 5 on 4 different version of darwin/ amavisd-new and I'm not experiencing any problems with double counting. I have darwin 7.9 using amavisd-new-2.2.0 unmodified and darwin 7.9 using amavisd-new-2.2.0 modified with the advanced header patch and then darwin 8.4 using amavisd-new 2.3.3 unmodified and then darwin 8.4 using amavisd-new 2.3.3 using the advanced header patch. It might be the maia modification made to the amavisd-new app that are causing the problems because I've been unable to duplicate it using a standard amavisd-new or amavisd-new with the advanced header patch. I've wrapped amavisd-new up in a configure/Makefile package that will build, configure amavisd-new and include options to build amavis- milter, apply the advanced header patch if you want it and applying an OS specific patch and includes OS specific startup items all in one shot making installation easier requiring less user edits to get amavisd-new up and running. I've tested the install method on a couple of different OS's besides darwin and have installed amavis-stats on redhat using my amavisd-new install package and it doesn't experience any double counting so all I can conclude is it has to be some patch that is applied to amavisd- new that is causing the problem. Here is a problematic snip: BTW: There's a bug in the statistics if one uses a debug level greater than 0 For some viruses it then happens that it gets reported twice. once as VIRUS and once as BANNED That happens because amavisd-new spits out some intermediate results in debug levels 1 and more. This might look like this: Jan 6 09:31:13 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) Blocked INFECTED (Worm.SomeFool.Gen-2), [62.2.174.133] - [EMAIL PROTECTED], quarantine: virus/ virus-20060106-093112-20255-06.gz, Message-ID: [EMAIL PROTECTED], mail_id: YmNLvRSucV83, Hits: -, 524 ms server:/var/log # grep Jan 6 09:31:1 amavis.log Jan 6 09:31:12 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) LMTP::10024 /var/spool/amavis/tmp/amavis-20060106T054228-20255: - [EMAIL PROTECTED] Received: SIZE=34169 from server.mindblow.ch ([127.0.0.1]) by localhost (www.mindblow.ch [127.0.0.1]) (amavisd- new, port 10024) with LMTP id 20255-06 for [EMAIL PROTECTED]; Fri, 6 Jan 2006 09:31:12 +0100 (CET) Jan 6 09:31:12 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) Checking: YmNLvRSucV83 - [EMAIL PROTECTED] Jan 6 09:31:13 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) p.path BANNED:1 [EMAIL PROTECTED]: P=p005,L=1,M=multipart/report | P=p006,L=1/3,M=message/rfc822 | P=p007,L=1/3/1,M=multipart/mixed | P=p004,L=1/3/1/2,M=application/x-zip-compressed,T=zip,N=ps.zip | P=p008,L=1/3/1/2/1,T=exe,N=ps.rtf.scr, matching_key=(?i-xsm:\\. [^./]*[A-Za-z][^./]*\\.(exe|vbs|pif|lnk|scr|bat|cmd|com|cpl|dll)\\.? $) Jan 6 09:31:13 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) local delivery: - virus-quarantine, mbx=/var/spool/amavis/ quarantine/virus/virus-20060106-093112-20255-06.gz Jan 6 09:31:13 www.mindblow.ch /usr/sbin/amavisd[20255]: (20255-06) Blocked INFECTED (Worm.SomeFool.Gen-2), [62.2.174.133] - [EMAIL PROTECTED], quarantine: virus/ virus-20060106-093112-20255-06.gz, Message-ID: [EMAIL PROTECTED], mail_id: YmNLvRSucV83, Hits: -, 524 ms As far as I could find out, the p.path BANNED is just an intermediate information which should NOT be taken into account by the script.. ! p.path BANNED is not counted as far as I can see and as I stated earlier, I've been able to
[AMaViS-user] Re: how to enforce message size restrictions for a single address?
Gary V wrote: Gregory wrote: Is it possible to enforce message size restrictions per recipient in amavisd-new and to bounce oversized messages? Regards, Gregory for version 2.2.0 or newer: http://marc.theaimsgroup.com/?l=amavis-userm=112800847403357w=2 Gary V Thanks Gary. Sorry it sounds like a FAQ, still there are some more questions: - is there any way to restrict it to less than 64 k? - Mark document recommends to set it up at MTA level - I couldn't find any hints how to do it in Postfix except for setting up a policy server, but that seems to be an overkill for such a task? Regards, Gregory --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] RE: Content_filter exceptions
Steve,
How large is your 'large'?
Well, 40MB in this case. And I am using the amavis-new variant from
Maia, so I didn't want to bug you guys ;)
It depends whether it is a general amavisd-new problem or
is specific to Maia. Is this based on amavisd-new-2.2 ?
But, since you asked...This is what the log looks like at level 5.
As you can see, spam filtering is being bypassed and we aren't hitting
any timeouts. Just seems to fall over.
Jan 18 14:29:55 spam amavis[8890]: (08890-01) ESMTP 354 End data with...
...
Jan 18 14:30:11 spam amavis[8890]: (08890-01) ESMTP .\\r\\n
Ok, 16 s to feed a message from MTA.
Jan 18 14:30:13 spam amavis[8890]: (08890-01) Issued a new file name:
p002
...
Jan 18 14:30:29 spam amavis[8890]: (08890-01) prolong_timer after
mime_decode-1: remaining time = 567 s
18 s for MIME decoding, acceptable for a 40 MB message.
Jan 18 14:30:29 spam amavis[8890]: (08890-01) prolong_timer after
parts_decode: remaining time = 567 s
Jan 18 14:30:53 spam amavis[8890]: (08890-01) at the END handler:
invoking DESTROY methods
Jan 18 14:30:53 spam amavis[8890]: (08890-01) Amavis::In::SMTP::DESTROY
called
Oops, what happened there? Something really bad, even eval {} could
not catch it. 24 seconds into the next section everything is aborted.
This happend before one of the:
do_log(3, Maia: [check_mail] Delivering oversized mail);
do_log(3, Maia: [check_mail] Bouncing oversized mail);
and since almost all tests are disabled because of $oversized is true,
that leaves us routines maia_autocreate_users() and maia_store_mail()
and thereabout.
Aha, look at sub maia_store_mail()...
my($fh) = $msginfo-mail_text;
$fh-seek(0,0) or die Can't rewind mail file: $!;
my(@lines) = $fh;
It slurps your whole 40 MB message right into memory!
I bet your swap space or virtual memory limit is too small to acomodate that.
(that wouldn't happen with amavisd-new, even when it is told to
quarantine the whole mail into SQL (later versions can do that),
it does it chunk-by-chunk, directly from a file)
Mark
---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Re: how to enforce message size restrictions for a single address?
Gregory wrote: Gary V wrote: Gregory wrote: Is it possible to enforce message size restrictions per recipient in amavisd-new and to bounce oversized messages? Regards, Gregory for version 2.2.0 or newer: http://marc.theaimsgroup.com/?l=amavis-userm=112800847403357w=2 Gary V Thanks Gary. Sorry it sounds like a FAQ, still there are some more questions: - is there any way to restrict it to less than 64 k? Not sure, maybe with a code hack. (Sorry for the lazy answer) - Mark document recommends to set it up at MTA level - I couldn't find any hints how to do it in Postfix except for setting up a policy server, but that seems to be an overkill for such a task? Regards, Gregory I have not tried it myself, but possibly with policyd. Follow this: http://marc.theaimsgroup.com/?l=postfix-usersm=111935433417623w=2 The basic problem is: http://marc.theaimsgroup.com/?l=postfix-usersm=112993289102883w=2 Gary V --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Re: how to enforce message size restrictions for a single address?
Gregory, - is there any way to restrict it to less than 64 k? You would need to modify the code and remove the 64 k clamp. Doing so would make amavisd-new non-RFC2821 -compliant.: RFC2821: 4.5.3.1 Size limits and minimums ... message content The maximum total length of a message content (including any message headers as well as the message body) MUST BE at least 64K octets. ... Mark --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] sql_select_white_black_list question...
Never mind. I was able to craft a sql query that solved my needs. is there any reason that ? only gets expanded once ? On Thu, 19 Jan 2006, Joseph W. Breu wrote: I am trying to execute the following query: set @rid=?; (select wb FROM cfu_email.amavis_wblist,cfu_email.amavis_mailaddr WHERE ([EMAIL PROTECTED]) AND (sid=cfu_email.amavis_mailaddr.id) AND (cfu_email.amavis_mailaddr.email IN (%k)) ORDER BY cfu_email.amavis_mailaddr.priority DESC) UNION (select w as wb from horde_config.turba_objects where horde_config.turba_objects.object_email in (%k) and horde_config.turba_objects.owner_id in (select email from cfu_email.users where id = @rid)) I need to query 2 database tables for information on whitelisting users that are found in a whitelist/blacklist table and also in an address book. Unfortunately, I can't get the id passed to the query twice (in this case, id=40). Is there a simpler way to accomplish this other than rebuilding the apps to store everything in a single table? -- Thanks, - Joseph W. Breu, CCNA phone : +1.319.268.5228 Senior Network Administratorfax : +1.319.266.8158 Cedar Falls Utilities cell : +1.319.493.1686 support: +1.319.268.5221 url : http://www.cfu.net --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: how to enforce message size restrictions for a single address?
Mark Martinec wrote: You would need to modify the code and remove the 64 k clamp. Doing so would make amavisd-new non-RFC2821 -compliant.: I see. It seems in amavisd-new implementation of @message_size_limit_maps only the final recipient after the substitution of aliases is taken into account. That is not so comfortable e.g. for mailman virtual domains. I have to specify [EMAIL PROTECTED] instead of [EMAIL PROTECTED], even all mail is sent to [EMAIL PROTECTED] Is it the way it is supposed to be, Mark? Regards, Gregory --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] sudden postfix/amavisd-new behaviour
Forgot to add: # telnet 127.0.0.1 10024 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 220 [127.0.0.1] ESMTP amavisd-new service ready # telnet 127.0.0.1 10025 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 220 mta1.domain.com ESMTP __ Find your next car at http://autos.yahoo.ca --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: How to CC a copy of spam notification to local admin?
Thanks to [EMAIL PROTECTED] for directing my attention to the $spam_admin configuration setting. Here's what I'm doing now: (1) I set $spam_admin to a suitable local admin address. (2) I set $sa_tag2_level_deflt, $sa_kill_level_deflt, and $sa_dsn_cutoff_level to 5. My understanding is that the above steps should cause any message with a spam score of 5 or higher to be quarantined and reported to the local admin -- but not delivered to the addressee, and not reported to the sending address. I then set up a Procmail rule to discard any spam notifi- cation with a score of 10 or higher. This means I'll see notices for anything with a spam score of at least 5 but less than 10 -- which will allow me to take action in case a legitimate message is false-positived, but without bothering me with cases of indisputable spam. (Is there any way, BTW, to tell amavisd not to bother sending a notice to $spam_admin if the spam score exceeds a given limit? Then I wouldn't have to suppress the high- scoring notices with Procmail.) The way I have things set up now, I won't send any bounce notices at all (because $sa_dsn_cutoff_level is the same as $sa_tag2_level_deflt and $sa_kill_level_deflt). I'll still be generating SMTP rejections, though, for mail to unknown local user names in my domain. Any comments welcome. Rich Wales Palo Alto, CA, USA [EMAIL PROTECTED] http://www.richw.org --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
