Re: [AMaViS-user] second release candidate: amavisd-new-2.4.2-rc2
On Tue, 20 Jun 2006, Mark Martinec wrote: The amavisd-new policy is to either deliver the mail, or to make sure the sender gets a non-delivery notification. For usual settings D_PASS or D_BOUNCE (or D_REJECT), and even these have their backscatter-reduction settings, such as @viruses_that_fake_sender_maps and $sa_dsn_cutoff_level. At this point, my question is: How can I configure amavisd-new to permanently disobey this policy? Use D_DISCARD Ok Mark, I'll try the following setup: $warnvirussender = 0; $warnvirusrecip = 1; $final_virus_destiny = D_DISCARD; Thanx, Alberto ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] spamassassin 3.1.3
Mark wrote: Mitja, I have upgraded spamassassin to 3.1.3 (from 3.0) and it also starts letting through a lot more spam... Amavisd-new is amavisd-new-2.4.1-2.el4.rf on RHEL4. Someone having same problem? See 'amavisd debug-sa' checking for any problems reported by SA, and verify that paths to rules directory and config files are correct (i.e. the same as reported by: su vscan -c 'spamassassin -t -D test.msg') Mark If after installing 3.1.3, you ran sa-update, as Mark mentioned in this thread: http://marc.theaimsgroup.com/?l=amavis-userm=115021769827128w=2 with amavisd-new a good solution is to use the --updatedir option with sa-update and point it to where your current rules are. Once you do that, I believe it may be a good idea (or possibly even necessary) to remove any subdirectories in /var/lib/spamassassin (if that directory exists - they should contain downloaded rules). Then test with debug-sa and verify all the rules are read from your default rules dir, and the updates_spamassassin_org subdirectory in that same directory: ... [6711] dbg: config: read file /usr/share/spamassassin/25_antivirus.cf ... [6711] dbg: config: using /usr/share/spamassassin/updates_spamassassin_org/25_antivirus.cf for included file [6711] dbg: config: read file /usr/share/spamassassin/updates_spamassassin_org/25_antivirus.cf ... To test 'config' only, I find it helpful to temporarily set: $sa_debug = '1,config'; in amavisd.conf and run 'amavisd debug' instead of 'amavisd debug-sa'. It limits the debug output. This link lists other 'channels' like 'config': http://wiki.apache.org/spamassassin/DebugChannels Using sa-update in this manner appears to work for me. YMMV Gary V All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnkkid=107521bid=248729dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Forwarding innocent e-mail to an e-mail address
I'm in the process of training a new anti-spam tool, and I've looked through the config file and searched the mailing list archives and haven't found an answer to this question. If it is there staring me in the face, please provide a link to the place I should be looking. :) I have found the places where I can put an e-mail address to which I want all spam forwarded to, but is there a place I can configure an e-mail address to which is sent all *innocent* mail? This would allow us to train our system based on our existing definitions of what is (not) spam. Thanks. j -- Joshua Kugler Lead System Admin -- Senior Programmer http://www.eeinternet.com PGP Key: http://pgp.mit.edu/ ID 0xDB26D7CE PO Box 80086 -- Fairbanks, AK 99708 -- Ph: 907-456-5581 Fax: 907-456-3111 All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnkkid=107521bid=248729dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Forwarding innocent e-mail to an e-mail address
Joshua, I'm in the process of training a new anti-spam tool, and I've looked through the config file and searched the mailing list archives and haven't found an answer to this question. If it is there staring me in the face, please provide a link to the place I should be looking. :) I have found the places where I can put an e-mail address to which I want all spam forwarded to, but is there a place I can configure an e-mail address to which is sent all *innocent* mail? This would allow us to train our system based on our existing definitions of what is (not) spam. Yes, with 2.4.1 you can do it: $mailfrom_to_quarantine = ''; # replace sender with null return path $clean_quarantine_method = 'local:clean/%m'; $clean_quarantine_to = '[EMAIL PROTECTED]'; # send to mbx instead of a file Mark All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnkkid=107521bid=248729dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Forwarding innocent e-mail to an e-mail address
On Wednesday 21 June 2006 15:38, Mark Martinec wrote: Is there a place I can configure an e-mail address to which is sent all *innocent* mail? Yes, with 2.4.1 you can do it: $mailfrom_to_quarantine = ''; # replace sender with null return path $clean_quarantine_method = 'local:clean/%m'; $clean_quarantine_to = '[EMAIL PROTECTED]'; # send to mbx instead of a file Hmm..thanks for the tip. Right now, we're running 2.2.1...and I not forsee an upgrade. :) I'll keep looking. j -- Joshua Kugler Lead System Admin -- Senior Programmer http://www.eeinternet.com PGP Key: http://pgp.mit.edu/ ID 0xDB26D7CE PO Box 80086 -- Fairbanks, AK 99708 -- Ph: 907-456-5581 Fax: 907-456-3111 All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnkkid=107521bid=248729dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Forwarding innocent e-mail to an e-mail address
Yes, with 2.4.1 you can do it: [...] Hmm..thanks for the tip. Right now, we're running 2.2.1...and I not forsee an upgrade. :) I'll keep looking. Perhaps you will be tempted by the automatic pen pals soft-whitelisting which 2.4.2 is bringing :) (favourizing replies to mail, based on previous correspondence) Mark All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnkkid=107521bid=248729dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] lookup_sql: Insecure dependency in parameter 1 of DBI::db=HASH()
Christer,
I've been using amavisd-2.1.2, and am now trying to upgrade to 2.4.1.
As far as I can tell, all my perl modules are up to date, and perl is
version 5.8.4.
I'm having trouble with tainted sql queries, though.
Jun 21 12:15:26 anubis.medic.chalmers.se amavis[20430]: [ID 702911
local7.info] (hxaW.N) sql: preparing and executing:
SELECT bypass_virus_checks,bypass_spam_checks,bypass_virus_checks AS
virus_lover,bypass_virus_checks AS bypass_banned_checks,bypass_virus_checks
AS banned_files_lover,policy_name,spam_tag_level,spam_kill_level,
spam_kill_level AS spam_tag2_level,uname AS id FROM users
WHERE uname IN (?,?,?,?)
Jun 21 12:15:26 anubis.medic.chalmers.se amavis[20430]: [ID 702911
local7.warning] (hxaW.N) (!) lookup_sql: Insecure dependency in parameter 1
of DBI::db=HASH(0x155ac5c)-prepare method call while running with -T switch
at (eval 36) line 136, GEN6 line 49., ,
@lookup_sql_dsn =
( ['DBI:mysql:database=sicconfd2:host=127.0.0.1',
'user', 'password']);
$sql_select_policy = 'SELECT ...
Hmm, looks fine. Somehow the $sql_select_policy clause ends up tainted.
Could you please see if the following change (workaround) makes a difference:
--- amavisd~Mon Jun 19 15:51:00 2006
+++ amavisd Thu Jun 22 02:22:33 2006
@@ -10091,9 +10091,11 @@
my($keys_ref,$rhs_ref) = make_query_keys($addr,0,$is_local);
my($n) = sprintf(%d,scalar(@$keys_ref)); # number of keys
- my(@pos_args); my(@extras_tmp) = !ref $extra_args ? () : @$extra_args;
+ my(@extras_tmp) = !ref $extra_args ? () : @$extra_args;
+ local($1); my(@pos_args); my($sel_taint) = substr($sel,0,0); # taintedness
$sel =~ s{ ( %k | \? ) } # substitute %k for keys and ? for each extra arg
- { push(@pos_args, map { untaint($_) }
- $1 eq '%k' ? @$keys_ref : shift @extras_tmp),
+ { push(@pos_args, $1 eq '%k' ? @$keys_ref : shift @extras_tmp),
$1 eq '%k' ? join(',', ('?') x $n) : '?' }gxe;
+ $sel = untaint($sel) . $sel_taint; # keep original clause taintedness
+ $_ = untaint($_) for @pos_args;# untaint arguments
ll(4) do_log(4,lookup_sql \%s\, query args: %s,
$addr, join(', ', map{\$_\} @pos_args) );
Mark
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnkkid=107521bid=248729dat=121642
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SpamAssassin and SQL
rocsca, I set up amavisd-new so that spamassassin keeps information collected by bayesian algorithm in a MySQL db. I don't understand how this works exactly. But I suppose that when spamassassin scans a mail message than: - it establishes a connection with the MySQL server - it queries or updates the database - it close connection. as many time it needs for a single messages. Not more than once for one message. So I get that mysql server works a lot with spamassassin and it consumes all CPU resources about all time. I haven't heard of it being a problem so far. Using SQL for Bayes is usually a great relief from previous use of bdb. There is a why for optmizing the resources (e.g.: saving the number of established connections, using persistent connection - like PHP permit to do..)? I don't think there exists a mechanism by which spamassassin could use a persistent connection to SQL for Bayes/AWL across several message. Perhaps some SQL proxy could be used, don't know if that is feasible. amavisd-new on the other hand uses persistent connection to SQL on its own SQL lookups and logging/quarantining to SQL, one connection per child process. PS: Can someone point me where I can I could read this information about the architecture of spamassassin so that I can improve the performance as I need? You should ask on the SA list. How many child processess are you running? Perhaps it's just that your SQL tables need to be OPTIMIZEd, or are missing good indexes. I see MySQL server using only a small fraction of the CPU and I/O on a system where amavisd+SA is running. Mark All the advantages of Linux Managed Hosting--Without the Cost and Risk! Fully trained technicians. The highest number of Red Hat certifications in the hosting industry. Fanatical Support. Click to learn more http://sel.as-us.falkag.net/sel?cmd=lnkkid=107521bid=248729dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
