[AMaViS-user] RBL Monitoring.
Is there any way to monitor my ips in RBLs. - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Faster purging of SQL logging database
On 6/15/07, Mark Martinec [EMAIL PROTECTED] wrote: The README.sql-pg in amavisd-new distribution suggests the following SQL clauses to purge old records from a database: DELETE FROM msgs WHERE time_iso now() - INTERVAL '3 weeks'; The script that does this on my amavis-setup had a convenient bug in it so that it refused to run, leading to no deletion, leading to a database larger than 4 gigabytes, leading to the above taking days. (I only let it run for 48 hours though before I started looking for more efficient methods.) The problem is the foreign key constraints on msgrcpt. I found a solution: * put/have a proxy in front of the amavis-server to queue mail * stop postfix+amavis on the amavis-server * rename msgrcpt to msgrcpt_old (alter table...) * record the grants and foreign key constraints somewhere, for instance via pg_dump(1) * make a new msgrcpt that lacks all foreign key constraints * make a temporary table of all new mail_id in msgs (flip the comparison) * copy from msgrcpt_old all fields with new mail_ids (insert with inner join with temp-table) * drop msgrcpt_old (and suddenly the db was two gigs smaller...) * THEN delete old msgs with the standard method * add foreign keys to the new msgrcpt * fix the grants * turn on amavis and postfix Voila, takes less than 30 minutes, including typing/pasting, on 3.4 million rows in msgs/4.2 million rows in msgrcpt which should be a small enough delay for most uses. Also, if on a 32-bit linux system, set SHMALL (sysctl(1)) to the amount of memory on the server and SHMMAX to at least a gigabyte provided you have more than a gig on the system. DELETE FROM msgs WHERE time_iso now() - INTERVAL '1 h' AND content IS NULL; This was only a few hundred messages so with an index on time_iso this was quick. DELETE FROM maddr WHERE id IN ( SELECT id FROM maddr LEFT JOIN ( SELECT sid AS id, 1 AS f FROM msgs UNION ALL SELECT rid AS id, 1 AS f FROM msgrcpt ) AS u USING(id) WHERE u.f IS NULL); I'd be interested in your experience before I update the documentation. DELETEs are expensive but SELECTs are quick. The cost (through EXPLAIN query) of the above for my data (after getting rid of old messages) was cost=1623113.61..1765429.58 rows=1664586 width=6. So instead, I used temporary tables to get a list of maddr.ids to delete, and the cost for the final delete was cost=86070.32..177104.67 rows=1247620 width=6, an order of magnitude less. As it says in the postgres-docs, what is speedy for a small db might not be speedy for a large one. It seems that for postgres, using temporary tables can pay in a big way. HM - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] False positive BANNED on message using charset GB2312
I think this message is just spam, and not something nefarious, but amavisd flagged it as BANNED due to an exe. Can anyone tell if this really was malware? X-Envelope-To: [EMAIL PROTECTED] X-Quarantine-ID: lGMnl3xEtzBg X-Amavis-Alert: BANNED, message contains part: text/plain,.exe X-Spam-Flag: YES X-Spam-Score: 32.294 X-Spam-Level: X-Spam-Status: Yes, score=32.294 tag=-99 tag2=4.5 kill=6.31 tests=[BODY_8BITS=1.5, BOTNET_BADDNS=0.01, BOTNET_CLIENT=0.01, BOTNET_CLIENTWORDS=0, BOTNET_IPINHOSTNAME=0, BOTNET_W=2, CHARSET_FARAWAY=3.2, CHARSET_FARAWAY_HEADER=3.2, DKIM_POLICY_SIGNSOME=0, L_P0F_UNKN=0.8, L_UNVERIFIED_YAHOO=2.5, MIME_CHARSET_FARAWAY=2.45, RAZOR2_CF_RANGE_51_100=0.5, RAZOR2_CF_RANGE_E4_51_100=1.5, RAZOR2_CHECK=0.5, RCVD_IN_BL_SPAMCOP_NET=2.188, RCVD_IN_PBL=0.509, RCVD_IN_SORBS_DUL=1.615, RCVD_IN_SORBS_WEB=1.117, RCVD_IN_XBL=2.896, RDNS_NONE=0.1, TVD_SPACE_RATIO=2.899, UNWANTED_LANGUAGE_BODY=2.8] X-Amavis-OS-Fingerprint: UNKNOWN [65535:49:1:52:M1440,N,W2,N,N,S:.:?:?], (link: IPv6/IPIP) Received: from sa.austinenergy.com ([127.0.0.1]) by localhost (sa.austinenergy.com [127.0.0.1]) (amavisd-new, port 10025) with LMTP id lGMnl3xEtzBg for [EMAIL PROTECTED]; Mon, 25 Jun 2007 22:36:18 -0500 (CDT) X-Greylist: from auto-whitelisted by SQLgrey-1.7.5 Received: from yahoo.com.cn (unknown [121.35.200.235]) by sa.austinenergy.com (Postfix) with ESMTP id 00852BFF for [EMAIL PROTECTED]; Mon, 25 Jun 2007 22:36:10 -0500 (CDT) From: =?GB2312?B?ysC8zbmry74=?= [EMAIL PROTECTED] Subject: =?GB2312?B?tPqh+r+qt6Kh+saxLw==?= To: [EMAIL PROTECTED] Content-Type: text/plain;charset=GB2312 Content-Transfer-Encoding: 8bit The file command does evaluate the text as executable: [EMAIL PROTECTED] ~]$ file foo2.txt foo2.txt: COM executable for DOS The content appears to be just text: a greeting, a paragraph, and an email for more information: [EMAIL PROTECTED] ~]$ cat -v foo2.txt M-8M-:M-TM-pM-HM-K/; M-NM-RM-KM-M-?M-IM-RM-TM-OM-rM-MM-bM-LM-aM-9M-)M-6M-`M-SM-`M-! M-6M-!M-!M-KM-0~~M-FM-1M-!M-!M-!M-7M-M-_M-LM-eM-SM-PM-#M-:M-IM-LM-RM-5 M-!M-M-9M-$M-RM-5M-!M-M-=M-(M-VM-~M-0M-2M-WM-0M-! M-M-FM-dM-KM-{M-7M-~M-NM-qM-!M-M-9M-cM-8M-fM-!M-M-WM-bM-AM-^ M-! M-M-2M-MM-RM-{M-6M-(M-6M-n M-!M- M-9M-zM-M-JM-:M-#M-TM-KM-! M-M-9M-zM-DM-ZM-TM-KM-JM-dM-5M-HM-7M-~M-FM-1M-5M-HM-! M-#M-FM-UM-MM-(M-KM-0~~M-FM-1M-OM-jM-OM-8M-KM-0M-BM-JM-?M-IM-8M-y M-M-]M-5M-XM-GM-xM-!M-M-PM-PM-RM-5M-!M-M-FM-1M-6M-nM-4M-sM-PM-! M-IM-LM-LM-8! M-NM-RM-KM-M-SM-kM-HM-+M-9M-zM-8M-wM-5M-XM-GM-xM-8M-wM-PM-PM-RM-5M-5M-DM-9M-+M-KM-M-SM-PM-7M-[EMAIL PROTECTED] M-AM-*M-OM-5M-5M-gM-;M-0: 13798217166 M-PM-mM-OM-HM-IM-z M-5M-gM-WM-SM-SM-JM-OM-d: [EMAIL PROTECTED] [EMAIL PROTECTED] ~]$ hexdump foo2.txt 000 bab8 f0d4 cbc8 3b2f 200a 2020 ce20 cbd2 010 bfbe d2c9 cfd4 cdf2 cce2 b9e1 b6a9 d3e0 020 a1e0 a1b6 cba1 7eb0 c67e a1b1 a1a1 beb7 030 ccdf d3e5 a3d0 c9ba d2cc 0ab5 a2a1 a4b9 040 b5d2 a2a1 a8bd fed6 b2b0 b0d7 a2a1 e4c6 050 fbcb feb7 f1ce a2a1 e3b9 e6b8 a2a1 e2d7 060 dec1 a120 b2a2 d2cd b6fb b6a8 20ee a2a1 070 b90a bcfa baca d4a3 a1cb b9a2 c4fa d4da 080 cacb b5e4 b7c8 7ea2 b1c6 c8b5 a3a1 d5c6 090 a8cd b0cb 7e7e b1c6 eacf b8cf b0cb cac2 0a0 c9bf f9b8 be0a b5dd c7d8 a1f8 d0a2 d2d0 0b0 a1b5 c6a2 b6b1 b4ee d0f3 c9a1 21b8 0c0 0a0a 2020 ce20 cbd2 d3be c8eb b9ab b8fa 0d0 b5f7 c7d8 b8f8 d0f7 d2d0 b5b5 b9c4 cbab 0e0 d3be b7d0 c6a2 d2b1 ceb5 c0f1 cdb4 a1f9 0f0 0aa3 c10a cfaa b5b5 bbe7 3ab0 3120 3733 100 3839 3132 3137 3636 2020 d020 cfed c9c8 110 0afa e7b5 d3d7 cad3 e4cf 203a 7578 6168 120 6669 6e65 3667 3838 3140 3632 632e 6d6f 130 2020 000a 133 -- Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX Austin Energy http://www.austinenergy.com - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] memory leak problem in version amavisd-new-2.4.3 (20060930)
Hi, I am currently using amavisd-new-2.3.1. While upgrading to version 2.4.3 , I started getting memory problem. I have not changed my old amavisd conf file which I am using with amavisd-new-2.3.1 . I have also tried to increase the log level of amavis to 5 but not found any error in maillog. Are there any memory related issues reported for this version amavisd-new-2.4.3 (20060930) ? I am using Red Hat Enterprise Linux ES release 4 (Nahant). Following is the output of top command : * 1. **Available **Memory before upgrading amavis* - top - 02:26:41 up 6 days, 15:13, 4 users, load average: 0.05, 0.16, 0.11 Tasks: 111 total, 1 running, 110 sleeping, 0 stopped, 0 zombie Cpu(s): 0.2% us, 0.1% sy, 0.0% ni, 99.8% id, 0.0% wa, 0.0% hi, 0.0% si Mem: 2075220k total, 1194740k used, *880480k free*,45140k buffers Swap: 1048568k total,64512k used, 984056k free, 403400k cached - *2. **Available** Memory after **upgrading amavis to 2.4.3 (after 3 hours)* - top - 05:38:55 up 6 days, 18:25, 4 users, load average: 0.17, 0.05, 0.01 Tasks: 108 total, 1 running, 107 sleeping, 0 stopped, 0 zombie Cpu(s): 0.8% us, 0.3% sy, 0.0% ni, 96.6% id, 2.1% wa, 0.1% hi, 0.1% si Mem: 2075220k total, 1783916k used, *291304k free*,49876k buffers Swap: 1048568k total,64504k used, 984064k free, 862464k cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 30679 amavis16 0 86492 74m 4948 S 0.0 3.7 0:16.58 amavisd 30682 amavis16 0 62076 51m 4948 S 3.0 2.5 0:16.00 amavisd 30685 amavis16 0 60760 49m 4944 S 0.0 2.5 0:07.40 amavisd 3276 root 16 0 509m 48m 15m S 0.0 2.4 43:59.04 ns-slapd 30678 amavis16 0 54208 43m 4952 S 0.0 2.1 0:10.68 amavisd 30686 amavis16 0 52700 41m 4944 S 0.0 2.1 0:03.15 amavisd 30687 amavis16 0 52452 41m 4948 S 0.0 2.1 0:03.89 amavisd 30684 amavis16 0 52396 41m 4944 S 0.0 2.0 0:02.75 amavisd 30645 amavis16 0 50912 39m 4816 S 0.0 2.0 0:00.38 amavisd 30680 amavis16 0 50912 39m 4816 S 0.0 2.0 0:00.00 amavisd 30681 amavis16 0 50912 39m 4816 S 0.0 2.0 0:00.00 amavisd 30683 amavis16 0 50912 39m 4816 S 0.0 2.0 0:00.00 amavisd Thanks, Prashant Dabre -- The sender of this email subscribes to Perimeter eSecurity's email anti-virus service. This email has been scanned for malicious code and is believed to be virus free. For more information on email security please visit: http://www.perimeterusa.com/email-defense-content.html This communication is confidential, intended only for the named recipient(s) above and may contain trade secrets or other information that is exempt from disclosure under applicable law. Any use, dissemination, distribution or copying of this communication by anyone other than the named recipient(s) is strictly prohibited. If you have received this communication in error, please delete the email and immediately notify our Command Center at 203-541-3444. Thanks - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] RBL Monitoring.
Hi Azfar Hashmi, Here is a simple perl script to do this :) #!/usr/bin/perl -w use strict; use Net::RBLClient; die Usage: $0 file or ip.add.re.ss ...\n unless scalar(@ARGV); my @target = (); foreach my $ip_list (@ARGV) { if ($ip_list =~ /$Net::RBLClient::ip_pat/o and not -f $ip_list) { push @target, $ip_list; } else { die '$ip_list' is not an ip address or filename\n unless -f $ip_list; open FD, $ip_list or die cannot open file '$ip_list': $!\n; while (FD) { chomp; next if /^#/; if (/$Net::RBLClient::ip_pat/o) { push @target, $; } } close FD; } } my @rblserver = qw( bl.spamcop.net zen.spamhaus.org cbl.abuseat.org dnsbl.njabl.org dnsbl.sorbs.net spam.dnsbl.sorbs.net dynablock.njabl.org list.dsbl.org multihop.dsbl.org relays.ordb.org unconfirmed.dsbl.org blackholes.mail-abuse.org rbl.softworking.com ); my $rblclient = Net::RBLClient-new( lists = [EMAIL PROTECTED], query_txt = 0, server = '127.0.0.1' # DNS server ); # check my $result = {}; foreach my $ip (@target) { print checking $ip ...\n; $rblclient-lookup($ip); my %listed_hash = $rblclient-listed_hash(); if (scalar keys %listed_hash) { foreach my $rbl (keys %listed_hash) { print \t$rbl; $result-{$rbl}-{$ip} = $listed_hash{$rbl}; $result-{$rbl}-{$ip} =~ s/^\s*|\s*$//g; } } } # build report my $text = ''; foreach my $rbl (keys %$result) { $text .= $rbl\n; foreach my $ip (keys %{$result-{$rbl}}) { #$text .= sprintf(%-28s %-20s %16s\n, $name, $ip, $result-{$rbl}-{$ip}); $text .= \t$ip\n; } $text .= \n; } ... send the result to your email or save as html to view with browser ... Azfar Hashmi wrote: Is there any way to monitor my ips in RBLs. - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ -- Xueron Nee [EMAIL PROTECTED] - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] False positive BANNED on message using charset GB2312
At 11:19 AM 6/26/2007, Daniel J McDonald wrote: I think this message is just spam, and not something nefarious, but amavisd flagged it as BANNED due to an exe. Can anyone tell if this really was malware? X-Envelope-To: [EMAIL PROTECTED] X-Quarantine-ID: lGMnl3xEtzBg X-Amavis-Alert: BANNED, message contains part: text/plain,.exe ... The file command does evaluate the text as executable: [EMAIL PROTECTED] ~]$ file foo2.txt foo2.txt: COM executable for DOS *probably* just a false-positive of file(1) matching on the funny character set. -- Noel Jones - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] memory leak problem in version amavisd-new-2.4.3 (20060930)
Prashant Dabre, I am currently using amavisd-new-2.3.1. While upgrading to version 2.4.3 Why would one want to 'upgrade' to a nine months old version? I have not changed my old amavisd conf file which I am using with amavisd-new-2.3.1 . Ok. I started getting memory problem. I have also tried to increase the log level of amavis to 5 but not found any error in maillog. Are there any memory related issues reported for this version amavisd-new-2.4.3 (20060930) ? Not that I would know. I am using Red Hat Enterprise Linux ES release 4 (Nahant). Following is the output of top command : This doesn't tell much. The output of ps would be more informative. PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 30679 amavis16 0 86492 74m 4948 S 0.0 3.7 0:16.58 amavisd Ok, and what was the VIRT/RES/SHR with previous version? 50-90 MB of virtual memory per process looks pretty much normal. Have you kept the number of child processes the same? Mark - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] False positive BANNED on message using charset GB2312
Daniel, I think this message is just spam, and not something nefarious, but amavisd flagged it as BANNED due to an exe. Can anyone tell if this really was malware? The file command does evaluate the text as executable: [EMAIL PROTECTED] ~]$ file foo2.txt foo2.txt: COM executable for DOS Noel Jones writes: *probably* just a false-positive of file(1) matching on the funny character set. Indeed. A misclassification by file(1). Interestingly an older version (4.12) of file(1) classifies it as 'ISO-8859 text', which is fine. The following patch to amavisd (or to amavisd.conf if you have an assignment to $map_full_type_to_short_type_re there, overriding the default), maps 'COM executable for DOS' to 'asc', which is a form of a plain text. --- amavisd~Fri Jun 22 17:50:51 2007 +++ amavisd Tue Jun 26 20:31:58 2007 @@ -1038,2 +1038,3 @@ [qr/\bexecutable for MS Windows\b/ = ['exe','exe-ms'] ], +[qr/^COM executable for DOS\b/ = 'asc'], # misclassified? [qr/^(MS-)?DOS executable\b(?!.*\(COM\))/ = ['exe','exe-ms'] ], Mark - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis/SA configured but not processing mail
On Monday 25 June 2007 19:31, Mike Cappella wrote: But I don't see any headers added to the messages. I used http://wiki.apache.org/spamassassin/IntegratedInPostfixWithAma vis to help me with my setup. Can someone point me to something I might be missing? Have you verified that spamassassin is actually being called for the mail in question? That's what I'm trying to do. In reply to another e-mail, I have these lines in my config file: $X_HEADER_TAG = 'X-Virus-Scanned'; $X_HEADER_LINE = $myproduct_name $myversion_id ($myversion_date) at $mydomain; I have looked through the config file, and I haven't found anything that enables spamassassin, so I don't really know if it is being called. I guess my question is not so much about headers as how do I tell Amavis to pass the message through Spamassassin, because so far I haven't found the config switch to do so. amavis does not use spamd; you do not need to run it. It loads the Mail::SpamAssassin modules upon startup. Cool. j -- Joshua Kugler Lead System Admin -- Senior Programmer http://www.eeinternet.com PGP Key: http://pgp.mit.edu/ ID 0xDB26D7CE PO Box 80086 -- Fairbanks, AK 99708 -- Ph: 907-456-5581 Fax: 907-456-3111 - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] RBL Monitoring.
Xueron Nee wrote: Hi Azfar Hashmi, Here is a simple perl script to do this :) #!/usr/bin/perl -w [snip] a less sofisticated shell version: #!/bin/sh ip_list=`grep -v ^# /path/to/ips` rbl_zones=`grep -v ^# /path/to/rbls` check_ip() { ip=$1 zone=$2 rev_ip=`echo $ip | awk -F. '{print $4 . $3 . $2 . $1}'` host $rev_ip.$zone | grep -m 1 has address } for ip in $ip_list; do for zone in $rbl_zones; do check_ip $ip $zone done done - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis/SA configured but not processing mail
Gary wrote: The next question would be - are you sending mail to amavisd-new at all? What MTA are you using? Also, don't test by sending mail from the local machine using sendmail or similar. Send from an external client via SMTP. Gary V - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis/SA configured but not processing mail
On Tuesday 26 June 2007 14:29, Gary V wrote: Joshua wrote: Have you verified that spamassassin is actually being called for the mail in question? That's what I'm trying to do. In reply to another e-mail, I have these lines in my config file: $X_HEADER_TAG = 'X-Virus-Scanned'; $X_HEADER_LINE = $myproduct_name $myversion_id ($myversion_date) at $mydomain; I have looked through the config file, and I haven't found anything that enables spamassassin, so I don't really know if it is being called. I guess my question is not so much about headers as how do I tell Amavis to pass the message through Spamassassin, because so far I haven't found the config switch to do so. Look for: # @bypass_virus_checks_maps = (1); # uncomment to DISABLE anti-virus code # @bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code If you want to use SA, make sure you do NOT bypass spam_checks. In other words, @bypass_spam_checks* should be commented out. The next question would be - are you sending mail to amavisd-new at all? What MTA are you using? Virus is un-commented, bypass_spam is commented (all occurrences I could find). Here are the headers added to the mail once it hits the server (mail.example.com, to protect the innocent :) ). Received: from localhost (localhost [127.0.0.1]) by mail.example.com (Postfix) with ESMTP id B554B17C06E for [EMAIL PROTECTED]; Tue, 26 Jun 2007 12:31:39 -0800 (AKDT) Received: from mail.example.com ([127.0.0.1]) by localhost (mail.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20201-01 for [EMAIL PROTECTED]; Tue, 26 Jun 2007 12:31:39 -0800 (AKDT) Received: from anotherhost.net (anotherhost.net [ip.ad.dre.ss]) by mail.example.com (Postfix) with ESMTP id 794C417C06B for [EMAIL PROTECTED]; Tue, 26 Jun 2007 12:31:39 -0800 (AKDT) I'm using Postfix, and amavisd-new as a content filter. Postfix passes it to Amavis, and then get's it back on port 10025. I know it's something simple, but I'm not seeing it. j -- Joshua Kugler Lead System Admin -- Senior Programmer http://www.eeinternet.com PGP Key: http://pgp.mit.edu/ ID 0xDB26D7CE PO Box 80086 -- Fairbanks, AK 99708 -- Ph: 907-456-5581 Fax: 907-456-3111 - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Faster purging of SQL logging database
HM, The problem is the foreign key constraints on msgrcpt. I found a solution: ... Voila, takes less than 30 minutes, including typing/pasting, on 3.4 million rows in msgs/4.2 million rows in msgrcpt which should be a small enough delay for most uses. Thanks, useful for purging majority of records. Perhaps using old style deletion when ON DELETE CASCADE constraint was not yet suggested could give similar results (README.sql-mysql): -- (optional) just in case the ON DELETE CASCADE did not do its job, we may -- explicitly delete orphaned records (with no corresponding msgs entry); -- if ON DELETE CASCADE did work, there should be no deletions at this step DELETE FROM quarantine WHERE NOT EXISTS (SELECT 1 FROM msgs WHERE mail_id=quarantine.mail_id); DELETE FROM msgrcpt WHERE NOT EXISTS (SELECT 1 FROM msgs WHERE mail_id=msgrcpt.mail_id); DELETE FROM maddr WHERE id IN ( SELECT id FROM maddr LEFT JOIN ( SELECT sid AS id, 1 AS f FROM msgs UNION ALL SELECT rid AS id, 1 AS f FROM msgrcpt ) AS u USING(id) WHERE u.f IS NULL); I'd be interested in your experience before I update the documentation. DELETEs are expensive but SELECTs are quick. The cost (through EXPLAIN query) of the above for my data (after getting rid of old messages) was cost=1623113.61..1765429.58 rows=1664586 width=6. So instead, I used temporary tables to get a list of maddr.ids to delete, and the cost for the final delete was cost=86070.32..177104.67 rows=1247620 width=6, an order of magnitude less. As it says in the postgres-docs, what is speedy for a small db might not be speedy for a large one. It seems that for postgres, using temporary tables can pay in a big way. I don't know. Trying the CREATE TEMPORARY TABLE AS, followed by a DELETE took about the same time as combining both in the same statement. Building a table of maddr id-s to be purged took majority of time (on frequent deletes where deletion does not remove lots of records): CREATE TEMPORARY TABLE unused AS ( SELECT id FROM maddr LEFT JOIN ( SELECT sid AS id, 1 AS f FROM msgs UNION ALL SELECT rid AS id, 1 AS f FROM msgrcpt) AS u USING(id) WHERE u.f IS NULL); DELETE FROM maddr WHERE id IN (SELECT * FROM unused); Perhaps you had something else in mind? Btw, both statements should probably be combined in a transaction if amavisd is left running during purging. Mark - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis/SA configured but not processing mail
Joshua wrote: Virus is un-commented, bypass_spam is commented (all occurrences I could find). Here are the headers added to the mail once it hits the server (mail.example.com, to protect the innocent :) ). Received: from localhost (localhost [127.0.0.1]) by mail.example.com (Postfix) with ESMTP id B554B17C06E for [EMAIL PROTECTED]; Tue, 26 Jun 2007 12:31:39 -0800 (AKDT) Received: from mail.example.com ([127.0.0.1]) by localhost (mail.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20201-01 for [EMAIL PROTECTED]; Tue, 26 Jun 2007 12:31:39 -0800 (AKDT) Received: from anotherhost.net (anotherhost.net [ip.ad.dre.ss]) by mail.example.com (Postfix) with ESMTP id 794C417C06B for [EMAIL PROTECTED]; Tue, 26 Jun 2007 12:31:39 -0800 (AKDT) I'm using Postfix, and amavisd-new as a content filter. Postfix passes it to Amavis, and then get's it back on port 10025. I know it's something simple, but I'm not seeing it. j You won't see X-Virus-Scanned unless you are doing virus scans, but that is another matter. With $sa_tag_level_deflt = -999; and @local_domains_maps = ( [ .example.com ] ); and spam checks are not bypassed, it should work. Is there another server downstream removing X-Spam headers? At this point you probably are going to have to raise $log_level to 5 long enough for a message to go through. Alternately, you can send yourself a message with your sender address in @debug_sender_maps: # If sender matches ACL, turn debugging fully up, just for this one message @debug_sender_maps = ( ['[EMAIL PROTECTED]'] ); In your log look for something like: Jun 26 20:07:19 sfa amavis[4225]: (04225-01) headers CLUSTERING: NEW CLUSTER [EMAIL PROTECTED]: score=-0.155, tag=1, tag2=0, local=1, bl=, s=, mangle= I then get: ... header: X-Virus-Scanned: Debian amavisd-new at example.com\n ... header: X-Spam-Flag: NO\n ... header: X-Spam-Score: -0.155\n ... header: X-Spam-Level: \n ... header: X-Spam-Status: No, score=-0.155 required=8 tests=[ALL_TRUSTED=-1.44,\n\tMISSING_SUBJECT=1.285]\n (I mess with ALL_TRUSTED when testing) maybe something like this to narrow it down: grep header /var/log/maillog Gary V - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis/SA configured but not processing mail
Gary wrote: With $sa_tag_level_deflt = -999; and @local_domains_maps = ( [ .example.com ] ); and spam checks are not bypassed, it should work. Is there another server downstream removing X-Spam headers? Are you using SQL or LDAP and the recipient's spam_tag_level is observed instead of the static $sa_tag_level_deflt? Gary V - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/