Re: [AMaViS-user] amavisd-new detects bad headers in S/MIME signed mails
Sorry guys, after several hours staring at the problem, I just found the problem: --8BFB1D6001F9748054F2C3412980690B Just a simple test e-mail. --8BFB1D6001F9748054F2C3412980690B Due to the empty line at the end, the original text is interpreted as email header and in this case, amavis is right, the header is bad... fs - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] how do i implement dspam selectively for particular users
Hi, wpc schrieb: Thanks for your reply, could you kindly send me this patch i'll be gratefull. Some old versions of my patches (against 2.4.0pre??) can be found in http://www.felix-schwarz.name/files/opensource/amavisd-new/ Please not that I do recommend using them on a production system yet. I will update these patches as soon my current project is released (at the end of February). If Possible please kindly send me your configuration for postfix/amavis/dspam/SA on relay server. Sorry, my configuration is somewhat complex so I can't help you with that. Furthermore I'm using exim and know next to nothing about postfix. How to configure dspam as a scanner for amavisd-new is described in the patches (always at the top). I do not explain more here because I think that you should be able to get a basic understand by reading the patches. I you don't feel comfortable with that, I don't think you should use these patches - they were released early and have several rough edges which you should be aware/able to fix yourself. No offense meant but I don't want anyone loosing mails due to my patches and accusing my of releasing buggy software. -- Felix - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis slowing down mail delivery almost to a halt
Eric Yellin schrieb: Almost 2 minutes between entries... DSPAM is taking way too long to process. How can I find out what exactly is causing this slowness? Which version of DSPAM do you use? Which database backend? (if MySQL: which engine?) Do you execute some maintainance operations on the DSPAM database regularly? The signature table can grow to enormous sizes if you don't. For debugging, I suggest piping a mail through dspam on the command line and look how long it takes to process it. The command should look something like (just from memory, no guarantees!): dspam --process --stdout and some switches for the user name etc. After that you could temporarily disable dspam in amavisd-new and enable dspam debug logging to get more hints what is wrong. fs - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] how do i implement dspam selectively for particular users
wpc schrieb: i would like a test setup of the dspam filter on my production server that only sends mail through dspam from some particular users participating in the testing exercise while the rest of the users remain on the current setup with SA. I think that is not possible with the current amavisd-new. I have some patches for amavisd-new/DSPAM integration which makes it possible to use a spam scanner based on the recipient's address. However that won't give you the current DSPAM/SpamAssassin integration, my patches are only for using DSPAM side-by-side with the current SpamAssassin/DSPAM combination. fs - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] dspam + amavis question
Thomas Lau schrieb: hey all, I am using dspam + amavis, but I realize that no matter what I do to config signature location, it still appear on the email header but not the email message itself, anyone know how to resolve this ? Thanks. The SA+DSPAM integration in amavisd-new has some weaknesses as it uses only one global user and the signature is never embedded in the mail body. I have some patches to make dspam a first class citizen in amavisd-new (posted to the ml in Jan/Feb 06). These are not complete/considered production ready but I will use them on a small mail server this month/January 07 and expect to find some remaining bugs. After this testing, I will try to get some of the additional infrastructure code merged into mainline so that my patch size is reduced considerably. fs - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] dspam + amavis question
Thomas Lau schrieb: do you have a retrain script which could allow dspam train with the message even the signature isn't on the message body ? I thought that dspam would recognize a signature in the message header. If not, you probably should ask at the dspam mailing list. Unfortunately, my setup is a bit more complex so I don't have retrain scripts that can be used separately. fs - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] dspam + amavis
[EMAIL PROTECTED] schrieb: does anyone using amavis + dspam ? I am wondering if it's possible to use individual spam filtering rather than goes into amavis default account ? Thanks I have some patches to make dspam a first class citizen in amavisd-new (posted to the ml in Jan/Feb 06). These are not complete/considered production ready but I will use them on a small mail server this month/January 07 and expect to find some remaining bugs. After this testing, I will try to get some of the additional infrastructure code merged into mainline so that my patch size is reduced considerably. If you like to test patches, you're welcome. fs - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] howto integrate dspam into amavisd-new?
Heinz Ulrich Stille wrote: My only (small) gripe against dspam is that it insists on delivering one message to each receiver separately (via LMTP) instead of handing it over to the next filter step as is. It depends on the parameters used to call DSPAM. If you are using --stdout, DSPAM won't deliver anything but prints the message to stdout. Which gets me back to the original question of integrating dspam into amavisd: Don't - I at least prefer to know what dspam is doing, so I run it as a separate LMTP server. For developers there is another option: Use my experimental DSPAM patches for amavisd-new. With these, you can DSPAM and disable SpamAssassin in amavisd-new. It uses the stdout option so no delivery under the hood will happen. But beware: there are some bugs left in, the current implementation is only alpha and multiple recipients with different DSPAM profiles (which requires multiple messages for the output) are not implemented yet. fs - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] howto integrate dspam into amavisd-new?
Henrik Krohns wrote: Any system that requires feedback from the users is flaved IMO. I'm sure our workers have better things to do than train bayes. We just use a global autolearning database, and in our case it works even better as we don't communicate in english. IMHO this is a weak argument: A system that does not adapt to your habbits and relies on regularly updated rules from third parties may be considered as broken, too. Of course, training efforts should be minimized. With DSPAM and some shared profiles, you can get very good results without much work for the employees. Finally: No flame intended, just my opinion. The main point is that SpamAssassin bayes has very small part in scoring (atleast in our setup). Probably 90% of spam is catched with DNSBLs and other rules (gotta love FuzzyOcr!), only few messages are helped with the extra bayes score. Our hit/kill level is as high as 10, and vast majority of the spam has score of 20+. Maybe its just me, but SpamAssassin only works for me. If I would use SpamAssassin, I would still get ~5-10 spam messages per day. With DSPAM, I only get 1-3 per week (currently, I get ~2500 spam messages per week). The only thing I would like to see implemented in DSPAM is a some kind of OCR. fs - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavis fail when search dspam
Hi, System User schrieb: for amavis find dspam only is necesary which dpam has permision r-x--s--- but, amabis not found dspam, for amavis can find dspam I set permision to r-xr-xr-x Isn't necesary read permision for execute stat for a file, why not found dspam? Can you rephrase your question please? I do not understand what your problem exactly is. To use DSPAM from amavis, the amavis user must have access to the dspam binary (execute permission) and (I guess) the amavis user should be trusted by DSPAM (dspam.conf). -- Felix - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavisd-new, spamassassin and sendmail milter
Lucio Chiappetti schrieb: This is a shorter request for clarification (see previous longer post for details) about our attempt to replace our pure sendmail with DNSBL filtering policy with one based on sendmail 8.13.1, amavisd-new-2.1.2 in the milter configuration and spamassassin (spamd ??) 3.0.4 Why don't you use a newer version of amavisd-new? QUESTION 0) is spamd necessary ? Shall we run spamd or not ? No (unless amavisd-new/milter is completely different). spamd is used to eliminate the overhead of starting the spamassassin command line tool. amavisd-new uses the SpamAssassin modules directly and therefore does not use spamd. QUESTION 3) Hits: - in syslog We see in the mail log some amavis Passed CLEAN entries which have a non-numeric spamassassin score (Hits: -). Is this related to $sa_timeout ? Should we raise this timeout to a value higher than default ? Will it be honoured in milter configuration ? I think Hits: - means that the spam scan did not run or did not complete successfully. Either you got a SpamAssassin timeout (which is noted in the logs IIRC) or you disabled spam scanning for that recipient. -- Felix ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: Add extra header to tagged mails
Hi Torbjorn, Torbjorn Soderberg wrote: So, when a email has reached tag2 level and the subject is rewrite (according to my config) I also would like to add a header or footer with a link to a FAQ document that describes the spam situation on the internet. When I read your subject line, I thought that this would be an easy task but after reading your explanation I don't think this is that easy because actually you don't want to modify the email header but the message body. Modifying message bodies is a complex and difficult task if you want to get it right (handle all possible MIME encodings). Is this possible without doing any major changes to the amavid perl file? I would be relatively easy if you have a perl module that takes a message and adds your text to this message. But you will be required to patch amavisd-new nevertheless. -- Felix --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] working prototype for Amavis::SpamControl::DSPAM
Hi all, I just wanted to let you know that I have a working prototype for a new spamscanner for amavisd-new called Amavis::SpamControl::DSPAM. Main features: - Chooses the DSPAM user based on the recipients (but can be configured to use the same user all the time). - Adds a DSPAM signature to the body - allows easy retraining. - Get rid of SpamAssassin - save RAM. BEWARE: Do not use this module on production machines! I do not either. Please read the comments at the top of my patches. Currently there are several (severe!) limitations. I don't think these patches should be integrated into amavisd-new yet. Please provide some feedback regarding the overall approach and code quality/coding style. Additions to my patches will be helpful, too :-) I split the work into five peaces: http://www.felix-schwarz.name/files/opensource/amavisd-new/06_remove_linefeed.patch http://www.felix-schwarz.name/files/opensource/amavisd-new/07_multiple_scanners_parallel_infrastructure.patch http://www.felix-schwarz.name/files/opensource/amavisd-new/08_spamassassin_becomes_optional.patch http://www.felix-schwarz.name/files/opensource/amavisd-new/09_dummy_dspam_module.patch http://www.felix-schwarz.name/files/opensource/amavisd-new/10_dspam_functional.patch PS: I hope the patches are okay, had some issues while recreating them this evening. -- Felix --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: Performance issue
Ilja Marchew wrote: hmm, it's strange. SA check gets all the time, but spamd process doesn't. (...) What is spamd used for? it's spamassassin daemon. amavisd-new does not use spamd. It integrates SpamAssassin as a library. There is no point in using spamd when using amavisd-new at the same time. -- Felix --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: run_command and command line parameter splitting
Hi, [EMAIL PROTECTED] wrote: I have a problem while writing my dspam plugin for amavis. In order to check the current mail I do the following: my($dspam_arguments) = '--mode=toe --user amavis --deliver=spam,innocent --process --stdout '; my($proc_fh,$pid) = run_command(''.$fh-fileno, 1, $self-{'dspam'}, $dspam_arguments); Debug logging in run_command tells me that this command is run: /usr/local/bin/dspam --mode=toe --user amavis --deliver=spam,innocent --process --stdout 9 21 You want a list. Thank you very much. Problem fixed :-) -- Felix --- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] run_command and command line parameter splitting
Hi all, I have a problem while writing my dspam plugin for amavis. In order to check the current mail I do the following: my($dspam_arguments) = '--mode=toe --user amavis --deliver=spam,innocent --process --stdout '; my($proc_fh,$pid) = run_command(''.$fh-fileno, 1, $self-{'dspam'}, $dspam_arguments); Debug logging in run_command tells me that this command is run: /usr/local/bin/dspam --mode=toe --user amavis --deliver=spam,innocent --process --stdout 9 21 Unfortunately, DSPAM fails immediately: Invalid training mode specified Unable to determine the destination user Running the command above (both as root and user amavis) works fine. As you can see, both the mode and the user ARE specified on the command line. Therefore I modified dspam.c (DSPAM 3.6.4) : - int main (int argc, char *argv[]) { int i; printf(START\n); for (i=0; iargc; i++) { printf(%s\n, argv[i]); } printf(END\n); - Now there is some interesting additional output: START /usr/local/bin/dspam --mode=toe --user amavis --deliver=spam,innocent --process --stdout END Note the additional whitespace at the beginning and the end of --mode This is quite unusual. I would expect that the command line is being split automatically by the C library and this may indeed be the reason why DSPAM fails. A simple Python script which just prints the contents of sys.argv, gives the same results as DSPAM. On the contrary, a normal invocation of DSPAM (where it does not report any errors) gives me: START /usr/local/bin/dspam --mode=toe --user amavis --deliver=spam,innocent --process --stdout END Does anybody know what may cause this behavior? Does it have anything to do with the way, I am using run_command? I am using amavisd-new 2.4.0-pre7, DSPAM 3.6.4 and Perl 5.8.5 on CentOS 4.3 (in a VMWare Workstation, Host OS Fedora Core 5). Thank you very much for your time! Any help highly appreciated! fs --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: Scheme of amavisd
Oliver, Oliver Geisen wrote: is there a graphical scheme available for amavisd ? One which shows the internal structure (flow) and it's interacting components. Or can anyone explain the internal modular structure so i can draw one myself ? I find amavisd's internals are poorly documented, or i've just not found/search for the good docs... I wrote a short overview regarding the spam filter API and I'm in the process of writing something about the dynamic package loader of amavisd. I don't there is other design documentation. -- Felix --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: perl Digest::MD5 version requirement
Henrik Krohns wrote: Maybe this is a bit offtopic, but why does everyone insist on using RPM/DEB whatever packages for everything? In my humble opinion, amavisd-new/spamassassin is much easier to handle when you compile own perl instance to /usr/local/perl. You can update it or your system as much as you want, and you know they wont break each other. I've never had any problems this way. For me it is /way/ faster using yum install (including dependency resolution!) than installing everything by hand. Second, upgrading is easier (yum update) if the packager did his/her job well. And since most packagers know the software much better than I do (which is the case for 99,9% of all programs), they will prevent me from doing anything bad. I don't have to monitor all the lists to be notified when a security hole appears, I just do regular yum updates. Third, when using CentOS/RHEL I get security updates for several years (RHEL: 7 years). Just being able to update my system in order to be secure saves so much time! Of course this is point is not valid for software from repositories such as DAG, Dries etc. as they don't have the resources to backport all fixes and do thorough quality assurance but I can stay with my version of Perl for example. Using RPMs as much as possible means that I only have to care about five custom software packages for my servers (custom Exim, DSPAM, Bacula with special options, my own web application and soon amavisd-new because I need DSPAM-integration). And even this software is packaged with RPM as this eases quality assurance for me (the version/configuration installed on the servers is the same as I had on my test system - less possibilities to forgot one or two commands which may cause errors later). Oh, and last but not least RPMs ease automatic software distribution between several machines (private repository with the latest validated software versions), clients just do yum -y update so they are always up to date. -- Felix --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: perl Digest::MD5 version requirement
Henrik Krohns wrote: Second, upgrading is easier (yum update) if the packager did his/her job well. And since most packagers know the software much better than I do (which is the case for 99,9% of all programs), they will prevent me from doing anything bad. Thats a bit of a stretch. You need to know the software to do your job properly. I could never trust packagers decisions on essential packages, there might be configs or compile options I do not want. Thats why I have test systems, where a config is being validated. If you are unsure, just take a look at the spec file. This is still faster than becoming a packaging expert for every software you are using... I don't have to monitor all the lists to be notified when a security hole appears, I just do regular yum updates. I think I would not hire anyone for security position, who didn't want to know about current security issues.. Although (from a formal point of view) your statement can be seen as totally unrelated to my text cited above, I want to put something straigt: I am interested in security! But I don't think anyone can read ALL the relevant mailing lists for all packages installed (more than 350 on an average server of mine, resulting in 100-150 mailing lists(?)). Thats why I am monitoring just 3-4 critical lists and the general security mailing list of the distributions I am using. Maybe my first statement was a bit unclear in this respect... :-) But this is getting very ot, so end of thread for me. -- Felix --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Advanced Rule...
Hi Dustin, Dustin Humm wrote: We protect roughly 25 domains with postfix/amavis/spamassassin. All of these domains need to be able to talk to one another. Although we are using this system for incoming mail only, we, obviously, need to allow communication between the domains that we protect. What we are running into is a situation where spammers send an email destined for DOMAIN.COM and use DOMAIN.COM as the (spoofed) sender address. This hits our whitelist, etc. and is inevitably passed through the system... If I understood your problem correctly, the problem are spoofed senders. I think you should look into SPF and similar techniques and do not accept mail from your domains which do not come from one of your mail servers. This is imho more a MTA configuration thing. As I said, I've tried to accomplish this using meta rules in SA, but have not had any (good) luck... I think, a SA rule should work, too. Can you explain your problems with that in more detail please? (Although I think SPF is the better way to approach your problem.) -- Felix --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: Per-user subject blacklisting
Hi Richard, Richard Bishop schrieb: Has anybody else considered such a system? Any advice on how to go about implementing it? Any general comments? I think you are hit by some of the disadvantages of SpamAssassin (many rules to maintain, most of the times it is not easy adding user specific rules). This is one of the reason why I am implementing a DSPAM plugin for amavisd-new and extending amavisd-new with the ability to choose a spam filter per user. With DSPAM you would have just different user profiles for customers and the best thing is that you don't have to evaluate which words will not appear in legimate email but just train DSPAM it will learn what you consider as ham/spam. Unfortunately my work only progresses slowly as I have many other jobs to do right now (one of these is my thesis...). I try to get the infrastructure into amavisd-new 3.4 first (per user spam filters) before actually implementing the DSPAM plugin (which is quite easy). If you like to do some Perl hacking, I can give you some pointers which things need to be done next. If you need a working system NOW, I suggest you train the SpamAssassin bayes db using sa_learn. I think that will help much if the filter rate is nearly good enough for you now. -- Felix --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] How to create a new configuration variable?
What is considered the best way to introduce a configuration value? I read about maps and policy banks but did not find a real solution what to do... I want to add a per-user setting for the spam filter to use. I thought about using something like @spam_filter_maps = ({ '[EMAIL PROTECTED]' = 'dspam', }); as shown in the the sample configuration file: [EMAIL PROTECTED] = ( # { '[EMAIL PROTECTED]' = 8.0, '.example.com' = 6.0 }, # \$sa_tag2_level_deflt, # catchall default #); Therefore I expected that lookup(0, '[EMAIL PROTECTED]', ca('spam_filter_maps')) should return 'dspam' but the call always returns (undef, undef). The ca call works as Dumper says: $VAR1 = [ { '[EMAIL PROTECTED]' = 'dspam' } ]; Any ideas? -- Felix --- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnkkid=110944bid=241720dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: Best way to train statistical DB's ?
Hi BJ, BJ Dierkes schrieb: I am using Horde Webmail. I have configured it so that when you click report as spam it runs sa-learn against the email. Now, this is being run as www-data (debian) I assume and therefore my question is this: Are the statistics processed into a global database that effects *all* messages processes, or is there some sort of per user statistics used for incoming mail? I guess, ultimately I am wondering if my config is actually learning anything if all messages are being learned as the www-data user. That depends on what filter you are using. SpamAssassin's bayes db itself can be used by different users. amavisd-new does currently only use one user. If you want to be able to report spam by your webmailer you should make sure that both are using the same database (and the same locking method!). Maybe a symbolic link will work. -- Felix --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: Best way to train statistical DB's ?
Hallo Jakob, Jakob Curdes schrieb: I figured out a way to train dspam via mail forwarding but got stuck in the user jungle - dspam wants to train the mail as user nobody and dies because it cannot create the lock files for this user. Try the command line option '--user=[EMAIL PROTECTED]'. Do you use DSPAM with virtual users? fs --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Re: Best way to train statistical DB's ?
BJ Dierkes schrieb: Felix Schwarz wrote: That depends on what filter you are using. SpamAssassin's bayes db itself can be used by different users. amavisd-new does currently only use one user. If you want to be able to report spam by your webmailer you should make sure that both are using the same database (and the same locking method!). Maybe a symbolic link will work. Wow.. hm. that should work for my one config. Howerver, Any ideas if mail.mydomain.com and www.mydomain.com are two different servers? I.e. Horde is on a different box than amavisd-new is. Somehow you have to get the data from the web host to the amavisd-new host. I'm currently not aware of any solution which is able to do that with SpamAssasin (I think SA uses Berkeley DB which is only a local db). It should be possible with DSPAM as it uses mysql so you could configure the horde dspam that it connects to mail.mydomain.com. Maybe you can get SpamAssassin working with a sql backing and tell amavis to use that one too. -- Felix --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Generic spam scanner interface for amavisd-new (patch)
Hi Chris, Covington, Chris wrote: On Thu, Jan 05, 2006 at 10:46:16AM +0100, Felix Schwarz wrote: Hi all. FOREWORD: After using MailScanner for about three years, I finally switched to amavisd-new because I liked some things in the implementation better. One thing I really need is a decent DSPAM integration. I do not consider the current DSPAM integration in amavisd-new as sufficient as it is currently only a second scanner besides SpamAssasin, uses only one global user, does not enable easy spam filter retraining by users and the end result of the spam check is calculated by some hard coded rules. In my opinion, amavisd-new does not need DSPAM support. As of 3.4.X or 3.6.X (I forget which) DSPAM can run in daemon mode as a LMTP content-filter. I use amavisd-new for banned files and A/V, then I have amavisd-new reinject the mail to Postfix which reinjects to DSPAM via LMTP. Problem solved. I suppose it could be cleaner if amavisd-new could support reinjecting to a LMTP content-filter, but the performance is fine. From your argument it follows (IMHO) that amavisd-new should have no spam scanners at all because for SpamAssassin there is spamd which could be easily integrated into your mail system. The same goes for most virus scanners... The point of amavis (imho) is that it allows to exclude recipients from the spam scan or modifying the actions that are taken based on the result from a spam scan AND each recipient. Without the need to adapt it for every single server software and spam/virus scanner. Instead amavisd-new unifies the interface. Why should there be no DSPAM? I think DSPAM support in amavisd-new will help. Not only because for my purposes DSPAM is far better than SpamAssassin but it would help to diversify the used spam scanners which would make it much harder for spammers to work on one mail that will get past all scanners. And after all, no functionality currently present should be removed. Who likes current system with SpamAssassin only should use it at will. SpamAssassin will probably even the default scanner for a couple of years. -- Felix --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/