[AMaViS-user] Disable spam and virus scan for but internal-to-internal messages
Hello,
I'm using Postfix+Amavisd-new+MySQL as my Mail Gateway platform.
I would like to disable spam and virus scan for but internal-to-internal
messages.
At the moment, I have the following setup:
$inet_socket_port = [10026];
$interface_policy{'10026'} = 'SENDERBYPASS';
$policy_bank{'SENDERBYPASS'} = {
originating => 1,
};
$sql_lookups_no_at_means_domain = 1;
@lookup_sql_dsn =
(
['DBI:mysql:database=postfix;host=127.0.0.1;port=3306', 'user',
'*'],
);
$sql_select_policy = 'SELECT 0 as virus_lover FROM domain WHERE active=1
AND domain IN (%k)';
%virus_lovers = ('.' => 1);
That let me to scan for viruses only inbound traffic and
internal-to-internal.
How I have to do?
The big problem with this approach is that I can't specify another query
for set 'spam_lovers'.
The other problem is how I could disable scanning on inbound traffic?
Thanks,
rocsca
--
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
Series Scanner you'll get full speed at 300 dpi even with all image
processing features enabled. http://p.sf.net/sfu/kodak-com
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Policy server for outgoing messages
Hello,
I have a number of networks from which it is possible to use my mail
gateway system (Postfix+Amavisd-new+MySQL) to relay email messages
(directly through a mail client or through another MTA that uses my mail
gateway system as smart host). The mail gateway system moreover is used
as MX record for the email domains that I maintain.
I apply a policy service to messages as follow:
smtpd_recipient_restrictions =
...
check_policy_service inet:127.0.0.1:10031
smtpd_end_of_data_restrictions =
check_policy_service inet:127.0.0.1:10031
Moreover, my Amavisd-new setup uses a policy bank for "mark" message
generated inside one of my network:
$interface_policy{'10026'} = 'SENDERBYPASS';
$policy_bank{'SENDERBYPASS'} = {
originating => 1,
};
Having setup the following restriction in postfix:
smtpd_client_restrictions =
check_client_access
proxy:mysql:/etc/postfix/mysql-check-client-filter-access.cf
Where:
query = select IF(STRCMP(action,'OK'),action,'FILTER
smtp-amavis:[127.0.0.1]:10026') from access where inet_aton(ip) &
inet_aton(mask) = inet_aton('%s') & inet_aton(mask) order by mask DESC
limit 0,1;
I would like to know if there is a way so that the policy server is
applied only inside the policy bank.
Thanks,
rocsca
--
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Policy for outgoing messages
> > Hello, > > Use your mta. Just post to postfix list. Thanks anyway, but if read my email carefully, I can notice that I have already post my question to the postfix list too.. :-) rocsca -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Policy for outgoing messages
Hello,
I have a number of networks from which is possible to use my mail
gateway system (Postfix+Amavisd-new+MySQL) to relay email messages
(directly through a mail client or through another MTA that uses my mail
gateway system as smart host). The mail gateway system moreover is used
as MX record for the email domains that I maintain.
I have already tried a policy that limits (setting a quota) the number
of messages by sender (from any IP to any IP, excluding mail from "<>")
to a certain number during a time slot.
My aim, anyway, is to apply a such policy for outgoing messages
(including internal-to-internal messages). So I have to define a group
which contains the IPs enabled for relay through my mail server.
The problem is that I have no a static list of IPs/networks. Infact, my
Postfix looks up the underlying database to permit or deny the relay to
a client:
smtpd_recipient_restrictions =
check_client_access
proxy:mysql:/etc/postfix/mysql-check-client-access.cf
where the query is:
query = select action from access where inet_aton(ip) & inet_aton(mask)
= inet_aton('%s') & inet_aton(mask) order by mask DESC limit 0,1;
How could define a such group in Policyd V2?
At the same time, I place the same question to Postfix and Amavisd-new
lists, hoping that someone can suggest me a "to the bottom" solution to
this issue..
Thanks,
rocsca
--
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
Infact, >> I'm currentry using @lookup_sql_dsn for storing quarantine in DB. >> >> So I have tried to include both DSN in @lookup_sql_dsn array: >> >> @lookup_sql_dsn = >> ( >> ['DBI:mysql:database=amavis;host=127.0.0.1;port=3306', >> 'user1', 'apss1'], >> ['DBI:mysql:database=postfix;host=127.0.0.1;port=3306', >> 'user2', 'pass2'], >> ); > > Having multiple data set names in the list is just a failover feature, > they must all present the same schema, and only one of them is used > at a time. > >> But after that Amavisd-new won't go on. Nevertheles gives error. How I >> have to do to preserve both features (virus_lover that queries "postfix" >> database, and SQL quarantine that interact with "amavis" database)? > > Amavisd can use (up to) two connections to a database, separating > a read-only database used for lookups and white/black-listing > (through @lookup_sql_dsn), from a read/write database access > through @storage_sql_dsn, used for everything else, i.e. for > SQL logging (pen pals) and quarantining. > doing so.. @storage_sql_dsn = ( ['DBI:mysql:database=amavis;host=127.0.0.1;port=3306','user1', 'apss1'], ); @lookup_sql_dsn = ( ['DBI:mysql:database=postfix;host=127.0.0.1;port=3306','user2', 'pass2'], ); it works! :-) > So in your case the split is natural, use @lookup_sql_dsn > pointing to one database used only for lookups (such as > virus_lover queries), and use @storage_sql_dsn pointing > to a separate database, hosting a quarantine and logging. > > See also README_FILES/README.sql . Thanks Mark, rocsca -- Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
Hello,
> I need just one more clarification..
>
> > > (Is it right to unset "bypass_virus_checks_maps"?)
> > >
> > > Then I have added the following config line:
> > >
> > > @lookup_sql_dsn =
> > >( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user',
> > > 'password'],);
> > > @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate
> > database
> > > $sql_select_policy = 'SELECT 0 as virus_lover FROM domain WHERE
> > active=1
> > > AND domain IN (%k)';
> > > %virus_lovers = ('.' => 1);
> >
> > Ok.
> >
> > > After restarting amavisd I get error such the following:
> >
> > > amavis[483]: (00483-01) sql: preparing and executing:
> > > SELECT id FROM maddr WHERE email=?
> > > amavis[483]: (00483-01) sending SMTP response:
> > > "451 4.5.0 Error in processing, id=00483-01, sql-enter FAILED:
> > > sql exec: err=1146, S1000, DBD::mysql::st execute failed:
> > > Table 'postfix.maddr' doesn't exist at
> > > (eval 66) line 169, line 21."
> >
> > This has nothing to do with SQL lookups. It is SQL logging that
> fails,
> > apparently you don't have r/w tables needed for logging to SQL /
> > penpals
> > (tables maddr, msgs, msgrcpt), yet you have enabled the SQL logging.
> >
> > Either provide the needed tables (README.sql-mysql),
> > or leave @storage_sql_dsn at its default (empty).
> >
> > > Infact when I uncomment @lookup_sql_dsn I enable sql Amavisd-new
> > logging
> > > in amavis database.. But I need to lookup for domain on mail
> > database..
> > > what I have to do?
> >
> > Leave out the
> > @storage_sql_dsn = @lookup_sql_dsn;
> >
>
> I'm currentry using @lookup_sql_dsn for storing quarantine in DB.
>
> So I have tried to include both DSN in @lookup_sql_dsn array:
>
> @lookup_sql_dsn =
> (
> ['DBI:mysql:database=amavis;host=127.0.0.1;port=3306', 'user1',
> 'apss1'],
> ['DBI:mysql:database=postfix;host=127.0.0.1;port=3306', 'user2',
> 'pass2'],
> );
>
> But after that Amavisd-new won't go on. Nevertheles gives error. How I
> have to do to preserve both features (virus_lover that queries
> "postfix"
> database, and SQL quarantine that interact with "amavis" database)?
rocsca
--
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
Mark,
I need just one more clarification..
> > (Is it right to unset "bypass_virus_checks_maps"?)
> >
> > Then I have added the following config line:
> >
> > @lookup_sql_dsn =
> >( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user',
> > 'password'],);
> > @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate
> database
> > $sql_select_policy = 'SELECT 0 as virus_lover FROM domain WHERE
> active=1
> > AND domain IN (%k)';
> > %virus_lovers = ('.' => 1);
>
> Ok.
>
> > After restarting amavisd I get error such the following:
>
> > amavis[483]: (00483-01) sql: preparing and executing:
> > SELECT id FROM maddr WHERE email=?
> > amavis[483]: (00483-01) sending SMTP response:
> > "451 4.5.0 Error in processing, id=00483-01, sql-enter FAILED:
> > sql exec: err=1146, S1000, DBD::mysql::st execute failed:
> > Table 'postfix.maddr' doesn't exist at
> > (eval 66) line 169, line 21."
>
> This has nothing to do with SQL lookups. It is SQL logging that fails,
> apparently you don't have r/w tables needed for logging to SQL /
> penpals
> (tables maddr, msgs, msgrcpt), yet you have enabled the SQL logging.
>
> Either provide the needed tables (README.sql-mysql),
> or leave @storage_sql_dsn at its default (empty).
>
> > Infact when I uncomment @lookup_sql_dsn I enable sql Amavisd-new
> logging
> > in amavis database.. But I need to lookup for domain on mail
> database..
> > what I have to do?
>
> Leave out the
> @storage_sql_dsn = @lookup_sql_dsn;
>
I'm currentry using @lookup_sql_dsn for storing quarantine in DB.
So I have tried to include both DSN in @lookup_sql_dsn array:
@lookup_sql_dsn =
(
['DBI:mysql:database=amavis;host=127.0.0.1;port=3306', 'user1',
'apss1'],
['DBI:mysql:database=postfix;host=127.0.0.1;port=3306', 'user2',
'pass2'],
);
But after that Amavisd-new won't go on. Nevertheles gives error. How I
have to do to preserve both features (virus_lover that queries "postfix"
database, and SQL quarantine that interact with "amavis" database)?
TIA,
rocsca
--
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks [solved]
Mark,
> > I have assumed that I have I have to take away the
> > "bypass_virus_check_maps" setting from the policy below:
> >
> > $inet_socket_port = [10024,10026];
> >
> > $interface_policy{'10026'} = 'SENDERBYPASS';
> >
> > $policy_bank{'SENDERBYPASS'} = {
> > originating => 1,
> > bypass_virus_checks_maps => [
> > {
> > '.conc-bmw.com' => 0,
> > '.' => 1,
> > } ],
> > };
> >
> > So it become:
> >
> > $policy_bank{'SENDERBYPASS'} = {
> > originating => 1,
> > };
>
> Yes, in your case there is no need to have a global
> @bypass_virus_checks_maps overridden by a policy bank, as
> you say you want to treat inbound and internal-to-internal
> mail the same, i.e. the behaviour is determined by
> a recipient domain alone, not by the source of a message.
>
>
> > (Is it right to unset "bypass_virus_checks_maps"?)
> >
> > Then I have added the following config line:
> >
> > @lookup_sql_dsn =
> >( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user',
> > 'password'],);
> > @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate
> database
> > $sql_select_policy = 'SELECT 0 as virus_lover FROM domain WHERE
> active=1
> > AND domain IN (%k)';
> > %virus_lovers = ('.' => 1);
>
> Ok.
>
> > After restarting amavisd I get error such the following:
>
> > amavis[483]: (00483-01) sql: preparing and executing:
> > SELECT id FROM maddr WHERE email=?
> > amavis[483]: (00483-01) sending SMTP response:
> > "451 4.5.0 Error in processing, id=00483-01, sql-enter FAILED:
> > sql exec: err=1146, S1000, DBD::mysql::st execute failed:
> > Table 'postfix.maddr' doesn't exist at
> > (eval 66) line 169, line 21."
>
> This has nothing to do with SQL lookups. It is SQL logging that fails,
> apparently you don't have r/w tables needed for logging to SQL /
> penpals
> (tables maddr, msgs, msgrcpt), yet you have enabled the SQL logging.
>
> Either provide the needed tables (README.sql-mysql),
> or leave @storage_sql_dsn at its default (empty).
>
> > Infact when I uncomment @lookup_sql_dsn I enable sql Amavisd-new
> logging
> > in amavis database.. But I need to lookup for domain on mail
> database..
> > what I have to do?
>
> Leave out the
> @storage_sql_dsn = @lookup_sql_dsn;
>
This is my final config:
$sql_lookups_no_at_means_domain = 1;
@lookup_sql_dsn =
( ['DBI:mysql:database=postfix;host=127.0.0.1;port=3306', 'user',
'password'],);
$sql_select_policy = 'SELECT 0 as virus_lover FROM domain WHERE active=1
AND domain IN (%k)';
%virus_lovers = ('.' => 1);
The lines above let me to avoid virus check for outgoing messages.
While the following policy bank:
$inet_socket_port = [10024,10026];
$interface_policy{'10026'} = 'SENDERBYPASS';
$policy_bank{'SENDERBYPASS'} = {
originating => 1,
};
Applied to the IP found by the following restriction:
check_client_access
proxy:mysql:/etc/postfix/mysql-check-client-filter-access.cf
Let me tag all email generated by one of my IP (originating email), as
LOCAL in amavisd-new logs.
Many many thanks! All works fine!!
rocsca
--
Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM)
software. With Adobe AIR, Ajax developers can use existing skills and code to
build responsive, highly engaging applications that combine the power of local
resources and data with the reach of the web. Download the Adobe AIR SDK and
Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
Mark,
First of all thank you for you great insight about the argument..
> > One thing that I can do after I have separated traffic originating
> > inside my network, from the other traffic passing through my mail
> > gateway, is to stop to analyse that traffic agaist viruses.
> >
> > Indeed, I then realized that I would like to continue to scan email
> > originating from my network and destined still to my network.
> >
> > A policy compliant with the my aim could be to omit virus scanning
> > for outbound messages.
>
> |> The idea is to present a bypass_virus_checks='N' for all local
> |> domains, and provide a default of a yes for the rest (either by
> |> an SQL record or by a statical default).
>
> > So,
> >
> > $sql_clause{'sel_policy'} = \$sql_select_policy;
>
> This assignment isn't necesary in a config file, it is already done at
> amavisd initialization time.
>
> > $sql_select_policy = "select policy.virus_lover as virus_lover from
> > (SELECT 1 as virus_lover, domain FROM domain where active=1 and
> domain
> > in (%k)) as policy left join domain on
> (policy.domain=domain.domain)";
> >
> > Could be ok?
> >
> > PS: The query returns:
> > +-+
> > | virus_lover |
> > +-+
> > | 1 |
> > +-+
> > If domain is local and
> >
> > +-+
> > | virus_lover |
> > +-+
> > Otherwise.
>
> Don't you want just the opposite? You said you wanted all outbound
mail
> to pass without virus checking, which means your local domains
(inbound
> or internal-to-internal mail) need a virus_lover false, and everybody
> else
> (outbound) needs a true,
>
>
> |> Also table names do not matter.
> > $sql_select_policy = "select policy.virus_lover as virus_lover from
>
> As mentioned, table names in the final result do not matter (DBI
module
> strips them off, returning only bare field names), so the above AS
> alias
> is unnecessary, a "SELECT virus_lover FROM ..." suffices.
>
> So now we have a:
>
> SELECT virus_lover FROM
> ( SELECT 0 as virus_lover, domain
> FROM domain WHERE active=1 AND domain IN (%k)
> ) AS policy
> LEFT JOIN domain ON (policy.domain=domain.domain)
>
> As you are not interested in other fields being returned, I don't
> see a need for a LEFT JOIN domain. It appears to me that a simple
> select would do the job as well:
>
> SELECT 0 as virus_lover FROM domain WHERE active=1 AND domain IN (%k)
>
> Now what is still needed is to return a true for a virus_lover
> for everybody else. It could be done by a SQL (a wildcard record for
> a domain '@.'), but in this particular case it is simpler to do
without
> a catchall record and just use a statical lookup table as a fallback,
> e.g.
> push(@virus_lovers_maps, 1);
>
> or the old style, if you prefer:
> %virus_lovers = ('.' => 1);
>
I have assumed that I have I have to take away the
"bypass_virus_check_maps" setting from the policy below:
$inet_socket_port = [10024,10026];
$interface_policy{'10026'} = 'SENDERBYPASS';
$policy_bank{'SENDERBYPASS'} = {
originating => 1,
bypass_virus_checks_maps => [
{
'.conc-bmw.com' => 0,
'.' => 1,
} ],
};
So it become:
$policy_bank{'SENDERBYPASS'} = {
originating => 1,
};
(Is it right to unset "bypass_virus_checks_maps"?)
Then I have added the following config line:
@lookup_sql_dsn =
( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user',
'password'],);
@storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate database
$sql_select_policy = 'SELECT 0 as virus_lover FROM domain WHERE active=1
AND domain IN (%k)';
%virus_lovers = ('.' => 1);
After restarting amavisd I get error such the following:
Feb 3 15:15:20 av4 postfix/smtp[30345]: AD79E75052E:
to=, relay=127.0.0.1[127.0.0.1]:10024, delay=2.6,
delays=2.5/0/0.01/0.05, dsn=4.3.2, status=deferred (host
127.0.0.1[127.0.0.1] said: 421 4.3.2 Service shutting down, closing
channel (in reply to RCPT TO command))
While in amavisd-new log I get:
# cat /var/log/amavis | grep "amavis\[483\]: (00483-01)"
amavis[483]: (00483-01) SMTP> 220 [127.0.0.1] ESMTP amavisd-new service
ready
amavis[483]: (00483-01) switch_to_client_time 480 s, smtp response sent
amavis[483]: (00483-01) idle_proc, 4: was busy, 115.6 ms, total idle
0.000 s, busy 0.116 s
amavis[483]: (00483-01) idle_proc, 5: was idle, 0.3 ms, total idle 0.000
s, busy 0.116 s
amavis[483]: (00483-01) SMTP< EHLO myserver.mydomain.tld\r\n
amavis[483]: (00483-01) switch_to_my_time 480 s, SMTP EHLO received
amavis[483]: (00483-01) ESMTP> 250-[127.0.0.1]
amavis[483]: (00483-01) ESMTP> 250-VRFY
amavis[483]: (00483-01) ESMTP> 250-PIPELINING
amavis[483]: (00483-01) ESMTP> 250-SIZE
amavis[483]: (00483-01) ESMTP> 250-ENHANCEDSTATUSCODES
amavis[483]: (00483-01) ESMTP> 250-8BITMIME
amavis[483]: (00483-01) ESMTP> 250-DSN
amavis[483]: (00483-01) ESMTP> 250 XFORWARD NAME ADDR PROTO HELO
amavis[483]: (00483-01) switch_to_client_time 480 s, smtp
[AMaViS-user] Not filter DSN toward a domain of mine
Hello. I would like to implement a policy that let to pass trough my mail gateway all DSN destined to the domain 'domain.tld' managed by me. I'm pretty sure on how to capture email destined to 'domain.tld' and bypass soam and virus cheching. Anyway is hard for me to infer how to catch DSN. I feel that I have to apply a policy bank, but I can't figure out how it has to work. Any hint is appreciated. rocsca -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
> To preserve compatibility, an implied initialization is:
> $sql_clause{'sel_policy'} = \$sql_select_policy;
> so either set the $sql_select_policy (which will be passed on to
> $sql_clause{'sel_policy'} ), or assign to $sql_clause{'sel_policy'}
> directly and ignore $sql_select_policy.
>
> The code in amavisd only uses values in %sql_clause,
> not $sql_select_policy.
>
> > that have to return "0" (as for
> > previous solution based on associative array) if the domain is
> internal,
> > and "1" other wise.
>
> The clause should be a SELECT, which may return any number of records
> but only the first record (if any) is used. The record should
> provide field names (with their values) as expected by amavisd,
> not all are needed, any additional (unrecognized) fields are ignored.
> Missing fields or NULLs fall back to statical lookups for that
setting.
>
> So for example, a trivial SELECT would provide two constant
> values regardless of a recipient address:
>
> SELECT 'Y' as virus_lover, 6.3 as spam_kill_level;
>
> +-+-+
> | virus_lover | spam_kill_level |
> +-+-+
> | Y | 6.3 |
> +-+-+
> 1 row in set (0.01 sec)
>
>
> > 2) Which field of the select has to contains the 0,1 values?
>
> See README.lookups, section 'SQL LOOKUPS'.
> For boolean fields use 0 or 'N' for false, 1 or 'Y' for a true.
>
> > 3) could you depict this solution with a practical example?
>
> Perhaps it would be best to start with your schema, i.e. that
> part of it which tells which domains are your local.
So,
$sql_clause{'sel_policy'} = \$sql_select_policy;
$sql_select_policy = "select policy.virus_lover as virus_lover from
(SELECT 1 as virus_lover, domain FROM domain where active=1 and domain
in (%k)) as policy left join domain on (policy.domain=domain.domain)";
Could be ok?
PS: The query returns:
+-+
| virus_lover |
+-+
| 1 |
+-+
If domain is local and
+-+
| virus_lover |
+-+
Otherwise.
rocsca
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
> A better approach would probably be to use SQL lookup instead of a
> statical hash-based lookup. The policy.bypass_virus_checks SQL field
> is equivanent to @bypass_virus_checks_maps (actually it's the other
> way around, the SQL lookup table is implicitly prepended to a
> lists of lookup tables in @*_maps).
>
> I expect your existing database schema is not the same as
> that proposed by amavisd docs (tables users and policy).
> Nevertheless, with some SQL magic and existing schema could
> be presented to amavisd the way it expects it. The idea is
> to present a bypass_virus_checks='N' for all local domains,
> and provide a default of a yes for the rest (either by an
> SQL record or by a statical default).
>
> When amavisd does an SQL lookup, it executes the SELECT clause
> as specified in $sql_clause{'sel_policy'}, which is configurable
> in amavisd.conf. The default is:
>
> # The SQL select clause to fetch per-recipient policy settings.
> # The %k will be replaced by a comma-separated list of query
> addresses
> # for a recipient (e.g. full address, domain only, catchall), %a
will
> be
> # replaced by an exact recipient address (same as the first entry in
> %k,
> # suitable for pattern matching). Use ORDER, if there is a chance
> that
> # multiple records will match - the first match wins (i.e. the first
> # returned record). If field names are not unique (e.g. 'id'), the
> later
> # field overwrites the earlier in a hash returned by lookup, which
is
> # why we use 'users.*, policy.*, users.id'.
>
>SELECT users.*, policy.*, users.id
> FROM users LEFT JOIN policy ON users.policy_id=policy.id
> WHERE users.email IN (%k) ORDER BY users.priority DESC
>
> The resulting record (only the first matters) only needs to
> provide fields with names as in the docs (names are currently
> hard-coded, not configurable). Not all fields need to be present,
> in fact none are required - just provide the ones that you want
> to specify in SQL, others will fall back to statical lookups.
> Also table names do not matter. There is also a useful default
> for the 'local' field (as documented in README.lookups):
> when field name is missing, a mere presence of a resulting
> record implies local='Y' unless it is a wildcard '@.' record,
> providing a convenient way to specify @local_domains_maps in SQL.
>
> Setting the $sql_clause{'sel_policy'} to a suitable clause,
> aided with some SQL magic like subselects, union, aliases, views)
> can mould existing schema into what is desired. Some examples
> were discussed in the past on the ML - I keep some just
> as an illustration, without explaining it now:
>
> # $sql_select_policy =
> # 'SELECT 1 FROM domain WHERE CONCAT("@",domain_name) IN (%k)';
> #
> # $sql_select_policy =
> # 'SELECT *, extuser.id'.
> # ' FROM ((SELECT id,policy_id,priority,email FROM users) UNION'.
> # ' (SELECT 1,99,1,CONCAT("@",domain_name) FROM domain)) AS
> extuser'.
> # ' LEFT JOIN policy ON policy_id=policy.id'.
> # ' WHERE email IN (%k) ORDER BY priority DESC';
> #
> # $sql_select_policy =
> # 'SELECT *, user.id'.
> # ' FROM (SELECT 1 as id, 99 as policy_id, 1 as priority,'.
> # ' CONCAT("@",domain_name) as email FROM domain) AS
> user'.
> # ' LEFT JOIN policy ON policy_id=policy.id'.
> # ' WHERE email IN (%k) ORDER BY priority DESC';
> #
> # $sql_lookups_no_at_means_domain = 1;
> # $sql_select_policy =
> # 'SELECT *, user.id'.
> # ' FROM (SELECT 1 as id, 99 as policy_id, "Y" AS local'.
> # ' FROM domain WHERE domain_name IN (%k)) AS user'.
> # ' LEFT JOIN policy ON policy_id=policy.id';
Excuse me Mark,
I have felt that that I could apply avery interesting solution to the
issue that have raised, for my system.
But I have some doubt:
1) Above there is a veriable mentioned: "$sql_select_polic", while at
the top of tyhis message it seems to me that I have to set
$sql_clause{'sel_policy'} to the clause that have to return "0" (as for
previous solution based on associative array) if the domain is internal,
and "1" other wise.
2) Which field of the select has to contains the 0,1 values?
3) could you depict this solution with a practical example?
Thanks,
rocsca
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
> > >> originating recip. is local
> > >> 0 0can't happen (open
relay)
> > >> 0 1inbound
> > >> 1 0outbound
> > >> 1 1internal-to-internal
> > >>
> > >> # a global setting, can be overridden by a policy bank,
> > >> # so in this case will apply only to inbound mail
> > >> #
> > >> @bypass_virus_checks_maps = ();
> > >>
> > >> # mail originating from our users, override global settings
> > >> #
> > >> $policy_bank{'ORIGINATING'} = {
> > >> originating => 1,
> > >> bypass_virus_checks_maps => [
> > >> { '.mydomain1.org' => 0, # internal-to-internal
> > >>'.mydomain2.org' => 0,
> > >>'.' => 1, # skip the check for everybody else (outbound)
> > >> } ],
> > >> };
> > >
> > > Btw, the shown example is just an illustration on how to deal
> > > with the 3(4) possibilities when needed.
> > >
> > > Assuming mailer is not an open relay, and for the task at hand
> > > (needing a setting for outbound mail), a single global setting
> > > of @bypass_virus_checks_maps suffices, because if recipient
> > > is non-local we know mail could only be originating from our
> > > users.
> > >
> > > @bypass_virus_checks_maps = (
> > >{ '.mydomain1.org' => 0, # inbound or internal-to-internal
> > > '.mydomain2.org' => 0,
> > > '.' => 1, # skip the check for everybody else (outbound)
> > >} );
> > >
> >
> > I have understood quite well your explanation. I have a problem
using
> a
> > such approach. Infact, I have a long list of "mydomain" too. I
> maintain
> > domains through a database. But unfortunatly I can't figure out how
> to
> > build a such associative array.
> >
> > PS: Amavisd-new natively tags as LOCAL some log's entries. If an
> entry
> > is
> > tagged as LOCAL it mean that the associated message is either
inbound
> > or
> > internal-to-internal. Right? But how behaves Amavisd-new when face
> with
> > a
> > message which has either local and non-local recipients?
> >
>
> Anyway, since I have set Amavisd-new to avoid virus scan for outbound
> messages, I get a lot of:
>
> Jan 22 11:20:27 av9 postfix/smtp[29723]: 2C9B815B8D9:
> to=, relay=127.0.0.1[127.0.0.1]:10026, delay=13,
> delays=2.4/9.8/1/0, dsn=4.4.2, status=deferred (conversation with
> 127.0.0.1[127.0.0.1] timed out while receiving the initial server
> greeting)
>
> As well
>
> Jan 22 11:20:11 av9 postfix/smtp[29723]: B5D8D15B8BF:
> to=, relay=127.0.0.1[127.0.0.1]:10024,
delay=8.1,
> delays=2.9/4.3/1/0, dsn=4.4.2, status=deferred (conversation with
> 127.0.0.1[127.0.0.1] timed out while receiving the initial server
> greeting)
>
> I can't figure out why.. Maybe postfix answer so when amavisd-new has
> no
> child to manage a new request? And so this is due to the high incoming
> traffic? Or there is some tune to be done in my master.cf?
>
> smtp-amavis unix - - n - 14 smtp
> -o smtp_data_done_timeout=1200
> -o smtp_send_xforward_command=yes
> -o disable_dns_lookups=yes
> -o max_use=14
> -o smtp_connect_timeout=1
> -o smtp_helo_timeout=1
>
Indead I have changed the conf in /etc/postfix/master.cf above with the
following:
smtp-amavis unix - - n - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=30
-o smtp_connect_timeout=1
-o smtp_helo_timeout=1
And I do not have any error of kind:
"...delivery temporarily suspended: conversation with
127.0.0.1[127.0.0.1] timed out while receiving the initial server
greeting..."
At the moment..
Any explanation is well accepted.
:-)
rocsca
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
Mark,
> >> originating recip. is local
> >> 0 0can't happen (open relay)
> >> 0 1inbound
> >> 1 0outbound
> >> 1 1internal-to-internal
> >>
> >> # a global setting, can be overridden by a policy bank,
> >> # so in this case will apply only to inbound mail
> >> #
> >> @bypass_virus_checks_maps = ();
> >>
> >> # mail originating from our users, override global settings
> >> #
> >> $policy_bank{'ORIGINATING'} = {
> >> originating => 1,
> >> bypass_virus_checks_maps => [
> >> { '.mydomain1.org' => 0, # internal-to-internal
> >>'.mydomain2.org' => 0,
> >>'.' => 1, # skip the check for everybody else (outbound)
> >> } ],
> >> };
> >
> > Btw, the shown example is just an illustration on how to deal
> > with the 3(4) possibilities when needed.
> >
> > Assuming mailer is not an open relay, and for the task at hand
> > (needing a setting for outbound mail), a single global setting
> > of @bypass_virus_checks_maps suffices, because if recipient
> > is non-local we know mail could only be originating from our
> > users.
> >
> > @bypass_virus_checks_maps = (
> >{ '.mydomain1.org' => 0, # inbound or internal-to-internal
> > '.mydomain2.org' => 0,
> > '.' => 1, # skip the check for everybody else (outbound)
> >} );
> >
>
> I have understood quite well your explanation. I have a problem using
a
> such approach. Infact, I have a long list of "mydomain" too. I
maintain
> domains through a database. But unfortunatly I can't figure out how to
> build a such associative array.
>
> PS: Amavisd-new natively tags as LOCAL some log's entries. If an entry
> is
> tagged as LOCAL it mean that the associated message is either inbound
> or
> internal-to-internal. Right? But how behaves Amavisd-new when face
with
> a
> message which has either local and non-local recipients?
>
Anyway, since I have set Amavisd-new to avoid virus scan for outbound
messages, I get a lot of:
Jan 22 11:20:27 av9 postfix/smtp[29723]: 2C9B815B8D9:
to=, relay=127.0.0.1[127.0.0.1]:10026, delay=13,
delays=2.4/9.8/1/0, dsn=4.4.2, status=deferred (conversation with
127.0.0.1[127.0.0.1] timed out while receiving the initial server
greeting)
As well
Jan 22 11:20:11 av9 postfix/smtp[29723]: B5D8D15B8BF:
to=, relay=127.0.0.1[127.0.0.1]:10024, delay=8.1,
delays=2.9/4.3/1/0, dsn=4.4.2, status=deferred (conversation with
127.0.0.1[127.0.0.1] timed out while receiving the initial server
greeting)
I can't figure out why.. Maybe postfix answer so when amavisd-new has no
child to manage a new request? And so this is due to the high incoming
traffic? Or there is some tune to be done in my master.cf?
smtp-amavis unix - - n - 14 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=14
-o smtp_connect_timeout=1
-o smtp_helo_timeout=1
The big problem is that the messages remains starngely queued a long
time before to be forwarded toward Amavisd-new... :-(
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
>> originating recip. is local
>> 0 0can't happen (open relay)
>> 0 1inbound
>> 1 0outbound
>> 1 1internal-to-internal
>>
>> # a global setting, can be overridden by a policy bank,
>> # so in this case will apply only to inbound mail
>> #
>> @bypass_virus_checks_maps = ();
>>
>> # mail originating from our users, override global settings
>> #
>> $policy_bank{'ORIGINATING'} = {
>> originating => 1,
>> bypass_virus_checks_maps => [
>> { '.mydomain1.org' => 0, # internal-to-internal
>>'.mydomain2.org' => 0,
>>'.' => 1, # skip the check for everybody else (outbound)
>> } ],
>> };
>
> Btw, the shown example is just an illustration on how to deal
> with the 3(4) possibilities when needed.
>
> Assuming mailer is not an open relay, and for the task at hand
> (needing a setting for outbound mail), a single global setting
> of @bypass_virus_checks_maps suffices, because if recipient
> is non-local we know mail could only be originating from our
> users.
>
> @bypass_virus_checks_maps = (
>{ '.mydomain1.org' => 0, # inbound or internal-to-internal
> '.mydomain2.org' => 0,
> '.' => 1, # skip the check for everybody else (outbound)
>} );
>
I have understood quite well your explanation. I have a problem using a
such approach. Infact, I have a long list of "mydomain" too. I maintain
domains through a database. But unfortunatly I can't figure out how to
build a such associative array.
PS: Amavisd-new natively tags as LOCAL some log's entries. If an entry is
tagged as LOCAL it mean that the associated message is either inbound or
internal-to-internal. Right? But how behaves Amavisd-new when face with a
message which has either local and non-local recipients?
thanks,
rocsca
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
>> smtpd_client_restrictions =
>> check_client_access
>> proxy:mysql:/etc/postfix/mysql-check-client-filter-access.cf
>> ->check_recipient_access
>> proxy:mysql:/etc/postfix/mysql-relay-filter-domain.cf
>>
>> After I have modified the query part of 'check_client_access'
>> restriction as follows:
>>
>> query = select IF(STRCMP(action,'OK'),action,'DUNNO') from access where
>> inet_aton(ip) & inet_aton(mask) = inet_aton('%s') & inet_aton(mask)
>> order by mask DESC limit 0,1;
>>
>> and set the query part of 'check_recipient_access' restriction as
>> follows:
>>
>> query = select if(count(*)>0,'OK','FILTER
>> smtp-amavis:[127.0.0.1]:10026') from domain where domain='%s' and
>> active='1'
>>
>> But I don't have fully verified that this solution could be a correct
>> one. Could it work? Anyway, has anyone a better solution to my latest
>> issue?
>
> You must not forget that a message can have more than one recipient,
> so a message could be both internal-to-internal and outbound
> at the same time. It is dangerous (and usually incorrect)
> to tack a FILTER in a check_recipient_access, because these
> rules are run multiple times (for each recipient), and only
> the last FILTER setting remains in place. So the resulting
> FILTER would depend on what was the last recipient specified
> (internal or external).
>
Infact! I left out this aspect! Indeed, a policy compliant with the my aim
could be to omit virus scanning for outbound messages. In the sense that,
if a message is either internal-to-internal and outbound then the message
would be scanned as well.
How could obtain this?
Moreover, where is a suitable place where to perform recipient checking?
rocsca
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Sharing /etc/amavisd.conf among different MTA+Amavisd-new "twin" platforms
> < startup, so there are issues with sharing it that I could think of. > >> startup, so there are NO issues with sharing it that I could think of. > Thanks. Very clear and complete. At first sight, I prefer to include a 'not shared' config file. rocsca -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
> >> Paradoxically, a simpler solution in your case is to use a more
> >> complex MTA+amavisd setup, letting MTA separate mail into
> originating
> >> (=locally submitted) and all the rest, and feeding each flow
> >> on a separate amavisd port.
> >>
> >> When code sections in current versions of amavisd need to know
> whether
> >> mail is originating from local users or not, they only consult a
> state
> >> of
> >> a flag $originating. This includes deciding whether mail is
eligible
> > to
> >> DKIM signing or not.
> >>
> >> The $originating flag can be set by a policy bank:
> >> originating => 1
> >> or can be set implicitly by matching a client IP address against
the
> >> @mynetworks list of local networks. See release notes for version
> >> 2.5.0.
> >>
> >> Up to version 2.5.0 the implicit way was the only mechanism
> available,
> >> so @mynetworks needed to be set correctly.
> >>
> >> Starting with 2.5.0 the @mynetworks is mostly just a convenient
> >> legacy mechanism for implicitly setting the $originating flag.
> >> Use it if you only have few local networks and no roaming
> > authenticated
> >> mail submitters, otherwise just set $originating flag explicitly by
> a
> >> port-based policy bank and can forget about @mynetworks.
> >
> > How I have to tell to the MTA to distinguish between local submitted
> > messages and not (I'm using Postfix)?
> >
>
> Great!!! Thanks Mark, I've read your mail carefully and so I ve
solved.
> In
> /etc/amavisd.conf I ve put
>
> $inet_socket_port = [10024,10026];
>
> $interface_policy{'10026'} = 'SENDERBYPASS';
>
> $policy_bank{'SENDERBYPASS'} = {
> originating => 1,
> };
>
> and in /etc/postfix/main.cf I have set:
>
> smtpd_client_restrictions =
> check_client_access
> proxy:mysql:/etc/postfix/mysql-check-client-filter-access.cf
>
> where /etc/postfix/mysql-check-client-filter-access.cf:
>
> user = ***
> password = ***
> hosts = ***
> dbname = ***
> query = for relaying, the action set in DB otherwise>
One thing that I can do after I have separated traffic originating
inside my network, from the other traffic passing through my mail
gateway, is to stop to analyse that traffic agaist viruses.
Indeed, I then realized that I would like to continue to scan email
originating from my network and destined still to my network.
So I have thought to extend the set of restrictions for client access
so:
smtpd_client_restrictions =
check_client_access
proxy:mysql:/etc/postfix/mysql-check-client-filter-access.cf
->check_recipient_access
proxy:mysql:/etc/postfix/mysql-relay-filter-domain.cf
After I have modified the query part of 'check_client_access'
restriction as follows:
query = select IF(STRCMP(action,'OK'),action,'DUNNO') from access where
inet_aton(ip) & inet_aton(mask) = inet_aton('%s') & inet_aton(mask)
order by mask DESC limit 0,1;
and set the query part of 'check_recipient_access' restriction as
follows:
query = select if(count(*)>0,'OK','FILTER
smtp-amavis:[127.0.0.1]:10026') from domain where domain='%s' and
active='1'
But I don't have fully verified that this solution could be a correct
one. Could it work? Anyway, has anyone a better solution to my latest
issue?
TIA,
rocsca
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
>> Paradoxically, a simpler solution in your case is to use a more
>> complex MTA+amavisd setup, letting MTA separate mail into originating
>> (=locally submitted) and all the rest, and feeding each flow
>> on a separate amavisd port.
>>
>> When code sections in current versions of amavisd need to know whether
>> mail is originating from local users or not, they only consult a state
>> of
>> a flag $originating. This includes deciding whether mail is eligible
> to
>> DKIM signing or not.
>>
>> The $originating flag can be set by a policy bank:
>> originating => 1
>> or can be set implicitly by matching a client IP address against the
>> @mynetworks list of local networks. See release notes for version
>> 2.5.0.
>>
>> Up to version 2.5.0 the implicit way was the only mechanism available,
>> so @mynetworks needed to be set correctly.
>>
>> Starting with 2.5.0 the @mynetworks is mostly just a convenient
>> legacy mechanism for implicitly setting the $originating flag.
>> Use it if you only have few local networks and no roaming
> authenticated
>> mail submitters, otherwise just set $originating flag explicitly by a
>> port-based policy bank and can forget about @mynetworks.
>
> How I have to tell to the MTA to distinguish between local submitted
> messages and not (I'm using Postfix)?
>
Great!!! Thanks Mark, I've read your mail carefully and so I ve solved. In
/etc/amavisd.conf I ve put
$inet_socket_port = [10024,10026];
$interface_policy{'10026'} = 'SENDERBYPASS';
$policy_bank{'SENDERBYPASS'} = {
originating => 1,
};
and in /etc/postfix/main.cf I have set:
smtpd_client_restrictions =
check_client_access
proxy:mysql:/etc/postfix/mysql-check-client-filter-access.cf
where /etc/postfix/mysql-check-client-filter-access.cf:
user = ***
password = ***
hosts = ***
dbname = ***
query =
Thanks,
rocsca
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Sharing /etc/amavisd.conf among different MTA+Amavisd-new "twin" platforms
Hello, I have different SMTP gateways each one configurred exactly at the same manner. The only difference is the hostname. I would like to know if I could define "/etc/amavisd.conf" as an NFS share somewhere and export it on each of my SMTP gateways. The aim is obviously to change only one configuration file each time that an amavisd-new configuration update is needed. TIA, rocsca -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
> Paradoxically, a simpler solution in your case is to use a more > complex MTA+amavisd setup, letting MTA separate mail into originating > (=locally submitted) and all the rest, and feeding each flow > on a separate amavisd port. > > When code sections in current versions of amavisd need to know whether > mail is originating from local users or not, they only consult a state > of > a flag $originating. This includes deciding whether mail is eligible to > DKIM signing or not. > > The $originating flag can be set by a policy bank: > originating => 1 > or can be set implicitly by matching a client IP address against the > @mynetworks list of local networks. See release notes for version > 2.5.0. > > Up to version 2.5.0 the implicit way was the only mechanism available, > so @mynetworks needed to be set correctly. > > Starting with 2.5.0 the @mynetworks is mostly just a convenient > legacy mechanism for implicitly setting the $originating flag. > Use it if you only have few local networks and no roaming authenticated > mail submitters, otherwise just set $originating flag explicitly by a > port-based policy bank and can forget about @mynetworks. How I have to tell to the MTA to distinguish between local submitted messages and not (I'm using Postfix)? Thanks, rocsca -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Avoid spam scan for a particular recipient
> > What is the best (and simple) way to avoid spam scan for all email
> > messages destined to a particular recipient?
>
> @bypass_spam_checks_maps = ({
> 'us...@example.com' => 1,
> 'us...@example.com' => 1,
> '.office.example.net' => 1,
> });
>
> @spam_lovers_maps = @bypass_spam_checks_maps;
>
>
> Instead of a hash lookup, you can use an ACL list,
> regexp-based lookup, SQL or LDAP, see README.lookups.
>
> And example using a list as a lookup mechanism:
>
> @bypass_spam_checks_maps = ([
> qw(us...@example.com us...@example.com .office.example.net)
> ]);
> @spam_lovers_maps = @bypass_spam_checks_maps;
>
Thanks Mark,
I have done but I'm not sure that all woks as aspected..
Should the Spam SCAN bypassed enterely? And I the mail cointain a
virus, it will be catched? So I have to have an amavis entry for each
email destined to 'us...@example.com' as well.. Right?
Here my proof:
av1:~ # cat /var/log/mail | grep D8AC33E001A
Dec 12 18:33:18 av1 postfix/smtp[17126]: D370B226F9C:
to=, relay=destination[xxx.xxx.178.161]:25,
delay=0.33, delays=0.02/0/0.19/0.12, dsn=2.0.0, status=sent (250 Ok:
queued as D8AC33E001A)
av1:~ # cat /var/log/mail | grep D370B226F9C
Dec 12 18:33:17 av1 postfix/pickup[16075]: D370B226F9C: uid=0
from=
Dec 12 18:33:17 av1 postfix/cleanup[4524]: D370B226F9C:
message-id=
Dec 12 18:33:17 av1 postfix/qmgr[12210]: D370B226F9C:
from=, size=934, nrcpt=1 (queue active)
Dec 12 18:33:18 av1 postfix/smtp[17126]: D370B226F9C:
to=, relay=destination[xxx.xxx.178.161]:25,
delay=0.33, delays=0.02/0/0.19/0.12, dsn=2.0.0, status=sent (250 Ok:
queued as D8AC33E001A)
Dec 12 18:33:18 av1 postfix/qmgr[12210]: D370B226F9C: removed
Amavisd-new is skipped at all.
More over postfix bounce to post maser even if message is correctly
sent to the MTA of the recipient..
I'm a little bit puzzled.
rocsca
--
SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can't happen without you. Join us at MIX09 to help
pave the way to the Next Web now. Learn more and register at
http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Avoid spam scan for a particular recipient
Hello. What is the best (and simple) way to avoid spam scan for all email messages destined to a particular recipient? Thanks, rocsca -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] long list of mynetworks
> in my amavisd-new configuration I have left the default setting for > mynetwork parameters. > > # @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 > # 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); > > Well! I have a long list of network (and this changes often). I > maintain > it through a mysql table. > > Is it possible to do so that @mynetworks amavisd-new parameter is read > from the database? Anybody know a solution for this issue? Thanks, rocsca -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] long list of mynetworks
Hello, in my amavisd-new configuration I have left the default setting for mynetwork parameters. # @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 # 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); Well! I have a long list of network (and this changes often). I maintain it through a mysql table. Is it possible to do so that @mynetworks amavisd-new parameter is read from the database? Thanks, rocsca -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] R: Amavisd-new reloading
> You have a few choices for this... > > > - insure that your ram drive is big enough that it's unlikely > to fill up, else don't use a ram drive. How much you intend "big enough"? I have: /dev/shm262144 12352249792 5% /var/amavis/scan > - do nothing. Postfix will start sending mail to amavis again > after a few minutes. It may be useful to adjust the > queue_run_delay, minimal_backoff_time and maximal_backoff_time > values, especially if you have postfix 2.3 or earlier. Thanks, it was an interesting hint. I have some server with an older (than 2.3) Postfix. I will upgrade them and left deafault values for theese parameters. > - For *occasional* use, run "postfix flush" to restart > delivery to all destinations. Flushing postfix is bad for > performance (but not as bad as "postfix reload") so shouldn't > be done on a regular basis. > > - see the mitigation recipes at > http://www.postfix.org/QSHAPE_README.html#backlog > This works best with postfix 2.5 and newer. > How do you justfy the fact that from time to time I have: status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused) in maillog after restarting Amavisd-new? :-( It was a matter that shutting down Amavisd-new, the connected socket was suddenly deleted? And Postfix still tries to use that socket? Maybe after $queue_run_delay Postfix create a new socket with Amavisd-new listening socket? I can't have a clear picture of this fact.. :-( rocsca -- SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] R: Amavisd-new reloading
> > It was probably filling up gradually and you didn't notice.
> > Or there was a repeated failure, and you weren't monitoring the log.
> >
> > > 2) Is there a safe way to reloading amavisd-new?
> >
> > One way to do it is to:
> > amavisd stop
> > rm -rf /var/amavis/scan
> > mkdir /var/amavis/scan
> > chown vscan:vscan /var/amavis/scan
> > amavisd start
> >
>
> I still have some trouble with reloading/restarting amavisd-new.
> Basically, I have a cronjob to update amavisd-new:
>
> sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org
> --channel updates.spamassassin.org && /usr/sbin/rcamavisd reload
>
> where on reloading my startup script behaves as follow:
>
> reload)
> echo -n "Reloading amavisd-new: "
> ${prog} -c ${prog_config_file} reload
> rc_status -v
> ;;
>
> Doing so I have the problem that temporary RAM filesystem fills up
from
> time to time, and Postfix+Amavisd-new stops to work.
>
> On the contrary I could define cronjob as follow:
>
> sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org
> --channel updates.spamassassin.org && /usr/sbin/rcamavisd restart
>
> where on restarting my startup script behaves as follow:
>
> restart)
> $0 stop
> sleep 2
> /usr/local/bin/delete_amavis_tmp.sh
> rm -rf /var/amavis/scan/*
> $0 start
> ;;
>
> But doing so I have the problem of defferrals in postfix because it
> could not connect to the amavisd socket:
>
> status=deferred (delivery temporarily suspended: connect to
> 127.0.0.1[127.0.0.1]: Connection refused)
>
> So it is necessary that I reload postifix so that it could connect to
> the new amavisd-new socket so that all continues to work.
>
> My question is: should I use reload or restart or is there a better
way
> to manage this situation? Moreover, could I avoid to reload postfix?
> The
> aim is clearly to make relaible the automatic job so that I could stay
> quit wherever I'm out of office.
Any news? Have someone experienced with similar issue?
rocsca
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] R: Amavisd-new reloading
> > I have scheduled a cronjob to update rulesets of spamassassin:
> > sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org --
> channel
> > updates.spamassassin.org && /usr/sbin/rcamavisd reload
> > I get the bad surprise that - after Amavisd-new reloading - the mail
> > gateway is stopped.
> >
> > I have investigated and I have found several messages:
> > dsn=4.4.2, status=deferred (delivery temporarily suspended: lost
> > connection with 127.0.0.1[127.0.0.1] while sending RCPT TO)
> > server:~ # telnet localhost 10024
> > 421 4.3.2 Service shutting down, closing channel
>
> > Finally, I looked at at amavisd-new temporary directory and was
full:
> > Filesystem 1K-blocks Used Available Use% Mounted on
> > /dev/shm2621442621440 100% /var/amavis/scan
>
> It is possible that with every shutdown a set of up to $max_servers
> temporary directories is left behind. This is usually insignificant
> (and should be cleaned manually every once in a while), but if you
> are restarting amavisd often, it can amount to a large number
> in a long run. Also, if there was some other problem occasionally
> encountered by amavisd, it would preserve its temporary directory,
> slowly filling up the disk.
>
> Your (memory) disk partition is quite small. This is one reason
> why I'm not in favour of ram-based temporary workspace for amavisd.
> With a couple of gigabytes to spare, you'd probaby notice it
> before disaster struck.
>
> > Now, I ask:
> > 1) It was Amavisd-new that interrupted SMTP transaction after reload
> or
> > the filesystem was fullfilled and Amavisd-new stopped to work
> (closing
> > SMTP transaction everytime)
>
> It was probably filling up gradually and you didn't notice.
> Or there was a repeated failure, and you weren't monitoring the log.
>
> > 2) Is there a safe way to reloading amavisd-new?
>
> One way to do it is to:
> amavisd stop
> rm -rf /var/amavis/scan
> mkdir /var/amavis/scan
> chown vscan:vscan /var/amavis/scan
> amavisd start
>
I still have some trouble with reloading/restarting amavisd-new.
Basically, I have a cronjob to update amavisd-new:
sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org
--channel updates.spamassassin.org && /usr/sbin/rcamavisd reload
where on reloading my startup script behaves as follow:
reload)
echo -n "Reloading amavisd-new: "
${prog} -c ${prog_config_file} reload
rc_status -v
;;
Doing so I have the problem that temporary RAM filesystem fills up from
time to time, and Postfix+Amavisd-new stops to work.
On the contrary I could define cronjob as follow:
sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org
--channel updates.spamassassin.org && /usr/sbin/rcamavisd restart
where on restarting my startup script behaves as follow:
restart)
$0 stop
sleep 2
/usr/local/bin/delete_amavis_tmp.sh
rm -rf /var/amavis/scan/*
$0 start
;;
But doing so I have the problem of defferrals in postfix because it
could not connect to the amavisd socket:
status=deferred (delivery temporarily suspended: connect to
127.0.0.1[127.0.0.1]: Connection refused)
So it is necessary that I reload postifix so that it could connect to
the new amavisd-new socket so that all continues to work.
My question is: should I use reload or restart or is there a better way
to manage this situation? Moreover, could I avoid to reload postfix? The
aim is clearly to make relaible the automatic job so that I could stay
quit wherever I'm out of office.
Thanks,
rocsca
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] R: Amavisd-new reloading
> > I have scheduled a cronjob to update rulesets of spamassassin: > > sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org -- > channel > > updates.spamassassin.org && /usr/sbin/rcamavisd reload > > I get the bad surprise that - after Amavisd-new reloading - the mail > > gateway is stopped. > > > > I have investigated and I have found several messages: > > dsn=4.4.2, status=deferred (delivery temporarily suspended: lost > > connection with 127.0.0.1[127.0.0.1] while sending RCPT TO) > > server:~ # telnet localhost 10024 > > 421 4.3.2 Service shutting down, closing channel > > > Finally, I looked at at amavisd-new temporary directory and was full: > > Filesystem 1K-blocks Used Available Use% Mounted on > > /dev/shm2621442621440 100% /var/amavis/scan > > It is possible that with every shutdown a set of up to $max_servers > temporary directories is left behind. This is usually insignificant > (and should be cleaned manually every once in a while), but if you > are restarting amavisd often, it can amount to a large number > in a long run. Also, if there was some other problem occasionally > encountered by amavisd, it would preserve its temporary directory, > slowly filling up the disk. > > Your (memory) disk partition is quite small. This is one reason > why I'm not in favour of ram-based temporary workspace for amavisd. > With a couple of gigabytes to spare, you'd probaby notice it > before disaster struck. > > > Now, I ask: > > 1) It was Amavisd-new that interrupted SMTP transaction after reload > or > > the filesystem was fullfilled and Amavisd-new stopped to work > (closing > > SMTP transaction everytime) > > It was probably filling up gradually and you didn't notice. > Or there was a repeated failure, and you weren't monitoring the log. > > > 2) Is there a safe way to reloading amavisd-new? > > One way to do it is to: > amavisd stop > rm -rf /var/amavis/scan > mkdir /var/amavis/scan > chown vscan:vscan /var/amavis/scan > amavisd start > > > But I fear that the real problem is that amavisd-new at reload time > is > > overcomed by the flow of messages queued by Postfix to be injected > into the > > amavis content filter. > > Probably not, or you would have noticed it during your busy times. But, if I'm not wrong, one time you said that is to prefer to launch 'amavisd reload' rather 'amavisd stop' and then 'amavisd start'. But if I use 'amavisd reload' say, after I have loaded new spamassassin ruleset, I can't empty temporary directory.. :-) What do you think is better to do? rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] R: Amavisd-new reloading
> > I have scheduled a cronjob to update rulesets of spamassassin: > > sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org -- > channel > > updates.spamassassin.org && /usr/sbin/rcamavisd reload > > I get the bad surprise that - after Amavisd-new reloading - the mail > > gateway is stopped. > > > > I have investigated and I have found several messages: > > dsn=4.4.2, status=deferred (delivery temporarily suspended: lost > > connection with 127.0.0.1[127.0.0.1] while sending RCPT TO) > > server:~ # telnet localhost 10024 > > 421 4.3.2 Service shutting down, closing channel > > > Finally, I looked at at amavisd-new temporary directory and was full: > > Filesystem 1K-blocks Used Available Use% Mounted on > > /dev/shm2621442621440 100% /var/amavis/scan > > It is possible that with every shutdown a set of up to $max_servers > temporary directories is left behind. This is usually insignificant > (and should be cleaned manually every once in a while), but if you > are restarting amavisd often, it can amount to a large number > in a long run. Also, if there was some other problem occasionally > encountered by amavisd, it would preserve its temporary directory, > slowly filling up the disk. > > Your (memory) disk partition is quite small. This is one reason > why I'm not in favour of ram-based temporary workspace for amavisd. > With a couple of gigabytes to spare, you'd probaby notice it > before disaster struck. > > > Now, I ask: > > 1) It was Amavisd-new that interrupted SMTP transaction after reload > or > > the filesystem was fullfilled and Amavisd-new stopped to work > (closing > > SMTP transaction everytime) > > It was probably filling up gradually and you didn't notice. > Or there was a repeated failure, and you weren't monitoring the log. > > > 2) Is there a safe way to reloading amavisd-new? > > One way to do it is to: > amavisd stop > rm -rf /var/amavis/scan > mkdir /var/amavis/scan > chown vscan:vscan /var/amavis/scan > amavisd start > > > But I fear that the real problem is that amavisd-new at reload time > is > > overcomed by the flow of messages queued by Postfix to be injected > into the > > amavis content filter. > > Probably not, or you would have noticed it during your busy times. Thanks Mark, I'm sure that amavisd-new is a great product. So, I totally agree with your analisys. I'll update the startup script so that the memory file system is cleaned every time that Amavisd-new is started. rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] R: Amavisd-new reloading
> > sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org --channel
> > updates.spamassassin.org && /usr/sbin/rcamavisd reload
>
> I do this same thing, except instead of doing a reload I do:
> /usr/sbin/rcamavisd restart
> I have not encountered the problems you mention.
Substantially, my startup script is this:
. /etc/rc.status
# First reset status of this service
rc_reset
prog="/usr/local/sbin/amavisd"
prog_base="$(basename ${prog})"
prog_config_file="/etc/amavisd.conf"
# Source configuration.
[ -e /etc/sysconfig/${prog_base} ] && . /etc/sysconfig/${prog_base}
## Check that networking is up.
#[ ${NETWORKING} = "no" ] && exit 0
# See how we were called.
case "$1" in
start)
echo -n "Starting amavisd-new: "
${prog} -c ${prog_config_file}
rc_status -v
;;
stop)
echo -n "Shutting down amavisd-new: "
${prog} -c ${prog_config_file} stop >/dev/null 2>&1
rc_status -v
;;
status)
checkproc ${prog}
rc_status -v
;;
restart)
$0 stop
$0 start
;;
reload)
echo -n "Reloading amavisd-new: "
${prog} -c ${prog_config_file} reload
rc_status -v
;;
*)
echo "Usage: $0 {start|stop|status|restart|reload}"
exit 1
esac
rc_exit
But I fear that the real problem is that amavisd-new at reload time is
overcomed by the flow of messages queued by Postfix to be injected into the
amavis content filter.
At this porpouse, maybe I have to tune some setting into postfix.
Anyway, I'm not able to show tecnically that is my case. Is only a feeling. So
I aspect that someone in list give me a more reasonable explanation.
rocsca
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Amavisd-new reloading
Hello. I have scheduled a cronjob to update rulesets of spamassassin: sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org --channel updates.spamassassin.org && /usr/sbin/rcamavisd reload I get the bad surprise that - after Amavisd-new reloading - the mail gateway is stopped. I have investigated and I have found several messages: dsn=4.4.2, status=deferred (delivery temporarily suspended: lost connection with 127.0.0.1[127.0.0.1] while sending RCPT TO) in maillog. Infact, I tried to run manually an SMTP transaction agains Amavisd-new and I got: server:~ # telnet localhost 10024 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 [127.0.0.1] ESMTP amavisd-new service ready ehlo domain.tld 250-[127.0.0.1] 250-VRFY 250-PIPELINING 250-SIZE 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 XFORWARD NAME ADDR PROTO HELO mail from: 421 4.3.2 Service shutting down, closing channel Connection closed by foreign host. Finally, I looked at at amavisd-new temporary directory and was full: server:~ # df -k . . Filesystem 1K-blocks Used Available Use% Mounted on /dev/shm2621442621440 100% /var/amavis/scan Now, I ask: 1) It was Amavisd-new that interrupted SMTP transaction after reload or the filesystem was fullfilled and Amavisd-new stopped to work (closing SMTP transaction everytime) 2) Is there a safe way to reloading amavisd-new? Thanks in advance, rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Another secondary virus scanner
> > > Just move it from @av_scanners to the @av_scanners_backup list > > > and keep clamd as a primary virus scanner. > > > > I never have read the conf file completely... :-( Sorry.. > > Now I have: > > @av_scanners = ( ... > > @av_scanners_backup = ( ... > > > But from docs it seems to me that in this manner every message is > > scanned two time anyway.. Is this true? > > No. > > > Could I set up Amavisd-new so that I skip the secondary av scanner > > if the first detect that the message is infected? > > Secondary scanners are skipped is at least one primary provides > a definitive answer (clean or infected, not a failure). > > amavisd.conf-sample: > > # If no virus scanners from the @av_scanners list produce 'clean' nor > # 'infected' status (i.e. they all fail to run or the list is empty), > # then _all_ scanners from the @av_scanners_backup list are tried > # (subject to $first_infected_stops_scan). When there are both > # daemonized and equivalent or similar command-line scanners available, > # it is customary to place slower command-line scanners in the > # @av_scanners_backup list. The default choice is somewhat arbitrary, > # move entries from one list to another as desired, keeping main > scanners > # in the primary list to avoid warnings. > > Mark Thanks Mark. Now is all clear. rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Another secondary virus scanner
> > The CPU has grown again.. I fear that I have to disable it!
>
> Just move it from @av_scanners to the @av_scanners_backup list
> and keep clamd as a primary virus scanner.
>
I never have read the conf file completely... :-( Sorry..
Now I have:
@av_scanners = (
### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
['ClamAV-clamscan', 'clamscan',
"--stdout --no-summary -r --tempdir=$TEMPBASE {}",
[0], qr/:.*\sFOUND$/, qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);
@av_scanners_backup = (
### http://www.nai.com/
['NAI McAfee AntiVirus (uvscan)', 'uvscan',
'--secure -rv --mime --summary --noboot - {}', [0], [13],
qr/(?x) Found (?:
\ the\ (.+)\ (?:virus|trojan) |
\ (?:virus|trojan)\ or\ variant\ ([^ ]+) |
:\ (.+)\ NOT\ a\ virus)/,
# sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'},
# sub {delete $ENV{LD_PRELOAD}},
],
);
But from docs it seems to me that in this manner every message is
scanned two time anyway.. Is this true? Could I set up Amavisd-new so
that I skip the secondary av scanner if the first detect that the
message is infected?
rocsca
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Another secondary virus scanner
> https://secure.nai.com/apps/downloads/free_evaluations/default.asp?regi > > > on=us&segment=small > > > > I will try and I'll let you know.. > > > > The CPU has grown again.. I fear that I have to disable it! > Or maybe is there a way to set 'uvscan' as secondary mail scanner and to scan email only if the primary mail scanner fails? rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Another secondary virus scanner
> https://secure.nai.com/apps/downloads/free_evaluations/default.asp?regi > > on=us&segment=small > > I will try and I'll let you know.. > The CPU has grown again.. I fear that I have to disable it! rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Another secondary virus scanner
> Frown indeed - that's ancient, and I believe EOL'd. See the trial > version of 5.30 McAfee VirusScan Command Line Scanner for Linux > > here: > > https://secure.nai.com/apps/downloads/free_evaluations/default.asp?regi > on=us&segment=small I will try and I'll let you know.. Many thanks, rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Another secondary virus scanner
> > due to high load of my Postfix+Amavisd-new+MySQL boxes, I have had to > > disable the primary virus scanner (UVSCAN). I found that UVSCAN is > very > > I have found that ClamAV detects as much or more than uvscan. Can you > place uvscan as a backup scanner? > > > CPU expensive so I had no other choice other then disable it. So How do I have to configure amavisd-new? > Do you have the v5.30 engine? It is significantly faster than the > v5.20 > or v5.10 engines. See related thread: > # uvscan --version Virus Scan for Linux v4.40.0 :- > http://groups.google.com/group/mailing.unix.amavis- > user/browse_thread/thread/290df7dc7b1fcb39/1cf69cf9691e083f?lnk=gst&q=u > vscan+MrC#1cf69cf9691e083f Thanks, rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Another secondary virus scanner
Hello, due to high load of my Postfix+Amavisd-new+MySQL boxes, I have had to disable the primary virus scanner (UVSCAN). I found that UVSCAN is very CPU expensive so I had no other choice other then disable it. So Amavisd-new at the moment is using only CLAMAV. If it crash or stops working for some reason, my mail gateway doesn't deliver email at all. Since I find CLAMAV an effective virus scanner, I would like a similar tool (demonized, open source, active project) that I can use as secondary virus scanner for my Postfix+Amavisd-new+MySQL platform. TIA, rocsca - This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Time out cause
> > status=deferred (delivery temporarily suspended: conversation with > > 127.0.0.1[127.0.0.1] timed out while receiving the initial server > > greeting) > > Is postfix trying to open more connections to amavisd than > there are amavisd child processes ($max_servers) running? > Is this a pre-queue filtering setup? > Yes, I have a pre-queue filtering setup. I have no idea if Postfix has reached the number of connections equal to $max_servers.. :-( But I think that this is normally done.. > > Moreovere I tried to lauch amavisd-nanny but I get: > > > > # /usr/local/src/amavisd-new-2.5.3/amavisd-nanny > > process-id task-id elapsed inelapsed-bar (dots > indicate idle) > >or state idle or busy > > BDB no dbN 1: Unknown locker ID: 4a19cd No such file or > directory at > > /usr/local/src/amavisd-new-2.5.3/amavisd-nanny line 122. > > The BerkeleyDB::Hash::new failed, it reported 'Unknown locker > ID: 4a19cd' > as a primary error (the 'No such file or directory' might be bogus). Infact.. > > # rpm -qa | grep db > > dbus-1-0.60-33.2 > > db-4.3.29-15.2 > > gdb-6.4-19.10 > > dbus-1-mono-0.60-33.2 > > dbus-1-python-0.60-33.2 > > db-devel-4.3.29-15.2 > > gdbm-1.8.3-243.2 > > db-utils-4.3.29-15.2 > > dbus-1-glib-0.60-33.2 > > gdbm-devel-1.8.3-243.2 > > > > I can't figure out what it can be the cause as I have the same > > software installed on a different macchine and all works fine.. > > > > Moreover, could be the two anomalies related? > > Don't know, could be related if both problems show up at the > same time. If a database would end up in a permanently-locked > state, the 'conversation with 127.0.0.1 timed out while > receiving the initial server greeting' could also be a > symptom. Amavisd log might be able to tell more. Trying db > 4.4.20 or later might help too. OK. I have reloaded amavisd-new and all has continued to works correctly. It seems a 'one-time' problem. But anyway it coulb be pretty nice to point the cause. The main disease was that I didn't be aware that amavisd-new didn't work at all. The postfix active queue has reached an huge number of messages. So, now, I have found a way to monitor the status of amavisd-new, watching the size of Postfix queues and the latency of messages.. Thanks, rocsca - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Time out cause
Hello, I'm using Amavisd-new+MySQL+Postfix platform. I saw some message in maillog: status=deferred (delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting) Moreovere I tried to lauch amavisd-nanny but I get: # /usr/local/src/amavisd-new-2.5.3/amavisd-nanny process-id task-id elapsed inelapsed-bar (dots indicate idle) or state idle or busy BDB no dbN 1: Unknown locker ID: 4a19cd No such file or directory at /usr/local/src/amavisd-new-2.5.3/amavisd-nanny line 122. exited I have the following 'db' package installed: # rpm -qa | grep db dbus-1-0.60-33.2 db-4.3.29-15.2 gdb-6.4-19.10 dbus-1-mono-0.60-33.2 dbus-1-python-0.60-33.2 db-devel-4.3.29-15.2 gdbm-1.8.3-243.2 db-utils-4.3.29-15.2 dbus-1-glib-0.60-33.2 gdbm-devel-1.8.3-243.2 I can't figure out what it can be the cause as I have the same software installed on a different macchine and all works fine.. Moreover, could be the two anomalies related? TIA, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SQL DB schema issue
Thanks Mark, > Rocsca, > > > I'm using SA with SQL support under Amavid-new. My DBMS is MySQL. > > I 'm preparing one another Antispam server and I ve installed the > > latest stable software available. > > I ve dumped bayes DB (schema + data) from an already > working machine > > and I ve restore them on the new machine. > > But when I try to start amavisd in debug mode I get the following > > errors: > > > > May 28 17:37:29.010 av8.stt.vir /usr/local/sbin/amavisd[17102]: > > SpamAssassin debug facilities: info > > bayes: database version 0 is different than we understand > (3), aborting! > > at > /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/BayesStore/SQL.pm > > line 136. > > > May 28 17:37:30.155 av8.stt.vir /usr/local/sbin/amavisd[17102]: > > (!!)TROUBLE in pre_loop_hook: check: no loaded plugin implements > > 'check_main': cannot scan! at > > > /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/PerMsgStatus.pm line > > 164. > > > While the version specified in the database is really '3'. > > What it could be the source of this error? > > The "bayes: database version 0 is different than we understand" > error is typically a misleading side effect of some other > error (possibly unreported by SpamAssassin). Either a bayes > database was not accessible at all (using username and > password as configured), or SpamAssassin installation is > broken or too heavily protected. > Could also be caused by running chrooted and not having SQL > database accessible from a jail. I have no problem accessing via mysql client: # su - amavis [EMAIL PROTECTED]:~> mysql -h 127.0.0.1 -u bayes -p bayes Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 242 Server version: 5.0.45-log Source distribution Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> but mysql> show tables; +-+ | Tables_in_bayes | +-+ | awl | +-+ 1 row in set (0,00 sec) So I think I ve foud the cause.. :-) rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] SQL DB schema issue
Hello, I'm using SA with SQL support under Amavid-new. My DBMS is MySQL. I 'm preparing one another Antispam server and I ve installed the latest stable software available. I ve dumped bayes DB (schema + data) from an already working machine and I ve restore them on the new machine. But when I try to start amavisd in debug mode I get the following errors: May 28 17:37:29.010 av8.stt.vir /usr/local/sbin/amavisd[17102]: SpamAssassin debug facilities: info bayes: database version 0 is different than we understand (3), aborting! at /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/BayesStore/SQL.pm line 136. bayes: database version 0 is different than we understand (3), aborting! at /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/BayesStore/SQL.pm line 136. May 28 17:37:30.155 av8.stt.vir /usr/local/sbin/amavisd[17102]: (!!)TROUBLE in pre_loop_hook: check: no loaded plugin implements 'check_main': cannot scan! at /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/PerMsgStatus.pm line 164. Suicide () TROUBLE in pre_loop_hook: check: no loaded plugin implements 'check_main': cannot scan! at /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/PerMsgStatus.pm line 164. While the version specified in the database is really '3'. What it could be the source of this error? Thanks, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] How to justify amavisd-new delay
> > > Since the bottleneck is SA and not Postfix you should rather use > > > load balancing for the internal forwarding to amavisd-new and > > > distribute the load of content scanning to different machines. > > > > It could be a reasonable remark.. > > > > > Set in master.cf of postfix for example -o > > > content_filter=amavisd-new:amavis.domain.tld:10024 > > > > > > amavis.domain.tld can also be a MX record. If all amavisd-new > > > processes on the machine with the highest priority are in use, > > > postfix should automatically forward the mail to the box with the > > > successive priority. > > > > If I have server SMTP gateway server, how could I tell to > postfix to > > route one message to one of them (eg: suppose that I have 3 smtp > > gateway, say IP1, IP2, IP3, then how could I tell to > postfix that mail > > received must be rerouted to amavisd-new on one of the machine IP1, > > IP2 or IP3?)? > > Either by using DNS round robin for amavis.domain.tld with > IP1, IP2, IP3 or by using MX records with three entries for > amavis.domain.tld as described above > > > > With > > > $forward_method = 'smtp:*:10025'; > > > in amavisd.conf amavis will forward the scanned message > back to the > > > originating postfix server and you can share several amavis > > > installations on more than one SMTP gateway making it possible to > > > use also round robin for your SMTP gateways. Sorry, Please, could you be more clear? I have n SMTP gateway server (Postfix+MySQL+Amavisd-new). The amavisd-new socket is bound on the localhost interface, so it will never accept connection from another SMTP gateway: tcp0 0 127.0.0.1:10024 0.0.0.0:* LISTEN Should I make Amavisd-new listen on *? The same problem for reinjection socket.. What cause this in terms of security? Finally, where I have exactly to put: content_filter=amavisd-new:amavis.domain.tld:10024 in master.cf? > > > > My only fear is that a such approach could icrease > drastically the DMZ > > network traffic.. :-( > > You're simply doubling the number of mails transferred within > your network. > As long as your network load isn't already at 50% this > shouldn't be a problem. mmh.. I have to verify.. Any idea on how? rocsca - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] How to justify amavisd-new delay
> Since the bottleneck is SA and not Postfix you should rather > use load balancing for the internal forwarding to amavisd-new > and distribute the load of content scanning to different machines. It could be a reasonable remark.. > Set in master.cf of postfix for example > -o content_filter=amavisd-new:amavis.domain.tld:10024 > > amavis.domain.tld can also be a MX record. If all amavisd-new > processes on the machine with the highest priority are in > use, postfix should automatically forward the mail to the box > with the successive priority. If I have server SMTP gateway server, how could I tell to postfix to route one message to one of them (eg: suppose that I have 3 smtp gateway, say IP1, IP2, IP3, then how could I tell to postfix that mail received must be rerouted to amavisd-new on one of the machine IP1, IP2 or IP3?)? > With > $forward_method = 'smtp:*:10025'; > in amavisd.conf amavis will forward the scanned message back > to the originating postfix server and you can share several > amavis installations on more than one SMTP gateway making it > possible to use also round robin for your SMTP gateways. My only fear is that a such approach could icrease drastically the DMZ network traffic.. :-( rocsca - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] How to justify amavisd-new delay
> As you have found, it's very difficult to do anything other > than very crude load management via DNS. Obviously you can > make it a little bit better by keeping your DNS TTLs short, > but it's a very blunt tool. > > The only load-balancing method that provides a more > immediate and tunable response is to use a different > (non-DNS) approach, such as a hardware load-balancer (I <3 my > Foundry ServerIron) or some routing-based software system > such as CARP. > > When one server is congested, your best bet and simplest > soulution may be to simply suspend the incoming SMTP by > editing the postfix master.cf file, temporarily comment out > the line which has Postfix listening on port 25, and reload > Postfix. This is a drastic measure, but I've used it from > time to time to manually allow one server to clear a big > backlog. Once the backlog has cleared, you *MUST* remember > to uncomment the line and reload Postfix again, so that it > can resume accepting mail. I very appreciate your answer. It is what I felt.. Indeed, to stop accepting connection on port 25 on the congestioned server It could be a good way to tackle an emergency situation.. (BTW, what lines I have to comment in master.cf?) But in this manner when the server is choosen by DNS to deliver one message, the SMTP sender gets a "Connection refused" error message.. :-( This could be a worst situation in front an high delivery delay due to congestioned queue.. rocsca - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] How to justify amavisd-new delay
> Thanks Gary, > > you're explanation is very brief and fully explanatory. > > I surely will execute some measurement of SA efficiency by > increasing log verbosity. > > In the mean time I find very embarassing some situations > where I have a congtestioned SMTP gateway server and I can't > avoid new incoming SMTP session from being managed by that > server (In this manner I only increase congestion. While I > like to let that server to 'digest' the queued mail traffic > before accepting new SMTP connection, and redirect the new > SMTP connection on other SMTP gateway server of my mail system). > > I use DNS balancing and when a queue on a server is > congestioned I get no effect from taking away that server > from being pointed by an MX record, because DNS changes > propagations take long time. :-) > > Is there any trick to tackle this issue? Any answer will be appreciate, even if it not came directly from Gary.. :-) rocsca - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] How to justify amavisd-new delay
> >From what I understand from these posts: > http://marc.info/?l=postfix-users&m=117199107216689 > http://marc.info/?l=postfix-users&m=118582818426445 > your active queue is overloaded. If this is the case, this > often is a result of messages coming in faster than they are > going out (quite often due to the amount of time it takes to > scan messages). I think you have been fighting this same > problem for years now, as a number of others have too. > > Essentially, from: > http://www.postfix.org/QSHAPE_README.html#active_queue > "Congestion occurs in the active queue when one or more > destinations drain slower than the corresponding message input rate." > > I would start by looking at some TIMING data ($log_level = > 2;) to see how much time amavis spends on various functions > (very likely spamassassin is where the most time is spent). > If it is spamassassin, I would next break down exactly what > SA is spending the most time on. > > http://marc.info/?l=amavis-user&m=120284838504641 > http://marc.info/?l=amavis-user&m=118799923325417 > http://marc.info/?l=amavis-user&m=120283445607760 > > This happens frequently. You can walk through a number of > posts from the postfix-users archives from this link: > http://marc.info/?l=postfix-users&w=2&r=1&s=active+queue&q=t > > Also interesting reading (even if are not running Postfix 2.5): > http://www.postfix.org/STRESS_README.html > > -- > Gary V Thanks Gary, you're explanation is very brief and fully explanatory. I surely will execute some measurement of SA efficiency by increasing log verbosity. In the mean time I find very embarassing some situations where I have a congtestioned SMTP gateway server and I can't avoid new incoming SMTP session from being managed by that server (In this manner I only increase congestion. While I like to let that server to 'digest' the queued mail traffic before accepting new SMTP connection, and redirect the new SMTP connection on other SMTP gateway server of my mail system). I use DNS balancing and when a queue on a server is congestioned I get no effect from taking away that server from being pointed by an MX record, because DNS changes propagations take long time. :-) Is there any trick to tackle this issue? rocsca - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] How to justify amavisd-new delay
Hello, I submit you this few maillog rows: Mar 19 12:25:38 av5 postfix/cleanup[16063]: C059E228463: message-id=<[EMAIL PROTECTED] main1spa.it> Mar 19 12:25:38 av5 postfix/qmgr[20646]: C059E228463: from=<[EMAIL PROTECTED]>, size=3494, nrcpt=1 (queue active) Mar 19 13:00:56 av5 postfix/smtp[28218]: C059E228463: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=19, delay=2118, delays=0.07/2107/0/11, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as E262322FBAA) Mar 19 13:00:56 av5 postfix/qmgr[20646]: C059E228463: removed av5:/etc/rc.d # cat /var/log/mail | grep E262322FBAA Mar 19 13:00:56 av5 postfix/smtpd[28145]: E262322FBAA: client=localhost[127.0.0.1] Mar 19 13:00:56 av5 postfix/cleanup[27101]: E262322FBAA: message-id=<[EMAIL PROTECTED] main1spa.it> Mar 19 13:00:56 av5 postfix/qmgr[20646]: E262322FBAA: from=<[EMAIL PROTECTED]>, size=3932, nrcpt=1 (queue active) Mar 19 13:00:56 av5 postfix/smtp[28218]: C059E228463: to=<[EMAIL PROTECTED]>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=19, delay=2118, delays=0.07/2107/0/11, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as E262322FBAA) Mar 19 13:00:57 av5 postfix/smtp[22672]: E262322FBAA: to=<[EMAIL PROTECTED]>, relay=mail4.domain2.it[xxx.yyy.zzz.www]:25, delay=0.28, delays=0.02/0.03/0.01/0.22, dsn=2.0.0, status=sent (250 Ok: queued as F119A109806A) My SMTP gateway is work heavily.. I noted that the bottleneck is amavisd-new since for some messages (even if they are simple short text message) it takes a long time to scan them (see above). Or maybe am I wrong? Maybe (2107 bytes) the delay include the time the message is waiting in some queue before to be scanned? Thanks, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Too false negative
Hello, Since some days the number of SMTP connections rejected by my server is increased (maybe doubled). It doesn't worry me. But there is a side effect because even the number of false negative is increased. For example, at the moment a spam message with this header is considered clean by Amavisd-new-2.5.3+SpamaAssiassin-3.2.4: Received: from ([]) by ntfi10.hq.ignesti.it with Microsoft SMTPSVC(6.0.3790.3959); Tue, 26 Feb 2008 08:09:48 +0100 Received: from localhost (localhost [127.0.0.1]) by (Postfix) with ESMTP id 9D8E775037D; Tue, 26 Feb 2008 08:09:48 +0100 (CET) MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="_=_NextPart_004_01C87846.932E4D28" Received: from ([127.0.0.1]) by localhost (av4.stt.vir [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kgXmlG1zg5ao; Tue, 26 Feb 2008 08:09:46 +0100 (CET) X-MimeOLE: Produced By Microsoft Exchange V6.5 Received: from [125.128.59.158] (unknown [125.128.59.158]) by (Postfix) with ESMTP id 9CF34750371; Tue, 26 Feb 2008 08:09:45 +0100 (CET) Received: from [125.128.59.158] by dator.plaahn.com; Tue, 26 Feb 2008 16:38:13 +0900 Content-class: urn:content-classes:message Subject: Comprate la forza per il pene, e salvate 85 %. Date: Tue, 26 Feb 2008 08:38:13 +0100 Message-ID: <[EMAIL PROTECTED]> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Comprate la forza per il pene, e salvate 85 %. Thread-Index: Aca6QAN67HSGN9YGB40WPNS14XFFVQ== From: "Wesley Hutchinson" <[EMAIL PROTECTED]> To: "Mosconi Raoul" I use a PRE-LISTING : reject_rbl_client zen.spamhaus.org reject_rbl_client list.dsbl.org And I update SA ruleset regularly with rules_du_jour and sa-update. How I have to do to make my system more reliable? Thanks in advance, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Bad file descriptor
On my mail gateway, amavisd-new has deferred some message with the following message: Service shutting down, Can't write to mail file: Bad file descriptor at (eval 62) line 626, chunk 69. (in reply to end of DATA command)) What it could be happened? BTW, then the message was accepted and forwarded to the destination. rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] 'AM.PDP' policy
> Rocsca, > >> - After I finished my test, I have tried to return the the original >> configuration. So I have dropped the '$inet_socket_bind = undef' >> configuration line, and then I have restarted amavisd-new. >> - Amavisd-new was correctly bound on local local port. But no connection >> from postifix was accepted (I get the message above). >> - In order to work, I had to set again '$inet_socket_bind = undef' in >> amavisd.conf and restart.. > > http://www.ijs.si/software/amavisd/#faq-net-server > > Try stopping amavisd fully, wait a few seconds, then restart. > See if this helps. I have upgraded my startup script.. restart) # $0 stop # $0 start $0 reload ;; And this time amavisd-new has restarted succesfully without '$inet_socket_bind = undef'. Thanks, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] 'AM.PDP' policy
>> > > $inet_socket_bind = undef; > >> Anyway, if I switch again to the amavisd-new conf without " >> $inet_socket_bind = undef", amavisd refuse connection from postfix: >> dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to >> 127.0.0.1[127.0.0.1]: Connection refused) >> >> why? > > I don't understand why you are asking this, you already know the > answer: if $inet_socket_bind is undef, amavisd binds to all interfaces; > if it is set to some IP address, it binds to that interface ONLY. > The default setting (see: amavisd.conf-default) is '127.0.0.1', > i.e. to bind to a loopback interface *only*. I'm afraid that you don't understand the scenario. - Before, I haven't set any such '$inet_socket_bind' in my amavisd.conf (so amavisd was boun on local interface only). - At a time, I need to reach AM.PDP listening on port 9998 from remote, and so I have set '$inet_socket_bind = undef'. Again, all worked as I aspected. - After I finished my test, I have tried to return the the original configuration. So I have dropped the '$inet_socket_bind = undef' configuration line, and then I have restarted amavisd-new. - Amavisd-new was correctly bound on local local port. But no connection from postifix was accepted (I get the message above). - In order to work, I had to set again '$inet_socket_bind = undef' in amavisd.conf and restart.. - Since then Amavisd continued to accept connection from postfix. I'm simply posted my question to get an explanation this strange beaviour... > Sure, what did you expect??? My description seems to be so logical... rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] 'AM.PDP' policy
> > > I have set:
> > > $inet_socket_port = [10024,10027,9998];
> $interface_policy{'9998'} =
> > > 'AM.PDP'; $policy_bank{'AM.PDP'} = {
> > > protocol => 'AM.PDP',
> > > inet_acl => [qw( 127.0.0.1 [::1] 10.166.231.245
> )], }; For
> > > MailZU installation purpouse, i need to access to
> > Amavisd-new server
> > > from remote (10.166.231.245). While I saw that AMPDP socket
> > is bound
> > > to
> > > 9998 on local interface. How I could solve this trouble?
> >
> > $inet_socket_bind = undef;
>
> Thanks,
>
Anyway, if I switch again to the amavisd-new conf without "
$inet_socket_bind = undef", amavisd refuse connection from postfix:
dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to
127.0.0.1[127.0.0.1]: Connection refused)
why?
Please note that amavisd-new starts regularly and that it bound correcly
to the 10024 port.
I have tried several time to restart amavisd-new and postfix without
success. I had had to restore " $inet_socket_bind = undef;" so that
amavisd-new continue to access connection and so to continue to work
correctly..
(If youneed, I have the 'amavisd debug' output that doesn't report
nothing of particular anyway - for me)
rocsca
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] 'AM.PDP' policy
> > I have set:
> > $inet_socket_port = [10024,10027,9998]; $interface_policy{'9998'} =
> > 'AM.PDP'; $policy_bank{'AM.PDP'} = {
> > protocol => 'AM.PDP',
> > inet_acl => [qw( 127.0.0.1 [::1] 10.166.231.245 )], }; For
> > MailZU installation purpouse, i need to access to
> Amavisd-new server
> > from remote (10.166.231.245). While I saw that AMPDP socket
> is bound
> > to
> > 9998 on local interface. How I could solve this trouble?
>
> $inet_socket_bind = undef;
Thanks,
rocsca
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] 'AM.PDP' policy
I have set:
$inet_socket_port = [10024,10027,9998];
.
.
.
$interface_policy{'9998'} = 'AM.PDP';
$policy_bank{'AM.PDP'} = {
protocol => 'AM.PDP',
inet_acl => [qw( 127.0.0.1 [::1] 10.166.231.245 )],
};
For MailZU installation purpouse, i need to access to Amavisd-new server
from remote (10.166.231.245). While I saw that AMPDP socket is bound to
9998 on local interface. How I could solve this trouble?
Thanks,
rocsca
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Shared quarantine
> > I have a frontend SMTP gateway that serves serveral domains. The > > frontend spans trhough several server. Every server has the same > > configuration/hardware. The platform of every server is > > Postfix+MySQL+Amavisd-new. > > > > I would like to enhanche my system implementing a shared quarantine > > (hopefully an SQL quarantine). > > multiple amavisd instances (across different hosts) can > quarantine messages to the same SQL database, if desired. > > > And then to setup a Web application to access to the > quarantine after > > the admin for a domain has authenticated against MySQL. The > > application has to permit the user to browse the messages > quarantined > > and destined for its domains, and then to release > eventually some of > > them. > > > > Someone could give me some instructions on how I have to > proceed and > > what choices I could do? > > I think the MailZu fits this description well: > http://www.mailzu.net/ Thanks, I have already started to investigate on this track.. ;-) rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] @lookup_sql_dsn
> > @lookup_sql_dsn > > It is worth to use it? What I have to put in amavis SQL database. > > If static lookups meet your needs, there is no advantage to > enable SQL-based lookups. > > The main advantage of SQL-based (or LDAP-based) lookups is > that changes in a database take effect immediately, no need > for amavisd restart. I think that this is no bad.. :-) Could someone point out me a way to easily change settings on the DB using an Amavisd-new+SQL setup? Maybe a widely used web interface? Thanks, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] @lookup_sql_dsn
It is worth to use it? What I have to put in amavis SQL database. Thanks, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] README.sql
Configuration error found: $virus_quarantine_method = '@sql'; $spam_quarantine_method = '@sql'; $banned_quarantine_method = '@sql'; $bad_header_quarantine_method = '@sql'; instead of: $virus_quarantine_method = 'sql:'; $spam_quarantine_method = 'sql:'; $banned_quarantine_method = 'sql:'; $bad_header_quarantine_method = 'sql:'; So now all works. Thanks to Mark and Gary. rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] README.sql
Mark, > Rocco, > >> av4:~ # tail -f /var/log/amavis | grep [EMAIL PROTECTED] > ... >> Jan 17 17:26:42 av4 amavis[340]: (00340-02-38) lookup >> (score_sender<[EMAIL PROTECTED]>) => undef, "[EMAIL PROTECTED]" does not >> match >> Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) SPAM-KILL, >> <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, score=999.164, kill=6.31 >> Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) lookup >> Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) DO_QUARANTINE, sender: >> <[EMAIL PROTECTED]> Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) prolong_timer check done: remaini ng time = 473 s Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) sending SMTP response: "451 4.5.0 Error in processing, id=00340-02-38, quar+notif FAILED: Explicit forwarding, bu t not all recips done at /usr/local/sbin/amavisd line 3083." Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) ESMTP> 451 4.5.0 Error in process ing, id=00340-02-38, quar+notif FAILED: Explicit forwarding, but not all recips done at /usr/local/sbin/amavisd line 3083. Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) switch_to_client_time 480 s, smtp response sent Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) TIMING [total 8036 ms] - lookup_s ql: 10 (0%)0, SMTP pre-DATA-flush: 3 (0%)0, SMTP DATA: 26 (0%)0, check_init: 1 ( 0%)0, digest_hdr: 1 (0%)0, digest_body: 0 (0%)0, sql-enter: 28 (0%)1, mime_decod e: 20 (0%)1, get-file-type2: 25 (0%)1, decompose_part: 2 (0%)1, decompose_part: 2 (0%)1, parts_decode: 0 (0%)1, check_header: 5 (0%)2, AV-scan-1: 96 (1%)3, AV-s can-2: 6400 (80%)82, spam-wb-list: 8 (0%)82, SA msg read: 1 (0%)82, SA parse: 4 (0%)83, SA check: 1004 (12%)95, SA finish: 19 (0%)95, update_cache: 266 (3%)99, decide_mail_destiny: 102 (1%)100, SMTP pre-response: 13 (0%)100, SMTP response: 1 (0%)100, rundown: 1 (0%)100 Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) idle_proc, 6: was busy, 8026.2 ms , total idle 3.497 s, busy 296.086 s Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) idle_proc, 5: was idle, 84.8 ms, total idle 3.582 s, busy 296.086 s Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) ESMTP< RSET\r\n Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) switch_to_my_time 480 s, SMTP RSET received Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) ESMTP> 250 2.0.0 Ok RSET Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) switch_to_client_time 480 s, smtp response sent Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) idle_proc, 6: was busy, 56.2 ms, total idle 3.582 s, busy 296.142 s Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) idle_proc, 5: was idle, 0.2 ms, t otal idle 3.582 s, busy 296.142 s Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) ESMTP< XFORWARD NAME=unknown ADDR =10.38.200.62\r\n Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) switch_to_my_time 480 s, SMTP XFORWARD received Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) ESMTP> 250 2.5.0 Ok XFORWARD Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) switch_to_client_time 480 s, smtp response sent Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) idle_proc, 6: was busy, 1.1 ms, t otal idle 3.582 s, busy 296.144 s Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) idle_proc, 5: was idle, 0.2 ms, t otal idle 3.582 s, busy 296.144 s Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) ESMTP< XFORWARD PROTO=ESMTP HELO= EXCH03.bapulia.it\r\n Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) switch_to_my_time 480 s, SMTP XFORWARD received Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) ESMTP> 250 2.5.0 Ok XFORWARD Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) switch_to_client_time 480 s, smtp response sent Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) idle_proc, 6: was busy, 1.0 ms, t otal idle 3.582 s, busy 296.145 s Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) idle_proc, 5: was idle, 0.2 ms, t otal idle 3.582 s, busy 296.145 s Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) ESMTP< MAIL FROM:<> SIZE=11429 BO DY=8BITMIME\r\n Jan 17 17:26:44 av4 amavis[340]: (00340-02-38) switch_to_my_time 480 s, SMTP MAIL received Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) check_mail_begin_task: task_count =40 Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) TempDir::prepare: creating direct ory /var/amavis/scan/amavis-20080117T172644-00340 Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) TempDir::prepare_file: creating f ile /var/amavis/scan/amavis-20080117T172644-00340/email.txt Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) TempDir::prepare_file: layers: un ix,perlio Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) lookup_ip_acl (mynetworks): key=" 10.38.200.62" matches "10.0.0.0/8", result=1 Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) lookup_acl(), no match Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) lookup (debug_sender) => undef, " " does not match Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) DEBUG_ONESHOT: TURNED OFF Jan 17 17:26:44 av4 amavis[340]: (00340-02-39) ESMTP< MAIL FROM:<> SIZE=11429 BO DY=8BITMIME\r\n >> Please note all 'RO tables' are empty. > > These are irrelevant as long as @lookup_sql_
Re: [AMaViS-user] README.sql
> Other than what I mentioned about sending test messages from trusted
> users (users in a policy bank that allows spam to pass for example),
> nothing comes to mind.
>
> I would prepare a spam message (gtube for example):
> http://spamassassin.apache.org/gtube/gtube.txt
>
> and send it from a hotmail or yahoo account (that is not whitelisted)
> and place the sender's address in:
>
> @debug_sender_maps = ( ['[EMAIL PROTECTED]'] );
>
> The first email received from this sender (after amavisd-new is
> reloaded) will log at $log_level 5. I would then look at all the log
> entries for this particular transaction and see if you can discover
> the problem. If not, maybe you could post it to a http server for
> others to look at.
av4:~ # tail -f /var/log/amavis | grep [EMAIL PROTECTED]
Jan 17 17:26:35 av4 amavis[340]: (00340-02-38) ESMTP< MAIL
FROM:<[EMAIL PROTECTED]> SIZE=3894\r\n
Jan 17 17:26:35 av4 amavis[340]: (00340-02-38) ESMTP> 250 2.1.0 Sender
<[EMAIL PROTECTED]> OK
Jan 17 17:26:35 av4 amavis[340]: (00340-02-38) ESMTP::10024
/var/amavis/scan/amavis-20080117T172354-00340: <[EMAIL PROTECTED]> ->
<[EMAIL PROTECTED]> SIZE=3894 Received: from av4.sttspa.it ([127.0.0.1]) by
localhost (av4.stt.vir [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
for <[EMAIL PROTECTED]>; Thu, 17 Jan 2008 17:26:35 +0100 (CET)
Jan 17 17:26:35 av4 amavis[340]: (00340-02-38) find_or_save_addr: record
inserted, id=1522, [EMAIL PROTECTED]
Jan 17 17:26:35 av4 amavis[340]: (00340-02-38) save_info_preliminary:
1522, [EMAIL PROTECTED], new
Jan 17 17:26:35 av4 amavis[340]: (00340-02-38) Checking: XhbGjz-Z0mgS
[72.14.214.231] <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38) wbl: checking sender
<[EMAIL PROTECTED]>
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38) query_keys:
[EMAIL PROTECTED], pesce@, gmail.com, .gmail.com, .com, .
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38)
lookup_hash([EMAIL PROTECTED]), no matches
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38) lookup (blacklist_sender)
=> undef, "[EMAIL PROTECTED]" does not match
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38) query_keys:
[EMAIL PROTECTED], pesce@, gmail.com, .gmail.com, .com, .
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38)
lookup_hash([EMAIL PROTECTED]), no matches
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38) lookup (whitelist_sender)
=> undef, "[EMAIL PROTECTED]" does not match
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38)
lookup_re("[EMAIL PROTECTED]"), no matches
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38) query_keys:
[EMAIL PROTECTED], pesce@, gmail.com, .gmail.com, .com, .
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38)
lookup_hash([EMAIL PROTECTED]), no matches
Jan 17 17:26:42 av4 amavis[340]: (00340-02-38) lookup
(score_sender<[EMAIL PROTECTED]>) => undef, "[EMAIL PROTECTED]" does not match
Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) SPAM-KILL,
<[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]>, score=999.164, kill=6.31
Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) lookup
(spam_quarantine_bysender_to) => undef, "[EMAIL PROTECTED]" does not match
Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) header: X-Envelope-From:
<[EMAIL PROTECTED]>\n
Jan 17 17:26:43 av4 amavis[340]: (00340-02-38) DO_QUARANTINE, sender:
<[EMAIL PROTECTED]>
av4:/etc # cat /var/log/mail | grep EB81B7502A2
Jan 17 17:24:45 av4 postfix/smtpd[1464]: EB81B7502A2:
client=hu-out-0506.google.com[72.14.214.231]
Jan 17 17:24:46 av4 postfix/cleanup[834]: EB81B7502A2:
message-id=<[EMAIL PROTECTED]>
Jan 17 17:24:46 av4 postfix/qmgr[405]: EB81B7502A2:
from=<[EMAIL PROTECTED]>, size=3894, nrcpt=1 (queue active)
Jan 17 17:26:44 av4 postfix/smtp[2004]: EB81B7502A2: to=<[EMAIL PROTECTED]>,
relay=127.0.0.1[127.0.0.1]:10024, conn_use=38, delay=118,
delays=0.65/110/0/8, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1]
said: 451 4.5.0 Error in processing, id=00340-02-38, quar+notif FAILED:
Explicit forwarding, but not all recips done at /usr/local/sbin/amavisd
line 3083. (in reply to end of DATA command))
Please note all 'RO tables' are empty.
rocsca
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] README.sql
>> But, when I not use SQL for quarantine I have not set no one of the >> variable above as well I have not set the variables *_to explicitily. >> and filtering works. Why? >> > > Define what you mean by filtering. Do you mean malware is sent to > quarantine? Exactly. Maybe I have used the incorrect term. But, when I use SQL I see in amavisd.log only 'Passed CLEAN' entry, while when I disable it, then I saw also 'Blocked SPAM', 'Blocked INFECTED' and so on.. entries. > The default for those settings is to quarantine _to local > files. If using SQL, those defaults are also fine. SQL won't > quarantine to files once you turn it on however, it should quarantine > to the SQL database, provided the method is correctly set. So, when I enable SQL, leaving policy table empty, is the same of 'unset' *_to variables. But how do you justify that all log entry are 'Passed CLEAN' when I enable SQL? > What is your $sa_kill_level_deflt set to? $sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 6.31; # add 'spam detected' headers at that level $sa_kill_level_deflt = 6.31; # triggers spam evasive actions $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent > How are you testing? On a SMTP gateway server that manage a significative flow of emails. > Sometimes you might be sending test messages from inside your network > (or from an authenticated user) and end up allowing them to pass due > to a policy bank, or other bypass mechanism. Send a test spam from > outside your network. I have done. rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] README.sql
>> > > I have restarted. The messages are correctly stored in msgs >> > table (it >> > > has been written maddr,msgrcpt tables too). But no spam >> > messages was >> > > detected. Maybe do I have to fill the RO tables before to run >> > > amavisd-new+SQL? >> > >> > Should be: >> > >> > $virus_quarantine_method = 'sql:'; >> > $spam_quarantine_method = 'sql:'; >> > $banned_quarantine_method = 'sql:'; >> > $bad_header_quarantine_method = 'sql:'; >> >> Thanks. But, it must exists at least a policy so that messages are >> filtered for spam? > I could be wrong, but I don't think you need to create the read only > tables. Sorry. For RO tables I mean the following tables: + users + mailaddr + wblist + policy > These following settings cannot be undefined (undef) if you want to > quarantine to them, so I suggest leaving them at their default values. > Setting them to undef means mail will not get quarantined (to each > respective content type). > > # $virus_quarantine_to = 'virus-quarantine'; > # $banned_quarantine_to = 'banned-quarantine'; > # $bad_header_quarantine_to = 'bad-header-quarantine'; > # $spam_quarantine_to = 'spam-quarantine'; > > Then, for instance, with no recipient in SQL, spam should get > quarantined at $sa_kill_level_default. So I think it is just that the mistake: I have not set no one of the above variable. And this has caused that no filtering has been applied. But, when I not use SQL for quarantine I have not set no one of the variable above as well, and filtering works. Why? > Also, remember that spam that scores at or above > $sa_quarantine_cutoff_level will not get quarantined, so check that > setting too. Yes, I do. Thanks, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] README.sql
> > @storage_sql_dsn = ( > > ['DBI:mysql:database=***;host=10.166.231.245;port=3306', > '***', '***'] > > ); $timestamp_fmt_mysql = 1; # if using MySQL *and* > msgs.time_iso is > > TIMESTAMP; > > # defaults to 0, which is good for non-MySQL or if > msgs.time_iso is > > CHAR(16) > > $virus_quarantine_method = '@sql'; > > $spam_quarantine_method = '@sql'; > > $banned_quarantine_method = '@sql'; > > $bad_header_quarantine_method = '@sql'; > > > > I have restarted. The messages are correctly stored in msgs > table (it > > has been written maddr,msgrcpt tables too). But no spam > messages was > > detected. Maybe do I have to fill the RO tables before to run > > amavisd-new+SQL? > > Should be: > > $virus_quarantine_method = 'sql:'; > $spam_quarantine_method = 'sql:'; > $banned_quarantine_method = 'sql:'; > $bad_header_quarantine_method = 'sql:'; Thanks. But, it must exists at least a policy so that messages are filtered for spam? thanks, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] README.sql
Hello. I'm starting to use SQL for storing quarantine. I have set: @storage_sql_dsn = ( ['DBI:mysql:database=***;host=10.166.231.245;port=3306', '***', '***'] ); $timestamp_fmt_mysql = 1; # if using MySQL *and* msgs.time_iso is TIMESTAMP; # defaults to 0, which is good for non-MySQL or if msgs.time_iso is CHAR(16) $virus_quarantine_method = '@sql'; $spam_quarantine_method = '@sql'; $banned_quarantine_method = '@sql'; $bad_header_quarantine_method = '@sql'; I have restarted. The messages are correctly stored in msgs table (it has been written maddr,msgrcpt tables too). But no spam messages was detected. Maybe do I have to fill the RO tables before to run amavisd-new+SQL? Thanks, rocsca - This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Shared quarantine
Hello. I have a frontend SMTP gateway that serves serveral domains. The frontend spans trhough several server. Every server has the same configuration/hardware. The platform of every server is Postfix+MySQL+Amavisd-new. I would like to enhanche my system implementing a shared quarantine (hopefully an SQL quarantine). And then to setup a Web application to access to the quarantine after the admin for a domain has authenticated against MySQL. The application has to permit the user to browse the messages quarantined and destined for its domains, and then to release eventually some of them. Someone could give me some instructions on how I have to proceed and what choices I could do? Thanks, rocsca - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Shared quarantine
Hello. I have a frontend SMTP gateway that serves serveral domains. The frontend spans trhough several server. Every server has the same configuration/hardware. The platform of every server is Postfix+MySQL+Amavisd-new. I would like to enhanche my system implementing a shared quarantine (hopefully an SQL quarantine). And then to setup a Web application to access to the quarantine after the admin for a domain has authenticated against MySQL. The application has to permit the user to browse the messages quarantined and destined for its domains, and then to release eventually some of them. Someone could give me some instructions on how I have to proceed and what choices I could do? Thanks, rocsca - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] X-Spam-Level
> > > What is it that you are seing in X-Spam-Level? > > > It should contain as many $sa_spam_level_char characters > (or short > > > strings) as the score value indicates, rounded to an integer. > > > > the content of root home dir: > > > > X-Spam-Level: Mail autoinst.xml bin ip.awk ip.sh patch-giftext > > pflogsumm-1.1.1 pflogsumm-1.1.1.tar subst.sh > > Some procmail or shell magic on delivery, expanding asterisk > to a contents of a current directory? Infact, I gunzip the quarantined mail to the STDOUT and then I |d the output to the command line interpreter.. I ve escaped the line read and all works fine.. Sorry, rocsca - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] X-Spam-Level
> > Hello, for quarantined emails, I read that this header reports the > > listing of a directory of my file system :-(. > > Who decide the value for this header? > > What is it that you are seing in X-Spam-Level? > It should contain as many $sa_spam_level_char characters (or > short strings) as the score value indicates, rounded to an integer. the content of root home dir: X-Spam-Level: Mail autoinst.xml bin ip.awk ip.sh patch-giftext pflogsumm-1.1.1 pflogsumm-1.1.1.tar subst.sh rocsca - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] X-Spam-Level
Hello, for quarantined emails, I read that this header reports the listing of a directory of my file system :-(. Who decide the value for this header? rocsca - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Local Spam
>> What is 'fail2ban'?
>
> Make Google your friend.
> http://www.fail2ban.org/wiki/index.php/Main_Page
Nice.
But I need to inform a client of my network as soon as I block him.
>> I would like to know if there is something of ready to use..
>>
>> Otherwise, I'm thinking to use awk to get IP and an header of a guilty
>> email to send to the responsible of that IP.
>>
>> #!/bin/sh
>> cat /var/log/amavis | grep -i "Blocked SPAM, LOCAL" | gawk '{ print
>> substr(substr($10,1,length($10)-1),2,length($10)) " " substr($16, 1,
>> length($16)-1) }' | awk ' BEGIN {
>> }
>> {
>> ip[$1] = $2;
>> }
>> END{
>> for (i in ip) {
>> print "echo " i " && gunzip -c /var/virusmails/" ip[i]
>> " | head -20";
>> }
>> }' | sh
>>
>> And run it as a cron job every night.
>>
>> At the moment I lack two things:
>>
>> 1) get only the headers of the emails (and not only the 20 starting
>> lines)
>
> This requires a parser. perl/python/php/C can do that more easily. but I
> am not sure what you are exactly trying to do? (I see the log parsing
> part, but not what you want to do with /var/virusmails).
Sorry, I give you some more insight on what I have done:
- $10 is the '[aaa.bbb.ccc.ddd]' string where aaa.bbb.ccc.ddd is the
sender ip
- $16 is the qurantined message relative to $QUARANTINEDIR
- /var/virusmails is the value of $QUARANTINEDIR
rocsca
-
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Local Spam
> > from my amavid-new log I saw that a significant protion of spam is
> > generated inside my network. Here the command:
> >
> > # cat /var/log/amavis | grep -i "Blocked SPAM, LOCAL"
> >
> > I have configured Postfix so that it lookups an IP for
> client access
> > to my SMTP gataway. If lookup is succesfull, that IP can
> relay trough
> > my server. Otherwise, the client is discarded, rejected or rejected
> > with a 550 customized code.
> >
> > I'ld like to trigger an insert of an IP inside the lookup table as
> > soon as the IP is flashed out of sending spam, with action REJECT.
> >
> > It is possible to do so? Or is a matter of Postfix?
>
> you can parse logs. look for fail2ban and the like.
What is 'fail2ban'?
I would like to know if there is something of ready to use..
Otherwise, I'm thinking to use awk to get IP and an header of a guilty
email to send to the responsible of that IP.
#!/bin/sh
cat /var/log/amavis | grep -i "Blocked SPAM, LOCAL" | gawk '{ print
substr(substr($10,1,length($10)-1),2,length($10)) " " substr($16, 1,
length($16)-1) }' | awk ' BEGIN {
}
{
ip[$1] = $2;
}
END{
for (i in ip) {
print "echo " i " && gunzip -c /var/virusmails/" ip[i]
" | head -20";
}
}' | sh
And run it as a cron job every night.
At the moment I lack two things:
1) get only the headers of the emails (and not only the 20 starting
lines)
2) determine who I have to send the email
rocsca
-
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Local Spam
Hello, from my amavid-new log I saw that a significant protion of spam is generated inside my network. Here the command: # cat /var/log/amavis | grep -i "Blocked SPAM, LOCAL" I have configured Postfix so that it lookups an IP for client access to my SMTP gataway. If lookup is succesfull, that IP can relay trough my server. Otherwise, the client is discarded, rejected or rejected with a 550 customized code. I'ld like to trigger an insert of an IP inside the lookup table as soon as the IP is flashed out of sending spam, with action REJECT. It is possible to do so? Or is a matter of Postfix? rocsca - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Passed UNCHECKED and Blocked UNCHECKED
> > I don't have understood why sometimes the zipped files with > password > > are blocked while other times the are passed. > > > > What is the logic? > > Check the log. At log level 1 search for 'p.path', which > gives the reason for a banning decision. I think zip has a > notion of password protecting individual members, or an > entire archive, which could make a difference. Or perhaps a > scrambled archive is not even recognized as a zip. So you say that if the entire archive is password protected, the email is blocked, otherwise (either id the archive is scrambled) is passed? rocsca - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Passed UNCHECKED and Blocked UNCHECKED
OK I will enable log level = 1 and then I see what happens. rocsca > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Mark Martinec > Sent: Monday, December 10, 2007 5:41 PM > To: amavis-user@lists.sourceforge.net > Subject: Re: [AMaViS-user] Passed UNCHECKED and Blocked UNCHECKED > > Rocco, > > > > > are blocked while other times the are passed. > > > > What is the logic? > > > So you say that if the entire archive is password > protected, the email > > is blocked, otherwise (either id the archive is scrambled) > is passed? > > I just wanted to point out there may be difference in > archives, their structure and their contents, which lead to > one or the other decision. Checking the log will reveal what > was the decisive factor, which can then guide the > modification of rules if necessary. > > Mark > > -- > --- > SF.Net email is sponsored by: > Check out the new SourceForge.net Marketplace. > It's the best place to buy or sell services for just about > anything Open Source. > http://sourceforge.net/services/buy/index.php > ___ > AMaViS-user mailing list > AMaViS-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ > - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Passed UNCHECKED and Blocked UNCHECKED
I don't have understood why sometimes the zipped files with password are blocked while other times the are passed. What is the logic? rocsca - SF.Net email is sponsored by: The Future of Linux Business White Paper from Novell. From the desktop to the data center, Linux is going mainstream. Let it simplify your IT future. http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] zip file with password question
> > I'm trying to figure out how can I do so that Amavisd-new avoid to > > check emails from a particular sender <[EMAIL PROTECTED]> to a > particular > > receiver <[EMAIL PROTECTED]>, with a password protected zipped file > > attached. > > > > Could someone give me an hint? > > > > rocsca > > > > You can create a sort of tunnel that allows particular > senders from a particular network (or clients) to send banned > files to a particular recipient (or recipients) of yours. > > http://www200.pair.com/mecham/spam/bypassing.html#7 Thanks, It works wonderfully! rocsca - SF.Net email is sponsored by: The Future of Linux Business White Paper from Novell. From the desktop to the data center, Linux is going mainstream. Let it simplify your IT future. http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] zip file with password question
Hello, I'm trying to figure out how can I do so that Amavisd-new avoid to check emails from a particular sender <[EMAIL PROTECTED]> to a particular receiver <[EMAIL PROTECTED]>, with a password protected zipped file attached. Could someone give me an hint? rocsca - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Pass spam destined only for some domain
> >> OOPS, I blundered. You cannot bypass spam checks and still
> get spam
> >> tags. You should ONLY use spam_lover if you want mail spam tagged.
>
> > I tried to sent a spam to an address of the spam lover domain:
>
> > /usr/local/src/amavisd-new-2.4.4/test-messages # sendmail -i
> > [EMAIL PROTECTED]
> Sending from the local machine is not a good way to test.
> Send from an external client.
>
> > The message has delivered the the postoffice server in the correct
> > mailbox, but in fact it has no any spam tag (I aspect the
> 'X-Spam-Flag'
> > tag).
>
> Did it have a X-Virus-Scanned: header? If not then you may
> have content_filter disabled for the 'pickup' service in
> master.cf. This is why it's better to test from an external client.
>
> > Why? maybe the domain 'domain.it' is not considered local for
> > amavisd-new? And when a domain is considered local for amavisd-new?
>
> Let me ask you first: in your users table, do you have a 'local'
> field? If not, then every user (except @.) in the database is local.
> If you do have a local field then you would want to set it to
> 'Y'. For recipients that are not in SQL, or for recipients
> that have a 'local'
> field set to NULL, add the domain to @local_domains_maps (you
> should anyway).
>
> >From README.lookups:
>
> Special handling of optional SQL field 'users.local'
>
> A special shorthand is provided when SQL lookups are used:
> when a match for recipient address (or domain) is found in
> SQL tables (regardless of field values), the recipient is
> considered local, regardless of static @local_comains_acl or
> %local_domains lookup tables. This simplifies life when a
> large number of dynamically changing domains is hosted.
> To overrule this behaviour, add an explicit boolean field 'local'
> to table 'users' (missing field defaults to true, meaning
> record match implies the recipient is local; a NULL field
> 'local' is not special, it is interpreted as undef like other
> NULL fields, causing search to continue into other lookup tables).
>
> > Thanks,
> > rocsca
>
> BTW, looking at this:
>
> INSERT INTO policy (id, policy_name, spam_lover,
> spam_kill_level) VALUES (88, 'Pass spam', 'Y', '');
>
> one realizes that while it's probably a good idea to set
> spam_lover, if you set spam_kill_level high enough (like
> ) then the mail will get delivered anyway, so it should
> not be strictly required to also set spam_lover.
>
> The static equivalent would be:
>
> @spam_kill_level_maps = (
> { '.example.com' => },
> \$sa_kill_level_deflt, # catchall default
> );
All works fine!
Thanks,
rocsca
-
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Pass spam destined only for some domain
> If the domain is considered local and the message scores over > spam_tag2_level it should get this tag. Each user in > @example.com could still have a policy where where their > spam_tag2_level is set. > > > rocsca > > Gary V Still thanks, rocsca - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Pass spam destined only for some domain
> If you were not using SQL (or every user in the @example.com > domain had spam_lover = NULL and bypass_spam_checks = NULL) , > you could set: Sorry for the confusion.. > @bypass_spam_checks_maps = ( [qw( .example.com )] ); > @spam_lovers_maps = ( [qw( .example.com )] ); Codld I get spam for one domain and at the same time have the X-Spam-Flag header set in each spam message? rocsca - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Pass spam destined only for some domain
> One possibility (depending on your setup). Create a policy > where every configuration setting is NULL with the exception > of spam_lover and bypass_spam_checks (you need to set both > when bypassing). Something like this: My setup is Amavisd-new+Postfix+MySQL > INSERT INTO policy (id, policy_name, spam_lover, > bypass_spam_checks) VALUES (88, 'Bypass spam checks', 'Y', 'Y'); > > Create a domain wide user (@example.com) with a priority > higher than any normal ([EMAIL PROTECTED]) user for that > domain. Assign this policy to the domain wide user. All > settings except spam_lover and bypass_spam_checks will fall > through to either the normal user's settings if they exist > and are not also NULL, or to static lookups if there is > nothing to key on in SQL. Essentially you are creating a > domain-wide override. I like the idea of policy bank.. but from documentation I have not understood that I can define a policy per domain.. But it seems to me that you are saying that this is possible.. To keep the things simple, could you explain what I have said above in terms of amavisd.conf? Thanks, rocsca - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Pass spam destined only for some domain
Hello, I would like to not block the spam for some domain. I saw a parameter $bypass_spam_checks_maps it seems the right suitable for my case, but I would like to know how to use it storing domain name in a file or SQL database and other better methods (if there any) for my purpouse. thanks, rocsca - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Temporary dir
> > And.. Is it possible to use separate directory for
> .spamassassin
> > files?
>
> Possible. SpamAssassin creates its temporary files in a
> directory pointed to by the environment variable TMPDIR if
> defined, or in /tmp otherwise. You probably have a setting
> like the following in amavisd.conf:
>
> $ENV{TMPDIR} = $TEMPBASE;
>
Infact..
> You may assign some other directory name to $ENV{TMPDIR} if
> you prefer.
I ve done..
Thanks,
rocsca
-
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Temporary dir
> Mark your very clear.. bu I get: > > # patch < 0.patch > patching file amavisd > Reversed (or previously applied) patch detected! Assume -R? > [n] Apply anyway? [n] Skipping patch. > 1 out of 1 hunk ignored -- saving rejects to file amavisd.rej > missing header for unified diff at line 16 of patch can't > find file to patch at input line 16 Perhaps you should have > used the -p or --strip option? > The text leading up to this was: > -- > | alarm($dt); > | do_log(5,"timer set to %d s for SA (was %d s)", > $dt,$remaining_time); > |- my($mail_obj); my($sa_version) = $self->sa_version; > |+ my($sa_version) = $self->sa_version; > | do_log(5,"calling SA parse, SA version %s", $sa_version); > | # *** note that $sa_version could be 3.0.1, which is > not really > numeric! > -- > File to patch: > > > It seems that there is an error in the patch.. OK.. I have 'patched' the patch and applied it.. It is working fine!!! Thanks!!! rocsca - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Temporary dir
> Save a patch to some file, e.g. 0.patch, then cd to a > directory where amavisd is located, and apply the patch with > a 'patch' command, feeding 0.patch on stdin to it, e.g.: > > cd /usr/local/sbin > #have 0.patch ready in this directory > patch < 0.patch Mark your very clear.. bu I get: # patch < 0.patch patching file amavisd Reversed (or previously applied) patch detected! Assume -R? [n] Apply anyway? [n] Skipping patch. 1 out of 1 hunk ignored -- saving rejects to file amavisd.rej missing header for unified diff at line 16 of patch can't find file to patch at input line 16 Perhaps you should have used the -p or --strip option? The text leading up to this was: -- | alarm($dt); | do_log(5,"timer set to %d s for SA (was %d s)", $dt,$remaining_time); |- my($mail_obj); my($sa_version) = $self->sa_version; |+ my($sa_version) = $self->sa_version; | do_log(5,"calling SA parse, SA version %s", $sa_version); | # *** note that $sa_version could be 3.0.1, which is not really numeric! -- File to patch: It seems that there is an error in the patch.. rocsca - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Temporary dir
> > If we are referring to: > > http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5444 > > these files should eventually get deleted automatically. And.. Is it possible to use separate directory for .spamassassin files? rocsca - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Temporary dir
> I never suggested using a tmpfs for temporary files. Under a
> decent journalling or UFS file system I don't think any
> (small) savings are worth the risk of having a file system
> too small, or wasting unnecessary memory.
http://www.arschkrebs.de/postfix/amavisd_tmpfs.shtml
> If we are referring to:
> http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5444
> these files should eventually get deleted automatically.
I'm using SA 3.1.8. Do it suffer of the same problem?
> Nevertheless, according to SA documentation the current
> calling method (since SA 3.0.0) lacks a call to $mail_obj->finish.
> The following patch should fix it:
>
>
> --- amavisd.orig Mon Apr 23 05:25:30 2007
> +++ amavisd Mon May 21 18:22:45 2007
> @@ -17542,5 +17542,5 @@
> sub call_spamassassin($$$) {
>my($self,$msginfo,$lines) = @_;
> - my($which_section); my($per_msg_status);
> + my($which_section); my($mail_obj,$per_msg_status);
>my($saved_umask) = umask; my($saved_pid) = $$;
>my($spamassassin_obj) = $self->{'spamassassin_obj'}; @@
> -17567,7 +17567,8 @@
> do_log(5,"calling SA parse, SA version %s, %.6f",
> $sa_version, $sa_version_num);
> -my($mail_obj) = $sa_version_num >= 3 ?
> $spamassassin_obj->parse($lines)
> +$mail_obj = $sa_version_num >= 3 ?
> $spamassassin_obj->parse($lines)
> :
> Mail::SpamAssassin::NoMailAudit->new(data => $lines,
>
> add_From_line => 0);
> +undef $lines; # release storage, SA made its own copy
> section_time($which_section);
>
> @@ -17607,4 +17608,6 @@
>if (defined $per_msg_status)
> { $per_msg_status->finish; undef $per_msg_status }
> + if (defined $mail_obj && $sa_version_num >= 3)
> +{ $mail_obj->finish; undef $mail_obj }
>umask($saved_umask); # SA changes umask to 0077
>if ($$ != $saved_pid) {
I'm using amavisd-new-2.4.4. Is this patch valid for the amavisd script
included in this amavisd-new version?
If Yes, How do I have to apply the pacth?
Sorry for the trivial questions..
rocsca
-
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] workround for bad headers
> > I get these warning..
> >
> > WARNING: bad headers - Improper use of control character
> (char 0D hex):
> > Subject: Richiesta di Invio Schede Prodotto\r \n
>
> If this is coming from your clients, these really need to be
> fixed, using a bare CR within a header is an ugly offense.
> Allowing such headers may lead careless mail clients to think
> a header field ends there.
>
> > I saw the amavisd.conf:
> >
> > # for defanging bad headers only turn on certain minor contents
> > categories:
> > $defang_by_ccat{+CC_BADH.",3"} = 1; # NUL or CR character in header
> >
> > Should I comment it or what I have to do to disable this check?
>
> Removing this line prevents defanging (pushing original mail
> contents into an attachment), but does not disable a check or
> a warning it creates.
>
> You probably want:
> $allowed_header_tests{'control'} = 0;
>
> Search for '%allowed_header_tests' in RELEASE_NOTES.
Thanks a lot Mark..
Could I disable the check only for incoming mail?
rocsca
-
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] workround for bad headers
I get these warning..
WARNING: bad headers - Improper use of control character (char 0D hex):
Subject: Richiesta di Invio Schede Prodotto\r \n
I saw the amavisd.conf:
# for defanging bad headers only turn on certain minor contents
categories:
$defang_by_ccat{+CC_BADH.",3"} = 1; # NUL or CR character in header
Should I comment it or what I have to do to disable this check?
What is it implies?
rocsca
-
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] (no subject)
I get these warning..
WARNING: bad headers - Improper use of control character (char 0D hex):
Subject: Richiesta di Invio Schede Prodotto\r \n
I saw the amavisd.conf:
# for defanging bad headers only turn on certain minor contents
categories:
$defang_by_ccat{+CC_BADH.",3"} = 1; # NUL or CR character in header
Should I comment it or what I have to do to disable this check?
What is it implies?
rocsca
-
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Temporary dir
Hello, I have problem with the directory tmp inside the home directory of the user running amavisd-new (which use spamassassin). That directory is configured as temporary dir for Amavisd-new. I mounted on it a tmpfs file system. The size of the partition is the one suggested for this job (to do the temporary directory for amavisd-new). But Often it filled up. I saw the other files (directory) is contained inside that directory.. drwx-- 2 amavis amavis 180 May 21 13:01 .spamassassin5530r7wcrVtmp drwx-- 2 amavis amavis 180 May 21 12:06 .spamassassin7237wyAuoBtmp drwx-- 2 amavis amavis 180 May 21 12:06 .spamassassin7288uoiiXPtmp drwx-- 2 amavis amavis 180 May 21 12:06 .spamassassin7289MYWBOwtmp drwx-- 2 amavis amavis 180 May 21 12:06 .spamassassin7289QcqPY2tmp drwx-- 2 amavis amavis 180 May 21 12:06 .spamassassin7289sijshHtmp drwx-- 2 amavis amavis 180 May 21 12:06 .spamassassin7297BbAzmltmp drwx-- 2 amavis amavis 180 May 21 12:06 .spamassassin7418uqGnv3tmp and I can't figure out why they are there! Have someone an idea? thanks rocsca - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Deliver quarantined message
> You could use my script for resending ham and optionally > whitelisting (whitelist_from_rcvd in local.cf) the senders of > these ham messages. Thanks Leon, I will take take a look at you script. Surely, I will be very worth for me.. rocsca - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Deliver quarantined message
> Check amavisd.conf and see if you have a $unix_socketname configured.
> Make a note of the current setting if it exists. If it does
> not, then configure it.
>
> There is a program called amavisd-release. It comes with the
> source code. You may have to edit the $socketname in
> amavisd-release to match the $unix_socketname in
> amavisd.conf. If you need to pick a spot to place the socket,
> the amavis home directory should work.
> Place amavisd-release in /usr/sbin then:
>
> In amavisd.conf add these (adjust path as required):
>
> Code:
> $unix_socketname = "/var/amavis/amavisd.sock";
>
> $interface_policy{'SOCK'} = 'AM.PDP-SOCK';
> $policy_bank{'AM.PDP-SOCK'} = {
> protocol => 'AM.PDP',
> auth_required_release => 0, # don't require secret-id for
> release };
>
> The $unix_socketname and $socketname should match.
>
> reload amavisd-new and:
>
> amavisd-release spam-BF9E0-Z+FU2R.gz
Thanks.. Your instructions was very clear!!!
It is easy to configure this feature of amavisd-new and it works really
fine!!
Still thanks,
rocsca
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Deliver quarantined message
Hello, I have a relay SMTP server system Amavisd-new+Postfix+MySQL-based. I have configured spamassassin to quarantine spam message. Now I would like to know a simple way to release a quarantined message after, for example, I have verified that the message is a false positive.. Could someone explain how it is possible to setup amavis so I can do this? TIA, rocsca - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] AWL question
Hello, I use SA storing data on MySQL databases. I have seen the awl contains email address with the value 'none' in the field 'IP'. Why this field for some entriesis not correctly filled? Thanks, rocsca - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] performance questions
Thanks Gary V for you answers, Could you suggest me something about this problem.. > > > I already have > > > > > innodb_data_file_path = /var/lib/mysql/ibdata1:500M:autoextend > > > > > which should be enough... > > > > I don't know enough about MySQL to know if it is or not. > This does not > > at first glance seem to be related to > innodb_buffer_pool_size however. > > > > I have the same performance problems.. > > I will prune the bayes_token (InnoDB) table with the following query: > > delete from bayes_token where atime <= > UNIX_TIMESTAMP(DATE_ADD(CURDATE(), INTERVAL -30 DAY)); > > but I get however a growing data lenght for that table, as > well a growing index lenght. > > At certain time, I get poor performance for amavisd-new > (Indeed I get this kind of error from amavis-milter - I have > sendmail-milter > configuration: > > amavis-milter: thread_create() failed: 12, try again > > ) > > so I have to switch from MySQL DB to the native (local) DB for SA. > > Maybe is it worth to change to MyISAM table? > TIA, rocsca - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] performance questions
Hello, > > How I have to do so that I can delete the same entry from native SA > > database? (ie.: if I don't use the DB?) > > > rocsca > > See check_whitelist provided with the source code, or: > http://www.deepnet.cx/~kdeugau/spamtools/trim_whitelist > > but this deletes *all* 'one off' entries. > What means 'one off' entry?? rocsca - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] performance questions
Thanks. > >> AFAIK AWL grows forever. Something like this may help somewhat: > >> DELETE FROM `awl` WHERE `count` = 1 AND `totscore` > 5; > > > Could You explain why you choose 5 as value threshold? > > Thanks, > > rocsca > > Somewhat arbitrary but SpamAssassin uses a target score of 5 > for the delineation point between ham and spam, so I chose a > number SpamAssassin would consider spam. Personally I don't > use AWL but if I did I would use a more sophisticated method > of maintaining it. The section "Optional: If you would like > finer control of auto-whitelist maintenance" in this document > explains how I do this: > http://www200.pair.com/mecham/spam/debian-spamassassin-sql.html > How I have to do so that I can delete the same entry from native SA database? (ie.: if I don't use the DB?) rocsca - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
