Re: [Mimedefang] Mimedefang stream-by-recipient and Mailman
On Tue, 26 Apr 2005 23:35:11 -0400, Rich West wrote Glad it was obvious. :) I didn't know (for sure) what variable was available in filter_begin. The man page for mimedefang-filter is awesome and will answer this mystery for you ;-) Jim -- EsisNet.com Webmail Client ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] OT - Using rDNS sendmail hack - your experiences
James Ebright wrote: You can whitelist users or entire domains from the rDNS check in your access file using Niel's hack. I know... but it just seemed that while I was playing by all the rules, the slobs were just making my access file grow to biblical proportions. (shaking head some more) Well, when the person who asked me to turn it off gets flooded with spam.. I have a feeling I'll be asked to turn it back on again. I sometimes (when I'm feeling really generous) call the person in charge of the system being bounced, I explain that AOL and others use the same spam detection techniques, they'll respond by saying, our mail doesn't bounce from AOL... I reply, you have a spam folder, don't you? They usually do. So then I ask, how often do you actually weed through the thousands of emails to check it rather than just empty it? They usually don't. They just empty. I tell them that's why you don't get bounces. Legit emails from poorly setup servers just get filed there. And then *you* delete them. Then they get it. *THEN* they realize how unreliable email is becoming. :) -Ben ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] OT - Using rDNS sendmail hack - your experiences
Then they get it. *THEN* they realize how unreliable email is becoming. I made the same comment a few days ago. Email has lost all reliability because of SPAM. If you send a letter you take it for granted it arrives. If you send a fax you assume it gets there but it sometimes has problems getting to the correct desk. But if you send an email, you have to wait for a reply or follow-up that it arrived. It's very annoying. KAM ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] OT: SpamAssassin - Lots of bayes_toks.expire##### files
In defang's ~/.spamassassin/ directory... Are these supposed to reconciled/cleaned up automatically? I'm gonna go look around the SA website - but have a feeling someone here might have better information than what's online. Thanks, -Ben ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] OT: SpamAssassin - Lots of bayes_toks.expire##### files
Ben, See http://lists.roaringpenguin.com/pipermail/mimedefang/2004-January/019591.html and also http://64.233.183.104/search?q=cache:jOETeNyHoVsJ:lists.elvandar.org/pipermail/s pamassassin-users/2004-March/002321.html+bayes_toks.expirehl=en (the original site is down, so this is via Google's cache). It appears that opportunistic expiry is failing due to either the time it takes, or to problems with the database contents - I'd be tempted to disable the auto expiry, and run it manually in debug mode first, then take it from there: sa-learn -D --force-expiry Edited highlights: debug: SpamAssassin version 3.0.0 debug: Score set 0 chosen. debug: running in taint mode? yes debug: Running in taint mode, removing unsafe env vars, and resetting PATH debug: PATH included '/usr/local/bin', keeping. debug: PATH included '/usr/bin', keeping. debug: PATH included '/bin', keeping. debug: PATH included '/usr/bin/X11', keeping. debug: PATH included '/usr/games', keeping. debug: Final PATH set to: /usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games debug: using /etc/spamassassin/init.pre for site rules init.pre debug: config: read file /etc/spamassassin/init.pre debug: using /usr/share/spamassassin for default rules dir ... debug: Score set 0 chosen. debug: Initialising learner debug: Syncing Bayes and expiring old tokens... debug: lock: 25900 created /home/defang/.spamassassin/bayes.lock.sysname.25900 debug: lock: 25900 trying to get lock on /home/defang/.spamassassin/bayes with 0 retries debug: lock: 25900 link to /home/defang/.spamassassin/bayes.lock: link ok debug: bayes: 25900 tie-ing to DB file R/W /home/defang/.spamassassin/bayes_toks debug: bayes: 25900 tie-ing to DB file R/W /home/defang/.spamassassin/bayes_seen debug: bayes: found bayes db version 3 ... debug: bayes: expiry check keep size, 0.75 * max: 112500 debug: bayes: token count: 454525, final goal reduction size: 342025 debug: bayes: First pass? Current: 1114625225, Last: 1099313917, atime: 0, count: 0, newdelta: 0, ratio: 0, period: 43200 debug: bayes: Can't use estimation method for expiry, something fishy, calculating optimal atime delta (first pass) debug: bayes: expiry max exponent: 9 debug: bayes: atime token reduction debug: bayes: === debug: bayes: 43200 461600 debug: bayes: 86400 458506 debug: bayes: 172800454129 debug: bayes: 345600449149 debug: bayes: 691200430194 debug: bayes: 1382400 402891 debug: bayes: 2764800 357505 debug: bayes: 5529600 269873 debug: bayes: 11059200 134212 debug: bayes: 22118400 79 debug: bayes: First pass decided on 5529600 for atime delta debug: refresh: 25800 refresh /home/defang/.spamassassin/bayes.lock debug: bayes: 25800 untie-ing debug: bayes: 25800 untie-ing db_toks debug: bayes: 25800 untie-ing db_seen debug: bayes: files locked, now unlocking lock debug: unlock: 25800 unlink /home/defang/.spamassassin/bayes.lock expired old Bayes database entries in 195 seconds 199580 entries kept, 269873 deleted token frequency: 1-occurence tokens: 52.02% token frequency: less than 8 occurrences: 28.98% debug: Syncing complete. Best Wishes, Paul. __ Paul Murphy Head of Informatics Ionix Pharmaceuticals Ltd 418 Science Park, Cambridge, CB4 0PA Tel. 01223 433741 Fax. 01223 433788 ___ DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please contact the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741 ___ ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] OT - Using rDNS sendmail hack - your experiences
On 4/26/2005 09:58, James Ebright wrote: Hello all, this is a bit off topic but relevant. We finally decided it was probably time to implement AOL style reverse DNS checks into our MTA. Since AOL has been doing it now for something like 6 months it is a pretty fair bet that most US customers that are legit have corrected their DNS issues... or so we thought! I think AOL's approach to this is reasonable. It's not as strict as you might think. From what Carl said on the SPF list a while back they check just for the existence of a PTR but not that it necessarily match 100% with the MX/A record. For example, because we outsource dns service to easydns and because our isp's (SBC) policy is to not do custom PTR records unless they're doing the forward hosting also we are stuck with just plain generic PTR records for our block (ip.addr.sbc.com etc...). As an aside, I think Carl et al have done a great job at turning around one of the biggest spam problems of a few years ago. I remember when most spam I got came from AOL. No problems sending to AOL so far. I'm sure there are lots of other people in the same boat. I guess if AOL changes to full reverse validation then we'll be forced to degrade our domain's DNS service level and host it all our self. If you do strict reverse checking you'll definitely throw out valid mail. You'll just have to see if that's OK or how much BOFH you can get away with. ~Jason -- ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] using a RAM disk for mimedefang temp directory?
we've been using mimedefang+spamassassin under sendmail for quite some time now, very successfully. looking around for ways to speed things up and/or just make them more efficient ... wondering if anyone has experience using a RAM disk (tmpfs as opposed to an expen$ive solid state disk) for mimedefang's temporary directory? am i right in assuming that the temporary directory is what configure calls spooldir and not the quarantinedir? or is there a separate temp dir? ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] using a RAM disk for mimedefang temp directory?
Matthew Ward wrote: looking around for ways to speed things up and/or just make them more efficient ... wondering if anyone has experience using a RAM disk (tmpfs as opposed to an expen$ive solid state disk) for mimedefang's temporary directory? :-) Check the FAQ, especially: http://www.mimedefang.org/kwiki/index.cgi?RamBasedSpoolDirectory If you've been happy with MIMEDefang and have NOT been using a RAM disk, you must have a pretty low mail volume. am i right in assuming that the temporary directory is what configure calls spooldir and not the quarantinedir? That's correct. Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] using a RAM disk for mimedefang temp directory?
[EMAIL PROTECTED] wrote: we've been using mimedefang+spamassassin under sendmail for quite some time now, very successfully. looking around for ways to speed things up and/or just make them more efficient ... wondering if anyone has experience using a RAM disk (tmpfs as opposed to an expen$ive solid state disk) for mimedefang's temporary directory? It's really very very very much faster to use a tmpfs directory for spool. Here's my fstab entry on a machine with 2GB of RAM: none/var/spool/MIMEDefang tmpfs mode=750,size=256M,uid=defang,gid=defang 0 0 I have an inkling that recent versions of SA use /tmp as well - for things like checking Razor/Pyzor - but haven't investigated as the server seems to be fine as is. Using tmpfs for the quarantine directory is NOT a good idea. Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902 Hispanic Business Inc./HireDiversity.com Software Engineer perl -emap{y/a-z/l-za-k/;print}shift Jjhi pcdiwtg Ptga wprztg, ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] using a RAM disk for mimedefang temp directory?
Preface: My mimedefang runs as user defang gid 107 and uid 107. Hence the info below. #8 -- Using a temporary filesystem to speed up mail processing and lower disk I/O - If you have tmpfs in your kernel and you have enough RAM, then processing the emails on a ramdisk is the only way to go. Here's a simple way to achieve that thanks to Alan Premselaar Steffen Kaiser for the mount hint: #Stop sendmail mimedefang /etc/rc.d/init.d/sendmail stop /etc/rc.d/init.d/mimedefang stop mv /var/spool/MIMEDefang /var/spool/MIMEDefang.old mkdir /var/spool/MIMEDefang #add this line to /etc/fstab none/var/spool/MIMEDefang tmpfs uid=107,gid=107,mode=700,size=384M0 0 mount /var/spool/MIMEDefang NOTE: You'll want to place your bayesian database and auto-whitelist somewhere else as noted by Bill Curtis! - Original Message - From: Matthew Ward [EMAIL PROTECTED] To: mimedefang@lists.roaringpenguin.com Sent: Wednesday, April 27, 2005 3:15 PM Subject: [Mimedefang] using a RAM disk for mimedefang temp directory? we've been using mimedefang+spamassassin under sendmail for quite some time now, very successfully. looking around for ways to speed things up and/or just make them more efficient ... wondering if anyone has experience using a RAM disk (tmpfs as opposed to an expen$ive solid state disk) for mimedefang's temporary directory? am i right in assuming that the temporary directory is what configure calls spooldir and not the quarantinedir? or is there a separate temp dir? ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] OT - Using rDNS sendmail hack - your experiences
As an aside, I think Carl et al have done a great job at turning around one of the biggest spam problems of a few years ago. I remember when most spam I got came from AOL. I certainly agree there -- as an ISP receiving roughly 700k-1 million messages per day, we receive the least amount of crap from AOL. The worst offenders are yahoo, hotmail, and MSN in our case. No problems sending to AOL so far. I'm sure there are lots of other people in the same boat. I guess if AOL changes to full reverse validation then we'll be forced to degrade our domain's DNS service level and host it all our self. If you do strict reverse checking you'll definitely throw out valid mail. You'll just have to see if that's OK or how much BOFH you can get away with. I would definitely caution anyone in using rDNS as a determining factor in whether or not to accept mail. Most of our clients are small to medium businesses -- they're always looking for the cheapest broadband, mail hosting, web, and DNS hosting. So, some of these clients will have completely different providers for all of the above. Adelphia, the largest provider of broadband in our area (WNY), absolutely outright refuses to set up custom PTR records for *any* of their clients, business or residential. Due to several organizations now using strict rDNS checking, we've had to host several client mail servers (MS Exchange, Lotus, Groupwise, etc.) at our NOC in order to help these clients get around the rDNS validation (in that case we provide the IP and the rDNS PTR for the client server, and have to go through a pain-in-the-a$$ process of setting up VPN over DSL and cable PVCs). While rDNS validation is a good way to ensure that you're receiving mail from a valid, unique domain/network, it just causes headaches in the long run. We simply bump the spam score by a few points whenever mail comes through with invalid rDNS, and that has worked very well for us. - Chris -- Chris Gauch Systems Administrator Digicon Communications, Inc. http://www.digiconcommunications.com [EMAIL PROTECTED] ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] using a RAM disk for mimedefang temp directory?
--On Wednesday, April 27, 2005 3:28 PM -0400 David F. Skoll [EMAIL PROTECTED] wrote: Check the FAQ, especially: http://www.mimedefang.org/kwiki/index.cgi?RamBasedSpoolDirectory If you've been happy with MIMEDefang and have NOT been using a RAM disk, you must have a pretty low mail volume. I've been running from disk, after making a brief attempt at using a RAM disk a long time ago and having my system wedge when the disk filled. Is that still an issue with the Linux tmpfs? I checked the /var/spool/MIMEDefang directory to see how much space is in use and found the .spamassassin directory used to store system-wide Bayes and AWL. Does the RPM still use that directory as the defang user's home directory? Might /etc/mail/mimedefang be a better choice for that? ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] OT - Using rDNS sendmail hack - your experiences
On Wed, 27 Apr 2005 15:14:20 -0400, Jason Gurtz wrote If you do strict reverse checking you'll definitely throw out valid mail. You'll just have to see if that's OK or how much BOFH you can get away with. Niel's hack only tempfails in the scenario where there is a PTR but it does not match This gives our admin staff alot of time to decide to whitelist or to take other actions, so far we have whitelisted one local ISP from rDNS checks and one local business that is working on correcting their issues (more numerous than just rDNS). Honestly, in your case I would use CNAMES liberally and make your MX server the same as the PTR reverses but have customers still use the CNAME for their MUA configurations. This will not appear any different to the end user but will bring you into full compliance without using a CNAME for the MX record (which is a rfc MUST NOT). Jim -- EsisNet.com Webmail Client ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] using a RAM disk for mimedefang temp directory?
On Wed, 27 Apr 2005, Kevin A. McGrail wrote: NOTE: You'll want to place your bayesian database and auto-whitelist somewhere else as noted by Bill Curtis! I keep my bayes database on the ramdisk. My init scripts copy the db to disk on shutdown, and copy into ramdisk on startup. Sendmail is restarted every night for log rotation so worst case i'd lose a day of Bayes if the server crashed. Since SA is nailing bayes db on every message, i figured it can't hurt to have it on the ramdisk as well. ray -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Ray DeJean http://www.r-a-y.org Systems EngineerSoutheastern Louisiana University IBM Certified Specialist AIX Administration, AIX Support =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] using a RAM disk for mimedefang temp directory?
Probably a good move. I got a little tired of the disk I/O grind with DB and Bayes/AWL and I'm using mySQL. It seems much better on using the resources of the server most efficiently. Regards, KAM I keep my bayes database on the ramdisk. My init scripts copy the db to disk on shutdown, and copy into ramdisk on startup. Sendmail is restarted every night for log rotation so worst case i'd lose a day of Bayes if the server crashed. Since SA is nailing bayes db on every message, i figured it can't hurt to have it on the ramdisk as well. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] using a RAM disk for mimedefang temp directory?
Kevin A. McGrail wrote: [keeping Bayes DB in RAM is] Probably a good move. I got a little tired of the disk I/O grind with DB and Bayes/AWL and I'm using mySQL. It seems much better on using the resources of the server most efficiently. That's strange. We use our own Bayes implementation in CanIt, and it's stored in a PostgreSQL database. We haven't had performance issues with that setup. Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang