[spamdyke-users] spamdyke 4.0.3 logging
I've just installed spamdyke 4.0.3 on a somewhat convoluted qmail host, and am seeing some wierdness with logging. The server has logging for qmail-smtp set up in the typical qmail fashion, with logging going to stderr and on to /var/log/qmail/smtpd/current. I have spamdyke configured with log-target=stderr. Logging looks fine in the smtpd log. Now for the weirdness. The qmail-start (and thus qmail-send) is configured to use splogger to send messages to /var/log/maillog. Why, I have no idea. The weird thing is that spamdyke's messages are appearing in /var/log/maillog as well as /var/log/qmail/smtp/current. Any idea how/why this is happening? Could be something in the (mis)configuration that I'm not seeing, but I'm a bit befuddled. -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke 4.0.3 logging
Eric Shubert wrote: > I've just installed spamdyke 4.0.3 on a somewhat convoluted qmail host, and > am seeing some wierdness with logging. > > The server has logging for qmail-smtp set up in the typical qmail fashion, > with logging going to stderr and on to /var/log/qmail/smtpd/current. I have > spamdyke configured with log-target=stderr. Logging looks fine in the smtpd > log. > > Now for the weirdness. The qmail-start (and thus qmail-send) is configured > to use splogger to send messages to /var/log/maillog. Why, I have no idea. > The weird thing is that spamdyke's messages are appearing in > /var/log/maillog as well as /var/log/qmail/smtp/current. Any idea how/why > this is happening? Could be something in the (mis)configuration that I'm not > seeing, but I'm a bit befuddled. > So I've moved qmail-send's logging to where it's usually found, at /var/log/qmail/send/current. Spamdyke's log messages are still showing up in /var/log/maillog though, in addition to /var/log/qmail/smtpd/current (where they're supposed to go). I double checked configuration, and I have log-target=stderr. Looking like a bug to me, Sam. ;) -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
[spamdyke-users] spamdyke 4.0.3 not allowing?
I've probably hosed up something in my new .conf file. What I'm seeing is that with filter-level=normal, I'm seeing some rejections (not as many as I'd expect), and NO allow messages. I can confirm that nothing is being allowed from looking at the send queue. With filter-level=allow-all, it's indeed allowing everything. Not exactly what I had in mind though. :( Here's my spamdyke.conf file: filter-level=allow-all max-recipients=50 reject-empty-rdns reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns log-level=info log-target=stderr idle-timeout-secs=300 ip-blacklist-file=/etc/spamdyke/blacklist_ip rdns-blacklist-file=/etc/spamdyke/blacklist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients sender-blacklist-file=/etc/spamdyke/blacklist_senders ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-whitelist-file=/etc/spamdyke/whitelist_recipients sender-whitelist-file=/etc/spamdyke/whitelist_senders ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=bl.spamcop.net graylist-level=always-create-dir graylist-dir=/var/spamdyke/graylist graylist-max-secs=1814400 graylist-min-secs=180 local-domains-file=/var/qmail/control/rcpthosts local-domains-file=/var/qmail/control/morercpthosts Note, in the cases where the parameter references a file, the file exists and is empty. Thoughts / suggestions? -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke 4.0.3 not allowing?
Eric Shubert wrote: > I've probably hosed up something in my new .conf file. > > What I'm seeing is that with filter-level=normal, I'm seeing some rejections > (not as many as I'd expect), and NO allow messages. I can confirm that > nothing is being allowed from looking at the send queue. > > With filter-level=allow-all, it's indeed allowing everything. Not exactly > what I had in mind though. :( > > Here's my spamdyke.conf file: > filter-level=allow-all > max-recipients=50 > reject-empty-rdns > reject-ip-in-cc-rdns > reject-missing-sender-mx > reject-unresolvable-rdns > log-level=info > log-target=stderr > idle-timeout-secs=300 > ip-blacklist-file=/etc/spamdyke/blacklist_ip > rdns-blacklist-file=/etc/spamdyke/blacklist_rdns > recipient-blacklist-file=/etc/spamdyke/blacklist_recipients > sender-blacklist-file=/etc/spamdyke/blacklist_senders > ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords > ip-whitelist-file=/etc/spamdyke/whitelist_ip > rdns-whitelist-file=/etc/spamdyke/whitelist_rdns > recipient-whitelist-file=/etc/spamdyke/whitelist_recipients > sender-whitelist-file=/etc/spamdyke/whitelist_senders > ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords > dns-blacklist-entry=zen.spamhaus.org > dns-blacklist-entry=bl.spamcop.net > graylist-level=always-create-dir > graylist-dir=/var/spamdyke/graylist > graylist-max-secs=1814400 > graylist-min-secs=180 > local-domains-file=/var/qmail/control/rcpthosts > local-domains-file=/var/qmail/control/morercpthosts > > Note, in the cases where the parameter references a file, the file exists > and is empty. > > Thoughts / suggestions? > Ok, so I removed all of the blacklist and whilelist file references, and graylisting, and I'm seeing an allow or 2 coming through. That's good! I'll try adding parameters back in and see if I can pinpoint the culprit. -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke 4.0.3 not allowing?
Eric Shubert wrote: > Eric Shubert wrote: >> I've probably hosed up something in my new .conf file. >> >> What I'm seeing is that with filter-level=normal, I'm seeing some rejections >> (not as many as I'd expect), and NO allow messages. I can confirm that >> nothing is being allowed from looking at the send queue. >> >> With filter-level=allow-all, it's indeed allowing everything. Not exactly >> what I had in mind though. :( >> >> Here's my spamdyke.conf file: >> filter-level=allow-all >> max-recipients=50 >> reject-empty-rdns >> reject-ip-in-cc-rdns >> reject-missing-sender-mx >> reject-unresolvable-rdns >> log-level=info >> log-target=stderr >> idle-timeout-secs=300 >> ip-blacklist-file=/etc/spamdyke/blacklist_ip >> rdns-blacklist-file=/etc/spamdyke/blacklist_rdns >> recipient-blacklist-file=/etc/spamdyke/blacklist_recipients >> sender-blacklist-file=/etc/spamdyke/blacklist_senders >> ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords >> ip-whitelist-file=/etc/spamdyke/whitelist_ip >> rdns-whitelist-file=/etc/spamdyke/whitelist_rdns >> recipient-whitelist-file=/etc/spamdyke/whitelist_recipients >> sender-whitelist-file=/etc/spamdyke/whitelist_senders >> ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords >> dns-blacklist-entry=zen.spamhaus.org >> dns-blacklist-entry=bl.spamcop.net >> graylist-level=always-create-dir >> graylist-dir=/var/spamdyke/graylist >> graylist-max-secs=1814400 >> graylist-min-secs=180 >> local-domains-file=/var/qmail/control/rcpthosts >> local-domains-file=/var/qmail/control/morercpthosts >> >> Note, in the cases where the parameter references a file, the file exists >> and is empty. >> >> Thoughts / suggestions? >> > > Ok, so I removed all of the blacklist and whilelist file references, and > graylisting, and I'm seeing an allow or 2 coming through. That's good! > > I'll try adding parameters back in and see if I can pinpoint the culprit. > Ok, so there doesn't appear to be a problem any more. After some careful testing, everything appears to be working as it should. As Rosanna Rosannadanna would say, "Never mind". ;) -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke 4.0.3 not allowing?
> > As Rosanna Rosannadanna would say, "Never mind". ;) > > -- You're dating yourself. :-) I'm probably one of only a few that even get that. :-P Michael J. Colvin NorCal Internet Services www.norcalisp.com ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke 4.0.3 logging
I'm not that familiar with splogger but a quick search gave me several pages that all say it sends its messages to syslog in addition to passing them through stdout/stderr. http://www.ezmlm.org/man/man8/splogger.8.html Of course it's possible this is a spamdyke bug but the way you've described your setup, it sounds like splogger is functioning correctly. -- Sam Clippinger Eric Shubert wrote: > Eric Shubert wrote: > >> I've just installed spamdyke 4.0.3 on a somewhat convoluted qmail host, and >> am seeing some wierdness with logging. >> >> The server has logging for qmail-smtp set up in the typical qmail fashion, >> with logging going to stderr and on to /var/log/qmail/smtpd/current. I have >> spamdyke configured with log-target=stderr. Logging looks fine in the smtpd >> log. >> >> Now for the weirdness. The qmail-start (and thus qmail-send) is configured >> to use splogger to send messages to /var/log/maillog. Why, I have no idea. >> The weird thing is that spamdyke's messages are appearing in >> /var/log/maillog as well as /var/log/qmail/smtp/current. Any idea how/why >> this is happening? Could be something in the (mis)configuration that I'm not >> seeing, but I'm a bit befuddled. >> >> > > So I've moved qmail-send's logging to where it's usually found, at > /var/log/qmail/send/current. Spamdyke's log messages are still showing up in > /var/log/maillog though, in addition to /var/log/qmail/smtpd/current (where > they're supposed to go). I double checked configuration, and I have > log-target=stderr. > > Looking like a bug to me, Sam. ;) > > ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke 4.0.3 not allowing?
Good to hear it's working... I guess there just weren't any "good" messages being delivered while you were testing "filter-level"? By the way, setting the "filter-level" option in the global config file is not really what I had in mind when I created that flag. Since it overrides all other flags, including blacklists, it was really intended for use in configuration directories. Specifically, some of my users have become tired of repeatedly asking me to whitelist their correspondents. Several have asked me to just turn off spam filtering for their accounts. With configuration directories, I can create a file for their address that includes the command "filter-level=allow-all" (they typically begin to see the wisdom of filtering after a few days). Without that command, their file would have to explicitly disable all enabled filters and would be a pain to create/maintain. By the same token, I wanted to provide an easy way for administrators to require authentication for senders/recipients within specific domains. That is now very easy to accomplish using a configuration directory and "filter-level=require-auth". -- Sam Clippinger Eric Shubert wrote: > Eric Shubert wrote: > >> Eric Shubert wrote: >> >>> I've probably hosed up something in my new .conf file. >>> >>> What I'm seeing is that with filter-level=normal, I'm seeing some rejections >>> (not as many as I'd expect), and NO allow messages. I can confirm that >>> nothing is being allowed from looking at the send queue. >>> >>> With filter-level=allow-all, it's indeed allowing everything. Not exactly >>> what I had in mind though. :( >>> >>> Here's my spamdyke.conf file: >>> filter-level=allow-all >>> max-recipients=50 >>> reject-empty-rdns >>> reject-ip-in-cc-rdns >>> reject-missing-sender-mx >>> reject-unresolvable-rdns >>> log-level=info >>> log-target=stderr >>> idle-timeout-secs=300 >>> ip-blacklist-file=/etc/spamdyke/blacklist_ip >>> rdns-blacklist-file=/etc/spamdyke/blacklist_rdns >>> recipient-blacklist-file=/etc/spamdyke/blacklist_recipients >>> sender-blacklist-file=/etc/spamdyke/blacklist_senders >>> ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords >>> ip-whitelist-file=/etc/spamdyke/whitelist_ip >>> rdns-whitelist-file=/etc/spamdyke/whitelist_rdns >>> recipient-whitelist-file=/etc/spamdyke/whitelist_recipients >>> sender-whitelist-file=/etc/spamdyke/whitelist_senders >>> ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords >>> dns-blacklist-entry=zen.spamhaus.org >>> dns-blacklist-entry=bl.spamcop.net >>> graylist-level=always-create-dir >>> graylist-dir=/var/spamdyke/graylist >>> graylist-max-secs=1814400 >>> graylist-min-secs=180 >>> local-domains-file=/var/qmail/control/rcpthosts >>> local-domains-file=/var/qmail/control/morercpthosts >>> >>> Note, in the cases where the parameter references a file, the file exists >>> and is empty. >>> >>> Thoughts / suggestions? >>> >>> >> Ok, so I removed all of the blacklist and whilelist file references, and >> graylisting, and I'm seeing an allow or 2 coming through. That's good! >> >> I'll try adding parameters back in and see if I can pinpoint the culprit. >> >> > > Ok, so there doesn't appear to be a problem any more. After some careful > testing, everything appears to be working as it should. > > As Rosanna Rosannadanna would say, "Never mind". ;) > > ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke 4.0.3 not allowing?
Sam Clippinger wrote: > Good to hear it's working... I guess there just weren't any "good" > messages being delivered while you were testing "filter-level"? That's what I'm thinking. I'm still seeing something a little peculiar though. I would expect every smtp session to generate a spamdyke message of one form or another, either a rejection or an allow. This particular server's pretty, so it's sometimes hard to tell. Is this the case, or are there situations where a session might not have a spamdyke message? FWIW, this server is simply a relay for specific domains, and has/does no authentication other than checking rcpthosts and morercpthosts, then forwards the mail based on the .qmail-default record for each domain. Kinda goofy, I know. > By the way, setting the "filter-level" option in the global config file > is not really what I had in mind when I created that flag. Since it > overrides all other flags, including blacklists, it was really intended > for use in configuration directories. Specifically, some of my users > have become tired of repeatedly asking me to whitelist their > correspondents. Several have asked me to just turn off spam filtering > for their accounts. With configuration directories, I can create a file > for their address that includes the command "filter-level=allow-all" > (they typically begin to see the wisdom of filtering after a few days). > Without that command, their file would have to explicitly disable all > enabled filters and would be a pain to create/maintain. > > By the same token, I wanted to provide an easy way for administrators to > require authentication for senders/recipients within specific domains. > That is now very easy to accomplish using a configuration directory and > "filter-level=require-auth". Nice. FWIW, I just found it to be an easy way to turn spamdyke off temporarily, as opposed to changing run files back and forth. :) > -- Sam Clippinger > > Eric Shubert wrote: >> Eric Shubert wrote: >> >>> Eric Shubert wrote: >>> I've probably hosed up something in my new .conf file. What I'm seeing is that with filter-level=normal, I'm seeing some rejections (not as many as I'd expect), and NO allow messages. I can confirm that nothing is being allowed from looking at the send queue. With filter-level=allow-all, it's indeed allowing everything. Not exactly what I had in mind though. :( Here's my spamdyke.conf file: filter-level=allow-all max-recipients=50 reject-empty-rdns reject-ip-in-cc-rdns reject-missing-sender-mx reject-unresolvable-rdns log-level=info log-target=stderr idle-timeout-secs=300 ip-blacklist-file=/etc/spamdyke/blacklist_ip rdns-blacklist-file=/etc/spamdyke/blacklist_rdns recipient-blacklist-file=/etc/spamdyke/blacklist_recipients sender-blacklist-file=/etc/spamdyke/blacklist_senders ip-in-rdns-keyword-blacklist-file=/etc/spamdyke/blacklist_keywords ip-whitelist-file=/etc/spamdyke/whitelist_ip rdns-whitelist-file=/etc/spamdyke/whitelist_rdns recipient-whitelist-file=/etc/spamdyke/whitelist_recipients sender-whitelist-file=/etc/spamdyke/whitelist_senders ip-in-rdns-keyword-whitelist-file=/etc/spamdyke/whitelist_keywords dns-blacklist-entry=zen.spamhaus.org dns-blacklist-entry=bl.spamcop.net graylist-level=always-create-dir graylist-dir=/var/spamdyke/graylist graylist-max-secs=1814400 graylist-min-secs=180 local-domains-file=/var/qmail/control/rcpthosts local-domains-file=/var/qmail/control/morercpthosts Note, in the cases where the parameter references a file, the file exists and is empty. Thoughts / suggestions? >>> Ok, so I removed all of the blacklist and whilelist file references, and >>> graylisting, and I'm seeing an allow or 2 coming through. That's good! >>> >>> I'll try adding parameters back in and see if I can pinpoint the culprit. >>> >>> >> Ok, so there doesn't appear to be a problem any more. After some careful >> testing, everything appears to be working as it should. >> >> As Rosanna Rosannadanna would say, "Never mind". ;) >> >> > ___ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] spamdyke 4.0.3 logging
I think I've taken splogger out of the picture. I have qmail-send messages going to the (proper) /var/log/qmail/send/current file via multilog. The qmail logs look ok now. However, the spamdyke messages are still going to both the smtpd/current log, as well as /var/log/maillog. Any idea how that could be happening? Sam Clippinger wrote: > I'm not that familiar with splogger but a quick search gave me several > pages that all say it sends its messages to syslog in addition to > passing them through stdout/stderr. > http://www.ezmlm.org/man/man8/splogger.8.html > > Of course it's possible this is a spamdyke bug but the way you've > described your setup, it sounds like splogger is functioning correctly. > > -- Sam Clippinger > > Eric Shubert wrote: >> Eric Shubert wrote: >> >>> I've just installed spamdyke 4.0.3 on a somewhat convoluted qmail host, and >>> am seeing some wierdness with logging. >>> >>> The server has logging for qmail-smtp set up in the typical qmail fashion, >>> with logging going to stderr and on to /var/log/qmail/smtpd/current. I have >>> spamdyke configured with log-target=stderr. Logging looks fine in the smtpd >>> log. >>> >>> Now for the weirdness. The qmail-start (and thus qmail-send) is configured >>> to use splogger to send messages to /var/log/maillog. Why, I have no idea. >>> The weird thing is that spamdyke's messages are appearing in >>> /var/log/maillog as well as /var/log/qmail/smtp/current. Any idea how/why >>> this is happening? Could be something in the (mis)configuration that I'm not >>> seeing, but I'm a bit befuddled. >>> >>> >> So I've moved qmail-send's logging to where it's usually found, at >> /var/log/qmail/send/current. Spamdyke's log messages are still showing up in >> /var/log/maillog though, in addition to /var/log/qmail/smtpd/current (where >> they're supposed to go). I double checked configuration, and I have >> log-target=stderr. >> >> Looking like a bug to me, Sam. ;) >> >> -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
