which RDJ rulesets should I pickup?
Hi there, I have found that there are many rulesets available at http://www.exit0.us/index.php?pagename=RulesDuJour. Should I add ALL of them in my "TRUSTED_RULESETS" or only need some of them will do the job? cheers simon
Re: user_prefs rules throwing errors
From: "Jim Smith" <[EMAIL PROTECTED]> Welcome to the club. Gee it's such an honor to be part of that club . This has been a slippery thing for me as well. If I restart SA, it will go away for a while and those rules will work correctly for approx 6-12 hours. When it starts misbehaving, I can take the two rules out and it works fine. Put them back in, and it chokes immediately. Restart and I get another several hours of trouble-free operation. Since I'm stuck inside today due to the blizzard in Connecticut, I've had lots of time to swap rules in my procmail & user_prefs file in & out until I was able to narrow the error down to those two rules. I'm not familiar with BZ but let me know if my info can help out. That may be an important catch, Jim. Are there any indications you are going into swapping? And what command string is spamd spawned? That might be critical data. And indeed whether you are using it with global or per user bayes and whitelists may matter, as well. {^_^}
Re: Using Inet to launch spamd
On Sun, Feb 12, 2006 at 10:49:50AM -0800, Don O'Neil wrote: > Anyone using inetd to launch spamd? I've had my process die a couple of > times and it would be nice to have inetd around to make sure it's allways > running. If you have, what did you put in inetd.conf? You can run it with tcpserver and daemontools (http://cr.yp.to). My friend has it running for 2 years without problems. Or else you can try monit (use google to search for it). With warm regards, -Payal
Re: Enabling per user rules in SQL db
Don O'Neil wrote: Even if I use the -v (vpopmail) option? How else can the pref's come from a username if there is no username assigned in the /etc/password? I thought that was why there was the -v and -q options to begin with. To be honest I have no idea what using -v gets you (what changes). I've tried using -v with -u daemon, but that didn't help. Doesn't spamc look at who the email is delivered to? And then take the prefs based on that address? There's nothing for spamc to look at to see who the email is delivered to. You're just piping the message to spamc, and there's NOTHING in the message that could possibly definitively tell spamc who the message is being delivered to. You have to tell spamc who the message is for with the -u option, using something like: spamc -u [EMAIL PROTECTED] I guess I'm not following what the point of the options are if this isn't the case. Can I pass the username to spamc in the form of [EMAIL PROTECTED], even if this doesn't exist in the /etc/password file for spamc to grab the config for? If so, how? If you're using SQL prefs there's no need for the user to exist (that's the benefit of using SQL prefts. I'd call spamd like this (where the seconds spamd is the user the daemon runs as: spamd -d -q -x -u spamd Then call spamc like this: spamc -u [EMAIL PROTECTED] Daryl
RE: Enabling per user rules in SQL db
Ok... I changed the field in the DB from '[EMAIL PROTECTED]' to shcu0014 (the 'owner' of this email account) and the SQL rules work... So, now my question is how do I make it work for JUST '[EMAIL PROTECTED]' and not everything @whtech.com that runs under user shcu0014? I want per user settings, not per domain. Although per domain is nice too! Don -Original Message- From: Don O'Neil [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 8:38 PM To: 'Daryl C. W. O'Shea' Cc: users@spamassassin.apache.org Subject: RE: Enabling per user rules in SQL db Even if I use the -v (vpopmail) option? How else can the pref's come from a username if there is no username assigned in the /etc/password? I thought that was why there was the -v and -q options to begin with. I've tried using -v with -u daemon, but that didn't help. Doesn't spamc look at who the email is delivered to? And then take the prefs based on that address? I guess I'm not following what the point of the options are if this isn't the case. Can I pass the username to spamc in the form of [EMAIL PROTECTED], even if this doesn't exist in the /etc/password file for spamc to grab the config for? If so, how? Thanks! -Original Message- From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 8:20 PM To: Don O'Neil Cc: users@spamassassin.apache.org Subject: Re: Enabling per user rules in SQL db Don O'Neil wrote: > Looks like the problem is the username interpretation > > Feb 12 19:53:44 bigbird spamd[85410]: config: Conf::SQL: executing SQL: > select p > reference, value from userpref where username = 'shcu0003' or username > = '@GLOBAL' order by username asc Feb 12 19:53:44 bigbird > spamd[85410]: config: retrieving prefs for shcu0003 from SQL server > Feb 12 19:53:44 bigbird spamd[85410]: info: user has changed > > Shouldn't it be checking the actual delivery address, such as > '[EMAIL PROTECTED]' rather than the user ID? There are many > email accounts associated with that userID (the ID is that for the > domain account). > > I was under the impression that that was they way it worked, and the > GUI's expect that too. Maybe I'm missing something in the config? The username used is either the user spamc is run by or the username supplied to spamc with the -u parameter. spamc can't just guess what username to use, as you've suggested. Daryl
RE: Enabling per user rules in SQL db
Even if I use the -v (vpopmail) option? How else can the pref's come from a username if there is no username assigned in the /etc/password? I thought that was why there was the -v and -q options to begin with. I've tried using -v with -u daemon, but that didn't help. Doesn't spamc look at who the email is delivered to? And then take the prefs based on that address? I guess I'm not following what the point of the options are if this isn't the case. Can I pass the username to spamc in the form of [EMAIL PROTECTED], even if this doesn't exist in the /etc/password file for spamc to grab the config for? If so, how? Thanks! -Original Message- From: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 8:20 PM To: Don O'Neil Cc: users@spamassassin.apache.org Subject: Re: Enabling per user rules in SQL db Don O'Neil wrote: > Looks like the problem is the username interpretation > > Feb 12 19:53:44 bigbird spamd[85410]: config: Conf::SQL: executing SQL: > select p > reference, value from userpref where username = 'shcu0003' or username > = '@GLOBAL' order by username asc Feb 12 19:53:44 bigbird > spamd[85410]: config: retrieving prefs for shcu0003 from SQL server > Feb 12 19:53:44 bigbird spamd[85410]: info: user has changed > > Shouldn't it be checking the actual delivery address, such as > '[EMAIL PROTECTED]' rather than the user ID? There are many > email accounts associated with that userID (the ID is that for the > domain account). > > I was under the impression that that was they way it worked, and the > GUI's expect that too. Maybe I'm missing something in the config? The username used is either the user spamc is run by or the username supplied to spamc with the -u parameter. spamc can't just guess what username to use, as you've suggested. Daryl
Re: Enabling per user rules in SQL db
Don O'Neil wrote: Looks like the problem is the username interpretation Feb 12 19:53:44 bigbird spamd[85410]: config: Conf::SQL: executing SQL: select p reference, value from userpref where username = 'shcu0003' or username = '@GLOBAL' order by username asc Feb 12 19:53:44 bigbird spamd[85410]: config: retrieving prefs for shcu0003 from SQL server Feb 12 19:53:44 bigbird spamd[85410]: info: user has changed Shouldn't it be checking the actual delivery address, such as '[EMAIL PROTECTED]' rather than the user ID? There are many email accounts associated with that userID (the ID is that for the domain account). I was under the impression that that was they way it worked, and the GUI's expect that too. Maybe I'm missing something in the config? The username used is either the user spamc is run by or the username supplied to spamc with the -u parameter. spamc can't just guess what username to use, as you've suggested. Daryl
Re: Enabling per user rules in SQL db
There's no need for that patch. The only thing it does is change the SQL query which you can do with "user_scores_sql_custom_query" if you feel so inclined. Don O'Neil wrote: Thanks for the patch... I'll see what I can find. Sounds to me like 3.1.0 is broken. Since I've never run anything earlier, I can't confirm if it's something specific with 3.1.0. Don -Original Message- From: Dale Morin [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 7:34 PM To: users@spamassassin.apache.org Cc: Don O'Neil Subject: RE: Enabling per user rules in SQL db Hello Don, I ran into exactly the same problem and I have not been able to get per-user rules to work from mysql. I hacked a workaround but have not revisited it lately. Anyway, here is a patch file for SQL.pm that will give you additional output that may be helpful while you're debugging. This presumes that you're running v3.1.0. --- SQL.pm.org 2005-11-20 12:39:22.0 -0600 +++ SQL.pm 2005-11-20 12:45:06.0 -0600 @@ -125,8 +125,10 @@ my $dbh = DBI->connect($dsn, $dbuser, $dbpass, {'PrintError' => 0}); if ($dbh) { + dbg("config: Conf::SQL: database connection established"); my $sql; if (defined($custom_query)) { + dbg("config: Conf::SQL: custom query defined"); $sql = $custom_query; my $quoted_username = $dbh->quote($username); my ($mailbox, $domain) = split('@', $username); @@ -139,19 +141,24 @@ $sql =~ s/_DOMAIN_/$quoted_domain/g; } else { + dbg("config: Conf::SQL: using deliverd query"); $sql = "select $f_preference, $f_value from $f_table where ". "$f_username = ".$dbh->quote($username). -" or $f_username = '[EMAIL PROTECTED]' order by $f_username asc"; +" or $f_username = '\$GLOBAL' order by $f_username asc"; } - dbg("config: Conf::SQL: executing SQL: $sql"); + dbg("config: Conf::SQL: preparing SQL: $sql"); my $sth = $dbh->prepare($sql); if ($sth) { + dbg("config: Conf::SQL: executing SQL: $sql"); my $rv = $sth->execute(); if ($rv) { -dbg("config: retrieving prefs for $username from SQL server"); +dbg("config: Conf::SQL: retrieving prefs for $username from SQL server"); + my $numrows = $sth->rows; +dbg("config: Conf::SQL: retrieved $numrows rows from SQL + server"); my @row; my $text = ''; while (@row = $sth->fetchrow_array()) { +dbg("config: Conf::SQL: fetched row: $row[0] $row[1]"); $text .= (defined($row[0]) ? $row[0] : '') . "\t" . (defined($row[1]) ? $row[1] : '') . "\n"; } -- Dale Morin, Mustang Internet Services, Inc. "Support Without Compromise" main office: 847.541.2811 direct line: 815.496.9853 email: [EMAIL PROTECTED]
RE: Enabling per user rules in SQL db
Looks like the problem is the username interpretation Feb 12 19:53:44 bigbird spamd[85410]: config: Conf::SQL: executing SQL: select p reference, value from userpref where username = 'shcu0003' or username = '@GLOBAL' order by username asc Feb 12 19:53:44 bigbird spamd[85410]: config: retrieving prefs for shcu0003 from SQL server Feb 12 19:53:44 bigbird spamd[85410]: info: user has changed Shouldn't it be checking the actual delivery address, such as '[EMAIL PROTECTED]' rather than the user ID? There are many email accounts associated with that userID (the ID is that for the domain account). I was under the impression that that was they way it worked, and the GUI's expect that too. Maybe I'm missing something in the config? -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 7:44 PM To: Don O'Neil Cc: users@spamassassin.apache.org Subject: Re: Enabling per user rules in SQL db it isn't 3.1, I am pretty sure it is 3.0 HFC Don O'Neil wrote: >Which version of Spamassassin are you running? > >-Original Message- >From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] >Sent: Sunday, February 12, 2006 3:11 PM >To: Don O'Neil >Subject: Re: Enabling per user rules in SQL db > >I am using -q -x on spamd. > >HFC > > >Don O'Neil wrote: > > > >>Spamd is being called through spamc in a | to the ifspamh wrapper >> >>http://www.gbnet.net/~jrg/qmail/ifspamh/ >> >>It's a wrapper that is called from the virtual sql users .qmail file. >> >>-Original Message- >>From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] >>Sent: Sunday, February 12, 2006 3:00 PM >>To: Don O'Neil >>Cc: users@spamassassin.apache.org >>Subject: Re: Enabling per user rules in SQL db >> >>How is spamd getting called? spamass-milter? >> >>If so put the following in your sysconfig: "-u -e" >> >>HFC >> >> >> >> >> >>Don O'Neil wrote: >> >> >> >> >>
Re: Enabling per user rules in SQL db
it isn't 3.1, I am pretty sure it is 3.0 HFC Don O'Neil wrote: Which version of Spamassassin are you running? -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 3:11 PM To: Don O'Neil Subject: Re: Enabling per user rules in SQL db I am using -q -x on spamd. HFC Don O'Neil wrote: Spamd is being called through spamc in a | to the ifspamh wrapper http://www.gbnet.net/~jrg/qmail/ifspamh/ It's a wrapper that is called from the virtual sql users .qmail file. -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 3:00 PM To: Don O'Neil Cc: users@spamassassin.apache.org Subject: Re: Enabling per user rules in SQL db How is spamd getting called? spamass-milter? If so put the following in your sysconfig: "-u -e" HFC Don O'Neil wrote: I'm having problems getting rules to be read from a DB: I'm launching spamd: /usr/local/bin/spamd -x -Q -s local5 -d (thanks for the brainfart fix on the logs) And have /etc/mail/spamassassin/sql.cf: user_scores_dsn DBI:mysql:spamassassin:localhost user_scores_sql_passwordspamkiller user_scores_sql_usernamespamassassin And created the tables with the included templates, and installed one of the web based config tools (from http://mail.limelyte.net/webspam/ ) and it wrote: username preference value prefid [EMAIL PROTECTED] rewrite_header Subject ***SPAM*** 1 [EMAIL PROTECTED] report_safe 1 2 [EMAIL PROTECTED] use_terse_report 0 3 [EMAIL PROTECTED] always_add_headers 1 4 [EMAIL PROTECTED] always_add_report 0 5 [EMAIL PROTECTED] required_hits 5 6 To the userpref table... But it doesn't seem to be working. There is a message from the daemon: Feb 12 14:24:42 bigbird spamd[5154]: spamd: setuid to shcu0129 succeeded, reading scores from SQL So it seems to be connecting... But I never see a message "retrieving prefs for [EMAIL PROTECTED] from SQL server" I'm sending myself spam... And it gets flagged, but the subject isn't being rewritten. What am I doing wrong or missing? Thanks again Don smime.p7s Description: S/MIME Cryptographic Signature
RE: Enabling per user rules in SQL db
Which version of Spamassassin are you running? -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 3:11 PM To: Don O'Neil Subject: Re: Enabling per user rules in SQL db I am using -q -x on spamd. HFC Don O'Neil wrote: >Spamd is being called through spamc in a | to the ifspamh wrapper > >http://www.gbnet.net/~jrg/qmail/ifspamh/ > >It's a wrapper that is called from the virtual sql users .qmail file. > >-Original Message- >From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] >Sent: Sunday, February 12, 2006 3:00 PM >To: Don O'Neil >Cc: users@spamassassin.apache.org >Subject: Re: Enabling per user rules in SQL db > >How is spamd getting called? spamass-milter? > >If so put the following in your sysconfig: "-u -e" > >HFC > > > > > >Don O'Neil wrote: > > > >>I'm having problems getting rules to be read from a DB: >> >>I'm launching spamd: /usr/local/bin/spamd -x -Q -s local5 -d (thanks >>for the brainfart fix on the logs) >> >>And have /etc/mail/spamassassin/sql.cf: >> >>user_scores_dsn DBI:mysql:spamassassin:localhost >>user_scores_sql_passwordspamkiller >>user_scores_sql_usernamespamassassin >> >>And created the tables with the included templates, and installed one >>of the web based config tools (from http://mail.limelyte.net/webspam/ >>) and it >>wrote: >> >>username preference value prefid >>[EMAIL PROTECTED] rewrite_header Subject ***SPAM*** 1 [EMAIL PROTECTED] >>report_safe 1 2 [EMAIL PROTECTED] use_terse_report 0 3 [EMAIL PROTECTED] >>always_add_headers 1 4 [EMAIL PROTECTED] always_add_report 0 5 >>[EMAIL PROTECTED] required_hits 5 6 >> >>To the userpref table... But it doesn't seem to be working. >> >>There is a message from the daemon: >> >>Feb 12 14:24:42 bigbird spamd[5154]: spamd: setuid to shcu0129 >>succeeded, reading scores from SQL So it seems to be connecting... >> >>But I never see a message "retrieving prefs for [EMAIL PROTECTED] from >>SQL server" >> >>I'm sending myself spam... And it gets flagged, but the subject isn't >>being rewritten. >> >>What am I doing wrong or missing? >> >> >>Thanks again >>Don >> >> >> >>
RE: Enabling per user rules in SQL db
Thanks for the patch... I'll see what I can find. Sounds to me like 3.1.0 is broken. Since I've never run anything earlier, I can't confirm if it's something specific with 3.1.0. Don -Original Message- From: Dale Morin [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 7:34 PM To: users@spamassassin.apache.org Cc: Don O'Neil Subject: RE: Enabling per user rules in SQL db Hello Don, I ran into exactly the same problem and I have not been able to get per-user rules to work from mysql. I hacked a workaround but have not revisited it lately. Anyway, here is a patch file for SQL.pm that will give you additional output that may be helpful while you're debugging. This presumes that you're running v3.1.0. --- SQL.pm.org 2005-11-20 12:39:22.0 -0600 +++ SQL.pm 2005-11-20 12:45:06.0 -0600 @@ -125,8 +125,10 @@ my $dbh = DBI->connect($dsn, $dbuser, $dbpass, {'PrintError' => 0}); if ($dbh) { + dbg("config: Conf::SQL: database connection established"); my $sql; if (defined($custom_query)) { + dbg("config: Conf::SQL: custom query defined"); $sql = $custom_query; my $quoted_username = $dbh->quote($username); my ($mailbox, $domain) = split('@', $username); @@ -139,19 +141,24 @@ $sql =~ s/_DOMAIN_/$quoted_domain/g; } else { + dbg("config: Conf::SQL: using deliverd query"); $sql = "select $f_preference, $f_value from $f_table where ". "$f_username = ".$dbh->quote($username). -" or $f_username = '[EMAIL PROTECTED]' order by $f_username asc"; +" or $f_username = '\$GLOBAL' order by $f_username asc"; } - dbg("config: Conf::SQL: executing SQL: $sql"); + dbg("config: Conf::SQL: preparing SQL: $sql"); my $sth = $dbh->prepare($sql); if ($sth) { + dbg("config: Conf::SQL: executing SQL: $sql"); my $rv = $sth->execute(); if ($rv) { -dbg("config: retrieving prefs for $username from SQL server"); +dbg("config: Conf::SQL: retrieving prefs for $username from SQL server"); + my $numrows = $sth->rows; +dbg("config: Conf::SQL: retrieved $numrows rows from SQL + server"); my @row; my $text = ''; while (@row = $sth->fetchrow_array()) { +dbg("config: Conf::SQL: fetched row: $row[0] $row[1]"); $text .= (defined($row[0]) ? $row[0] : '') . "\t" . (defined($row[1]) ? $row[1] : '') . "\n"; } -- Dale Morin, Mustang Internet Services, Inc. "Support Without Compromise" main office: 847.541.2811 direct line: 815.496.9853 email: [EMAIL PROTECTED]
RE: Enabling per user rules in SQL db
Hello Don, I ran into exactly the same problem and I have not been able to get per-user rules to work from mysql. I hacked a workaround but have not revisited it lately. Anyway, here is a patch file for SQL.pm that will give you additional output that may be helpful while you're debugging. This presumes that you're running v3.1.0. --- SQL.pm.org 2005-11-20 12:39:22.0 -0600 +++ SQL.pm 2005-11-20 12:45:06.0 -0600 @@ -125,8 +125,10 @@ my $dbh = DBI->connect($dsn, $dbuser, $dbpass, {'PrintError' => 0}); if ($dbh) { + dbg("config: Conf::SQL: database connection established"); my $sql; if (defined($custom_query)) { + dbg("config: Conf::SQL: custom query defined"); $sql = $custom_query; my $quoted_username = $dbh->quote($username); my ($mailbox, $domain) = split('@', $username); @@ -139,19 +141,24 @@ $sql =~ s/_DOMAIN_/$quoted_domain/g; } else { + dbg("config: Conf::SQL: using deliverd query"); $sql = "select $f_preference, $f_value from $f_table where ". "$f_username = ".$dbh->quote($username). -" or $f_username = '[EMAIL PROTECTED]' order by $f_username asc"; +" or $f_username = '\$GLOBAL' order by $f_username asc"; } - dbg("config: Conf::SQL: executing SQL: $sql"); + dbg("config: Conf::SQL: preparing SQL: $sql"); my $sth = $dbh->prepare($sql); if ($sth) { + dbg("config: Conf::SQL: executing SQL: $sql"); my $rv = $sth->execute(); if ($rv) { -dbg("config: retrieving prefs for $username from SQL server"); +dbg("config: Conf::SQL: retrieving prefs for $username from SQL server"); + my $numrows = $sth->rows; +dbg("config: Conf::SQL: retrieved $numrows rows from SQL server"); my @row; my $text = ''; while (@row = $sth->fetchrow_array()) { +dbg("config: Conf::SQL: fetched row: $row[0] $row[1]"); $text .= (defined($row[0]) ? $row[0] : '') . "\t" . (defined($row[1]) ? $row[1] : '') . "\n"; } -- Dale Morin, Mustang Internet Services, Inc. "Support Without Compromise" main office: 847.541.2811 direct line: 815.496.9853 email: [EMAIL PROTECTED]
Re: Spam count down today
On Sunday 12 February 2006 5:58 pm, jdow wrote: > From: "Raymond Dijkxhoorn" <[EMAIL PROTECTED]> > > > Hi! > > > >> The spam count today was unaccountably low, about 3/4 of normal. Did > >> some spammer get "busted" or "broken" very recently? > >> > >> If so the tale would be fun to hear. > >> {^_^} > > > > Most likely you dont see them all since they moved to new stuff that > > doesnt get them scored. We added various custom rules to get them in > > again. > > I guarantee that is not the case. I see every email that comes to my > addresses, score them, and sort the spam to a spam folder for review. > (Actually I do have the Earthlink AV tool turned on. So if a botnet > switched to virusing I might not see it's mail. But a solid 25% reduction > is "remarkable" in that regard. I'd not expect it.) > > {^_-} Odd, I got my usual 165+ today. FWIW, my spam count usually runs between 165 - 200 daily. Note, this is just a home, one user system. Matter of fact it looks like I got an increase in stock market spam today. -- Chris Registered Linux User 283774 http://counter.li.org 21:02:43 up 34 days, 2:49, 2 users, load average: 0.88, 0.67, 0.37 Mandriva Linux 10.1 Official, kernel 2.6.8.1-12mdk pgpLDPC1sWFXb.pgp Description: PGP signature
Re: user_prefs rules throwing errors
Jim Smith wrote: Welcome to the club. Gee it's such an honor to be part of that club . This has been a slippery thing for me as well. If I restart SA, it will go away for a while and those rules will work correctly for approx 6-12 hours. When it starts misbehaving, I can take the two rules out and it works fine. Put them back in, and it chokes immediately. Restart and I get another several hours of trouble-free operation. Since I'm stuck inside today due to the blizzard in Connecticut, I've had lots of time to swap rules in my procmail & user_prefs file in & out until I was able to narrow the error down to those two rules. I'm not familiar with BZ but let me know if my info can help out. Please add yourself to the CC: list on this bug. http://issues.apache.org/SpamAssassin/show_bug.cgi?id=3838 Also, if you can _attach_ a copy of the rules causing the problem to the bug and comment on exactly which versions you see the problem, and which you don't see the problem (with these rules). Further, if you can attach a copy of a message that triggers the problem with these rules, there's a far better chance of it getting fixed. Thanks, Daryl
RE: Enabling per user rules in SQL db
Yup... On the same server. We use SQL to manage the qmail users, and DBI and DBD are used all the time from packages such as phpMySQLadmin, etc... They're there. -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 6:28 PM To: Don O'Neil Cc: users@spamassassin.apache.org Subject: Re: Enabling per user rules in SQL db Very interesting. Is the mysql server on the same machine spamassassin is running on? I assumed you have insured DBI and the DBD for MySQL is installed. HFC Don O'Neil wrote: >I've tride with both -Q and -q... But neither makes a difference. > >Don > >-Original Message- >From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] >Sent: Sunday, February 12, 2006 3:11 PM >To: Don O'Neil >Subject: Re: Enabling per user rules in SQL db > >I am using -q -x on spamd. > >HFC > > >Don O'Neil wrote: > > > >>Spamd is being called through spamc in a | to the ifspamh wrapper >> >>http://www.gbnet.net/~jrg/qmail/ifspamh/ >> >>It's a wrapper that is called from the virtual sql users .qmail file. >> >>-Original Message- >>From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] >>Sent: Sunday, February 12, 2006 3:00 PM >>To: Don O'Neil >>Cc: users@spamassassin.apache.org >>Subject: Re: Enabling per user rules in SQL db >> >>How is spamd getting called? spamass-milter? >> >>If so put the following in your sysconfig: "-u -e" >> >>HFC >> >> >> >> >> >>Don O'Neil wrote: >> >> >> >> >> >>>I'm having problems getting rules to be read from a DB: >>> >>>I'm launching spamd: /usr/local/bin/spamd -x -Q -s local5 -d (thanks >>>for the brainfart fix on the logs) >>> >>>And have /etc/mail/spamassassin/sql.cf: >>> >>>user_scores_dsn DBI:mysql:spamassassin:localhost >>>user_scores_sql_passwordspamkiller >>>user_scores_sql_usernamespamassassin >>> >>>And created the tables with the included templates, and installed one >>>of the web based config tools (from http://mail.limelyte.net/webspam/ >>>) and it >>>wrote: >>> >>>usernamepreference value prefid >>>[EMAIL PROTECTED] rewrite_header Subject ***SPAM*** 1 [EMAIL PROTECTED] >>>report_safe 1 2 [EMAIL PROTECTED] use_terse_report 0 3 [EMAIL PROTECTED] >>>always_add_headers 1 4 [EMAIL PROTECTED] always_add_report 0 5 >>>[EMAIL PROTECTED] required_hits 5 6 >>> >>>To the userpref table... But it doesn't seem to be working. >>> >>>There is a message from the daemon: >>> >>>Feb 12 14:24:42 bigbird spamd[5154]: spamd: setuid to shcu0129 >>>succeeded, reading scores from SQL So it seems to be connecting... >>> >>>But I never see a message "retrieving prefs for [EMAIL PROTECTED] from >>>SQL server" >>> >>>I'm sending myself spam... And it gets flagged, but the subject isn't >>>being rewritten. >>> >>>What am I doing wrong or missing? >>> >>> >>>Thanks again >>>Don >>> >>> >>> >>> >>> >>>
Re: Enabling per user rules in SQL db
Very interesting. Is the mysql server on the same machine spamassassin is running on? I assumed you have insured DBI and the DBD for MySQL is installed. HFC Don O'Neil wrote: I've tride with both -Q and -q... But neither makes a difference. Don -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 3:11 PM To: Don O'Neil Subject: Re: Enabling per user rules in SQL db I am using -q -x on spamd. HFC Don O'Neil wrote: Spamd is being called through spamc in a | to the ifspamh wrapper http://www.gbnet.net/~jrg/qmail/ifspamh/ It's a wrapper that is called from the virtual sql users .qmail file. -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 3:00 PM To: Don O'Neil Cc: users@spamassassin.apache.org Subject: Re: Enabling per user rules in SQL db How is spamd getting called? spamass-milter? If so put the following in your sysconfig: "-u -e" HFC Don O'Neil wrote: I'm having problems getting rules to be read from a DB: I'm launching spamd: /usr/local/bin/spamd -x -Q -s local5 -d (thanks for the brainfart fix on the logs) And have /etc/mail/spamassassin/sql.cf: user_scores_dsn DBI:mysql:spamassassin:localhost user_scores_sql_passwordspamkiller user_scores_sql_usernamespamassassin And created the tables with the included templates, and installed one of the web based config tools (from http://mail.limelyte.net/webspam/ ) and it wrote: username preference value prefid [EMAIL PROTECTED] rewrite_header Subject ***SPAM*** 1 [EMAIL PROTECTED] report_safe 1 2 [EMAIL PROTECTED] use_terse_report 0 3 [EMAIL PROTECTED] always_add_headers 1 4 [EMAIL PROTECTED] always_add_report 0 5 [EMAIL PROTECTED] required_hits 5 6 To the userpref table... But it doesn't seem to be working. There is a message from the daemon: Feb 12 14:24:42 bigbird spamd[5154]: spamd: setuid to shcu0129 succeeded, reading scores from SQL So it seems to be connecting... But I never see a message "retrieving prefs for [EMAIL PROTECTED] from SQL server" I'm sending myself spam... And it gets flagged, but the subject isn't being rewritten. What am I doing wrong or missing? Thanks again Don smime.p7s Description: S/MIME Cryptographic Signature
RE: user_prefs rules throwing errors
> Welcome to the club. Gee it's such an honor to be part of that club . This has been a slippery thing for me as well. If I restart SA, it will go away for a while and those rules will work correctly for approx 6-12 hours. When it starts misbehaving, I can take the two rules out and it works fine. Put them back in, and it chokes immediately. Restart and I get another several hours of trouble-free operation. Since I'm stuck inside today due to the blizzard in Connecticut, I've had lots of time to swap rules in my procmail & user_prefs file in & out until I was able to narrow the error down to those two rules. I'm not familiar with BZ but let me know if my info can help out. Regards, Jim Smith > -Original Message- > From: Loren Wilton [mailto:[EMAIL PROTECTED] > Sent: Sunday, February 12, 2006 8:40 PM > To: users@spamassassin.apache.org > Subject: Re: user_prefs rules throwing errors > > Welcome to the club. This has been happening sporadically > since 3.0.0. But > it seems that nobody has been able to come up with a solid > testcase that > will always fail. It seems that you have in some way, at > least on your > system. > > There is at least one BZ ticket open on this. > > Loren >
Newbie question: Possibility of Bayes learn on my server?
Hi there, My mail server running with Sendmail.8.13.5 + MIMEDefang 2.55 + SA 3.1 + RDJ, no mailbox for users and acts as a pure mail "exchange" MTA only like alias of [EMAIL PROTECTED] forward to [EMAIL PROTECTED] Because of the increasing of spam, I would like to have a try of Bayes learn, but have some confusions: 1. How can I train the Bayes DB without any email storage? 2. (looks OT) How can I saved the good mails and bad mails into the maildrop to train with and do this action violating and rules? Cheers Simon
RE: user_prefs rules throwing errors
The wrapping is an email thing; in user_prefs body, score, & describe are each on a line. There are no errors in lint. The only clue that something is amiss (other than SA not marking up the headers) is the error in the log file. Jim > -Original Message- > From: jdow [mailto:[EMAIL PROTECTED] > Sent: Sunday, February 12, 2006 8:29 PM > To: users@spamassassin.apache.org > Subject: Re: user_prefs rules throwing errors > > From: "Jim Smith" <[EMAIL PROTECTED]> > > >I have narrowed down a couple of rules in my user_prefs > file, either of > > which are creating an error in my log file: > > "Insecure dependency in eval while running setuid at > > > /usr/local/lib/perl5/site_perl/5.8.4/Mail/SpamAssassin/Conf/Pa > rser.pm line > > 913" > > > > The two rules are: > > # > > body PATENT_BIZ /based patent business/i > > score PATENT_BIZ -2.0 > > describe PATENT_BIZ Reduce score for someone with comments about my > > business > > # > > body YOUR_PATENT /your patents/i > > score YOUR_PATENT -2.0 > > describe YOUR_PATENT Reduce score for someone with comments about my > > patents > > # > > > > When I comment them both out, the error goes away. Is there > a syntax error > > that I'm not aware of with these? I used them successfully > with older > > versions of SA but I'm at version 3.1.0 and am getting the > error message and > > it is killing SA from completion. > > What does "spamassassin --lint" say? It looks like the rules are line > wrapped perhaps inappropriately. > > {^_^} >
Re: user_prefs rules throwing errors
Welcome to the club. This has been happening sporadically since 3.0.0. But it seems that nobody has been able to come up with a solid testcase that will always fail. It seems that you have in some way, at least on your system. There is at least one BZ ticket open on this. Loren
Re: user_prefs rules throwing errors
From: "Jim Smith" <[EMAIL PROTECTED]> I have narrowed down a couple of rules in my user_prefs file, either of which are creating an error in my log file: "Insecure dependency in eval while running setuid at /usr/local/lib/perl5/site_perl/5.8.4/Mail/SpamAssassin/Conf/Parser.pm line 913" The two rules are: # body PATENT_BIZ /based patent business/i score PATENT_BIZ -2.0 describe PATENT_BIZ Reduce score for someone with comments about my business # body YOUR_PATENT /your patents/i score YOUR_PATENT -2.0 describe YOUR_PATENT Reduce score for someone with comments about my patents # When I comment them both out, the error goes away. Is there a syntax error that I'm not aware of with these? I used them successfully with older versions of SA but I'm at version 3.1.0 and am getting the error message and it is killing SA from completion. What does "spamassassin --lint" say? It looks like the rules are line wrapped perhaps inappropriately. {^_^}
user_prefs rules throwing errors
I have narrowed down a couple of rules in my user_prefs file, either of which are creating an error in my log file: "Insecure dependency in eval while running setuid at /usr/local/lib/perl5/site_perl/5.8.4/Mail/SpamAssassin/Conf/Parser.pm line 913" The two rules are: # body PATENT_BIZ /based patent business/i score PATENT_BIZ-2.0 describe PATENT_BIZ Reduce score for someone with comments about my business # body YOUR_PATENT/your patents/i score YOUR_PATENT -2.0 describe YOUR_PATENTReduce score for someone with comments about my patents # When I comment them both out, the error goes away. Is there a syntax error that I'm not aware of with these? I used them successfully with older versions of SA but I'm at version 3.1.0 and am getting the error message and it is killing SA from completion. Jim Smith
RE: Enabling per user rules in SQL db
I've tride with both -Q and -q... But neither makes a difference. Don -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 3:11 PM To: Don O'Neil Subject: Re: Enabling per user rules in SQL db I am using -q -x on spamd. HFC Don O'Neil wrote: >Spamd is being called through spamc in a | to the ifspamh wrapper > >http://www.gbnet.net/~jrg/qmail/ifspamh/ > >It's a wrapper that is called from the virtual sql users .qmail file. > >-Original Message- >From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] >Sent: Sunday, February 12, 2006 3:00 PM >To: Don O'Neil >Cc: users@spamassassin.apache.org >Subject: Re: Enabling per user rules in SQL db > >How is spamd getting called? spamass-milter? > >If so put the following in your sysconfig: "-u -e" > >HFC > > > > > >Don O'Neil wrote: > > > >>I'm having problems getting rules to be read from a DB: >> >>I'm launching spamd: /usr/local/bin/spamd -x -Q -s local5 -d (thanks >>for the brainfart fix on the logs) >> >>And have /etc/mail/spamassassin/sql.cf: >> >>user_scores_dsn DBI:mysql:spamassassin:localhost >>user_scores_sql_passwordspamkiller >>user_scores_sql_usernamespamassassin >> >>And created the tables with the included templates, and installed one >>of the web based config tools (from http://mail.limelyte.net/webspam/ >>) and it >>wrote: >> >>username preference value prefid >>[EMAIL PROTECTED] rewrite_header Subject ***SPAM*** 1 [EMAIL PROTECTED] >>report_safe 1 2 [EMAIL PROTECTED] use_terse_report 0 3 [EMAIL PROTECTED] >>always_add_headers 1 4 [EMAIL PROTECTED] always_add_report 0 5 >>[EMAIL PROTECTED] required_hits 5 6 >> >>To the userpref table... But it doesn't seem to be working. >> >>There is a message from the daemon: >> >>Feb 12 14:24:42 bigbird spamd[5154]: spamd: setuid to shcu0129 >>succeeded, reading scores from SQL So it seems to be connecting... >> >>But I never see a message "retrieving prefs for [EMAIL PROTECTED] from >>SQL server" >> >>I'm sending myself spam... And it gets flagged, but the subject isn't >>being rewritten. >> >>What am I doing wrong or missing? >> >> >>Thanks again >>Don >> >> >> >>
Re: sa-update
You might try SpamAssassin Rules Emporium's rule sets at http://www.rulesemporium.com/. (At least I didn't use ransom character set to reply to the microprint message.) HTML mail - BLEAH! {^_-} - Original Message - From: Vahric MUHTARYAN To: users@spamassassin.apache.org Sent: 2006 February, 12, Sunday 12:10 Subject: sa-update Hi Everybody , I checked sa-update today and in documentation I saw that sa-update is for only when people moving from old version to new version ! right? Do you know any community for watching spams and updating rules continousely for spamd ?! or any body working or not ? or sharing his/her rules with others ? Thanks Vahric
Re: Spam count down today
For what it's worth, our spam counts are also significantly down. I think the main spammer that's been doing the Rolex and Mitigating drugs went on vacation with the stock spamer for a few days. -Russ
Re: Spam count down today
From: "Masashi SAKURADA" <[EMAIL PROTECTED]> Hello, From: "jdow" <[EMAIL PROTECTED]> Subject: Spam count down today Date: Sun, 12 Feb 2006 04:29:22 -0800 The spam count today was unaccountably low, about 3/4 of normal. Did some spammer get "busted" or "broken" very recently? These few days, I feel that number of spams are getting larger a little. They just set their sights on Japan? If so the tale would be fun to hear. Would be interesting. Heh, I heard the (possible) tale. Poor boy got his nose boo-booed. Mommy wants to rub salt on it to make it feel better. I'm not at liberty to assign IDs to the boo-boo-ee or the boo-boo-or. {^_-}
Re: Spam count down today
From: "Raymond Dijkxhoorn" <[EMAIL PROTECTED]> Hi! The spam count today was unaccountably low, about 3/4 of normal. Did some spammer get "busted" or "broken" very recently? If so the tale would be fun to hear. {^_^} Most likely you dont see them all since they moved to new stuff that doesnt get them scored. We added various custom rules to get them in again. I guarantee that is not the case. I see every email that comes to my addresses, score them, and sort the spam to a spam folder for review. (Actually I do have the Earthlink AV tool turned on. So if a botnet switched to virusing I might not see it's mail. But a solid 25% reduction is "remarkable" in that regard. I'd not expect it.) {^_-}
Re: Bayes Help! Stopped working 3.0.x --> 3.1.0
First lets make sure SA is not looking at the other config files. Rename the dir's they are in. Then run spamd in debug and see what it is doing. Jonn On Sun, 12 Feb 2006 16:31:04 -0600 (CST) "Russ B." <[EMAIL PROTECTED]> wrote: Did you check v310.pre and init.pre config files? Jonn Those are in /usr/local/etc/mail/spamassassin and I'm not using those So since my config directory is defined as /etc/mail/spamassassin... it should ignore those, yes? But if it WASN'T ignoring those, why does sa-learn still go after /usr/local/etc/bayes/bayes as the config dir - which definately isn't in the /usr/local/etc/mail/spamassassin/v310.pre and init.pre files..? Appreciate the help! Russ
What do these messages with -D mean?
I ran spamassassin -D and got the following in the debug output. Is this a problem? If so what should I do? [27299] dbg: bayes: no dbs present, cannot tie DB R/O: /var/spool/MIMEDefang/mimedefang-bayes_toks [27299] dbg: bayes: not scoring message, returning undef [27299] dbg: bayes: opportunistic call attempt failed, DB not readable -- Barton L. Phillips Applied Technology Resources, Inc. Tel: (818)652-9850 Web: http://www.applitec.com
Re: Enabling per user rules in SQL db
How is spamd getting called? spamass-milter? If so put the following in your sysconfig: "-u -e" HFC Don O'Neil wrote: I'm having problems getting rules to be read from a DB: I'm launching spamd: /usr/local/bin/spamd -x -Q -s local5 -d (thanks for the brainfart fix on the logs) And have /etc/mail/spamassassin/sql.cf: user_scores_dsn DBI:mysql:spamassassin:localhost user_scores_sql_passwordspamkiller user_scores_sql_usernamespamassassin And created the tables with the included templates, and installed one of the web based config tools (from http://mail.limelyte.net/webspam/ ) and it wrote: username preference value prefid [EMAIL PROTECTED] rewrite_header Subject ***SPAM*** 1 [EMAIL PROTECTED] report_safe 1 2 [EMAIL PROTECTED] use_terse_report 0 3 [EMAIL PROTECTED] always_add_headers 1 4 [EMAIL PROTECTED] always_add_report 0 5 [EMAIL PROTECTED] required_hits 5 6 To the userpref table... But it doesn't seem to be working. There is a message from the daemon: Feb 12 14:24:42 bigbird spamd[5154]: spamd: setuid to shcu0129 succeeded, reading scores from SQL So it seems to be connecting... But I never see a message "retrieving prefs for [EMAIL PROTECTED] from SQL server" I'm sending myself spam... And it gets flagged, but the subject isn't being rewritten. What am I doing wrong or missing? Thanks again Don smime.p7s Description: S/MIME Cryptographic Signature
Enabling per user rules in SQL db
I'm having problems getting rules to be read from a DB: I'm launching spamd: /usr/local/bin/spamd -x -Q -s local5 -d (thanks for the brainfart fix on the logs) And have /etc/mail/spamassassin/sql.cf: user_scores_dsn DBI:mysql:spamassassin:localhost user_scores_sql_passwordspamkiller user_scores_sql_usernamespamassassin And created the tables with the included templates, and installed one of the web based config tools (from http://mail.limelyte.net/webspam/ ) and it wrote: username preference value prefid [EMAIL PROTECTED] rewrite_header Subject ***SPAM*** 1 [EMAIL PROTECTED] report_safe 1 2 [EMAIL PROTECTED] use_terse_report 0 3 [EMAIL PROTECTED] always_add_headers 1 4 [EMAIL PROTECTED] always_add_report 0 5 [EMAIL PROTECTED] required_hits 5 6 To the userpref table... But it doesn't seem to be working. There is a message from the daemon: Feb 12 14:24:42 bigbird spamd[5154]: spamd: setuid to shcu0129 succeeded, reading scores from SQL So it seems to be connecting... But I never see a message "retrieving prefs for [EMAIL PROTECTED] from SQL server" I'm sending myself spam... And it gets flagged, but the subject isn't being rewritten. What am I doing wrong or missing? Thanks again Don
Re: sa-update
On Sun, Feb 12, 2006 at 10:10:18PM +0200, Vahric MUHTARYAN wrote: > I checked sa-update today and in documentation I saw that > sa-update is for only when people moving from old version to new version ! > right? Do you know any community for watching spams and updating rules Not exactly. sa-update is available to download new rules from the SpamAssassin project as well as any other groups who publish a sa-update channel (currently none). At the moment, we're still developing sa-update and the main project channel, so there's no updates available for 3.1 yet. > continousely for spamd ?! or any body working or not ? or sharing his/her > rules with others ? There are pointers on the wiki for third-party rulesets. :) -- Randomly Generated Tagline: "Today is going to be one of those days, isn't it? Wait a minute... It's 4pm... It *IS* one of those days..." - Theo pgpjYmOUcJtWz.pgp Description: PGP signature
Re: combined distribution of email list
On Sun, Feb 12, 2006 at 10:58:09AM -0800, Barton L. Phillips wrote: > Is there a combined list distribution? Many other email lists distribute > one combined email per day instead of dozens of separate email. The > volume of emails makes it hard to keep up . You're looking for digest mode. I believe you can subscribe to users-digest@, but to be honest I haven't tried so I'm not 100% sure it's available. -- Randomly Generated Tagline: "He was so big, his shoulders were in different time zones." - Tommy Sledge pgptrsoOP1npr.pgp Description: PGP signature
Re: Using Inet to launch spamd
On Sun, Feb 12, 2006 at 10:49:50AM -0800, Don O'Neil wrote: > Anyone using inetd to launch spamd? I've had my process die a couple of > times and it would be nice to have inetd around to make sure it's allways > running. If you have, what did you put in inetd.conf? You can't run it from inetd (spamd is designed to be standalone). You can probably launch "spamassassin" from inetd, but I wouldn't. If you wanted to run spamd from init/inittab, that's doable. -- Randomly Generated Tagline: "When you're done developing software, all you have are empty pizza boxes ..." - Prof. Michaelson pgpVWWxsA7rvf.pgp Description: PGP signature
Re: Bayes Help! Stopped working 3.0.x --> 3.1.0
> Did you check v310.pre and init.pre config files? > Jonn Those are in /usr/local/etc/mail/spamassassin and I'm not using those So since my config directory is defined as /etc/mail/spamassassin... it should ignore those, yes? But if it WASN'T ignoring those, why does sa-learn still go after /usr/local/etc/bayes/bayes as the config dir - which definately isn't in the /usr/local/etc/mail/spamassassin/v310.pre and init.pre files..? Appreciate the help! Russ
SPF Query Error
I'm getting this in my log file: Feb 12 14:07:49 bigbird spamd[89222]: Use of uninitialized value in concatenatio n (.) or string at /usr/local/lib/perl5/site_perl/5.6.1/Mail/SpamAssassin/Plugin /SPF.pm line 274, line 57. Feb 12 14:07:49 bigbird spamd[89222]: spf: Mail::SPF::Query 1.996 or later requi red, this is However, I have 1.998 installed, and no other versions laying around Any ideas? Don
Re: Bayes Help! Stopped working 3.0.x --> 3.1.0
Did you check v310.pre and init.pre config files? Jonn On Sun, 12 Feb 2006 15:33:11 -0600 (CST) "Russ B." <[EMAIL PROTECTED]> wrote: Russ.. did you run sa-learn --sync after you did your upgrade? I did, and I ran it again and noticed something odd... My config dir is /etc/mail/spamassassin My local.cf USED to have /usr/local/etc/bayes/bayes as the bayes_path, but I have since changed it to /tmp/bayes/bayes and /tmp/bayes for testing purposes. It currently has the /tmp/bayes/bayes setting. However with /tmp/bayes/bayes in the .cf file - when I run "sa-learn --siteconfigpath=/etc/mail/spamassassin --sync", it updates the datestamp on the bayes files in my old bayes location - /usr/local/etc/bayes/bayes ls -altr /usr/local/etc/bayes -rw-rw-rw- 1 root wheel 65536 Feb 12 15:09 bayes_toks -rw-rw-rw- 1 root wheel 65536 Feb 12 15:09 bayes_seen ... and that's AFTER I've restarted spamd multiple times - even gettting confirmation with this in my log file: spamd[96453]: config: SpamAssassin failed to parse line, "/tmp/bayes/bayes" is not valid for "bayes_path", skipping: bayes_path_/tmp/bayes/bayes So my original question was: 1. What's wrong with "bayes_path /usr/local/etc/bayes/bayes" where it was working before in 3.0.x and now not in 3.1.x..." ...to ADD a new find.. using "sa-learn" obviously is messing with the files in my old location at /usr/local/etc/bayes/bayes when my config file says /tmp/bayes/bayes ... and yes, I've done a word search on my /etc/mail/spamassassin directory and there is absolutely no other instance of "bayes_path" or "/usr/local/etc/bayes/bayes" anywhere other than that once instance in my /etc/mail/spamassassin/local.cf. Baffled.
Re: Bayes Help! Stopped working 3.0.x --> 3.1.0
> Russ.. did you run sa-learn --sync after you did your upgrade? > I did, and I ran it again and noticed something odd... My config dir is /etc/mail/spamassassin My local.cf USED to have /usr/local/etc/bayes/bayes as the bayes_path, but I have since changed it to /tmp/bayes/bayes and /tmp/bayes for testing purposes. It currently has the /tmp/bayes/bayes setting. However with /tmp/bayes/bayes in the .cf file - when I run "sa-learn --siteconfigpath=/etc/mail/spamassassin --sync", it updates the datestamp on the bayes files in my old bayes location - /usr/local/etc/bayes/bayes > ls -altr /usr/local/etc/bayes -rw-rw-rw- 1 root wheel 65536 Feb 12 15:09 bayes_toks -rw-rw-rw- 1 root wheel 65536 Feb 12 15:09 bayes_seen ... and that's AFTER I've restarted spamd multiple times - even gettting confirmation with this in my log file: spamd[96453]: config: SpamAssassin failed to parse line, "/tmp/bayes/bayes" is not valid for "bayes_path", skipping: bayes_path_/tmp/bayes/bayes So my original question was: 1. What's wrong with "bayes_path /usr/local/etc/bayes/bayes" where it was working before in 3.0.x and now not in 3.1.x..." ...to ADD a new find.. using "sa-learn" obviously is messing with the files in my old location at /usr/local/etc/bayes/bayes when my config file says /tmp/bayes/bayes ... and yes, I've done a word search on my /etc/mail/spamassassin directory and there is absolutely no other instance of "bayes_path" or "/usr/local/etc/bayes/bayes" anywhere other than that once instance in my /etc/mail/spamassassin/local.cf. Baffled.
Re: non-english messages
Matt Kettler <[EMAIL PROTECTED]> writes: > Harry Putnam wrote: >> running spamassassin-3.1.0 >> >> I hoped to filter messages on the basis of non-english subject line so >> went looking in the files spama uses. I see something about FOREIGN >> language but then it dawned on me, being horribly colloquial, not to >> mention near illiterate, how FOREIGN is totally subjective. >> >> For my usage, anything that is not in english is spam. Maybe not >> techniquely in some far fetched case but still something I cannot >> use. >> >> Any one have examples of a spama filter based on that? >> > > This is already built-in to SA. Under man Mail::SpamAssassin::Conf see > the option "ok_languages". Thanks.. I'd gone right by that in Mail::SpamAssassin::Conf. Must have been the locales term that caused me to cruise right by. I've always been confused by that term. SA has gotten a lot more sophisticated since I tinkered with it a couple of years ago. I could have knocked out more than %70 or more of my spam with this single setting long ago. ok_locales en
Re: Bayes Help! Stopped working 3.0.x --> 3.1.0
Jonn R Taylor wrote: > According to the docs these two options where removed. > http://spamassassin.apache.org/full/3.1.x/dist/doc/Mail_SpamAssassin_Conf.html > > bayes_auto_learn_threshold_nonspam 0.8 > bayes_auto_learn_threshold_spam 12.0 No they were not. .they were moved to a plugin, which is loaded by default. http://spamassassin.apache.org/full/3.1.x/dist/doc/Mail_SpamAssassin_Plugin_AutoLearnThreshold.html Russ.. did you run sa-learn --sync after you did your upgrade?
Re: Using Inet to launch spamd
Henry F. Camacho Jr wrote: > Matt: > > Hmmm... Matt, this is exactly what init is designed to do, it will > respawn any daemon that stops running, and reruns it automatically. > Some people use something called daemon tools, or something called > supervisor, all which work just fine. I think init does a great job > of this also assuming the daemon is well behaved. > Nevermind.. I was confusing that with a rc.d style init script.. which won't respawn..
Re: sa-update
Vahric MUHTARYAN wrote: > > Hi Everybody , > > > > I checked sa-update today and in documentation I saw that > sa-update is for only when people moving from old version to new > version ! right? Do you know any community for watching spams and > updating rules continousely for spamd ?! or any body working or not ? > or sharing his/her rules with others ? > www.rulesemporium.com And the rules du jour script will let you auto-update some of the more popular add-on rules. Note: antidrug is NOT for users of sa 3.0.0 or higher. Those versions have my antidrug ruleset built-in already.
Re: Bayes Help! Stopped working 3.0.x --> 3.1.0
> According to the docs these two options where removed. > http://spamassassin.apache.org/full/3.1.x/dist/doc/Mail_SpamAssassin_Conf.html > bayes_auto_learn_threshold_nonspam 0.8 > bayes_auto_learn_threshold_spam 12.0 > > Check your log to see if you have any errors. > > Jonn I don't know how I missed this, but found this in the log... config: SpamAssassin failed to parse line, "/usr/local/etc/bayes" is not valid for "bayes_path", skipping: bayes_path /usr/local/etc/bayes (Along with the fails on the threshholds, as you're correct - they were removed) I've tried both /usr/local/etc/bayes and /usr/local/etc/bayes/bayes.. to no avail. And once again the : bayes_path /usr/local/etc/bayes/bayes ... works GREAT in 2.x and 3.0.x.. but in 3.1.0? UG.. what am I missing? The "Docs" for Spamass 3.1.x say: bayes_path /path/filename (default: ~/.spamassassin/bayes) This is the directory and filename for Bayes databases. Several databases will be created, with this as the base directory and filename, with _toks, _seen, etc. appended to the base. The default setting results in files called ~/.spamassassin/bayes_seen, ~/.spamassassin/bayes_toks, etc. By default, each user has their own in their ~/.spamassassin directory with mode 0700/0600. For system-wide SpamAssassin use, you may want to reduce disk space usage by sharing this across all users. However, Bayes appears to be more effective with individual user databases.
Re: Using Inet to launch spamd
Matt: Hmmm... Matt, this is exactly what init is designed to do, it will respawn any daemon that stops running, and reruns it automatically. Some people use something called daemon tools, or something called supervisor, all which work just fine. I think init does a great job of this also assuming the daemon is well behaved. # CLAMD cl:2345:respawn:/usr/local/sbin/clamd ^^^ The magic is the respawn keyword. A demostration is in order: [EMAIL PROTECTED] 11250]# ps -aef |grep clam root 2626 1 0 Feb07 ?00:00:04 /usr/local/sbin/clamd note this number [EMAIL PROTECTED] 11250]# kill -9 2626 [EMAIL PROTECTED] 11250]# ps -aef |grep clam root 11248 1 2 14:15 ?00:00:00 /usr/local/sbin/clamd ^ woo hoo! QED. HFC Matt Kettler wrote: Henry F. Camacho Jr wrote: Don: Another way to do this is to do it during init. Yes, but that doesn't solve his problem. It's also probably what Don is doing right now. Dons problem is spamd crashing and dying. He's looking for a mechanism to ensure it gets restarted even if it crashes. init won't do that, it will just ensure that spamd starts as the system boots. smime.p7s Description: S/MIME Cryptographic Signature
sa-update
Hi Everybody , I checked sa-update today and in documentation I saw that sa-update is for only when people moving from old version to new version ! right? Do you know any community for watching spams and updating rules continousely for spamd ?! or any body working or not ? or sharing his/her rules with others ? Thanks Vahric
Re: Using Inet to launch spamd
Henry F. Camacho Jr wrote: > Don: > > Another way to do this is to do it during init. Yes, but that doesn't solve his problem. It's also probably what Don is doing right now. Dons problem is spamd crashing and dying. He's looking for a mechanism to ensure it gets restarted even if it crashes. init won't do that, it will just ensure that spamd starts as the system boots.
RE: MySQL userprefs
Thank You Henry a lot! This really helps. It seems that boath ways are ok (according to man page) with whitelist_from, but I am still not shure wheather this also applies to all other prefferences. My guess is that it should, at least to those that can logically have several entries. Raimonds -Original Message- From: Henry F. Camacho Jr [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 9:28 PM To: Raimonds Aronietis Cc: users@spamassassin.apache.org Subject: Re: MySQL userprefs Raimonds: I am not sure ether, although I've looked at the source code for the SQL loader. Here is what it looks like: $sql = "select $f_preference, $f_value from $f_table where ". "$f_username = ".$dbh->quote($username). " or $f_username = '[EMAIL PROTECTED]' order by $f_username asc"; } dbg("Conf::SQL: executing SQL: $sql"); my $sth = $dbh->prepare($sql); if($sth) { my $rv = $sth->execute(); if($rv) { dbg("retrieving prefs for $username from SQL server"); my @row; my $text = ''; while(@row = $sth->fetchrow_array()) { $text .= "$row[0]\t$row[1]\n"; } It appears that the this code creates a scalar $text that is broken by "\n" line by line, then passed to the spamassassin as a userpref. It appears this matches the same format as if it was loaded from a on disk userprefs file. Reading the man page I see the following: whitelist_from [EMAIL PROTECTED] Used to specify addresses which send mail that is often tagged (incorrectly) as spam; it also helps if they are addresses of big companies with lots of lawyers. This way, if spammers impersonate them, they’ll get into big trouble, so it doesn’t provide a shortcut around SpamAssassin. If you want to whitelist your own domain, be aware that spammers will often impersonate the domain of the recipient. The recommended solution is to instead use "whitelist_from_rcvd" as explained below. Whitelist and blacklist addresses are now file-glob-style patterns, so "[EMAIL PROTECTED]", "[EMAIL PROTECTED]", or "*.domain.net" will all work. Specifically, "*" and "?" are allowed, but all other metacharacters are not. Regular expressions are not used for secu- rity reasons. Multiple addresses per line, separated by spaces, is OK. Multiple "whitelist_from" lines is also OK. The headers checked for whitelist addresses are as follows: if "Resent-From" is set, use that; otherwise check all addresses taken --- Reading the above leads me to the conclusion that either format will work. Although the normal width of the value column in the userperfs table structure is 100. I would make sense to list each whitelist_from in a sperate row. Hope this helps.. HFC Raimonds Aronietis wrote: >Hi, > >I am trying to make a sql-based per user setup of preferences and want to >ask if anyone knows how the entries in mysql table should be made correctly. >I have not been able to find corresponding documentation. :( > >There are two possible ways and I am in doubt which is correct: > >1. >user prefvalue >aaawhitelist_from [EMAIL PROTECTED] >aaawhitelist_from [EMAIL PROTECTED] >aaaok_locales en >aaaok_locales de >aaaok_locales ru > >or >2. >user prefvalue >aaawhitelist_from [EMAIL PROTECTED] [EMAIL PROTECTED] >aaaok_locales en de ru > >Should boath work for all prefferences or there is only one correct way of >creating the entries in the table? > >By the way there are also size limitations for number of symbols per >database cell. > >I hope that somone has encountered this problem already and can help! > >Best reguards, > >Raimonds Aronietis > >
Re: Two instances of spamd
Henry F. Camacho Jr schrieb: >> You are seeing the child of spamd. Both are not taking 20 megs of >> memory, that is the shared memory allocation. I think what you are >> seeing is the shared memory being applied to each of the other processes >> because spamd uses linux threads. Are you sure? In the 'top' list one of the spamd "instances" has 21m RES and 11m SHR whereas the other one uses 23m RES and 12m SHR. Is this really the same process with two threads? Regards, Jan
RE: Syslog not working
Sir, I think you mis configured something on syslog For example something like this must be in syslog for indicate syslog server kern.* @hostname -Original Message- From: Don O'Neil [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 8:49 PM To: users@spamassassin.apache.org Subject: Syslog not working Hi all... I've tried using the FAQ entry to get spamd to log to syslog and thus to a file, but it's just not working... I launch spamd like this: /usr/local/bin/spamd -s local5 & I I have "local5.*; /var/log/spamassassin" in my syslogd.conf file. I HUP syslog, and relaunch spampd, but the messages still go to the console and not to the file. Any ideas?
Re: Bayes Help! Stopped working 3.0.x --> 3.1.0
According to the docs these two options where removed. http://spamassassin.apache.org/full/3.1.x/dist/doc/Mail_SpamAssassin_Conf.html bayes_auto_learn_threshold_nonspam 0.8 bayes_auto_learn_threshold_spam 12.0 Check your log to see if you have any errors. Jonn On Sun, 12 Feb 2006 13:29:27 -0600 (CST) "Russ B." <[EMAIL PROTECTED]> wrote: I'm upgrading my existing server farm from SpamAss 3.0.x to 3.1.0... all is fine except Bayes. Identical setup, no pathing changes, same local.cf file - everything... but bayes isn't working. Here are my bayes setups in my local.cf: use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 bayes_auto_learn_threshold_nonspam 0.8 bayes_auto_learn_threshold_spam 12.0 bayes_auto_expire 1 bayes_expiry_max_db_size 15 bayes_journal_max_size 102400 bayes_learn_to_journal 1 bayes_path /usr/local/etc/bayes/bayes bayes_file_mode 0777 lock_method flock score BAYES_00 -3.5 score BAYES_50 -1.0 score BAYES_60 0.3 score BAYES_70 0.7 score BAYES_80 1.0 score BAYES_90 1.5 score BAYES_95 2.0 score BAYES_99 3.5 Now... I've been using a server-side bayes where everyone uses the same bayes files which has been working GREAT, and it's easier for me to push known spam updates via a distribution script to all our servers at once, making it so ALL users get our bayes changes... The bayes files live in /usr/local/etc/bayes/bayes just like the config says... The permissions are correct, as you can see below: drwxr-xr-x 8 root wheel 1024 Feb 12 01:44 ../ drwxrwxrwx 3 root wheel 3072 Feb 12 03:43 ./ -rw-rw-rw- 1 root wheel 30 Feb 12 03:05 bayes.mutex -rw-rw-rw- 1 loria wheel 58 Feb 2 00:20 bayes.lock -rw-rw-rw- 1 root wheel 65536 Feb 12 13:05 bayes_toks -rw-rw-rw- 1 root wheel 65536 Feb 12 13:05 bayes_seen And in the user accounts, inside ~user/.spamassassin, I have: lrwxr-xr-x 1 root techs56 Feb 12 03:12 user_prefs@ -> /usr/local/apache/htdocs/squirrelmail/data/username_goes_here.spam lrwxr-xr-x 1 root techs31 Feb 12 04:45 bayes_toks@ -> /usr/local/etc/bayes/bayes_toks lrwxr-xr-x 1 root techs31 Feb 12 04:45 bayes_seen@ -> /usr/local/etc/bayes/bayes_seen lrwxr-xr-x 1 root techs34 Feb 12 04:45 bayes_journal@ -> /usr/local/etc/bayes/bayes_journal (where username_goes_here is the name of the user who's account it is) ... and all that works GREAT on 3.0.x, but broke on 3.1.0... "Broke" as in no bayes scoring is going on in logs, no activity going on in the bayes directory of /usr/local/etc/bayes as shown above. Any ideas? Thanks!
Re: Two instances of spamd
You are seeing the child of spamd. Both are not taking 20 megs of memory, that is the shared memory allocation. I think what you are seeing is the shared memory being applied to each of the other processes because spamd uses linux threads. HFC Jan Krumsiek wrote: Hi. We need to run spamd on a linux system with minimal memory resources. I noticed that spamd seems to be running twice, each of the instances taking up over 20mb of memory. I already tried setting "--max-children=0" in the OPTIONS parameter in /etc/default/spamassassin. Unfortunately this did not really work. Any ideas? Regards, Jan smime.p7s Description: S/MIME Cryptographic Signature
RE: Two instances of spamd
spamd --max-children=1 & would you like to say this [EMAIL PROTECTED] spamassassin]# ps[9538] info: spamd: server started on port 783/tcp (running version 3.1.0) [9538] info: spamd: server pid: 9538 [9538] info: spamd: server successfully spawned child process, pid 9541 [9538] info: prefork: child states: I -Original Message- From: Jan Krumsiek [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 9:16 PM To: users@spamassassin.apache.org Subject: Two instances of spamd Hi. We need to run spamd on a linux system with minimal memory resources. I noticed that spamd seems to be running twice, each of the instances taking up over 20mb of memory. I already tried setting "--max-children=0" in the OPTIONS parameter in /etc/default/spamassassin. Unfortunately this did not really work. Any ideas? Regards, Jan
RE: Using Inet to launch spamd
Hi, > times and it would be nice to have inetd around to make sure it's allways > running. If you have, what did you put in inetd.conf? If you want to ensure spamd is always running, use it under tcpserver My /service/spamd/run script: #!/bin/sh exec /usr/bin/spamd --siteconfigpath=/etc/mail/spamassassin/local.cf -x -c -m 10 -v -u spamd -s stderr 2>&1 My /service/spamd/log/run script: #!/bin/sh exec /usr/local/bin/setuidgid spamd /usr/local/bin/multilog t s100 n1 /var/log/spamd And my /usr/bin/spamdctl #!/bin/sh case "$1" in start) echo "Starting spamd" if svok /service/spamd ; then svc -u /service/spamd /service/spamd/log else echo "spamd supervise not running" fi if [ -d /var/lock/subsys ]; then touch /var/lock/subsys/spamd fi ;; stop) echo "Stopping spamd..." svc -d /service/spamd /service/spamd/log if [ -f /var/lock/subsys/spamd ]; then rm /var/lock/subsys/spamd fi ;; stat) svstat /service/spamd ;; pause) echo "Pausing spamd" svc -p /service/spamd ;; cont) echo "Continuing spamd" svc -c /service/spamd ;; restart) echo "Restarting spamd:" echo "* Stopping spamd." svc -d /service/spamd /service/spamd/log echo "* Sending spamd SIGTERM and restarting." svc -t /service/spamd /service/spamd/log echo "* Starting spamd." svc -u /service/spamd /service/spamd/log ;; help) cat <
Re: Using Inet to launch spamd
Don: Another way to do this is to do it during init. If you configure /etc/inittab correctly the system will spawn spamd and insure that the daemon stays running. I do this is with clam antivirus. /etc/inittab # CLAMD cl:2345:respawn:/usr/local/sbin/clamd One down side of doing something like this is that if the parent processes failes, and the children remain running, init will not restart the daemon. Better would be to write a checker that would perform a test on a test file using spamd/spamc once in a while. Here is a script that I wrote that does this for clamav, it insures the system is actually checking for viruses, by scanning a known infected test file. --- #!/bin/bash script="check_clamd.sh" tmpfile="/tmp/$script.$$" HOSTNAME=`/bin/hostname` /usr/local/bin/clamdscan /var/spool/mail/test_virus_email --stdout >>$tmpfile grep "Worm.SomeFool.Gen-1 FOUND" $tmpfile >/dev/null if [ $? == 0 ] then echo "ok!" else echo "not ok!" cat $tmpfile echo "" >> $tmpfile echo "Check to make sure that clamd is running. /etc/init.d/clamd start" >>$tmpfile echo "" >> $tmpfile /usr/local/scripts/email.sh [EMAIL PROTECTED] "clamd check failed on $HOSTNAME" /usr/local/scripts/check_clamd.sh $tmpfile fi rm -f $tmpfile --- It would be simple to mod this script to test for a know spam messasge to make sure everything is running. If not, it could send an alert message Hope this helps... HFC Matt Kettler wrote: Don O'Neil wrote: Anyone using inetd to launch spamd? I've had my process die a couple of times and it would be nice to have inetd around to make sure it's allways running. If you have, what did you put in inetd.conf? Using inetd would cause a new spamd instance to be launched for every message. At that point it would be faster and more CPU efficient to not use spamd/spamc, but call the plain-old "spamassassin" script instead. Another option would be to have a cronjob check to see if spamd isn't running and restart it. This is kind of a poor-mans hack of an "angel" process. (an "angel" process is dedicated program that does nothing but constantly watch to make sure a daemon stays running and re-launch it whenever it dies. Often seen used with badly written MUDs that crash constantly and sometimes on better written code when 100% uptime is a must.) smime.p7s Description: S/MIME Cryptographic Signature
Bayes Help! Stopped working 3.0.x --> 3.1.0
I'm upgrading my existing server farm from SpamAss 3.0.x to 3.1.0... all is fine except Bayes. Identical setup, no pathing changes, same local.cf file - everything... but bayes isn't working. Here are my bayes setups in my local.cf: use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 bayes_auto_learn_threshold_nonspam 0.8 bayes_auto_learn_threshold_spam 12.0 bayes_auto_expire 1 bayes_expiry_max_db_size 15 bayes_journal_max_size 102400 bayes_learn_to_journal 1 bayes_path /usr/local/etc/bayes/bayes bayes_file_mode 0777 lock_method flock score BAYES_00 -3.5 score BAYES_50 -1.0 score BAYES_60 0.3 score BAYES_70 0.7 score BAYES_80 1.0 score BAYES_90 1.5 score BAYES_95 2.0 score BAYES_99 3.5 Now... I've been using a server-side bayes where everyone uses the same bayes files which has been working GREAT, and it's easier for me to push known spam updates via a distribution script to all our servers at once, making it so ALL users get our bayes changes... The bayes files live in /usr/local/etc/bayes/bayes just like the config says... The permissions are correct, as you can see below: drwxr-xr-x 8 root wheel 1024 Feb 12 01:44 ../ drwxrwxrwx 3 root wheel 3072 Feb 12 03:43 ./ -rw-rw-rw- 1 root wheel 30 Feb 12 03:05 bayes.mutex -rw-rw-rw- 1 loria wheel 58 Feb 2 00:20 bayes.lock -rw-rw-rw- 1 root wheel 65536 Feb 12 13:05 bayes_toks -rw-rw-rw- 1 root wheel 65536 Feb 12 13:05 bayes_seen And in the user accounts, inside ~user/.spamassassin, I have: lrwxr-xr-x 1 root techs56 Feb 12 03:12 user_prefs@ -> /usr/local/apache/htdocs/squirrelmail/data/username_goes_here.spam lrwxr-xr-x 1 root techs31 Feb 12 04:45 bayes_toks@ -> /usr/local/etc/bayes/bayes_toks lrwxr-xr-x 1 root techs31 Feb 12 04:45 bayes_seen@ -> /usr/local/etc/bayes/bayes_seen lrwxr-xr-x 1 root techs34 Feb 12 04:45 bayes_journal@ -> /usr/local/etc/bayes/bayes_journal (where username_goes_here is the name of the user who's account it is) ... and all that works GREAT on 3.0.x, but broke on 3.1.0... "Broke" as in no bayes scoring is going on in logs, no activity going on in the bayes directory of /usr/local/etc/bayes as shown above. Any ideas? Thanks!
Re: MySQL userprefs
Raimonds: I am not sure ether, although I've looked at the source code for the SQL loader. Here is what it looks like: $sql = "select $f_preference, $f_value from $f_table where ". "$f_username = ".$dbh->quote($username). " or $f_username = '[EMAIL PROTECTED]' order by $f_username asc"; } dbg("Conf::SQL: executing SQL: $sql"); my $sth = $dbh->prepare($sql); if($sth) { my $rv = $sth->execute(); if($rv) { dbg("retrieving prefs for $username from SQL server"); my @row; my $text = ''; while(@row = $sth->fetchrow_array()) { $text .= "$row[0]\t$row[1]\n"; } It appears that the this code creates a scalar $text that is broken by "\n" line by line, then passed to the spamassassin as a userpref. It appears this matches the same format as if it was loaded from a on disk userprefs file. Reading the man page I see the following: whitelist_from [EMAIL PROTECTED] Used to specify addresses which send mail that is often tagged (incorrectly) as spam; it also helps if they are addresses of big companies with lots of lawyers. This way, if spammers impersonate them, they’ll get into big trouble, so it doesn’t provide a shortcut around SpamAssassin. If you want to whitelist your own domain, be aware that spammers will often impersonate the domain of the recipient. The recommended solution is to instead use "whitelist_from_rcvd" as explained below. Whitelist and blacklist addresses are now file-glob-style patterns, so "[EMAIL PROTECTED]", "[EMAIL PROTECTED]", or "*.domain.net" will all work. Specifically, "*" and "?" are allowed, but all other metacharacters are not. Regular expressions are not used for secu- rity reasons. Multiple addresses per line, separated by spaces, is OK. Multiple "whitelist_from" lines is also OK. The headers checked for whitelist addresses are as follows: if "Resent-From" is set, use that; otherwise check all addresses taken --- Reading the above leads me to the conclusion that either format will work. Although the normal width of the value column in the userperfs table structure is 100. I would make sense to list each whitelist_from in a sperate row. Hope this helps.. HFC Raimonds Aronietis wrote: Hi, I am trying to make a sql-based per user setup of preferences and want to ask if anyone knows how the entries in mysql table should be made correctly. I have not been able to find corresponding documentation. :( There are two possible ways and I am in doubt which is correct: 1. userprefvalue aaa whitelist_from [EMAIL PROTECTED] aaa whitelist_from [EMAIL PROTECTED] aaa ok_locales en aaa ok_locales de aaa ok_locales ru or 2. userprefvalue aaa whitelist_from [EMAIL PROTECTED] [EMAIL PROTECTED] aaa ok_locales en de ru Should boath work for all prefferences or there is only one correct way of creating the entries in the table? By the way there are also size limitations for number of symbols per database cell. I hope that somone has encountered this problem already and can help! Best reguards, Raimonds Aronietis smime.p7s Description: S/MIME Cryptographic Signature
Re: Using Inet to launch spamd
Don O'Neil wrote: > Anyone using inetd to launch spamd? I've had my process die a couple of > times and it would be nice to have inetd around to make sure it's allways > running. If you have, what did you put in inetd.conf? Using inetd would cause a new spamd instance to be launched for every message. At that point it would be faster and more CPU efficient to not use spamd/spamc, but call the plain-old "spamassassin" script instead. Another option would be to have a cronjob check to see if spamd isn't running and restart it. This is kind of a poor-mans hack of an "angel" process. (an "angel" process is dedicated program that does nothing but constantly watch to make sure a daemon stays running and re-launch it whenever it dies. Often seen used with badly written MUDs that crash constantly and sometimes on better written code when 100% uptime is a must.)
Re: Syslog not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Henry F. Camacho Jr wrote: > You need the -d. > > HFC > > > Craig McLean wrote: > > Don O'Neil wrote: > > Hi all... I've tried using the FAQ entry to get spamd to log to syslog and thus to a file, but it's just not working... I launch spamd like this: /usr/local/bin/spamd -s local5 & I I have "local5.*; /var/log/spamassassin" in my syslogd.conf file. I HUP syslog, and relaunch spampd, but the messages still go to the console and not to the file. Any ideas? > > You could try "/usr/local/bin/spamd -s /var/log/spamassassin &" > > C. > > -- > Craig McLeanhttp://fukka.co.uk > [EMAIL PROTECTED]Where the fun never starts > Powered by FreeBSD, and GIN! I kind of assumed there was a good reason the OP was using & rather than - -d, not that I know what it might be... C. - -- Craig McLeanhttp://fukka.co.uk [EMAIL PROTECTED] Where the fun never starts Powered by FreeBSD, and GIN! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD4DBQFD74nVMDDagS2VwJ4RAnw8AJY/8qbUYx5BvQIpgIEuNztmH0vxAJ9DDjJC WW3CLZaiXyKFp7qOuwSvbg== =uMAg -END PGP SIGNATURE-
Two instances of spamd
Hi. We need to run spamd on a linux system with minimal memory resources. I noticed that spamd seems to be running twice, each of the instances taking up over 20mb of memory. I already tried setting "--max-children=0" in the OPTIONS parameter in /etc/default/spamassassin. Unfortunately this did not really work. Any ideas? Regards, Jan
Re: Syslog not working
You need the -d. HFC Craig McLean wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Don O'Neil wrote: Hi all... I've tried using the FAQ entry to get spamd to log to syslog and thus to a file, but it's just not working... I launch spamd like this: /usr/local/bin/spamd -s local5 & I I have "local5.*; /var/log/spamassassin" in my syslogd.conf file. I HUP syslog, and relaunch spampd, but the messages still go to the console and not to the file. Any ideas? You could try "/usr/local/bin/spamd -s /var/log/spamassassin &" C. - -- Craig McLeanhttp://fukka.co.uk [EMAIL PROTECTED] Where the fun never starts Powered by FreeBSD, and GIN! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFD74WUMDDagS2VwJ4RAkFxAJ9d1p+Jn7tbQorXxgp8irv25/Bb9QCeKI4E /EubhEC3DTNLyWfIzo2yjHI= =tkD9 -END PGP SIGNATURE- smime.p7s Description: S/MIME Cryptographic Signature
Re: Using Inet to launch spamd
> Anyone using inetd to launch spamd? I've had my process die a couple of > times and it would be nice to have inetd around to make sure it's allways > running. If you have, what did you put in inetd.conf? > > Thanks! > I use FreeBSD, so mine starts with my rc.d startup. You could always start the daemon with /etc/rc.local I guess... You want spamd to deamonize, not run per-instance. Inetd is a bad choice. Run it as a daemon at startup, and then make a script like below which you use crontab to run every 5-10 minutes to make sure spamd's still running... Here's mine, and it has some other stuff like how I log it, and my paths which are going to be different than yours. --- START SHELL SCRIPT #!/bin/sh today=`date +"%b.%d.%Y"` time=`date +"%H:%M.%S"` PATH=$PATH:/sbin:/usr/sbin:/usr/local/sbin:/usr/bin:/bin:/usr/sbin/scripts # CHECK FOR LOG FILE if [ -f /var/log/monitor.log ] ; then fakeflag="pass" else touch /var/log/monitor.log fi #CHECK TO SEE IF SPAMD RECENTLY FAILED count="0" count=`cat /var/log/maillog | tail -50 | grep -c "to spamd at 127.0.0.1 failed"` if test "$count" = "0"; then needrestart="no" else needrestart="yes" echo "$today.$time SPAMD : Down : RESTARTED" >> /var/log/monitor.log /usr/local/etc/rc.d/spamd.sh restart fi exit
Re: Syslog not working
Don O'Neil wrote: > Hi all... I've tried using the FAQ entry to get spamd to log to syslog and > thus to a file, but it's just not working... > > I launch spamd like this: > /usr/local/bin/spamd -s local5 & > > I I have "local5.*; /var/log/spamassassin" in my syslogd.conf file. I HUP > syslog, and relaunch spampd, but the messages still go to the console and > not to the file. > Any ideas? > Ditch the & and deamonize spamd with the -d option instead. By not deamonizing spamd you are forcing it to dump to the console. > >
combined distribution of email list
Is there a combined list distribution? Many other email lists distribute one combined email per day instead of dozens of separate email. The volume of emails makes it hard to keep up . -- Barton L. Phillips Applied Technology Resources, Inc. Tel: (818)652-9850 Web: http://www.applitec.com
Re: Syslog not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Don O'Neil wrote: > Hi all... I've tried using the FAQ entry to get spamd to log to syslog and > thus to a file, but it's just not working... > > I launch spamd like this: > /usr/local/bin/spamd -s local5 & > > I I have "local5.*; /var/log/spamassassin" in my syslogd.conf file. I HUP > syslog, and relaunch spampd, but the messages still go to the console and > not to the file. > Any ideas? You could try "/usr/local/bin/spamd -s /var/log/spamassassin &" C. - -- Craig McLeanhttp://fukka.co.uk [EMAIL PROTECTED] Where the fun never starts Powered by FreeBSD, and GIN! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFD74WUMDDagS2VwJ4RAkFxAJ9d1p+Jn7tbQorXxgp8irv25/Bb9QCeKI4E /EubhEC3DTNLyWfIzo2yjHI= =tkD9 -END PGP SIGNATURE-
Re: MySQL userprefs
Create a sql table like this: CREATE TABLE `userpref` ( `prefid` int(11) unsigned NOT NULL auto_increment, `username` varchar(100) NOT NULL default '', `preference` varchar(30) NOT NULL default '', `value` varchar(100) NOT NULL default '', PRIMARY KEY (`prefid`) ) TYPE=MyISAM; INSERT INTO `userpref` VALUES (1,'@GLOBAL','use_bayes','1'); INSERT INTO `userpref` VALUES (3,'@GLOBAL','bayes_auto_learn','1'); INSERT INTO `userpref` VALUES (4,'@GLOBAL','use_bayes_rules','1'); INSERT INTO `userpref` VALUES (24,'@GLOBAL','fold_headers','1'); INSERT INTO `userpref` VALUES (38,'@GLOBAL','add_header','all Level _STARS(X)_'); INSERT INTO `userpref` VALUES (81,'@GLOBAL','report_safe','0'); INSERT INTO `userpref` VALUES (80,'@GLOBAL','required_score','5'); This is a basic table. I use this on my setup and it works well. Jonn On Sun, 12 Feb 2006 18:38:21 +0200 "Raimonds Aronietis" <[EMAIL PROTECTED]> wrote: Hi, I am trying to make a sql-based per user setup of preferences and want to ask if anyone knows how the entries in mysql table should be made correctly. I have not been able to find corresponding documentation. :( There are two possible ways and I am in doubt which is correct: 1. userprefvalue aaa whitelist_from [EMAIL PROTECTED] aaa whitelist_from [EMAIL PROTECTED] aaa ok_locales en aaa ok_locales de aaa ok_locales ru or 2. userprefvalue aaa whitelist_from [EMAIL PROTECTED] [EMAIL PROTECTED] aaa ok_locales en de ru Should boath work for all prefferences or there is only one correct way of creating the entries in the table? By the way there are also size limitations for number of symbols per database cell. I hope that somone has encountered this problem already and can help! Best reguards, Raimonds Aronietis
Using Inet to launch spamd
Anyone using inetd to launch spamd? I've had my process die a couple of times and it would be nice to have inetd around to make sure it's allways running. If you have, what did you put in inetd.conf? Thanks!
Syslog not working
Hi all... I've tried using the FAQ entry to get spamd to log to syslog and thus to a file, but it's just not working... I launch spamd like this: /usr/local/bin/spamd -s local5 & I I have "local5.*; /var/log/spamassassin" in my syslogd.conf file. I HUP syslog, and relaunch spampd, but the messages still go to the console and not to the file. Any ideas?
Re: non-english messages
Harry Putnam wrote: > running spamassassin-3.1.0 > > I hoped to filter messages on the basis of non-english subject line so > went looking in the files spama uses. I see something about FOREIGN > language but then it dawned on me, being horribly colloquial, not to > mention near illiterate, how FOREIGN is totally subjective. > > For my usage, anything that is not in english is spam. Maybe not > techniquely in some far fetched case but still something I cannot > use. > > Any one have examples of a spama filter based on that? > This is already built-in to SA. Under man Mail::SpamAssassin::Conf see the option "ok_languages". > > >
MySQL userprefs
Hi, I am trying to make a sql-based per user setup of preferences and want to ask if anyone knows how the entries in mysql table should be made correctly. I have not been able to find corresponding documentation. :( There are two possible ways and I am in doubt which is correct: 1. userprefvalue aaa whitelist_from [EMAIL PROTECTED] aaa whitelist_from [EMAIL PROTECTED] aaa ok_locales en aaa ok_locales de aaa ok_locales ru or 2. userprefvalue aaa whitelist_from [EMAIL PROTECTED] [EMAIL PROTECTED] aaa ok_locales en de ru Should boath work for all prefferences or there is only one correct way of creating the entries in the table? By the way there are also size limitations for number of symbols per database cell. I hope that somone has encountered this problem already and can help! Best reguards, Raimonds Aronietis
Re: General assistance
Ed Russell wrote: I have to say a heartfelt THANK YOU to everyone who contributed to this thread. My filter is working 500% more efficient that it ever was. I have done the following: 1. Installed djbdns and I am using dnscache as I was told. I have increased the cache size to 100 Megabytes and completely disabled logging after determining it was working properly. 2. I have implemented rbl at the MTA level, I use relays.ordb.org and sbl-xbl.spamhaus.org. 3. I have implemented Rules Du Jour. I selected a subset of the SARE rules and misc others. 4. I have turned back on pyzor, razor and dcc. Scanning times are well within tolerance with a minimal impact on delivery time. See below (email addresses removed for privacy): Feb 11 16:10:18 as spamd[4137]: spamd: identified spam (31.3/4.0) for [EMAIL PROTECTED] :99 in 4.5 seconds, 1178 bytes. Feb 11 16:10:18 as spamd[363]: spamd: clean message (1.2/4.0) for [EMAIL PROTECTED] :99 in 3.1 seconds, 8939 bytes. Feb 11 16:10:19 as spamd[4218]: spamd: clean message (0.0/4.0) for [EMAIL PROTECTED] :99 in 5.4 seconds, 2245 bytes. I have some final questions though, a. Can I get any statistics from rblsmtpd (I know this isn't a group devoted to it, but I figured I would ask)? I would like to know how many got dropped and from where. I don't use it anymore as my qmail toasters are not allowed traffic from the outside, only from my MailScanner servers. I run Sendmail and do my rbl checks there. But I would think this would get you a quick count, #cd /var/log/qmail/smtpd/ #cat current [EMAIL PROTECTED] | grep rblsmtpd | wc -l #cat current [EMAIL PROTECTED] | grep relays.ordb.org | wc -l #cat current [EMAIL PROTECTED] | grep sbl-xbl.spamhaus.org | wc -l Script from there forward and you can gleen just about as much as you care to sift through. awk, sed, Ruby, or Perl are your friends there. You can check access times on the logs to make sure you are checking today's or yesterday's logs. b. Does anyone have any utilities to get statistics from SA? Such as what rules triggered spam etc etc. I have seen some posts with some interesting looking reports. Currently I only use a hacked together script I wrote to give me the raw amount of spam caught per day which greps "identified spam" on maillog and then gives me a wc -l. I see that has been answered already. Once again, thanks so much to everyone. This group is simply amazing. I second that! DAve Ed -Original Message- From: DAve [mailto:[EMAIL PROTECTED] Sent: Friday, February 10, 2006 1:19 PM To: users@spamassassin.apache.org Subject: Re: General assistance Ed Russell wrote: User validation is going to be tough or all but impossible. This box forwards off the mail to an NT box running SL Mail. There is no easy way to get a userlist out of this product. In addition the users change daily and some even use multi-drops. You don't need to get a user list, you just need to ask the destination server if the user exists before accepting the message. This is what milter-ahead does on my MailScanner servers. I process and forward to servers running qmail(my toasters) and Exchange, GroupMail, Groupwise, Sendmail(my clients servers). All respond correctly to milter-ahead. I do not know of a way to duplicate milter-ahead in qmail without requiring something like vpopmail or LDAP. Did you look at using dnscache? That might buy you enough breathing room to shop around for a solution to user verification. DAve Ed --- Talk is cheap since supply always exceeds demand. --- -Original Message- From: DAve [mailto:[EMAIL PROTECTED] Sent: Friday, February 10, 2006 12:39 PM To: users@spamassassin.apache.org Subject: Re: General assistance Ed Russell wrote: [EMAIL PROTECTED] smtpd]# spamassassin --version SpamAssassin version 3.1.0 running on Perl version 5.8.7 Spamd running with: OPTIONS="-L -x -d -u nobody -m 45" No user verification or RBL at the MTA level. Absolutely do user verification. I can throw out from 20% to 80% of my traffic depending on the current level of dictionary and Joe-Job attacks. Since you are processing ahead of your clients Exchange boxes I'm not sure how you can do that with qmail. I do it on my gateways running MailScanner via milter-ahead, and on my toasters via checkuser in vpopmail. There might be a way to get qmail to check with an Exchange box to validate a user without running vpopmail, but I won't know it. DAve 12:20pm up 4:05, 1 user, load average: 9.49, 9.23, 9.23 313 processes: 300 sleeping, 12 running, 1 zombie, 0 stopped CPU states: 18.9% user, 16.6% system, 0.0% nice, 64.4% idle Mem: 2009856K av, 711560K used, 1298296K free, 353776K shrd, 129268K buff Swap: 2097136K av, 0K used, 2097136K free 225380K cached As you can s
RE: non-english messages
If you can solve this, please letme know . I need to do practicaly the same , but in my case , all the english mail is Spam. > -Mensaje original- > De: news [mailto:[EMAIL PROTECTED] En nombre de Harry Putnam > Enviado el: Domingo, 12 de Febrero de 2006 11:03 a.m. > Para: users@spamassassin.apache.org > Asunto: non-english messages > > running spamassassin-3.1.0 > > I hoped to filter messages on the basis of non-english subject line so > went looking in the files spama uses. I see something about FOREIGN > language but then it dawned on me, being horribly colloquial, not to > mention near illiterate, how FOREIGN is totally subjective. > > For my usage, anything that is not in english is spam. Maybe not > techniquely in some far fetched case but still something I cannot > use. > > Any one have examples of a spama filter based on that?
non-english messages
running spamassassin-3.1.0 I hoped to filter messages on the basis of non-english subject line so went looking in the files spama uses. I see something about FOREIGN language but then it dawned on me, being horribly colloquial, not to mention near illiterate, how FOREIGN is totally subjective. For my usage, anything that is not in english is spam. Maybe not techniquely in some far fetched case but still something I cannot use. Any one have examples of a spama filter based on that?
Re: Spam count down today
Hello, From: "jdow" <[EMAIL PROTECTED]> Subject: Spam count down today Date: Sun, 12 Feb 2006 04:29:22 -0800 > The spam count today was unaccountably low, about 3/4 of normal. Did some > spammer get "busted" or "broken" very recently? These few days, I feel that number of spams are getting larger a little. They just set their sights on Japan? > If so the tale would be fun to hear. Would be interesting. --Masashi SAKURADA/AH0K/JR2GMC E-mail: [EMAIL PROTECTED]/[EMAIL PROTECTED] URL: http://www.ah0k.com/ GnuPG Key: "lynx -source http://www.ah0k.com/ah0k.asc | gpg --import" GPG-fingerprint: 9332 0E9F 78AB E793 0E9F 84C6 FA74 3A11 3235 EC1E Please see http://www.santensho.net/ for children.
Re: Spam count down today
Hi! The spam count today was unaccountably low, about 3/4 of normal. Did some spammer get "busted" or "broken" very recently? If so the tale would be fun to hear. {^_^} Most likely you dont see them all since they moved to new stuff that doesnt get them scored. We added various custom rules to get them in again. Bye, Raymond.
Spam count down today
The spam count today was unaccountably low, about 3/4 of normal. Did some spammer get "busted" or "broken" very recently? If so the tale would be fun to hear. {^_^}