Can't locate object method register_domain problem...
Help... I'm giving up for the weekend. I'll get back at in Monday. Starting spamd: Can't locate object method register_domain via package IO::Socket::INET at /usr/local/lib/perl5/5.8.8/i686-linux/IO/Socket/INET.pm line 22. Compilation failed in require at /usr/bin/spamd line 44. BEGIN failed--compilation aborted at /usr/bin/spamd line 79. [FAILED] cpan[1] install IO::Socket::INET CPAN: Storable loaded ok (v2.15) Going to read /root/.cpan/Metadata Database was generated on Thu, 03 May 2007 19:09:52 GMT IO::Socket::INET is up to date (1.31). Any ideas... = Kevin W. Gagel Network Administrator Information Technology Services (250) 562-2131 local 448 My Blog: http://mail.cnc.bc.ca/blogs/gagel --- The College of New Caledonia, Visit us at http://www.cnc.bc.ca Virus scanning is done on all incoming and outgoing email. Anti-spam information for CNC can be found at http://avas.cnc.bc.ca ---
Re: Increase of spam?
On Thursday 03 May 2007, Bob McClure Jr wrote: In fact, about 30% of the abuse reports I send get at least a return from an auto-responder. I don't care whether they respond to my mail or not, as long as they take some action on it. A response to 30% of your reports by an autoresponder does not constitute taking action. It may give you a warm fuzzy feeling, kind of like pissing your self in a dark wool suit. -- _ John Andersen
RE: ANNOUNCE: Apache SpamAssassin 3.2.0 available
-Original Message- From: Jack L. Stone [mailto:[EMAIL PROTECTED] Sent: Friday, May 04, 2007 9:20 AM To: Justin Mason; users@spamassassin.apache.org; [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: ANNOUNCE: Apache SpamAssassin 3.2.0 available Any projection when SA-3.2 will be in the FBSD ports? Sent email to [EMAIL PROTECTED], but bounced back. Thanks for any news on this There are a LOT of subtle changes... But for the brave, here is a tarball. cd /usr/ports/mail/p5-Mail-SpamAssassin rm -rf Untar this there: http://www.secnap.com/downloads/sa320.tgz (and, yes, I am the official maintainer of the SA port, just want to test it on a few more systems before submitting it, and sa-compile doesn't work via ports due to the .11.0 version of rec2) _ This email has been scanned and certified safe by SpammerTrap(tm). For Information please see http://www.spammertrap.com _
Re: a directory/*.cf is possible ?
Noc Phibee wrote: Hi Actually, all of my .cf are put into /etc/mail/spamassassin/ I hope you mean all your add-ons. The stock ruleset should be in /usr/share/spamassassin or the equivalent. can i said at spamassassin to read too all .cf of on another directory ? AFAIK, no. SA will parse only two directories, the siteconfigpath (/etc/mail/spamassassin typically) and the configpath (/usr/share/spamassassin typically) There is an include directive you can use to add in a single file, but that's about it. Sample: /etc/mail/spamassassin/Private/*.cf Thanks
Is this still possible with 3.2.0?
Looks like the API has changed a little bit? Can't locate object method check_for_faraway_charset_in_headers via package Mail::SpamAssassin::PerMsgStatus sub handle_potential_faraway { my $mail = shift(@_); $spamtest = new Mail::SpamAssassin({ PREFIX = $PREFIX, DEF_RULES_DIR = $DEF_RULES_DIR, LOCAL_RULES_DIR = $LOCAL_RULES_DIR, LOCAL_STATE_DIR = $LOCAL_STATE_DIR, userprefs_filename = $PREFIX/.spamassassin/user_prefs, userstate_dir = $PREFIX/.spamassassin, debug = $debugLevel, local_tests_only = 1 }) unless $runsa; $spamtest-init(1); my $check_mail = message_from_string_or_arrayref($mail-as_string); my $msg = Mail::SpamAssassin::PerMsgStatus-new($spamtest, $check_mail); if ($msg-check_for_faraway_charset_in_headers()) { ignore_mail($mail); } elsif ($msg-html_charset_faraway()) { ignore_mail($mail); } elsif ($msg-check_for_mime(undef, 'mime_faraway_charset')) { ignore_mail($mail); } elsif ($msg-check_for_faraway_charset($msg- get_decoded_stripped_body_text_array( ))) { ignore_mail($mail); } elsif ($msg-check_illegal_chars('From','0.20','2')) { ignore_mail($mail); } elsif ($msg-check_illegal_chars('Subject','0.00','2')) { ignore_mail($mail); } elsif ($msg-check_illegal_chars('ALL','0.010','2')) { ignore_mail($mail); } }
bayes database
Hi doing spamassassin -D --lint appears bayes database at /root/.spamassassin/bayes_toks It's good to have there the bayes database? Thanks - LLama Gratis a cualquier PC del Mundo. Llamadas a fijos y móviles desde 1 céntimo por minuto. http://es.voice.yahoo.com
Re: problems using haproxy for spamd
On Mon, Apr 30, 2007 at 01:23:23AM +, Andy Smith wrote: Hi, I'm trying to use haproxy (http://haproxy.1wt.eu/) to load balance 3 spamd servers on the same network. [...] Unfortunately I seem to be intermittently getting connection failures. The haproxy log looks like this: Apr 28 05:13:49 localhost haproxy[11683]: Proxy spamd started. Apr 28 05:14:57 localhost haproxy[11684]: 212.13.194.70:55827 [28/Apr/2007:05:14:57] spamd corona 0/0/148 765 -- 0/0/0 0/0 Apr 28 05:14:57 localhost haproxy[11684]: 212.13.194.70:55828 [28/Apr/2007:05:14:57] spamd curacao 0/-1/1 0 CC 0/0/0 0/0 It turned out to be a bug in haproxy. I sent an strace to the author, Willy Tarreau, and he replied in less than 24 hours with a full annotation of the strace and a patch to fix it. That's service! The bug manifested itself when the client would connect, send all its data and shutdown before haproxy had successfully established a connection with the backend server. If haproxy managed to establish a connection before the client fnished sending then it would work fine. Here's the simple fix: diff --git a/haproxy.c b/haproxy.c index 8e57700..357a37a 100644 --- a/haproxy.c +++ b/haproxy.c @@ -5589,7 +5589,7 @@ int process_srv(struct session *t) { else if (s == SV_STCONN) { /* connection in progress */ if (c == CL_STCLOSE || c == CL_STSHUTW || (c == CL_STSHUTR -(t-req-l == 0 || t-proxy-options PR_O_ABRT_CLOSE))) { /* give up */ +((t-req-l == 0 t-res_sw == RES_SILENT) || t-proxy-options PR_O_ABRT_CLOSE))) { /* give up */ tv_eternity(t-cnexpire); fd_delete(t-srv_fd); if (t-srv) Cheers, Andy signature.asc Description: Digital signature
SA 3.2.0 on Mac OS X Server
Just a report of something going right for a change. :) I updated SA from 3.1.8 to to 3.2.0 on our OS X Server box and it seems to work fine! For anyone who wants to do this, use the instructions here: http:// osx.topicdesk.com/downloads/ , don't use the CPAN automatic update. I also just updated ClamAV to 0.90.2 using the instructions from the same location. The ClamAV instructions have just been updated to fix a problem I ran across. It's nice to have something work for a change. --- Jerry Durand, Durand Interstellar, Inc. Los Gatos, California, USA tel: +1-408-356-3886, USA Toll Free: 866-356-3886 www.interstellar.com, skype: jerrydurand
Re: SA 3.2.0 on Mac OS X Server
On May 5, 2007, at 1:43 PM, Jerry Durand wrote: Just a report of something going right for a change. :) Spoke too soon :( Doing a web search, it seems people have had problems with utf8_heavy.pl, so this may not be a SA problem. I also see these happened with SARE rules, so I'll check over there, too. May 5 12:30:31 interstellar.com /usr/bin/amavisd[6584]: (06584-04) SA TIMED OUT, backtrace: at /System/Library/Perl/5.8.6/utf8_heavy.pl line 213\n\teval {...} called at /System/Library/Perl/5.8.6/ utf8_heavy.pl line 213\n\tutf8::SWASHNEW('utf8', 'IsWord', '', 0, 0, 0) called at /System/Library/Perl/5.8.6/utf8_heavy.pl line 236\n \tutf8::SWASHNEW('utf8', '', '# comment\\x{a}!utf8::IsWord\\x{a}', 1, 0) called at /usr/share/spamassassin/mangled_cf_sare_sa- update_dostech_net/20050602.cf, rule MANGLED_YOUNG, line 1\n \tMail::SpamAssassin::Plugin::Check::_body_tests_0 ('Mail::SpamAssassin::PerMsgStatus=HASH(0x56ad3d4)', 'LiquidGeneration Newsletter\\x{a}', 'Not getting this message delivered where you want it? Make su...', 'Dear Chief of Police, William Bratton, \\x{a}', 'I am Helga Jesus Mejia Orellana Sanchez Torres, Liquid Genera...', 'Over the next few weeks, there are going to be investigations...', 'First of all, let\\x{c2}\\x{92}s examine the subject of the MacAr... May 5 14:02:56 interstellar.com /usr/bin/amavisd[6996]: (06996-11) SA TIMED OUT, backtrace: at /System/Library/Perl/5.8.6/utf8_heavy.pl line 204\n\teval {...} called at /System/Library/Perl/5.8.6/ utf8_heavy.pl line 204\n\tutf8::SWASHNEW('utf8', 'IsWord', '', 0, 0, 0) called at /System/Library/Perl/5.8.6/utf8_heavy.pl line 236\n \tutf8::SWASHNEW('utf8', '', '# comment\\x{a}!utf8::IsWord\\x{a}', 1, 0) called at /usr/share/spamassassin/mangled_cf_sare_sa- update_dostech_net/20050602.cf, rule MANGLED_MEDICL, line 1\n \tMail::SpamAssassin::Plugin::Check::_body_tests_0 ('Mail::SpamAssassin::PerMsgStatus=HASH(0x5586514)', '[TMIExplorers] another communication, for those interested\\x{a}', 'Saturday, May 5, 2007\\x{a}', '7:20 a.m. Michael Langevin and others asked if I had ever ask...', 'You are feeling responsibility, that\\'s all. But after all, r...', 'Yes. Yesterday walking - well, you tell it.\\x {a}', 'We merely pointed out that people act on ideas - or, rather, ...'...
KANA damage and locales
I'm looking at the headers I just got from a Canadian ISP's autoresponder I guess the software is called KANA. Anyone know who owns this? (Yes, someone not very clueful, I know... let's be more specific than that...) Date: sam., 05 mai 2007 18:46:43 -0400 To: Abuse Department [EMAIL PROTECTED] Subject: Bell Nexxia Inc. - Internet Abuse Centre (KMM15550329V5186L0KM) From: Nexxia Abuse Bell Nexxia [EMAIL PROTECTED] Reply-To: Nexxia Abuse Bell Nexxia [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset = iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: KANA Response 7.1.0.9 The Date: line is damaged, apparently. KANA should be clobbering the LOCALE, LC_ALL and LC_TIME variables when it starts up, but clearly isn't doing this. Ironically, KANA is supposed to track Spam (and other service) tickets... but it just ends up muddying the waters by potentially creating more incidents of Spam. Quelle folie. -Philip
SA 3.2.0 install and/or upgrade
Greetings, We have looked over the 3.2.0 install and upgrade docs as best we can so far... Situation: running a Redhat 4.x or Centos 4.x server SA 3.1.8 Everything is currently run site-wide and not user configurable No MySQL in use. Question(s) when installing 3.2.0 via RPM, should it be done is an rpm -Uvh upgrade or should 3.1.8 be removed and then 3.2.0 installed from scratch? Any gotcha's that others have experienced doing this? Has anyone installed SA 3.2.0 on Redhat or CentOS 5 without problems? Feedback please? - rh -- Abba Communications Spokane, WA www.abbacomm.net
Re: Is this still possible with 3.2.0?
On Sat, May 05, 2007 at 10:06:42PM +0700, Robert Nicholson wrote: Looks like the API has changed a little bit? Eval tests aren't necessarily part of an API FWIW. Can't locate object method check_for_faraway_charset_in_headers via package Mail::SpamAssassin::PerMsgStatus It's in a plugin now. There is no more EvalTests.pm which is really PerMsgStatus. -- Randomly Selected Tagline: [Rob] Reiner agrees. If it was made clear to people that we could win the war on terrorism by driving a hybrid car, that we could stop global warming by driving a hybrid, I think people would do it, he says. But people haven't made those kind of connections. - http://www.washingtonpost.com/wp-dyn/articles/A2587-2002Jun5.html pgphiXMMIpw3R.pgp Description: PGP signature
Re: bayes database
night duke wrote: Hi doing spamassassin -D --lint appears bayes database at /root/.spamassassin/bayes_toks It's good to have there the bayes database? That's only true when you run spamassassin as root. SA, by default, uses a bayes directory in the home directory of whatever user invokes SA. One exception is if you use spamd, it will NEVER scan mail as root, and if it finds spamc was called as root, it will setuid to nobody.
Re: SA 3.2.0 install and/or upgrade
Abba Communications - www.abbacomm.net wrote: Greetings, We have looked over the 3.2.0 install and upgrade docs as best we can so far... Situation: running a Redhat 4.x or Centos 4.x server SA 3.1.8 Everything is currently run site-wide and not user configurable No MySQL in use. Question(s) when installing 3.2.0 via RPM, should it be done is an rpm -Uvh upgrade or should 3.1.8 be removed and then 3.2.0 installed from scratch? Any gotcha's that others have experienced doing this? Has anyone installed SA 3.2.0 on Redhat or CentOS 5 without problems? Feedback please? I've installed on RH EL3 and RH EL4, as well as FC5 and FC6 using -Uvh. Aside from having to upgrade a couple of perl modules (as noted by the rpm process), there were no problems. -- Steve
RE: SA 3.2.0 install and/or upgrade
I've installed on RH EL3 and RH EL4, as well as FC5 and FC6 using -Uvh. Aside from having to upgrade a couple of perl modules (as noted by the rpm process), there were no problems. Steve Steve, Fantastic... thanks... This is how I have done it for the past 3 or 4 SA upgrades... I have just grabbed the tarball and as a non root user did this rpmbuild -tb Mail-SpamAssassin-whateverversionnumber.tar.gz then I would just su to root and go to the appropriate directory and rpm -Uvh the appropriate files. In this case it would be perl-Mail-SpamAssassin-3.2.0-1.i386.rpm spamassassin-3.2.0-1.i386.rpm thanks for the feedback... did you do anything with msa_networks ? I was wondering if anyone used or is using msa_networks for ranges of customer ip addresses for their dialup or dsl pools etc? It appears to me that msa_networks was designed for something like this... Thanks! -- Abba Communications Spokane, WA www.abbacomm.net
[Possible SPAM] Re: hey
On Sunday 29 April 2007 10:58 am, Julius VWilliam wrote: Our Last pick Doubled We now bring you a new winner Announcing CRITICAL CARE NEW I know Justin already noted how this slipped through but thought I'd paste my mail providers (Embarq/Synacor) markup: Old-X-Spam-Score: -0.699 Old-X-Spam-Level: Old-X-Spam-Status: No, score=-0.699 tagged_above=-10 required=6.6 tests=[ALL_TRUSTED=-1.8, BAYES_00=-2.599, PYZOR_CHECK=3.7] Though they did not tag it as spam, they still have a mis-configured setup, note the [ALL_TRUSTED]. -- Chris KeyID 0xE372A7DA98E6705C pgpx4NQJ6vF0g.pgp Description: PGP signature
Re: [Possible SPAM] Re: hey
tests=[ALL_TRUSTED=-1.8, BAYES_00=-2.599, PYZOR_CHECK=3.7] Though they did not tag it as spam, they still have a mis-configured setup, note the [ALL_TRUSTED]. Also note the Bayes_00. If they have bayes trained to think spam is ham, they have a problem. Loren
[Possible SPAM] Re: [Possible SPAM] Re: hey
On Saturday 05 May 2007 10:31 pm, Loren Wilton wrote: tests=[ALL_TRUSTED=-1.8, BAYES_00=-2.599, PYZOR_CHECK=3.7] Though they did not tag it as spam, they still have a mis-configured setup, note the [ALL_TRUSTED]. Also note the Bayes_00. If they have bayes trained to think spam is ham, they have a problem. Loren They definately do have one and I've been bugging them about it daily and only get the we're working on the issue/we've escaulated the issue/and so forth. They must prepend the subject of every one of my messages automatically even if their SA doesn't score it as such: Old-X-Spam-Score: -1.895 Old-X-Spam-Level: Old-X-Spam-Status: No, score=-1.895 tagged_above=-10 required=6.6 tests=[AWL=0.704, BAYES_00=-2.599] -- Chris KeyID 0xE372A7DA98E6705C pgpV5YV52bqM5.pgp Description: PGP signature
re2c and sare rules
Hi, I installed re2c when I built SA 3.2.0 and uncommented this: loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody Then ran: sa-update sa-compile /etc/init.d/spamassassin restart I now notice the following over and over many many times (enough to fill up /var) in mail.log: May 5 21:47:48 www spamd[1725]: Malformed UTF-8 character (unexpected non-continuation byte 0x00, immediately after start byte 0xd1) in pattern match (m//) at /etc/mail/spamassassin/70_sare_obfu.cf, rule SARE_OBFU_XANAX, line 1, GEN139 line 492. May 5 21:47:48 www spamd[1724]: Malformed UTF-8 character (unexpected non-continuation byte 0x00, immediately after start byte 0xce) in pattern match (m//) at /etc/mail/spamassassin/72_sare_bml_post25x.cf, rule SARE_OBFUAUCTION, line 1, GEN165 line 587. There appears to be problems with other rules too - I noticed sare_adult spew thousands of lines as well. I disabled the plugin and for now that seems to have worked. Any ideas? Did I do something wrong? I have two systems, one a slackware 10.1 and this a Debian sid, they both are running SA in pretty much the same fashion, on the slackware box though no problems like this. Josh
Re: re2c and sare rules
Its a new feature with 3.2. We have to rewrite most of the obfu rules to get around this, and none of us have had the time yet. Loren
Re: SA 3.2.0 install and/or upgrade
Abba Communications - www.abbacomm.net wrote: did you do anything with msa_networks ? I was wondering if anyone used or is using msa_networks for ranges of customer ip addresses for their dialup or dsl pools etc? It appears to me that msa_networks was designed for something like this... It's intended for you to list your MSA server IPs/networks with msa_networks, rather than clients who submit to the MSAs (the whole idea is that you then don't have to know those clients IPs). I suppose ISPs with tiny/hobby sized budgets that combine their MXes and MSAs could list just their clients' IPs in msa_networks to aid the odd customer who may relay from a public IP through their own server that has one of your (client IPs) assigned to it. Your life would be easier, though, if you at least logically separate your MSA and MX servers (and then just list your MSA server in msa_networks). Daryl