Re: Spamassassin Letting a Lot of Spams Through
On Saturday 13 September 2008 21:58, aladdin wrote: > On Saturday 13 September 2008 20:38, aladdin wrote: > > On Saturday 13 September 2008 20:30, Daryl C. W. O'Shea wrote: > > > On 13/09/2008 8:20 PM, aladdin wrote: > > > > On Saturday 13 September 2008 20:00, Daryl C. W. O'Shea wrote: > > > >> Check to make sure that network tests aren't disabled. Many distro > > > >> packages have network tests turned off my default. Not sure where > > > >> Debian would configure this, sorry. > > > >> > > > >> Daryl > > > > > > > > Thanks for the reply! > > > > > > > > Where would I check that and what would I look for? Can you tell > > > > that from either the header or the config file I posted? > > > > > > Not sure where Debian keeps its daemon config files, but you can > > > probably find out by running the following command and looking for "-L" > > > or "--local" in the output. > > > > > > ps aux | grep spamd > > > > > > > > > Daryl > > > > Thanks again! > > > > Yeah, if you saw my last email, I checked that very thing. I believe > > that all my config files are in /etc/spamassassin; that is where the > > local.cf came from, and there are init.pre and v310, v312 files in > > there as well. That's where I looked to see if it appeared the networks > > tests (razor, pyzor, etc.) where turned on, and they *appear* to be;-). > > A bit more data- lo & behold, I checked the log files, and here is what > they say: > > ### > Sep 13 21:19:37 anw-dev spamd[17910]: bayes: cannot open bayes > databases /home/anw/.spamassassin/bayes_* R/O: tie failed: > Sep 13 21:20:37 anw-dev last message repeated 5 times > Sep 13 21:24:41 anw-dev spamd[17910]: bayes: cannot open bayes > databases /home/anw/.spamassassin/bayes_* R/O: tie failed: > Sep 13 21:24:41 anw-dev last message repeated 2 times > Sep 13 21:24:41 anw-dev spamd[17910]: bayes: cannot open bayes > databases /home/anw/.spamassassin/bayes_* R/W: tie failed: Inappropriate > ioctl for device > Sep 13 21:35:55 anw-dev spamd[17910]: bayes: cannot open bayes > databases /home/anw/.spamassassin/bayes_* R/O: tie failed: > Sep 13 21:35:55 anw-dev last message repeated 2 times > Sep 13 21:35:55 anw-dev spamd[17910]: bayes: cannot open bayes > databases /home/anw/.spamassassin/bayes_* R/W: tie failed: Inappropriate > ioctl for device > Sep 13 21:39:57 anw-dev spamd[17910]: bayes: cannot open bayes > databases /home/anw/.spamassassin/bayes_* R/O: tie failed: > # > > So, evidently, it can't find my bayes database. So, since I want to use a > system-wide database, where is it (/usr/share/spamassassin?, which has a > lot of likely looking files in it), and how do I tell spamd to use it? > > This directory has a lot of bayes, razor, pyzor, etc. filenames in it, and > this could be my problem. Well, I have run (from the time of my last post) spamd with this command line: /usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir=/usr/share/spamassassin -d --pidfile=/var/run/spamd.pid and I still have the same problem with emails and the same log entries. -- Thanks and regards, Allen Williams Office: +1.321.309.7931 Mobile: +1.321.258.1272
Re: Spamassassin Letting a Lot of Spams Through
On Saturday 13 September 2008 20:38, aladdin wrote: > On Saturday 13 September 2008 20:30, Daryl C. W. O'Shea wrote: > > On 13/09/2008 8:20 PM, aladdin wrote: > > > On Saturday 13 September 2008 20:00, Daryl C. W. O'Shea wrote: > > >> Check to make sure that network tests aren't disabled. Many distro > > >> packages have network tests turned off my default. Not sure where > > >> Debian would configure this, sorry. > > >> > > >> Daryl > > > > > > Thanks for the reply! > > > > > > Where would I check that and what would I look for? Can you tell that > > > from either the header or the config file I posted? > > > > Not sure where Debian keeps its daemon config files, but you can > > probably find out by running the following command and looking for "-L" > > or "--local" in the output. > > > > ps aux | grep spamd > > > > > > Daryl > > Thanks again! > > Yeah, if you saw my last email, I checked that very thing. I believe that > all my config files are in /etc/spamassassin; that is where the local.cf > came from, and there are init.pre and v310, v312 files in there as > well. That's where I looked to see if it appeared the networks tests > (razor, pyzor, etc.) where turned on, and they *appear* to be;-). A bit more data- lo & behold, I checked the log files, and here is what they say: ### Sep 13 21:19:37 anw-dev spamd[17910]: bayes: cannot open bayes databases /home/anw/.spamassassin/bayes_* R/O: tie failed: Sep 13 21:20:37 anw-dev last message repeated 5 times Sep 13 21:24:41 anw-dev spamd[17910]: bayes: cannot open bayes databases /home/anw/.spamassassin/bayes_* R/O: tie failed: Sep 13 21:24:41 anw-dev last message repeated 2 times Sep 13 21:24:41 anw-dev spamd[17910]: bayes: cannot open bayes databases /home/anw/.spamassassin/bayes_* R/W: tie failed: Inappropriate ioctl for device Sep 13 21:35:55 anw-dev spamd[17910]: bayes: cannot open bayes databases /home/anw/.spamassassin/bayes_* R/O: tie failed: Sep 13 21:35:55 anw-dev last message repeated 2 times Sep 13 21:35:55 anw-dev spamd[17910]: bayes: cannot open bayes databases /home/anw/.spamassassin/bayes_* R/W: tie failed: Inappropriate ioctl for device Sep 13 21:39:57 anw-dev spamd[17910]: bayes: cannot open bayes databases /home/anw/.spamassassin/bayes_* R/O: tie failed: # So, evidently, it can't find my bayes database. So, since I want to use a system-wide database, where is it (/usr/share/spamassassin?, which has a lot of likely looking files in it), and how do I tell spamd to use it? This directory has a lot of bayes, razor, pyzor, etc. filenames in it, and this could be my problem. -- Thanks and regards, Allen Williams Office: +1.321.309.7931 Mobile: +1.321.258.1272
Re: Spamassassin Letting a Lot of Spams Through
On Saturday 13 September 2008 20:30, Daryl C. W. O'Shea wrote: > On 13/09/2008 8:20 PM, aladdin wrote: > > On Saturday 13 September 2008 20:00, Daryl C. W. O'Shea wrote: > >> Check to make sure that network tests aren't disabled. Many distro > >> packages have network tests turned off my default. Not sure where > >> Debian would configure this, sorry. > >> > >> Daryl > > > > Thanks for the reply! > > > > Where would I check that and what would I look for? Can you tell that > > from either the header or the config file I posted? > > Not sure where Debian keeps its daemon config files, but you can > probably find out by running the following command and looking for "-L" > or "--local" in the output. > > ps aux | grep spamd > > > Daryl Thanks again! Yeah, if you saw my last email, I checked that very thing. I believe that all my config files are in /etc/spamassassin; that is where the local.cf came from, and there are init.pre and v310, v312 files in there as well. That's where I looked to see if it appeared the networks tests (razor, pyzor, etc.) where turned on, and they *appear* to be;-). -- Thanks and regards, Allen Williams Office: +1.321.309.7931 Mobile: +1.321.258.1272
Re: Spamassassin Letting a Lot of Spams Through
On Saturday 13 September 2008 20:20, aladdin wrote: > On Saturday 13 September 2008 20:00, Daryl C. W. O'Shea wrote: > > Check to make sure that network tests aren't disabled. Many distro > > packages have network tests turned off my default. Not sure where > > Debian would configure this, sorry. > > > > Daryl > > Thanks for the reply! > > Where would I check that and what would I look for? Can you tell that from > either the header or the config file I posted? According to what I found on the web, NOT having the -L or --local switch enables the network tests. I DO NOT have this switch on my spamd command line. And, as near as I can tell, the config files turn on all that stuff (razor, pyzor, etc.). -- Thanks and regards, Allen Williams Office: +1.321.309.7931 Mobile: +1.321.258.1272 --- -- Thanks and regards, Allen Williams Office: +1.321.309.7931 Mobile: +1.321.258.1272
Re: Spamassassin Letting a Lot of Spams Through
On 13/09/2008 8:20 PM, aladdin wrote: > On Saturday 13 September 2008 20:00, Daryl C. W. O'Shea wrote: >> Check to make sure that network tests aren't disabled. Many distro >> packages have network tests turned off my default. Not sure where >> Debian would configure this, sorry. >> >> Daryl > > Thanks for the reply! > > Where would I check that and what would I look for? Can you tell that from > either the header or the config file I posted? Not sure where Debian keeps its daemon config files, but you can probably find out by running the following command and looking for "-L" or "--local" in the output. ps aux | grep spamd Daryl
Re: Spamassassin Letting a Lot of Spams Through
On Saturday 13 September 2008 20:00, Daryl C. W. O'Shea wrote: > Check to make sure that network tests aren't disabled. Many distro > packages have network tests turned off my default. Not sure where > Debian would configure this, sorry. > > Daryl Thanks for the reply! Where would I check that and what would I look for? Can you tell that from either the header or the config file I posted? -- Thanks and regards, Allen Williams Office: +1.321.309.7931 Mobile: +1.321.258.1272
Re: Spamassassin Letting a Lot of Spams Through
Check to make sure that network tests aren't disabled. Many distro packages have network tests turned off my default. Not sure where Debian would configure this, sorry. Daryl
Spamassassin Letting a Lot of Spams Through
Sorry about the generic subject, but it is the only thing this newbie knows to describe the symptom. Platform: Debian (Etch?) Latest Spamassassin in apt (version 3.1.7-deb) Invocation comes from KMail, via spamc (presumably) to the spamd daemon- set up using KMail Wizard, and manually checked Spamassassin doesn't seem to be catching much spam at all. I've run thousands of spams through sa-learn, and hundreds of hams (needless to say, I get the ratio of thousands of spams to tens of hams). I can't see where it's even using the Bayes filter. Here is the config file: # This is the right place to customize your installation of SpamAssassin. # # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be # tweaked. # # Only a small subset of options are listed below # ### rewrite_header Subject *SPAM* required_score 5.0 use_bayes 1 bayes_auto_learn 1 # And here's the german portion of an example header from a processed email that should have been spam but wasn't: X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on anw-dev.cfl.rr.com X-Spam-Level: X-Spam-Status: No, score=0.9 required=5.0 tests=SUBJ_HAS_UNIQ_ID autolearn=no version=3.1.7-deb X-Virus-Flag: no Return-path: <[EMAIL PROTECTED]> ### It looks like, to this unwashed newbie, that: a) it's not autolearning (perhaps it doesn't on real emails?) and b) even though this email is full of references like "boosting your sexual power" and "high quality medications", and even comes from address "[EMAIL PROTECTED]", you can see it is still getting a low spam score. TIA -- Thanks and regards, Allen Williams Office: +1.321.309.7931 Mobile: +1.321.258.1272
RE: Skip scanning for large mails
Sorry, the feature of not SA scanning if the message is 'large'. -- martin -Original Message- From: mouss <[EMAIL PROTECTED]> Sent: Saturday, September 13, 2008 8:25 PM Cc: users@spamassassin.apache.org Subject: Re: Skip scanning for large mails Martin.Hepworth wrote: > Depends on you call SA.. Mailscanner for one has this feature. > sorry, I don't understand what feature you are talking about. my point was that the number of large spam messages is too low for me to spend SA processing on it. The samples I looked at could easily be stopped otherwise (I don't "usuall" get a lot of lottery mail with a large .tif from a gmail address!!). but it's not worth the pain. if spammers start sending large messages, things will change... ** Confidentiality : This e-mail and any attachments are intended for the addressee only and may be confidential. If they come to you in error you must take no action based on them, nor must you copy or show them to anyone. Please advise the sender by replying to this e-mail immediately and then delete the original from your computer. Opinion : Any opinions expressed in this e-mail are entirely those of the author and unless specifically stated to the contrary, are not necessarily those of the author's employer. Security Warning : Internet e-mail is not necessarily a secure communications medium and can be subject to data corruption. We advise that you consider this fact when e-mailing us. Viruses : We have taken steps to ensure that this e-mail and any attachments are free from known viruses but in keeping with good computing practice, you should ensure that they are virus free. Red Lion 49 Ltd T/A Solid State Logic Registered as a limited company in England and Wales (Company No:5362730) Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU, United Kingdom **
Re: Skip scanning for large mails
Martin.Hepworth wrote: Depends on you call SA.. Mailscanner for one has this feature. sorry, I don't understand what feature you are talking about. my point was that the number of large spam messages is too low for me to spend SA processing on it. The samples I looked at could easily be stopped otherwise (I don't "usuall" get a lot of lottery mail with a large .tif from a gmail address!!). but it's not worth the pain. if spammers start sending large messages, things will change...
RE: Skip scanning for large mails
Depends on you call SA.. Mailscanner for one has this feature. martin -Original Message- From: mouss <[EMAIL PROTECTED]> Sent: Saturday, September 13, 2008 6:42 PM Cc: users@spamassassin.apache.org Subject: Re: Skip scanning for large mails RobertH wrote: >> From: mouss > >> >> 1MB is probably too large. There is not much spam with such size >> (although few ones were reported here). >> >> > > What has the studies of the average and realistic maximum of spam email > sizes concluded? > > Was the conclusion the SA default size? > I am not aware of any study. but I just checked a junk folder of 5701 spams and found that: - 4: have a size >= 1 Mo (2 are about 1M and 2 about 1.7M) - 7: 256 >< 500 - 13: 100 >< 256 K (Incidentally, no spam in the 450K - 1M range. I'll have to look at other spams). In short: - 0.42% are >= 100K - 0.19% are >= 256K - 0.07% >= 1M so ther's not much benefit spending SA processing on large messages. ** Confidentiality : This e-mail and any attachments are intended for the addressee only and may be confidential. If they come to you in error you must take no action based on them, nor must you copy or show them to anyone. Please advise the sender by replying to this e-mail immediately and then delete the original from your computer. Opinion : Any opinions expressed in this e-mail are entirely those of the author and unless specifically stated to the contrary, are not necessarily those of the author's employer. Security Warning : Internet e-mail is not necessarily a secure communications medium and can be subject to data corruption. We advise that you consider this fact when e-mailing us. Viruses : We have taken steps to ensure that this e-mail and any attachments are free from known viruses but in keeping with good computing practice, you should ensure that they are virus free. Red Lion 49 Ltd T/A Solid State Logic Registered as a limited company in England and Wales (Company No:5362730) Registered Office: 25 Spring Hill Road, Begbroke, Oxford OX5 1RU, United Kingdom **
Re: Skip scanning for large mails
RobertH wrote: From: mouss > 1MB is probably too large. There is not much spam with such size (although few ones were reported here). What has the studies of the average and realistic maximum of spam email sizes concluded? Was the conclusion the SA default size? I am not aware of any study. but I just checked a junk folder of 5701 spams and found that: - 4: have a size >= 1 Mo (2 are about 1M and 2 about 1.7M) - 7: 256 >< 500 - 13: 100 >< 256 K (Incidentally, no spam in the 450K - 1M range. I'll have to look at other spams). In short: - 0.42% are >= 100K - 0.19% are >= 256K - 0.07% >= 1M so ther's not much benefit spending SA processing on large messages.
RE: Skip scanning for large mails
> From: mouss > > > 1MB is probably too large. There is not much spam with such size > (although few ones were reported here). > > What has the studies of the average and realistic maximum of spam email sizes concluded? Was the conclusion the SA default size? - rh
Re: Shortcurcuit scoring problem (3.2.5)
On Sat, 2008-09-13 at 03:13 +0200, Felix Buenemann wrote: > Hi, > > I'm experiencing the exact same problem with 3.2.3, y "fix" was simply > to manually specify the spam score: > > # adjust for high efficiency rules > score URIBL_BLACK 50 > score URIBL_JP_SURBL 50 > score RCVD_IN_BL_SPAMCOP_NET 50 > score RAZOR2_CHECK 50 > score BAYES_99 50 > # short circuit high efficiency rules > shortcircuit URIBL_BLACK spam > shortcircuit URIBL_JP_SURBL spam > shortcircuit RCVD_IN_BL_SPAMCOP_NET spam > shortcircuit RAZOR2_CHECK spam > shortcircuit BAYES_99 spam Single rule poison-pills are FP prone. Every rule in that list *does* have false positives. guenther -- char *t="[EMAIL PROTECTED]"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: version now in X-Spam-Checker-Version, so remove from X-Spam-Status
On Sat, 2008-09-13 at 01:54 +, Duane Hill wrote: > On Sat, 13 Sep 2008, [EMAIL PROTECTED] wrote: > > > Gentlemen, I am frustrated by the duplication of information in: > > X-Spam-Checker-Version: SpamAssassin > > 3.2.5-mon_sep__8_23_53_29_2008.jidanni2.jidanni.org (2008-06-10) on > > jidanni2.jidanni.org > > X-Spam-Status: No, score=0.0 required=1.9 tests=none autolearn=disabled > > version=3.2.5-mon_sep__8_23_53_29_2008.jidanni2.jidanni.org Yay, a 51 char long version string. Indeed, I'd be annoyed (not frustrated, though) by that, too. However, it's not the default. Not even close. In my headers, the version string "3.2.5" is barely noticeable. > Then why not just remove it. This is the default: > > add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ > autolearn=_AUTOLEARN_ version=_VERSION_ > > according to 'perldoc Mail::SpamAssassin::Conf'. > > Add the above in your local.cf and knock off the 'version=_VERSION_' part. > > Problem solved. SpamAssassin _IS_ configurable. Yeah, just remove it. Or, maybe, stick to a shorter version identifier. You don't need all that information encoded into that string of yours, do you? guenther -- char *t="[EMAIL PROTECTED]"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
access to binary attachments from $PerMsgStatus ?
Hi, writing a plugin to investigate zip-file content I see the need to get access to attachment data. The stucture I get from the method argv using the code below lacks contents using the MIME type "application/octet-stream" - at least. (If I just change the content-type: header for testing purpose to "text/plain" in the message, I can get the binary stuff) sub zipcontent_is_like { my ($self, $permsgstatus, $args, @Args) = @_; my $msg = $permsgstatus->get_message(); for my $i (@{$msg->{body_parts}}) { print Data::Dumper->Dump([ $i ]); } ... So: what can I do to get access to the binary / base64 attachment content? TIA, Chris -- Christian Recktenwald [EMAIL PROTECTED]
Re: Skip scanning for large mails
On Sat, 2008-09-13 at 07:57 -0400, Gene Heskett wrote: > I have reduced the size of what gets sent thru SA in my .procmailrc, first to > 50k a few months ago, and just now to 20k, as I am running Fedora 8 here and > often have lags that can last 2-3 minutes. Am I on the right track to speed > this up? > You may want to look outside SA and its immediate environment for the source of your slowdown. My spam collection is currently 53 messages totalling 342 KB (min 1.9 KB, average 6.5 KB, max 42KB). This entire collection runs through spamc in 49 seconds. Spamc is is running on a Thinkpad R61i (1.4 GHz Core Duo, Fedora 9) using 100Mb/s ethernet to talk to spamd for this test, with a script invoking it for each test message. Spamd is on an old (866 MHz, 512 MB) NetVista running Fedora 8 patched up to date as of 3 hours ago, so its using Perl 8.8. In addition its running named, so RBL lookups etc are cached on the same box. I hope these figures give you something to work on. Martin
Re: Skip scanning for large mails
On Saturday 13 September 2008, mouss wrote: >Gene Heskett wrote: >> There are rumors floating around that the python being shipped by >> redhat/fedora is about 100x slower than python installed from the >> tarballs. > >python? do you mean perl? > Possibly, at my age, CRS can be a problem. :) I not that some perl was just recently replaced, is this good? >> Can this be confirmed? > >See the recent thread "using RHEL / CentOS / Fedora perl?" > >> I have reduced the size of what gets sent thru SA in my .procmailrc, first >> to 50k a few months ago, and just now to 20k, as I am running Fedora 8 >> here and often have lags that can last 2-3 minutes. Am I on the right >> track to speed this up? >> >> The 419 and viagra spams are both out of control here, and there have been >> no rules updates in months that I'm aware of. Am I not on the right list >> to be notified? With the apparent demise of RDJ, updates have slowed to a >> crawl, and finally stopped, or so it appears. > >don't use RDJ. use a recent version of SA and use sa-update. I use 3.2.5 >with JM Sought rules and few SARE rules. The latter haven't been updated >since long, but this is normal (they are considered stable). From an old root crontab where several older incantations have been commented out, it appears your gpgkey was changed, and when I did the new import, it was renamed to be a .2 key. What do I do, remove the old one and rename this one without the .2? Where might these JM Sought rules be obtained, and where are they placed for use? Thanks. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) ... The prejudices people feel about each other disappear when they get to know each other. -- Kirk, "Elaan of Troyius", stardate 4372.5
Re: Skip scanning for large mails
Gene Heskett wrote: There are rumors floating around that the python being shipped by redhat/fedora is about 100x slower than python installed from the tarballs. python? do you mean perl? Can this be confirmed? See the recent thread "using RHEL / CentOS / Fedora perl?" I have reduced the size of what gets sent thru SA in my .procmailrc, first to 50k a few months ago, and just now to 20k, as I am running Fedora 8 here and often have lags that can last 2-3 minutes. Am I on the right track to speed this up? The 419 and viagra spams are both out of control here, and there have been no rules updates in months that I'm aware of. Am I not on the right list to be notified? With the apparent demise of RDJ, updates have slowed to a crawl, and finally stopped, or so it appears. don't use RDJ. use a recent version of SA and use sa-update. I use 3.2.5 with JM Sought rules and few SARE rules. The latter haven't been updated since long, but this is normal (they are considered stable).
Re: Skip scanning for large mails
On Saturday 13 September 2008, Felix Buenemann wrote: >Andrzej Adam Filip schrieb: >> Felix Buenemann<[EMAIL PROTECTED]> wrote: >>> is it possible to skip scanning with spamc for large mails? (eg.> 1MB) >>> >>> I receive lots of huge mail (15-30MByte) on my server an the scanning >>> takes very long for those mails, that will be ham anyways. >>> >>> Best Regards, >>> Felix Buenemann >> >> >>-s max_size, --max-size=max_size >>Set the maximum message size which will be sent to spamd -- any >>bigger than this threshold and the message will be returned >>unprocessed (default: 500 KB). If spamc gets handed a message >>bigger than this, it won’t be passed to spamd. The maximum >>message size is 256 MB. The size is specified in bytes, as a >>positive integer greater than 0. For example, -s 50. >> > >OK, so I looked in the totally wrong place for it. I looked into the >spamc wrapper and it actually uses -s 256000, so that can't explain long >processing times. Seems it's back to checking logs for me, thx. > >-- Felix There are rumors floating around that the python being shipped by redhat/fedora is about 100x slower than python installed from the tarballs. Can this be confirmed? I have reduced the size of what gets sent thru SA in my .procmailrc, first to 50k a few months ago, and just now to 20k, as I am running Fedora 8 here and often have lags that can last 2-3 minutes. Am I on the right track to speed this up? The 419 and viagra spams are both out of control here, and there have been no rules updates in months that I'm aware of. Am I not on the right list to be notified? With the apparent demise of RDJ, updates have slowed to a crawl, and finally stopped, or so it appears. Thanks. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Redundant ACLs.
Re: Skip scanning for large mails
Andrzej Adam Filip schrieb: Felix Buenemann<[EMAIL PROTECTED]> wrote: is it possible to skip scanning with spamc for large mails? (eg.> 1MB) I receive lots of huge mail (15-30MByte) on my server an the scanning takes very long for those mails, that will be ham anyways. Best Regards, Felix Buenemann -s max_size, --max-size=max_size Set the maximum message size which will be sent to spamd -- any bigger than this threshold and the message will be returned unprocessed (default: 500 KB). If spamc gets handed a message bigger than this, it won’t be passed to spamd. The maximum message size is 256 MB. The size is specified in bytes, as a positive integer greater than 0. For example, -s 50. OK, so I looked in the totally wrong place for it. I looked into the spamc wrapper and it actually uses -s 256000, so that can't explain long processing times. Seems it's back to checking logs for me, thx. -- Felix
Re: Skip scanning for large mails
Felix Buenemann wrote: Hi, is it possible to skip scanning with spamc for large mails? (eg. > 1MB) I receive lots of huge mail (15-30MByte) on my server an the scanning takes very long for those mails, that will be ham anyways. 1MB is probably too large. There is not much spam with such size (although few ones were reported here). http://spamassassin.apache.org/full/3.2.x/doc/spamc.html -s max_size, --max-size=max_size Set the maximum message size which will be sent to spamd -- any bigger than this threshold and the message will be returned unprocessed (default: 500 KB). If spamc gets handed a message bigger than this, it won't be passed to spamd. The maximum message size is 256 MB. The size is specified in bytes, as a positive integer greater than 0. For example, -s 50. You can also skip spamc altogether if the tool you use to call it allows you to do so.
Re: Skip scanning for large mails
Felix Buenemann <[EMAIL PROTECTED]> wrote: > is it possible to skip scanning with spamc for large mails? (eg. > 1MB) > > I receive lots of huge mail (15-30MByte) on my server an the scanning > takes very long for those mails, that will be ham anyways. > > Best Regards, >Felix Buenemann -s max_size, --max-size=max_size Set the maximum message size which will be sent to spamd -- any bigger than this threshold and the message will be returned unprocessed (default: 500 KB). If spamc gets handed a message bigger than this, it won’t be passed to spamd. The maximum message size is 256 MB. The size is specified in bytes, as a positive integer greater than 0. For example, -s 50. -- [pl>en: Andrew] Andrzej Adam Filip : [EMAIL PROTECTED] : [EMAIL PROTECTED] :-) your own self. -- Larry Wall in <[EMAIL PROTECTED]>
Skip scanning for large mails
Hi, is it possible to skip scanning with spamc for large mails? (eg. > 1MB) I receive lots of huge mail (15-30MByte) on my server an the scanning takes very long for those mails, that will be ham anyways. Best Regards, Felix Buenemann