Re: Optimizing for low memory usage
> Hi SAs > > I'm installing SA under a Soekris, it has only 256 MB of ram, because it boots > using a flash there is not swap memory so I have a problem with memory. > > Does anyone has any configuration, recomendation to optimize SA for lowmemory > machines? Maybe turnning off some plugins? > > LD > Only thing I can think of is try it on a real time embedded os that doesn't need flash. Years ago, we were the worlds largest distributor of an RTOS called 'qnx'. When we moved from QNX to *BSD, we went from running named, sendmail and innd on 16MB of ram with no swap into the unix world. QNX has two runtime flavors, one that just creates linux compatible code, and the commercial runtimes for QNX embedded applications. You either need to pay for ram (for swap), or a QNX RTOS runtime. If you are trying to create a commercial anti-spam appliance 'clam shell' type box, with no ram and no flash, might as well skip spamassassin and do what you can with YOUR MTA and UCE rules for it. -- Michael Scheidell, CTO >|SECNAP Network Security Winner 2008 Network Products Guide Hot Companies FreeBSD SpamAssassin Ports maintainer _ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ _
Re: Optimizing for low memory ussage
On Mon, 15 Dec 2008, Luis Daniel Lucio Quiroz wrote: On Monday 15 December 2008 14:35:34 you wrote: On Mon, 15 Dec 2008, Luis Daniel Lucio Quiroz wrote: I'm installing SA under a Soekris, it has only 256 MB of ram, because it boots using a flash there is not swap memory so I have a problem with memory. Is there any way you can run SA on a larger machine that the Soekris can talk to? SA does have a client/server mode, where the MTA itself only needs to be running a lightweight client. No, I cant change Maybe in future more ram, 256 more but nothing else. Bummer. My hosted server is *almost* that small: MemTotal: 262352 kB MemFree: 22664 kB SwapCached: 11516 kB LowTotal: 262352 kB LowFree: 22664 kB SwapTotal: 524280 kB SwapFree: 468616 kB As you can see, I'm hitting swap a bit. But then, I'm also running a webserver that hosts a handful of websites and does an hourly stats report. How much disk space does it have? You should be able to run base SA, a bayes database (you'll probably want to avoid autolearning) and *some* custom rules. You might not be able to use the larger custom rules like the Sought sets - try them and see. You'll definitely want to leverage DNSBLs in your MTA. I recommend zen.spamhaus.org. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- Men by their constitutions are naturally divided in to two parties: 1. Those who fear and distrust the people and wish to draw all powers from them into the hands of the higher classes. 2. Those who identify themselves with the people, have confidence in them, cherish and consider them as the most honest and safe, although not the most wise, depository of the public interests. -- Thomas Jefferson --- Today: Bill of Rights day
Re: SA+Postfix without amavisd or Mailscanner?
On 12/15/2008 9:16 PM, Luis Daniel Lucio Quiroz wrote: It is possible to talk SA and Postfix without Amavis or Mailscanner, how? milter-spamc (rock solid) milter-spamassassin smf-spamd etc.
Re: SA+Postfix without amavisd or Mailscanner?
Luis Daniel Lucio Quiroz wrote on Mon, 15 Dec 2008 14:16:58 -0600: > It is possible to talk SA and Postfix without Amavis or Mailscanner, how? procmail, it's in the docs, on the wiki, everywhere, as it is the most basic method of invoking SA. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
Re: SA+Postfix without amavisd or Mailscanner?
Luis Daniel Lucio Quiroz wrote: It is possible to talk SA and Postfix without Amavis or Mailscanner, how? TIA LD Yes, it's possible. Here's a howto I have bookmarked: http://www.debuntu.org/postfix-and-pamassassin-how-to-filter-spam that may get you started. I've not personally tried it, perhaps others who run this setup can offer more specific advice. -ned
Re: Optimizing for low memory ussage
On Mon, 15 Dec 2008, Luis Daniel Lucio Quiroz wrote: I'm installing SA under a Soekris, it has only 256 MB of ram, because it boots using a flash there is not swap memory so I have a problem with memory. Does anyone has any configuration, recomendation to optimize SA for lowmemory machines? Maybe turnning off some plugins? Is there any way you can run SA on a larger machine that the Soekris can talk to? SA does have a client/server mode, where the MTA itself only needs to be running a lightweight client. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- We have to realize that people who run the government can and do change. Our society and laws must assume that bad people - criminals even - will run the government, at least part of the time. -- John Gilmore --- Today: Bill of Rights day
SA+Postfix without amavisd or Mailscanner?
It is possible to talk SA and Postfix without Amavis or Mailscanner, how? TIA LD
Optimizing for low memory ussage
Hi SAs I'm installing SA under a Soekris, it has only 256 MB of ram, because it boots using a flash there is not swap memory so I have a problem with memory. Does anyone has any configuration, recomendation to optimize SA for lowmemory machines? Maybe turnning off some plugins? LD
Re: [OT] GPG Signatures
At 00:55 15-12-2008, Arthur Dent wrote: I have had quite a lot of trouble getting my posts through to mailing lists (this one and others) lately. More often than not they simply never appear which makes me wonder if there is something wrong with my mail set-up (I would be grateful if someone could look at this one a let me know if I am triggering any rules...) What does the reject message say? Then today I received a bounceback message from a member of this list to a message I posted (successfully) 9 days ago. The gist of the bounceback is that my GPG signature was considered "unsafe". Now, I routinely sign my messages (not this one!) because I think it is good practice, but could this be at least part of the reason why my mail doesn't get through? No. There is a subscriber rewriting the recipient address to an invalid one. The bounces are incorrectly sent to the author of the message instead of the sender. Regards, -sm
Re: [OT] GPG Signatures
Arthur Dent wrote on Mon, 15 Dec 2008 08:55:16 +: > Then today I received a bounceback message from a member of this list to > a message I posted (successfully) 9 days ago. If you posted to this list and that member bounced to you then it is *their* software that is not correctly set up. I see many people signing on this and other list, there appears not be a problem. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
Re: [OT] GPG Signatures
Arthur Dent a écrit : > Hello all, > > I have had quite a lot of trouble getting my posts through to mailing > lists (this one and others) lately. More often than not they simply > never appear which makes me wonder if there is something wrong with my > mail set-up (I would be grateful if someone could look at this one a let > me know if I am triggering any rules...) > nothing bad (dkim verified and spf pass). > Then today I received a bounceback message from a member of this list to > a message I posted (successfully) 9 days ago. systems that send bounce to addresses found in headers are broken by design. if they should bounce, then they should use the envelope-sender. I just (temporarily?) blacklisted 219.88.242.59, as I received 19 bounces between 7:25 and 7:40 this morning. > The gist of the bounceback > is that my GPG signature was considered "unsafe". Now, I routinely sign > my messages (not this one!) because I think it is good practice, but > could this be at least part of the reason why my mail doesn't get > through? yet another hopelessly silly filter! GPG is of course a good practice. > > I attach the relevant parts of the bounceback message below. Note, it > appears that it is something called "Firebox" that is doing the > rejecting for this particular member and is therefore OT here, but I am > baffled... > > Thanks in advance for any suggestions... there's nothing to do. > [snip]
[OT] GPG Signatures
Hello all, I have had quite a lot of trouble getting my posts through to mailing lists (this one and others) lately. More often than not they simply never appear which makes me wonder if there is something wrong with my mail set-up (I would be grateful if someone could look at this one a let me know if I am triggering any rules...) Then today I received a bounceback message from a member of this list to a message I posted (successfully) 9 days ago. The gist of the bounceback is that my GPG signature was considered "unsafe". Now, I routinely sign my messages (not this one!) because I think it is good practice, but could this be at least part of the reason why my mail doesn't get through? I attach the relevant parts of the bounceback message below. Note, it appears that it is something called "Firebox" that is doing the rejecting for this particular member and is therefore OT here, but I am baffled... Thanks in advance for any suggestions... AD Start of bounceback: 8< == This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: memberofthisl...@hisaddress.net Unrouteable address -- This is a copy of the message, including all the headers. -- [Snip...] --wac7ysb48OaltWcw The WatchGuard Firebox that protects your network has detected a message = that may not be safe. Cause : The message content may not be safe. Content type : application/pgp-signature File name: (none) Virus status : No information. Action : The Firebox deleted (none). Recovery : cannot restore --wac7ysb48OaltWcw-- 8< == End of bounceback:
Re: sought rules updates
> >> ???AFAIK Justin is aware of this, and hopefully will have fixed it > >> soon. :) > On Wed, December 10, 2008 12:28, Justin Mason wrote: > > this should be fixed now, I think... On 15.12.08 03:12, Benny Pedersen wrote: [...] > [746] dbg: http: GET request, > http://yerp.org/rules/stage/320726402.tar.gz > [746] dbg: http: request failed, retrying: 403 Forbidden: HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> 403 > Forbidden Forbidden You don't have > permission to access /rules/stage/320726402.tar.gz on this > server. Apache/2.2.8 (Ubuntu) DAV/2 SVN/1.4.6 > PHP/5.2.4-2ubuntu5.3 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g > Server at yerp.org Port 80 [...] > seem its not right now :/ I am (was) ocasionally seeing this, however it works, apparently the rules aren't available durint their update. The last update I see is from ~ Dec 15 08:00 GMT +1 The problem that appeared before was that the rules were not updated a few days... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "One World. One Web. One Program." - Microsoft promotional advertisement "Ein Volk, ein Reich, ein Fuhrer!" - Adolf Hitler