Re: sa-update / perl error again

[Kevin A. McGrail]

What is the Net::DNS version, are you pure ipv6 and are you 64-bit?

Also, have you opened a bug with centos or redhat?

Try removing/commenting all your cf files especially anything dealing with ip's.

Other than that, I would likely update net dns with cpan at least temporarily 
to see if it fixes thinks.
Regards,
KAM

email builder  wrote:

Anyone have any other insights?  Thanks!


>>>   Running CentOS5 with SpamAssassin v3.3.1-2.el5 installed via yum
> 
>>> 
>>>   I remember getting this error a while ago, and it was fixed (don't
>>>   remember how, but I think just by upgrading), but now it's
>>>   happening again:
>>> 
>>>   Subroutine Net::DNS::Resolver::Base::AF_INET6 redefined at
>>>   /usr/lib/perl5/5.8.8/Exporter.pm line 65.
>>>at
>>> 
>> 
> /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Net/DNS/Resolver/Base.pm
>>>   line 65
>> 
>> are you still running perl 5.8.8?
>> 
>> (perl -v)
> 
> Yes, "still". I say that because that's the newest Centos 5 
> provides.
> 
>> if you have multiple perl sitelibs, you might have a conflict.
>> 
>> cd /usr/lib/perl5.
>> 
>> ls.  how many vendor_perl and site_perl's do you have?
> 
> cd /usr/lib/perl5/
> ls
> 
> 5.8.8  site_perl  vendor_perl
> 
> I'm not sure what this tells you, but maybe this is helpful:
> 
> locate INET6.pm
> 
> /usr/lib/perl5/vendor_perl/5.8.8/IO/Socket/INET6.pm
> 
>> or, you could just delete (manually) IO-Socket-INET6 (make a backup first!)
>> on freebsd (with perl 5.10.1):
>> 
>> /usr/local/lib/perl5/5.10.1/man/man3/IO::Socket::INET6.3.gz
>> /usr/local/lib/perl5/site_perl/5.10.1/IO/Socket/INET6.pm
>> /usr/local/lib/perl5/site_perl/5.10.1/mach/auto/IO/Socket/INET6
>> /usr/local/lib/perl5/site_perl/5.10.1/mach/auto/IO/Socket/INET6/.packlist
>> 
>> on fedora, try:
>> 
>> find /usr/lib/ -name 'INET6*'
>> (back them up)
> 
> Same result as above:
> 
> /usr/lib/perl5/vendor_perl/5.8.8/IO/Socket/INET6.pm
> 
> As I stated in my inquiry, I'd prefer to do my package management
> via yum if at all possible. Yum tells me to uninstall this package,
> spamassassin depends on it so has to be removed also. So it does
> not seem like a good idea to remove it out from under SA
> 
>>>   The results I get from Google regarding this are all circa
>>>   2008. The only hints I can find seem to suggest to remove
>>>   perl-IO-Socket-INET6, but trying to do so using yum (I don't
>>>   want to start using another method of package management)
>>>   tells me that spamassassin is a dependency and will also be
>>>   removed - obviously undesirable.
>>> 
>>>   Perl is up to date on the machinge.
>> 
>> no its not :-)
> 
> Yes, it is :-) Centos/RHEL 5 seems to maintain 5.8.8 with its own updates or 
> some such thing.
> 
> Thank you for your help
> 

Re: sa-update / perl error again

[Ned Slider]

On 04/01/12 07:35, email builder wrote:

Anyone have any other insights?  Thanks!




I have spamassassin-3.3.2-2.el5 installed from rpmforge on el5 - that 
package, besides being more up to date than the distro version also does 
not require perl-IO-Socket-INET6. I suspect your version does not really 
require perl-IO-Socket-INET6 either.


Do you actually need perl-IO-Socket-INET6? I assume not as you tried to 
remove it.


What does the following show:

rpm -q --requires perl-IO-Socket-INET6

I would update SpamAssassin from rpmforge and then remove 
perl-IO-Socket-INET6.


For reference, here are the perl packages I have installed on my system 
running SA/Amavisd-new/Clam (.el5 = distro, .rf = rpmforge, .rfx = 
rpmforge-extras)



# rpm -q spamassassin amavisd-new clamav
spamassassin-3.3.2-2.el5.rfx.x86_64
amavisd-new-2.6.6-1.el5.rf.x86_64
clamav-0.97.3-1.el5.rf.x86_64


# rpm -qa perl* | sort
perl-5.8.8-32.el5_7.6.x86_64
perl-Archive-Tar-1.39.1-1.el5_5.2.noarch
perl-Archive-Zip-1.16-1.2.1.noarch
perl-Authen-SASL-2.15-1.el5.rf.noarch
perl-BerkeleyDB-0.43-1.el5.rf.x86_64
perl-Bit-Vector-6.4-2.2.2.1.x86_64
perl-Carp-Clan-5.3-1.2.1.noarch
perl-Compress-Raw-Bzip2-2.037-1.el5.rf.x86_64
perl-Compress-Raw-Zlib-2.037-1.el5.rf.x86_64
perl-Convert-ASN1-0.20-1.1.noarch
perl-Convert-BinHex-1.119-2.2.el5.rf.noarch
perl-Convert-TNEF-0.17-3.2.el5.rf.noarch
perl-Convert-UUlib-1.34-1.el5.rf.x86_64
perl-Crypt-OpenSSL-Random-0.04-1.el5.rf.x86_64
perl-Crypt-OpenSSL-RSA-0.26-1.el5.rf.x86_64
perl-Date-Calc-5.4-1.2.2.1.x86_64
perl-DBI-1.52-2.el5.x86_64
perl-Digest-HMAC-1.01-15.noarch
perl-Digest-SHA1-2.11-1.2.1.x86_64
perl-Digest-SHA-5.50-1.el5.rf.x86_64
perl-Email-Date-Format-1.002-1.el5.rf.noarch
perl-Encode-Detect-1.01-1.el5.rf.x86_64
perl-Error-0.17016-1.el5.rf.noarch
perl-Geography-Countries-2009041301-1.el5.rf.noarch
perl-Git-1.7.6.4-1.el5.rf.x86_64
perl-HTML-Parser-3.59-1.el5.x86_64
perl-HTML-Tagset-3.10-2.1.1.noarch
perl-IO-Compress-2.037-1.el5.rfx.noarch
perl-IO-Multiplex-1.10-1.el5.rf.noarch
perl-IO-Socket-SSL-1.01-1.fc6.noarch
perl-IO-stringy-2.110-1.2.el5.rf.noarch
perl-IO-Zlib-1.04-4.2.1.noarch
perl-IP-Country-2.27-1.el5.rf.noarch
perl-libwww-perl-5.805-1.1.1.noarch
perl-Mail-DKIM-0.39-1.el5.rf.noarch
perl-Mail-SPF-2.006-1.el5.rf.noarch
perl-MailTools-2.08-1.el5.rf.noarch
perl-MIME-Lite-3.027-1.el5.rf.noarch
perl-MIME-tools-5.420-2.el5.rf.noarch
perl-NetAddr-IP-4.044-1.el5.rf.x86_64
perl-Net-DNS-0.59-3.el5.x86_64
perl-Net-Ident-1.23-1.el5.rf.noarch
perl-Net-IP-1.25-2.fc6.noarch
perl-Net-Server-0.99-1.el5.rf.noarch
perl-Net-SMTP-SSL-1.01-1.el5.rf.noarch
perl-Net-SSLeay-1.30-4.fc6.x86_64
perl-Parse-Syslog-1.10-1.el5.rf.noarch
perl-Pod-Escapes-1.04-1.2.el5.rf.noarch
perl-Pod-Simple-3.16-1.el5.rf.noarch
perl-Razor-Agent-2.84-1.el5.rf.x86_64
perl-SGMLSpm-1.03ii-16.2.1.noarch
perl-Socket6-0.19-3.fc6.x86_64
perl-String-CRC32-1.4-2.fc6.x86_64
perl-Test-Pod-1.45-1.el5.rf.noarch
perl-TimeDate-1.16-5.el5.noarch
perl-Unix-Syslog-1.1-1.el5.rf.x86_64
perl-URI-1.35-3.noarch
perl-version-0.91-1.el5.rf.x86_64

Re: sa-update / perl error again

[Ned Slider]

On 04/01/12 15:30, Ned Slider wrote:


What does the following show:

rpm -q --requires perl-IO-Socket-INET6



Oops, I meant:

rpm -q --whatrequires perl-IO-Socket-INET6

Re: sa-update / perl error again

[Benny Pedersen]

On Wed, 04 Jan 2012 08:46:16 -0500, Kevin A. McGrail wrote:

What is the Net::DNS version, are you pure ipv6 and are you 64-bit?


in gentoo/funtoo its just perl-cleaner all

but it does not handle arch changes


 Also, have you opened a bug with centos or redhat?


if more do this centos would be better :-)


Try removing/commenting all your cf files especially anything dealing
with ips.

Other than that, I would likely update net dns with cpan at least
temporarily to see if it fixes thinks.


bad suggestion !

SPF tests and authenticated SMTP

[nsayer]

I'm running a brand new installation of SA 3.3.2 with the Milter on FreeBSD
8.2.

Everything is going smoothly, for the most part (there seems to be one
particular spammer who's evading SA, but whatever), but there's one little
thing that bugs me slightly.

I use authenticated SMTP to send e-mail. The SPF records for my domain
(kfu.com) basically say that mail must come from my mail server and nowhere
else. However, my expectation is that my mail server should make an
exception if (and only if) the mail is sent with SMTP AUTH.

However, such mail winds up getting SPF_FAIL in the SA report.

Here's a received header example:


Received: from {my laptop} ({hostname of NAT gateway it happens to be
behind} [x.x.x.x])
(authenticated bits=0)
by quack.kfu.com (8.14.5/8.14.5) with ESMTP id q04K12lj052202
(version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO)
for ; Wed, 4 Jan 2012 12:01:05 -0800 (PST)
(envelope-from nsa...@kfu.com)

I assert that Mail::SPF should regard Received: headers that have the
"authenticated" modifier in them as being ennobled and SPF should not apply.
Is there some mechanism for this?
-- 
View this message in context: 
http://old.nabble.com/SPF-tests-and-authenticated-SMTP-tp33081983p33081983.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: sa-update / perl error again

[email builder]

>What is the Net::DNS version, are you pure ipv6 and are you 64-bit?


perl-Net-DNS-0.63-1.el5.rf

I don't use IPv6 that I know of (the errant package is installed whether
I like it or not as a dependency of spamassassin).  


32 bit.


>Also, have you opened a bug with centos or redhat?


I've asked for help on the CentOS users mailing list.  So far not much to go
on except maybe it's a conflict with a package from a non-CentOS repo
(rpmforge?).


>Try removing/commenting all your cf files especially anything dealing with 
>ip's.
>
>Other than that, I would likely update net dns with cpan at least temporarily 
>to see if it fixes thinks.
>Regards,
>KAM
>
>
>email builder  wrote:
>Anyone have any other insights?  Thanks!
>>
>>
>   Running CentOS5 with SpamAssassin v3.3.1-2.el5 installed via yum
>>> 
> 
>   I remember getting this error a while ago, and it was fixed (don't
>   remember how, but I think just by upgrading), but now it's
>   happening again:
> 
>   Subroutine Net::DNS::Resolver::Base::AF_INET6 redefined at
>   /usr/lib/perl5/5.8.8/Exporter.pm line 65.
> at
> 
 
>>> /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Net/DNS/Resolver/Base.pm
>   line 65
 
  are you still running perl 5.8.8?
 
  (perl -v)
>>> 
>>> !
Yes,
"still". I say that because that's the newest Centos 5 
>>> provides.
>>> 
  if you have multiple perl sitelibs, you might have a conflict.
 
  cd /usr/lib/perl5.
 
  ls.  how many vendor_perl and site_perl's do you have?
>>> 
>>> cd /usr/lib/perl5/
>>> ls
>>> 
>>> 5.8.8  site_perl  vendor_perl
>>> 
>>> I'm not sure what this tells you, but maybe this is helpful:
>>> 
>>> locate INET6.pm
>>> 
>>> /usr/lib/perl5/vendor_perl/5.8.8/IO/Socket/INET6.pm
>>> 
  or, you could just delete (manually) IO-Socket-INET6 (make a backup 
first!)
  on freebsd (with perl 5.10.1):
 
  /usr/local/lib/perl5/5.10.1/man/man3/IO::Socket::INET6.3.gz
  /usr/local/lib/perl5/site_perl/5.10.1/IO/Socket/INET6.pm
  /usr/local/lib/perl5/site_perl/5.10.1/mach/auto/IO/Socket/INET6
  /usr/local/lib/perl5/site_perl/5.10.1/mach/auto/IO/Socket/INET6/.packlist
 
  on fedora, try:
 
  find /usr/lib/ -name 'INET6*'
  (back them up)
>>> 
>>> Same result as above:
>>> 
>>> /usr/lib/perl5/vendor_perl/5.8.8/IO/Socket/INET6.pm
>>> 
>>> As I stated in my inquiry, I'd prefer to do my package management
>>> via yum if at all possible. Yum tells me to uninstall this package,
>>> spamassassin depends on it so has to be removed also. So it does
>>> not seem like a good idea to remove it out from under SA
>>> 
>   The results I get from Google regarding this are all circa
>   2008. The only hints I can find seem to suggest to remove
>  
perl-IO-Socket-INET6, but trying to do so using yum (I don't
>   want to start using another method of package management)
>   tells me that spamassassin is a dependency and will also be
>   removed - obviously undesirable.
> 
>   Perl is up to date on the machinge.
 
  no its not :-)
>>> 
>>> Yes, it is :-) Centos/RHEL 5 seems to maintain 5.8.8 with its own updates 
>>> or 
>>> some such thing.
>>> 
>>> Thank you for your help
>>> 
>>
>
>

Re: sa-update / perl error again

[email builder]

> I have spamassassin-3.3.2-2.el5 installed from rpmforge on el5 - that 
> package, 

> besides being more up to date than the distro version also does not require 
> perl-IO-Socket-INET6. I suspect your version does not really require 
> perl-IO-Socket-INET6 either.

You may be right.  It was suggested that there may be a conflict due to mixing
of packages between CentOS and other (rpmforge?) repos, so maybe it'd sure
be nice if CentOS had more up to date software and there was no need to resort
to using other repos (rpmforge doesn't have such up to date packages either in
some cases I've noted).

> Do you actually need perl-IO-Socket-INET6? I assume not as you tried to 
> remove 
> it.

I did not try to remove it, only saw others suggesting to remove it on the 'net.

> What does the following show:
> 
> rpm -q --requires perl-IO-Socket-INET6

perl(:MODULE_COMPAT_5.8.8)  
perl(Carp)  
perl(Errno)  
perl(Exporter)  
perl(IO::Socket)  
perl(Socket)  
perl(Socket6)  
perl(strict)  
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rpmlib(VersionedDependencies) <= 3.0.3-1

> I would update SpamAssassin from rpmforge and then remove 
> perl-IO-Socket-INET6.

Would I lose my current configuration in the process? it's a bit elaborate.

IIRC, I'd have to temporarily disable CentOS repo to get the rpmforge one?

Your opinion is that there's no fixing it without dumping my current SA package?

> For reference, here are the perl packages I have installed on my system 
> running 
> SA/Amavisd-new/Clam (.el5 = distro, .rf = rpmforge, .rfx = rpmforge-extras)
> 
> 
> # rpm -q spamassassin amavisd-new clamav
> spamassassin-3.3.2-2.el5.rfx.x86_64
> amavisd-new-2.6.6-1.el5.rf.x86_64
> clamav-0.97.3-1.el5.rf.x86_64
> 
> 
> # rpm -qa perl* | sort
> perl-5.8.8-32.el5_7.6.x86_64
> perl-Archive-Tar-1.39.1-1.el5_5.2.noarch
> perl-Archive-Zip-1.16-1.2.1.noarch
> perl-Authen-SASL-2.15-1.el5.rf.noarch
> perl-BerkeleyDB-0.43-1.el5.rf.x86_64
> perl-Bit-Vector-6.4-2.2.2.1.x86_64
> perl-Carp-Clan-5.3-1.2.1.noarch
> perl-Compress-Raw-Bzip2-2.037-1.el5.rf.x86_64
> perl-Compress-Raw-Zlib-2.037-1.el5.rf.x86_64
> perl-Convert-ASN1-0.20-1.1.noarch
> perl-Convert-BinHex-1.119-2.2.el5.rf.noarch
> perl-Convert-TNEF-0.17-3.2.el5.rf.noarch
> perl-Convert-UUlib-1.34-1.el5.rf.x86_64
> perl-Crypt-OpenSSL-Random-0.04-1.el5.rf.x86_64
> perl-Crypt-OpenSSL-RSA-0.26-1.el5.rf.x86_64
> perl-Date-Calc-5.4-1.2.2.1.x86_64
> perl-DBI-1.52-2.el5.x86_64
> perl-Digest-HMAC-1.01-15.noarch
> perl-Digest-SHA1-2.11-1.2.1.x86_64
> perl-Digest-SHA-5.50-1.el5.rf.x86_64
> perl-Email-Date-Format-1.002-1.el5.rf.noarch
> perl-Encode-Detect-1.01-1.el5.rf.x86_64
> perl-Error-0.17016-1.el5.rf.noarch
> perl-Geography-Countries-2009041301-1.el5.rf.noarch
> perl-Git-1.7.6.4-1.el5.rf.x86_64
> perl-HTML-Parser-3.59-1.el5.x86_64
> perl-HTML-Tagset-3.10-2.1.1.noarch
> perl-IO-Compress-2.037-1.el5.rfx.noarch
> perl-IO-Multiplex-1.10-1.el5.rf.noarch
> perl-IO-Socket-SSL-1.01-1.fc6.noarch
> perl-IO-stringy-2.110-1.2.el5.rf.noarch
> perl-IO-Zlib-1.04-4.2.1.noarch
> perl-IP-Country-2.27-1.el5.rf.noarch
> perl-libwww-perl-5.805-1.1.1.noarch
> perl-Mail-DKIM-0.39-1.el5.rf.noarch
> perl-Mail-SPF-2.006-1.el5.rf.noarch
> perl-MailTools-2.08-1.el5.rf.noarch
> perl-MIME-Lite-3.027-1.el5.rf.noarch
> perl-MIME-tools-5.420-2.el5.rf.noarch
> perl-NetAddr-IP-4.044-1.el5.rf.x86_64
> perl-Net-DNS-0.59-3.el5.x86_64
> perl-Net-Ident-1.23-1.el5.rf.noarch
> perl-Net-IP-1.25-2.fc6.noarch
> perl-Net-Server-0.99-1.el5.rf.noarch
> perl-Net-SMTP-SSL-1.01-1.el5.rf.noarch
> perl-Net-SSLeay-1.30-4.fc6.x86_64
> perl-Parse-Syslog-1.10-1.el5.rf.noarch
> perl-Pod-Escapes-1.04-1.2.el5.rf.noarch
> perl-Pod-Simple-3.16-1.el5.rf.noarch
> perl-Razor-Agent-2.84-1.el5.rf.x86_64
> perl-SGMLSpm-1.03ii-16.2.1.noarch
> perl-Socket6-0.19-3.fc6.x86_64
> perl-String-CRC32-1.4-2.fc6.x86_64
> perl-Test-Pod-1.45-1.el5.rf.noarch
> perl-TimeDate-1.16-5.el5.noarch
> perl-Unix-Syslog-1.1-1.el5.rf.x86_64
> perl-URI-1.35-3.noarch
> perl-version-0.91-1.el5.rf.x86_64
>

Re: sa-update / perl error again

[email builder]

>>  What does the following show:

>> 
>>  rpm -q --requires perl-IO-Socket-INET6
>> 
> 
> Oops, I meant:
> 
> rpm -q --whatrequires perl-IO-Socket-INET6

no package requires perl-IO-Socket-INET6

Woa wait a minute!  Then why this???

yum remove perl-IO-Socket-INET6

Loaded plugins: fastestmirror
Setting up Remove Process
Resolving Dependencies
--> Running transaction check
---> Package perl-IO-Socket-INET6.noarch 0:2.51-2.fc6 set to be erased
--> Processing Dependency: perl(IO::Socket::INET6) for package: spamassassin
--> Running transaction check
---> Package spamassassin.i386 0:3.3.1-2.el5 set to be erased
--> Processing Dependency: perl(Mail::SpamAssassin) for package: amavisd-new
--> Running transaction check
---> Package amavisd-new.i386 0:2.6.6-1.el5.rf set to be erased
--> Finished Dependency Resolution

Dependencies Resolved

==
 Package  Arch   Version  
Repository Size
==
Removing:
 perl-IO-Socket-INET6 noarch 2.51-2.fc6   
installed  22 k
Removing for dependencies:
 amavisd-new  i386   2.6.6-1.el5.rf   
installed 2.7 M
 spamassassin i386   3.3.1-2.el5  
installed 3.1 M

Transaction Summary
==
Remove    3 Package(s)
Reinstall 0 Package(s)
Downgrade 0 Package(s)

Is this ok [y/N]: 

Re: SPF tests and authenticated SMTP

[nsayer]

More info...

I've added sid-filter to the mix, and now I'm getting this additional
header:


Authentication-Results: quack.kfu.com; sender-id=fail (NotPermitted)
header.from=nsa...@kfu.com; auth=pass (PLAIN); spf=fail (NotPermitted)
smtp.mfrom=nsa...@kfu.com

But Mail::SpamAssassin::Plugin::SPF does this:

elsif ($hdr =~ /^Authentication-Results:.*;\s*SPF\s*=\s*([^;]*)/i) {

which ignores the 'auth' result.
-- 
View this message in context: 
http://old.nabble.com/SPF-tests-and-authenticated-SMTP-tp33081983p33082117.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: SPF tests and authenticated SMTP

[nsayer]

More info...

I've added sid-filter to the mix, and now I'm getting this additional
header:


Authentication-Results: quack.kfu.com; sender-id=fail (NotPermitted)
header.from=nsa...@kfu.com; auth=pass (PLAIN); spf=fail (NotPermitted)
smtp.mfrom=nsa...@kfu.com

But Mail::SpamAssassin::Plugin::SPF does this:

elsif ($hdr =~ /^Authentication-Results:.*;\s*SPF\s*=\s*([^;]*)/i) {

which ignores the 'auth' result.
-- 
View this message in context: 
http://old.nabble.com/SPF-tests-and-authenticated-SMTP-tp33081983p33082119.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: sa-update / perl error again

[Kris Deugau]

email builder wrote:

  What does the following show:




  rpm -q --requires perl-IO-Socket-INET6



Oops, I meant:

rpm -q --whatrequires perl-IO-Socket-INET6


no package requires perl-IO-Socket-INET6


Try rpm -q --whatrequires 'perl(IO::Socket::INET6)' - Perl dependencies 
in RPM-land are rarely expressed in terms of the package names:



-->  Running transaction check
--->  Package perl-IO-Socket-INET6.noarch 0:2.51-2.fc6 set to be erased
-->  Processing Dependency: perl(IO::Socket::INET6) for package: spamassassin

  ^^^

For my own RPM-based systems, I keep my own .spec file around since even 
the RPMForge package pulls in too many other things that I don't use. 
It's just an older version of the RPMForge one (the one from SA v3.2.3), 
lightly updated as necessary to build the current release without build 
errors.


-kgd

Re: sa-update / perl error again

[Ned Slider]

On 04/01/12 21:33, email builder wrote:



What is the Net::DNS version, are you pure ipv6 and are you 64-bit?



perl-Net-DNS-0.63-1.el5.rf



You are in no man's land there - the distro uses perl-Net-DNS-0.59-3.el5 
and the latest rpmforge package is perl-Net-DNS-0.66-1.el5.rfx.


If you're going to use rpmforge packages, keep them up to date (you'll 
need to enable the rpmforge-extras repo).

Re: sa-update / perl error again

[Ned Slider]

On 04/01/12 21:41, email builder wrote:

I have spamassassin-3.3.2-2.el5 installed from rpmforge on el5 - that package,



besides being more up to date than the distro version also does not require
perl-IO-Socket-INET6. I suspect your version does not really require
perl-IO-Socket-INET6 either.


You may be right.  It was suggested that there may be a conflict due to mixing
of packages between CentOS and other (rpmforge?) repos, so maybe it'd sure
be nice if CentOS had more up to date software and there was no need to resort
to using other repos (rpmforge doesn't have such up to date packages either in
some cases I've noted).


Do you actually need perl-IO-Socket-INET6? I assume not as you tried to remove
it.


I did not try to remove it, only saw others suggesting to remove it on the 'net.


What does the following show:

rpm -q --requires perl-IO-Socket-INET6


perl(:MODULE_COMPAT_5.8.8)
perl(Carp)
perl(Errno)
perl(Exporter)
perl(IO::Socket)
perl(Socket)
perl(Socket6)
perl(strict)
rpmlib(CompressedFileNames)<= 3.0.4-1
rpmlib(PayloadFilesHavePrefix)<= 4.0-1
rpmlib(VersionedDependencies)<= 3.0.3-1


I would update SpamAssassin from rpmforge and then remove perl-IO-Socket-INET6.


Would I lose my current configuration in the process? it's a bit elaborate.

IIRC, I'd have to temporarily disable CentOS repo to get the rpmforge one?

Your opinion is that there's no fixing it without dumping my current SA package?



You have two choices:

1. Update SA to the rpmforge package that doesn't require 
perl-IO-Socket-INET6 and then uninstall it.


2. Force uninstall perl-IO-Socket-INET6 with your current SA package:

rpm -e --force perl-IO-Socket-INET6

and deal with yum/rpm complaining about missing deps in future.

Re: sa-update / perl error again

[Axb]

On 2012-01-04 23:22, Ned Slider wrote:

On 04/01/12 21:41, email builder wrote:

I have spamassassin-3.3.2-2.el5 installed from rpmforge on el5 - that
package,



besides being more up to date than the distro version also does not
require
perl-IO-Socket-INET6. I suspect your version does not really require
perl-IO-Socket-INET6 either.


You may be right. It was suggested that there may be a conflict due to
mixing
of packages between CentOS and other (rpmforge?) repos, so maybe
it'd sure
be nice if CentOS had more up to date software and there was no need
to resort
to using other repos (rpmforge doesn't have such up to date packages
either in
some cases I've noted).


Do you actually need perl-IO-Socket-INET6? I assume not as you tried
to remove
it.


I did not try to remove it, only saw others suggesting to remove it on
the 'net.


What does the following show:

rpm -q --requires perl-IO-Socket-INET6


perl(:MODULE_COMPAT_5.8.8)
perl(Carp)
perl(Errno)
perl(Exporter)
perl(IO::Socket)
perl(Socket)
perl(Socket6)
perl(strict)
rpmlib(CompressedFileNames)<= 3.0.4-1
rpmlib(PayloadFilesHavePrefix)<= 4.0-1
rpmlib(VersionedDependencies)<= 3.0.3-1


I would update SpamAssassin from rpmforge and then remove
perl-IO-Socket-INET6.


Would I lose my current configuration in the process? it's a bit
elaborate.

IIRC, I'd have to temporarily disable CentOS repo to get the rpmforge
one?

Your opinion is that there's no fixing it without dumping my current
SA package?



You have two choices:

1. Update SA to the rpmforge package that doesn't require
perl-IO-Socket-INET6 and then uninstall it.

2. Force uninstall perl-IO-Socket-INET6 with your current SA package:

rpm -e --force perl-IO-Socket-INET6

and deal with yum/rpm complaining about missing deps in future.


or install SA from source - VERY easy and no dependency party.

remove the SA rpm and your /etc/mail/spamassassin will remain untouched 
(make backup first)

razor2 and cloudmark?

[AJ Weber]

I am testing the Razor2 plugin and am surprised that some "obvious" spam is
getting through.  The reason I'm most surprised is that the SA install
(3.3.1) seems to be checking the message with Razor2 and passing it. 
However, I have "Cloudmark Desktop One" running on my PC, and when the
message gets to my PC, that client flags it as spam immediately.

Can someone tell me the relationship between Razor2 and Cloudmark?  It
appears to be somewhat supported by the same people.  So is the Razor data
purposely not refreshed as often in order to sell Cloudmark Authority
licenses?

I was sort of thinking it all used the same reference-db, but maybe not. 
(If they DO, then I have some follow-on questions about how to debug why the
Razor2 plugin is not flagging a message that Cloudmark One is flagging only
milliseconds later.)

Thanks for any info on the above and any troubleshooting techniques that you
can share.

-AJ

-- 
View this message in context: 
http://old.nabble.com/razor2-and-cloudmark--tp33082922p33082922.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.

Re: SPF tests and authenticated SMTP

[Noel Butler]

On Wed, 2012-01-04 at 12:51 -0800, nsayer wrote:

> I'm running a brand new installation of SA 3.3.2 with the Milter on FreeBSD
> 8.2.
> 
> Everything is going smoothly, for the most part (there seems to be one
> particular spammer who's evading SA, but whatever), but there's one little
> thing that bugs me slightly.
> 
> I use authenticated SMTP to send e-mail. The SPF records for my domain
> (kfu.com) basically say that mail must come from my mail server and nowhere
> else. However, my expectation is that my mail server should make an
> exception if (and only if) the mail is sent with SMTP AUTH.
> 
> However, such mail winds up getting SPF_FAIL in the SA report.
> 


Ummm, I know I'm still in holiday mode (at least for another 4 days
wah) but, you're not making sense, 
If they are using smtp auth, then the server is what gets the mail and
sends it, so, so long as that server is in your SPF  RR entry, then the
receiving server should only care about that.

~$ host -t spf kfu.com
kfu.com has no SPF record

It is  not the problem, but fix the above, as SPF in TXT is deprecated
and has been for years.

~$ host -t txt kfu.com
kfu.com descriptive text "v=spf1 mx -all"

As 'quack' is in the above, and so long as you are not using a smart
host, there is no reason, when sending via quack, that it should fail.



> Here's a received header example:
> 
> 
> Received: from {my laptop} ({hostname of NAT gateway it happens to be
> behind} [x.x.x.x])
>   (authenticated bits=0)
>   by quack.kfu.com (8.14.5/8.14.5) with ESMTP id q04K12lj052202
>   (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO)
>   for ; Wed, 4 Jan 2012 12:01:05 -0800 (PST)
>   (envelope-from nsa...@kfu.com)
> 
> I assert that Mail::SPF should regard Received: headers that have the


It should only ever look at the connecting server, nothing else.

Further.. get rid of sid-milter, what an abomination, I dont think even
micro$lop use sid anymore, last time I had to look into it.
This could be your problem.

Since you're using sendmail, try  smf-spf.





signature.asc
Description: This is a digitally signed message part

Re: sa-update / perl error again

[email builder]

    What does the following show:

>> 
 
    rpm -q --requires perl-IO-Socket-INET6
 
>>> 
>>>  Oops, I meant:
>>> 
>>>  rpm -q --whatrequires perl-IO-Socket-INET6
>> 
>>  no package requires perl-IO-Socket-INET6
> 
> Try rpm -q --whatrequires 'perl(IO::Socket::INET6)' - Perl dependencies 
> in RPM-land are rarely expressed in terms of the package names:

Yeah:

spamassassin-3.3.1-2.el5

>>  -->  Running transaction check
>>  --->  Package perl-IO-Socket-INET6.noarch 0:2.51-2.fc6 set to be erased
>>  -->  Processing Dependency: perl(IO::Socket::INET6) for package: 
> spamassassin
>                                ^^^
> 
> For my own RPM-based systems, I keep my own .spec file around since even 
> the RPMForge package pulls in too many other things that I don't use. 
> It's just an older version of the RPMForge one (the one from SA v3.2.3), 
> lightly updated as necessary to build the current release without build 
> errors.

Re: SPF tests and authenticated SMTP

[Nick Sayer]

Spam detection software, running on the system "quack.kfu.com", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
The administrator of that system for details.

Content preview:  On Jan 4, 2012, at 4:45 PM, Noel Butler wrote: > On Wed, 
2012-01-04
   at 12:51 -0800, nsayer wrote: >> >> I'm running a brand new installation
  of SA 3.3.2 with the Milter on FreeBSD >> 8.2. >> >> Everything is going 
smoothly,
   for the most part (there seems to be one >> particular spammer who's evading
   SA, but whatever), but there's one little >> thing that bugs me slightly.
   >> >> I use authenticated SMTP to send e-mail. The SPF records for my domain
   >> (kfu.com) basically say that mail must come from my mail server and 
nowhere
   >> else. However, my expectation is that my mail server should make an >>
   exception if (and only if) the mail is sent with SMTP AUTH. >> >> However,
   such mail winds up getting SPF_FAIL in the SA report. >> > > Ummm, I know
   I'm still in holiday mode (at least for another 4 days wah) but, you're
   not making sense, > If they are using smtp auth, then the server is what
  gets the mail and sends it, so, so long as that server is in your SPF RR 
entry,
   then the receiving server should only care about that. [...] 

Content analysis details:   (9.1 points, 5.0 required)

 pts rule name  description
 -- --
 2.4 DATE_IN_FUTURE_03_06   Date: is 3 to 6 hours after Received: date
 0.9 SPF_FAIL   SPF: sender does not match SPF record (fail)
[SPF failed: Please see 
http://www.openspf.org/Why?s=mfrom;id=nsayer%40kfu.com;ip=166.250.45.174;r=quack.kfu.com]
 1.3 RCVD_IN_RP_RNBLRBL: Relay in RNBL,
https://senderscore.org/blacklistlookup/
   [166.250.45.174 listed in bl.score.senderscore.com]
 3.6 RCVD_IN_PBLRBL: Received via a relay in Spamhaus PBL
[166.250.45.174 listed in zen.spamhaus.org]
 0.0 HTML_MESSAGE   BODY: HTML included in message
-0.1 DKIM_VALID_AU  Message has a valid DKIM or DK signature from 
author's
domain
 0.1 DKIM_SIGNEDMessage has a DKIM or DK signature, not necessarily 
valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 0.4 RDNS_DYNAMIC   Delivered to internal network by host with
dynamic-looking rDNS
 0.7 KHOP_DYNAMIC   Relay looks like a dynamic address
 0.0 HELO_MISC_IP   Looking for more Dynamic IP Relays

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam.  If you wish to view
it, it may be safer to save it to a file and open it with an editor.

--- Begin Message ---

On Jan 4, 2012, at 4:45 PM, Noel Butler wrote:

> On Wed, 2012-01-04 at 12:51 -0800, nsayer wrote:
>> 
>> I'm running a brand new installation of SA 3.3.2 with the Milter on FreeBSD
>> 8.2.
>> 
>> Everything is going smoothly, for the most part (there seems to be one
>> particular spammer who's evading SA, but whatever), but there's one little
>> thing that bugs me slightly.
>> 
>> I use authenticated SMTP to send e-mail. The SPF records for my domain
>> (kfu.com) basically say that mail must come from my mail server and nowhere
>> else. However, my expectation is that my mail server should make an
>> exception if (and only if) the mail is sent with SMTP AUTH.
>> 
>> However, such mail winds up getting SPF_FAIL in the SA report.
>> 
> 
> Ummm, I know I'm still in holiday mode (at least for another 4 days wah) 
> but, you're not making sense, 
> If they are using smtp auth, then the server is what gets the mail and sends 
> it, so, so long as that server is in your SPF  RR entry, then the receiving 
> server should only care about that.

If I am sending mail to another person on quack, then SpamAssassin tags the 
e-mail with SPF_FAIL.

As I said, it's a minor concern, but it's a concern nonetheless.

> 
> ~$ host -t spf kfu.com
> kfu.com has no SPF record
> 
> It is  not the problem, but fix the above, as SPF in TXT is deprecated and 
> has been for years.

I must have missed the memo.

> 
> ~$ host -t txt kfu.com
> kfu.com descriptive text "v=spf1 mx -all"
> 
> As 'quack' is in the above, and so long as you are not using a smart host, 
> there is no reason, when sending via quack, that it should fail.

I agree, when you're talking about forwarding mail from quack to elsewhere. But 
that's not the issue here.

> 
> 
>> Here's a received header example:
>> 
>> 
>> Received: from {my laptop} ({hostname of NAT gateway it happens to be
>> behind} [x.x.x.x])
>>  (authenticated bi

Re: sa-update / perl error again

[email builder]

>>>  What is the Net::DNS version, are you pure ipv6 and are you 64-bit?

>> 
>> 
>>  perl-Net-DNS-0.63-1.el5.rf
>> 
> 
> You are in no man's land there - the distro uses perl-Net-DNS-0.59-3.el5 
> and the latest rpmforge package is perl-Net-DNS-0.66-1.el5.rfx.
> 
> If you're going to use rpmforge packages, keep them up to date (you'll 
> need to enable the rpmforge-extras repo).

Hrm, not sure how that could happen, since I don't have rpmforge disabled.

How could yum not be seeing the newer package?

cat /etc/yum.repos.d/rpmforge.repo

### Name: RPMforge RPM Repository for RHEL 5 - dag
### URL: http://rpmforge.net/
[rpmforge]
name = RHEL $releasever - RPMforge.net - dag
baseurl = http://apt.sw.be/redhat/el5/en/$basearch/rpmforge
mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

[rpmforge-extras]
name = RHEL $releasever - RPMforge.net - extras
baseurl = http://apt.sw.be/redhat/el5/en/$basearch/extras
mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge-extras
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge-extras
enabled = 0
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

[rpmforge-testing]
name = RHEL $releasever - RPMforge.net - testing
baseurl = http://apt.sw.be/redhat/el5/en/$basearch/testing
mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge-testing
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge-testing
enabled = 0
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

Re: sa-update / perl error again

[email builder]

   What is the Net::DNS version, are you pure ipv6 and are you 

> 64-bit?
>>> 
>>>   perl-Net-DNS-0.63-1.el5.rf
>>> 
>> 
>>  You are in no man's land there - the distro uses 
> perl-Net-DNS-0.59-3.el5 
>>  and the latest rpmforge package is perl-Net-DNS-0.66-1.el5.rfx.
>> 
>>  If you're going to use rpmforge packages, keep them up to date 
> (you'll 
>>  need to enable the rpmforge-extras repo).
> 
> Hrm, not sure how that could happen, since I don't have rpmforge disabled.
> 
> How could yum not be seeing the newer package?
> 
> cat /etc/yum.repos.d/rpmforge.repo

Well, knowing there was a newer package out there, hopefully no matter
where yum looked for it, I took a chance and removed it:

rpm -e --nodeps perl-Net-DNS

Then when I asked yum about it again, it found the new one from the
CentOS repo, so I installed it... it also needed to install perl-Net-IP
which I didn't have.  So now I have

perl-Net-DNS-0.59-3.el5.i386.rpm

Running sa-update on the command line doesn't produce errors, so
I guess that the cron won't either.

H...  how did it get like that in the first place?  (and how'd you
know to check perl-Net-DNS?)

Re: SPF tests and authenticated SMTP

[Noel Butler]

Ack, you have far bigger problems then you realise given below... 
Question, you are smtp-auth'ing via port 587 aren't you? If you are,
then your sendmail is incorrectly configured and I suggest you load the
news group comp.mail.sendmail and ask there (given that would be OT for
the SA list)


On Wed, 2012-01-04 at 17:22 -0800, Nick Sayer wrote:


> Content analysis details:   (9.1 points, 5.0 required)
> 
>  pts rule name  description
>  -- --
>  2.4 DATE_IN_FUTURE_03_06   Date: is 3 to 6 hours after Received: date
>  0.9 SPF_FAIL   SPF: sender does not match SPF record (fail)
> [SPF failed: Please see 
> http://www.openspf.org/Why?s=mfrom;id=nsayer%40kfu.com;ip=166.250.45.174;r=quack.kfu.com]
>  1.3 RCVD_IN_RP_RNBLRBL: Relay in RNBL,
> https://senderscore.org/blacklistlookup/
>[166.250.45.174 listed in bl.score.senderscore.com]
>  3.6 RCVD_IN_PBLRBL: Received via a relay in Spamhaus PBL
> [166.250.45.174 listed in zen.spamhaus.org]
>  0.0 HTML_MESSAGE   BODY: HTML included in message
> -0.1 DKIM_VALID_AU  Message has a valid DKIM or DK signature from 
> author's
> domain
>  0.1 DKIM_SIGNEDMessage has a DKIM or DK signature, not 
> necessarily valid
> -0.1 DKIM_VALID Message has at least one valid DKIM or DK 
> signature
>  0.4 RDNS_DYNAMIC   Delivered to internal network by host with
> dynamic-looking rDNS
>  0.7 KHOP_DYNAMIC   Relay looks like a dynamic address
>  0.0 HELO_MISC_IP   Looking for more Dynamic IP Relays
> 




signature.asc
Description: This is a digitally signed message part

Re: sa-update / perl error again

[Kevin A. McGrail]

On 1/4/2012 8:41 PM, email builder wrote:
H...  how did it get like that in the first place?  (and how'd you 
know to check perl-Net-DNS?) 
The use of packages and extra repositories makes it very difficult to 
really pinpoint the exact error but the errors you posted pointed more 
to Net::DNS than anything else.  I'm glad it appears you've fixed the 
issue with an upgraded version.


I personally like to use package-based systems to get a base OS and then 
install the core items that define the purpose of the machine either 
from source or from custom spec files.   It doesn't scale well but it's 
good for very specific control of versioning and interoperability.


Regards,
KAM

Re: sa-update / perl error again

[Ned Slider]

On 05/01/12 01:28, email builder wrote:



  What is the Net::DNS version, are you pure ipv6 and are you 64-bit?





  perl-Net-DNS-0.63-1.el5.rf



You are in no man's land there - the distro uses perl-Net-DNS-0.59-3.el5
and the latest rpmforge package is perl-Net-DNS-0.66-1.el5.rfx.

If you're going to use rpmforge packages, keep them up to date (you'll
need to enable the rpmforge-extras repo).


Hrm, not sure how that could happen, since I don't have rpmforge disabled.



But you do have rpmforge-extras disabled...


How could yum not be seeing the newer package?



and the newer version is in rpmforge-extras, as denoted by the .rfx tab.

That is why yum was not seeing the updated version.


cat /etc/yum.repos.d/rpmforge.repo

### Name: RPMforge RPM Repository for RHEL 5 - dag
### URL: http://rpmforge.net/
[rpmforge]
name = RHEL $releasever - RPMforge.net - dag
baseurl = http://apt.sw.be/redhat/el5/en/$basearch/rpmforge
mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

[rpmforge-extras]
name = RHEL $releasever - RPMforge.net - extras
baseurl = http://apt.sw.be/redhat/el5/en/$basearch/extras
mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge-extras
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge-extras
enabled = 0
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

[rpmforge-testing]
name = RHEL $releasever - RPMforge.net - testing
baseurl = http://apt.sw.be/redhat/el5/en/$basearch/testing
mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge-testing
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge-testing
enabled = 0
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1

Re: razor2 and cloudmark?

[Martin Hepworth]

Of course razor2 checks only provide part of the score to SA , have you
checked the other rules fired on that email and the nothing else is marking
the score down?

Martin

On Thursday, 5 January 2012, AJ Weber  wrote:
>
> I am testing the Razor2 plugin and am surprised that some "obvious" spam
is
> getting through.  The reason I'm most surprised is that the SA install
> (3.3.1) seems to be checking the message with Razor2 and passing it.
> However, I have "Cloudmark Desktop One" running on my PC, and when the
> message gets to my PC, that client flags it as spam immediately.
>
> Can someone tell me the relationship between Razor2 and Cloudmark?  It
> appears to be somewhat supported by the same people.  So is the Razor data
> purposely not refreshed as often in order to sell Cloudmark Authority
> licenses?
>
> I was sort of thinking it all used the same reference-db, but maybe not.
> (If they DO, then I have some follow-on questions about how to debug why
the
> Razor2 plugin is not flagging a message that Cloudmark One is flagging
only
> milliseconds later.)
>
> Thanks for any info on the above and any troubleshooting techniques that
you
> can share.
>
> -AJ
>
> --
> View this message in context:
http://old.nabble.com/razor2-and-cloudmark--tp33082922p33082922.html
> Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
>
>

-- 
-- 
Martin Hepworth
Oxford, UK