Re: sa-update / perl error again
On 1/7/12 1:56 PM, email builder wrote: while I*DO* appreciate your suggestion, since I am fairly confident to say I doubt that my config is the problem in a DNS resolver/IPv6 function redefinition, I'm not too interested in proving that point by making those changes on a production machine. Again, thanks anyway. I am the ports maintainer for the FreeBSD version of SpamAssassin. used 'it' for YEARS in production, (commercial product,) several platforms, i386, amd64, FreeBSD versions 6.4-7.4. ONE DAY, ONE BRAND NEW CLIENT was having real problems with their mailq. email was backing up. Two days to figure it out, I deleted the INET6 module (on freebsd, its a lot easier, I suppose than on your linux thing). Now, all the email flowed perfectly. SA was trying to do ipv6 lookups, the kernel did NOT have ipv6 compiled in.. NONE OF OUR PRODUCTION SYSTEMS DO, and there is no logical explanation for it. SA does NOT need INET6, unless you have two things: #0, INET6 compiled into your kernel #1, INET6 dns server as the first server in /etc/resolv.conf #2, INET6 firewall, routing, mx records, etc. I updated FreeBSD port so that it did not even try to install INET6 pm unless the system was compiled with INET6 in the kernel. ymmv, Did I mention that we were not able to reproduce this in the lab? and up till then, no other client had a problem? -- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 *| *SECNAP Network Security Corporation * Best Mobile Solutions Product of 2011 * Best Intrusion Prevention Product * Hot Company Finalist 2011 * Best Email Security Product * Certified SNORT Integrator __ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.spammertrap.com/ __
Re: rule to test body length?
Please don't top-post. Sorry. Even though I subscribed, and sent the confirmation email, I still don't get any of the messages in my email, so I'm posting via the Old Nabble web form. That doesn't allow me to automate indenting/quoting previous messages, so I will manually put gt's in front of all the lines if you want. Body tests are run per paragraph, so you would need one of then to have 100 chars. Wow. I would've thought I would have run across this info in all the searching I've done about rules and custom rules. Good to know, thanks. Also they are just run on just the text that the reader would see, if that matters to you. If you are intending to give this a significant score, then it seems a bit reckless to me. Do you never receive terse emails? I sometimes receive terse emails, but very rarely to the accounts I'm trying to protect with SA. Since no spam filter is 100%, this just seems to be a rule that I could use, with an appropriate score. If you are new to SA I would suggest you start with making sure that Bayes is properly trained, and you have have the infrastructure to keep it trained without much effort. Razor DCC etc are fairly minor components compared to BAYES. I can train Bayes, but keeping it trained might be a bit of effort for the install size I'm dealing with (small). Since this is a combination of work- and non-work mailboxes, the breadth of email types that the users would consider ham is probably not going to make Bayes training very accurate, but I would love to be wrong. Thanks for the reply. -- View this message in context: http://old.nabble.com/rule-to-test-%22body%22-length--tp33092865p33104550.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: rule to test body length?
John Hardin wrote: The thread subject is Short body rules on 11/25/2011 Thanks for the pointer. Using the Old Nabble1 website, there are ZERO threads/emails archived for 11/25/11. :( When I get some time, I'll see where the other archives are for this list and search there. Thanks again. -- View this message in context: http://old.nabble.com/rule-to-test-%22body%22-length--tp33092865p33104565.html Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: rule to test body length?
On Sun, 8 Jan 2012, AJ Weber wrote: John Hardin wrote: The thread subject is Short body rules on 11/25/2011 Thanks for the pointer. Using the Old Nabble1 website, there are ZERO threads/emails archived for 11/25/11. :( When I get some time, I'll see where the other archives are for this list and search there. Thanks again. The thread: http://www.gossamer-threads.com/lists/spamassassin/users/169091 To summarize: rawbody __RB_LE_200 /^.{2,200}$/s tflags __RB_LE_200 multiple maxhits=2 rawbody __RB_GT_200 /^.{201}/s meta __BODY_LE_200 (__RB_LE_200 == 1) !__RB_GT_200 Adjust the 200s to your desired limit. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- You know things are bad when Pravda says we [the USA] have gone too far to the left. -- Joe Huffman --- 9 days until Benjamin Franklin's 306th Birthday
Re: sa-update / perl error again
while I*DO* appreciate your suggestion, since I am fairly confident to say I doubt that my config is the problem in a DNS resolver/IPv6 function redefinition, I'm not too interested in proving that point by making those changes on a production machine. Again, thanks anyway. I am the ports maintainer for the FreeBSD version of SpamAssassin. used 'it' for YEARS in production, (commercial product,) several platforms, i386, amd64, FreeBSD versions 6.4-7.4. ONE DAY, ONE BRAND NEW CLIENT was having real problems with their mailq. email was backing up. Two days to figure it out, I deleted the INET6 module (on freebsd, its a lot easier, I suppose than on your linux thing). Now, all the email flowed perfectly. SA was trying to do ipv6 lookups, the kernel did NOT have ipv6 compiled in.. NONE OF OUR PRODUCTION SYSTEMS DO, and there is no logical explanation for it. SA does NOT need INET6, unless you have two things: #0, INET6 compiled into your kernel #1, INET6 dns server as the first server in /etc/resolv.conf #2, INET6 firewall, routing, mx records, etc. Strong argument for removing it I guess, I think with: rpm -e --nodeps perl-IO-Socket-INET6 But as others noted, yum supposedly will complain from then on about the missing package. Thanks for the input!
Re: sa-update / perl error again
I am the ports maintainer for the FreeBSD version of SpamAssassin. used 'it' for YEARS in production, (commercial product,) several platforms, i386, amd64, FreeBSD versions 6.4-7.4. ONE DAY, ONE BRAND NEW CLIENT was having real problems with their mailq. email was backing up. Two days to figure it out, I deleted the INET6 module (on freebsd, its a lot easier, I suppose than on your linux thing). Now, all the email flowed perfectly. SA was trying to do ipv6 lookups, the kernel did NOT have ipv6 compiled in.. NONE OF OUR PRODUCTION SYSTEMS DO, and there is no logical explanation for it. SA does NOT need INET6, unless you have two things: #0, INET6 compiled into your kernel #1, INET6 dns server as the first server in /etc/resolv.conf #2, INET6 firewall, routing, mx records, etc. Strong argument for removing it I guess, I think with: rpm -e --nodeps perl-IO-Socket-INET6 By the way, is there a way to grep for the errant code? My feeble attempt didn't turn up much: cd /usr/lib/perl5 grep -rin 'af_inet6' * Only gave 40 lines, which I could post if it would help. This only gave one result: grep -rin 'sub af_inet6' * 5.8.8/i386-linux-thread-multi/bits/socket.ph:66: eval 'sub AF_INET6 () { PF_INET6;}' unless defined(AF_INET6); Is it pointless to try to diagnose in this manner?