Re: pyzor/razor/dcc and empty body
On Fri, 15 Dec 2017 13:52:32 -0500 Alex wrote: > Hi, > > I have a bunch of rules that rely on the results of pyzor, razor or > DCC. The problem is that they also match on an empty or nearly empty > body. You can use pyzor local_whitelist < email.txt at very least it's a good idea to run echo "" | pyzor local_whitelist razor2 only depends on URIs and message size, people must have reported one the domains as spam for it to hit. DCC is a bulk mail test rather than a spam test. I find it hits a lot of bulk and autogenerated ham. Personally I find short mail to be a small minority of the ham it hits.
Re: pyzor/razor/dcc and empty body
Alex skrev den 2017-12-15 19:52: Other ideas? whitelist ?, dcc have whitelist, pyzor have whitelist if you run own pyzord, razor have whitelist how ?, all the 3 seen before content checkers should know your internal_networks ips just like spamassin does its not relevant imho on empty emails or not
pyzor/razor/dcc and empty body
Hi, I have a bunch of rules that rely on the results of pyzor, razor or DCC. The problem is that they also match on an empty or nearly empty body. I believe we may have discussed something similar in the past, but is there a way to avoid these digest rules from hitting on empty emails or emails with just simple text like "Sent from my iPhone"? Sometimes this even results in multiple digests hitting, resulting in 2.0+ score to start... I see John is working on a rule to identify an empty subject, and I've also created a few rules that count the number of words in the body. Would it be a good idea to negate any of the digest rules for messages with just a few simple words? Other ideas?
Re: Compiled rulesets and sa-update
On Fri, 15 Dec 2017 23:17:23 +1030 Rodney Baker wrote: > Hi all. I run compiled rulesets on my home mail server (which runs on > a Raspberry Pi), which I found necessary to reduce CPU utilisation > when it was running on a Raspberry Pi model A (it worked, but it's > now on a RasPi 3 which is much better). Do I need to run sa-compile > after every sa-update run? Not if it's a problem. In my experience you still pick-up new and modified rules, they just get run under perl instead.
Re: Compiled rulesets and sa-update
On 12/15/2017 7:47 AM, Rodney Baker wrote: Hi all. I run compiled rulesets on my home mail server (which runs on a Raspberry Pi), which I found necessary to reduce CPU utilisation when it was running on a Raspberry Pi model A (it worked, but it's now on a RasPi 3 which is much better). Do I need to run sa-compile after every sa-update run? Hi Rodney, you'll want to join the mailing list for any future emails. I moderated you through and bcc'd you so you would get the response. sa-update changes the rules so if you don't compile the new rules, I am not sure if you will use the new set uncompiled or the old set compiled. So the short answer is, yes, compile the rules any time they change :-) regards, KAM
Compiled rulesets and sa-update
Hi all. I run compiled rulesets on my home mail server (which runs on a Raspberry Pi), which I found necessary to reduce CPU utilisation when it was running on a Raspberry Pi model A (it worked, but it's now on a RasPi 3 which is much better). Do I need to run sa-compile after every sa-update run? Regards, Rodney. -- == Rodney Baker VK5ZTV rodney.ba...@iinet.net.au CCNA #CSCO12880208 ==
Re: Sa-update failed
On Fri, Dec 15, 2017 at 04:26:45AM -0700, @lbutlr wrote: > FreeBSD system on 11.2-RELEASE with all packages updates as of this morning > (including a complete recompile of SA from ports). FreeBSD 11.1-RELEASE! You probably upgraded from 10.x and executed 'make delete-old-libs'!? Did you install packages for 10.x? Wrong pkg url? You have to rebuild gpg. > # sa-update --refreshmirrors -v -D > […] > Shared object "libreadline.so.8" not found, required by "gpg" > gpg: process '/usr/local/bin/gpg' finished: exit 1 > error: GPG validation failed! > The update downloaded successfully, but the GPG signature verification > failed. > > I can manually link libreadline.so to libreadline.so.8, and run > sa-update successfully, but I’m concerned that is going to come back > and bite me. Temporarily install misc/compat10x and rebuild all ports. This is not a SA issue and should be discussed on a FreeBSD mailing list. -- Herbert
Sa-update failed
FreeBSD system on 11.2-RELEASE with all packages updates as of this morning (including a complete recompile of SA from ports). # sa-update --refreshmirrors -v -D […] Shared object "libreadline.so.8" not found, required by "gpg" gpg: process '/usr/local/bin/gpg' finished: exit 1 error: GPG validation failed! The update downloaded successfully, but the GPG signature verification failed. I can manually link libreadline.so to libreadline.so.8, and run sa-update successfully, but I’m concerned that is going to come back and bite me. $ ldd /usr/local/bin/gpg /usr/local/bin/gpg: libiconv.so.2 => /usr/local/lib/libiconv.so.2 (0x2814d000) libintl.so.8 => /usr/local/lib/libintl.so.8 (0x28242000) libz.so.6 => /lib/libz.so.6 (0x2824b000) libbz2.so.4 => /usr/lib/libbz2.so.4 (0x28261000) libreadline.so.8 => not found (0) libc.so.7 => /lib/libc.so.7 (0x2827) # ln -s libreadline.so libreadline.so.8 # ldd /usr/local/bin/gpg /usr/local/bin/gpg: libiconv.so.2 => /usr/local/lib/libiconv.so.2 (0x2814d000) libintl.so.8 => /usr/local/lib/libintl.so.8 (0x28242000) libz.so.6 => /lib/libz.so.6 (0x2824b000) libbz2.so.4 => /usr/lib/libbz2.so.4 (0x28261000) libreadline.so.8 => /usr/local/lib/libreadline.so.8 (0x2827) libc.so.7 => /lib/libc.so.7 (0x282ae000) libncursesw.so.8 => /lib/libncursesw.so.8 (0x2840d000) -- Apple broke AppleScripting signatures in Mail.app, so no random signatures.
orphan spamd childs?
Hello everybody... For some time i am noticing that when spamd is restarted or reloaded because there a new rules, not all child processes are correctly restarted or reloaded and they remain workingwith the old file set (and hence old rules). It looks like an orhpan childs issue... So when new email is analyzed, the score varies depending on what spamd process takes care... I cannot give more details because it seems a pretty random behaviour that i cannot reproduce on purpose. Log files do not show neither errors nor warnings. Has anyone seen this as well (i use Debian Linux)?? maybe a known bug?? or it is maybe just my spamd daemons that hate me for any reason... Thanks. ---PedroD.
