Re: double backslash in the log messages

2024-05-21 Thread Bill Cole 

On 2024-05-21 at 11:00:57 UTC-0400 (Tue, 21 May 2024 17:00:57 +0200)
Vincent Lefevre 
is rumored to have said:


While testing a rule with SpamAssassin 4.0.0 under Debian/stable
(I wasn't aware of allow_user_rules yet, but this is not the issue
I'm reported):

2024-05-21T16:42:42.792136+02:00 joooj spamd[219339]: config: not 
parsing, 'allow_user_rules' is 0: header LOCAL_TO_LORIA ToCc =~ 
/loria\\.fr/i
2024-05-21T16:42:42.793753+02:00 joooj spamd[219339]: config: failed 
to parse line in /srv/d_joooj/home/vinc17/.spamassassin/user_prefs 
(line 192): header LOCAL_TO_LORIA ToCc =~ /loria\\.fr/i


while I just had /loria\.fr/i (with a single backslash) in my
user_prefs config file.

Is there a reason to have a double backslash in the log messages
or is this a bug?


It is intentional to assure that log messages (which may include strings 
from tainted sources) have all common meta-characters escaped.


--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com 
addresses)

Not Currently Available For Hire

double backslash in the log messages

2024-05-21 Thread Vincent Lefevre 
While testing a rule with SpamAssassin 4.0.0 under Debian/stable
(I wasn't aware of allow_user_rules yet, but this is not the issue
I'm reported):

2024-05-21T16:42:42.792136+02:00 joooj spamd[219339]: config: not parsing, 
'allow_user_rules' is 0: header LOCAL_TO_LORIA ToCc =~ /loria\\.fr/i
2024-05-21T16:42:42.793753+02:00 joooj spamd[219339]: config: failed to parse 
line in /srv/d_joooj/home/vinc17/.spamassassin/user_prefs (line 192): header 
LOCAL_TO_LORIA ToCc =~ /loria\\.fr/i

while I just had /loria\.fr/i (with a single backslash) in my
user_prefs config file.

Is there a reason to have a double backslash in the log messages
or is this a bug?

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Re: Difference between spamc -L and sa-learn

2024-05-21 Thread Matus UHLAR - fantomas 

On 2024-05-18 at 10:26:54 UTC-0400 (Sat, 18 May 2024 16:26:54 +0200)
Francis Augusto Medeiros-Logeay 
is rumored to have said:

Is there any difference between using spamc -L and sa-learn ?


On 18.05.24 11:41, Bill Cole wrote:
Yes. The compiled-C spamc binary loads no Perl, it just talks over a 
socket to spamd, which is always running and so always has the 
advantage of a warmed-up i/o cache and a permanently loaded set of 
Perl code objects pre-compiled and in RAM; sa-learn has to open and 
compile all of the needed SA Perl code on every launch.



I noticed that the later is way slower.


Yes, it is. It is quite expensive to execute perl and have it load the 
many SpamAssassin modules needed to learn a message.


note that in order for spamc -L to work, spamd must be run with "-l" option 
which allows learning/reporting.


Also, those two may use different databases - sa-learn uses by default 
$HOME/.spamassassin/ (of calling user), spamd depends on how it's run - it 
must run as root and - you need to pass it "-H" parameter without specifying 
directory, to use $HOME/.spamassassin/ of user specified by spamc


Otherwise you need to configure SA to use SQL or LDAP config so they will 
use the same.


--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfriendly.org)

[HEADS-UP] Changes to Validity SpamAssassin rules

2024-05-21 Thread Giovanni Bechis 

Hi,
if you are using rules that query Validity rbl (RCVD_IN_VALIDITY_* rules), make 
sure you have updated rules (at least dated 2024-04-23),
otherwise you may encounter in FPs instead of hitting an overlimit response.

  Giovanni


OpenPGP_signature.asc
Description: OpenPGP digital signature