Re: 83MB auto-whitelist?
Karsten Bräckelmann rudersport.de> writes: > On Thu, 2009-05-28 at 10:50 -0400, Kris Deugau wrote: > > > > > > For more info and the script's link see > > > http://markmail.org/message/qqsm35q5bqpbb3in > > > > (For the lazy, the original hack is at > > http://www.deepnet.cx/~kdeugau/spamtools/trim_whitelist .) > > For the even lazier, injected a space to protect the links integrity. ;) Hi, Thanks to all for the links to the utility script. I'll give it a shot later tonight when the mail server is calmer.
83MB auto-whitelist?
Just noticed that my AWL is up to 83MB. Not sure if it should be that large so I ran check_whitelist and it removed the single entries but did not compact the file. I then checked the SA site and it said to use sa-awlUtil but I can't find this utility on my system. Was it included in the standard 3.25 tarball? Thanks.
Re: Moving ham/spam from Exchange folders to sa-learn?
James Wilkinson aprilcottage.co.uk> writes: > Henry Kwan wrote: > > > Thanks for the script but I don't think I can use it as Exchange2K7 > > has dropped IMAP support for public folders. Or least this blog post > > from MSFT seems to indicate: > > > > http://msexchangeteam.com/archive/2006/02/20/419994.aspx > > I don't have any Exchange 2007 experience, but at least on 2003 "public > folder" and "normal mailbox into which everyone can copy e-mail and to > which no-one can send e-mail" are two separate concepts. And you can use > IMAP to read the contents of the latter. I still can't figure out if public folders under Exchange2K7 can be IMAP-enabled but in the meanwhile, I have been fiddling with the script that Martin posted. I ended up creating a mailbox where I could move all the spam/ham into from the public folders. Then I would run the script from the SA machine to grab the spam/ham. The script dies on me after it grabs the spam (but not the ham): system /usr/local/bin/sa-learn --spam --showdots --dir /root/spam/ > /dev/null 2>&1 failed: 32512 at ./grabmail.pl line 180. I then manually run sa-learn and it seem to succeed: [boxen]# sa-learn --spam --progress --dir /root/spam/ 100% [===] 12.58 msgs/sec 00m07s DONE Learned tokens from 96 message(s) (97 message(s) examined) Not quite automated but I could live with this since I probably will only run it once a week. Thanks.
Re: Moving ham/spam from Exchange folders to sa-learn?
Martin.Hepworth solidstatelogic.com> writes: > > Henry > > Make sure the spam/ham folders are imap folders. Make sure they drag the messages into that folder and not > email them as it'll muck up the headers otherwise. > > Then grab a perl script (heck here's one below) to get messages from those folders and place into the bayes. > > Make sure you're running this script as the user mailscanner run's as (mailnull, postfix etc) is not > running as root. Hi Martin, Thanks for the script but I don't think I can use it as Exchange2K7 has dropped IMAP support for public folders. Or least this blog post from MSFT seems to indicate: http://msexchangeteam.com/archive/2006/02/20/419994.aspx "# E12's client access server has some limitations in public folder support: no IMAP, NNTP, nor OWA access to E12 public folders (OWA access to E2K and E2K3 public folders will be possible for E12 mailbox users)." Perhaps I can track down some type of MSG->mbox/mbx/maildir conversion utility.
Moving ham/spam from Exchange folders to sa-learn?
Hi, Currently running SA 3.25 via MailScanner frontend (CentOS5 box in the DMZ) to Exchange2K7. Have setup two public folders for users to dump spam/ham in. What's the usual way of moving these messages back to SA for learning? The volume isn't that high so if there was a way to convert .MSG to a format that sa-learn understands, I could then just sftp it back onto the CentOS box. Any links or tips would be appreciated. Thanks.
Re: Configuring SA as frontend to Exchange
Vidar Tyldum Hansen tyldum.com> writes: > I'm just doing a rough summary of my process on 2007: > - Use LDAP to check the recipients against Exchange/AD > (remember the proxyAddress attribute) > - On the SA-machine I use Postfix and header_checks after the message > is scanned by amavisd-new to map the amavisd-new-headers to the > SCL-headers Exchange recognizes. (Hint: 'prepend') > - Define the SA-machine as an internal server (so it trusts the > SCL-headers) > - Enable Junk-folder for the users via OWA > (http://gsexdev.blogspot.com/2007/07/turning-on-filter-junk-email-in.html) > - Define a receive-connector for the SA-machine > (allow anonymous access, retrict to SA-machine only) > - Install the antispam agents on the Exchange server > (http://support.microsoft.com/kb/555924) > - Define spam thresholds for Exchange > (http://technet.microsoft.com/en-us/library/bb123559.aspx) > Wow. Thanks to all the responses. It sounds like it shouldn't be any problems switching over but I guess as with all things, the devil is in the details. So once the hardware arrives, I'll start tackling the setup and I'm sure I'll have a bunch of new questions at that time. Thanks again.
Configuring SA as frontend to Exchange
Hi, Have been running SA on CentOS for a few years now and everything has been working great. But the powers that be want to move to Exchange so I am trying to plan a SA frontend that feeds the Exchange server. As I was thinking over how SA works now and how it might work in the my future setup, I was wondering how you would feed unmarked spam to the SA frontend? Since email is passed through to Exchange, it isn't stored on the SA server anymore like it is now. Or would I be limited to just having SA autolearn? Also, if anyone has some good links to setting up a SA frontend to Exchange, that would be much appreciated. Thanks!
Re: How to skip checking emails over a certain size?
Theo Van Dinter apache.org> writes: > > > > spamd[2492]: razor2: razor2 check failed: razor2: razor2 had unknown error > > during check at > > /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line 211, > > line 1. at > > /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line 326. > > Run spamd w/ -D (or "-D razor2" for more output) and find out if there's > any actual error messages for one of the problematic messages. > Hi, Apparently, it was unrelated to the size of the email. It was some type of registration error with razor2. If I did a "razor-admin -register", it would abort with an "Error 202". Couldn't figure out why this was happening but installing the latest version (2.84) over my older razor2 install (2.67) seems to make "razor-admin -register" work again. Am still getting these "razor2 had unknown error" entries but instead of a dozen or so each hour, it's more like 1 every few hours now. But the emails are properly getting tagged with RAZOR2_CHECK so I guess it's working OK. Thanks.
Re: How to skip checking emails over a certain size?
Rick Macdougall ummm-beer.com> writes: > > man spamc > > -s max_size, --max-size=max_size Ah, I didn't realize there was a built in limiter. I tried searching the wiki but I guess my search terms weren't right. So it's just a matter of throwing this: -s 256000 into /etc/mail/spamassassin/spamc.conf? Thanks.
How to skip checking emails over a certain size?
Hi, Is there a way to have SA skip messages over a certain size? I tried using this procmailrc recipe: :0fw * < 256000 | /usr/bin/spamc But it resulted in this error: spamd[2492]: razor2: razor2 check failed: razor2: razor2 had unknown error during check at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line 211, line 1. at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line 326. Thanks.
Switching from local delivery to relay for Exchange?
Hi, I'm currently running SA 3.23 on a CentOS 4.5 with sendmail-8.13 box and it's happily filtered spam for a few years now. But we are now looking into acquiring an Exchange server so I was wondering if I can switch from local delivery of mail to relaying it downstream to the Exchange server. I've done some googling and it seems that most of the relay setups are for Postfix so I was hoping that someone knew of a sendmail based document somewhere since I'd rather not switch frontend MTAs. Thanks. -- View this message in context: http://www.nabble.com/Switching-from-local-delivery-to-relay-for-Exchange--tf4572294.html#a13051292 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Problem with SA 3.2.2 upgrade (dcc related?)
Justin Mason wrote: > > > hi -- what spamd command line are you using? > Are you running with "-u root" or similar? > > Hi Justin, The options for spamd are: # Set default spamd configuration. SPAMDOPTIONS="-d -c -m8 -H" Thanks. -- View this message in context: http://www.nabble.com/Problem-with-SA-3.2.2-upgrade-%28dcc-related-%29-tf4148328.html#a11816262 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Problem with SA 3.2.2 upgrade (dcc related?)
Hi, Am trying to upgrade to the new 3.2.2 and everything looked OK during make/test/install but during operation, I'm getting these errors: Jul 25 13:46:53 boxen spamd[25710]: dcc: check failed: util: setuid 0 to 501 failed! at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Util.pm line 1343. [some normal spamassassin status messages] Jul 25 13:46:53 boxen spamd[25710]: spamd: accidental fork: 25710 != 21988 at /usr/bin/spamd line 1628. Jul 25 13:46:53 boxen spamd[21988]: dcc: check failed: failed to read header [some normal spamassassin status messages] Jul 25 13:47:00 boxen spamc[25709]: failed sanity check, 1654 bytes claimed, 3385 bytes seen The resulting messages do not have any X-Spam headers. I reverted back to 3.2.1 and all of these error messages went away. This is on a CentOS 4.5 machine running sendmail-8.13.1-3.2.el4, perl v5.8.5, and dcc-1.3.58. Thanks. -- View this message in context: http://www.nabble.com/Problem-with-SA-3.2.2-upgrade-%28dcc-related-%29-tf4148328.html#a11801042 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: POPAuth plugin & 3.20?
Daryl C. W. O'Shea wrote: > > Daryl C. W. O'Shea wrote: > > The POPAuth plugin for 3.1 works with 3.2 as long as you configure at > least one trusted_network manually. > > http://wiki.apache.org/spamassassin/POPAuthPlugin > Hi Daryl, Good to know. I only had internal_networks set and not trusted_networks. I'll add it to local.cf and try it out later when I'm outside of our network. Thanks for looking into this. -- View this message in context: http://www.nabble.com/POPAuth-plugin---3.20--tf3854238.html#a10993594 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
POPAuth plugin & 3.20?
Hi, I've been running the POPAuth plugin on 3.18 with good results but noticed that 3.20 seems to break it. I tried searching the wiki and didn't see an update to the plugin. Is one needed or did I fubar something during 3.18 to 3.20 upgrade? Am currently running CentOS 4.4 with Perl 5.85. Will update to CentOS 4.5 and Perl 5.8.8 soon. Thanks.
Re: "Malformed UTF-8 character" errors>
Doc Schneider wrote: > > > Not sure how you're using SA but I commented out every reference to > CIALIS2 and just committed 1.00.11 so should be available within the hour. > > Also running CentOS 4.4 you know you can upgrade to perl 5.8.8 by doing > a 'yum --enablerepo=centosplus update perl' as this issue isn't a > problem with 5.8.8 > > Hi Doc, I'll look into updating to Perl 5.8.8 then. Also, it looks like the ruleset still has a couple of gremlins. Still getting these on 01.00.11 (2007-05-29). "spamd[17302]: Malformed UTF-8 character (unexpected non-continuation byte 0x00, immediately after start byte 0xd1) in pattern match (m//) at /etc/mail/spamassassin/70_sare_obfu.cf, rule __SARE_OBFU_PRICE1, line 1." Thanks. -- View this message in context: http://www.nabble.com/%22Malformed-UTF-8-character%22-errors%3E-tf3818890.html#a10865692 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: "Malformed UTF-8 character" errors>
Doc Schneider wrote: > > I just now committed more fixes for 70_sare_obfu.cf, obfu0 and obfu1. > These should be available within the hour. > > Please folks if you have a problem with a rule set from SARE please let > us know what rule it is and what rule set it is in. > Hi Doc, I just updated my 70_sare_obfu.cf to 01.00.10 (2007-05-28) and tried 3.20 with it again but almost immediately, I got these errors: Malformed UTF-8 character (unexpected non-continuation byte 0x00, immediately after start byte 0xc4) in pattern match (m//) at /etc/mail/spamassassin/70_sare_obfu.cf, rule __SARE_OBFU_CIALIS2, line 1. This goes on for about 50MB until I removed 70_sare_obfu.cf and restarted. I'm running CentOS 4.4 with perl 5.85. Thanks. -- View this message in context: http://www.nabble.com/%22Malformed-UTF-8-character%22-errors%3E-tf3818890.html#a10860885 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: "Malformed UTF-8 character" errors>
Loren Wilton earthlink.net> writes: > Perhaps a third answer would be to get the latest versions of the rules > files? > Doc fixed those errors about 5-6 days ago. Hmmm... Thanks for the heads up. I guess sare_adult.cf got updated after my last RulesDuJour run. But it seems that sare_obfu.cf has yet to be updated (sare_obfu1.cf seems to have been updated though). Do you know if Doc plans to update sare_obfu.cf soon? Thanks.
"Malformed UTF-8 character" errors>
Just updated to 3.20 this week and because everything seem to be working fine, I didn't notice my log files getting bloated (up to 8GB!) by errors like this: Malformed UTF-8 character (unexpected non-continuation byte 0x00, immediately after start byte 0xd 2) in pattern match (m//) at /etc/mail/spamassassin/70_sare_adult.cf, rule SARE_OBFUFCK1, line 1. After googling, it seems the common answers are to either upgrade to Perl 5.88 (I'm running 5.85) or stop using the SARE rules. Is there a third choice? Perhaps an uncoming patch for 3.20? Thanks.
Re: Upgrading to 3.20 from 3.18
AbbaComm.Net abbacomm.net> writes: > I noticed a large difference in scoring "behavior" between the versions > 3.1.8 and 3.2.0 myself. > > Yet, after training bayes and then after a few more days of bayes auto > learn, things seem to have "mostly" cleared up. Ok, I'll check again after a few days and see what it looks like. After checking -D output, the SPF problem appears to be due to a Envelope-From problem. I had manually edited my sendmail.cf via "H?l?X-Envelope-From: $f" so that 3.18 would recognize the header but I guess 3.20 doesn't like that format. I saw in the wiki that the proper way to do it is to insert "define(`_REC_BY_', `$.by $j (envelope-from $f) ($v/$Z)$?r with $r$. id $i$?{tls_version}')" into my sendmail.mc and rebuild my sendmail.cf. Now SPF seems to be working again. Thanks.
Upgrading to 3.20 from 3.18
Hi, Am running 3.18 on a vanilla CentOS 4 box and tried to upgrade to 3.20. The make/make test/make install cycle went fine but I noticed that the scoring is slightly different between the two version. I sent myself an email and here's how they scored: 3.18: X-Spam-Status: No, score=-104.4 required=7.0 tests=AWL,BAYES_00,FH_RELAY_NODNS, SPF_PASS,USER_IN_SPF_WHITELIST,USER_IN_WHITELIST autolearn=no version=3.1.8 3.20: X-Spam-Status: No, score=-3.1 required=7.0 tests=AWL,BAYES_40,FH_RELAY_NODNS, RDNS_NONE,USER_IN_WHITELIST autolearn=no version=3.2.0 The email was exactly the same. The only difference was one was sent 10 minutes later. Did the Bayes scoring change that much between 3.18 and 3.20? Also, it looks like 3.20 SPF checking is broken. How can I debug where it broke? Thanks.
Re: Negative AWL on a spam & received from localhost?
Matt Kettler verizon.net> writes: > In this case, the past average for the sender was approximately 7.7 > (spam), this message came in at 11.5 (also spam), so the AWL split the > difference and took off 1.9 points to make it 9.6 (still spam). That's > 100% normal. > > See also: > > http://wiki.apache.org/spamassassin/AwlWrongWay > > http://wiki.apache.org/spamassassin/AutoWhitelist Hi Matt, Thanks much for the explanation. It's yet another case of "I should have searched harder in the wiki". I'll search more next time before posting a question. :embarrassed: Thanks again.
Re: Razor2 errors popping up after change to SA?
John D. Hardin impsec.org> writes: > erm. Are you sure you're running spam*D* from procmail? That's not > correct. Either you run spamd as root as a system service and run > spam*C* (the client) from procmail, or you run spamassassin from > procmail and don't run spamd at all... Hi, Sorry, I was mixing up terminology. I am calling out spamc in /etc/procmailrc via "| /usr/bin/spamc" but since spamd is what shows up in the logs, I sometimes confuse the two especially when talking about a problem that I see popping up in the log entries. Thanks.
Razor2 errors popping up after change to SA?
Hi, I was checking on some rule changes that I made to my SA box and noticed that I had misconfigured my /etc/procmailrc by not including "DROPPRIVS=yes" so spamd was running as root. I included "DROPPRIVS=yes" and restarted spamd but then I noticed some razor2 errors popping up: Dec 11 11:52:40 mail spamd[18021]: razor2: razor2 check failed: razor2: razor2 had unknown error during check at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line 203, line 1. at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line 318. Dec 11 11:52:57 mail spamd[18022]: razor2: razor2 check failed: razor2: razor2 had unknown error during check at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line 203, line 1. at /usr/lib/perl5/site_perl/5.8.5/Mail/SpamAssassin/Plugin/Razor2.pm line 318. This doesn't happen on every email so I'm not sure what this issue is. Most emails are scanned without any issues but every so often, this error pops up. Is there a way to get more details on what the actual error is? Thanks.
Re: Changing WHITELIST_FROM scoring?
Theo Van Dinter apache.org> writes: > > On Mon, Nov 13, 2006 at 09:28:38PM +0000, Henry Kwan wrote: > > Is there a way to change the scoring for WHITELIST_FROM? > > If there were such a rule, yes. whitelist_from and whitelist_from_rcvd share > USER_IN_WHITELIST. > Ah, I forgot to look at http://spamassassin.apache.org/tests_3_1_x.html for hints as to which rule did the scoring. Thanks for the tip!
Changing WHITELIST_FROM scoring?
Hi, Is there a way to change the scoring for WHITELIST_FROM? I tried to stick this in local.cf: score WHITELIST_FROM -10.0 But got this error when I linted: [12804] warn: config: warning: score set for non-existent rule WHITELIST_FROM Thanks.
Re: Conditional Whitelisting?
Henry Kwan designmedia.com> writes: > I can't seem to get this rule to hit. > > I have this in my local.cf > > whitelist_from_spf * designmedia.com > > But I never see the rule in X-Spam-Status. SPF checking seems > to be working since SPF_HELO_PASS & SPF_PASS are there. > It turns out that I had to wildcard the domain like this in order for that rule to trigger: whitelist_from_spf [EMAIL PROTECTED] Now it works as intended.
Re: Conditional Whitelisting?
Kelson speed.net> writes: > > Henry Kwan wrote: > > Is there a way to conditionally whitelist with SPF? That is, I want all > > addresses from a certain domain to be whitelisted only if it passes SPF. > > whitelist_from_spf does exactly what you need. > > I believe there's one for DomainKeys as well. > man Mail::SpamAssassin::Conf for more info. > Hi, I can't seem to get this rule to hit. I have this in my local.cf whitelist_from_spf [EMAIL PROTECTED] But I never see the rule in X-Spam-Status. SPF checking seems to be working since SPF_HELO_PASS & SPF_PASS are there. Any ideas as to why WHITELIST_FROM_SPF is not triggering? Thanks.
Re: Conditional Whitelisting?
Kelson speed.net> writes: > > Henry Kwan wrote: > > Is there a way to conditionally whitelist with SPF? That is, I want all > > addresses from a certain domain to be whitelisted only if it passes SPF. > > whitelist_from_spf does exactly what you need. > > I believe there's one for DomainKeys as well. > man Mail::SpamAssassin::Conf for more info. > Whoops. I guess I didn't read the documentation closely enough. Thanks for the tip!
Conditional Whitelisting?
Hi, Is there a way to conditionally whitelist with SPF? That is, I want all addresses from a certain domain to be whitelisted only if it passes SPF. Or is there a way to do much the same with another mechanism besides SPF? Thanks.
Re: Enabling/testing SPF?
Ramprasad netcore.co.in> writes: > > spamassassin -D < file 2>&1 | grep -i spf > > check the output > > which MTA do you use ? Your MTA must insert an X-Envelope-From: header > ( or similar ) > > Thanks > Ram > Hi, After some more banging my head against the wall, I discovered that SPF checking was disabled because I wasn't loading the plugin in my init.pre. Apparently my init.pre is so old that it never included a section on SPF. So everytime I upgraded, the new version SA would never replace my old init.pre so the SPF plugin was never getting loaded. After I insert the load plugin section into init.pre and restarted spamd, SPF checking is now working. Doh! Thanks for your help.
Re: Enabling/testing SPF?
Ramprasad netcore.co.in> writes: > > spamassassin -D < file 2>&1 | grep -i spf > > check the output > > which MTA do you use ? Your MTA must insert an X-Envelope-From: header > ( or similar ) > > Thanks > Ram > > Hi. I'm using sendmail so I see that I have to modify sendmail.cf by adding "H?l?X-Envelope-From: $f". By the way, how can I add that bit via sendmail.mc instead of modifying sendmail.cf directly? Anyway, this is what I get with the sample non-sample: [EMAIL PROTECTED] Mail-SpamAssassin-3.1.7]# spamassassin -D < sample-nonspam.txt 2>&1 | grep -i spf [25342] dbg: config: read file /usr/share/spamassassin/25_spf.cf [25342] dbg: config: read file /usr/share/spamassassin/60_whitelist_spf.cf Even with a piece of mail that I had saved from a domain that has a confirmed SPF record (and a X-Envelope-From: header), I get the same output as above. Thanks. --Henry P.S. Sorry if this is a dupe. Wasn't sure if this got sent as Pine complained about my mailbox when I tried to send it earlier.
Enabling/testing SPF?
Am finally getting around to making SPF records for our domains so naturally I was fiddling with SA to see SPF-checking was enabled. Running 3.17 with Mail-SPF-Query-1.999.1 installed. During "make test", it seemed to pass all 36 tests in "t/spf...ok". But when I do a debug test via "spamassassin -D < sample-nonspam.txt", it doesn't seem to return "debug: registering glue method for check_for_spf_helo_pass (Mail::SpamAssassin::Plugin::SPF=HASH(0x8d21990))". I then sent a test email from another machine, forging an email with a domain known to have a good SPF record and I didn't see any references to SPF in the tests section. So what might be the issue here? TIA for any insights.
Re: Network test failing on "make test"?
Henry Kwan designmedia.com> writes: > Failed Test Stat Wstat Total Fail Failed List of Failed > --- > t/dcc.t41 25.00% 2 > t/dnsbl.t 234 17.39% 2 9-11 > 11 tests skipped. > Failed 2/95 test scripts, 97.89% okay. 5/2158 subtests failed, 99.77% okay. > make: *** [test_dynamic] Error 255 Update: Well, I updated my Net-DNS from 0.51 to 0.57 and the dnsbl tests now pass but the DCC tests still has that error. But DCC still works after I installed 3.1.3 so I guess I won't worry too much about it.
Network test failing on "make test"?
Hi, Running SA 3.1.1 on CentOS 4.3. It's been running fine with Razor and DCC. I noticed that SA 3.1.3 is out and went to download & compile. But when I do a "make test", I get the follow errors with network tests enabled: t/dcc...Not found: dcc report = spam reported to DCC # Failed test 2 in t/SATest.pm at line 592 t/dcc...NOK 2 Note: this may not be an SpamAssassin bug, as DCC tests can fail due to problems with the DCC servers. t/dcc...FAILED test 2 Failed 1/4 tests, 75.00% okay t/debug.ok t/desc_wrap.ok t/dnsbl.Not found: P_7 = t/dnsbl.ok 1/23# Failed test 2 in t/SATest.pm at line 592 t/dnsbl.ok 3/23 Not found: P_17 = DNSBL_SB_FLOAT # Failed test 9 in t/SATest.pm at line 592 fail #2 Not found: P_18 = DNSBL_SB_STR t/dnsbl.ok 4/23# Failed test 10 in t/SATest.pm at line 592 fail #3 Not found: P_16 = DNSBL_SB_TIME # Failed test 11 in t/SATest.pm at line 592 fail #4 t/dnsbl.FAILED tests 2, 9-11 Failed 4/23 tests, 82.61% okay Then in the summary: Failed Test Stat Wstat Total Fail Failed List of Failed --- t/dcc.t41 25.00% 2 t/dnsbl.t 234 17.39% 2 9-11 11 tests skipped. Failed 2/95 test scripts, 97.89% okay. 5/2158 subtests failed, 99.77% okay. make: *** [test_dynamic] Error 255 If I compile without the network tests, then there are of course no errors. As I mentioned, DCC has been working fine on 3.1.1. When I compiled 3.1.1 a few months back, all the dnsbl tests passed on the same setup. So any hints as to what broke or what I should do before installing 3.1.3 would be appreciated. Thanks!
Re: SPF tests fail on 3.02?
Theo Van Dinter kluge.net> writes: > > On Mon, Dec 20, 2004 at 10:46:16PM +0000, Henry Kwan wrote: > > t/spf...Not found: helo_pass = SPF_HELO_PASS > > I checked and v3.01's spf test passed and I don't think I changed anything > > so > > what is 3.02 looking for that's new? > > Known issue: > > http://bugzilla.spamassassin.org/show_bug.cgi?id=4044 > Ah. Thanks. I didn't even think of checking bugzilla first as a quick google didn't show anything relevant. I'll do that next time before posting to the list. So if the test didn't actually fail, should I go ahead with the install or wait for v3.03? Thanks. --Henry Kwan
SPF tests fail on 3.02?
Hi. Am trying to upgrade to 3.02 from 3.01 (RH FC1 with sendmail/spamd/procmail) but on 'make test', I get these following errors. t/spf...Not found: helo_pass = SPF_HELO_PASS # Failed test 1 in t/SATest.pm at line 530 Not found: pass = SPF_PASS # Failed test 2 in t/SATest.pm at line 530 fail #2 t/spf...FAILED tests 1-2 Failed 2/2 tests, 0.00% okay I checked and v3.01's spf test passed and I don't think I changed anything so what is 3.02 looking for that's new? Thanks. --Henry Kwan
Re: SpamAssassin failed to parse line, skipping?
Theo Van Dinter kluge.net> writes: > > On Tue, Nov 23, 2004 at 11:42:09AM -0800, Henry Kwan wrote: > > [root beans Mail-SpamAssassin-3.0.1]# spamassassin --lint > > config: SpamAssassin failed to parse line, skipping: num_check_received 5 > > lint: 1 issues detected. please rerun with debug enabled for more > > information. > > > > Is this something to be concerned with? Is there anything I should do > > about > > it? > > It means that there is no "num_check_received" configuration option. It was > removed as of 3.0.0. > Ah. Thanks for the tip. It was in my dnsbl.cf config file. I disabled it and now SA lints fine.
SpamAssassin failed to parse line, skipping?
Hi. Just upgraded from 2.64 to 3.01 and everything seems to working fine except that --lint gives me one error: [EMAIL PROTECTED] Mail-SpamAssassin-3.0.1]# spamassassin --lint config: SpamAssassin failed to parse line, skipping: num_check_received 5 lint: 1 issues detected. please rerun with debug enabled for more information. When I run with -D, I think this is the relevant part: debug: config: read file /root/.spamassassin/user_prefs debug: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC debug: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0xa39cb18) debug: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC debug: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0xa3dab7c) debug: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC debug: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0xa3b85f8) debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0xa39cb18) implements 'parse_config' debug: plugin: Mail::SpamAssassin::Plugin::Hashcash=HASH(0xa3dab7c) implements 'parse_config' debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0xa39cb18) inhibited further callbacks [that last message repeats for about 30-40 lines] debug: config: SpamAssassin failed to parse line, skipping: num_check_received 5 debug: bayes: 15598 tie-ing to DB file R/O /opt/bayes/bayes_toks debug: bayes: 15598 tie-ing to DB file R/O /opt/bayes/bayes_seen Is this something to be concerned with? Is there anything I should do about it? Thanks to everyone for all of your previous help.
Re: Still running as root?
Dan Mahoney, System Admin prime.gushi.org> writes: > > On Tue, 14 Sep 2004, John Fleming wrote: > > It's in the manual. Add the following line to your system wide procmail > file: > > DROPPRIVS=YES > > -Dan > That was it. Problem solved. Thanks for the tip. I looked on the wiki and in the readme file for spamd but didn't see it there. --Henry Kwan P.S. On my other machine, I run some other procmail recipes and DROPPRIVs already was buried in one of those scripts which was why it worked on that machine.
Still running as root?
Hi. I've been running SA for awhile now and recently tried to install it on another machine. Everything installs fine (make tests=100%) and seem to run but in /var/log/maillog, I get these entries: info: setuid to root succeeded spamd[15901]: Still running as root: user not specified with -u, not found, or set to root. Fall back to nobody. I looked at my other machine's maillog and these entries don't pop up as spamd can setuid to the proper user. When I look at the spamd process, both seem identical: Machine 1 (original): 12746 1 0 12:30 ?00:00:01 /usr/bin/spamd -d -c -a -m5 -H Machine 2 (new install): 15886 1 0 14:21 ?00:00:03 /usr/bin/spamd -d -c -a -m5 -H They both invoke spamd from /etc/procmailrc: :0fw | /usr/bin/spamc Anybody run into this issue before? Thanks. --Henry Kwan
MIME_HEADER_CTYPE_ONLY?
Hi. A friend of mine runs a website which allows users to email each other using a form but the email that gets spit out triggers a few of SA's rules. The main culprit seems to be MIME_HEADER_CTYPE_ONLY along with a few others so the total score is around 6-ish, which is just enough to kick it over on some installs. The site is coded in Cold Fusion so there is only a limited amount of tweaking that he can do but he would still like to fix some of these issues. Is there any reference material about why MIME_HEADER_CTYPE_ONLY gets triggered? Thanks! (I know, this is a grey area since reference material on any of SA's tests would simply help the spammers spam more but his site is legit, I swear!)