Re: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, no more alternatives

2014-11-01 Thread Jason W. 
On Fri, Oct 31, 2014 at 8:54 PM, Chris cpoll...@embarqmail.com wrote:

 I am still fighting this issue. This has been going on since Wednesday
 morning since there was an update to the kernel. I have no idea what to
 check or even where to begin. If someone could help I'd really
 appreciate it.


My guess would be your /etc/resolv.conf only has one nameserver listed -
127.0.0.1 - and whatever resolver service you have running on your server
did not restart when you rebooted to update the kernel.

-- 
HTH, YMMV, HANW :)

Jason

The path to enlightenment is /usr/bin/enlightenment.

Re: Training Bayes On A Gateway

2014-10-09 Thread Jason W. 
On Thu, Oct 9, 2014 at 4:14 PM, John Hardin jhar...@impsec.org wrote:

 On Thu, 9 Oct 2014, John Traweek CCNA, Sec+ wrote:

  I've built a gateway server using sa-exim to filter email for our



 This topic comes up fairly regularly. Did you search the list archives on
 terms like exchange bayes ?


Since the OP mentioned exim, I'll share a bit of how I did something
similar. While I have Exchange in the picture, most of my users are not on
it.

I wanted to be able to fully reject mail at SMTP time if SpamAssassin (SA
does not block mail g) and not worry about whether exim would change the
log format if I did a 'fakereject'. SMTP rejects are nice since I do not
quarantine spam. I didn't see elsewhere, either on the SA wiki or
elsewhere, so figured I'd share and maybe help out somewhere..

I use exim's native SA integration, not sa-exim. I also use dovecot for my
IMAP users' mailboxes, and this is where my spam mail goes.

In my data ACL within exim.conf, I have:

---

  # Call SA and add some headers to the email delivered via normal means if
it's non-spam
  warnspam  = spam:true/defer_ok
  add_header= X-Spam-Score: $spam_score ($spam_bar)
  add_header= X-Spam-Report: $spam_report

  # If it's spam (defined as an SA score  5), then run my custom deliver
script against the copy of the email in the exim mail spool.
 # Exim's mail spool copy won't have the above added headers, so need to do
so here to see them in the spam mailbox.
  warncondition = ${if {$spam_score_int}{50}{1}{0}}
  condition = ${run{/home/spam/bin/deliver incoming-spam
$spool_directory/scan/$message_id/$message_id.eml 'X-Spam-Score:
$spam_score\nX-Spam-Report: $spam_report'}}

  denycondition = ${if {$spam_score_int}{50}{1}{0}}
  message   = .

-

/home/spam/bin/deliver contains:



#!/bin/bash

MAILBOX=$1
FILE=$2
shift
shift
HEADERS=$*

TMPFILE=/tmp/deliver.$$

echo -e $HEADERS  $TMPFILE
# Exim writes out a standard mbox-style From line, remove it
cat $FILE | tail -n +2  $TMPFILE

# Dovecot must be root to do direct delievery
cat $TMPFILE | sudo /usr/libexec/dovecot/deliver -d spam -m $MAILBOX

rm $TMPFILE

-- 
HTH, YMMV, HANW :)

Jason

The path to enlightenment is /usr/bin/enlightenment.