Re: Confession and rage
I'm still torn on whether to show up for my appointment at 1pm. I think just because I was treated with contempt by the person I spoke to earlier, I don't want to give them my money... Absolutely not. Vote with your wallet.
Re: using spamassassin to filter relayed email
- Original Message - From: Jarrett Byrnes [EMAIL PROTECTED] To: users@spamassassin.apache.org Sent: Tuesday, April 26, 2005 10:28 PM Subject: using spamassassin to filter relayed email I'm currently running a server that mainly relays email to other email addresses. I have procmail setup for users that are have their mailboxes on the server, but how do I setup spamassassin to deal with these aliases emails? I haven't found a good set of documentation on the web addressing this issue, although I admit I may just be missing something. -Jarrett Look into spamass-milter or milter-spamc. Check out http://www.milter.org/ for more about milters. Thomas
Re: SpamAssassin Without Bayes
On Mon, 2005-04-04 at 12:28 -0400, Gustafson, Tim wrote: Hi Everyone! I know that Bayes is the defacto best way to fight SPAM right now, but I wonder if anyone out there is running SA without Bayes turned on and what their experience with it is? I run SA with Bayes enabled right now site-wide for more than 500 e-mail accounts, and my problem is that some of my clients who deal in industries that are very SPAMmy in nature (like a recruiting firm or an insurance agency) are getting e-mails tagged as SPAM that aren't SPAM (at least to my client) at all. Most of these e-mails are being tagged because of their Bayes score, and I'm curious how many false negatives I'll get if I just turn of Bayes altogether. Is there any log analysis tool that will tell me how many SPAMs would NOT have been marked as SPAM if a given rule was turned off when the e-mail was received? Can anyone comment on the effectiveness of SA without Bayes activated? Tim Gustafson MEI Technology Consulting, Inc [EMAIL PROTECTED] (516) 379-0001 Office (516) 480-1870 Mobile/Emergencies (516) 908-4185 Fax http://www.meitech.com/ I use SA with all the network tests on and spamass-milter to relay mail from our external MX to the internal Exchange mail server. We don't use Bayes at all as there is no good way to train it. We still have a phenomenal success rate - very close to 100% accuracy. I love Bayes for small environments, but even in big ones where it might not be practical SA still kicks butt. Thomas
DCC License Change
Has anyone been following the DCC license change thread on the DCC mailing list? Is anyone going to be negatively affected by it? I run a small mail server for my own small business, so I don't imagine that it will affect me. Does anyone have any opinions on the licensing change? Thomas
Re: Sudden spam to this email address
I don't post terribly frequently, but I certaibly do post to this list (and many others). Ditto for Usenet. No throw-away addresses for me. I use SpamAssassin with Pyzor, Razor, DCC, and network checks, ClamAV, and greylisting. I can remember one spam message that made it into my Inbox this year. One. I can't shout from the roof tops loudly or often enough: SpamAssassin works! :-) Thomas - Original Message - From: Greg Allen [EMAIL PROTECTED] To: users@spamassassin.apache.org Sent: Monday, March 14, 2005 10:53 PM Subject: RE: Sudden spam to this email address Yep, I just found the culprit. The below 2 websites volunteer SA users-list email addresses for all the world to harvest. I found my email address in Google from posting here on this list. aspn.activestate.com/ASPN/ Mail/Message/spamassassin-users spamassassin.apache.org/mail/users Be warned, if you post to this list use a throw-away email address unless you are looking to have a good test account for SA. :-) -Original Message- From: Greg Allen [mailto:[EMAIL PROTECTED] Sent: Monday, March 14, 2005 11:36 PM To: users@spamassassin.apache.org Subject: Sudden spam to this email address Does posting to this list open me up to dweebs harvesting email addresses? I'm suddenly getting BS spams to this email address, and they have to be coming from one of two sources. This list being one of the options. Thanks.
Re: How to run spamd as root
- Original Message - From: Paul J. Smith [EMAIL PROTECTED] To: users@spamassassin.apache.org Sent: Sunday, February 20, 2005 8:46 AM Subject: How to run spamd as root Hi, How do I run spamd as root? I've tried the --username=root, which the man page implies will work, but always get the fatal: cannot run as nonexistent user or root with -u option . You don't. Seriously, don't do it. Create a new user and run SA as that user. I know that I should probably be added a new user etc, but this is a safe situation and I'd like to know how to do it if it's possible. It's a bad habit. You really should use best practices all the time. Then you are less likely to make a mistake. Thomas
Re: installing SA with milter
- Original Message - From: Steve Prior [EMAIL PROTECTED] To: users@spamassassin.apache.org Sent: Monday, January 24, 2005 2:12 PM Subject: installing SA with milter I think I'm ready to take the next step and upgrade my SA installation to a milter setup which rejects mail over a certain threshold. It looks like there are at least 2 milters out there - is there one that is the current best? Does anyone have a howto about setting up an SA milter with sendmail? Thanks Steve Best is pretty subjective. I use spamass-milter on a Fedora mail server with Sendmail and I've had flawless performance. I know others who absolutely swear by milter-spamc. I kind of get the impression that whichever one you try first will become your favorite. I think they both work pretty darned well. Thomas
Re: What to do with my spam?
- Original Message - From: Matt Kettler [EMAIL PROTECTED] To: Craig McLean [EMAIL PROTECTED]; users@spamassassin.apache.org Sent: Monday, January 24, 2005 5:13 PM Subject: Re: What to do with my spam? spamssassin -r will report to spamcop (sa 3.0+), learn as spam, and if you have them installed report to dcc, razor and pyzor. I am using SA 3.0.2, Pyzor 0.4.0, Vipul's Razor 2.61 (razor-agents-2.61-0), and DCC 1.2.63 installed. I also have spamass-milter set up to reject (at the SMTP level) messages which score over a certain score. Does anyone know if there is a way to automagically report messages via spamd, maybe if they score over a certain level? Thomas
Re: What to do with my spam?
- Original Message - From: Matt Kettler [EMAIL PROTECTED] To: Thomas Cameron [EMAIL PROTECTED]; users@spamassassin.apache.org Sent: Tuesday, January 25, 2005 10:27 AM Subject: Re: What to do with my spam? At 10:07 PM 1/24/2005, Thomas Cameron wrote: Does anyone know if there is a way to automagically report messages via spamd, maybe if they score over a certain level? No. That feature was present in old versions of SA, but it removed from SA in the 2.3 series at the strong request of the Razor developers. Razor does not want automated reporting based on SA scores and they explicitly prohibit ANY automated reporting except spamtrap accounts. OK, thanks for the info! TC
Re: How do I disable spews?
On Sat, 2004-12-25 at 10:06 -0800, SA wrote: On Fri, 2004-12-24 at 17:42, Thomas Cameron wrote: Didn't SPEWS shut down and blacklist the world? Thomas No. Yes, they did - I found this article on Slashdot. Did they go down and then come back later? http://slashdot.org/article.pl?sid=03/08/27/0214238 Thomas
Re: How do I disable spews?
On Sun, 2004-12-26 at 09:48 -0500, Matt Kettler wrote: At 12:32 AM 12/26/2004 -0600, Thomas Cameron wrote: Didn't SPEWS shut down and blacklist the world? Thomas No. Yes, they did - I found this article on Slashdot. Did they go down and then come back later? http://slashdot.org/article.pl?sid=03/08/27/0214238 Thomas No, that's OSIRUSOFT that went down and set it's records to blacklist everything. OSIRUSOFT included SPEWS as a part of their data, but they also included half a dozen other blacklists and their own data. OSIRUSOFT was nothing but a very popular aggregate blacklist that included SPEWS data. SPEWS is a separate entity. SPEWS never went down. Ah, I see. Thanks for the correction. Thomas
Re: How do I disable spews?
On Thu, 2004-12-23 at 20:29 -0500, Brenda Bell wrote: I upgraded from 3.0.1 to 3.0.2 this morning and all of a sudden, I can't send myself email from work because spews blacklisted an entire block of uunet addresses and my company is in the middle of the block. (side note: we do not spam and we fight it with every bit of technology we have). I've searched both local.cf and all of the rules files for spews and for the life of me, I can't figure out why my SA is checking spews. Could someone please point me in the right direction? Brenda Bell Liquid Machines The Freedom of Security http://www.liquidmachines.com Didn't SPEWS shut down and blacklist the world? Thomas
Re: Spamassassin, greylist, and sendmail
- Original Message -
From: Steven Stern [EMAIL PROTECTED]
To: users@spamassassin.apache.org; [EMAIL PROTECTED]
Sent: Saturday, December 18, 2004 11:16 AM
Subject: Spamassassin, greylist, and sendmail
I'm trying greylisting as a way of reducing spam.
By themselves, both milter-greylist and spamass-milter work OK. When I
combine them, spamass-milter dies with the error cmd read returned 0
expecting 5
It seems that the problem is with the milter macros required by
milter-greylist. If they defines following the greylist milter are
uncommented, then I have the problem with spamass-milter. I'musing
spamass-milter 0.2.0.
Suggestions? (Yes, I know, use MimeDefang or Amavis. But right now, I
want
to see if I can solve this problem.)
dnl #
dnl greylist milter ###
dnl #
dnl #INPUT_MAIL_FILTER(`greylist',
`S=local:/var/milter-greylist/milter-greylist.sock')dnl
dnl #define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')dnl
dnl #define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')dnl
dnl #define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')dnl
dnl #
dnl CLAM ##
dnl #
INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clamav-milter.sock,F=,
T=S:4m;R:4m')dnl
dnl #
dnl SPAMASSASSIN #
dnl #
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock,
F=,T=C:15m;S:4m;R:4m;E:10m')dnl
dnl #
define(`confMILTER_LOG_LEVEL', 8)dnl
--
Steve
Wanted to follow up with you.
My sendmail.mc looks like this:
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock')dnl
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')dnl
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')dnl
INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock,F=,
T=S:4m;R:4m')dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=,
T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`b, j, _, {daemon_name}, {if_name},
{if_addr}')dnl
The reason I have mine set up in this order is because I believe (someone
please correct me if I'm wrong) that it uses the least resources. First
comes the greylist delay. It's a tiny little answer to the sending mail
server and doesn't require any heavy lifting on my mail server. Only those
messages which come from legit (hopefully) mail servers make it to the next
steps which require real processing overhead (anti-virus and spam scanning).
Cheers,
Thomas
Re: ARGH!!! Why the *#%^$* is this tagged ALL_TRUSTED???
On Tue, 2004-12-07 at 17:22 -0600, David B Funk wrote:
On Tue, 7 Dec 2004, Thomas Cameron wrote:
Hrm - that makes a lot of sense. I am using spamass-milter (the latest
from CVS as of about a week ago).
I actually have the following at the bottom of my sendmail.mc:
INPUT_MAIL_FILTER
(`clmilter',`S=local:/var/run/clamav/clmilter.sock,F=,T=S:4m;R:4m')dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=,
T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`b, j, _, {daemon_name}, {if_name},
{if_addr}')dnl
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-
greylist.sock')dnl
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')dnl
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')dnl
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')dnl
I just realized I have two confMILTER_MACROS_CONNECT definitions. I
don't think
that that would cause this but I need to address this tomorrow after
I've slept some. :-)
Thomas
Sorry, but that second confMILTER_MACROS_CONNECT -IS- what is causing
you all your grief.
In the m4 macro processing, last man wins, so that second
confMILTER_MACROS_CONNECT def is preventing sendmail from passing the
_, macro to your milter which causes it to not feed SA a valid
'Received:' header.
Thanks a million for educating me on that - I have fixed it, rebuilt
senmail.cf and restarted the milters and sendmail. I'm very interested
to see how that changes things.
Warmest regards,
Thomas
Re: ARGH!!! Why the *#%^$* is this tagged ALL_TRUSTED???
On Tue, 2004-12-07 at 01:22 -0600, David B Funk wrote:
On Tue, 7 Dec 2004, Thomas Cameron wrote:
I do not understand why this is tagged ALL_TRUSTED!
Here is my local.cf:
###
[snip..]
clear_trusted_networks
trusted_networks24.173.79.19/32
###
As you can see, the only trusted network I have is my mail server! Why is
ALL_TRUSTED hitting? I am about to set ALL_TRUSTED to a score of 0!
Thomas
Silly question; precisely how do you have SA integrated into your
mail system?
I noticed that you are using sendmail clamav-milter, are you also
using a milter to connect spamd into your mail system?
If so, precisely which milter?
This is important, as not all sendmail spam-milters are created equal. ;)
Here is the issue specific to your situation.
The milter gets the message from sendmail raw, IE before sendmail
does any of it's usual processing of the message SUCH AS ADDING
Received headers.
So the milter does NOT see that particular header:
Received: from CM02.outbound.mail (mailer4.monteraymedia.com [66.63.189.28]
(may be forged)) by mail.camerontech.com (8.13.1/8.13.1) with ESMTP id
iB75ihQg015990 for [EMAIL PROTECTED]; Mon, 6 Dec 2004
23:44:44 -0600
which is critical to SA's ability to determine local vs non-trusted
hosts.
Well crafted milters will understand that and internally synthesize
a 'Received:' header to mimic the one that your sendmail will add.
Without that (or if it isn't done well) then SA will never be able to
properly do the trust determination.
Dave
Hrm - that makes a lot of sense. I am using spamass-milter (the latest
from CVS as of about a week ago).
I actually have the following at the bottom of my sendmail.mc:
INPUT_MAIL_FILTER
(`clmilter',`S=local:/var/run/clamav/clmilter.sock,F=,T=S:4m;R:4m')dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=,
T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confMILTER_MACROS_CONNECT',`b, j, _, {daemon_name}, {if_name},
{if_addr}')dnl
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-
greylist.sock')dnl
define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')dnl
define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')dnl
define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')dnl
I just realized I have two confMILTER_MACROS_CONNECT definitions. I
don't think
that that would cause this but I need to address this tomorrow after
I've slept some. :-)
Thomas
Re: trusted_networks default settings too permissive?
On Mon, 2004-12-06 at 01:30 -0500, Matt Kettler wrote: At 03:40 PM 12/6/2004 +1300, Jason Haar wrote: Ahh, but this can never happen over the open internet. When the NATed sender sends mail to your NATed server, the server will not see the mail as coming from 192.168/16. It will see the sender's public, post-nat IP. To put it more bluntly, the trusted_networks checks are only against the last (i.e. newest) Received: header IP addresses. That's just false. Completely false. Trusted will work it's way back from the newest Recieved header and continue until it hits one with an untrusted host. There's no limit to the number of Received: headers it can consider trusted. It certainly can trust more than just the one. The OP was suggesting that this could cause problems if both sides NATed and you trust 192.168/16. But that can't happen, because the NATed source will still appear as an untrusted IP, not 192.168./24, stoping the trust path cold. So for your gateway to be receiving the SMTP connection, that Received: header would contain a real Internet IP address - or it was a connection from one of your own internally-NATted IP addresses - either way, the check should work. Yes, that's fine, but SA does have trust issues if your mailserver itself is NATed and will resolve it's own by xxx.example.com name as a reserved IP. I too was having difficulty with ALL_TRUSTED firing on incoming Internet mail a month ago, but it's all fixed now (I don't know if 3.0.1 fixed it? Can't remember) Shouldn't have. There's been no change to the trust code, or ALL_TRUSTED in 3.0.1 vs 3.0.0. Perhaps you set trusted_networks? Let me tell you what I'm seeing... I set 127/8 and 24.173.79.19/32 as trusted networks. ALL_TRUSTED fired on a (spam) message which had 127.0.0.1 in the headers, even though that machine was the originator of the message. I now only have 24.173.79.19/32 as a trusted network (which seems silly to me - it's not a network, it's a host). Thomas
SOLVED Re: Can someone better explain ALL_TRUSTED to me?
OK, after more R'ing TFM and some kind advice from a list member, I think I understand now what has been happening. From the Mail::SpamAssassin::Conf man page: * if the from IP address is on the same /16 network as the top Received lines by host, its trusted * if the address of the from host is in a reserved network range, then its trusted * if any addresses of the by host is in a reserved network range, then its trusted So the solution is to add these two lines to local.cf: clear_trusted_networks trusted_networks127/8 24.173.79.19/32 IIUC this sets any traffic which originates from my server as trusted, but all other traffic is not. Thanks, Thomas
trusted_networks default settings too permissive?
From the Mail::SpamAssassin::Conf man page: trusted_networks ip.add.re.ss[/mask] ... (default: none) snip * if the from IP address is on the same /16 network as the top Received lines by host, its trusted * if the address of the from host is in a reserved network range, then its trusted * if any addresses of the by host is in a reserved network range, then its trusted Isn't that too permissive? I get lots of spam that comes from hosts which are obviously behind a NAT box (the header shows a 192.168.x.x by address). IIUC, the default setting is to set that mail as trusted! That seems too permissive to me. Am I still not understanding trusted_networks correctly? Thanks! Thomas
Can someone better explain ALL_TRUSTED to me?
Since upgrading to 3.0.1 I have actually gotten a few more spams than with 3.0.0. SA is still catching well over 99% so I am certainly not complaining - I've gone from no spams in my inbox to about three a week. The thing I've noticed on all of the ones which get through is that ALL_TRUSTED is one of the tests listed. I am not sure what that means. The only explanation I've found is that it means that the message never passed through an untrusted host. What is an untrusted host? I am not sure why it fired on the e-mail below... I certainly wouldn't consider the sending server a trusted host, so I would think that it should be considered untrusted. I am afraid I am unclear on the concept. Can someone take pity and explain? :-) Thomas Spam message follows: Return-Path: [EMAIL PROTECTED] Received: from tweed.32s (e82-103-142-226s.easyspeedy.com [82.103.142.226] (may be forged)) by mail.camerontech.com (8.13.1/8.13.1) with ESMTP id iB40beHT010334 for [EMAIL PROTECTED]; Fri, 3 Dec 2004 18:37:45 -0600 From: aplustransporters.com [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: This Auto Transport Company Might Interest You MIME-Version: 1.0 Precedence: bulk Errors-To: [EMAIL PROTECTED] Content-type: text/html Message-Id: [EMAIL PROTECTED] Date: Fri, 3 Dec 2004 08:40:52 -0500 (EST) X-Virus-Scanned: ClamAV 0.80/614/Wed Dec 1 09:44:43 2004 clamav-milter version 0.80j on mail.camerontech.com X-Virus-Status: Clean X-Spam-Status: No, score=4.7 required=5.0 tests=ALL_TRUSTED, DNS_FROM_AHBL_RHSBL,EXCUSE_3,HTML_40_50,HTML_FONT_BIG, HTML_IMAGE_ONLY_24,HTML_MESSAGE,HTML_TAG_EXIST_TBODY,INFO_TLD, MIME_HTML_ONLY,RAZOR2_CF_RANGE_51_100,RAZOR2_CHECK,URIBL_OB_SURBL, URIBL_WS_SURBL autolearn=no version=3.0.1 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on mail.camerontech.com X-Greylist: Delayed for 02:40:21 by milter-greylist-1.6rc1 (mail.camerontech.com [24.173.79.19]); Fri, 03 Dec 2004 18:37:48 -0600 (CST) X-Evolution-Source: imap://[EMAIL PROTECTED]/ HTMLBODY bgColor=#ffTABLE width=100%TRTD bgColor=#800080centerBa href=http://www.aplustransporters.com; style=text-decoration: nonefont color=#FF size=4 face=ArialThe Car Shipping Experts/font/a/B/TD/TR/TABLETABLE borderColor=#b5107b cellSpacing=0 cellPadding=5 width=100% bgColor=#ff border=1TBODYTRTDTABLETBODYTRTD vAlign=top centerbDFONT face=Arialo you need, or know of someone who needs a Car Transported to another state?/bBRa href=http://www.aplustransporters.com;img border=0 src=http://www.aplustransporters.com/images/image1.jpg; width=257 height=110/apFONT size=4Online State-of-the-art computer tracking systembrOffice: Mon-Fri 10am to 7pm Eastern'/fontbrbfont size=5 color=#FFPhone: (866) 498-3535/FONTbrfont size=2Visit our site for an Ua href=http://www.aplustransporters.com;Instant online quote/a/U/B/fontFONT size=4 font color=#FF24-7/fontbrFONT color=#FFbAmerica's leading Transport Company.br'Come experience our award winning customer service for yourself'/b/FONT/font/centerPFONT face=ArialBFONT size=2nbsp; We take great pride in our car shipping service. We arrange transports for relocation individuals, college students, dealerships and our specialty: SNOWBIRDS ! We can move your car coast to coast and most points in between.Pnbsp; We understand that having someone move your auto is no small matter - your car is not only an expensive possession, it's also part of your family. Our 5 Star Carriers take great care to ensure that your car is protected from start to finish. And unlike other carriers, once your car is on our truck, it doesn't get off until it reaches its destination - there's no loading and reloading at big consolidation centers. Minimized handling means a minimum risk of problems. The most trusted in the business./B/FONT/FONT/P/TD/TR/TBODY/TABLEa href=http://be8zuz5wyg.j.zzinc.info/?3911;hr size=1 width=90% color=#800080/a/TD/TR/TBODY/TABLECENTERpFONT face=tahoma, arial size=2To be removed from any future mailings, please a href=mailto:[EMAIL PROTECTED]Click Here/abrOr send all inquiries to:br3936 S. Semoran Blvd #114. Orlando, FL 32822/FONT/CENTER/BODY/HTML
Re: Can someone better explain ALL_TRUSTED to me?
On Sat, 2004-12-04 at 03:20 -0500, Matt Kettler wrote: At 08:04 PM 12/3/2004 -0600, Thomas Cameron wrote: Since upgrading to 3.0.1 I have actually gotten a few more spams than with 3.0.0. SA is still catching well over 99% so I am certainly not complaining - I've gone from no spams in my inbox to about three a week. The thing I've noticed on all of the ones which get through is that ALL_TRUSTED is one of the tests listed. If your mailserver is NATed (or otherwise uses a reserved IP), you MUST define trusted_networks manually. This issue has been present since SA 2.60, but the introduction of the ALL_TRUSTED rule makes the symptoms of having a broken trust path very painful. My mailserver is not NATted - it has a public IP address. Basicaly, ALL_TRUSTED should only fire if an email has only been transferred by hosts matching trusted_networks. I do not have trusted_networks defined anywhere: [EMAIL PROTECTED] ~]# cd /etc/mail/spamassassin/ [EMAIL PROTECTED] spamassassin]# grep -i trust * [EMAIL PROTECTED] spamassassin]# cat local.cf # These values can be overridden by editing ~/.spamassassin/user_prefs.cf # (see spamassassin(1) for details) # These should be safe assumptions and allow for simple visual sifting # without risking lost emails. required_score 5 report_safe 1 rewrite_header subject **SPAM** _SCORE_ ok_languages en ok_locales en use_dcc 1 use_pyzor 1 use_razor2 1 dig in the archvies.. this is a very well know, understood, and not an issue which can be fixed to make the automatic method work better for everyone. Um, I have scoured the spamassassin.apache.org site and it is *not* well described. You might understand it but I certainly don't. It's one of those problems where you can shift around what kinds of networks have the problem (NATed or not), and you can shift around what form the problem takes (FPs vs FNs), but there's no general-case algorithm that works well everywhere. I am trying to understand why it is firing on my server. I do not have anything listed as a trusted network. Thomas
Re: Uninstalling 3.0
On Wed, 2004-11-10 at 19:03 -0800, Mike McMullen wrote: - Original Message - From: Matt Kettler [EMAIL PROTECTED] At 07:33 PM 11/10/2004, Mike McMullen wrote: I have a server where I have installed SA 3.0 via the downloaded zip file on the SA home page. I now want to uninstall it. I can't seem to find a way to do that gracefully. Go to the original unpack of the zipfile where you installed from and run: make uninstall If you don't have it, unpack the zip and re-run ./configure (if you used any prefix parameters, etc, be sure to pass those again) and then do the make uninstall. Be sure to remove any integrations that are calling SA before uninstalling (ie: if you edited procmailrc, remove that part. If you are calling it from amavis disable it, etc.) Hi Matt! I tried make uninstall before. Here is the error I get: [Mail-SpamAssassin-3.0.0]# make uninstall Uninstall is unsafe and deprecated, the uninstallation was not performed. We will show what would have been done. no packlist file found: at /usr/lib/perl5/5.8.3/ExtUtils/Install.pm line 318. make: *** [uninstall_from_sitedirs] Error 2 I'm not sure what to do at this point. Thanks, Mike Mike - Can you tell me what your ./configure arguments were? I can reproduce it on my dev box and see what gets installed and where, then tell you so you can remove it. Sorry it's not a more elegant solution... :-( -- A: Because people read from top to bottom. Q: Why is top-posting bad? Thomas Cameron, RHCE, CNE, MCSE, MCT
Error building RPM on AMD64
All - I am trying to build packages using the spamassassin.spec file included with the SA .bz2 file. I get the error at the bottom of this message though, and I am not sure how to fix it. I *think* I need to modify the line that looks like: CFLAGS=$RPM_OPT_FLAGS; export CFLAGS But I am not sure what to put there. Error I get: + /usr/bin/make spamc/libspamc.so /usr/bin/make -f spamc/Makefile spamc/libspamc.so make[1]: Entering directory `/usr/src/redhat/BUILD/Mail- SpamAssassin-3.0.0' gcc -rdynamic -Wl,-rpath,/usr/lib64/perl5/5.8.3/x86_64-linux-thread- multi/CORE spamc/libspamc.c spamc/utils.c \ -o spamc/libspamc.so -shared -ldl /usr/bin/ld: /tmp/ccWTQTnA.o: relocation R_X86_64_32S can not be used when making a shared object; recompile with -fPIC /tmp/ccWTQTnA.o: could not read symbols: Bad value collect2: ld returned 1 exit status make[1]: *** [spamc/libspamc.so] Error 1 make[1]: Leaving directory `/usr/src/redhat/BUILD/Mail- SpamAssassin-3.0.0' make: *** [spamc/libspamc.so] Error 2 error: Bad exit status from /var/tmp/rpm-tmp.60853 (%build) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.60853 (%build) Any help greatly appreciated. -- A: Because people read from top to bottom. Q: Why is top-posting bad? Thomas Cameron, RHCE, CNE, MCSE, MCT
Second plea for help - building RPM on AMD64
All - Using the spamassassin.spec file that is included in the Mail- SpamAssassin-3.0.0.tar.bz2 file, I run rpmbuild -ba spamassassin.spec It runs along fine for a while, then it ends with: + /usr/bin/make spamc/libspamc.so /usr/bin/make -f spamc/Makefile spamc/libspamc.so make[1]: Entering directory `/usr/src/redhat/BUILD/Mail- SpamAssassin-3.0.0' gcc -rdynamic -Wl,-rpath,/usr/lib64/perl5/5.8.3/x86_64-linux-thread- multi/CORE spamc/libspamc.c spamc/utils.c \ -o spamc/libspamc.so -shared -ldl /usr/bin/ld: /tmp/ccuUCmK7.o: relocation R_X86_64_32S can not be used when making a shared object; recompile with -fPIC /tmp/ccuUCmK7.o: could not read symbols: Bad value collect2: ld returned 1 exit status make[1]: *** [spamc/libspamc.so] Error 1 make[1]: Leaving directory `/usr/src/redhat/BUILD/Mail- SpamAssassin-3.0.0' make: *** [spamc/libspamc.so] Error 2 error: Bad exit status from /var/tmp/rpm-tmp.27157 (%build) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.27157 (%build) I am not a developer so I am not sure what to do next. I *think* that I need to pass -fPIC to gcc, and I *think* I can do that by modifying the following line in the spec file: CFLAGS=$RPM_OPT_FLAGS; export CFLAGS so that it reads CFLAGS= -O2 -g -fPIC; export CFLAGS Can anyone give me a clue if I'm heading in the right direction? -- A: Because people read from top to bottom. Q: Why is top-posting bad? Thomas Cameron, RHCE, CNE, MCSE, MCT
Re: Goodbye old friend 2.4x!
- Original Message - From: Chris Santerre [EMAIL PROTECTED] To: Spamassassin-Talk (E-mail) [EMAIL PROTECTED] Sent: Monday, September 27, 2004 9:44 AM Subject: Goodbye old friend 2.4x! LOL, it is official, I am taking my own advice. I am upgrading my live server from 2.4x! And I think the experiment was a complete success I never upgraded live server from 2.4x because I wanted to see how good I could get that system working without Bayes and net tests. 2.4x ran perfectly the whole time! Caught about 99%. This was due to BigEvil and SARE. (Also denying at the MTA level with standard RBLs.) I wanted to prove to myself that Bayes wasn't needed, and I did. I intend to let anyone know that complaining about SA not catching all, is wrong! Proper administration of SA is the key. If a 2 year old version (might be older then that!) can block 99%, then it ain't the software ;) The main reason I'm updating is SURBL support, and being on the same page as the rest of the SARE ninjas. (They were making fun of my old sword!) The devs should be proud that their older version still kicks butt. And when you read all the dooms day articles on spam by the media, sit back and chuckle with me. Think to yourself, Hell, the solution was made many years ago, you just need to use it! Wellon to reconfiguring the server! If I don't answer peoples' email in the next few dayssomething went horribly wrong ;) --Chris (Hmmm Perl version 5.00x running.this is gonna be fun!) FWIW, I use SA 3.0.0 and spamass-milter on a relay server that hands messages through the firewall to the real mail server. As such, we can't use Bayes (or perhaps I should say I am not good enough yet to figure out how to use Bayes in this environment). It still catches almost all spam. -- Thomas Cameron, RHCE, CNE, MCSE, MCT
