Re: spamassassin + filter.sh
hi again, Matt Kettler wrote: At 11:53 AM 1/11/2005, werner detter wrote: thanks for your help, migration to spamc/spamd wouldn't be the problem -> it's even planned within the next half year. there is only one reason this hasn't been done so far: there is no desicion from the company management if the want to use only spamc/spamd or if they want to use amavis-new in combination with spamc/spamd and a virusscan (e.g. clamav-new). so i have to wait for their decision - that's the problem. Yeah, so? Why should this inhibit you from using spamd now? hm, but even if i implement spamd/spamc - i still got the problem that every mail (even if it's bigger then e.g. 4mb is passed through spamd/spamc then insteat of spamassassin. please correct me if i'm wrong regards, werner
Re: spamassassin + filter.sh
hi matt, Matt Kettler wrote: At 11:06 AM 1/11/2005, werner detter wrote: i know that in the future i will have to use spamd/spamc but at the moment i can't migrate because of several reasons. that's why i have to get 'filter.sh' modified in the way that only mails smaller 100 kb are passed through spamassassin. Well, the modification of filter.sh might be harder than the migration to spamd What's inhibiting you from migrating to spamd? Perhaps we can help make that easier for you. thanks for your help, migration to spamc/spamd wouldn't be the problem -> it's even planned within the next half year. there is only one reason this hasn't been done so far: there is no desicion from the company management if the want to use only spamc/spamd or if they want to use amavis-new in combination with spamc/spamd and a virusscan (e.g. clamav-new). so i have to wait for their decision - that's the problem. so my idea to reduce the load/ramusage of the mailserver was to just modifiy the filter.sh that it only passes mails smaller then 100kb to spamassassin (as a fast solution/hack). why are the modifications in the filter.sh harder then the migration to spamc/spamd? IMHO it's just a shellskript why isn't it possible to get a sizecheck integrated - in your opinion. my idea (i'm not a shellskripting guru :D) was to replace this part of the script: *** cut *** cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; } # Clean up when done or when aborting. trap "rm -f out.$$" 0 1 2 3 15 #cat | $SPAMASSASSIN -P | $SANITIZER \ # $ANOMY_CONF 2>>$ANOMY_LOG > out.$$ || \ # { echo Message content rejected; exit $EX_UNAVAILABLE; } cat | $SPAMASSASSIN > out.$$ || { echo Message content rejected; exit $EX_UNAVAILABLE; } $SENDMAIL "$@" < out.$$ exit $? ** cut ** with something like ** cut *** SIZE="/usr/bin/du -hsk out.$$|awk '{$1}'" trap "rm -f out.$$" 0 1 2 3 15 if [ "$SIZE" <= "100" ] then cat | $SPAMASSASSIN > out.$$ || { echo Message content rejected; exit $EX_UNAVAILABLE; } $SENDMAIL "$@" < out.$$ exit $? else cat > out.$$ || { echo Message content rejected; exit $EX_UNAVAILABLE; } $SENDMAIL "$@" < out.$$ exit $? fi *** cut *** but this doesn't work that way. thanx for your responses on this hot topic :) regards, werner detter
Re: spamassassin + filter.sh
hi, i know that in the future i will have to use spamd/spamc but at the moment i can't migrate because of several reasons. that's why i have to get 'filter.sh' modified in the way that only mails smaller 100 kb are passed through spamassassin. regards, werner Matt Kettler wrote: At 05:12 AM 1/11/2005, werner detter wrote: i use postfix on my mailserver, ans spamassassin for marking spammails, it work's really great except one aspect: postfix uses the filter.sh which gives the mail to spamassassin. my only problem is, that every mail is beeing scanned, even if they are bigger (e.g. > 2mb). the most spam is smaller then 100k so the actuall setup isn't good for the ressources on the server. Using SpamAssassin by calling spamassassin isn't good at ALL for resources on the server. The spamassassin script is the simplest, but by far the most inefficient way to use SA. It's intended for hand-run tests and low volume sites. In the long run you'll want to shift to starting spamd at system startup and call spamc from filter.sh. 1) spamc automatically skips scans for really large messages 2) spamd will have pre-loaded an image of perl, saving a LOT of resources. 3) spamd will have pre-parsed /usr/share/spamassassin and /etc/mail/spamassassin, saving more resources. 4) spamd can have it's child count limited, preventing you from forking an infinite number of copies of SA. 5) If you're really high volume, you can set it up so they run on separate machines, thus separating the load of your MTA from the SA scanning back end. The downsides? 1) If you edit or add rules in /etc/mail/spamassassin you've got to restart. 2) a very few people have had their spamd's hog memory. This was more of a problem in 3.0.0 than it is now in 3.0.2. 3) if spamd crashes (rare, but a very few seem to be posting about this lately), you've got to restart it before mail scanning will resume.
spamassassin + filter.sh
hey everybody on the list, i use postfix on my mailserver, ans spamassassin for marking spammails, it work's really great except one aspect: postfix uses the filter.sh which gives the mail to spamassassin. my only problem is, that every mail is beeing scanned, even if they are bigger (e.g. > 2mb). the most spam is smaller then 100k so the actuall setup isn't good for the ressources on the server. *cut from master.cf' filterunix - n n - - pipe flags=Rq user=filter argv=/usr/local/filter/filter.sh -f ${sender} -- ${recipient} *end* the filter.sh looks like follows: - cat /usr/local/filter/filter.sh #!/bin/sh # # filter.sh # # Simple filter to plug Anomy Sanitizer and SpamAssassin # into the Postfix MTA # # From http://advosys.ca/papers/postfix-filtering.html # Advosys Consulting Inc., Ottawa # # For use with: #Postfix 20010228 or later #Anomy Sanitizer revision 1.49 or later #SpamAssassin 2.42 or later # # Note: Modify the file locations to match your particular # server and installation of SpamAssassin. # File locations: # (CHANGE AS REQUIRED TO MATCH YOUR SERVER) INSPECT_DIR=/var/spool/filter SENDMAIL="/usr/sbin/sendmail -i" ANOMY=/usr/anomy SANITIZER=/usr/anomy/bin/sanitizer.pl ANOMY_CONF=/usr/anomy/anomy.conf ANOMY_LOG=/dev/null SPAMASSASSIN=/usr/bin/spamassassin export ANOMY # Exit codes from EX_TEMPFAIL=75 EX_UNAVAILABLE=69 cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; } # Clean up when done or when aborting. trap "rm -f out.$$" 0 1 2 3 15 #cat | $SPAMASSASSIN -P | $SANITIZER \ # $ANOMY_CONF 2>>$ANOMY_LOG > out.$$ || \ # { echo Message content rejected; exit $EX_UNAVAILABLE; } cat | $SPAMASSASSIN > out.$$ || { echo Message content rejected; exit $EX_UNAVAILABLE; } $SENDMAIL "$@" < out.$$ exit $? my idea ist to modify the filter.sh that only mails smaller then 100k are given to spamassassin, the rest shouldn't :/ i modified the script several times but finally don't get it working. my skript: -- #!/bin/sh INSPECT_DIR=/var/spool/filter SENDMAIL="/usr/sbin/sendmail -i" ANOMY=/usr/anomy SANITIZER=/usr/anomy/bin/sanitizer.pl ANOMY_CONF=/usr/anomy/anomy.conf ANOMY_LOG=/dev/null SPAMASSASSIN=/usr/bin/spamassassin export ANOMY # Exit codes from EX_TEMPFAIL=75 EX_UNAVAILABLE=69 cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; } # Clean up when done or when aborting. SIZE="/usr/bin/du -hsk out.$$|awk '{$1}'" echo $SIZE trap "rm -f out.$$" 0 1 2 3 15 if [ "$SIZE" <= "100" ] then cat | $SPAMASSASSIN > out.$$ || { echo Message content rejected; exit $EX_UNAVAILABLE; } $SENDMAIL "$@" < out.$$ exit $? else cat > out.$$ || { echo Message content rejected; exit $EX_UNAVAILABLE; } $SENDMAIL "$@" < out.$$ exit $? fi ------ any ideas on how to implement a sizecheck into the skript. i'm really stuck with it so any kind of help is appreciated. kind regards, werner detter
Re: some mails are not tagged
hi, sytax for rewriting the subject has changed from spamassassin 2.x to 3.0 old rewrite_subject ***SPAM*** new rewrite_header subject ***SPAM*** bye, werner > i think i found the reason for my problem: the subject tag is missing in > those spammails. seems like this confuses spamassassin! > from my point of view it would make sense it spamassassin would create > the subject tag if it is missing. > > alex > > Alexander Gruber wrote: >> hi together, >> >> since the upgrade from spamassassin 2.61 to 3.01. i sometimes experience >> a strange problem. the subject of some mails is not rewritten with >> *SPAM even if the score is high enough and the report attached >> to the headers says its spam: >> >> X-Spam-Checker-Version: SpamAssassin on ianus >> X-Spam-Status: Yes, hits=8.0 required=5.0 >> tests=BAYES_99,MISSING_HEADERS, >> MISSING_SUBJECT,NO_REAL_NAME,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_XBL, >> SPF_SOFTFAIL autolearn=no >> >> but 99% of my spammails are tagged correctly! >> >> i´m using the following configuration: >> >> - spamassassin 3.01 >> - perl 5.6.1 >> - autowhitelists, bayes and user-config via mysql >> - qmail-scanner 1.24 >> >> thanks for any hints! >> >> regards >> >> alex >
spamassassin and spamd/spamc
hi all, i'm a little confused with spamassassin/spamd/spamc and i hope somebody can make this clear to me. i have the problem that functions of spamd/spamc aren't supported by spamassassin. for example: i use the bayes with mysql that works fine with spamd/spamc and spamassassin. if i want to force spamassassin to lookup user_scores in a mysql database it only works with spamd/spamc, not with spamassassin. is this a known issue or just a bug? my userpref table looks like follows CREATE TABLE `userpref` ( `username` varchar(100) NOT NULL default '', `preference` varchar(30) NOT NULL default '', `value` varchar(100) NOT NULL default '', `prefid` int(11) NOT NULL auto_increment, PRIMARY KEY (`prefid`), KEY `username` (`username`) ) TYPE=MyISAM AUTO_INCREMENT=4 ; setup for spamassassin in local.cf /etc/spamassassin/local.cf user_scores_dsn DBI:mysql:spamassassin:localhost:3306 user_scores_sql_username spamassassin user_scores_sql_password password user_scores_sql_table userpref any hints appreciated :) regards, werner