Re: auto-whitelist file corrupted
Also you can rename the file and restart things to get it recreated most likely. On Sun, Jan 20, 2019, 06:03 Giovanni Bechis On 1/20/19 8:33 AM, Palvelin Postmaster wrote: > > My auto-whitelist file appears corrupted. File size is about 5 > megabytes. Spamassassin says it can’t be opened. So does sa-awl. > > > > Is there any other way to try to recover the file or should I just > accept my losses and recreate it? > > > I think you can try using db4_recover on a copy of the file to try > recovering it. > Giovanni >
Re: auto-whitelist file corrupted
On 1/20/19 8:33 AM, Palvelin Postmaster wrote: > My auto-whitelist file appears corrupted. File size is about 5 megabytes. > Spamassassin says it can’t be opened. So does sa-awl. > > Is there any other way to try to recover the file or should I just accept my > losses and recreate it? > I think you can try using db4_recover on a copy of the file to try recovering it. Giovanni
auto-whitelist file corrupted
My auto-whitelist file appears corrupted. File size is about 5 megabytes. Spamassassin says it can’t be opened. So does sa-awl. Is there any other way to try to recover the file or should I just accept my losses and recreate it? -- Palvelin.fi Hostmaster postmas...@palvelin.fi
auto whitelist path
hi I can't set this command in local.cf and in --lint mode I face some error auto_whitelist_path /etc/mail/spamassassin/auto-whitelist
Re: auto whitelist path
On 07/11/2013 12:53 PM, Moein Sarvi wrote: hi I can't set this command in local.cf and in --lint mode I face some error auto_whitelist_path /etc/mail/spamassassin/auto-whitelist some error is not very descriptive (helpful) What error?
Re: auto whitelist path
warn: config: failed to parse line, skipping, in /etc/spamassassin/local.cf: auto_whitelist_path /etc/mail/spamassassin/auto-whitelist
Re: auto whitelist path
On 07/11/2013 01:01 PM, Moein Sarvi wrote: warn: config: failed to parse line, skipping, in /etc/spamassassin/local.cf: auto_whitelist_path /etc/mail/spamassassin/auto-whitelist is the AWL plugin enabled in v310.pre ? if yes please post the full output from - SA version - spamassassin --lint -D and your local.cf
Re: auto whitelist path
T he AWL plugin in v310.pre was disabled! By enabling that and give enough permission it's working thanks
How do I shrink a 2.6 GB large auto-whitelist file in spamassassin 3.3?
Hi, before the upgrade to 3.3 (to be precise: spamassassin-3.3.2), AWL was enabled and working for years with spamassassin 3.1. Over time auto-whitelist has grown to 2.6 GB. I tried sa-awl as mentioned in the manuals to have a look at the contents, but it was eating up all memory and swap space (with no output yet) so I killed it before kernel would kill any other vital processes. So how can I shrink that huge Berkley-DB file? Bye. -- Reinhard Nißl, TB3, -198
Re: How do I shrink a 2.6 GB large auto-whitelist file in spamassassin 3.3?
Den 2012-07-26 17:32, Nißl Reinhard skrev: So how can I shrink that huge Berkley-DB file? change to sql (mysql or postgresql) then add timestamp to each table, so lastchange is the unix time it hitted last, when that is working expire is simple in cron :=) its just still todo with berkdb imho
Open of auto-whitelist file failed: Insecure dependency in eval...
I just upgraded a CentOS 5.4 system to Spamassassin 3.3.1. The upgrade was done by a CPAN install with Perl. The previous version (3.2.5) had worked flawlessly for a couple of years. However, the upgraded version reports an error in the spamd.log file: Sun Apr 18 15:21:10 2010 [7966] warn: auto-whitelist: open of auto-whitelist file failed: Insecure dependency in eval while running with -T switch at /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/Util.pm line 996. I tried numerous permission changes but can't clear the error. Spamassassin is launched using: /usr/bin/spamd -u exim -s /var/log/spamd.log -i 0.0.0.0 -A 192.168.0.0/24,127.0.0.1 -d Running perl v 5.8.8 It doesn't report any problems with the Bayes databases. They are updated without error. The auto-whitelist DB is configured to be store at the same location. Spamassassin is running fine otherwise and properly flagging spam and non spam messages. The only problem appears to be that AWL is failed. Any suggestions to resolve the problem would be appreciated. Tx much! Chris
Re: Open of auto-whitelist file failed: Insecure dependency in eval...
Chris Welch wrote on Sun, 18 Apr 2010 15:33:20 -0400: I just upgraded a CentOS 5.4 system to Spamassassin 3.3.1. The upgrade was done by a CPAN install with Perl. which you should not do. Unless there is *no* other chance a Perl or modules or Perl programs on an rpm-based system should be upgraded/installed with rpm. I don't see this error on CentOS. But I'm not usign spamd, so it may be spamd-specific or because of the CPAN install. Kai -- Get your web at Conactive Internet Services: http://www.conactive.com
Re: Open of auto-whitelist file failed: Insecure dependency in eval...
On Sunday April 18 2010 21:33:20 Chris Welch wrote: I just upgraded a CentOS 5.4 system to Spamassassin 3.3.1. The upgrade was done by a CPAN install with Perl. The previous version (3.2.5) had worked flawlessly for a couple of years. However, the upgraded version reports an error in the spamd.log file: Sun Apr 18 15:21:10 2010 [7966] warn: auto-whitelist: open of auto-whitelist file failed: Insecure dependency in eval while running with -T switch at /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/Util.pm line 996. Yes, a bug when you use a configuration directive auto_whitelist_db_modules. Either avoid its use, or apply the patch below. Please open a bug report, so that we can properly fold it into the next version. Index: lib/Mail/SpamAssassin/DBBasedAddrList.pm === --- lib/Mail/SpamAssassin/DBBasedAddrList.pm(revision 935407) +++ lib/Mail/SpamAssassin/DBBasedAddrList.pm(working copy) @@ -24,7 +24,7 @@ use Fcntl; use Mail::SpamAssassin::PersistentAddrList; -use Mail::SpamAssassin::Util; +use Mail::SpamAssassin::Util qw(untaint_var); use Mail::SpamAssassin::Logger; our @ISA = qw(Mail::SpamAssassin::PersistentAddrList); @@ -54,6 +54,7 @@ }; my @order = split (' ', $main-{conf}-{auto_whitelist_db_modules}); + untaint_var(\...@order); my $dbm_module = Mail::SpamAssassin::Util::first_available_module (@order); if (!$dbm_module) { die auto-whitelist: cannot find a usable DB package from auto_whitelist_db_modules: . Mark
RE: Open of auto-whitelist file failed: Insecure dependency in eval...
Works like a charm! Bug raised (6415). Thanks very much sir! Chris -Original Message- From: Mark Martinec [mailto:mark.martinec...@ijs.si] Sent: April 18, 2010 5:48 PM To: users@spamassassin.apache.org Subject: Re: Open of auto-whitelist file failed: Insecure dependency in eval... On Sunday April 18 2010 21:33:20 Chris Welch wrote: I just upgraded a CentOS 5.4 system to Spamassassin 3.3.1. The upgrade was done by a CPAN install with Perl. The previous version (3.2.5) had worked flawlessly for a couple of years. However, the upgraded version reports an error in the spamd.log file: Sun Apr 18 15:21:10 2010 [7966] warn: auto-whitelist: open of auto-whitelist file failed: Insecure dependency in eval while running with -T switch at /usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/Util.pm line 996. Yes, a bug when you use a configuration directive auto_whitelist_db_modules. Either avoid its use, or apply the patch below. Please open a bug report, so that we can properly fold it into the next version. Index: lib/Mail/SpamAssassin/DBBasedAddrList.pm === --- lib/Mail/SpamAssassin/DBBasedAddrList.pm(revision 935407) +++ lib/Mail/SpamAssassin/DBBasedAddrList.pm(working copy) @@ -24,7 +24,7 @@ use Fcntl; use Mail::SpamAssassin::PersistentAddrList; -use Mail::SpamAssassin::Util; +use Mail::SpamAssassin::Util qw(untaint_var); use Mail::SpamAssassin::Logger; our @ISA = qw(Mail::SpamAssassin::PersistentAddrList); @@ -54,6 +54,7 @@ }; my @order = split (' ', $main-{conf}-{auto_whitelist_db_modules}); + untaint_var(\...@order); my $dbm_module = Mail::SpamAssassin::Util::first_available_module (@order); if (!$dbm_module) { die auto-whitelist: cannot find a usable DB package from auto_whitelist_db_modules: . Mark
auto-whitelist and user_prefs
I installed postfix-2.6.5 amavis-new-2.6.4 spamassassin-3.3.0 amavis home is /var/spool/amavisd I create /var/spool/amavisd/.spamassassin (drwx--) Now I want create in this directory auto-whitelist and user_prefs files. How can I do? Thanks Andrea
Re: 83MB auto-whitelist?
Karsten Bräckelmann wrote: I use Kris Deugau's trim_whitelist -- though very infrequently, just when I spot the DB gets out of hand. That hack seems to works perfectly for me. For more info and the script's link see http://markmail.org/message/qqsm35q5bqpbb3in (For the lazy, the original hack is at http://www.deepnet.cx/~kdeugau/spamtools/trim_whitelist.) Nice to hear it's still working for the purpose it was written for. I still have it in crontab entries on two production systems with global AWL files myself. That way I don't have to have a mild panic attack when the mail system becomes mysteriously slow. g I usually do Bayes maintenance in the same cron job. Also see the first link to a list archive in that file. Er, wha? I checked and I didn't include a link to anything in the script... -kgd
Re: 83MB auto-whitelist?
On Thu, 2009-05-28 at 10:50 -0400, Kris Deugau wrote: Karsten Bräckelmann wrote: I use Kris Deugau's trim_whitelist -- though very infrequently, just when I spot the DB gets out of hand. That hack seems to works perfectly for me. For more info and the script's link see http://markmail.org/message/qqsm35q5bqpbb3in (For the lazy, the original hack is at http://www.deepnet.cx/~kdeugau/spamtools/trim_whitelist .) For the even lazier, injected a space to protect the links integrity. ;) Nice to hear it's still working for the purpose it was written for. I still have it in crontab entries on two production systems with global AWL files myself. That way I don't have to have a mild panic attack when the mail system becomes mysteriously slow. g I usually do Bayes maintenance in the same cron job. Also see the first link to a list archive in that file. Er, wha? I checked and I didn't include a link to anything in the script... Oops, did I add those myself? :) Perfectly possible I did, to have some references in context. $ head .spamassassin/trim_whitelist | grep http # http://www.nabble.com/AWL-Database-Cleanup-td16907407.html#a16946805 # http://www.deepnet.cx/~kdeugau/spamtools/trim_whitelist Anyway, I was referring to the above, for the need some disk space and no in-place shrinking notes. BTW, thanks for that hack, Kris. :) guenther -- char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: 83MB auto-whitelist?
Karsten Bräckelmann guenther at rudersport.de writes: On Thu, 2009-05-28 at 10:50 -0400, Kris Deugau wrote: For more info and the script's link see http://markmail.org/message/qqsm35q5bqpbb3in (For the lazy, the original hack is at http://www.deepnet.cx/~kdeugau/spamtools/trim_whitelist .) For the even lazier, injected a space to protect the links integrity. ;) Hi, Thanks to all for the links to the utility script. I'll give it a shot later tonight when the mail server is calmer.
83MB auto-whitelist?
Just noticed that my AWL is up to 83MB. Not sure if it should be that large so I ran check_whitelist and it removed the single entries but did not compact the file. I then checked the SA site and it said to use sa-awlUtil but I can't find this utility on my system. Was it included in the standard 3.25 tarball? Thanks.
Re: 83MB auto-whitelist?
On 27-May-2009, at 13:49, Henry Kwan wrote: Just noticed that my AWL is up to 83MB. Not sure if it should be that large so I ran check_whitelist and it removed the single entries but did not compact the file. I then checked the SA site and it said to use sa-awlUtil but I can't find this utility on my system. Was it included in the standard 3.25 tarball? Doesn't appear to be. It's not part of my 3.2.5 install (in fact, doesn't appear anywehre on my server). It also does not appear in the ports tree as a separate program. Where do you get it? Got me, I searched several ways on google and only found references to other people asking where it was. the page in question does list, under ToDo, upload sw-alwUtil -- ...I started playing Myst at 4:30 in the afternoon and looked up suddenly and realized it was February.
Re: 83MB auto-whitelist?
On Wed, 2009-05-27 at 19:49 +, Henry Kwan wrote: Just noticed that my AWL is up to 83MB. Not sure if it should be that large so Well, it keeps track of all sender addresses it sees, including the forged ones which usually hit your site once only... I ran check_whitelist and it removed the single entries but did not compact the file. I then checked the SA site and it said to use sa-awlUtil but I can't find this utility on my system. Was it included in the standard 3.25 tarball? I use Kris Deugau's trim_whitelist -- though very infrequently, just when I spot the DB gets out of hand. That hack seems to works perfectly for me. For more info and the script's link see http://markmail.org/message/qqsm35q5bqpbb3in Also see the first link to a list archive in that file. -- char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
spamassassin: auto-whitelist : display/modify ?
Is there a utility to display auto-whitelist ? Modify entries? remove entries?
Re: spamassassin: auto-whitelist : display/modify ?
Dennis German wrote: Is there a utility to display auto-whitelist ? There's the check_whitelist script in the tarball which will dump a AWL database, assuming it's in db_file format not SQL Modify entries? No, but you can fake a +100 or -100 point email into the score average using spamassassin --add-addr-to-blacklist and --add-addr-to-whitelist. Despite the names of those options, they're really AWL tweaks, they do not create regular white/blacklist entries. remove entries? spamassassin --remove-addr-from-whitelist
open of auto-whitelist failed: Out of memory
Hello. I use FreeBSD 7.0 and p5-Mail-SpamAssassin-3.2.5. In my logs, sometimes, I see this message: Jan 31 22:36:09 * spamd[17781]: auto-whitelist: open of auto-whitelist file failed: Out of memory during ridiculously large request at /usr/local/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/DBBasedAddrList.pm line 169. Jan 31 22:36:09 ** spamd[17781]: spamd: identified spam (26.8/6.0) for spamd:58 in 2.6 seconds, 3377 bytes. Jan 31 22:36:09 ** spamd[17781]: spamd: result: Y 26 - BAYES_99,DCC_CHECK,DIGEST_MULTIPLE,HTML_IMAGE_ONLY_32,HTML_MESSAGE,MIME_HTML_ONLY,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_PBL,RDNS_NONE,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_RHS_DOB scantime=2.6,size=3377,user=spamd,uid=58,required_score=6.0,rhost=localhost,raddr=127.0.0.1,rport=53197,mid=20090131213558.40c4a3227...@trinite.amoks-hebergement.com,bayes=1.00,autolearn=spam Why have I this message? What it signify? Is it dangerous to have it? Thanks for all your advices. Regards, -- -Nicolas.
Re: open of auto-whitelist failed: Out of memory
Nicolas Letellier a écrit : Hello. I use FreeBSD 7.0 and p5-Mail-SpamAssassin-3.2.5. In my logs, sometimes, I see this message: Jan 31 22:36:09 * spamd[17781]: auto-whitelist: open of auto-whitelist file failed: Out of memory during ridiculously large request at /usr/local/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/DBBasedAddrList.pm line 169. Jan 31 22:36:09 ** spamd[17781]: spamd: identified spam (26.8/6.0) for spamd:58 in 2.6 seconds, 3377 bytes. Jan 31 22:36:09 ** spamd[17781]: spamd: result: Y 26 - BAYES_99,DCC_CHECK,DIGEST_MULTIPLE,HTML_IMAGE_ONLY_32,HTML_MESSAGE,MIME_HTML_ONLY,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_PBL,RDNS_NONE,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_RHS_DOB scantime=2.6,size=3377,user=spamd,uid=58,required_score=6.0,rhost=localhost,raddr=127.0.0.1,rport=53197,mid=20090131213558.40c4a3227...@trinite.amoks-hebergement.com,bayes=1.00,autolearn=spam Why have I this message? What it signify? Is it dangerous to have it? probably that the AWL db is too large. Thanks for all your advices. consider using sql instead of a file db.
Re: open of auto-whitelist failed: Out of memory
On Sun, 01 Feb 2009 12:20:06 +0100 mouss mo...@ml.netoyen.net wrote: Nicolas Letellier a écrit : Hello. I use FreeBSD 7.0 and p5-Mail-SpamAssassin-3.2.5. In my logs, sometimes, I see this message: Jan 31 22:36:09 * spamd[17781]: auto-whitelist: open of auto-whitelist file failed: Out of memory during ridiculously large request at /usr/local/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/DBBasedAddrList.pm line 169. Jan 31 22:36:09 ** spamd[17781]: spamd: identified spam (26.8/6.0) for spamd:58 in 2.6 seconds, 3377 bytes. Jan 31 22:36:09 ** spamd[17781]: spamd: result: Y 26 - BAYES_99,DCC_CHECK,DIGEST_MULTIPLE,HTML_IMAGE_ONLY_32,HTML_MESSAGE,MIME_HTML_ONLY,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E4_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_PBL,RDNS_NONE,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_RHS_DOB scantime=2.6,size=3377,user=spamd,uid=58,required_score=6.0,rhost=localhost,raddr=127.0.0.1,rport=53197,mid=20090131213558.40c4a3227...@trinite.amoks-hebergement.com,bayes=1.00,autolearn=spam Why have I this message? What it signify? Is it dangerous to have it? probably that the AWL db is too large. Thanks for all your advices. consider using sql instead of a file db. The sizes: 8256 -rw--- 1 spamd spamd 10485760 1 fév 15:57 auto-whitelist 2 -rw--- 1 spamd spamd 6 1 fév 15:57 auto-whitelist.mutex 2 -rw--- 1 spamd spamd 1260 1 fév 15:57 bayes.mutex 56 -rw--- 1 spamd wheel 56496 1 fév 15:57 bayes_journal 8208 -rw--- 1 spamd spamd 10371072 1 fév 15:57 bayes_seen 4128 -rw--- 1 spamd wheel 5488640 1 fév 15:57 bayes_toks 2 -rw-r--r-- 1 spamd spamd 1487 10 mar 2008 user_prefs is it too big? If it's the case, why have I this message 'sometimes'? Regards, -- -Nicolas.
RE: Auto-whitelist not closing file
On Mon, Dec 01, 2008 at 03:42:05PM -0500, Dan Barker wrote: This issue, apparently, has been a problem for me for several Spamassassin releases, but I just now figured out what may be happening. I've been closing spamd once per hour, just to make it read new local.cf, notice sa-update changes, etc., but occasionally my system can't start new tasks (usually error 0xC142, very occasionally 0xC005 - This is under Windoze, W2K Server/SP4). Closing/Opening spamd also forces closed all the file handles spamd appears to be abandoning un-closed. I'm currently running SpamAssassin 3.2.5 under Activestate perl 5.8.8.822. It appears that spamd fails to close the file handle to bayes_seen or auto-whitelist when it's done with it. spamd -x -D, filtered on auto-whitelist shows: --- 9 line(2) not displayed --- [1504] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [1504] dbg: auto-whitelist: DB addr list: file locked, breaking lock [1504] dbg: locker: safe_unlock: unlink C:\Documents and Settings\dbarker/.spamassassin/auto-whitelist.lock --- 370 line(2) not displayed --- [1504] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [1504] dbg: auto-whitelist: DB addr list: file locked, breaking lock [1504] dbg: locker: safe_unlock: unlink C:\Documents and Settings\dbarker/.spamassassin/auto-whitelist.lock --- 37 line(2) not displayed --- Process Explorer (from SysInternals-Great tool!) shows the file handle to C:\Documents and Settings\dbarker\.spamassassin\auto-whitelist remains open even after spamd is finished and remains so until spamd is closed. This occurs both for auto-whitelist and bayes_seen files. How do I go about trapping this error in locker? (Specifically, how do I figure out who Called locker, to find the code that's not closing the file it opened?) Has anyone else run into this sort of issue? On Mon, Dec 01, 2008 15:51 -0500 Theo Van Dinter wrote: The last time this sort of issue came up, it was traced back to a bug in DB_File. Specifically, the untie call would actually not let go of the DB. SA doesn't actually open the database files itself, it lets tie/untie (DB_File) deal with it. I've been unsuccessful in figuring out how even to trap this problem. My spamd's run about 200 messages before I cycle them to reclaim the resources. In that time, there are about 40 handles to the file c:\Imail\Visioncomm.net\bayes_seen not closed. There are occasional un-closed handles to auto-whitelist (I can cause this error at will - I can't seem to make bayes_seen remain open in a test setting - hopefully it's the same issue). Does anyone have any ideas about how I might (or even if I should) proceed on getting this bug resolved? Dan Barker
Auto-whitelist not closing file
This issue, apparently, has been a problem for me for several Spamassassin releases, but I just now figured out what may be happening. I've been closing spamd once per hour, just to make it read new local.cf, notice sa-update changes, etc., but occasionally my system can't start new tasks (usually error 0xC142, very occasionally 0xC005 - This is under Windoze, W2K Server/SP4). Closing/Opening spamd also forces closed all the file handles spamd appears to be abandoning un-closed. I'm currently running SpamAssassin 3.2.5 under Activestate perl 5.8.8.822. It appears that spamd fails to close the file handle to bayes_seen or auto-whitelist when it's done with it. spamd -x -D, filtered on auto-whitelist shows: --- 9 line(2) not displayed --- [1504] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [1504] dbg: auto-whitelist: DB addr list: file locked, breaking lock [1504] dbg: locker: safe_unlock: unlink C:\Documents and Settings\dbarker/.spamassassin/auto-whitelist.lock --- 370 line(2) not displayed --- [1504] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [1504] dbg: auto-whitelist: DB addr list: file locked, breaking lock [1504] dbg: locker: safe_unlock: unlink C:\Documents and Settings\dbarker/.spamassassin/auto-whitelist.lock --- 37 line(2) not displayed --- Process Explorer (from SysInternals-Great tool!) shows the file handle to C:\Documents and Settings\dbarker\.spamassassin\auto-whitelist remains open even after spamd is finished and remains so until spamd is closed. This occurs both for auto-whitelist and bayes_seen files. How do I go about trapping this error in locker? (Specifically, how do I figure out who Called locker, to find the code that's not closing the file it opened?) Has anyone else run into this sort of issue? Dan Barker Note: This is a re-post from 28 Nov 2008 10:14:40 -0500. Is there an etiquette for thinking something got overlooked over the holidays, or am I just being pushy?
Re: Auto-whitelist not closing file
On Mon, Dec 01, 2008 at 03:42:05PM -0500, Dan Barker wrote: How do I go about trapping this error in locker? (Specifically, how do I figure out who Called locker, to find the code that's not closing the file it opened?) Has anyone else run into this sort of issue? The last time this sort of issue came up, it was traced back to a bug in DB_File. Specifically, the untie call would actually not let go of the DB. SA doesn't actually open the database files itself, it lets tie/untie (DB_File) deal with it. -- Randomly Selected Tagline: It is our job to protect the magic smoke ... - Prof. Michaelson pgpazod0q97W7.pgp Description: PGP signature
Auto-whitelist not closing file
This issue, apparently, has been a problem for me for several Spamassassin releases, but I just now figured out what may be happening. I've been closing spamd once per hour, just to make it read new local.cf, notice sa-update changes, etc., but occasionally my system can't start new tasks (usually error 0xC142, very occasionally 0xC005 - This is under Windoze, W2K Server/SP4). Closing/Opening spamd also forces closed all the file handles spamd appears to be abandoning un-closed. I'm currently running SpamAssassin 3.2.5 under Activestate perl 5.8.8.822. It appears that spamd fails to close the file handle to bayes_seen or auto-whitelist when it's done with it. spamd -x -D, filtered on auto-whitelist shows: --- 9 line(2) not displayed --- [1504] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [1504] dbg: auto-whitelist: DB addr list: file locked, breaking lock [1504] dbg: locker: safe_unlock: unlink C:\Documents and Settings\dbarker/.spamassassin/auto-whitelist.lock --- 370 line(2) not displayed --- [1504] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [1504] dbg: auto-whitelist: DB addr list: file locked, breaking lock [1504] dbg: locker: safe_unlock: unlink C:\Documents and Settings\dbarker/.spamassassin/auto-whitelist.lock --- 37 line(2) not displayed --- Process Explorer (from SysInternals-Great tool!) shows the file handle to C:\Documents and Settings\dbarker\.spamassassin\auto-whitelist remains open even after spamd is finished and remains so until spamd is closed. This occurs both for auto-whitelist and bayes_seen files. How do I go about trapping this error in locker? (Specifically, how do I figure out who Called locker, to find the code that's not closing the file it opened?) Has anyone else run into this sort of issue? Dan Barker
auto-whitelist woes
Hi I recently installed spamassasin on my freebsd test machine. For the likes of me, I keep getting this message, and I dont know how to fix it. Aug 6 17:06:43 spamassasin spamd[63534]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /nonexistent/.spamassassin/auto-whitelist.lock.spamassasin.eccotours.local.63534 for /nonexistent/.spamassassin/auto-whitelist.lock: No such file or directory If anyone could assist, I would really appreciate it. Kind Regards Brent Clark
Re: auto-whitelist woes
Brent Clark wrote: Hi I recently installed spamassasin on my freebsd test machine. For the likes of me, I keep getting this message, and I dont know how to fix it. Aug 6 17:06:43 spamassasin spamd[63534]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /nonexistent/.spamassassin/auto-whitelist.lock.spamassasin.eccotours.local.63534 for /nonexistent/.spamassassin/auto-whitelist.lock: No such file or directory If anyone could assist, I would really appreciate it. Looks like you're running spamd as root, and spamc is getting called as root. To avoid the risky task of scanning mail while holding root privilges, SA setuid's itself to the nobody user. However, nobody doesn't, and shouldn't, have a writable home directory. If you're doing a per-user config (ie: procmailrc), that's probably fine and you'll only get that for mail delivered to root's mailbox. That shouldn't be a problem unless you alias lots of mail to root, in which case you should consider aliasing it elsewhere. If you're doing a system wide config that always calls spamc as root (ie: some milters, etc), I'd suggest creating a user for spamd to run as and passing that as a -u parameter to either spamc or spamd.
Re: auto-whitelist file location in 3.2.4
On 26.06.08 10:06, Skip Morrow wrote: I see, and got it working. Next question: How would I set it up so that I could have a separate whitelist for each user (I only have four users)? it's the default Again, I call spamassassin from procmail, and each user has its own procmailrc, then they should have separate user_prefs, bayes and AWL database. so I can easily hardcode in the command as an argument to spamassassin. But I haven't seen a way yet to tell spamassassin to look in a particular place for the .cf files for the plugins. On bluehost, somehow spamassassin knows to look in the ~/.spamassassin folder for the *.cf files. Worst case I write a rule to copy the right .cf file into place depending on which procmailrc is executing (and placing in some file locks of course), but I'd hate to kludge that into place. what .cf files? -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I wonder how much deeper the ocean would be without sponges.
Re: auto-whitelist file location in 3.2.4
That option wasn't removed from SA.. it was removed from the main conf docs, as all of the AWL is now a plugin. That option is documented in the docs for the AWL plugin, which is where it really belongs. (if the option isn't valid without the plugin, then it in theory shouldn't be in the main Conf manpage..) See http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Plugin_AWL .html I see, and got it working. Next question: How would I set it up so that I could have a separate whitelist for each user (I only have four users)? Again, I call spamassassin from procmail, and each user has its own procmailrc, so I can easily hardcode in the command as an argument to spamassassin. But I haven't seen a way yet to tell spamassassin to look in a particular place for the .cf files for the plugins. On bluehost, somehow spamassassin knows to look in the ~/.spamassassin folder for the *.cf files. Worst case I write a rule to copy the right .cf file into place depending on which procmailrc is executing (and placing in some file locks of course), but I'd hate to kludge that into place.
auto-whitelist file location in 3.2.4
How does one set the file location for the auto-whitelist file on a 3.2.x system? I am on a shared hosting system, but call spamassassin manually from procmail. Here's the debug output that deals with auto-whitelist: [25947] dbg: locker: safe_lock: created /ramdisk/etc/spamassassin/data/auto-whitelist.lock.box106.bluehost.com.25947 [25947] dbg: locker: safe_lock: trying to get lock on /ramdisk/etc/spamassassin/data/auto-whitelist with 0 retries [25947] dbg: locker: safe_lock: link to /ramdisk/etc/spamassassin/data/auto-whitelist.lock: link ok [25947] dbg: auto-whitelist: tie-ing to DB file of type DB_File R/W in /ramdisk/etc/spamassassin/data/auto-whitelist [25947] dbg: auto-whitelist: db-based [EMAIL PROTECTED]|ip=71.113 scores 31/-157.366 [25947] dbg: auto-whitelist: AWL active, pre-score: -4.423, autolearn score: -4.423, mean: -5.07632258064516, IP: 71.113.166.229 [25947] dbg: auto-whitelist: add_score: new count: 32, new totscore: -161.789 [25947] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [25947] dbg: auto-whitelist: DB addr list: file locked, breaking lock Now, I checked the docs, and apparently the setting for the auto-whitelist location (auto_whitelist_path) was removed in 3.2.x and I cannot for the life of me figure out how to tell my system where I want it to place my awl. I did have a auto-whitelist file in my ~/.spamassassin directory, but I renamed it, and strangely enough, messages are still getting tagged with the -2.8 AWL AWL: From: address is in the auto white-list, so I have no idea how sa knows to look on /ramdisk. I am on a shared hosting system, and I would like to place my own whitelist in my home directory and use it, but I guess I have missed to correct documentation. When I call spamassassin, I pass it the -p option with my own configuration file, and I should be able to pass it the -C or --siteconfigpath options to set admin settings. Any help? Skip -- Get my PGP Public key here: http://pelorus.org/[EMAIL PROTECTED]
Re: auto-whitelist file location in 3.2.4
Skip wrote: How does one set the file location for the auto-whitelist file on a 3.2.x system? I am on a shared hosting system, but call spamassassin manually from procmail. Here's the debug output that deals with auto-whitelist: [25947] dbg: locker: safe_lock: created /ramdisk/etc/spamassassin/data/auto-whitelist.lock.box106.bluehost.com.25947 [25947] dbg: locker: safe_lock: trying to get lock on /ramdisk/etc/spamassassin/data/auto-whitelist with 0 retries [25947] dbg: locker: safe_lock: link to /ramdisk/etc/spamassassin/data/auto-whitelist.lock: link ok [25947] dbg: auto-whitelist: tie-ing to DB file of type DB_File R/W in /ramdisk/etc/spamassassin/data/auto-whitelist [25947] dbg: auto-whitelist: db-based [EMAIL PROTECTED]|ip=71.113 scores 31/-157.366 [25947] dbg: auto-whitelist: AWL active, pre-score: -4.423, autolearn score: -4.423, mean: -5.07632258064516, IP: 71.113.166.229 [25947] dbg: auto-whitelist: add_score: new count: 32, new totscore: -161.789 [25947] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [25947] dbg: auto-whitelist: DB addr list: file locked, breaking lock Now, I checked the docs, and apparently the setting for the auto-whitelist location (auto_whitelist_path) was removed in 3.2.x and I cannot for the life of me figure out how to tell my system where I want it to place my awl. That option wasn't removed from SA.. it was removed from the main conf docs, as all of the AWL is now a plugin. That option is documented in the docs for the AWL plugin, which is where it really belongs. (if the option isn't valid without the plugin, then it in theory shouldn't be in the main Conf manpage..) See http://spamassassin.apache.org/full/3.2.x/doc/Mail_SpamAssassin_Plugin_AWL.html
Re: auto-whitelist file location in 3.2.4
On Thu, June 26, 2008 05:16, Skip wrote: option with my own configuration file, and I should be able to pass it the -C or --siteconfigpath options to set admin settings. Any help? AWL and BAYES will when procmail is in use be in $HOME./spamassassin/ but can be overwrited in user_prefs with path perldoc Mail::SpamAssassin::Plugin::AWL perldoc Mail::SpamAssassin::Plugin::Bayes perldoc Mail::SpamAssassin::Conf for more info on bluehost it may be diff -- Benny Pedersen Need more webspace ? http://www.servage.net/?coupon=cust37098
Re: auto-whitelist file location in 3.2.4
On Thu, June 26, 2008 05:56, Matt Kettler wrote: the docs for the AWL plugin, which is where it really belongs. (if the option isn't valid without the plugin, then it in theory shouldn't be in the main Conf manpage..) there is still docs for bayes in conf, even bayes is a plugin now needs clean up atleast not all using bayes :-) -- Benny Pedersen Need more webspace ? http://www.servage.net/?coupon=cust37098
open of auto-whitelist file failed
Hi SA 3.2.4 on FC3 spamd is started by script and is running as root. maillog shows various users with spamd[5648]: auto-whitelist: open of auto-whitelist file failed: auto-whitelist: cannot open auto_whitelist_path /home/domain/domain71/.spamassassin/auto-whitelist No such file or directory auto-whitelist exists as a flie and is chmod 0600 owned by username.domain71 in this example but all other users are having the same auto-whitelist: open of auto-whitelist file failed other than the above all seems to work well. any ideas? googled out :( Mark
Re: open of auto-whitelist file failed
- Original Message - From: Obantec Support [EMAIL PROTECTED] To: users@spamassassin.apache.org Sent: Thursday, June 19, 2008 8:12 AM Subject: open of auto-whitelist file failed Hi SA 3.2.4 on FC3 spamd is started by script and is running as root. maillog shows various users with spamd[5648]: auto-whitelist: open of auto-whitelist file failed: auto-whitelist: cannot open auto_whitelist_path /home/domain/domain71/.spamassassin/auto-whitelist No such file or directory auto-whitelist exists as a flie and is chmod 0600 owned by username.domain71 in this example but all other users are having the same auto-whitelist: open of auto-whitelist file failed other than the above all seems to work well. any ideas? googled out :( Mark from a posting by Matus Re: points for awl users the url http://wiki.apache.org/spamassassin/AutoWhitelist suggests that my auto-whitelist files are wrong format. Easy solution it to delete them all. But! is this the only way to do this? Mark
Re: auto-whitelist: open of auto-whitelist file failed
On 06.04.2008 03:26 CE(S)T, Matt Kettler wrote: Yves Goergen wrote: Just remember to su to that user when running sa-learn. This is getting a problem now! My spamd user has no access on the mailbox directories from which I am usually learning. What's the proposed solution for that? The new fangled way would be to use spamc for learning instead of sa-learn. If you start spamd with the --allow-tell parameter, you can the use spamc -L ham, spamc -L spam or spamc -L forget on the message, and it will pass it to spamd for learning. Thank you again for that. It works almost perfectly. spamc is supposed to return a value of 5 or 6 when it's done, but it always returns 0 (says my script). But I can also live with the message spamc prints out, reading that it was successful or the message was already known. -- Yves Goergen LonelyPixel [EMAIL PROTECTED] Visit my web laboratory at http://beta.unclassified.de
Re: auto-whitelist: open of auto-whitelist file failed
On 06.04.2008 03:26 CE(S)T, Matt Kettler wrote: The new fangled way would be to use spamc for learning instead of sa-learn. And yes, it's a lot faster I believe. -- Yves Goergen LonelyPixel [EMAIL PROTECTED] Visit my web laboratory at http://beta.unclassified.de
Re: auto-whitelist: open of auto-whitelist file failed
On 05.04.2008 01:18 CE(S)T, Matt Kettler wrote: Spamd will never be able to access anything in /root/. 3.1.8 shouldn't have been able to do so any more than 3.2.4 could, but that might have been a bug.. Must have been a bug, yes. If you're always scanning mail as one user, you can create a non-privileged user account and pass that after the -u parameter to either spamd (ie: in your startup script) or to spamc (ie: in your scan-time calls). Okay, that works. I've created a new user+group with its own home directory, moved the .spamassassin directory from /root into there, chown'ed it and then started spamd again. Just remember to su to that user when running sa-learn. This is getting a problem now! My spamd user has no access on the mailbox directories from which I am usually learning. What's the proposed solution for that? What's the problem? Before the upgrade, I removed all traces from SA on the system (locate rm -rf). That was probably unnecessary.. SA will blow itself away if it's already present when you go to install it. The only time you run into trouble is if you change the PREFIX, and end up with one installed in /usr/ and the other in /usr/local. Switching from CPAN to the tarball, I wasn't sure if this would change. -- Yves Goergen LonelyPixel [EMAIL PROTECTED] Visit my web laboratory at http://beta.unclassified.de
Re: auto-whitelist: open of auto-whitelist file failed
Yves Goergen wrote: Just remember to su to that user when running sa-learn. This is getting a problem now! My spamd user has no access on the mailbox directories from which I am usually learning. What's the proposed solution for that? Well, there's a couple of ways to deal with that.. The new fangled way would be to use spamc for learning instead of sa-learn. If you start spamd with the --allow-tell parameter, you can the use spamc -L ham, spamc -L spam or spamc -L forget on the message, and it will pass it to spamd for learning. This way you guarantee that the learning runs as the same user you scan as. It's also very slightly faster as you don't have to load a perl interpreter instance. Other ways would be: Make use of groups to grant the user spamd runs as rights to the mailboxes. If all the mailboxes have the same group ownership, or you can create a group and set them all to it, then just add that to spamd user as a supplemental group. You could also make use of a root cronjob to copy/chown the files somewhere that your learner can get to them. Both of those last approaches have some limitations and won't work in all situations, hence I'd suggest the spamc -L method.. However, I do caveat that it's a somewhat new feature and I personally have never tested it, but several others do use it.
auto-whitelist: open of auto-whitelist file failed
Hello, I have upgraded SpamAssassin from 3.1.8 to 3.2.4 today. First I got errors about a nonexistent path all the time. Then I added the path to the auto_whitelist directory in local.cf. Now I get this error message every few seconds: Apr 4 20:01:36 mond spamd[14283]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create lockfile /root/.spamassassin/auto-whitelist.mutex: Permission denied This time, I couldn't find a solution on the web. Here's the directory listing: 20:35 [EMAIL PROTECTED] ~/.spamassassin ls -al total 516 drwx-- 2 root root 4096 Apr 4 16:35 ./ drwxr-xr-x 14 root root 4096 Apr 4 19:03 ../ -rw--- 1 root root 12288 Apr 4 16:42 auto-whitelist -rw--- 1 root root 6 Apr 4 19:03 auto-whitelist.mutex -rw--- 1 root root350 Apr 4 17:42 bayes.mutex -rw--- 1 root root 24576 Apr 4 17:42 bayes_seen -rw--- 1 root root 647168 Apr 4 17:42 bayes_toks What's the problem? Before the upgrade, I removed all traces from SA on the system (locate rm -rf). It was previously installed through CPAN. But I don't think that CPAN is that comprehensive at all and decided not to use it again where I can. This SA was installed from the tarball. The /root/.spamassassin directory was created automatically then. So if it doesn't work out of the box, what can I do next? -- Yves Goergen LonelyPixel [EMAIL PROTECTED] Visit my web laboratory at http://beta.unclassified.de
Re: auto-whitelist: open of auto-whitelist file failed
Yves Goergen wrote: Hello, I have upgraded SpamAssassin from 3.1.8 to 3.2.4 today. First I got errors about a nonexistent path all the time. Then I added the path to the auto_whitelist directory in local.cf. Now I get this error message every few seconds: Apr 4 20:01:36 mond spamd[14283]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create lockfile /root/.spamassassin/auto-whitelist.mutex: Permission denied Spamd will never be able to access anything in /root/. 3.1.8 shouldn't have been able to do so any more than 3.2.4 could, but that might have been a bug.. If spamd finds itself running as root when it's time to scan mail, it will setuid itself to nobody for security. If you're always scanning mail as one user, you can create a non-privileged user account and pass that after the -u parameter to either spamd (ie: in your startup script) or to spamc (ie: in your scan-time calls). Just remember to su to that user when running sa-learn. This time, I couldn't find a solution on the web. Here's the directory listing: 20:35 [EMAIL PROTECTED] ~/.spamassassin ls -al total 516 drwx-- 2 root root 4096 Apr 4 16:35 ./ drwxr-xr-x 14 root root 4096 Apr 4 19:03 ../ -rw--- 1 root root 12288 Apr 4 16:42 auto-whitelist -rw--- 1 root root 6 Apr 4 19:03 auto-whitelist.mutex -rw--- 1 root root350 Apr 4 17:42 bayes.mutex -rw--- 1 root root 24576 Apr 4 17:42 bayes_seen -rw--- 1 root root 647168 Apr 4 17:42 bayes_toks What's the problem? Before the upgrade, I removed all traces from SA on the system (locate rm -rf). That was probably unnecessary.. SA will blow itself away if it's already present when you go to install it. The only time you run into trouble is if you change the PREFIX, and end up with one installed in /usr/ and the other in /usr/local. It was previously installed through CPAN. But I don't think that CPAN is that comprehensive at all and decided not to use it again where I can. This SA was installed from the tarball. The /root/.spamassassin directory was created automatically then. So if it doesn't work out of the box, what can I do next? Don't use root with spamd :)
Re: auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile
Noah wrote: Hi there list, I installed the following spamassasin proggies on my FreeBSD machine and receiving an error auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile Any clues what I am doing wrong? # pkg_info | grep Spam p5-Mail-SpamAssassin-3.2.3 A highly efficient mail filter for identifying spam spamass-milter-0.3.1_3 Sendmail Milter (mail filter) plugin for SpamAssassin Jan 7 23:25:42 blah spamd[62451]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /nonexistent/.spamassassin/auto-whitelist.lock.blah.domain.com.62451 for /nonexistent/.spamassassin/auto-whitelist.lock: No such file or directory My guess is you're using spamd, and spamc is being called as root with no -u parameter by spamasss-milter.. This tells spamd to scan mail on behalf of the user root, but for safety, spamd will never do that. So, it setuid's itself to nobody, which probably has a home directory of /nonexistent/. (and the user nobody should not have a writable home directory, so don't try to fix this by giving it one. You'll degrade your system security if you do) Alternatively, you're explicitly specifying a user like nobody which has /nonexistent/ as a home directory. (you can check /etc/passwd to see who has this home directory). To fix it, check your spamass-milter config and pass a user id after -u to spamass-milter that has a real home directory. From what I know of spamass-milter, it should pass this userid on to spamd.
auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile
Hi there list, I installed the following spamassasin proggies on my FreeBSD machine and receiving an error auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile Any clues what I am doing wrong? # pkg_info | grep Spam p5-Mail-SpamAssassin-3.2.3 A highly efficient mail filter for identifying spam spamass-milter-0.3.1_3 Sendmail Milter (mail filter) plugin for SpamAssassin Jan 7 23:25:42 blah spamd[62451]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /nonexistent/.spamassassin/auto-whitelist.lock.blah.domain.com.62451 for /nonexistent/.spamassassin/auto-whitelist.lock: No such file or directory Cheers, Noah
Re: huge auto-whitelist file etc
Thanks for the responses. Few questions - will running 'check_whitelist' affect our server's performance? Do I risk creating other problems if I leave things as they are until our sys admin returns? :) On 7/18/07, Matt Kettler [EMAIL PROTECTED] wrote: Tammy George wrote: Hello. Our Linux server is running SpamAssassin version 3.1.5. Backups started dying with 'inactivity timeout'. Dug around found the following: drwx-- 3 vscan vscan512 Jul 18 16:28 . -rw--- 1 vscan vscan 1099983372288 Jul 18 16:28 auto-whitelist -rw--- 1 vscan vscan 1205862400 Jul 18 16:28 bayes_seen -rw--- 1 vscan vscan 10846208 Jul 18 16:28 bayes_toks -rw--- 1 vscan vscan 18240 Jul 18 16:28 bayes_journal drwxr-x--- 12 vscan vscan 1024 Jul 18 12:12 .. -rw--- 1 vscan vscan2654208 Jan 26 2005 bayes_toks.expire42066 -rw--- 1 vscan vscan 606208 Mar 30 2004 bayes_toks.expire93303 drwxr-xr-x 2 vscan vscan512 Jan 28 2004 old -rw-r--r-- 1 vscan vscan 1165 Jan 27 2004 user_prefs A du -k shows auto-whitelist as being 1747968. Surprisingly, we aren't experiencing any problems other than the backups. Our site handles A LOT of email. After I send this email, I'm going to look into check_whitelist and trim_whitelist (and probably sa-learn re: the bayes files), however, any suggestions would be most appreciated! Our sys admin is on vacation and he's our expert. for the auto-whitelist file you need to run this command: check_whitelist --clean /path/to/auto-whitelist That said, IMHO, the AWL isn't really ready for production use on large systems unless you're going to run it on SQL and use your own scripts to do expiry. The bayes_toks and bayes_journal files auto-expire, so you don't need to do anything to them. The bayes_seen file doesn't have any kind of date information, so it can't auto-expire. However, you can remove the file reasonably safely. This file is just a list of all the files that have already been run through sa-learn. The only drawback to deleting it is that it will allow you to re-train a message that you've already learned. So if you maintain a massive directory of files to be relearned but don't clean it out, you might have a minor amount of over-learning (no big deal). Thanks in advance for any advice.
Re: huge auto-whitelist file etc
Tammy George wrote: Thanks for the responses. Few questions - will running 'check_whitelist' affect our server's performance? It really shouldn't. It's a pretty lightweight tool, and will only remove one off entries by default. If you're concerned, you can also execute it through the nice command, which will lower its priority. Do I risk creating other problems if I leave things as they are until our sys admin returns? :) Not likely. The large AWL file might slow things down a little, but if you're load average isn't really high I wouldn't worry.
huge auto-whitelist file etc
Hello. Our Linux server is running SpamAssassin version 3.1.5. Backups started dying with 'inactivity timeout'. Dug around found the following: drwx-- 3 vscan vscan512 Jul 18 16:28 . -rw--- 1 vscan vscan 1099983372288 Jul 18 16:28 auto-whitelist -rw--- 1 vscan vscan 1205862400 Jul 18 16:28 bayes_seen -rw--- 1 vscan vscan 10846208 Jul 18 16:28 bayes_toks -rw--- 1 vscan vscan 18240 Jul 18 16:28 bayes_journal drwxr-x--- 12 vscan vscan 1024 Jul 18 12:12 .. -rw--- 1 vscan vscan2654208 Jan 26 2005 bayes_toks.expire42066 -rw--- 1 vscan vscan 606208 Mar 30 2004 bayes_toks.expire93303 drwxr-xr-x 2 vscan vscan512 Jan 28 2004 old -rw-r--r-- 1 vscan vscan 1165 Jan 27 2004 user_prefs A du -k shows auto-whitelist as being 1747968. Surprisingly, we aren't experiencing any problems other than the backups. Our site handles A LOT of email. After I send this email, I'm going to look into check_whitelist and trim_whitelist (and probably sa-learn re: the bayes files), however, any suggestions would be most appreciated! Our sys admin is on vacation and he's our expert. Thanks in advance for any advice.
Re: huge auto-whitelist file etc
On Wed, Jul 18, 2007 at 09:30:25PM -0300, Tammy George wrote: -rw--- 1 vscan vscan 1099983372288 Jul 18 16:28 auto-whitelist A du -k shows auto-whitelist as being 1747968. Ah, the magic of sparse files. :) After I send this email, I'm going to look into check_whitelist and trim_whitelist (and probably sa-learn re: the bayes files), however, any suggestions would be most appreciated! Our sys admin is on vacation and he's our expert. Removing entries from the DB will likely not decrease the size of the file, it would likely require a remove entries, db_dump, db_load type thing. -- Randomly Selected Tagline: I'll kick your butt up so high you'll look like a hunchback. - Delores Claiborne pgpp8UlkDDXnx.pgp Description: PGP signature
Re: huge auto-whitelist file etc
Tammy George wrote: Hello. Our Linux server is running SpamAssassin version 3.1.5. Backups started dying with 'inactivity timeout'. Dug around found the following: drwx-- 3 vscan vscan512 Jul 18 16:28 . -rw--- 1 vscan vscan 1099983372288 Jul 18 16:28 auto-whitelist -rw--- 1 vscan vscan 1205862400 Jul 18 16:28 bayes_seen -rw--- 1 vscan vscan 10846208 Jul 18 16:28 bayes_toks -rw--- 1 vscan vscan 18240 Jul 18 16:28 bayes_journal drwxr-x--- 12 vscan vscan 1024 Jul 18 12:12 .. -rw--- 1 vscan vscan2654208 Jan 26 2005 bayes_toks.expire42066 -rw--- 1 vscan vscan 606208 Mar 30 2004 bayes_toks.expire93303 drwxr-xr-x 2 vscan vscan512 Jan 28 2004 old -rw-r--r-- 1 vscan vscan 1165 Jan 27 2004 user_prefs A du -k shows auto-whitelist as being 1747968. Surprisingly, we aren't experiencing any problems other than the backups. Our site handles A LOT of email. After I send this email, I'm going to look into check_whitelist and trim_whitelist (and probably sa-learn re: the bayes files), however, any suggestions would be most appreciated! Our sys admin is on vacation and he's our expert. for the auto-whitelist file you need to run this command: check_whitelist --clean /path/to/auto-whitelist That said, IMHO, the AWL isn't really ready for production use on large systems unless you're going to run it on SQL and use your own scripts to do expiry. The bayes_toks and bayes_journal files auto-expire, so you don't need to do anything to them. The bayes_seen file doesn't have any kind of date information, so it can't auto-expire. However, you can remove the file reasonably safely. This file is just a list of all the files that have already been run through sa-learn. The only drawback to deleting it is that it will allow you to re-train a message that you've already learned. So if you maintain a massive directory of files to be relearned but don't clean it out, you might have a minor amount of over-learning (no big deal). Thanks in advance for any advice.
Auto-whitelist Errors others.
I am having some serious probles with SpamAssassin. For example check out my logs: Mar 8 14:42:32 penguin spamd[15553]: spamd: connection from localhost [127.0.0.1] at port 52601 Mar 8 14:42:32 penguin spamd[15553]: spamd: setuid to root succeeded Mar 8 14:42:32 penguin spamd[15553]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody at /usr/bin/ spamd line 1147, GEN15 line 4. Mar 8 14:42:32 penguin spamd[15553]: spamd: processing message [EMAIL PROTECTED] for root:99 Mar 8 14:42:32 penguin spamd[15553]: locker: safe_lock: cannot create tmp lockfile /var/spool/spamassassin/auto_whitelist.lock.penguin.leapcash.com.15553 for /var/spool/spamassassin/auto_whitelist.lock: Permission denied Mar 8 14:42:32 penguin spamd[15553]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /var/spool/spamassassi n/auto_whitelist.lock.penguin.leapcash.com.15553 for /var/spool/spamassassin/auto_whitelist.lock: Permission denied Mar 8 14:42:32 penguin spamd[15553]: spamd: identified spam (1000.0/5.0) for root:99 in 0.2 seconds, 834 bytes. Mar 8 14:42:32 penguin spamd[15553]: spamd: result: Y 999 - GTUBE,NO_RECEIVED,NO_RELAYS scantime=0.2,size=834,user=root,uid=99,required_score=5.0,rhost=local host,raddr=127.0.0.1,rport=52601,mid=[EMAIL PROTECTED],autolearn=no Mar 8 14:42:32 penguin spamd[15537]: prefork: child states: II Here is the permissions for the folder: drw-rw-rw-2 root nobody 4096 Mar 8 14:35 spamassassin/ And the files: -rw-rw1 root nobody 12288 Mar 30 2006 auto-whitelist -rw-rw1 root nobody 12288 Feb 16 2005 bayes_seen -rw-rw1 root nobody 12288 Feb 16 2005 bayes_toks -rw-r--r--1 root nobody 1218 Feb 16 2005 user_prefs Now if spamassassin folder has group write access for nobody then why wont it write to this folder. Mar 8 14:42:32 penguin spamd[15553]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody at /usr/bin/ That tells me its using the nobody user Mar 8 14:42:32 penguin spamd[15553]: locker: safe_lock: cannot create tmp lockfile /var/spool/spamassassin/auto_whitelist.lock.penguin.leapcash.com.15553 for /var/spool/spamassassin/auto_whitelist.lock: Permission denied So why the error above. Any help GREATLY appreciated =) -- View this message in context: http://www.nabble.com/Auto-whitelist-Errors---others.-tf3371373.html#a9381345 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Auto-whitelist Errors others.
On Thu, Mar 08, 2007 at 11:44:31AM -0800, Andrew Rosolino wrote: Mar 8 14:42:32 penguin spamd[15553]: spamd: setuid to root succeeded Mar 8 14:42:32 penguin spamd[15553]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody at /usr/bin/spamd line 1147, GEN15 line 4. don't call spamd (via spamc) as root. Here is the permissions for the folder: drw-rw-rw-2 root nobody 4096 Mar 8 14:35 spamassassin/ That's definitely not going to work. 0777, not 0666 (directory, not a file). -- Randomly Selected Tagline: You can't build a reputation on what you are going to do. - Henry Ford pgpRhy3roNTZk.pgp Description: PGP signature
Re: [2] Auto-whitelist Errors others.
Why does a directory need execute permissions? Theo Van Dinter-2 wrote: On Thu, Mar 08, 2007 at 11:44:31AM -0800, Andrew Rosolino wrote: Mar 8 14:42:32 penguin spamd[15553]: spamd: setuid to root succeeded Mar 8 14:42:32 penguin spamd[15553]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody at /usr/bin/spamd line 1147, GEN15 line 4. don't call spamd (via spamc) as root. Here is the permissions for the folder: drw-rw-rw-2 root nobody 4096 Mar 8 14:35 spamassassin/ That's definitely not going to work. 0777, not 0666 (directory, not a file). -- Randomly Selected Tagline: You can't build a reputation on what you are going to do. - Henry Ford -- View this message in context: http://www.nabble.com/Auto-whitelist-Errors---others.-tf3371373.html#a9386463 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: [2] Auto-whitelist Errors others.
Thanks guys everything is good now =D! Phil Barnett wrote: On Thursday 08 March 2007 19:46, Andrew Rosolino wrote: Why does a directory need execute permissions? Because you can't use it and you can't move into it unless it does. -- Balmer is basically saying: We know there's a problem but we're not going to tell you what it is because we want to ambush you in the future. -- View this message in context: http://www.nabble.com/Auto-whitelist-Errors---others.-tf3371373.html#a9386624 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: [2] Auto-whitelist Errors others.
On Thu, Mar 08, 2007 at 04:46:30PM -0800, Andrew Rosolino wrote: Why does a directory need execute permissions? For directories, the x bit makes it traversable. That means if /foo/ has permissions drw-rw-rw-, then you can read (and write) the directory but you can't get to any of any of the files in the directory, and you cannot get into /foo/bar/ even if the latter has permissions drwxrwxrwx. Theo Van Dinter-2 wrote: On Thu, Mar 08, 2007 at 11:44:31AM -0800, Andrew Rosolino wrote: Mar 8 14:42:32 penguin spamd[15553]: spamd: setuid to root succeeded Mar 8 14:42:32 penguin spamd[15553]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody at /usr/bin/spamd line 1147, GEN15 line 4. don't call spamd (via spamc) as root. Here is the permissions for the folder: drw-rw-rw-2 root nobody 4096 Mar 8 14:35 spamassassin/ That's definitely not going to work. 0777, not 0666 (directory, not a file). -- Randomly Selected Tagline: You can't build a reputation on what you are going to do. - Henry Ford Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. [EMAIL PROTECTED] http://www.bobcatos.com And without faith it is impossible to please God, because anyone who comes to him must believe that he exists and that he rewards those who earnestly seek him. Hebrews 11:6 (NIV)
Re: Auto-whitelist Errors others.
Andrew Rosolino wrote: Here is the permissions for the folder: drw-rw-rw-2 root nobody 4096 Mar 8 14:35 spamassassin/ Directories should have RWX permessions, not RW. In Directories, X takes on a different meaning, and refers to the ability to list files in the directory.. Without that, apps can only open files they already know the exact name of.
Re: Auto-whitelist Errors others.
On Thu, 8 Mar 2007, Matt Kettler wrote: Directories should have RWX permessions, not RW. In Directories, X takes on a different meaning, and refers to the ability to list files in the directory.. Without that, apps can only open files they already know the exact name of. No the 'r' bit is the ability to list the files, 'x' is the ability to make use of them. Think of a directory like a room that may contain stuff. If the 'r' bit is there the light is on and you can see what is in the room (do a 'ls'). If the 'x' bit is missing it's like the directory has an invisible glass door, you can see in but if you try to walk in to do anything with the contents you smash your nose and don't get there. Directories missing 'x' bits are wonderful prank-ticle joke material. ;) -- Dave Funk University of Iowa dbfunk (at) engineering.uiowa.eduCollege of Engineering 319/335-5751 FAX: 319/384-0549 1256 Seamans Center Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527 #include std_disclaimer.h Better is not better, 'standard' is better. B{
SQL Auto-whitelist woes
Hey guys, Im head butting a wall here trying to get SQL auto-whilist to work. I cant seem to get even the --lint test to recognise sql auto-whilist. The plugin loads, and there are no errors reported during the --lint test. Instructions used from: http://wiki.apache.org/spamassassin/BetterDocumentation/SqlReadmeAwl Install is MailScanner centric. With config outputs of: # cat /etc/spamassassin/* |grep -v ^# Output: http://www.drawkcab.com/dumpyard/saconfigs.txt #spamassassin -p /etc/MailScanner/spam.assassin.prefs -D --lint Output: http://www.drawkcab.com/dumpyard/salint.txt Any ideas ? Regards __ Dean Manners
auto-whitelist
I am testing auto-whitelist (generic auto-whitelist, no per user) and with my check_whitelist I have -2.8(-2.8/1) -- [EMAIL PROTECTED]|ip=none -2.7(-2.7/4) -- [EMAIL PROTECTED]|ip=none -1.7(-1.7/3) -- [EMAIL PROTECTED]|ip=none -2.3(-2.3/3) -- [EMAIL PROTECTED]|ip=none 316.2 (316.2/17) -- [EMAIL PROTECTED]|ip=none I would like to delete the line 316.2 (316.2/17) -- [EMAIL PROTECTED]|ip=none and I do spamassassin [EMAIL PROTECTED] I receive this message: Spamassassin auto-whitelist: removing address: [EMAIL PROTECTED] I list the auto-whitelist again, but the line 316.2 (316.2/17) -- [EMAIL PROTECTED]|ip=none is there again. Where is mistake? Can you help me? Thank Andrea
Re: auto-whitelist and MySQL Problems
On Sat, October 21, 2006 21:18, Magnus Anderson wrote: The Bayes are working, but the AWL are not. is AWL plugin loaded in ? Is there some problem in SA 3.14 for this? not to what i know of -- This message was sent using 100% recycled spam mails.
auto-whitelist and MySQL Problems
I have a problem with auto-whitelisting and MySQL. I've setted up SpamAssassin (v. 3.14) to connect to MySQL and store Bayes and AWL Data. Bayes data are stored as it should for everyone, but the AWL doesn't work properly. When I start up SA I get this in the debug logs, and it looks good. [8494] dbg: plugin: registering glue method for check_from_in_auto_whitelist (Mail::SpamAssassin::Plugin::AWL=HASH(0xa589130)) [8494] dbg: auto-whitelist: sql-based connected to DBI:mysql:spamassassin:localhost [8494] dbg: auto-whitelist: sql-based using username: root [8494] dbg: auto-whitelist: sql-based get_addr_entry: no entry found for [EMAIL PROTECTED]|ip=none [8494] dbg: auto-whitelist: sql-based [EMAIL PROTECTED]|ip=none scores 0/0 [8494] dbg: auto-whitelist: AWL active, pre-score: 2.216, autolearn score: 2.216, mean: undef, IP: undef [8494] dbg: auto-whitelist: sql-based finish: disconnected from DBI:mysql:spamassassin:localhost [8494] dbg: auto-whitelist: post auto-whitelist score: 2.216 This proves it gets to the DB and gets the data, and I can confirm that this is saved and read from the DB. But when someone gets a mail this is what the logs are saying... [8657] dbg: locker: safe_lock: created name.macnt/account.web/.spamassassin/auto-whitelist.lock.8657 [8657] dbg: locker: safe_lock: trying to get lock on name.macnt/account.web/.spamassassin/auto-whitelist with 0 retries [8657] dbg: locker: safe_lock: link to name.macnt/account.web/.spamassassin/auto-whitelist.lock: link ok [8657] dbg: auto-whitelist: tie-ing to DB file of type DB_File R/W in name.macnt/account.web/.spamassassin/auto-whitelist [8657] dbg: auto-whitelist: db-based [EMAIL PROTECTED]|ip=91.103 scores 0/0 [8657] dbg: auto-whitelist: db-based [EMAIL PROTECTED]|ip=none scores 0/0 [8657] dbg: auto-whitelist: AWL active, pre-score: 20.713, autolearn score: 20.713, mean: undef, IP: 91.103.187.48 [8657] dbg: auto-whitelist: add_score: new count: 1, new totscore: 20.713 [8657] dbg: auto-whitelist: DB addr list: untie-ing and unlocking [8657] dbg: auto-whitelist: DB addr list: file locked, breaking lock [8657] dbg: locker: safe_unlock: unlink name.macnt/account.web/.spamassassin/auto-whitelist.lock [8657] dbg: auto-whitelist: post auto-whitelist score: 20.713 This shows that it are actually reading and saving to the Bayes DB File instead of the MySQL DB. It worked in the test run, why not here? Does the user has to have something in their user_prefs file, or could something in them override the system settings? The fact that every user now has their own DB file is what I wanted, not one big for everyone, so it is working kind of. But I want it all stored in the MySQL DB. If someone knows how to solve this problem I would be very happy. -- Magnus
Re: auto-whitelist and MySQL Problems
On Sat, October 21, 2006 11:54, Magnus Anderson wrote: If someone knows how to solve this problem I would be very happy. give the users there own mysql db is one solution another is to define mysql db in site wide config where overwrite username is not used, this should work for unix acoounts where users have user_prefs for virtual users its more tricky since it will depend on how spamc/spamassassin is called -- This message was sent using 100% recycled spam mails.
Re: auto-whitelist and MySQL Problems
Benny Pedersen wrote: On Sat, October 21, 2006 11:54, Magnus Anderson wrote: If someone knows how to solve this problem I would be very happy. give the users there own mysql db is one solution another is to define mysql db in site wide config where overwrite username is not used, this should work for unix acoounts where users have user_prefs for virtual users its more tricky since it will depend on how spamc/spamassassin is called For storing the AWL data in the DB I use this in my local.cf file. auto_whitelist_factory Mail::SpamAssassin::SQLBasedAddrList user_awl_dsnDBI:mysql:spamassassin:localhost user_awl_sql_username spamassassin user_awl_sql_password my-password user_awl_sql_table awl For storing the data in the DB for Bayes I use this in my local.cf file. bayes_store_module Mail::SpamAssassin::BayesStore::MySQL bayes_sql_dsn DBI:mysql:spamassassin:localhost bayes_sql_username spamassassin bayes_sql_password my-password The Bayes are working, but the AWL are not. But as I wrote in my first message, the satrting process of the call to SA are telling me that it is accessing the MySQL DB. I am calling to SA with a script called CGPSA for integrating CommuniGate with SpamAssassin. I can't see why this shouldn't work. Is there some problem in SA 3.14 for this?
moving the bayesian database and auto whitelist to a new cerver?
I am moving my email to a new server. How do I ensure that the procmail bayseian database and auto whitelist for each user is moved too? Should I just copy ~/.spamassassin/* for each user? Here is the contents for my ~/.spamassassin/ [EMAIL PROTECTED] ~/.spamassassin $ ls -l total 37636 -rw--- 1 nick users 5386240 Sep 2 19:16 auto-whitelist -rw--- 2 nick users 7107377 Jan 11 2005 auto-whitelist.dir -rw--- 2 nick users 7107377 Jan 11 2005 auto-whitelist.pag -rw--- 1 nick users 105 Jan 10 2005 bayes.lock.www.rout.co.nz.11956 -rw--- 1 nick users 73344 Sep 2 19:16 bayes_journal -rw--- 1 nick users 5472256 Sep 2 17:49 bayes_seen -rw--- 1 nick users 5410816 Sep 2 17:49 bayes_toks -rw-r--r-- 1 nick users 5206016 Jan 10 2005 old_bayes_seen -rw-r--r-- 1 nick users 5206016 Jan 10 2005 old_bayes_toks -rw-r--r-- 1 nick users 344064 Jan 10 2005 old_bayes_toks.new -rw-r--r-- 1 nick users1165 Feb 9 2004 user_prefs
RE: Very big auto-whitelist file
One more question in the same way : my bayes_seen file is quite huge too (about 160Mb) Googling around about this I saw there was some bugs with versions prior to 3.1 but despite I'm using version 3.1.1 (a bit late on upgrading too, I'm afraid :-\ ) I think there's something wrong here too... Is there a way to fix it or to trim the file ? Stephane -Message d'origine- De : Stéphane LEPREVOST [mailto:[EMAIL PROTECTED] Envoyé : jeudi 31 août 2006 22:39 À : 'users@spamassassin.apache.org' Objet : RE: Very big auto-whitelist file Thanks Kris for this usefull tool, I'll try it tommorow (and thanks to Roger too who noticed the existence of your tool) As you noticed, I get worried very very very late... But in fact I wasn't in charge of spamassassin when we first saw this growth, that's why I'm back on the problem only now... I guess I'll pay more attention to this now ;D Stephane -Message d'origine- De : Kris Deugau [mailto:[EMAIL PROTECTED] Envoyé : jeudi 31 août 2006 21:58 À : users@spamassassin.apache.org Objet : Re: Very big auto-whitelist file Roger Taranto wrote: There's an additional tool to run after you run check_whitelist. It's called trim_whitelist, and it compacts the db file. I can't remember where I found it, but you should be able to google for it. It should reduce the size of your db file quite a bit. That would be the ancient creaky tool I wrote ~2 years ago. g Make sure to read the notes and caveats regarding DB_File/AnyDBM_File. Google seems to have lost, or *very* heavily downrated, the direct link to the space I posted it (and a few other tools) to, so: http://www.deepnet.cx/~kdeugau/spamtools/ And I wrote it because of this exact problem of AWL files growing indefinitely... although I got worried around 5M instead of 1.2G. ;) -kgd
RE: Very big auto-whitelist file
Well, a few more information : Output of sa-learn --dump magic -D : [22420] dbg: bayes: found bayes db version 3 [22420] dbg: bayes: DB journal sync: last sync: 1157102359 [22420] dbg: config: score set 3 chosen. 0.000 0 3 0 non-token data: bayes db version 0.000 01189366 0 non-token data: nspam 0.000 0 197582 0 non-token data: nham 0.000 0 387408 0 non-token data: ntokens 0.000 0 1157049872 0 non-token data: oldest atime 0.000 0 1157102360 0 non-token data: newest atime 0.000 0 1157102359 0 non-token data: last journal sync atime 0.000 0 1157093142 0 non-token data: last expiry atime 0.000 0 43200 0 non-token data: last expire atime delta 0.000 0 295143 0 non-token data: last expire reduction count [22420] dbg: bayes: untie-ing [22420] dbg: bayes: untie-ing db_toks [22420] dbg: bayes: untie-ing db_seen If I read well, there's 387408 tokens in the DB... Despite there's no bayes_expiry_max_db_size specified anywhere and the defalut value is 15 (??) Shall I issue a sa-learn --force-expire command ? Does it supposed to work ? Stephane -Message d'origine- De : Stéphane LEPREVOST [mailto:[EMAIL PROTECTED] Envoyé : vendredi 1 septembre 2006 10:18 À : 'users@spamassassin.apache.org' Objet : RE: Very big auto-whitelist file One more question in the same way : my bayes_seen file is quite huge too (about 160Mb) Googling around about this I saw there was some bugs with versions prior to 3.1 but despite I'm using version 3.1.1 (a bit late on upgrading too, I'm afraid :-\ ) I think there's something wrong here too... Is there a way to fix it or to trim the file ? Stephane -Message d'origine- De : Stéphane LEPREVOST [mailto:[EMAIL PROTECTED] Envoyé : jeudi 31 août 2006 22:39 À : 'users@spamassassin.apache.org' Objet : RE: Very big auto-whitelist file Thanks Kris for this usefull tool, I'll try it tommorow (and thanks to Roger too who noticed the existence of your tool) As you noticed, I get worried very very very late... But in fact I wasn't in charge of spamassassin when we first saw this growth, that's why I'm back on the problem only now... I guess I'll pay more attention to this now ;D Stephane -Message d'origine- De : Kris Deugau [mailto:[EMAIL PROTECTED] Envoyé : jeudi 31 août 2006 21:58 À : users@spamassassin.apache.org Objet : Re: Very big auto-whitelist file Roger Taranto wrote: There's an additional tool to run after you run check_whitelist. It's called trim_whitelist, and it compacts the db file. I can't remember where I found it, but you should be able to google for it. It should reduce the size of your db file quite a bit. That would be the ancient creaky tool I wrote ~2 years ago. g Make sure to read the notes and caveats regarding DB_File/AnyDBM_File. Google seems to have lost, or *very* heavily downrated, the direct link to the space I posted it (and a few other tools) to, so: http://www.deepnet.cx/~kdeugau/spamtools/ And I wrote it because of this exact problem of AWL files growing indefinitely... although I got worried around 5M instead of 1.2G. ;) -kgd
Very big auto-whitelist file
A little question about AWL : I have an auto_whitelist how looks VERY HUGE to me : -rw--- 1 root root 1241124864 Aug 31 17:51 auto-whitelist Do you think a 1.2 Gb AWL file is NORMAL ? I don't think so and plan to use check_whitelist tool to clean it, something like : check_whitelist --clean --min 2 Does it looks right for you ? I'm a bit afraid it might be a very long process because of it's size ... Any advice or information from someone who experienced it is welcome Regards, Stephane
Re: Very big auto-whitelist file
On Thu, 31 Aug 2006, St?phane LEPREVOST wrote: A little question about AWL : I have an auto_whitelist how looks VERY HUGE to me : -rw---1 root root 1241124864 Aug 31 17:51 auto-whitelist Do you think a 1.2 Gb AWL file is NORMAL ? You might try typing du -k auto-whitelist. It could be a sparse file, and the amount of disk it's actually using isn't as large as what you think. It does seem a little large, but it's hard to tell. Mine is this size: -rw--- 1 root root 5234688 2006-08-31 12:04 auto-whitelist but then, I have a fairly low-volume site (less than 1000 messages a day, including spam) with not all that many users. - Logan
Re: Very big auto-whitelist file
On Thu, 2006-08-31 at 09:00, Stéphane LEPREVOST wrote: A little question about AWL : I have an auto_whitelist how looks VERY HUGE to me : -rw---1 root root 1241124864 Aug 31 17:51 auto-whitelist Do you think a 1.2 Gb AWL file is NORMAL ? I don't think so and plan to use check_whitelist tool to clean it, something like : check_whitelist --clean --min 2 Does it looks right for you ? I'm a bit afraid it might be a very long process because of it's size ... Any advice or information from someone who experienced it is welcome There's an additional tool to run after you run check_whitelist. It's called trim_whitelist, and it compacts the db file. I can't remember where I found it, but you should be able to google for it. It should reduce the size of your db file quite a bit. -Roger
Re: Very big auto-whitelist file
Roger Taranto wrote: There's an additional tool to run after you run check_whitelist. It's called trim_whitelist, and it compacts the db file. I can't remember where I found it, but you should be able to google for it. It should reduce the size of your db file quite a bit. That would be the ancient creaky tool I wrote ~2 years ago. g Make sure to read the notes and caveats regarding DB_File/AnyDBM_File. Google seems to have lost, or *very* heavily downrated, the direct link to the space I posted it (and a few other tools) to, so: http://www.deepnet.cx/~kdeugau/spamtools/ And I wrote it because of this exact problem of AWL files growing indefinitely... although I got worried around 5M instead of 1.2G. ;) -kgd
RE: Very big auto-whitelist file
Thanks Logan, it was a good idea to check the du -k : 696046 auto-whitelist Looks like the file is half used in fact... Regarding the volume, I have about 4 messages by day including spam, and if I remember well, I thing this file has never been cleared... Stephane -Message d'origine- De : Logan Shaw [mailto:[EMAIL PROTECTED] Envoyé : jeudi 31 août 2006 19:09 À : users@spamassassin.apache.org Objet : Re: Very big auto-whitelist file On Thu, 31 Aug 2006, Stéphane LEPREVOST wrote: A little question about AWL : I have an auto_whitelist how looks VERY HUGE to me : -rw---1 root root 1241124864 Aug 31 17:51 auto-whitelist Do you think a 1.2 Gb AWL file is NORMAL ? You might try typing du -k auto-whitelist. It could be a sparse file, and the amount of disk it's actually using isn't as large as what you think. It does seem a little large, but it's hard to tell. Mine is this size: -rw--- 1 root root 5234688 2006-08-31 12:04 auto-whitelist but then, I have a fairly low-volume site (less than 1000 messages a day, including spam) with not all that many users. - Logan
RE: Very big auto-whitelist file
Thanks Kris for this usefull tool, I'll try it tommorow (and thanks to Roger too who noticed the existence of your tool) As you noticed, I get worried very very very late... But in fact I wasn't in charge of spamassassin when we first saw this growth, that's why I'm back on the problem only now... I guess I'll pay more attention to this now ;D Stephane -Message d'origine- De : Kris Deugau [mailto:[EMAIL PROTECTED] Envoyé : jeudi 31 août 2006 21:58 À : users@spamassassin.apache.org Objet : Re: Very big auto-whitelist file Roger Taranto wrote: There's an additional tool to run after you run check_whitelist. It's called trim_whitelist, and it compacts the db file. I can't remember where I found it, but you should be able to google for it. It should reduce the size of your db file quite a bit. That would be the ancient creaky tool I wrote ~2 years ago. g Make sure to read the notes and caveats regarding DB_File/AnyDBM_File. Google seems to have lost, or *very* heavily downrated, the direct link to the space I posted it (and a few other tools) to, so: http://www.deepnet.cx/~kdeugau/spamtools/ And I wrote it because of this exact problem of AWL files growing indefinitely... although I got worried around 5M instead of 1.2G. ;) -kgd
Re: Very big auto-whitelist file
Stéphane LEPREVOST wrote: As you noticed, I get worried very very very late... But in fact I wasn't in charge of spamassassin when we first saw this growth, that's why I'm back on the problem only now... I guess I'll pay more attention to this now ;D g It became a problem for me with a 10G hard drive in the server supporting ~250-300 accounts with 20M not-the-INBOX quotas. My *personal* server, where I've long had much more disk, far fewer accounts, and no quotas, has been less of a concern - but even there the AWL file has sort of levelled off at ~10M (still on SA2.64). -kgd
Re: SA 3.1.3: auto-whitelist cannot create files (tmp lock) in /root/.spamassassin
Thomas Schlosser wrote on Sat, 10 Jun 2006 20:08:42 +0200: Jun 10 20:00:02 homesrv spamd[7041]: mkdir /root/.spamassassin: My spamd was started with /usr/bin/spamd --daemonize --username spamfilt This user isn't allowed to write to /root, but you got a mail for root ... At least that's what I think is happening, I abandoned spamd long ago. Create the file by running spamassassin --lint under root, might then be readible from spamd. Or go to the wiki and search for site-wide Bayes. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
Virtual user config and auto-whitelist (again)
A while ago, I asked about updating the AWL when using spamd --virtual-config-dir. The discussion got sidetracked onto the topic of the obsolete -a option and the AWL plugin, and consequently my original question never got a satisfactory answer. Here it is again: On 4/26/06, Bart Schaefer [EMAIL PROTECTED] wrote: I've recently switched from running spamd on our mail server machine, where all users have direct access to their SA config in their home directory, to running spamd on a second machine and using --virtual-config-dir for user configuration. (SA 3.1.1) The only problem this has posed is that there's no convenient way for users to modify entries in the auto-whitelist file. Some spam (mostly mortgage offers with obfuscated text) that came in before bayes was retrained got scored low, and consequently the AWL scores are pulling the total score for new spam from the same source back down below the 5.0 threshold in spite of it hitting BAYES_90 and above. I've resorted to deleting the auto-whitelist files from the virtual config dir when someone notices this effect, but that's hardly a scalable solution. Is there another approach I don't know about?
RE: Virtual user config and auto-whitelist
From: Bart Schaefer [mailto:[EMAIL PROTECTED] ... (Someone remind me why the spamd option to disable the auto-whitelist was dropped? I could instead chmod 0 the auto-whitelist file, I suppose, but then the maillog is cluttered with extra warning output, and it's still not scalable.) It hasn't been dropped; they just moved the documentation into Plugin/AWL.pm.
Re: Virtual user config and auto-whitelist
On 4/26/06, Rosenbaum, Larry M. [EMAIL PROTECTED] wrote: From: Bart Schaefer [mailto:[EMAIL PROTECTED] ... (Someone remind me why the spamd option to disable the auto-whitelist was dropped?) It hasn't been dropped; they just moved the documentation into Plugin/AWL.pm. Ah, right, duh. So the answer to my question is that the -a option was dropped because it doesn't make sense to have an option to en/disable a plugin.
spamd using a bayes and auto-whitelist commun to anybody
It's better with a subject :( I want to use SA for a lot of users which don't have home directory. There mails are in /var/mail. The spammed mails are send to the recipient in his file /var/mail/user with the addition of SA. The bayes and auto-whitelist database will be commun to anybody. I use spamassassin 3.0.3 under freebsd 4.8 I use postfix and SA through procmail. postfix main.cf: mailbox_command = /usr/local/bin/procmail -t I 've got the config file for procmail in /usr/local/etc/procmailrc PATH=$HOME/bin:/usr/bin:/usr/ucb:/bin:/usr/local/bin:. LOGFILE=/var/log/procmail.log :0fw: $LOGNAME.lock * 256000 | /usr/local/bin/spamc I launch spamd in this way: /usr/local/bin/spamd -d -m10 and when I send a mail I 've got this log: Apr 13 19:39:37 host spamd[48968]: spamd: setuid to root succeeded Apr 13 19:39:37 host spamd[48968]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody at /usr/local/bin/spamd line 1152, GEN5 line 4. Apr 13 19:39:37 host spamd[48968]: spamd: processing message [EMAIL PROTECTED] for root:65534 Apr 13 19:39:37 host spamd[48968]: locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/auto-whitelist.lock.example.com. 48968 for /root/.spamassassin/auto-whitelist.lock: Permission denied Apr 13 19:39:37 host spamd[48968]: auto-whitelist: open of auto- whitelist file failed: locker: safe_lock: cannot create tmp lockfile / root/.spamassassin/auto-whitelist.lock.example.com.48968 for / root/.spamassassin/auto-whitelist.lock: Permission denied Apr 13 19:39:37 host spamd[48968]: bayes: locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/bayes.lock.example.com.48968 for /root/.spamassassin/bayes.lock: Permission denied Apr 13 19:39:37 host spamd[48968]: spamd: clean message (-1.4/5.0) for root:65534 in 0.3 seconds, 744 bytes. Apr 13 19:39:37 host spamd[48968]: spamd: result: . -1 - ALL_TRUSTED scantime=0.3,size=744,user=root,uid=65534,required_score=5.0,rhost=local host.example.com,raddr=127.0.0.1,rport=1645,mid=3822750E-3444-4F34-938F [EMAIL PROTECTED],autolearn=failed The mail was in the mailbox but the bayes was not used. So I restart the spamd daemon whith this options /usr/local/bin/spamd -d -m10 -u spamassassin ( spamassassin in an user with its directory /home/spamassassin/.spamassassin ) He try to use the .spamassassin directory who belong to root (/ root/.spamssassin/ ) Apr 13 19:50:53 host spamd[49552]: spamd: connection from localhost.example.com [127.0.0.1] at port 1982 Apr 13 19:50:53 host spamd[49552]: spamd: processing message [EMAIL PROTECTED] for root:3005 Apr 13 19:50:53 host spamd[49552]: locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/auto-whitelist.lock.example.com. 49552 for /root/.spamassassin/auto-whitelist.lock: Permission denied Apr 13 19:50:53 host spamd[49552]: auto-whitelist: open of auto- whitelist file failed: locker: safe_lock: cannot create tmp lockfile / root/.spamassassin/auto-whitelist.lock.example.com.49552 for / root/.spamassassin/auto-whitelist.lock: Permission denied Apr 13 19:50:53 host spamd[49552]: bayes: locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/bayes.lock.example.com.49552 for /root/.spamassassin/bayes.lock: Permission denied Apr 13 19:50:53 host spamd[49552]: spamd: clean message (-1.4/5.0) for root:3005 in 0.1 seconds, 736 bytes. Apr 13 19:50:53 host spamd[49552]: spamd: result: . -1 - ALL_TRUSTED scantime=0.1,size=736,user=root,uid=3005,required_score=5.0,rhost=localh ost.example.com,raddr=127.0.0.1,rport=1982,mid=C779CA6F-5CC6-4FD5-8547- [EMAIL PROTECTED],autolearn=failed how can I configure spamd to use another directory for using bayes and auto-whitelist database ( in /home/spamassassin/.spamassassin ). It works if I change the permissions of /root/.spamassassin but it's not optimal. Thanks for your help.
Auto-whitelist format
I tried to do a makedb -u on the .spamassassin/auto-whitelist file, but it failed with: makedb: cannot open database file `/root/.spamassassin/auto-whitelist': Invalid argument Is there a handy way to manipulate this db manually (no pun intended)? Thanks, -Philip
auto-whitelist
Is it possible to manage auto-withelist? I am testing auto-whitelist and with my check_whitelist I have -2.8(-2.8/1) -- [EMAIL PROTECTED]|ip=none -2.7(-2.7/4) -- [EMAIL PROTECTED]|ip=none -1.7(-1.7/3) -- [EMAIL PROTECTED]|ip=none -2.3(-2.3/3) -- [EMAIL PROTECTED]|ip=none 316.2 (316.2/17) -- [EMAIL PROTECTED]|ip=none I would like to delete the line 316.2 (316.2/17) -- [EMAIL PROTECTED]|ip=none How can I do? An other thing, in all line I have ip=none I would like to have an ip realy, for example -2.7(-2.7/4) -- [EMAIL PROTECTED]|ip=201.1.3.4 How can I do? Thank Andrea
strange auto-whitelist behavior
Hi, today I've upgraded from 3.0.4 to 3.1.0 (on debian). Spam detection works fine, but from time to time I have these errors in my mail.log: Dec 22 23:44:23 walter spamd[8985]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /var/spool/uucp/.spamassassin/auto-whitelist.lock.walter.domain.de.8985 for /var/spool/uucp/.spamassassin/auto-whitelist.lock: No such file or directory Dec 22 23:54:27 walter spamd[8985]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /var/www/user01/.spamassassin/auto-whitelist.lock.walter.domain.de.8985 for /var/www/user01/.spamassassin/auto-whitelist.lock: No such file or directory spamd is running as root and forking its children as user spamd. The autowhitelisting should by system wide, not by user. Spamd should try to finde the awl file in /var/spool/spamd/.spamassassin. Spamd is started as daemon with these options: OPTIONS=--username=spamd --max-children 10 --helper-home-dir=/var/spool/spamd local.cf is Debian's standard local.cf Any ideas what is going wrong here? Thanks, Marcus
Re: strange auto-whitelist behavior
Am Freitag, den 23.12.2005, 01:02 +0100 schrieb Marcus Sobchak: today I've upgraded from 3.0.4 to 3.1.0 (on debian). Spam detection works fine, but from time to time I have these errors in my mail.log: Dec 22 23:44:23 walter spamd[8985]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /var/spool/uucp/.spamassassin/auto-whitelist.lock.walter.domain.de.8985 for /var/spool/uucp/.spamassassin/auto-whitelist.lock: No such file or directory Dec 22 23:54:27 walter spamd[8985]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /var/www/user01/.spamassassin/auto-whitelist.lock.walter.domain.de.8985 for /var/www/user01/.spamassassin/auto-whitelist.lock: No such file or directory spamd is running as root and forking its children as user spamd. The autowhitelisting should by system wide, not by user. Spamd should try to finde the awl file in /var/spool/spamd/.spamassassin. Spamd is started as daemon with these options: OPTIONS=--username=spamd --max-children 10 --helper-home-dir=/var/spool/spamd local.cf is Debian's standard local.cf Just read about the --nouser-config option, but not sure, if it has something to do with my problem. Cheers, Marcus
Removing entries from the auto-whitelist?
I have some entries in the auto-whitelist that are bogus and give strong negative scores. How would one remove them w/out doing a clean or re-creating the auto-whitelist from scratch?
Re: Removing entries from the auto-whitelist?
On Mon, 18 Jul 2005, Dr Robert Young wrote: I have some entries in the auto-whitelist that are bogus and give strong negative scores. How would one remove them w/out doing a clean or re-creating the auto-whitelist from scratch? man spamassassin --remove-addr-from-whitelist=addr Remove addr from whitelist (AWL) . . . . . . . . . . . . . . . Randomly generated quote: On the other hand, you have different fingers.
Re: Removing entries from the auto-whitelist?
On Jul 18, 2005, at 9:08 AM, Dr Robert Young wrote: I have some entries in the auto-whitelist that are bogus and give strong negative scores. How would one remove them w/out doing a clean or re-creating the auto-whitelist from scratch? You've already asked this question and we've already answered it. Pay attention next time. man spamassassin Steven --- Steven Dickenson [EMAIL PROTECTED] http://www.mrchuckles.net
auto-whitelist is making spams sneak through
I'm getting more and more spams sneaking through lately. I'm running SA 3.0.4 on Fedora Core 3. In analyzing the ones that make it through, I see that other users in my domain are CC, which causes the auto-whitelist to score the spam lower than if I run it through manually without that test. I've just set auto-whitelist to 0 in my .spamassassin/user_prefs.cf which I hope will stop that from happening, but in the meantime is there some way to manipulate or even reset my whitelist database? thanks -Mike
Re: auto-whitelist is making spams sneak through
On Jun 22, 2005, at 9:36 PM, Mike Pepe wrote: In analyzing the ones that make it through, I see that other users in my domain are CC, which causes the auto-whitelist to score the spam lower than if I run it through manually without that test. I'm sure others may chime in to say that auto-whitelist is just doing it's job. However, it's for reasons such as this that I always disable auto-whitelist. It usually proves to be a source of much confusion and FP/FN mail for me. YMMV. I've just set auto-whitelist to 0 in my .spamassassin/user_prefs.cf which I hope will stop that from happening, but in the meantime is there some way to manipulate or even reset my whitelist database? You can reset the auto-whitelist by deleting it. rm ~/.spamassassin/auto-whitelist* - S --- Steven Dickenson [EMAIL PROTECTED] http://www.mrchuckles.net
Re: auto-whitelist is making spams sneak through
Mike Pepe wrote: I'm getting more and more spams sneaking through lately. I'm running SA 3.0.4 on Fedora Core 3. In analyzing the ones that make it through, I see that other users in my domain are CC, which causes the auto-whitelist to score the spam lower than if I run it through manually without that test. Really, that shouldn't matter. the AWL doesn't care about recipients. It cares about the sender and the originating IP (which is really the first untrusted IP, since all the ones before it could be forged). Are you sure it's the auto-whitelist (AWL)? Only whitelist_to, more_spam_to, or all_spam_to should be affected by the Cc list. I've just set auto-whitelist to 0 in my .spamassassin/user_prefs.cf which I hope will stop that from happening, but in the meantime is there some way to manipulate or even reset my whitelist database? read man spamassassin, and look at these options: --remove-addr-from-whitelist --add-addr-to-whitelist --add-addr-to-blacklist Despite what many might think, these commands are pretty much only useful in making fixes to a misguided AWL. They aren't really very useful for black/whitelisting senders in the general sense.
auto-whitelist database
Hi, I would like to get rid of all the entries in the auto-whitelist.db, because it is allowing unwanted spam through, and it contains low values due to razor not properly installed. Can I stop amavis, delete the file and startup amavis again? Regards, Nicki de Wet Application Integration Solutions GijimaAst Tel: +27 (0)21 680 3300
Reading auto-whitelist files (a soloution)
Hi! I have seen a couple of requests for reading the auto-whitelist file in plain text. You can use at least two database formats, but this command worked for me: dbmmanage auto-whitelist view See man dbmmanage for more info (available in most Linux distributions). It is written to Create and update user authentication files in DBM format. Example of output: [EMAIL PROTECTED]|ip=152.52|totscore:16.034 [EMAIL PROTECTED]|ip=219.133|totscore:7.476 [EMAIL PROTECTED]|ip=212.199:1 [EMAIL PROTECTED]|ip=203.200|totscore:22.434 [EMAIL PROTECTED]|ip=219.81|totscore:14.895 ip=219.81 means that the IP address begins with 219.81. Surely there is a better way, but nobody seems to be willing to post it... /Fredrik
Re: Reading auto-whitelist files (a soloution)
Fredrik Bjork wrote: Hi! I have seen a couple of requests for reading the auto-whitelist file in plain text. You can use at least two database formats, but this command worked for me: dbmmanage auto-whitelist view snip Surely there is a better way, but nobody seems to be willing to post it... The proper tool to use is in the SA tarball, in the tools subdirectory: check-whitelist
Re: Reading auto-whitelist files (a soloution)
On Tue, May 17, 2005 at 09:09:39AM +, Fredrik Bjork wrote: Surely there is a better way, but nobody seems to be willing to post it... tools/check_whitelist? Been part of the standard distro for ages. Output is: 0.0 (0.0/2) -- [EMAIL PROTECTED]|ip=66.92 Average Score (total score / # of messages) from_addr|ip=class_b_rcvd_by -- Randomly Generated Tagline: [Rob] Reiner agrees. If it was made clear to people that we could win the war on terrorism by driving a hybrid car, that we could stop global warming by driving a hybrid, I think people would do it, he says. But people haven't made those kind of connections. - http://www.washingtonpost.com/wp-dyn/articles/A2587-2002Jun5.html pgpLZr9jqyyOp.pgp Description: PGP signature
Auto Whitelist score generation
-- William R. Thomas Corvar [EMAIL PROTECTED] Co-Webmaster http://www.theonering.net/ *#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#* If you want to see useful Perl examples, we can certainly arrange to have comp.lang.misc flooded with them, but I don't think that would help the advance of civilization. :-) -- Larry Wall Perilous to all of us are the devices of an art deeper than we ourselves possess. -- Gandalf the Grey [J.R.R. Tolkien, Lord of the Rings] X-Stamper-To: [EMAIL PROTECTED]
Re: Auto Whitelist score generation
Your message seems to be missing it's body, but I'm assuming you're confused by how the scores for the AWL work. I'd suggest a read of the wiki: http://wiki.apache.org/spamassassin/AutoWhitelist and http://wiki.apache.org/spamassassin/AwlWrongWay
Auto Whitelist score generation
I had some questions about how the auto whitelist score was generated. Specifically, it seems like it is working opposite to the way it should be in some cases. The equation for the AWL score is: ( meanscore - currentscore) * factor generated from historic messages the score before AWL ^^ Weighting factor default 0.5 I am seeing a decent number of messages where the AWL causes spamassassin to become more neutral. For example: Spammy message (Score 14) from a historically spammy sender (Mean 10). This would get a AWL of -2.0. So it is essentially rewarding spammers for sending a message that is more spammy than they have been sending. We can also look at a good message (Score -5) from a historically good sender (Mean -2.5). This would get an AWL of 1.25. I have never seen terribly high values assigned for AWL in the incorrect direction, but this does seem backwards and has affected some of my spam filtering. -- William R. Thomas Corvar [EMAIL PROTECTED] Co-Webmaster http://www.theonering.net/ *#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#* Democracy is a form of government that substitutes election by the incompetent many for appointment by the corrupt few. -- G. B. Shaw There is no such thing as a moral or an immoral book. Books are well written or badly written. -- Oscar Wilde X-Stamper-To: [EMAIL PROTECTED]
Re: Auto Whitelist score generation
You were exactly correct, I was seeing the AwlWrongWay problem (maybe phenomena is a better term) and didn't turn up anything on google about it, and was vastly confused. I wish I would have checked my email again before sending the full explanation. On Tue, Mar 15, 2005 at 04:03:49PM -0500, Matt Kettler wrote: Your message seems to be missing it's body, but I'm assuming you're confused by how the scores for the AWL work. I'd suggest a read of the wiki: http://wiki.apache.org/spamassassin/AutoWhitelist and http://wiki.apache.org/spamassassin/AwlWrongWay -- William R. Thomas Corvar [EMAIL PROTECTED] Co-Webmaster http://www.theonering.net/ *#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#* Give me your tired your poor I'll piss on 'em That's what the Statue of Bigotry says Your poor huddled masses, let's club 'em to death and get it over with and just dump 'em on the boulevard Lou Reed (Dirty Blvd.) X-Stamper-To: [EMAIL PROTECTED]
Re: Auto Whitelist score generation
William R Thomas wrote: I had some questions about how the auto whitelist score was generated. Specifically, it seems like it is working opposite to the way it should be in some cases. The equation for the AWL score is: ( meanscore - currentscore) * factor generated from historic messages the score before AWL ^^ Weighting factor default 0.5 I am seeing a decent number of messages where the AWL causes spamassassin to become more neutral. For example: Spammy message (Score 14) from a historically spammy sender (Mean 10). This would get a AWL of -2.0. So it is essentially rewarding spammers for sending a message that is more spammy than they have been sending. Yeah, but it's still going to score 12.0, so it's still going to be spam, and it's well over double the default tag threshold. You're not rewarding the spammer unless they manage to avoid being tagged. Also keep in mind you've got the opposite effect with the AWL too. You'd wind up punishing that same spammer if he sends one with a score of 6.0. AND, keep in mind that although they get a credit for this message, that's going to end up bumping up their overall average, so future messages will be more likely to get punished. The only way a spammer can keep getting negative adjustments is if his spam scores keep going up, and that doesn't help him any. In fact, that's really what you WANT to happen. You want SA to get better and better at giving him high scores. If the AWL is dishing out positive scores to spam, in some ways it's a bad sign because it means SA is less effective against a particular spammer than it was in the past. We can also look at a good message (Score -5) from a historically good sender (Mean -2.5). This would get an AWL of 1.25. Which still ends up as -3.75. I really think you're over-analyzing small changes in the value of a score. A change of 1.25 in a message that would other wise be 10 points below the spam tag level is pretty small. Now it's only 8.75 points below the spam tag threshold, and it's still way below zero. It's hard to call that a punishment when the end result is something so clearly way below the spam threshold. And again, their average will go down, so future emails are more likely to get a negative adjust instead of a positive. And again, the only way to keep getting positive adjusts is for the scores to keep getting lower, which isn't a bad thing.