check_whitelist
Hi, The check_whitelist tool is apparently gone, - can we use this tool from older releases with 3.2.5? Is there any work to get tools/ back? Thanks, --per
Re: check_whitelist
On Wed, Oct 08, 2008 at 07:49:41PM +0200, Per olof Ljungmark wrote: The check_whitelist tool is apparently gone, - can we use this tool from older releases with 3.2.5? Not sure. Probably, unless the format changed. Is there any work to get tools/ back? It got removed from the tarball because the stuff in there is totally unsupported, but you can still get it from SVN: http://svn.apache.org/repos/asf/spamassassin/trunk/tools/ -- Randomly Selected Tagline: Programming isn't so much a profession as it is an obsessive-compulsive disorder. - Unknown pgpSgZtNAkKbJ.pgp Description: PGP signature
Re: check_whitelist
Theo Van Dinter wrote: On Wed, Oct 08, 2008 at 07:49:41PM +0200, Per olof Ljungmark wrote: The check_whitelist tool is apparently gone, - can we use this tool from older releases with 3.2.5? Not sure. Probably, unless the format changed. Is there any work to get tools/ back? It got removed from the tarball because the stuff in there is totally unsupported, but you can still get it from SVN: http://svn.apache.org/repos/asf/spamassassin/trunk/tools/ OK, thanks. Seems workable. --per
Re: check_whitelist
On Wednesday 08 October 2008 12:49 pm, Per olof Ljungmark wrote: Hi, The check_whitelist tool is apparently gone, - can we use this tool from older releases with 3.2.5? --per It works fine here. -- Chris KeyID 0xE372A7DA98E6705C pgpZVyhELmmep.pgp Description: PGP signature
Re: problem with check_whitelist
same problem under 3.2.3 but with the script of 3.1.7 Maybe my db is broken? 2007/10/27, François Rousseau [EMAIL PROTECTED]: Hi, I use SA 3.1.7 and I want to check the AWL database. Normarly I simply run check_whitelist and I get what I search for. But this time, this command just return nothing! ~# /download/clean/Mail-SpamAssassin-3.1.7/tools/check_whitelist /home/spamd/.spamassassin/auto-whitelist ~# And the database is not empty. -rwrw- 1 spamd spamd 161M 2007-10-27 19:42 auto-whitelist Any idea what to do? Thanks, François
Re: problem with check_whitelist
I have forget to tell you that the script is working find for a test db but not for the main db that I use. 2007/10/29, François Rousseau [EMAIL PROTECTED]: same problem under 3.2.3 but with the script of 3.1.7 Maybe my db is broken? 2007/10/27, François Rousseau [EMAIL PROTECTED]: Hi, I use SA 3.1.7 and I want to check the AWL database. Normarly I simply run check_whitelist and I get what I search for. But this time, this command just return nothing! ~# /download/clean/Mail-SpamAssassin-3.1.7/tools/check_whitelist /home/spamd/.spamassassin/auto-whitelist ~# And the database is not empty. -rwrw- 1 spamd spamd 161M 2007-10-27 19:42 auto-whitelist Any idea what to do? Thanks, François
problem with check_whitelist
Hi, I use SA 3.1.7 and I want to check the AWL database. Normarly I simply run check_whitelist and I get what I search for. But this time, this command just return nothing! ~# /download/clean/Mail-SpamAssassin-3.1.7/tools/check_whitelist /home/spamd/.spamassassin/auto-whitelist ~# And the database is not empty. -rwrw- 1 spamd spamd 161M 2007-10-27 19:42 auto-whitelist Any idea what to do? Thanks, François
check_whitelist does not compact
Hello, Although check_whitelist --clean removes entries from the auto whitelist database, it does not compact the file, at least on my system (latest SpamAssassin on debian unstable, perl 5.8.8, DB_File 1.814). A minor modification of the check script that ties a new Berkley db and copies the cleaned structure over to it brought my 20MB whitelist to 600KB (after --min 3). I'd just send a patch, but I noticed there are also '.pag' and '.dir' files which I didn't know the purpose of. Are they safe to leave as is with the compacted db? Should they also be treated somehow? -- Gaal Yahas [EMAIL PROTECTED] http://gaal.livejournal.com/
Re: check_whitelist
Where does one get the check_whitelist tool? It's in the tools subdirectory of the tarball. I used CPAN to install SpamAssassin (3.0.1) and a find on the system does not locate the tool. Are you sure you did 3.0.1 not 3.1.0? check in ~/.cpan/ and find where CPAN unpacked the SA tarball when building and installing to find it, otherwise just download the tarball and grab it out of that. I did mean the 3.1.0, and I did download the tarball and get it from there. Thanks. = Kevin W. Gagel Network Administrator Information Technology Services (250) 562-2131 local 448 My Blog: http://mail.cnc.bc.ca/blogs/gagel --- The College of New Caledonia, Visit us at http://www.cnc.bc.ca Virus scanning is done on all incoming and outgoing email. Anti-spam information for CNC can be found at http://avas.cnc.bc.ca ---
check_whitelist
Where does one get the check_whitelist tool? I used CPAN to install SpamAssassin (3.0.1) and a find on the system does not locate the tool. = Kevin W. Gagel Network Administrator Information Technology Services (250) 562-2131 local 448 My Blog: http://mail.cnc.bc.ca/blogs/gagel --- The College of New Caledonia, Visit us at http://www.cnc.bc.ca Virus scanning is done on all incoming and outgoing email. Anti-spam information for CNC can be found at http://avas.cnc.bc.ca ---
Re: check_whitelist
At 01:57 PM 11/24/2005, Kevin W. Gagel wrote: Where does one get the check_whitelist tool? It's in the tools subdirectory of the tarball. I used CPAN to install SpamAssassin (3.0.1) and a find on the system does not locate the tool. Are you sure you did 3.0.1 not 3.1.0? check in ~/.cpan/ and find where CPAN unpacked the SA tarball when building and installing to find it, otherwise just download the tarball and grab it out of that.
AWL: Puzzling 'count' from check_whitelist confused user (me)
I have run into a wall trying to understand what's happening with my AWL stats -- If someone could point me to what else I should look at, I'd really appreciate it.. Using SA 3.0.2, redhat linux check_whitelist shows my email address like this: -5.4 (-350.5/65) -- [EMAIL PROTECTED]|ip=142.55 -- Well, a spam got thru and AWL showed up in the list of rules that hit, and upon investigation, it appears that the above -5.4 adjustment was used in the computation of the score resulting in passing the message. Excerpts from the headers are: Return-path: [EMAIL PROTECTED] : Received: ... crucify.ytrikur.cl ([142.55.146.242] helo=mail.uccfootmen.org) From: Francisco Andrews [EMAIL PROTECTED] So .. in short, a forgery from 'me' to 'me', and SA seems to think the IP is 142.55... check_whitelist, however, shows a count of 65 occurrences. I've gone back scanned ALL mail I've received since I put up 3.0.2, and there are no other occurrences of 142.55 besides the one that sneaked in... As I understand, '[EMAIL PROTECTED]|ip=142.55' is supposed to be unique to emails originating from 142.55.x.x, yet it shows 65 occurrences, and an (apparently) incorrect score of -5.4. Please, oh please what am I missing here? Thanks!
Re: AWL: Puzzling 'count' from check_whitelist confused user (me)
Thus spake Michael Parker ([EMAIL PROTECTED]): On Mon, Feb 07, 2005 at 05:44:00PM +, David N wrote: As I understand, '[EMAIL PROTECTED]|ip=142.55' is supposed to be unique to emails originating from 142.55.x.x, yet it shows 65 occurrences, and an (apparently) incorrect score of -5.4. Possibly you got 64 mails where the IP could not be determined so it was placed in the database as none. When you got one with an IP that AWL could make use of it upgraded the none entry to the one with the IP. That makes some sense to me, but I do have an entry in the database for '[EMAIL PROTECTED]|ip=none'... however the count is '1'!! I would expect the 'ip=none' to have more than a count of 1 but have no empirical evidence to prove it The 'ip=none' also includes the case where all ip addresses known come from private subnets too doesn't it? -- If that's the case, then 64 would make a LOT of sense. [Additionally, since I received that bum spam message, I've send exactly 1 email to an internal mailing list that returns the mail from me, but all private IP's - once again, the shoe fits]. Now then, if this scenario is correct, I end up in a situation where I send a buncha emails internally, accumulate a good -6.6 score in the AWL, and along comes Mr. Spammer forges a 'from' from me, and the AWL code hijacks my good -6.6 score passes the message? Is that an accurate description? If so: 1) Can I turn off this 'upgrading', or is there something I can do to say include private addresses 192.168.223.x?? Or do I just need to disable AWL entirely? 2) How can I delete the bum record from my AWL database? Thanks! -- David N, dn7534 at-sign tditx com