spamc sometimes complains MISSING_MID sometimes not with same message
The question is: Has anyone seen unpredictable and different results when processing the same message? The operative part of the script is: #first run use echo setting aside user_prefs, running with system wide values mv ~/.spamassassin/user_prefs ~/.spamassassin/user_prefss cp ~/.spamassassin/user_prefs.rptonly ~/.spamassassin/user_prefs grep -iv X-SPAM $1 | spamc $1.o grep X-Spam $1.o grep -A14 pts rule name $1.oo|grep -v \-\-\-\- #second run. use all MY prefs mv -f ~/.spamassassin/user_prefss ~/.spamassassin/user_prefs grep -iv X-SPAM $1 | spamc $1.oo grep X-Spam $1.oo grep -A13 pts rule name $1.oo |grep -v \-\-\-\- where user_prefs.rptonly contains add_header all report _REPORT_ add_header all testscores _TESTSSCORES(,)_ I run the script multiple times and get unpredictable results regarding the appearance of MISSING_MID. Thank you, Dennis German Hello world, goodnight moon
Re: spamc sometimes complains MISSING_MID sometimes not with same message
On 10/9/10 11:35 AM, Dennis German wrote: The question is: Has anyone seen unpredictable and different results when processing the same message? Sure. if your setup is messed up, you will get unpredictable results. -- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 ISN: 1259*1300 *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best in Email Security,2010: Network Products Guide * King of Spam Filters, SC Magazine 2008 __ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ __
Re: spamc sometimes complains MISSING_MID ... NOT...
There is at least one problem with my script, NOT spamassassin. I did not expect the results to be in different order. The grep -A14 'pts rule name' may not display all the errors. Sorry 'bout that. Dennis
Re: spamc sometimes complains MISSING_MID sometimes not with same message
On Sat, 2010-10-09 at 11:35 -0400, Dennis German wrote:
The question is: Has anyone seen unpredictable and different results
when processing the same message?
No.
The operative part of the script is:
#first run use
echo setting aside user_prefs, running with system wide values
mv ~/.spamassassin/user_prefs ~/.spamassassin/user_prefss
cp ~/.spamassassin/user_prefs.rptonly ~/.spamassassin/user_prefs
grep -iv X-SPAM $1 | spamc $1.o
grep X-Spam $1.o
Your grepping is broken. You're not limiting the pattern at the
beginning of a line, and more importantly don't account for multi-line
headers. This can result in a lot of strange things.
Formail is your friend. To correctly extract all X-Spam headers, use
formail -X, and to remove them use -I instead of -X.
formail -X X-Spam $msg
However, there is no need to remove SA headers before processing it a
second time with SA. SA ignores these.
grep -A14 pts rule name $1.oo|grep -v \-\-\-\-
What if there are more lines??
I run the script multiple times and get unpredictable results regarding
the appearance of MISSING_MID.
Yeah, I can see that happening with a script like the above. :)
--
char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4;
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1:
(c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: spamc sometimes complains MISSING_MID sometimes not with same message
On Sat, 2010-10-09 at 11:35 -0400, Dennis German wrote:
#first run use
echo setting aside user_prefs, running with system wide values
mv ~/.spamassassin/user_prefs ~/.spamassassin/user_prefss
cp ~/.spamassassin/user_prefs.rptonly ~/.spamassassin/user_prefs
grep -iv X-SPAM $1 | spamc $1.o
grep X-Spam $1.o
grep -A14 pts rule name $1.oo|grep -v \-\-\-\-
^
This greps in the previous second run's output, NOT this first one's.
#second run. use all MY prefs
mv -f ~/.spamassassin/user_prefss ~/.spamassassin/user_prefs
grep -iv X-SPAM $1 | spamc $1.oo
grep X-Spam $1.oo
grep -A13 pts rule name $1.oo |grep -v \-\-\-\-
--
char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4;
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1:
(c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: spamc sometimes complains MISSING_MID ..NOT...
Please keep list posts on-list.
On Sat, 2010-10-09 at 12:27 -0400, Dennis German wrote:
Formail is your friend. To correctly extract all X-Spam headers, use
formail -X, and to remove them use -I instead of -X.
formail -X X-Spam $msg
However, there is no need to remove SA headers before processing it a
second time ...
I processed the same input file each time.
I don't see how that changes the need to remove X-Spam headers. There
still is no need to.
grep -A14 pts rule name $1.oo|grep -v \-\-\-\-
What if there are more lines?
That's the problem since the report lines do not always come in the same
order.
Thanks for the info on formail.
Just goes to show how helpful others can be if you can just ask.
Ask, and provide all relevant info. ;) This one was much better than
your first attempt (which was terribly confusing), because it included
the way you're post-processing, enabling us to reproduce or understand
the issue.
As a side-note, you may want to consider using 'spamassassin' with the
--cf or --prefs-file options, defining single config lines ad-hoc and
completely switching user_prefs files respectively. Slower than using
spamc, but gets rid of the nasty mv orgy to switch user_prefs.
--
char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4;
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1:
(c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
spamc sometimes complains MISSING_MID sometimes not with same message
First an overview: spamassassin 3.2.5; shared host ISP won't update spamassassin, setup is such that SCORE keyword in user_prefs is ignored. ISP will neither include add_header all report _REPORT_ nor add_header all testscores _TESTSSCORES(,) ++ I have a script to set ~/spamassassin/user_prefs to contain only: add_header all report _REPORT_ add_header all testscores _TESTSSCORES(,) take spam I received and run spamc then set ~/spamassassin/user_prefs to contain a large amount of SCORE entries I would have liked spamassassin to use, including : score MISSING_MID 3.7 run spamc again just to see what would have happened with my SCOREs. This all works very nicely, usually. ++ Today I ran a particular message and the first run included: 0.0 MISSING_MIDMissing Message-Id: header in the report. The second run did not mention MISSING_MID. I reran the script and this time the first run did not mention MISSING_MID in the report but the second run included 3.7 MISSING_MIDMissing Message-Id: header in the report. I have added various greps to the script referencing the message as well as user_prefs and run the script with unpredictable results, that is any given run may or may not show MISSING_MID. I was surprised to find one run where the 0.0 MISSING_MIDMissing Message-Id: header in the report was the last score message as it is usually occurs after complaints of BLs and before HTML issues. Has anyone seen this behavior? Thank you, Dennis German Hello world, goodnight moon
Re: spamc sometimes complains MISSING_MID sometimes not with same message
On 10/8/10 3:26 PM, Dennis German wrote: First an overview: spamassassin 3.2.5; shared host ISP won't update spamassassin, setup is such that SCORE keyword in user_prefs is ignored. [snip]s after complaints of BLs and before HTML issues. Has anyone seen this behavior? as in: A) ISP's that won't update spamassassin? B) This behavior on YOUR specific ISP, with THEIR specific configuration? Its kinda like saying you use a phone provider that you don't like and sometimes it echos and asking if anyone else has echos. If the ISP isn't set up right, and won't let you use user-prefs, there is no telling what else they did. I suppose you can't post the spamd options they use when they start SA? what about the contents of the ../share/mail/spamassassin directory? the default local.cf? -- Michael Scheidell, CTO o: 561-999-5000 d: 561-948-2259 ISN: 1259*1300 *| *SECNAP Network Security Corporation * Certified SNORT Integrator * 2008-9 Hot Company Award Winner, World Executive Alliance * Five-Star Partner Program 2009, VARBusiness * Best in Email Security,2010: Network Products Guide * King of Spam Filters, SC Magazine 2008 __ This email has been scanned and certified safe by SpammerTrap(r). For Information please see http://www.secnap.com/products/spammertrap/ __
Re: spamc sometimes complains MISSING_MID sometimes not with same message
On Fri, 8 Oct 2010, Dennis German wrote: spamassassin 3.2.5; shared host ISP won't update spamassassin, setup is such that SCORE keyword in user_prefs is ignored. ISP will neither include add_header all report _REPORT_ nor add_header all testscores _TESTSSCORES(,) Bummer. Today I ran a particular message and the first run included: 0.0 MISSING_MIDMissing Message-Id: header in the report. The second run did not mention MISSING_MID. And the message did not change between runs? If you can figure it out, how is SA glued onto the MTA? One possible course of action might be to install the current SA locally under your account and run your mail through that for scoring (i.e. ignore the results of the ISP's scan). Whether that's an option depends on how the ISP has SA glued into the MTA and how they handle delivery of high-scoring messages. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- The difference is that Unix has had thirty years of technical types demanding basic functionality of it. And the Macintosh has had fifteen years of interface fascist users shaping its progress. Windows has the hairpin turns of the Microsoft marketing machine and that's all.-- Red Drag Diva --- 70 days until TRON Legacy
