Hi, what does the MySQL error log say?
Regards,
Il dom 2 apr 2017, 09:57 Nelson ha scritto:
> Has anyone encountered this error?
>
> Apr-02-17 13:44:44 [Worker_10001] Error: FIRSTKEY (spamdbhelo): Can't
> execute select statement: MySQL server has gone away
> Apr-02-17 13:44:44 [Worker_10001] D
Yes, i have.
Some would say RTFM but i will be more explicit.
Once you realize and understand what is a bayesian filter and how it works
then you'll be enlightened and all of your doubts will fade away. Google
can be very helpful in your sysadmin journey.
Regards,
Il ven 11 nov 2016, 21:15 Rogéri
Yes, of course.
strictSPFRe only tells assp to be *strict* and fail even Softfail/Neutral
spf responses (which is the case). In order to block them add domains also
to blockstrictSPFRe.
Regards,
aqx
On Wed, Aug 3, 2016 at 9:34 AM, Andy Knuts wrote:
> I need to add gmail to blockstrictSPFRe, isn
On Sun, Jul 31, 2016 at 10:37 AM, Nguyen Nang Thang wrote:
> "...message size 11228129 exceeds size limit 1024 of server
> A.B.C.D...".
Again, it's not assp. the limit is on the MTA, not in assp proxy.
--
"Madness, like small fish, runs in hosts, in vast numbers of instances."
Nessuno m
king mode for a particular check you should disable
testmode for that check..
On Wed, May 25, 2016 at 4:35 PM, Marcelo Martinez <
marcelo.marti...@nexa.com.uy> wrote:
> Hello aquilinux, thanks for the reply.
>
> Can you please be more detailed?
>
> This is the penaltybox's sect
check *PenaltyBox / Message and IP Scoring *section.
are some Penalty checks set to "tagging" ?
On Mon, May 23, 2016 at 5:26 PM, Marcelo Martinez <
marcelo.marti...@nexa.com.uy> wrote:
> *Hello,This is my first e-mail to the list, so in addition to sending my
> greetings to all I want to ask some
fy ?
>
> Why russian charsets (cp1251 and koi8-r) are bomb ? Is it sanctions ? ;-)
>
>
> В Thu, 28 Apr 2016 11:43:44 +0200
> aquilinux пишет:
>
> > Hi Anton, SpamBombs are regular expression filters that apply to Headers,
> > Subject, Data, Encoding, etc...
>
Hi Anton, SpamBombs are regular expression filters that apply to Headers,
Subject, Data, Encoding, etc...
There is no obscure magic behind this. You can tune the regular expressions
on your own.
Every spambomb catch is logged:
*Apr-28-16 10:38:57 m1-32735-03384 [Worker_3] [BombCharSets] 212.200.43
Hi Jay, you really need to adjust your scores because they seem way too
permissive...
> X-Assp-Message-Score:-10 (SSL-TLS-connection-OK)
> X-Assp-IP-Score:-10 (SSL-TLS-connection-OK)
this is nonsense imho.
everyone now uses ssl/tls to connect so giving a -10 bonus here means
lowering a lot the as
I have a script that twice a day queries Exchange and updates Redlistdb
with email addresses that are out-of-office, so their automated replies
never contribute to whitelist. Sounds tricky, but it works.
I also have Redlistdb filled with all those email addresses that are always
set to auto-reply (
Because you set bayes filter to score whitelisted too. Look at bayes/hmm
config settings.
Il ven 15 apr 2016, 20:17 PlusPlus Internet Solutions LLC <
plusplushost...@gmail.com> ha scritto:
> Thanx! Im aware of it...my question is why is marked as spam if the
> sender email address is on whitelist
i found out that i had 'send250OK' checked
maybe this is what confuses assp at some point..
turning it off now makes assp fire a SMTP Error about forbidden files
(good) and the file is stored in discarded folder (good)...
On Thu, Mar 24, 2016 at 10:11 AM, aquilinux wrote:
>
m1-10036-04835 [Worker_4] [TLS-out] 86.98.212.218 <
customer.serv...@axminster.co.uk> to: r...@local.tld [SMTP Reply] 250 OK
Mar-24-16 10:00:38 m1-10036-04835 [Worker_4] [TLS-out] 86.98.212.218 <
customer.serv...@axminster.co.uk> to: r...@local.tld [SMTP Reply] 221 <
assp2.europa
.@local.tld [SMTP Reply] 221 <
assp1.europassistance.it> closing transmission
i tried to set a different collect folder for attachment (quarantine) but
it seems the collection parameter is not changing (maybe hardcoded?).
regards,
On Wed, Mar 23, 2016 at 5:05 PM, aquilinux wrote:
> Thomas,
t to zero
>
> - the resend link in BlockReports was missing, if a collected file was
> moved from 'spam' to 'discarded'
>
> Thomas
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 23.03.2016 16:07
> Betreff:Re: [Ass
On Wed, Mar 23, 2016 at 3:44 PM, Thomas Eckardt
wrote:
> perl -e 'use Cwd;print cwd();'
this works:
root@assp1:~# perl -e 'use Cwd;print cwd();'
/rootroot@assp1:~#
i'll do more extensive tests.
thanks
--
"Madness, like small fish, runs in hosts, in vast numbers of instances."
Nessuno mi pe
It's me, again.
I think we have a regression somewhere in attachment detection...
extension not detected and mail not stored :(
Mar-23-16 14:36:32 [Worker_1] 94.80.95.229 [SMTP Reply] 220 EAIT - Keep it
legit, or keep out
Mar-23-16 14:36:32 [Worker_1] 94.80.95.229 [SMTP Reply] 250 DSN
Mar-23-1
Hi,
be sure that 'acceptAllMail' will contain only IPs that you want to relay
mail from (mostly, the local addresses of your internal mail servers, eg.
Exchange) and your domain is in localDomains.
then use DoNoSpoofing (read the GUI) to block all emails coming from
external IPs pretending to be f
.
>
> Was issue with the spaces in the foldername in ZIP files fixed for you?
> For me it is (Windows perl 5.16) - but you use linux perl 5.18..
>
> Thomas
>
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 22.03.2016 09:48
> Betreff:
s.
>
> for example:
> info: Plugin ASSP_AFC has set the collection parameter to '7'
>
> # 0:no collection
> # 1:spam folder
> # 2:notspam folder
> # 3:spam folder & sendAllSpam
> # 4:okmail folder
> # 5:attachment folder
> # 6:disc
his is an outgoing mail!?
>
> - 'wlAttachLog' must be set to 'no Collect' - even if 'wlAttachLog' would
> be ignored 16080 is falling back hardcoded to 'discarded' in this case
>
>
>
> Thomas
>
>
>
>
>
> Von:aq
On Mon, Mar 21, 2016 at 4:42 PM, Thomas Eckardt
wrote:
> >grep m1-70529-07242 /opt/assp/logs/maillog.txt
>
> Session log contains some times no mailID (m1-70529-07242) in the
> loglines. Please post the complete content for this mail
>
> Thomas
>
>
>
> Von:aqu
wrote:
> Remains the problem with the not stored .eml file, if ASSP_AFC has
> blocked. I think this is solved - but who knows?
>
> Thomas
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 21.03.2016 12:38
> Betreff:Re: [Assp-user] bad att
Thanks Thomas, it just works!
regards,
aqx
On Mon, Mar 21, 2016 at 12:17 PM, Thomas Eckardt wrote:
> I just published ASSP_AFC 3.29 and 4.21 at CVS - the space problem is
> solved.
>
> Thomas
>
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
>
i'm running Perl v5.18.2
On Mon, Mar 21, 2016 at 11:46 AM, Thomas Eckardt wrote:
> >AFC detection whenever the FOLDER contains spaces
> in the name
>
> Do you use perl 5.16 ?
>
> Thomas
>
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
n.
Regars,
aqx
On Fri, Mar 18, 2016 at 4:54 PM, Thomas Eckardt
wrote:
> Before you start the test, please upgrade assp.pl and ASSP_AFC.pm to the
> latest dev version!
>
> Thomas
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 18.03.2016 16:45
es not match the content based detected file type '''
On Thu, Mar 17, 2016 at 10:40 AM, aquilinux wrote:
> Upgraded, thanks.
> I have now an issue with another legitimate attachment:
>
> Mar-17-16 09:37:24 m1-03839-03606 [Worker_4] [TLS-in] [TLS-out]
> [Attachment
On Fri, Mar 18, 2016 at 8:39 AM, Thomas Eckardt
wrote:
> check 'extAttachLog' , 'wlAttachLog', 'npAttachLog'
>
they are all set to discard folder. but no trace of the files there.
--
"Madness, like small fish, runs in hosts, in vast numbers of instances."
Nessuno mi pettina bene come il vent
s at least to version
> 2.13 (CPAN has it).
>
> Thomas
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 16.03.2016 10:08
> Betreff:Re: [Assp-user] bad attachment [...] possibly a virus
> infected file (can't extract archive)&#x
ctually marked as spam but it is LOST
On Thu, Mar 17, 2016 at 12:41 PM, aquilinux wrote:
> here's a different case of uncorrect detection:
>
> Mar-17-16 12:33:38 m1-14417-13392 [Worker_3] [TLS-in] [TLS-out]
> [Attachment] 92.246.34.74 to: i...@local.tld SPAM FOUND
> bad at
ce this and I've no clue, how this can be happen - I'm sorry.
>
> If you can reproduce this - set SessionLog to diagnostic and AttachmentLog
> to verbose. Or debug such a mail.
>
> Thomas
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
>
Hi, i have more or less your table sizes on mysql.
I use mysql for spamdb, hmmdb and other 22 tables (whitelist, pbblack,
caches, ...).
i have 1 master and 1 slave assp and the mysql database is on the slave.
my spamdb (411mb) has ~4.4million rows and my hmmdb (348mb) has ~3.3millon
rows.
Each assp
P version 2.4.8(16074) + ASSP_AFC 3.26
>
> both available at SF-CVS
>
> will fix this.
>
> Thomas
> ps: please use the "ASSP List" assp-t...@lists.sourceforge.net if you use
> a dev version 2.4.8
>
>
>
>
> Von:aquilinux
> An: For Use
Hi all,
I recently enforced attachment blocking with zip inspection but legitimate
attachements are blocked because of this:
Mar-15-16 14:09:55 [Worker_5] Warning: possibly a virus infected file
(can't extract archive)
'/opt/assp/tmp/zip_5_1458047395/MSC_Implementation_Activities_15.03.2016.xlsx'
HI all, i used to use griplist (upload/download) for a couple of years, but
recently i see more and more spam mail getting their score lowered by the
griplist match.
is this feature still reliable to use? do you use it? have you lately
noticed this behaviour too?
regards,
--
"Madness, like smal
ot
meeting the recommended version.
is this a bug?
On Wed, Feb 24, 2016 at 3:48 PM, Thomas Eckardt
wrote:
> IMHO if openssl is compiled using -fPIC, Net::SSLeay has to be compiled
> the same way.
>
> Thomas
>
>
>
>
>
> Von:aquilinux
> An: For Users of
but, openssl has been compiled (configured) without any flag...
and i only did a cpan -f -i Net::SSLeay.
On Wed, Feb 24, 2016 at 3:48 PM, Thomas Eckardt
wrote:
> IMHO if openssl is compiled using -fPIC, Net::SSLeay has to be compiled
> the same way.
>
> Thomas
>
>
>
&g
Hi again,
before upgrading to 16036 i compiled and installed openssl 1.0.1r on ubuntu
14.04
i made a deb package via checkinstall but when i installed it i had to
remove libssl-dev due to package conflicts.
old version of assp was showing then:
OpenSSL 1.0.1r 1.0.1r / 0.9.8
perl pathtoassp/asspl.pl pathtoassp ChangeRoot:=
>
> Thomas
>
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 24.02.2016 00:56
> Betreff:Re: [Assp-user] request to change root to '0e' did
> not succeed: No such f
the first time that, when upgrading, i see some values reset to
'0e'
last time it happened with SSL certificates paths.
regards,
On Tue, Feb 23, 2016 at 11:42 PM, aquilinux wrote:
> hi thomas, i'm having this error when starting version ASSP 2.4.8(16036):
>
>
hi thomas, i'm having this error when starting version ASSP 2.4.8(16036):
root@assp1:/opt/assp# ./assp.pl
ASSP 2.4.8(16036) is starting in directory /opt/assp
on host assp1.mydomain.tld
using Perl /usr/bin/perl version 5.018002 (5.18.2), all Perl features for
5.18 are enabled
compiling code - plea
spam folder.
and all plugins are configured to Log to spam folder (i already tried to
play with these setting).
On Thu, Nov 27, 2014 at 5:14 PM, Thomas Eckardt
wrote:
> what is your setting of 'spamMSLog'
>
> Thomas
>
>
>
> Von:aquilinux
> An: For User
I often have problems with mails blocked by MessageScore if triggered after
by PluginAll.
The link to the spam folder is missing from the logs, therefore the block
report is unable to locate the file on the system. so, the report is
missing the resend link.
in these cases (i thought this was fixed
you should post relevant config values if you need help, since no one can
look neither inside your linux nor your mind.
for example, what are the values for testmode configs? value of
'switchTestToScoring'? value of 'doPenalty'?
did you do any change in any piece of config recently?
things usually
same spam here, and ClamAV is kicking ass:
*Message ID: m1-99462-30667 Session: 7F3FB66EEBB8 Remote IP: 85.39.186.201
Subject: Ihre Mobilfunk - Rechnung vom 04.11.2014 im Anhang als PDF Sender:
fauna...@vodafone.com Recipients(s): [..] Virus
Detected:
'Sanesecurity.Foxhole.Zip_pdf.UNOFFICIA
king at the code?
>
> For normal users cc and bcc addresses are removed.
>
> Thomas
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 28.07.2014 16:36
> Betreff:Re: [Assp-user] resend email error (no To: or
> X-ASSP-Intended-For:)
code?
Regards,
aqx
On Sat, Jul 5, 2014 at 11:14 AM, aquilinux wrote:
> No... None of them. The line with To: header has just been epurated.
>
> Regards,
> aqx
> Il 05/lug/2014 07:03 "Thomas Eckardt" ha
> scritto:
>
> Is there really no 'To:' or &
earch for.
> A fixed pre-version is still running on my prod system.
>
> This will be fixed in the next release - but it may take some time to
> test all cases.
>
> Thomas
>
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 26.06.2014 11
No... None of them. The line with To: header has just been epurated.
Regards,
aqx
Il 05/lug/2014 07:03 "Thomas Eckardt" ha
scritto:
> Is there really no 'To:' or 'X-Assp-Intended-For:' header tag in the file
> located in the resend folder ?
>
> Thomas
n
> To: header but i cannot guarantee that this is the cause.
>
> I can guarantee this.
>
> If a user requests a resend, the TO: address is replaced.
> If an admin copies a file in to the resend folder, assp assumes that he
> knows what he is doing.
>
> Thomas
>
>
>
hi all,
i'm running into this issue occasionally, but i think it's a bug.
i have some mail stuck in resendmail folder with:
*# (re)send - /opt/assp/resendmail/lucilla_ferri_libero_it--551877.eml -
To: and X-Assp-Intended-For: headertag not found - skip file*
*[...snip...]From: "lucilla.ferri" >Su
>
> This will be fixed in the next release - but it may take some time to
> test all cases.
>
> Thomas
>
>
>
>
>
> Von:aquilinux
> An: For Users of ASSP
> Datum: 26.06.2014 11:23
> Betreff:Re: [Assp-user] Antwort: resend link not availabl
To:=1
ASSP_DCChomedir:=/var/dcc
ASSP_DCCdccifd:=
ASSP_DCCTimeout:=16
ASSP_DCCClientIP:=
ASSP_DCCClientName:=
ASSP_DCCReportToDCC:=2
so, either i set 'block' or 'score' the reference to the mail for the
resend to work gets lost.
regards,
aqx
On Wed, Jun 25, 2014 at 10:13 AM,
tld* *[spam found] (MessageScore 64, limit 50) [Scadenza
> polizza auto];*
>
> This line is missing the file name - that's why the resend link is not
> available.
>
> IMHO this is caused by a special configuration condition - I'll try to fix
> this.
>
> Thomas
Hi there,
You should look at "Validate Sender" section.
in particular, look at "Block Local Address from External Sender" (read
notes about it): it should be set to block (or else, depending on what you
want assp to do).
This will match on all the emails whose sender claims to be from your
domain.
ink...
Regards,
On Tue, Jun 24, 2014 at 9:29 AM, Thomas Eckardt
wrote:
> >The message is still in discarded folder.
>
> in this case the resend link should be available IF the message body is
> not empty
>
> Thomas
>
>
>
>
>
> Von:aquilinux
> An:
to store spam in
> This is only used if DCC is set to block.
>
>
> Thomas
>
>
>
>
>
>
> Von:aquilinux
> An: assp-user@lists.sourceforge.net
> Datum: 23.06.2014 16:36
> Betreff:[Assp-user] resend link not available when message blocked
>
Hi all, it seems to me that BlockReport doesn't include the resend link
when/if message is blocked by a Plugin (in my case DCC and RAZOR).
When score is calculated, message is put in the correct folder:
*Jun-16-14 09:05:30 m1-02329-26874 [Worker_4] [TLS-out]
[MessageLimit][lowlimit] 94.76.252.33
>
58 matches
Mail list logo
