Re: Memory Leak?

What parameters do you use to start spamd? {^_^} - Original Message - From: "Ron Smith" <[EMAIL PROTECTED]> Sent: Friday, 2008, July 25 13:56 Hi, Robert. No, I've been dealing with this issue now for two solid weeks daily until 2am and its been in my mind every waking moment. Beli

Re: Incorrect DNSBL evaluation

From: "Yves Goergen" <[EMAIL PROTECTED]> Sent: Friday, 2008, July 25 13:39 On 25.07.2008 21:43 CE(S)T, mouss wrote: BTW. do we have numbers on how many ISPs did update their bind implementations (or have "safe" workarounds) after the recent bug disclosure? According to a Heise.de article, i

Re: junkfiles-bays_toks.expire\d{4-5}

Linda Walsh wrote: Matt Kettler wrote: The fact that they keep laying around is a problem. This suggests SA keeps getting killed before the expire can complete. Do you have any kind of limits set such as CPU time or memory that SA might be running against and dying? You can try kicking off

Re: junkfiles-bays_toks.expire\d{4-5}

Matt Kettler wrote: The fact that they keep laying around is a problem. This suggests SA keeps getting killed before the expire can complete. Do you have any kind of limits set such as CPU time or memory that SA might be running against and dying? You can try kicking off an expire manually

Re: Memory Leak?

Hi, Bowie. Ron Smith [EMAIL PROTECTED] "Having an email problem is painful, but character-building." On Jul 25, 2008, at 4:49 PM, Bowie Bailey wrote: DNS tests generally do not cause major slowdowns unless you have one that is not responding. The tests are run in parallel with the rest of

Re: junkfiles-bays_toks.expire\d{4-5}

Linda Walsh wrote: In my .spamassassin dir, I see lots of files that look like: bayes_toks.expire1098 bayes_toks.expire1243 bayes_toks.expire13494 They are all a few hundred K or more long (just deleted the bunch). I've also noticed spamd going off and cranking for more than an hour -

junkfiles-bays_toks.expire\d{4-5}

In my .spamassassin dir, I see lots of files that look like: bayes_toks.expire1098 bayes_toks.expire1243 bayes_toks.expire13494 bayes_toks.expire15029 bayes_toks.expire15761 bayes_toks.expire16349 bayes_toks.expire17370 bayes_toks.expire17385 bayes_toks.expire1754 bayes_toks.expire18183

Re: Sa-update

Eduardo Júnior wrote: Hi, I have just done an update in the rules of my spamassassin with sa-update He dropped everything to /var/lib/spamassassin/version He created the directory with several updates_spamassassin_org. Cf And a updates_spamassassin_org.cf

Re: I'd like to get my blacklist/whitelist included in SA

In article <[EMAIL PROTECTED]>, Marc Perkel <[EMAIL PROTECTED]> writes >What kind of license do I need to provide to be SA compatible? I'd imagine the line "anyone who uses our lists or our data either directly from us or indirectly through a third party grants us a license for us to use your data

Re: Memory Leak?

Hello, Kai. Your comments are much appreciated. Ron Smith [EMAIL PROTECTED] "Having an email problem is painful, but character-building." On Jul 25, 2008, at 2:31 PM, Kai Schaetzl wrote: Sure you got that reply. You quoted his mail. But you didn't answer the question about memory. That's all

Re: Memory Leak?

Hi, Robert. No, I've been dealing with this issue now for two solid weeks daily until 2am and its been in my mind every waking moment. Believe me I've been over and over and over it and wouldn't have posed my concerns lightly. One thing is clear. When I turn off viral screening and everythi

RE: Memory Leak?

Ron Smith wrote: > > On Jul 25, 2008, at 11:12 AM, Martin.Hepworth wrote: > > > Ron > > > > I'd check what RBL's and URI-RBL's you are running. > > > > If you haven't turned any of them then you're running them all - > > which can lead to very long processing times. > > > > Choose one or two y

RE: Memory Leak?

Ron Smith wrote: > > On Jul 25, 2008, at 10:54 AM, Bowie Bailey wrote: > > > I am running spamd like this: > > > > /usr/bin/spamd -d -m 4 --max-conn-per-child=50 -timeout-child=180 > > -u mailuser > > > > That's a maximum of 4 spamd child processes and they restart after > > 50 connections eac

Re: Incorrect DNSBL evaluation

On 25.07.2008 21:43 CE(S)T, mouss wrote: BTW. do we have numbers on how many ISPs did update their bind implementations (or have "safe" workarounds) after the recent bug disclosure? According to a Heise.de article, in Austria 2/3 of all ISPs did not yet patch their recursive DNS servers. In U

Re: Memory Leak?

Hi, Martin. That's also a very good suggestion. Now I thought that using the -L parameter would turn all those off. I did try that thinking that that was the case however I really wasn't sure that it made a difference. I'll try your suggestion on the zero scores in the local.cf too. We do

Re: Memory Leak?

That's a great suggestion, Bowie. I'm going to give that a shot. Now that you bring up connections per child... how many usually occur or can occur if I don't specify? I seem to have missed that in the man pages. I'm running 4gb on my system all this week (up from 1gb originally) and have

Re: Incorrect DNSBL evaluation

Matthias Leisi wrote: jdow schrieb: | (And if you're running an "'ix" operating system - why aren't you running a | DNS server. That's one of the first "hairy chested 'ix things" I ever Since operating a sizeable DNS infrastructure, I came to prefer to people using a shared/common/ISP-provided

Re: Incorrect DNSBL evaluation

On 20.07.2008 16:18 CE(S)T, Yet Another Ninja wrote: This could be a DNS problem returning a .2 (positive response) for all queries. I have done some further tests and it seems that one of the four nameservers (the .100.100) sometimes returns NXDOMAIN and sometimes 127.0.0.255, which obviousl

Re: I'd like to get my blacklist/whitelist included in SA

Marc Perkel wrote: I'm referring to the Hostkarma list from junk email filter. http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists What is the procedure/requirements to make this happen? I have 4 servers running rbldnsd. Questions What kind of license do I need to provide to be SA

Re: Memory Leak?

Ron Smith wrote on Fri, 25 Jul 2008 11:11:32 -0400: > Kai, I tried to explain that I didn't get that email response. Sure you got that reply. You quoted his mail. But you didn't answer the question about memory. That's all I pointed out - and got this snap back. Ron, in case you didn't understa

Re: Memory Leak?

Ron, you still don't seem to indicate that you've figured out there is no memory leak. Rather than bothering to berate Kai at this point you might modify the way spamd is started to reduce the number of children. That is a sure way to run out of memory and drive the system into swap space. Once i

I'd like to get my blacklist/whitelist included in SA

I'm referring to the Hostkarma list from junk email filter. http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists What is the procedure/requirements to make this happen? I have 4 servers running rbldnsd. Questions What kind of license do I need to provide to be SA compatible? What wo

Re: [OT] Odd spammer tactic?

Jonas Eckerman wrote: Michelle Konzack wrote: in short, if someone declares you as their MX (without your authorization), you should not start listing clients that try to send mail to such domains. Are there ANY leagal reasons to declare someons MX as there MX? You miss mouss' point. If

RE: Sa-update

Eduardo Júnior wrote: > At least in my pathhad no sa-compile. > > But that's not important now. > I did as recommended by colleagues above, correcting my mistakes and > understanding the operation. > Until had found odd repetition of files. > > > But when I run sa-update, my list of rules is no

Re: [OT] Odd spammer tactic?

Michelle Konzack wrote: in short, if someone declares you as their MX (without your authorization), you should not start listing clients that try to send mail to such domains. Are there ANY leagal reasons to declare someons MX as there MX? You miss mouss' point. If someone (maliciously or

Re: Sa-update

Eduardo Júnior wrote: At least in my pathhad no sa-compile. But that's not important now. I did as recommended by colleagues above, correcting my mistakes and understanding the operation. Until had found odd repetition of files. But when I run sa-update, my list of rules is not updated and can

Re: [OT] Odd spammer tactic?

Quoting Matus UHLAR - fantomas <[EMAIL PROTECTED]>: On 24.07.08 14:35, Michelle Konzack wrote: Are there ANY leagal reasons to declare someons MX as there MX? Yes, a mistake, or a false assumption by ISP's client. We have DNS server sharing relationships with some of our biz partners. I

Re: Memory Leak?

Kai, I tried to explain that I didn't get that email response. We have been having mail delivery issues as a result of this problem. I was asking for help, not a scolding. You assume wrongly that because you didn't get a reply that I ignored you... I didn't get your reponse. Ron Smith [EMAI

Re: [OT] Odd spammer tactic?

> Am 2008-07-22 20:23:42, schrieb mouss: > > There is one caveat in this argument. yes, an MTA would lookup the MX. > > but it is the MX as seen in DNS, not as seen in _your_ zone. > > > > in short, if someone declares you as their MX (without your > > authorization), you should not start listin

RE: Memory Leak?

Ron You are kinda shooting in the dark on the memory leak thread stuff. You need to get a lil deeper in the system(s) to know. I don't know what programming tools you are familiar with yet you could do some tracing and know exactly what is going on and when it is happening and then you can immed

Re: I could not get spamd worked with option -c

Do you have READ the LOG? Am 2008-07-20 10:09:04, schrieb Yavuz Maslak: > I run spamd with -D option to look into the details of the log. > > I am getting below error; > > Sun Jul 20 10:04:55 2008 [25978] info: spamd: clean message (1.5/10.0) for > vpopmail:89 in 0.1 seconds, 1270 bytes. > Sun J

Re: [OT] Odd spammer tactic?

Am 2008-07-22 20:23:42, schrieb mouss: > There is one caveat in this argument. yes, an MTA would lookup the MX. > but it is the MX as seen in DNS, not as seen in _your_ zone. > > in short, if someone declares you as their MX (without your > authorization), you should not start listing clients th

RE: Memory Leak?

Ron I'd check what RBL's and URI-RBL's you are running. If you haven't turned any of them then you're running them all - which can lead to very long processing times. Choose one or two you want by looking through the 20_dnsbl_tests.cf file. And give then rest a zero score in local.cf Running

Re: Sa-update

At least in my pathhad no sa-compile. But that's not important now. I did as recommended by colleagues above, correcting my mistakes and understanding the operation. Until had found odd repetition of files. But when I run sa-update, my list of rules is not updated and can now be used after resta

Re: Memory Leak?

Thanks, Duane for your kind comment. Yes I have tried different methods. I used to use cgpsa. cgpav was only for antiviral stuff and it failed miserably when I tried to have it doing the spamassassin calls also. It seems that no matter how I call spamd there is an issue. I'm using scanspam.

RE: Memory Leak?

Ron Smith wrote: > Thanks so much for your kind response, Bowie. That has become my > conclusion also. Do you use sa-compile and if so, have you seen that > improve memory usage? I attempted to use sa-compile, but I kept running into problems, so I dropped it. I think the problems were related t

Re: Memory Leak?

Ron, what are you up? You claim that there is a memory issue with SA. Fine, could be so. You where asked to provide memory details. You didn't. I told you you didn't. You snap at me and still don't provide the memory details. Tells me you are not really interested in investigating the issue and

Re: Memory Leak?

Thanks so much for your kind response, Bowie. That has become my conclusion also. Do you use sa-compile and if so, have you seen that improve memory usage? I've tried adjusting the child processes up and down with little effect I think. Are you using 2 or 3? What's your timeout setting for

Re: Sa-update

Kai Schaetzl wrote: Eduardo Júnior wrote on Fri, 25 Jul 2008 08:58:25 -0300: Peguei of the includes updates_spamassassin_org.cf and put in /etc/spamassassin/local.cf and I made a copy of my *. cf / etc / spamassassin to maintain consistently referenced in the path includes. Not sure w

Re: Memory Leak?

Thanks so much for your kind response, Jamie. It is much appreciated! Here's the issue which started about 2 or 3 weeks ago. Updates/upgrades performed about the same time: OS X 10.4.11 to OS X 10.5.3/10.5.4 SA from 3.1.8 to 3.2.5 cgpav/clamav... went from 0.6x to 0.8x, but it is currently tur

Re: Memory Leak?

On Fri, 25 Jul 2008, Ron Smith wrote: When I reinstituted the blocklists in CommuniGate Pro, the spam load falls dramatically and SA continues to function. And yet I'm still getting tmp files in the Submitted folder that have multiple .tmp extensions as though spamd was being respawned by the

Re: Sa-update

Eduardo Júnior wrote on Fri, 25 Jul 2008 08:58:25 -0300: > Peguei of the includes updates_spamassassin_org.cf and put in > /etc/spamassassin/local.cf and I made a copy of my *. cf / etc / > spamassassin to maintain consistently referenced in the path includes. Not sure what this means. You have t

RE: Sa-update

Eduardo Júnior wrote: > > I have just done an update in the rules of my spamassassin with > sa-update > > He dropped everything to /var/lib/spamassassin/version > > He created the directory with several updates_spamassassin_org. Cf > And a updates_spamassassin_org.cf and updates_spamassassin_or

RE: Memory Leak?

Ron Smith wrote: > > Now, for those who want to engage is serious, and adult discussion > about what I think is a possible memory issue... I am still concerned > that there is a memory issue with SA. Because I've been aware that > under heavy loads, I've seen SA start to backup and the file count i

RE: Memory Leak?

> -Original Message- > From: Ron Smith [mailto:[EMAIL PROTECTED] > Sent: Friday, July 25, 2008 8:31 AM > To: users@spamassassin.apache.org > Subject: Re: Memory Leak? > > Yes, Kai, I noticed there were no replies. In fact, I've noticed that > for the most part many of the folks on this lis

Re: Sa-update

I could see the problem: read on: http://www.ijs.si/software/amavisd/#faq-spam amavisd realized that's who manages the upgrade of headers, overwriting any changes made by spamassassin. So what I incialmente is that the check is made by spammers by spamassassin alone, without the amavis as an in

Re: Memory Leak?

> On Jul 25, 2008, at 4:31 AM, Kai Schaetzl wrote: > >You notice that you didn't answer the question about memory? Until now > >you haven't verified at all that the problem is connected to sa. On 25.07.08 08:31, Ron Smith wrote: > Yes, Kai, I noticed there were no replies. In fact, You were expec

Re: Memory Leak?

Yes, Kai, I noticed there were no replies. In fact, I've noticed that for the most part many of the folks on this list try to be as unhelpful as possible to new posters on the list. Almost like there is challenge over who can be the quickest on either a rude comment or put- down. I've been

Sa-update

Hi, I have just done an update in the rules of my spamassassin with sa-update He dropped everything to /var/lib/spamassassin/version He created the directory with several updates_spamassassin_org. Cf And a updates_spamassassin_org.cf and updates_spamassassin_org.pre. Peguei of the includes upd

Re: whitelist_from_rcvd

On 25.07.08 06:44, Skip wrote: > I thought it might be that and had actually tried that before. I just > tired it again hoping that perhaps I had made a typo and it still did > not work. > > According to the documentation, the trusted_networks settings shouldn't > affect this, but here are min

Re: whitelist_from_rcvd

Jari Fredriksson wrote: Why would I not be whitelisted here? I have the following entrines in my user_prefs file whitelist_from_rcvd [EMAIL PROTECTED] pelorus.org internal_networks 192.168/16 internal_networks 69.89.22.106 It seems pelorus.org is your mx for incoming mail. According

Re: Logcheck messages

David Baron wrote: > I am now getting loads of these: > > Jul 24 08:46:57 d_baron spamd[5965]: spamd: still running as root: > user not specified with -u, not found, or set to root, falling back to > nobody > scantime=7.6,size=1901,user=root,uid=65534,required_score=5.0,rhost=ip6- > localhost,rad

Re: Memory Leak?

You notice that you didn't answer the question about memory? Until now you haven't verified at all that the problem is connected to sa. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com