Re: drop of score after update tonight

Reindl Harald Tue, 26 Aug 2014 01:47:44 -0700

found it - look at the bottom

the other thread where i try to find out why spam messages don't
get [SPAM] in the subject (still unsolved) turned out that
"sa-update" obviously changed the permissions of the folder
"updates_spamassassin_org" to 750 instead 755


after fixing that it is again above 7
identified spam (7.9/1.0)

7.5 versus 7.9 likely more training messages

in the meantime both (spamd and milter) are running
with the miler user, using a port above 1024 so it
can bind and make sure in the systemd-units that
permissions are never wrong in the future

ExecStartPre=/usr/bin/find /var/lib/spamassassin/ -type d -exec /bin/chmod 0755 
"{}" \;
ExecStartPre=/usr/bin/find /var/lib/spamassassin/ -type f -exec /bin/chmod 0644 
"{}" \;
ExecStart=/usr/sbin/spamass-milter -g sa-milt -r 7.5 -- -s 1048576 --port=10027
User=sa-milt
Group=sa-milt

PermissionsStartOnly=true
ExecStartPre=/usr/bin/find /var/lib/spamassassin/ -type d -exec /bin/chmod 0755 
"{}" \;
ExecStartPre=/usr/bin/find /var/lib/spamassassin/ -type f -exec /bin/chmod 0644 
"{}" \;
ExecStart=/usr/bin/spamd -c -H  --port=10027
ExecReload=/usr/bin/kill -HUP $MAINPID
User=sa-milt
Group=sa-milt

Am 25.08.2014 um 10:57 schrieb Reindl Harald:
> i am at setup a new mailgateway and playing around
> with spamassassin-3.4.0 and spamass-milter which
> looks both well - but after the update tonight my
> testmessage goes down from 7.5 to 5.3
> 
> that's one of the very high rated on a Barracuda
> appliance downloaded to a folder and only posting
> the plaintext part in a web-formmailer
> 
> not sure if it is a good idea to post the content :-)
> 
> 25-Aug-2014 06:04:43: SpamAssassin: Update processed successfully
> 
> 04:49:
> X-Spam-Status: Yes, score=7.5 required=5.0 tests=ADVANCE_FEE_4_NEW,
>  ADVANCE_FEE_4_NEW_MONEY,ADVANCE_FEE_5_NEW,ADVANCE_FEE_5_NEW_MONEY,ALL_TRUST
>  ED, BAYES_99,BAYES_999,DEAR_SOMETHING,DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,
>  LOTS_OF_MONEY,T_MONEY_PERCENT,URG_BIZ
> 
> 10:33:
> X-Spam-Status: Yes, score=5.3 required=5.0 tests=ADVANCE_FEE_4_NEW,
>  ADVANCE_FEE_4_NEW_MONEY,ADVANCE_FEE_5_NEW,ADVANCE_FEE_5_NEW_MONEY,ALL_TRUST
>  ED, BAYES_99,BAYES_999,DEAR_SOMETHING,DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,
>  LOTS_OF_MONEY,T_MONEY_PERCENT,URG_BIZ

-------- Weitergeleitete Nachricht --------
Betreff: Re: no subject tagging in case of "X-Spam-Status: Yes"
Datum: Mon, 25 Aug 2014 19:43:29 +0200
Von: Reindl Harald <h.rei...@thelounge.net>
Organisation: the lounge interactive design
An: users@spamassassin.apache.org

Am 25.08.2014 um 19:13 schrieb Karsten Bräckelmann:
> On Mon, 2014-08-25 at 18:55 +0200, Reindl Harald wrote:
>> Am 25.08.2014 um 18:00 schrieb Karsten Bräckelmann:
>> X-Spam-Status: Yes, score=3.7 required=1.0 tests=MISSING_DATE,MISSING_FROM,
>>         MISSING_HEADERS,MISSING_MID,NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS
>> Subject: [SPAM] Foo
>> X-Spam-Prev-Subject: Foo
>
> Exactly as expected. Subject tagging works.

yes

>> [root@mail-gw:~]$ su - sa-milt
>> [sa-milt@mail-gw:~]$ echo -e "Subject: Foo\n" | spamassassin 
>> --cf="required_score 1"
>
>> X-Spam-Status: No, score=0.0 required=1.0 tests=none
>> Subject: Foo
>
> No tests at all. I doubt the milter generated all those missing headers
> including From and Date, instead of a Received one only. So it seems the
> restricted sa-milt user has no read permissions on the SA config.
>
> As that user, have a close look at the -D debug output.
>
> spamassassin -D --lint

bingo - only a snippet below
thank you so much for setp in that thread
_______________________________________________________

the files inside exept one have correct permissions (0644)
but "/var/lib/spamassassin/3.004000/updates_spamassassin_org" not

that was pretty sure one of the first "sa-update" cronjobs because
as i started to play around the tagging was fine and i needed to
read manuals how to configure reject above a specific score and
later found out "well, and now the tagging don't work"
_______________________________________________________

on the shell now it looks fine, mail still not tagged, all
services hard restarted and as said at the begin of play
around one time it worked - strange

Subject: Test
X-Spam-Status: Yes, score=1.7 required=1.0 tests=ADVANCE_FEE_4_NEW,
        
ADVANCE_FEE_4_NEW_MONEY,ADVANCE_FEE_5_NEW,ADVANCE_FEE_5_NEW_MONEY,ALL_TRUST
        ED,     DEAR_SOMETHING,DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,LOTS_OF_MONEY,
        T_MONEY_PERCENT,URG_BIZ

i guess i will setup a cronjob to make sure the permissions
below "/var/lib/spamassassin/" are 755 and 644 for any item

[root@mail-gw:~]$ cat /usr/local/bin/sa-permissions.sh
#!/usr/bin/bash
/usr/bin/find /var/lib/spamassassin/ -type d -exec /bin/chmod 0755 "{}" \;
/usr/bin/find /var/lib/spamassassin/ -type f -exec /bin/chmod 0644 "{}" \;
[root@mail-gw:~]$ sa-permissions.sh
_______________________________________________________

[sa-milt@mail-gw:~]$ echo -e "Subject: Foo\n" | spamassassin 
--cf="required_score 1"
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
        mail-gw.thelounge.net
X-Spam-Status: Yes, score=3.7 required=1.0 tests=MISSING_DATE,MISSING_FROM,
        MISSING_HEADERS,MISSING_MID,NO_HEADERS_MESSAGE,NO_RECEIVED,NO_RELAYS
Subject: [SPAM] Foo
X-Spam-Prev-Subject: Foo
_______________________________________________________

Aug 25 19:18:58.225 [32610] dbg: config: file or directory
/var/lib/spamassassin/3.004000/updates_spamassassin_org/local.cf not 
accessible: Permission denied
Aug 25 19:18:58.226 [32610] dbg: config: file or directory
/var/lib/spamassassin/3.004000/updates_spamassassin_org/regression_tests.cf not 
accessible: Permission denied
[sa-milt@mail-gw:~]$ stat 
/var/lib/spamassassin/3.004000/updates_spamassassin_org/regression_tests.cf
stat: cannot stat 
'/var/lib/spamassassin/3.004000/updates_spamassassin_org/regression_tests.cf': 
Permission denied
_______________________________________________________

[root@mail-gw:~]$ stat /var/lib/spamassassin/3.004000/updates_spamassassin_org
  File: '/var/lib/spamassassin/3.004000/updates_spamassassin_org'
  Size: 4096            Blocks: 8          IO Block: 4096   directory
Device: 811h/2065d      Inode: 41664       Links: 2
Access: (0750/drwxr-x---)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2014-08-14 19:25:43.022151858 +0200
Modify: 2014-08-25 06:04:43.425632505 +0200
Change: 2014-08-25 06:04:43.425632505 +0200
 Birth: -

[root@mail-gw:~]$ chmod 755 
/var/lib/spamassassin/3.004000/updates_spamassassin_org
mode of '/var/lib/spamassassin/3.004000/updates_spamassassin_org' changed from 
0750 (rwxr-x---) to 0755 (rwxr-xr-x)

[root@mail-gw:~]$ ls /var/lib/spamassassin/3.004000/updates_spamassassin_org/
total 920K
-rw-r--r-- 1 root root 100K 2014-08-25 06:04 languages
-rw-r----- 1 root root  718 2014-08-25 06:04 MIRRORED.BY
-rw-r--r-- 1 root root 8.5K 2014-08-25 06:04 10_default_prefs.cf
-rw-r--r-- 1 root root 2.4K 2014-08-25 06:04 10_hasbase.cf
-rw-r--r-- 1 root root 7.5K 2014-08-25 06:04 20_advance_fee.cf
-rw-r--r-- 1 root root 8.9K 2014-08-25 06:04 20_aux_tlds.cf
-rw-r--r-- 1 root root 6.9K 2014-08-25 06:04 20_body_tests.cf
-rw-r--r-- 1 root root 1.9K 2014-08-25 06:04 20_compensate.cf
-rw-r--r-- 1 root root 9.6K 2014-08-25 06:04 20_dnsbl_tests.cf
-rw-r--r-- 1 root root  15K 2014-08-25 06:04 20_drugs.cf
-rw-r--r-- 1 root root  12K 2014-08-25 06:04 20_dynrdns.cf
-rw-r--r-- 1 root root 8.4K 2014-08-25 06:04 20_fake_helo_tests.cf
-rw-r--r-- 1 root root 3.0K 2014-08-25 06:04 20_freemail.cf
-rw-r--r-- 1 root root  42K 2014-08-25 06:04 20_freemail_domains.cf
-rw-r--r-- 1 root root  26K 2014-08-25 06:04 20_head_tests.cf
-rw-r--r-- 1 root root  11K 2014-08-25 06:04 20_html_tests.cf
-rw-r--r-- 1 root root 5.2K 2014-08-25 06:04 20_imageinfo.cf
-rw-r--r-- 1 root root 2.6K 2014-08-25 06:04 20_mailspike.cf
-rw-r--r-- 1 root root 3.3K 2014-08-25 06:04 20_meta_tests.cf
-rw-r--r-- 1 root root 1.9K 2014-08-25 06:04 20_net_tests.cf
-rw-r--r-- 1 root root 8.0K 2014-08-25 06:04 20_phrases.cf
-rw-r--r-- 1 root root 2.1K 2014-08-25 06:04 20_porn.cf
-rw-r--r-- 1 root root  16K 2014-08-25 06:04 20_ratware.cf
-rw-r--r-- 1 root root 5.7K 2014-08-25 06:04 20_uri_tests.cf
-rw-r--r-- 1 root root  19K 2014-08-25 06:04 20_vbounce.cf
-rw-r--r-- 1 root root 2.7K 2014-08-25 06:04 23_bayes.cf
-rw-r--r-- 1 root root 1.6K 2014-08-25 06:04 25_accessdb.cf
-rw-r--r-- 1 root root 1.6K 2014-08-25 06:04 25_antivirus.cf
-rw-r--r-- 1 root root 1.6K 2014-08-25 06:04 25_asn.cf
-rw-r--r-- 1 root root 2.3K 2014-08-25 06:04 25_dcc.cf
-rw-r--r-- 1 root root 4.4K 2014-08-25 06:04 25_dkim.cf
-rw-r--r-- 1 root root 2.9K 2014-08-25 06:04 25_hashcash.cf
-rw-r--r-- 1 root root 1.3K 2014-08-25 06:04 25_pyzor.cf
-rw-r--r-- 1 root root 3.4K 2014-08-25 06:04 25_razor2.cf
-rw-r--r-- 1 root root 9.6K 2014-08-25 06:04 25_replace.cf
-rw-r--r-- 1 root root 3.4K 2014-08-25 06:04 25_spf.cf
-rw-r--r-- 1 root root 1.8K 2014-08-25 06:04 25_textcat.cf
-rw-r--r-- 1 root root  13K 2014-08-25 06:04 25_uribl.cf
-rw-r--r-- 1 root root  28K 2014-08-25 06:04 30_text_de.cf
-rw-r--r-- 1 root root  20K 2014-08-25 06:04 30_text_fr.cf
-rw-r--r-- 1 root root 1.9K 2014-08-25 06:04 30_text_it.cf
-rw-r--r-- 1 root root  22K 2014-08-25 06:04 30_text_nl.cf
-rw-r--r-- 1 root root  18K 2014-08-25 06:04 30_text_pl.cf
-rw-r--r-- 1 root root  45K 2014-08-25 06:04 30_text_pt_br.cf
-rw-r--r-- 1 root root  38K 2014-08-25 06:04 50_scores.cf
-rw-r--r-- 1 root root 9.1K 2014-08-25 06:04 60_adsp_override_dkim.cf
-rw-r--r-- 1 root root 1.3K 2014-08-25 06:04 60_awl.cf
-rw-r--r-- 1 root root 2.2K 2014-08-25 06:04 60_shortcircuit.cf
-rw-r--r-- 1 root root 4.9K 2014-08-25 06:04 60_whitelist.cf
-rw-r--r-- 1 root root 6.1K 2014-08-25 06:04 60_whitelist_dkim.cf
-rw-r--r-- 1 root root 3.6K 2014-08-25 06:04 60_whitelist_spf.cf
-rw-r--r-- 1 root root 1.9K 2014-08-25 06:04 60_whitelist_subject.cf
-rw-r--r-- 1 root root 202K 2014-08-25 06:04 72_active.cf
-rw-r--r-- 1 root root  11K 2014-08-25 06:04 72_scores.cf
-rw-r--r-- 1 root root 2.7K 2014-08-25 06:04 73_sandbox_manual_scores.cf
-rw-r--r-- 1 root root 2.2K 2014-08-25 06:04 local.cf
-rw-r--r-- 1 root root 2.8K 2014-08-25 06:04 regression_tests.cf
-rw-r--r-- 1 root root 1.9K 2014-08-25 06:04 user_prefs.template
-rw-r--r-- 1 root root 1.5K 2014-08-25 06:04 STATISTICS-set0-72_scores.cf.txt
-rw-r--r-- 1 root root 1.5K 2014-08-25 06:04 STATISTICS-set1-72_scores.cf.txt
-rw-r--r-- 1 root root    0 2014-08-25 06:04 STATISTICS-set2-72_scores.cf.txt
-rw-r--r-- 1 root root    0 2014-08-25 06:04 STATISTICS-set3-72_scores.cf.txt
-rw-r--r-- 1 root root 4.7K 2014-08-25 06:04 sa-update-pubkey.txt

signature.asc
Description: OpenPGP digital signature

Re: drop of score after update tonight

Reply via email to