Re: [spamdyke-users] Blocking variations on a "From: " field

[BC via spamdyke-users]

On 9/28/2020 7:51 AM, Philip Rhoades via spamdyke-users wrote:



You need to block by header contents as it offers more wildcards:
https://www.spamdyke.org/documentation/README.html#HEADERS


From:*


Hmm . . I thought I had tried that - oh well, I will give it a shot!



I use this technique successfully but found that a space was required, 
thus:


From: *https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] TLS and LibreSSL

[BC via spamdyke-users]

Thank you, Sam.  I wentwith the traditional OpenSSL just to be sure.


On 6/4/2018 8:06 PM, Sam Clippinger via spamdyke-users wrote:
I have no idea -- I've never used LibreSSL.  As long as they've only 
updated the internal library code and not changed the API, it'll 
probably work fine.


-- Sam Clippinger




On May 26, 2018, at 2:42 PM, BC via spamdyke-users 
mailto:spamdyke-users@spamdyke.org>> 
wrote:




Will spamdyke compile with TLS using the LibreSSL libraries?


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] MAILER-DAEMON Flood

[BC via spamdyke-users]

Well, I have spamdyke-qrv installed and turned on in spamdyke.conf, 
but am still getting stuff like this (maillog):


Nov  8 21:48:51 33a45916-5b78-11e6-a0e5-0cc47a6975be spamdyke[17138]: 
ALLOWED from: filenkokir...@shopon.net to: sergushk...@bk.ru 
origin_ip: 10.0.1.15 origin_rdns: (unknown) auth: (unknown) 
encryption: (none) reason: 250_ok_1478666931_qp_17140


so someone is trying to use my system as a relay, right?

with the resulting MAILER-DAEMON bounce.  The 10.0.1.15 is the IP of 
the jail that qmail runs in.


Any other thoughts?


On 11/7/2016 9:13 AM, Gary Gendel via spamdyke-users wrote:
This doesn't look like it's email originating from your system.  
Instead, it looks like spamdyke has accepted the message and then 
qmail is doing the rejection.  My guess is that it passes through 
spamdyke with an invalid destination user. Qmail then tries to 
reject it.


You can avoid this by adding invalid user checks in spamdyke so it 
doesn't reach qmail by setting 
"recipient-validation-command=" (I use spamdyke-qrv) and 
"reject-recipient=invalid".


Gary



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] MAILER-DAEMON Flood

[BC via spamdyke-users]

Thank you very much. I'll look into that.

On 11/7/2016 9:13 AM, Gary Gendel via spamdyke-users wrote:
This doesn't look like it's email originating from your system.  
Instead, it looks like spamdyke has accepted the message and then 
qmail is doing the rejection.  My guess is that it passes through 
spamdyke with an invalid destination user. Qmail then tries to 
reject it.


You can avoid this by adding invalid user checks in spamdyke so it 
doesn't reach qmail by setting 
"recipient-validation-command=" (I use spamdyke-qrv) and 
"reject-recipient=invalid".


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] MAILER-DAEMON Flood

[BC via spamdyke-users]

It hasn't risen to the level of DDOS, yet, but I'm getting many 
hundreds of these messages per night (and it is now continuing during 
the day).


They look like this:



Hi. This is the qmail-send program at purgatoire.org.
I tried to deliver a bounce message to this address, but the bounce bounced!

:
212.4.107.202 does not like recipient.
Remote host said: 550 5.1.1: Recipient address rejected: 
telcom.es
Giving up on 212.4.107.202.

--- Below this line is the original bounce.




... each one with totally unrelated email and IP addresses and with variable 
sizes and all in MIME format.

I use FreeBSD here.  Running qmail in a jail.  I do use ssmtp running on the 
host (not jailed) in order to get the periodic daily/weekly/monthly reports.

Is someone somehow using my system to try to send spam?

Any idea how to block this?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Localhost relaying denied

[BC via spamdyke-users]

On 10/3/2016 6:58 AM, Faris Raouf via spamdyke-users wrote:

dns-blacklist-entry=b.barracudacentral.org


Comment out the above and try it again.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Spamdyke Port Maintainer for FreeBSD Ports

[BC via spamdyke-users]

While installing spamdyke on my latest FreeBSD build machine, I saw 
this notice:



Message from spamdyke-5.0.1_1:
===>   NOTICE:

The spamdyke port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be 
removed in

the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port



I claim nothing more than rank amateurish abilities in running a mail 
server for my personal, in-home use and know nothing about how to 
maintain a FreeBSD port.  I'm willing to learn how, but I'm a VERY 
slow learner with an obstinate bone in my head.  Anyone among you who 
uses FreeBSD and spamdyke several levels above me who might be willing 
to assume the maintainership role?


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Real Time Blacklists

[BC via spamdyke-users]

I'm building out a new server box and figured it is time to revisit my 
configuration files, including spamdyke.conf.  In 2014 I included some 
dns-blacklist-entry="entries...".


But in 2015/2016 my configuration didn't include any.

What say the congregants about the efficacy of RBL usage with spamdyke 
currently?


Do you have favorite entries for the dns-blacklist-entry= parameters?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] spam with rDNS resolving to "localhost"

[BC via spamdyke-users]

I've got 127.0.0.1 in my "blacklist_ip" file and the system seems to 
be working fine.


On 8/9/2016 4:02 AM, Faris Raouf via spamdyke-users wrote:


Dear all,

We’re having problems with spam being allowed in from IPs with rDNS 
resolving to “localhost”.


This gets past the reject-empty-rdns filter.

Initially I thought these IPs has no rDNS – using dnsstuff, I get no 
result (normally meaning no rDNS). But using host or dig I see the 
IPs really do reverse resolve to localhost.


**

Example log entry:

spamdyke[24468]: ALLOWED from: sqozt...@vnnic.net.vn to: 
redac...@redacted.tld origin_ip: 113.168.188.219 origin_rdns: 
localhost auth: (unknown) encryption: (none) reason: 
250_ok_1470423419_qp_24501





___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] softlimit error

[BC via spamdyke-users]

A, the ulimit limits.  I'd forgotten about those and was focusing 
on the "softlimit" word in the error.


Thanks, Sam.

On 5/5/2016 6:35 AM, Sam Clippinger via spamdyke-users wrote:
You're correct that those messages are related to limits, but not 
the ones softlimit can set.  Those messages are about "hard" limits, 
which are set using the "ulimit" command.  I'd guess either BSD has 
a default hard limit or something on your system is setting them 
before spamdyke runs.  Those limits are extremely high, so there's 
very little chance they're going to cause any problems, but spamdyke 
will keep complaining about them as long as log-level is "verbose" 
or higher.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] IPv6 Question

[BC via spamdyke-users]

That is what I figured.  Thanks, Sam.

On 5/5/2016 6:30 AM, Sam Clippinger via spamdyke-users wrote:
Right now, spamdyke has no support for IPv6 at all, so it can't 
understand that nameserver line.  However, the only consequence 
should be that error message -- it shouldn't have any trouble 
skipping that line and using the IPv4 nameserver.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] softlimit error

[BC via spamdyke-users]

Now that I've set log-level=excessive, I can see these two errors that 
spamdyke is spitting out a lot:


May  4 13:54:52 Xeon_Right spamdyke[18726]: 
ERROR(undo_softlimit()@spamdyke.c:3226): data segment hard limit is 
less than infinity, could lead to unexplainable crashes: 34359738368
May  4 13:54:52 Xeon_Right spamdyke[18726]: 
ERROR(undo_softlimit()@spamdyke.c:3244): stack size hard limit is less 
than infinity, could lead to unexplainable crashes: 536870912


Seems to be a harmless error report.

Per Sam's suggestion quite some time ago, I quit using the 'softlimit' 
option in the tcpserver startup "run" files.  Available memory >5GiB 
free all the time.  Very fast CPU.  The email part of the server is 
very lightly used as the box is primarily an NAS and for me to play 
and experiment with intellectually.


Had no crashes that I know of - been up for 41+ days since my last 
intentional reboot.


Thoughts?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] IPv6 Question

[BC via spamdyke-users]

Using FreeBSD here.

In addition to my normal IPv4 connection, I have an IPv6 tunnel set up 
via Hurricane Electric.  Also use unbound as my local DNS cache 
resolver for resolving both IPv4 & IPv6 addresses and it has been 
doing both for over a year now.


spamdyke doesn't seem to like the IPv6 resolver.  /var/log/maillog 
showing LOTS of lines like this (log-level=info):


May  4 13:08:56 Xeon_Right spamdyke[18382]: 
ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable 
nameserver found: fd00::1


My /etc/resolv.conf file contains these two lines:

nameserver 10.0.0.1
nameserver fd00::1

I didn't think that spamdyke is IPv6 aware?  Shouldn't it ignore the 
second nameserver line above?


In hopes of getting some more info about this, I've set 
log-level=excessive.


Thoughts?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Softlimit messages

[BC via spamdyke-users]

Wow. So for example, the starting linefor my smtpd-run file looks like 
this:


exec /usr/local/bin/softlimit -m 2 /usr/local/bin/tcpserver 
-4v -R -l $LOCAL \


and I can simply change it to this:

exec /usr/local/bin/tcpserver -4v -R -l $LOCAL \

with impunity?



On 6/20/2015 5:12 PM, Sam Clippinger via spamdyke-users wrote:
IMHO, everyone should delete the softlimit program from their 
servers immediately.  Not that I have a strong opinion on the matter 
or anything. :)



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] New version: spamdyke 5.0.1

[BC via spamdyke-users]

Thank you, Sam.  For so much work on this update, a measly 0.0.1 
version bump belittles it.



On 5/1/2015 11:36 AM, Sam Clippinger via spamdyke-users wrote:

spamdyke lives!

spamdyke version 5.0.1 is now available:
http://www.spamdyke.org/

This version fixes a ton of bugs, including a number of access 
violations that can lead to crashes.  Most importantly, the 
recipient validation feature now works correctly (and has been 
exhaustively tested).


Version 5.0.1 is backwards-compatible with version 5.0.0; simply 
replacing the old binary with the new one should be safe.


-- Sam Clippinger


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Error in log

[BC]

Thank you, Sam! I'll go through my .conf file, too and remove the 
offending stuff.


On 11/28/2014 2:49 PM, Sam Clippinger wrote:
Found the problem -- very obscure!  The structure of your 
configuration file is tickling a small bug so it adds an empty value 
to the end of the list of ip-in-rdns-keyword files.  The filter is 
running normally and I don't see any way this bug could possibly add 
anything but a blank value to the end of the list, so the error 
messages are just noise.  If you remove the comment lines from your 
configuration file, the error messages should stop.


Fixing this bug also uncovered a related bug that would throw an 
error (and stop spamdyke) if a line in the configuration file 
contains only a single space.  I thought I'd already fixed that 
before, but apparently not.


Thanks for reporting this!  I'm currently testing the next version 
and hope to release it next week with some important fixes to 
spamdyke-qrv.



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Error in log

[BC]

Same error here ona new build.  No time to pursue it presently.  
Curious about the solution as well.


On 11/27/2014 7:21 PM, Les Fenison wrote:

I keep seeing this error in the log every few minutes...
Nov 27 18:03:32 zeus spamdyke[28831]: 
ERROR(check_ip_in_rdns_keyword()@filter.c:919): unable to open 
keywords file : No such file or directory
Nov 27 18:14:28 zeus spamdyke[7028]: 
ERROR(check_ip_in_rdns_keyword()@filter.c:919): unable to open 
keywords file : No such file or directory
Nov 27 18:14:29 zeus spamdyke[7051]: 
ERROR(check_ip_in_rdns_keyword()@filter.c:919): unable to open 
keywords file : No such file or directory
Nov 27 18:14:34 zeus spamdyke[7080]: 
ERROR(check_ip_in_rdns_keyword()@filter.c:919): unable to open 
keywords file : No such file or directory

In my conf file I have...
ip-in-rdns-keyword-blacklist-entry=dyn
ip-in-rdns-keyword-blacklist-entry=dynamic
ip-in-rdns-keyword-blacklist-entry=dhcp
ip-in-rdns-keyword-blacklist-file=/etc/spamdyke.d/ip-in-rdns-keyword-blacklist.conf
In /etc/spamdyke.d I do have a file called 
ip-in-rdns-keyword-blacklist.conf
So it does exist. The permissions are exactly as they are for all my 
other config files in the same directory.  I don't understand why I 
am getting this error.

Les Fenison
www.DeltaTechnicalServices.com https://www.deltatechnicalservices.com
l...@deltatechnicalservices.com
(503) 610-8747


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Avoiding greylisting delays by making many exceptions

[BC]

At the suggestion of others here, I turned OFF greylisting last year, 
after having used it for years before that.  My spam level didn't 
increase one bit.  I think the RBL sites are pretty good at 
identifying spam originations, so I use thatmethod now.



On 11/4/2014 12:55 AM, Quinn Comendant wrote:

I'm new to greylisting, and have just set up spamdyke on a mail server with a 
few hundred users. Immediately my colleagues and I got annoyed with delayed 
deliveries to our personal addresses ;P.

I'm wondering if it would be a reasonable solution to create a 
`graylist-exception-rdns-file` containing the top 500 or so most common 
reputable rdns hosts? Surely no spam would be expected to originate from rdns 
origins matching, e.g.:

.twitter.com
.apple.com
.amazonses.com
.gmail.com
...etc

Using a list such as http://moz.com/top500 might be a good start. I hope this 
method would allow the prevention of delivery delays from the hosts people rely 
on most, while still inhibiting spam from the other 99.9% of rdns hosts.

Does anybody have experience using this method?

I'm trying it now, and will report back if I have any issues. But I don't have 
a history of using greylisting, so not sure if it is a best practice.

Thanks,
Quinn


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Avoiding greylisting delays by making many exceptions

[BC]

... and I'm not using the hunter_seeker script here.

On 11/4/2014 12:15 PM, Gary Gendel wrote:
I also remember this discussion but it was quite a while ago.  I had 
subsequently removed greylisting as well with no noticeable increase 
in spam.  I did add Sam's hunter_seeker script and it did make a 
difference. However, I haven't seen any new websites added to that 
blocklist so I wonder whether that is as effective as it used to be.


On 11/04/2014 02:03 PM, BC wrote:


I don't have a link to the conversation, but I literally turned off 
greylisting and turned on using RBLs at the same time.


On 11/4/2014 11:56 AM, Quinn Comendant wrote:

On Tue, 04 Nov 2014 08:05:22 -0700, BC wrote:

At the suggestion of others here, I turned OFF greylisting last year,
after having used it for years before that.  My spam level didn't
increase one bit.  I think the RBL sites are pretty good at
identifying spam originations, so I use thatmethod now.

Hi BC, thanks for the reply. Do you have a link to that discussion you had? I'd 
like to know how y'all value greylisting in today's internet climate.

I installed spamdyke at the same time as enabling several other spamassasin 
network rules. The result is, our users are seeing far less spam. But with all 
the changes, it's hard to say what is providing the most benefit (and what 
isn't). We were using rblsmtpd before, so the blocklists aren't a new aspect.

Perhaps I'lll leave greylisting enabled for another week, then turn it off and 
go another week and compare the metrics.



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] New problems with spamdyke

[BC]

On 10/30/2014 6:09 PM, Les Fenison wrote:
Still wondering what we are to use for encryption now that SSLv3 is 
vulnerable.   What are most people doing?  Leaving the submission 
port vulnerable by leaving SSLv3 available and securing all the rest 
of the ports?Or just giving up on email encryption.


Disabling ssl and only allowing tls?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] No TLS with openssl elliptic curve cipher suites / pfs perfect forward secrecy

[BC]

On 3/28/2014 12:47 PM, Eric Shubert wrote:

I'm also wondering, should 2048 and 4096 key lengths also be included?


As of January 1, 2014 key lengths of 1024 are not to be allowed for 
new installations going forward.  Newly issued certs have to be for a 
minimum of 2048 bit keys.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

On 3/9/2014 1:21 PM, Sam Clippinger wrote:
plus my private list that's generated by the hunter_seeker script.  
My private list has blocked about 4.5 times more connections today 
than the DNS RBLs.


Sam -

Is a functionality that could be built into spamdyke with a .conf 
configuration option?  It sounds delicious.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

On 3/8/2014 7:03 AM, Angus McIntyre wrote:

TL;DR: if you null-route every IP that HostNoc owns, it will make a dramatic 
difference to the amount of spam you see.


Angus,

To what does the TL;DR refer?   How are you null-routing all those 
IPs?  With spamdyke somehow?


Bucky

PS - this is a very informative discussion, so please to all, keep it up.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

On 3/8/2014 7:18 AM, Lutz Petersen wrote:


Instead make this spamdyke.conf Settings:

dns-blacklist-entry=bl.mailspike.net


This is the one causing all sorts of mischief lately - blacklisting 
and unblacklisting legit and non-spamming IPs rapidly.


What is wrong with barracuda?  You said it isn't relevant.  What 
does that mean?


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

Okay, thanks for the excellent explanation and I know how to null 
route an IP at the firewall.


On 3/8/2014 7:58 AM, Angus McIntyre wrote:

BC wrote:

On 3/8/2014 7:03 AM, Angus McIntyre wrote:

TL;DR: if you null-route every IP that HostNoc owns, it will make a
dramatic difference to the amount of spam you see.

To what does the TL;DR refer?

TL;DR is Internet slang for 'Too Long; Didn't Read'. As it's used now,
it's a way for someone who has written a long post to provide a very brief
summary of what they said (usually no more than a single line) for the
benefit of anyone skim-reading the post. Sometimes the summary may be a
humorous simplification of whatever was said.


... How are you null-routing all those IPs?  With spamdyke somehow?

I'm not actually null-routing HostNoc IPs (but believe me, I've been
tempted).

You could probably use spamdyke to block mail coming from HostNoc
customers, because spamdyke's ip blacklisting allows you to blacklist
entire address ranges as well as individual addresses.

However, when people talk of 'null-routing' an address, it means
configuring your firewall (such as an iptables firewall) to simply drop
any incoming packets from that source. It's the most absolute form of
rejection possible. The other host literally cannot connect to your system
in any way, because you've told the firewall Ignore everything coming
from here.

Basically, my TL;DR was saying If you refuse to accept any
communication whatsoever from this entire chunk of the Internet, it
wouldn't be a bad thing. And I was partly joking ... but only partly.

Angus


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

Thank you so much, Sam!

On 3/7/2014 2:02 PM, Sam Clippinger wrote:
Honestly, the RBL that seems to do the most good these days for me 
is the Barracuda Central list (b.barracudacentral.org 
http://b.barracudacentral.org).  I also use Spamhaus, Spamcop and 
Spam Eating Monkey, but together those three don't catch even a 
tenth of what Barracuda catches.


-- Sam Clippinger




On Mar 6, 2014, at 6:05 PM, BC bc...@purgatoire.org 
mailto:bc...@purgatoire.org wrote:





One of the RBLs I'm using isbl.mailspike.net  http://bl.mailspike.net.  Today 
they started
listing an IP which 100 other blacklists don't have listed.  Then it
delisted it, then it put it back, then delisted it again - all over
the course of a couple of hours.  Now blacklisted again.

What other free, RBL services are you guys using?


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

Do I need to sign up to use b.barracudacentral.org?  I've been looking 
around their website...


On 3/7/2014 2:11 PM, Gary Gendel wrote:
I tend to agree, however, it does depend on the ordering.  I found 
that there are a lot of duplications on the list so the first one 
tends to get the most hits.  My list consists of


b.barracudacentral.org
zen.spamhause.org

I've tried others, but the others I've added only add a very small 
additional catches and sometimes raise the false-negative results.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

Okay, thanks.  It told me to register, which I did... then it 
disappeared into a black hole (probably preparing to spam me into the 
next century :).  The about info said if you don't register the IPs 
from which you'll be making inqueries, they might add that IP to the 
blacklist.


Gulp.

I'll see if I can log in.


On 3/7/2014 2:32 PM, Sam Clippinger wrote:
No, it's publicly available.  Just add 
dns-blacklist-entry=b.barracudacentral.org 
http://b.barracudacentral.org to your spamdyke config file.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

Okay, it all worked.   Interesting that nowhere did they tell me to 
use the URL you listed below, butin 15 minutes I'll try it.  Sounds 
like you andGary recommend putting it as the first RBL in the 
spamdyke.conf file, right?


On 3/7/2014 2:32 PM, Sam Clippinger wrote:
No, it's publicly available.  Just add 
dns-blacklist-entry=b.barracudacentral.org 
http://b.barracudacentral.org to your spamdyke config file.


-- Sam Clippinger




On Mar 7, 2014, at 3:23 PM, BC bc...@purgatoire.org 
mailto:bc...@purgatoire.org wrote:




Do I need to sign up to use b.barracudacentral.org? I've been 
looking around their website...


On 3/7/2014 2:11 PM, Gary Gendel wrote:
I tend to agree, however, it does depend on the ordering.  I found 
that there are a lot of duplications on the list so the first one 
tends to get the most hits.  My list consists of


b.barracudacentral.org http://b.barracudacentral.org
zen.spamhause.org http://zen.spamhause.org

I've tried others, but the others I've added only add a very small 
additional catches and sometimes raise the false-negative results.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org mailto:spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users




___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] RBLs

[BC]

On 3/7/2014 3:25 PM, Sam Clippinger wrote:
Actually, the order of the options doesn't matter.  spamdyke queries 
all of the RBLs simultaneously and uses the first positive response 
it gets from the DNS server.


Okay, thanks for that bit.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] RBLs

[BC]

One of the RBLs I'm using is bl.mailspike.net.  Today they started
listing an IP which 100 other blacklists don't have listed.  Then it
delisted it, then it put it back, then delisted it again - all over
the course of a couple of hours.  Now blacklisted again.

What other free, RBL services are you guys using?


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] New version: spamdyke 5.0.0

[BC]

Thank you, Sam.  Will spamdyke do IPv6 records as well?


On 1/28/2014 8:42 AM, Sam Clippinger wrote:
Just when you thought it was safe to go back in the water... 
spamdyke version 5.0.0 is now available!  Get it here:

http://www.spamdyke.org/

This version is a major update that adds 12 new options, renames 3 
options and removes 5 options.  The meaning of whitelisted is 
changed to allow whitelisted connections to bypass spamdyke's 
filters but not to automatically relay (unless allowed for some 
other reason).  DNS searches for valid sender domains will now 
prioritize MX records before A records.  Full recipient validation 
is now available.  Sender addresses can be rejected if they don't 
match the username given during authentication (or if the domain 
doesn't match).  Lots of bug fixes too!


Because of all the changes to spamdyke's options, version 5.0.0 is 
not backwards compatible with previous versions. Be sure to read the 
documentation before upgrading!



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] 0byte graylist entries

[BC]

  
  

On 11/23/2013 8:55 AM, Eric Shubert
  wrote:


  
Having said that, I've come to the conclusion that graylisting isn't 
worth it to me. I disabled graylisting several months ago, and haven't 
really noticed any less effectiveness. Measuring the effectiveness of 
graylisting properly is very difficult, and it's a pain for users 
(myself included) at times. With all of the other filters spamdyke 
provides, I don't think the cost of graylisting is worth the benefit. Of 
course, YMMV.


Curious you bring that up. In perusing the logs, it (very
subjectively) looks like r_dns lookups are blocking 95% of the spam,
RBL is getting about 4% and graylisting is only being invoked about
1% of the time.

But what is the "cost of graylisting"? Graylisting delays a legit
email by X amount of minutes. Is that the pain of which you are
talking?

  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] 0byte graylist entries

[BC]

  
  

On 11/23/2013 9:39 AM, Eric Shubert
  wrote:


  But what is the "cost of graylisting"?  Graylisting delays a legit email
by X amount of minutes.  Is that the pain of which you are talking?


  
Yes. I realize that the impact of the delay is infrequent, but when it 
happens, it's really annoying, and it impacts productivity. In my case, 
it usually happens when an email confirmation or notification of some 
sort is required to do something. This is the absolute worst time for 
there to be a delay, as it interrupts that process.


Haha. Now that is a good point and I've been annoyed by that as
well. Perhaps I'll try turning off graylisting for a while and see
if it makes much difference.

Thanks!

  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] 0byte graylist entries

[BC]

  
  

Thank you, Sam.
spamdyke is a wonderful spam
  blocker!

  
On 11/23/2013 2:43 PM, Sam Clippinger
  wrote:


  For what it's worth, I agree.  Graylisting was designed to stop spam coming from spambots on infected home PCs -- because they're not "real" mail servers, they won't retry their deliveries.  But the rDNS and blacklist filters seem to stop almost all deliveries from home PCs these days, so graylisting almost becomes redundant.  (It's always fascinated me that the authors of those spambots didn't implement a retry feature -- it would have been so simple to do...)

It seems to me the most "effective" spam these days is coming from compromised email accounts -- a spammer gets someone's password and pumps thousands of messages through their mail server with the user's credentials.  I've added some additional filters to spamdyke's next version to limit allowed sender addresses after authentication -- the address can be required to exactly match the authentication username or just the domain can be required to match.

Next version coming Real Soon Now(tm)! :)

-- Sam Clippinger



  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] 0byte graylist entries

[BC]

  
  

Interesting. I've
been doing it this way - should I stop?

# time to delete old, empty
  graylist entries older than 15 days (empty files  empty
  directories)
  
  find /var/qmail/antispam/graylist/ -type f -mtime +15 -print
  -delete
  
  find /var/qmail/antispam/graylist/ -empty -type d -mtime +15
  -print -delete

I run these in that order.
  
Seems to do as I ask...


  
On 11/22/2013 10:09 AM, Eric Shubert
  wrote:


  On 11/19/2013 04:46 AM, Gary Gendel wrote:

  
Spamdyke does clean up these files periodically (as set by
graylist-max-secs)

  
  
I don't believe this is entirely true. Spamdyke will honor/see these 
expirations only if/when another email is sent after this time has 
elapsed, in which case the graylist process starts anew. Over time, 
un-resent records accumulate, which can take its toll on inodes.

This is why I wrote the qtp-prune-graylist script:
http://qtp.qmailtoaster.com/trac/browser/bin/qtp-prune-graylist
:)

Come to think of it, I should package that script with the spamdyke rpm. 
Oh, I should mention that you can find rpms for spamdyke at 
http://mirrors.qmailtoaster.com/. They're presently in the /testing 
directory, and will migrate to /current (stable) once everything's been 
tested. The spamdyke package should already be solid though. Very soon 
you'll be able to use yum to install it as well, once the 
qmailtoaster-release package (containing the yum repo stuff for QMT) is 
available.


Note for posterity: the qtp web site is being migrated/integrated with 
the QMailToaster organization at GitHub: https://github.com/QMailToaster
Look for this script there if the qtp.qmailtoaster.com site is gone. It 
might be in the spamdyke package there. :)





  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] 0byte graylist entries

[BC]

  
  

On 11/22/2013 7:09 PM, Gary Gendel
  wrote:


  
  My graylists do get constantly pruned
but others seem to have old ones remaining. Then again, my
graylist-max-secs is set to 1296000 (one day) which is probably
shorter than most.
  


That looks like 15 days to me.

  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Reducing hard disk usage

[BC]

  
  

You actually answered another question I had as well. I noticed in
my latest server-build, that the 'top' command shows an additional
line that I'd not seen on the previous server:

Mem: 36M Active, 29M Inact, 206M Wired, 5647M Free
ARC: 59M Total, 12M MFU, 45M MRU, 32K Anon, 587K Header, 1766K
Other
Swap: 2048M Total, 2048M Free

That must be the ARC to which you make reference, yes?

but despite having 6GB RAM here, I'm hearing the hard drive doing a
lot of logging, and the boot drive is booted into zfs. So it
doesn't seem that much is being retained in the ARC RAM. Is there a
specific way that you turn that function 'on'?


On 11/1/2013 11:00 AM,
  spamdyke-users-requ...@spamdyke.org wrote:


  With ZFS this happens automatically because the file information is 
cached in the ARC RAM unless forced out.  I'm currently running a 91% 
cache hit rate on this server which runs file, web, streaming, and mail 
services.  It's running OpenIndiana (hipster) and has 4G RAM with 4 TB 
mirrored disk space (half full).


  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Reducing hard disk usage

[BC]

  
  


You are doing what I want to do. Which RAMdisk program are you
running? Do you have a script that flushes the RAMdisk contents to
disk periodically, so the info on the hard disk doesn't get too
stale between reboots?

Could you share your init Script(s) with me?

Thank you.


On 11/1/2013 11:00 AM,
  spamdyke-users-requ...@spamdyke.org wrote:


  We don't greylist. But all external (receiving only) Frontend Servers Mailers
are running in Ramdisks. This gives extremely good results espacially when
receiving extreme high amounts of incoming Mails..

If rebooting one of these Servers there are init Scripts that copy 1:1 all
Files, empty Queues and so on from a Master at a Harddisk to the Ramdisk.


  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Reducing hard disk usage

[BC]

  
  

The other question I forgot to ask...

With zfs and 4G RAM running, the prefetch is automatically
disabled. Did you make the loader.conf change to enable prefetch
caching anyway?

Thanks.

On 11/1/2013 11:00 AM,
  spamdyke-users-requ...@spamdyke.org wrote:


  With ZFS this happens automatically because the file information is 
cached in the ARC RAM unless forced out.  I'm currently running a 91% 
cache hit rate on this server which runs file, web, streaming, and mail 
services.  It's running OpenIndiana (hipster) and has 4G RAM with 4 TB 
mirrored disk space (half full).


  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Reducing hard disk usage

[BC]

  
  

I can see I have some
reading to do. Thanks.

  
On 11/1/2013 1:32 PM, Gary Gendel
  wrote:


  
  Prefetch is evil and is disabled by
default in illumos based distributions (in newer versions it is
enabled for scrubs since these are sequential in nature and can
get a performance boost). I'm talking about the Adaptive
Replacement Cache (ARC). This uses various metrics such as lru
to determine what to keep in RAM. As long as there is enough
RAM, it will keep things cached forever.

On 11/01/2013 03:02 PM, BC wrote:
  
  


The other question I forgot to ask...

With zfs and 4G RAM running, the prefetch is automatically
disabled. Did you make the loader.conf change to enable
prefetch caching anyway?

Thanks.

On 11/1/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org
  wrote:


  With ZFS this happens automatically because the file information is 
cached in the ARC RAM unless forced out.  I'm currently running a 91% 
cache hit rate on this server which runs file, web, streaming, and mail 
services.  It's running OpenIndiana (hipster) and has 4G RAM with 4 TB 
mirrored disk space (half full).

  


  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Reducing hard disk usage

[BC]

  
  

Does anyone use some sort of RAMdisk or memory disk to hold the
graylist?

I just did a 'du' on my graylist and it takes up 85mb of space.

I'm trying to reduce the amount of hard drive accesses going on.

  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Reducing hard disk usage

[BC]

  
  

Darn Thunderbird
update...changed my default
  settings.


Here was my question:

  
Does anyone use some sort of RAMdisk or memory disk to hold the
graylist?

I just did a 'du' on my graylist and it takes up 85mb of space.

I'm trying to reduce the amount of hard drive accesses going on.
  

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] ip-in-rdns-keyword-blacklist-file

[BC]

Thank you, Sam.  That is a subtlety which I missed in reading the 
really excellent documentation!


On 10/3/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Close... but you need a leading dot if you want it to match a domain name 
 instead of looking for the keyword in the middle of the name.  So change your 
 file to contain this:
   .rr.com
 That should do it!

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] ip-in-rdns-keyword-blacklist-file

[BC]

This spam got through today (after being graylisted 8 minutes):

Oct  2 13:53:25 C2Q_Q9400 spamdyke[66462]: ALLOWED from: (unknown) to: 
b...@purgatoire.org origin_ip: 24.227.125.250
origin_rdns: rrcs-24-227-125-250.se.biz.rr.com auth: (unknown) 
encryption: (none) reason: 250_ok_1380743605_qp_66464

My ip-in-rdns-keyword-blacklist-file contains an entry (out of many 
others) on one line like this:

rr.com


Am I misunderstanding how this should work?  The filter should have 
found the 'rr.com' in the rdns name that also contained the IP 
address, right?

Thanks in advance.
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Blacklisting 127.0.0.1

[BC]

How about if I put 127.0.0.1 into the blacklist_ip file?

Potential downsides?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] spamdyke-users Digest, Vol 75, Issue 9

[BC]

On 8/17/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Does your server have an IPv6 address?  It's possible something is accepting 
 incoming connections on an IPv6 interface and tunneling back into the 
 localhost interface for software that doesn't support IPv6 (i.e. spamdyke and 
 qmail).

Doesn't look like it.  em0 is the outside interface, retrieved with 
ifconfig:

em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500
options=219bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC
 ether 00:1b:21:xx:yy:zz
 inet 75.145.120.61 netmask 0xfffc broadcast 75.145.120.63
 inet 10.1.10.79 netmask 0xff00 broadcast 10.1.10.255
 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL
 media: Ethernet autoselect (100baseTX full-duplex)
 status: active


Puzzling, but not even a nuisance.

Thanks.

Bucky


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] 127.0.0.1

[BC]

On 8/14/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Gulp.  Could I be spamming myself?
 
 
 On 8/13/2013 11:00 AM,spamdyke-users-requ...@spamdyke.org  wrote:
 It looks like the originating IP address was 127.0.0.1, which is your 
 server.  In other words, this log entry is for a message that was 
 generated by something on your server.  The reject-unresolvable-rdns 
 filter won't block connections where the name is localhost and the IP 
 address is 127.0.0.1 -- that would block any emails generated by mailing 
 lists, cron jobs, contact forms, etc.  It only blocks localhost when 
 the IP address is*not*  127.0.0.1
 Webmail perhaps on the same host?

No.  I'll have to watch for another example of this.  The spam message 
was processed by qmail at the same time the spamdyke log entry 
happened and nothing else happened on the machine anywhere near that 
time (not a busy machine).  If I find another example of this, I'll 
parse out and post everything about it.

Thanks to all.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] 127.0.0.1

[BC]

Gulp.  Could I be spamming myself?


On 8/13/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 It looks like the originating IP address was 127.0.0.1, which is your server. 
  In other words, this log entry is for a message that was generated by 
 something on your server.  The reject-unresolvable-rdns filter won't block 
 connections where the name is localhost and the IP address is 127.0.0.1 -- 
 that would block any emails generated by mailing lists, cron jobs, contact 
 forms, etc.  It only blocks localhost when the IP address is*not*  127.0.0.1

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] spamdyke-users Digest, Vol 75, Issue 4

[BC]

H.  Just checked both whitelist files and nothing in them relates 
to localhost or anything else that would have allowed this that I 
can tell.

Clearly the rDNS name was shown as localhost.

Aug 11 13:40:50 C2Q_Q9400 spamdyke[73552]: ALLOWED from: (unknown) 
to:bc...@purgatoire.org  origin_ip: 127.0.0.1 origin_rdns: localhost auth: 
(unknown) encryption: (none) reason: 250_ok_1376250050_qp_73554


Other thoughts?  I'm willing to experiment for you, if you wish.



(PS - no spam today, so the blacklists seem to be working.)
On 8/12/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 The reject-unresolvable-rdns filter should block connections from hosts with 
 rDNS names of localhost.  Are you sure you this connection wasn't 
 whitelisted for some reason -- i.e. you don't have localhost in your rDNS 
 whitelist?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Spam getting past, ip-in-rdns-keyword-blacklist-file?

[BC]

On 8/11/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Aug 10 08:18:38 C2Q_Q9400 spamdyke[64027]: ALLOWED from: (unknown) to:
 [myemailaddress]  origin_ip: 5.248.89.179 \
origin_rdns: 5-248-89-179-broadband.kyivstar.net auth: (unknown)
 Simply use the standard Blacklists. This IP (all ..broadband.kyivstar.net)
 ist blacklisted by Spamcop, CBL and the Spamhaus Policy List too.

Okay, thanks.

I also misread the documentation - I was thinking that spamdyke would 
block any connection with an rdns which included the IP address, but 
it will only do so if it contains an IP address *and* a keyword.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Spam getting past, ip-in-rdns-keyword-blacklist-file?

[BC]

Thank you very much. I'll add those and see what happens.

On 8/11/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Sorry - was too fast. Here is what you need to add in your spamdyke.conf:



 dns-blacklist-entry=bl.spamcop.net
 dns-blacklist-entry=zen.spamhaus.org
 dns-blacklist-entry=bl.mailspike.net

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Blocking @ru

[BC]

Ooops.  That is exactly the problem. The envelope sender is someone else.

Sorry...

On 6/15/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Are you sure the envelope senders end in .ru?  In other words, the log 
 messages from spamdyke should show from:xxx...@yy.ru.  If the .ru is 
 part of the rDNS name or it's only on the From: line in the message header, 
 sender blacklisting won't catch it.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Next Release

[BC]

This just boggles the mind.  Thank you for continuing to work on 
spamdyke, Sam...


On 6/15/2013 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Yes, I am still trying to get that finished.  The testing is taking forever 
 -- there are 237K test scripts for that feature alone and each one takes a 
 minimum of 6 seconds to run.  Plus work got pretty hectic over the last two 
 months, so I've had almost no time to keep the process moving forward.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Blocking @ru

[BC]

A previous poster asked about blocking entire domains and asked if 
something like @ru would block all @.ru mail.

It seemed that Sam chimed in and said it wasn't intended to do so, but 
does apparently work.

Well, it doesn't...

In my blacklist_senders file I've tried both @ru and @.ru and 
neither blocks anything from the domain .ru.

Other suggestions?

I'm running the lastest spamdyke.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] spamdyke-users Digest, Vol 67, Issue 11

[BC]

Sam has made this very simple to do by following the directions. Takes 
only minutes.




On 12/24/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Yes.  In the documentation folder, there is a file named 
 UPGRADING_version_3_to_version_4.txt that lists exactly what options need to 
 be changed.  It's mostly a matter of renaming some of the options in your 
 configuration file.  Be sure to use the config-test feature to check your 
 configuration file when you're done making changes!

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Replying Quoting

[BC]

A favor please.

Can we trim up the responses a bit?  They are almost all requoting.

Thanks.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Where to run the caching DNS resolver

[BC]

This is probably over my head.

 From my reading about a DMZ, that would require using a 3rd NIC on 
the host machine, right?  I have a mobo NIC that I'm not using 
presently and could assign it an address of say,  10.10.0.1 (the LAN 
is 10.0.0.1)

Presently, everything that is running on the host machine is basically 
attached to the 10.0.0.1 IP address in some way or another.  For a 
short time I experimented with tinydns and ran it on the 127.0.0.1 IP 
on the host, but I don't use local dns hosting.


So, if I'm understanding you the proper way to do this would be like so:


 _ LAN (10.0.0.1) - all the 
processes needed (dhcp, resolver), various Windows machines...
/
WAN (internet)/
  \
   \__DMZ (10.10.0.1) - email server, 
spamdyke, separate resolving cache



Do I have this right?  Then I'd punch a hole through the firewall 
between 10.0.0.1 and 10.10.0.1 so I could do my email via the LAN?





On 9/3/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Here's the thing. Your mail server should be on the DMZ subnet (I'm not
 sure of PF's terminology). That subnet has no access to dhcp or
 resolvers, for security reasons. I suppose you could punch a pinhole for
 DNS requests, but that sort of defeats the purpose. Since all hosts in
 the DMZ should use a resolver/recursor which is not on the (trusted)
 LAN, they can a) use their own, b) use a common one on the DMZ subnet
 (but preferably*not*  an authoritative DNS host), or c) use one provided
 by an ISP or other service (OpenDNS and Google provide several free
 ones). The options are in order of efficiency, and probably preference
 as well for most cases.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Where to run the caching DNS resolver

[BC]

On 9/2/2012 8:44 AM, spamdyke-users-requ...@spamdyke.org wrote:
 That's how I started as well. :)

 You might want to consider putting an IPCop (or other suitable firewall)
 host on your perimeter. I think it's the next logical step for your
 situation.

Whew, good to know I'm on track.

Running pf here, which is of one of the common firewalls for FreeBSD.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Where to run the caching DNS resolver

[BC]

A novice question perhaps, but does it matter much where one runs the 
local caching resolver?

I have a LAN with IP 10.x.x.x and simply use 10.0.0.1 as the local IP 
for the resolver.  My understanding is that any local IP can be used 
so long as it can be reached by those functions needing access to it.

Would I gain any advantage by using 127.0.0.1 instead?


On 9/1/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Given what you've described, I would consider whether the host is
 running a caching nameserver or not. What are the contents of
 /etc/resolv.conf ? spamdyke is rather heavy on DNS, and network traffic
 can be reduced a bit by running a resolver on localhost (127.0.0.1).

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Where to run the caching DNS resolver

[BC]

I think I understand what you are saying.

My local LAN is quite simple:  only one *nix box and it sits between 
the internet source and the rest of the machines on my LAN.  That one 
box contains two NICs - the public (WAN-side NIC) and the private 
(LAN-side NIC) and runs spamdyke (as well as myriad other processes 
including qmail).  The LAN-side NIC is the 10.0.0.1 IP and that is 
where the resolving cache runs.   The box owns the 127.0.0.1 IP, 
right, just as every over box on the LAN has its own 127.0.0.1 (local 
host)?

I'm presuming that if I had a second *nix box on the LAN and was 
running spamdyke over there, then I'd potentially be creating a lag 
time in responsiveness.

Am I understanding what you are saying?

PS - my email server has only one customer, me.


On 9/1/2012 8:38 PM, spamdyke-users-requ...@spamdyke.org wrote:
 I think the question might have been (as I read it) regarding a
 configuration where the resolver is on the local network (private lan),
 but not on the host which is running spamdyke (not accessible as
 127.0.0.1). This is not as ideal as having the resolver running on
 spamdyke's host, as all DNS traffic hits the wire in this case. However,
 cached requests don't make it out to the ISP, so it would help in that
 regard. If your LAN isn't hurting for bandwidth, this setup could be
 sufficient, but it's not ideal.

 I hope this makes sense.

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] DNS resolver and cache

[BC]

Any good reason to NOT use djbdns, then?  I'm not opposed to switching 
if there is a GOOD reason to switch.

I run a tiny mail server with essentially one customer - me.


On 7/16/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 I can't think
 of any good reason to use djbdns any more.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] DNS resolvers and local caching

[BC]

I know that a local DNS server is virtually required for good 
performance with spamdyke.

Am curious what you don't like about djbdns?  Or what you like better 
about unbound?

unbound looks interesting and is available to me via the FreeBSD ports 
collection.


On 7/13/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Is this to say that you used to use djbdns for your caching DNS server
 but you are going to something else?
 Yes.  I'm playing with unboundwww.unbound.net



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting Effectiveness

[BC]

Right.

But the bottom line is that spamdyke is still doing a fabulous job of 
blocking spam by whatever filter is doing it.

Thanks.


On 7/13/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Well, remember the filters run in a specific order.  Graylisting is one of 
 the very last filters to run -- it only gets a chance to reject connections 
 that have already passed every other filter.  So it's very possible some of 
 the connections rejected by the missing rDNS filter would also have been 
 stopped by graylisting, which would make graylisting's effectiveness appear 
 higher.  Ditto for the other tests like DNS blackholes, earlytalkers, etc.

 The only way to know for sure would be to disable every other filter and see 
 what happens to the rejection rate.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting effectiveness?

[BC]

On 7/12/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 I use an internal caching DNS server as a DNS forwarder for spamdyke's
 dns requests.  This way I only need to query outside once, and
 subsequent spam bursts from the same server are rejected by local
 lookups to the cache.  This dramatically lowers my pound rate on the
 above servers and gets subsequent spam rejected very quickly.  I used to
 use dnscache, but I'm currently testing unbound as a replacement.

Is this to say that you used to use djbdns for your caching DNS server 
but you are going to something else?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting effectiveness?

[BC]

On 7/11/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 I've disabled graylisting on a few domains that are sensitive to timely
 delivery. They haven't complained about any increase in spam. You might
 try doing the same to see the effect.

 I expect that the various rDNS filters, along with blacklists, are doing
 an adequate job.

I'm not using any external blacklists, just what spamdyke does internally.

Shall I risk it and see?

The maillog shows a LOT of greylisted attempts that are never 
repeated.  A LOT!!!

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] spamdyke-users Digest, Vol 62, Issue 6

[BC]

How interesting.  Well, whatever the reason I still only very 
occasionally get any spam, yet when I look at the maillog there are 
countless attempts to send me span each day.  One in particular that 
is amusing is to one email address I used exactly ONE time 10 years 
ago.  There are hundreds of attempts to send me email to that address, 
every day.

So spamdyke is still tops in my mind and I look forward to Eric's 
findings.


On 7/10/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 What does all that mean?  I have no idea -- remember what Mark Twain said 
 about statistics.  I didn't do anything to match senders to recipients, check 
 if the messages were actually spam, allow for frequent senders or mailing 
 lists, check if the rejections came before or after the successes, etc.  (For 
 that matter, I'm not even completely sure my search commands were written 
 correctly.)  Also, since the DNS filters kick in before graylisting does, 
 it's impossible to say how the graylisting percentage would change if I 
 turned off all the DNS filters.  Until those factors are accounted for, the 
 numbers don't actually mean anything.  Hopefully Eric's script will allow for 
 all that (assuming he's writing one). :)


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting effectiveness?

[BC]

Then why am I not getting hammered with spam?  Is it the 
failed-reverse-lookup that is saving me?


On 7/9/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Overall, I suspect Eric suspects what I also believe -- graylisting isn't 
 effective any more.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Graylist performance

[BC]

On 7/8/2012 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 I think that the simplest way of matching up messages would be if the
 log messages contained the Message-ID field from the email headers. I
 checked the TODO.txt file, and Frank beat me to the request:
 Log the Message-ID field so a message can be tracked from delivery to
 disk. spamdyke will need to add the Message-ID field if needed.  Credit
 goes to Frank SDI.

 So I'd like to add +1 for this enhancement. Without it, the
 effectiveness of graylisting cannot be accurately determined

A very clever suggestion.  My hat is off to both you and Frank!

And I second the kudos to Sam for writing/supporting spamdyke.

Bucky



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Problems with outgoing SPAM

[BC]

Is this what the tar pit option in qmail is suppose to do?


On 7/18/2011 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 I would like to know
 if spamdyke can block relay if the client is trying to send a lot of
 email in a small period of time or something else that can ease this
 problem.
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Help with spamdyke...

[BC]

There is something else amiss here, from my reading of the logs.  If 
there is gobs of memory available, then do as Sam suggests and 
allocate a LOT - say 300mb to the softlimit and retest.  I'd wager 
there will still be troubles.

On 6/9/2011 11:54 AM, spamdyke-users-requ...@spamdyke.org wrote:
 So instead of hitting the spamdyke timeout, it hit a timeout on the i/o
 operation. Still doesn't point to the root cause. :(
 Why softlimit doesn't issue some sort of error message is beyond me. I'm
 still inclined to ditch it.
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Spamdyke!

[BC]

Sam - we all have to earn a living and know that Spamdyke is a labor 
of love-alone for you (and for US!!!)

We all appreciate to the tips of our toes, what you've created here.

Thank you very much!


On 5/6/2011 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 I'm sorry the fixes have taken so long, but I've had very little free
 time for spamdyke lately.  I'll try to get everything wrapped up and
 released within the next week.
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Thinking out loud

[BC]

Thank you, Sam, for puzzling this out on-list.  Always interesting to 
see how a programmer's mind works.

Bucky


On 3/12/2011 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 So, two bugs.  I'll get them fixed. :)  Thanks for reporting this!
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] reject-identical-sender-recipient - how, it works?

[BC]

kudos to Eric.  He is right - it is very counter intuitive.  Spamdyke 
blocks 98.9% of spam and doing as Eric suggested got rid of another 1%.

On 1/12/2011 11:00 AM, spamdyke-users-requ...@spamdyke.org wrote:
 Another method of rejecting this sort of spam (forged from addresses) is
 to blacklist the domains that you host. This is counter intuitive, but
 works very well. Since all of your domains' users authenticate (they all
 do authenticate, right?), they will pass spamdyke's filters, and all
 imposters will be rejected.
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] What firewalls do you use?

[BC]

Was wondering what firewall programs you folks use with your 
OS/qmail/spamdyke setups?

For example, for years now I've used FreeBSD/qmail/spamdyke with the 
ipfw firewall.

I'm planning to change from ipfw to pf (which comes from OpenBSD) as 
the firewall.  They work in fundamentally different ways.  Anyone have 
trouble using pf with their qmail/spamdyke setup?

Thanks,

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Databases revisited

[BC]

I'm not a savvy programmer, so consider that when reading my comments.

On 10/23/2009 spamdyke-users-requ...@spamdyke.org wrote:

  I'm thinking that no database might just be the best for this
  particular application (spamdyke).

  I don't know where people get the idea that databases provide better
  performance than a native filesystem. The database is implemented on
  top of a native filesystem after all.  ;)

I think there is some joking about such an argument.  Short of trying it 
out both ways, who is to know?

  If someone is really interested in speed, why not simply put
  spamdyke's config file(s) on a ram drive?

Would that materially speed things up?  I don't know.  I remember when 
Sam opted for no config file over just command line arguments.  As I 
understood it, the config file might be too slow.  Is the config file 
approach taken now because it doesn't slow things up much or where the 
command line arguments exceeding the max allowed by *nix?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Databases revisited

[BC]

Hi Sam -

That is a pretty good synopsis of what he is doing.  Doesn't he claim to 
find *any* sought after data in no more than 7 seeks?  Maybe I misread 
that somewhere.  :)

My take on the below would be that if spamdyke remains a qmail-only spam 
blocker, then going with a cdb-based database would be okay (with the 
provisos you point out.)  But if spamdyke is ultimately going to go 
mainstream (work for most any MTA), then I'd say pick the database you 
like the best.

Bucky


On 10/22/2009 spamdyke-users-requ...@spamdyke.org wrote:

  So I said all that to say this: I don't personally believe CDB files
  live up to the hype, nor do I believe they solve any real-world
  problems
  (they're still binary formats, they can't be shared between servers,
  etc) but if people want them I can support them.


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] ERROR: Unable to write... Broken Pipe

[BC]

On 6/2/2009 spamdyke-users-requ...@spamdyke.org wrote:

  You don't need to worry about this. The sender disconnected. It is a
  common thing to see in the logs. There's no error.

Thank you very much!  Was worrying I'd have to engage a plumber...

Bucky



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] ERROR: Unable to write... Broken Pipe

[BC]

Found several of these messages sporadically in the ../maillog file today:


[date/time/machine] spamdyke[57524]: ERROR: unable to write 26 bytes to 
file descriptor 1: Broken pipe


Any ideas where I should start looking?

Thanks,

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Ancient email address

[BC]

A small bit of education for me, please...

In September 2002 (!) for 2 weeks I used a TEMPORARY email address of 
say xyzzyx(at)purgatory.org.  After those two weeks I deleted the 'for 
sale' ads for which that email address was used.  The server on which 
that 'for sale' ad, and therefore my email address existed was destroyed 
5 years ago.

Today, SEVEN years later I see that spamdyke is blocking email to that 
very email address.

Do email addresses ever go away?  Where do spammers find 7 y/o email 
addresses?  For that matter, I still get email attempts to an email 
address I haven't used in 13 years.

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] How qmail works...

[BC]

Thank you, Sam, for a very excellent explanation of how it all works.

Have you considered writing an MTA to replace qmail which can use spamdyke?

Looking forward to the next version...

Bucky



On 5/4/2009 spamdyke-users-requ...@spamdyke.org wrote:

  When a message is delivered to a stock qmail server, there are a
  number of processes that handle delivery. First qmail-smtpd runs and
  actually receives the message from the network interface. During its
  run, qmail-smtpd will check (among others)

[much excellent explanation deleted]
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] New version: 4.0.0

[BC]

Bravo and Thank You!!!

On 7/14/2008 [EMAIL PROTECTED] wrote:
  At long, long last, the moment we've all been waiting for!  spamdyke
  version 4.0.0 is now available:
 http://www.spamdyke.org/

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Graylisting - how effective it really, is?

[BC]

On 5/9/2008 [EMAIL PROTECTED] wrote:

  So - graylisting - how effective it really is for you?

The only spam blocking I use presently is spamdyke with graylisting.

Pre-spamdyke I was getting 1000 spams/day into my personal mailbox.

Since installing spamdyke with graylisting I get 3-4 spams/day.

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Minimalist Servers

[BC]

On 4/28/2008 [EMAIL PROTECTED] wrote:

  FWIW, the server in question is a PII/266/512 (try not to laugh too
  hard).

Hey!  I have two P2 machines as backup servers, but the primary server 
is a P1/150/128 (10 years old next month) that is showing some 
overloading strains but otherwise has run near-continuously since 
February 2002.

Amazing elderly hardware, eh?

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Simple Perl Spam Statistics Contribution

[BC]

On 2/16/2008 [EMAIL PROTECTED] wrote:

  Allowed: 425
  Denied : 9968
  % Spam : 95.91%

Thank you very much for this, Ken.  96% spam.  How sad...

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Performance uber alles

[BC]

On 2/8/2008 [EMAIL PROTECTED] wrote:

  One important thought: have you tried installing a caching name
  server
  on your mail server?  That's usually the single biggest thing you can
  do
  to improve performance.

.. and it is EASY to do.  Heed this advice!

Bucky



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] The Rational Approach

[BC]

On 2/8/2008 [EMAIL PROTECTED] wrote:

  I
  personally disagree with DJB's position about strictly interpreting
  the
  RFCs -- I believe software should strictly follow RFCs when producing
  output and loosely follow them when accepting it.

This is a highly rational approach.  DJB ought to look at it this way as 
well.



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] The Rational Approach

[BC]

On 2/8/2008 [EMAIL PROTECTED] wrote:

   I
  personally disagree with DJB's position about strictly
  interpreting
  the
  RFCs -- I believe software should strictly follow RFCs when
  producing
  output and loosely follow them when accepting it.
   
This is a highly rational approach.  DJB ought to look at it this
  way as
well.

  I think keeping standards is important on both sides.


Okay in altruistic theory, but pragmatically isn't Sam's approach 
better?  What is put *out* onto the net has more importance for RFC 
compliance, don't you think?

Bucky



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Spamdyke seems to cause a change in, networktraffic that crashes my ADSL Routers

[BC]

Andrew -


I know I'm running off in weird directions, but a couple of questions:

What OS are you running and how much RAM do your machines contain?

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] clamav with spamdyke

[BC]

On 11/22/2007 [EMAIL PROTECTED] wrote:

 Anyone knows how can i do that after spamdyke scans
 the email if it's listed or not on a rbl.

You need to read the documentation.  Spamdyke does not 'scan the email'.

Spamdyke is *better* than spamassassin and clamav in the way that it
BLOCKS most illegitimate connections *before* email is transferred.

Based on what I just wrote, you can see that spamassassin and/or clamav
need to be invoked *after* spamdyke does its work.

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] graylisting

[BC]

On 10/3/2007 [EMAIL PROTECTED] wrote:
 Ok but i must add a directory on /var/qmail/spamdyke/graylisted/
 Like  gmail.com
 It's not done automactly?I must do with all the domains i want
 receive emails from?


You tell spamdyke the DOMAIN for which the greylisting will occur.

For example, I have spamdyke look in my /var/qmail/antispam/graylist/
directory for my mail DOMAIN, which in my case is called purgatoire.org.

So when I'm done adding the DOMAIN as a directory name, spamdyke is using:

/var/qmail/antispam/graylist/purgatoire.org/

to create and read other directories and file.

In addition, be sure that spamdyke has permission to read/write the
../graylist/purgatoire.org/ directory or graylisting will fail.  In my
case, spamdyke operates as qmaild:wheel for permissions.  If that
doesn't work for you, then temporarily tell spamdyke to write to the
/tmp directory and see what permission it sets up for itself.

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] spamdyke-users Digest, Vol 4, Issue 29

[BC]

On 9/27/2007 [EMAIL PROTECTED] wrote:

 DENIED_OTHER means spamdyke did not reject the message; qmail did.
 spamdyke noticed the rejection and logged it.


Hi Sam -

Would it be possible to change the above log line info to read
DENIED_BY_OTHER to better imply that spamdyke didn't do it?

Thanks,

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] spamdyke-users Digest, Vol 4, Issue 21

[BC]

On 9/20/2007 [EMAIL PROTECTED] wrote:
  The disk access is very slow in compared with memory (ram) access.

  In the file of options per user, there is only users with specific
  options, the default option is only 1 line where the admin can
  manipulate default actions.
  I'm not programmer, but believe to look for lines in file with 1
  lines not much slow...this file there's on memory previous load on
  startup and contain only specific options the users, not all users.

  I ask for excuses for the bad English, google helped me.


Your English is fine and I just love the way you folks discuss with Sam 
the intricacies of how to solve a problem in the most efficient manner 
possible.  I've wondered too, if it is possible to load a config file 
into memory once and then have it reread by each child process that is 
invoked.  Not sure how to do that in the programming environment being 
used.  (I'm not a programmer.)

As a slight aside, Sam's posting of previous versions together with the 
changelogs represents a splendid way to learn quite a bit about C 
programming, streamlining and optimizing code.

Bravo.

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users