[spamdyke-users] Not all traffic logged to maillog

[Pablo Murillo (rednet) via spamdyke-users]

Hi

I have 4 servers (MXs) configured with spamdyke and I noticed yesterday, 
that not all the traffic is logged


I noticed that because I have the log for the receptors and I can see 
the traffic loged in qmail send log from the mx, but I didn't find the 
info in maillog


Only 1 server is working good (at least I think), and is the server with 
FreeBsd 11.3

The other 3 servers (not loging all the traffic) had FreeBsd 12.3

I configured spamdyke like this in all servers

./configure --disable-tls --without-debug-output

Any idea could be happening with logs ?

Txs
Pablo Murillo
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] FreeBSD 12.1 problems compiling with TLS

[Pablo Murillo (rednet) via spamdyke-users]

Hi Sam

I sent another mail to the list with a patch for configure and tcl.c 
(tcl.c patch taked from Amitai) to use with OpenSSL 1.1.1


SSL_library_init was replaced with OPENSSL_init_ssl

This is one of the problems
The other is the path where (at least in my servers) is ssl.h

Probably the patch my could be made better, but I was only trying to 
make it work


Pablo Murillo

On 10/23/2020 11:22 PM, Sam Clippinger via spamdyke-users wrote:
The configure script is trying to find the library that contains 
SSL_library_init() so it'll know what flags to use with gcc.  It tries 
libssl and libcrypto, but obviously that isn't working on your new OS. 
 The source code for the test program is in the config.log file along 
with the gcc commands it tested.  If you could figure out the correct 
command to compile, we should be able to update the configure script 
to use it.  It might just be a case of libcrypto.so being in an 
unexpected folder; it's possible just adding the -L flag or setting 
LIBRARY_PATH might fix it.


-- Sam Clippinger




On Oct 22, 2020, at 3:10 PM, Pablo Murillo (rednet) via 
spamdyke-users <mailto:spamdyke-users@spamdyke.org>> wrote:


Hi

I'm upgrading few server from FreeBSD 11.4 to 12.1 and I found that 
the port fot SpamDyke is broken, so I compile "manually" and I found 
a problem with OpenSSL

Spamdyke is not finding openssl, and openssl is installed

./configure --enable-tls --without-debug-output
checking for gcc... gcc
checking whether the C compiler works... yes
...
checking if openssl/ssl.h will include without additional include 
directories... yes

checking for library containing RSA_sign... -lcrypto
checking for library containing SSL_library_init... no
configure: error: in `/root/spamdyke-5.0.1/spamdyke':
configure: error: --enable-tls was given but OpenSSL was not found

I'm sending the config.log attached

Pablo Murillo
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>
https://spamdyke.org/mailman/listinfo/spamdyke-users



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] FreeBSD 12.1 problems compiling with TLS

[Pablo Murillo (rednet) via spamdyke-users]

Thanks, but not, I use FreeBSD, not netBSD
I prefer to work with sources
I downloaded the tar.gz from spamdyke and compile in the old fashion way
I like to see what I'm doing :D


On 10/23/2020 5:58 PM, Amitai Schleier via spamdyke-users wrote:
On 23 Oct 2020, at 21:50, Pablo Murillo (rednet) via spamdyke-users 
wrote:



The same size, obviusly, something is wrong
I added yours patches on the email
Don't work for me


Sorry, I've given all the free advice I can afford. If you don't want 
to try using pkgsrc as I've already suggested, maybe you can get 
FreeBSD's port maintainer for spamdyke to merge pkgsrc's patches and 
get the port working again.


Alternatively, if it's urgent for you to deploy a TLS-enabled spamdyke 
to 50 FreeBSD 12.x machines with OpenSSL 1.1.x, I'd happy to set you 
up with an easy, repeatable build at my consulting rate.


- Amitai
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] FreeBSD 12.1 problems compiling with TLS

[Pablo Murillo (rednet) via spamdyke-users]

I applied your patches

patch < patch.configure
patch < patch.tls

on source from https://www.spamdyke.org/releases/spamdyke-5.0.1.tgz, and 
compile with:


./configure --enable-tls --without-debug-output
make

Result:
-rwxr-xr-x  1 root  wheel  306960 Oct 23 15:38 spamdyke-tls

./configure --disable-tls --without-debug-output
make

Result:
-rwxr-xr-x 1 root  wheel  306960 Oct 23 16:44 spamdyke

The same size, obviusly, something is wrong
I added yours patches on the email
Don't work for me

On 10/23/2020 2:35 PM, Amitai Schleier via spamdyke-users wrote:
On 23 Oct 2020, at 16:20, Pablo Murillo (rednet) via spamdyke-users 
wrote:


I applied your patches on the source files, compile with TLS support, 
and the program was compiled, yes, but, without TLS support
I checked the patches before compile and I saw that the only thing 
you did (about TLS) was to remove all the lines where TLS is added


Sorry, this is not correct. The patches to configure (and 
configure.ac) are to "Remove outdated OpenSSL check to build with 
OpenSSL 1.1.x." They remove a check that fails with OpenSSL 1.1.x, so 
that --enable-tls can work. The check should probably be updated, not 
removed, but since pkgsrc always explicitly passes --disable-tls or 
--enable-tls (after arranging for OpenSSL libs and headers to be 
absent or present), I didn't want to invest any more effort here.


The patch to tls.c is to "Support OpenSSL 1.1.x.". It's a very small 
patch. What was called "SSL_library_init()" in older OpenSSL is now 
pronounced "OPENSSL_init_ssl(0, NULL)". All the other OpenSSL API 
calls continue to build as is.


This is not a patch to compile whit tls, the result is the same 
compiling without tls support


Here's what I get:

$ uname -v
FreeBSD 12.1-RELEASE-p10 GENERIC

$ cd ~/trees/pkgsrc-current/mail/spamdyke

$ make show-options
Any of the following general options may be selected:
    tls  Enable TLS support.

These options are enabled by default:

These options are currently enabled:
    tls

You can select which build options to use by setting PKG_DEFAULT_OPTIONS
or PKG_OPTIONS.spamdyke.

$ make install clean
[...]

$ ldd /opt/pkg/bin/spamdyke
/opt/pkg/bin/spamdyke:
    libcrypto.so.111 => /lib/libcrypto.so.111 (0x800297000)
    libc.so.7 => /lib/libc.so.7 (0x800586000)
    libthr.so.3 => /lib/libthr.so.3 (0x80097f000)

If you can't reproduce this result without pkgsrc, but you need to be 
able to build spamdyke with OpenSSL on FreeBSD, I suggest you try pkgsrc.


- Amitai

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

--- configure.orig  2015-04-30 00:53:36.0 +
+++ configure
@@ -1,13 +1,11 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.68 for spamdyke 5.0.1.
+# Generated by GNU Autoconf 2.69 for spamdyke 5.0.1.
 #
 # Report bugs to .
 #
 #
-# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
-# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
-# Foundation, Inc.
+# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
 #
 #
 # This configure script is free software; the Free Software Foundation
@@ -136,6 +134,31 @@ export LANGUAGE
 # CDPATH.
 (unset CDPATH) >/dev/null 2>&1 && unset CDPATH
 
+# Use a proper internal environment variable to ensure we don't fall
+  # into an infinite loop, continuously re-executing ourselves.
+  if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then
+_as_can_reexec=no; export _as_can_reexec;
+# We cannot yet assume a decent shell, so we have to provide a
+# neutralization value for shells without unset; and this also
+# works around shells that cannot unset nonexistent variables.
+# Preserve -v and -x to the replacement shell.
+BASH_ENV=/dev/null
+ENV=/dev/null
+(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+case $- in # 
+  *v*x* | *x*v* ) as_opts=-vx ;;
+  *v* ) as_opts=-v ;;
+  *x* ) as_opts=-x ;;
+  * ) as_opts= ;;
+esac
+exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
+# Admittedly, this is quite paranoid, since all the known shells bail
+# out after a failed `exec'.
+$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
+as_fn_exit 255
+  fi
+  # We don't want this to propagate to other subprocesses.
+  { _as_can_reexec=; unset _as_can_reexec;}
 if test "x$CONFIG_SHELL" = x; then
   as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) 
>/dev/null 2>&1; then :
   emulate sh
@@ -169,7 +192,8 @@ if ( set x; as_fn_ret_success y && test 
 else
   exitcode=1; echo positional parameters were not saved.
 fi
-test x\$exitcode = x0 || exit 1"
+test

Re: [spamdyke-users] FreeBSD 12.1 problems compiling with TLS

[Pablo Murillo (rednet) via spamdyke-users]

Hi Amitai

I applied your patches on the source files, compile with TLS support, 
and the program was compiled, yes, but, without TLS support
I checked the patches before compile and I saw that the only thing you 
did (about TLS) was to remove all the lines where TLS is added
This is not a patch to compile whit tls, the result is the same 
compiling without tls support


Thanks, but, the idea is to compile with TLS


On 10/23/2020 9:42 AM, Amitai Schleier via spamdyke-users wrote:
On 22 Oct 2020, at 22:10, Pablo Murillo (rednet) via spamdyke-users 
wrote:


I'm upgrading few server from FreeBSD 11.4 to 12.1 and I found that 
the port fot SpamDyke is broken, so I compile "manually" and I found 
a problem with OpenSSL

Spamdyke is not finding openssl, and openssl is installed


FWIW, spamdyke builds just fine for me on FreeBSD 12.1 using pkgsrc 
with PKG_OPTIONS "tls". You can probably get the same result by 
borrowing these patches:


https://github.com/NetBSD/pkgsrc/blob/trunk/mail/spamdyke/patches/patch-configure 
(and the corresponding 
https://github.com/NetBSD/pkgsrc/blob/trunk/mail/spamdyke/patches/patch-configure.ac 
for good measure)


https://github.com/NetBSD/pkgsrc/blob/trunk/mail/spamdyke/patches/patch-tls.c 



And if you want to build with clang,

https://github.com/NetBSD/pkgsrc/blob/trunk/mail/spamdyke/patches/patch-configuration.c 



https://github.com/NetBSD/pkgsrc/blob/trunk/mail/spamdyke/patches/patch-spamdyke.h 



I've not used spamdyke for quite some time (ever since I wrote 
https://schmonz.com/qmail/rejectutils and 
https://schmonz.com/qmail/acceptutils) but I try to keep it building 
on all platforms supported by pkgsrc.


- Amitai
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] FreeBSD 12.1 problems compiling with TLS

[Pablo Murillo (rednet) via spamdyke-users]

I'm using now without TLS but I have to move around 50 servers from 11.3 
to 12.1 !, anda I need to have TLS because allmost everyone are using 
smtp with tls, and going back to no-tls will be a big problem


On 10/22/2020 5:33 PM, Dirk Kannapinn via spamdyke-users wrote:

Had the same issue after I moved from CentOS 6.10 to 8.2.

I think it's related to the OpenSSL library 1.1.1. Tried it several times
but was unsuccessfully. It works if you compile it without SSL/TLS support.
So I used the spamdyke I compiled on the old machine. It works on the new
one but is unable to use newer encryption techniques like TLSv1.3 or modern
ciphers.

I wish Sam will create a new Spamdyke version which works with newer Linux
distributions.

Dirk

-Ursprüngliche Nachricht-
Von: Pablo Murillo (rednet)
Gesendet: Donnerstag, 22. Oktober 2020 22:11
An: spamdyke users 
Betreff: [spamdyke-users] FreeBSD 12.1 problems compiling with TLS

Hi

I'm upgrading few server from FreeBSD 11.4 to 12.1 and I found that the port fot SpamDyke 
is broken, so I compile "manually" and I found a problem with OpenSSL Spamdyke 
is not finding openssl, and openssl is installed

./configure --enable-tls --without-debug-output checking for gcc... gcc 
checking whether the C compiler works... yes ...
checking if openssl/ssl.h will include without additional include 
directories... yes checking for library containing RSA_sign... -lcrypto 
checking for library containing SSL_library_init... no
configure: error: in `/root/spamdyke-5.0.1/spamdyke':
configure: error: --enable-tls was given but OpenSSL was not found

I'm sending the config.log attached

Pablo Murillo

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] FreeBSD 12.1 problems compiling with TLS

[Pablo Murillo (rednet) via spamdyke-users]

Hi

I'm upgrading few server from FreeBSD 11.4 to 12.1 and I found that the 
port fot SpamDyke is broken, so I compile "manually" and I found a 
problem with OpenSSL

Spamdyke is not finding openssl, and openssl is installed

./configure --enable-tls --without-debug-output
checking for gcc... gcc
checking whether the C compiler works... yes
...
checking if openssl/ssl.h will include without additional include 
directories... yes

checking for library containing RSA_sign... -lcrypto
checking for library containing SSL_library_init... no
configure: error: in `/root/spamdyke-5.0.1/spamdyke':
configure: error: --enable-tls was given but OpenSSL was not found

I'm sending the config.log attached

Pablo Murillo
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.

It was created by spamdyke configure 5.0.1, which was
generated by GNU Autoconf 2.68.  Invocation command line was

  $ ./configure --enable-tls --without-debug-output

## - ##
## Platform. ##
## - ##

hostname = srv105.serversur.net
uname -m = amd64
uname -r = 12.1-RELEASE-p10
uname -s = FreeBSD
uname -v = FreeBSD 12.1-RELEASE-p10 GENERIC 

/usr/bin/uname -p = amd64
/bin/uname -X = unknown

/bin/arch  = unknown
/usr/bin/arch -k   = unknown
/usr/convex/getsysinfo = unknown
/usr/bin/hostinfo  = unknown
/bin/machine   = unknown
/usr/bin/oslevel   = unknown
/bin/universe  = unknown

PATH: /sbin
PATH: /bin
PATH: /usr/sbin
PATH: /usr/bin
PATH: /usr/games
PATH: /usr/local/sbin
PATH: /usr/local/bin
PATH: /home/rednet/bin


## --- ##
## Core tests. ##
## --- ##

configure:2322: checking for gcc
configure:2338: found /usr/local/bin/gcc
configure:2349: result: gcc
configure:2380: checking for C compiler version
configure:2389: gcc --version >&5
gcc (FreeBSD Ports Collection) 9.3.0
Copyright (C) 2019 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

configure:2400: $? = 0
configure:2389: gcc -v >&5
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/local/libexec/gcc9/gcc/x86_64-portbld-freebsd12.1/9.3.0/lto-wrapper
Target: x86_64-portbld-freebsd12.1
Configured with: /var/ports/usr/ports/lang/gcc9/work/gcc-9.3.0/configure 
--enable-multilib --enable-plugin --with-build-config=bootstrap-debug 
--disable-nls --enable-gnu-indirect-function --libdir=/usr/local/lib/gcc9 
--libexecdir=/usr/local/libexec/gcc9 --program-suffix=9 
--with-as=/usr/local/bin/as --with-gmp=/usr/local 
--with-gxx-include-dir=/usr/local/lib/gcc9/include/c++/ 
--with-ld=/usr/local/bin/ld --with-pkgversion='FreeBSD Ports Collection' 
--with-system-zlib --enable-languages=c,c++,objc,fortran --prefix=/usr/local 
--localstatedir=/var --mandir=/usr/local/man 
--infodir=/usr/local/share/info/gcc9 --build=x86_64-portbld-freebsd12.1
Thread model: posix
gcc version 9.3.0 (FreeBSD Ports Collection) 
configure:2400: $? = 0
configure:2389: gcc -V >&5
gcc: error: unrecognized command line option '-V'
gcc: fatal error: no input files
compilation terminated.
configure:2400: $? = 1
configure:2389: gcc -qversion >&5
gcc: error: unrecognized command line option '-qversion'; did you mean 
'--version'?
gcc: fatal error: no input files
compilation terminated.
configure:2400: $? = 1
configure:2420: checking whether the C compiler works
configure:2442: gcc -Wall   conftest.c  >&5
configure:2446: $? = 0
configure:2494: result: yes
configure:2497: checking for C compiler default output file name
configure:2499: result: a.out
configure:2505: checking for suffix of executables
configure:2512: gcc -o conftest -Wall   conftest.c  >&5
configure:2516: $? = 0
configure:2538: result: 
configure:2560: checking whether we are cross compiling
configure:2568: gcc -o conftest -Wall   conftest.c  >&5
configure:2572: $? = 0
configure:2579: ./conftest
configure:2583: $? = 0
configure:2598: result: no
configure:2603: checking for suffix of object files
configure:2625: gcc -c -Wall  conftest.c >&5
configure:2629: $? = 0
configure:2650: result: o
configure:2654: checking whether we are using the GNU C compiler
configure:2673: gcc -c -Wall  conftest.c >&5
configure:2673: $? = 0
configure:2682: result: yes
configure:2691: checking whether gcc accepts -g
configure:2711: gcc -c -g  conftest.c >&5
configure:2711: $? = 0
configure:2752: result: yes
configure:2769: checking for gcc option to accept ISO C89
configure:2833: gcc  -c -Wall  conftest.c >&5
configure:2833: $? = 0
configure:2846: result: none needed
configure:2873: checking how to run the C preprocessor
configure:2904: gcc -E  conftest.c
configure:2904: $? = 0
configure:2918: gcc -E  conftest.c
conftest.c:9:10: fatal error: ac_nonexistent.h: No such file or directory
9 | #include 
  |  ^~
compilation terminated.
configure:2918: $? = 1
configure: failed program was:

[spamdyke-users] ERROR (nihdns_query()@dns.c): unable to send data packet....

[Pablo Murillo (rednet) via spamdyke-users]

Hi

ERROR(nihdns_query()@dns.c:931): unable to send data packet, tried to 
send 44 bytes: No buffer space available

or
ERROR(nihdns_query()@dns.c:962): unable to send data packet, tried to 
send 44 bytes: No buffer space available


Today I started seeing this error in my server
Any idea ?
The amount of bytes vary from 29 to 48
Not all the time

Line 631 and  962, are the same
SPAMDYKE_LOG_ERROR(current_settings, LOG_ERROR_SENDTO, 
question_length[(k * num_types) + j], strerror(errno));


Some char to short ?

Pablo Murillo



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Is there a way to filter mails from locals domains coming from "the internet" ?

[Pablo Murillo (rednet) via spamdyke-users]

Hi

Is there a way to filter mails from locals domains coming from "the 
internet" ?


Weird question  : D
It's something like a SPF filter

I want to block all mails comeing from public IP from domains I have in my 
server


Thanks
Pablo Murillo 




___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] How to filter Invalid FROM ?

[Pablo Murillo (rednet) via spamdyke-users]

Hi

I know the option reject-sender, but I trying to stop mails on a MX server 
when the FROM header has an invalid value like : 
servic...@socelec.com.armhs...@loskop.co.za or only a name like "Nielsen"


I know the difference beteween the FROM header and the real FROM 
(return-path), but may be add something to block invalid or unexisten mails 
in the FROM header can help to stop more spam


Pablo Murillo 


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
https://spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Question about headers

[Pablo Murillo (rednet) via spamdyke-users]

Thanks Sam
I thought the same, surely lines 3 to 6 are just to "mislead"

Thanks again

- Original Message - 
From: "Sam Clippinger via spamdyke-users" 

To: "spamdyke users" 
Sent: Wednesday, August 23, 2017 10:35 AM
Subject: Re: [spamdyke-users] Question about headers


Keep in mind that "Received" lines are written in reverse order, so the top 
line always the newest.  Also, "Received" lines are trivial to fake and 
spammers often do insert fake lines to throw off scanners.


But assuming all the lines you sent are genuine, it looks like user 3048 
invoked a qmail command somehow (e.g. command line, webmail, spambot) and 
created a message (line 6), which then connected to a qmail daemon over a 
network socket and delivered it (line 5).  Line 4 shows it arriving at 
mx2.serversur.net from 204.58.254.207.  That IP is not smtp.wpac.com, even 
though its reverse DNS claims it is.  Also, connecting to 204.58.254.207 on 
port 465 shows a Sendmail greeting banner, not qmail, so it's unlikely lines 
5 and 6 were generated by that server.  Line 3 shows the message arriving at 
smtp.wpac.com from 188.33.156.68.  The rest of this line seems to match the 
Sendmail version in the greeting banner on 204.58.254.207.  Line 2 shows the 
message arriving on rng031.serversur.net from 192.168.0.103 -- I'm guessing 
this is where your edge server delivered to your internal server.  Line 1 
shows qmail on the internal server accepting the message.


Personally, I think lines 3-6 are bogus.  The timestamps don't make sense 
(the message seems to travel forwards and backwards in time), the order of 
deliveries don't make sense and the DNS records don't match up.  If line 4 
is correct and the message really passed through mx2.serversur.net twice, 
the logs on that server should show it.  I'd trust your logs, not the 
message headers.


-- Sam Clippinger




On Aug 22, 2017, at 2:00 PM, Pablo Murillo  wrote:


Hi

I´m a little confuse
We have 4 MXs, the names are mx1.serversur.net to mx4, every one has the 
same spamdyke.conf and deliver the valid emails using the internal network 
to the correspondig server

So ... I have these headers of an email that is SPAM, and now, I´m lost

For what I see in the 1st Received, the email is generated for the UID of 
the user assigned to the domain (this is right, the UID belong to the user 
we assigned to the domain)
The 3rd Received is for 204.58.254.207 receiving an email from my MX2 
server ?

Is this right ? or  I'm misreading the headers ?

-
Received: (qmail 5105 invoked from network); 22 Aug 2017 13:18:28 -
Received: from unknown (HELO mx2.serversur.net) (192.168.0.103)
by rng031.serversur.net with SMTP; 22 Aug 2017 13:22:18 -
Received: from 10.0.0.40 (user-188-33-156-68.play-internet.pl 
[188.33.156.68])

(authenticated bits=0)
by smtp.wpac.com (8.14.4/8.14.4) with ESMTP id v7MDVVfi011904
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
for ; Tue, 22 Aug 2017 06:32:22 -0700
Received: from unknown (HELO smtp.wpac.com) (204.58.254.207)
by mx2.serversur.net with SMTP; 22 Aug 2017 13:18:28 -
Received: (qmail 60824 invoked from network); 22 Aug 2017 13:22:18 -
Received: (qmail 60837 invoked by uid 3048); 22 Aug 2017 13:22:18 -
From: 
To: 
Date: Tue, 22 Aug 2017 11:32:24 -0300
Message-ID: 198706278.2017822133...@.com.ar
- 









___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Rejecting Messages by Header Content question

[Pablo Murillo (rednet) via spamdyke-users]

Great !

Thanks !



- Original Message - 
From: "Sam Clippinger via spamdyke-users" <spamdyke-users@spamdyke.org>

To: "spamdyke users" <spamdyke-users@spamdyke.org>
Sent: Friday, August 18, 2017 11:24 PM
Subject: Re: [spamdyke-users] Rejecting Messages by Header Content question


Any message headers can be filtered.  On my own server, most of my filters 
are for "From" and "Subject", but one very persistent spammer recently 
forced me to add a "To" filter as well.  I try to add as few header filters 
as possible, but it just depends what the incoming spam looks like.


-- Sam Clippinger




On Aug 18, 2017, at 12:02 PM, Pablo Murillo (rednet) via spamdyke-users 
<spamdyke-users@spamdyke.org> wrote:



Hi

Which are the valid headers to filter ?

I think, the obviuos ones are: FROM SUBJECT
REPLY-TO

But..

Return-Path:
Message-ID:
Received:
List-*

Are allowed ?
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users









___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Rejecting Messages by Header Content question

[Pablo Murillo (rednet) via spamdyke-users]

Hi

Which are the valid headers to filter ?

I think, the obviuos ones are: 
FROM 
SUBJECT

REPLY-TO

But..

Return-Path:
Message-ID:
Received:
List-*

Are allowed ?
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Rejecting Messages by Header Content question

[Pablo Murillo (rednet) via spamdyke-users]

Hi

Which are the valid headers to filter ?

I think, the obviuos ones are: 
FROM

SUBJECT
REPLY-TO

But..

Return-Path:
Message-ID:
Received:
List-*

Are allowed ?

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] Rejecting Messages by Header Content

[Pablo Murillo (rednet) via spamdyke-users]

Hi

I'm testing some things and I found that Rejecting Messages by Header 
Content is not working as I expected

I have spamdyke 5.0.1 with header-blacklist-file=/spamdb/blacklist_header
I'm trying to filter all mails from goldswatches.com, and I have this lines 
in the file


From:*goldswatches.com
Return-Path:*goldswatches.com

This is the right way to write it or I´m doing something wrong ?

The emails from goldswatches.com are not blocked

This is a one line in maillog:
---
May 18 00:12:36 mx1 spamdyke[1193]: ALLOWED from: 
kzkqnor...@s2.goldswatches.com to: mariano@xxx origin_ip: 
162.243.97.219 origin_rdns: s2.goldswatches.com auth: (unknown) encryption: 
(none) reason: 250_ok_1495077156_qp_1253

---


This is the header of one email from goldswatches.com
-
Return-Path: 
Received: (qmail 44869 invoked from network); 18 May 2017 10:10:57 -
Received: from unknown (HELO mx1.XXX) (XX)
 by XXX with SMTP; 18 May 2017 10:10:57 -
Received: (qmail 87160 invoked from network); 18 May 2017 10:23:56 -
Received: from unknown (HELO s3.goldswatches.com) (162.243.98.6)
 by mx1. with SMTP; 18 May 2017 10:23:56 -
To: info@
Subject:  Cura tu ansiedad sin ir al psicologo ..PgBi
Message-ID: <3103194f36699b53547d9110096e8...@s3.goldswatches.com>
Date: Thu, 18 May 2017 08:14:14 +
From: "Ansiedad...QK2c" 
Reply-To: ansie...@masansiedadyanomasansiedade4df.com
MIME-Version: 1.0
X-Mailer-LID: 397,393
List-Unsubscribe: 


X-Mailer-RecptId: 20824260
X-Mailer-SID: 2853
X-Mailer-Sent-By: 1
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: 8bit



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] reject-sender - Looking for a new feature

[Pablo Murillo (rednet) via spamdyke-users]

I´m in the middle of the big development now, but when I finish, I will try
to see if I can contribute


- Original Message - 
From: "Sam Clippinger via spamdyke-users" <spamdyke-users@spamdyke.org>

To: "spamdyke users" <spamdyke-users@spamdyke.org>
Sent: Sunday, May 14, 2017 10:58 AM
Subject: Re: [spamdyke-users] reject-sender - Looking for a new feature


That would be pretty challenging to add.  spamdyke can already require the
sender address to match the domain of the authentication username
(reject-sender=authentication-domain-mismatch) but it doesn't read qmail's
"assign" file at all.

In the long term, the best way to add something like this would probably be
to allow spamdyke to run custom commands/scripts that perform additional
checks.  That would make it much easier to add one-off filters.

-- Sam Clippinger




On May 9, 2017, at 3:33 PM, Pablo Murillo (rednet) via spamdyke-users
<spamdyke-users@spamdyke.org> wrote:


Hi

I'm  looking for an option where the user login with u...@domain.com and
write emails with u...@domain.com.ar , this is beacuse we have many
domains
with aliases (Vpopmail aliases)

The reject-sender=not-local solve part of the problem, but not all

Is there a chance to have a new option where the same user but with
different domain can be accepted only if the domain is an alias of the
login
domain ?

Vpopmail use the file [QMAIL-DIR]/users/assign to "create" the aliases
domains

Is too complex ?

Pablo Murillo


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users









___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users



___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

[spamdyke-users] reject-sender - Looking for a new feature

[Pablo Murillo (rednet) via spamdyke-users]

Hi

I'm  looking for an option where the user login with u...@domain.com and
write emails with u...@domain.com.ar , this is beacuse we have many domains
with aliases (Vpopmail aliases)

The reject-sender=not-local solve part of the problem, but not all

Is there a chance to have a new option where the same user but with
different domain can be accepted only if the domain is an alias of the login
domain ?

Vpopmail use the file [QMAIL-DIR]/users/assign to "create" the aliases
domains

Is too complex ?

Pablo Murillo


___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users