Re: [spamdyke-users] Second SD Stats report - spamdyke-qrv SUCCESS!

2016-05-08 Thread Philip Rhoades via spamdyke-users

People,


On 2016-05-06 13:10, Philip Rhoades via spamdyke-users wrote:

Sam,


On 2016-05-06 02:50, Sam Clippinger via spamdyke-users wrote:

You may need to recompile spamdyke-qrv with excessive output and run
it with two "-v" flags to see the details you need.  You don't need to
actually install that recompiled copy; running it from the build
folder should work just as well.


Gives:

.
.
QRV-EXCESSIVE(validate()@validate-qrv.c:818): INVALID RECIPIENT
recipient: jackspr...@pricom.com.au resolved username: jackspratt

Hmmm . . curious - that actually does what we expect.  In the conf file 
I have:


  reject-recipient=invalid

- am I still missing something?  It seems spamdyke is not calling 
spamdyke-qrv?



I finally worked out that the line:

  recipient-validation-command=/usr/local/bin/spamdyke-qrv

had to be added to the conf file - shouldn't this have been in the conf 
file already but commented out?


Thanks,

Phil.



-- Sam Clippinger

On May 5, 2016, at 9:36 AM, Philip Rhoades  wrote:


Sam,

On 2016-05-05 22:27, Sam Clippinger via spamdyke-users wrote:


Very impressive numbers, thanks for sharing those!


No worries - I plan to keep it up so I can see if gradually
improving the spamdyking has an impact - my own previous setup had
almost 100% blocking rate but with some false positives - it would
be nice if I could get SD to that effectiveness but with no false
positives!


Out of curiosity,
of the messages that were delivered, how did you judge if they
were
spam?


Well the ones that make it through the system and are delivered and
end up getting eyeballed and manually moved into the spam / phishing
folder for counting / processing later.


It sounds like the problem is that spamdyke-qrv is accepting
messages
to invalid addresses?


Yes, and then when a delivery is tried the message gets bounced to
the sender - which is normally bogus, so I end up getting a message:

"Hi. This is the qmail-send program at pricom.com.au [1].
I tried to deliver a bounce message to this address, but the bounce
bounced!"


You can try running spamdyke-qrv manually with
the "-v" flag (possibly twice) to see why it's deciding to allow
the
recipient.  Something like this:
spamdyke-qrv -v pricom.com.au [1] [1] jackspratt


OK, that was one problem - I have never created a
/var/qmail/users/assign file and built a /var/qmail/users/cdb file
before . . but now, after going through that exercise, that command
runs with no error or output and a delivery to jackspratt is still
attempted . .

Thanks,

Phil.

-- Sam Clippinger
On May 4, 2016, at 4:39 AM, Philip Rhoades via spamdyke-users
 wrote:
People,
Last year I reported some stats after I had been using SD for about
a month and now I have a second set - unfortunately I forgot to
increase the number of backlogs for logrotate and I lost a few
months of data to compare delivered spam to but the latest stats are
from 100 days of data:


https://docs.google.com/spreadsheets/d/1GqinPR2mA0Jz-uTZ2zVJgutpiDl62HNbn2gWGNpd7Tk/pubhtml

There were some changes to the conf file between sets of data but I
didn't keep notes about changes and dates etc however it seems that
the proportion of ALLOWED lines went down a little which suggests
more spam was stopped - but conversely, the proportion of delivered
spams compared to SD lines went up a little - which I don't quite
understand . .
Now I want to try and stop the delivered spams that have invalid
email addresses - I have compiled and installed spamdyke-qrv OK and
set "reject-recipient" to "invalid" but these spams are still
getting through and then being bounced and since the return address
is bogus I get a postmaster message that the bounce has failed eg
for the address:
jackspr...@pricom.com.au
- suggestions?
Thanks,
Phil.
--
Philip Rhoades
PO Box 896
Cowra  NSW  2794
Australia
E-mail:  p...@pricom.com.au
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Links:
--
[1] http://pricom.com.au
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users


--
Philip Rhoades

PO Box 896
Cowra  NSW  2794
Australia
E-mail:  p...@pricom.com.au



Links:
--
[1] http://pricom.com.au
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users


--
Philip Rhoades

PO Box 896
Cowra  NSW  2794
Australia
E-mail:  p...@pricom.com.au
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users


Re: [spamdyke-users] Second SD Stats report

2016-05-05 Thread Philip Rhoades via spamdyke-users

Sam,


On 2016-05-05 22:27, Sam Clippinger via spamdyke-users wrote:

Very impressive numbers, thanks for sharing those!



No worries - I plan to keep it up so I can see if gradually improving 
the spamdyking has an impact - my own previous setup had almost 100% 
blocking rate but with some false positives - it would be nice if I 
could get SD to that effectiveness but with no false positives!




Out of curiosity,
of the messages that were delivered, how did you judge if they were
spam?



Well the ones that make it through the system and are delivered and end 
up getting eyeballed and manually moved into the spam / phishing folder 
for counting / processing later.




It sounds like the problem is that spamdyke-qrv is accepting messages
to invalid addresses?



Yes, and then when a delivery is tried the message gets bounced to the 
sender - which is normally bogus, so I end up getting a message:


"Hi. This is the qmail-send program at pricom.com.au.
I tried to deliver a bounce message to this address, but the bounce 
bounced!"




You can try running spamdyke-qrv manually with
the "-v" flag (possibly twice) to see why it's deciding to allow the
recipient.  Something like this:
 spamdyke-qrv -v pricom.com.au [1] jackspratt



OK, that was one problem - I have never created a 
/var/qmail/users/assign file and built a /var/qmail/users/cdb file 
before . . but now, after going through that exercise, that command runs 
with no error or output and a delivery to jackspratt is still attempted 
. .


Thanks,

Phil.



-- Sam Clippinger

On May 4, 2016, at 4:39 AM, Philip Rhoades via spamdyke-users
 wrote:


People,

Last year I reported some stats after I had been using SD for about
a month and now I have a second set - unfortunately I forgot to
increase the number of backlogs for logrotate and I lost a few
months of data to compare delivered spam to but the latest stats are
from 100 days of data:



https://docs.google.com/spreadsheets/d/1GqinPR2mA0Jz-uTZ2zVJgutpiDl62HNbn2gWGNpd7Tk/pubhtml


There were some changes to the conf file between sets of data but I
didn't keep notes about changes and dates etc however it seems that
the proportion of ALLOWED lines went down a little which suggests
more spam was stopped - but conversely, the proportion of delivered
spams compared to SD lines went up a little - which I don't quite
understand . .

Now I want to try and stop the delivered spams that have invalid
email addresses - I have compiled and installed spamdyke-qrv OK and
set "reject-recipient" to "invalid" but these spams are still
getting through and then being bounced and since the return address
is bogus I get a postmaster message that the bounce has failed eg
for the address:

jackspr...@pricom.com.au

- suggestions?

Thanks,

Phil.
--
Philip Rhoades

PO Box 896
Cowra  NSW  2794
Australia
E-mail:  p...@pricom.com.au
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users




Links:
--
[1] http://pricom.com.au
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users


--
Philip Rhoades

PO Box 896
Cowra  NSW  2794
Australia
E-mail:  p...@pricom.com.au
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users


Re: [spamdyke-users] Second SD Stats report

2016-05-05 Thread Sam Clippinger via spamdyke-users
Very impressive numbers, thanks for sharing those!  Out of curiosity, of the 
messages that were delivered, how did you judge if they were spam?

It sounds like the problem is that spamdyke-qrv is accepting messages to 
invalid addresses?  You can try running spamdyke-qrv manually with the "-v" 
flag (possibly twice) to see why it's deciding to allow the recipient.  
Something like this:
spamdyke-qrv -v pricom.com.au jackspratt

-- Sam Clippinger




On May 4, 2016, at 4:39 AM, Philip Rhoades via spamdyke-users 
 wrote:

> People,
> 
> Last year I reported some stats after I had been using SD for about a month 
> and now I have a second set - unfortunately I forgot to increase the number 
> of backlogs for logrotate and I lost a few months of data to compare 
> delivered spam to but the latest stats are from 100 days of data:
> 
>  
> https://docs.google.com/spreadsheets/d/1GqinPR2mA0Jz-uTZ2zVJgutpiDl62HNbn2gWGNpd7Tk/pubhtml
> 
> There were some changes to the conf file between sets of data but I didn't 
> keep notes about changes and dates etc however it seems that the proportion 
> of ALLOWED lines went down a little which suggests more spam was stopped - 
> but conversely, the proportion of delivered spams compared to SD lines went 
> up a little - which I don't quite understand . .
> 
> Now I want to try and stop the delivered spams that have invalid email 
> addresses - I have compiled and installed spamdyke-qrv OK and set 
> "reject-recipient" to "invalid" but these spams are still getting through and 
> then being bounced and since the return address is bogus I get a postmaster 
> message that the bounce has failed eg for the address:
> 
>  jackspr...@pricom.com.au
> 
> - suggestions?
> 
> Thanks,
> 
> Phil.
> -- 
> Philip Rhoades
> 
> PO Box 896
> Cowra  NSW  2794
> Australia
> E-mail:  p...@pricom.com.au
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users