Rocco,
2.4 RCVD_IN_WHOIS_BOGONS RBL: CompleteWhois: sender on
I wonder why score for RCVD_IN_WHOIS_BOGONS is 0 in 3.2.0-rc1 ?
I don't understand.. maybe my remark is wrong,
but I [do] get this score for the rules above
I said '3.2.0-rc1', didn't I?
Btw, I got 1800 messages hitting
2.4 RCVD_IN_WHOIS_BOGONS RBL: CompleteWhois: sender on bogons IP block
[102.176.29.76 listed in combined-HIB.dnsiplists.completewhois.com]
I wonder why score for RCVD_IN_WHOIS_BOGONS is 0 in 3.2.0-rc1 ?
(unlike RCVD_IN_WHOIS_INVALID and RCVD_IN_WHOIS_HIJACKED, which are nonzero)
2.4 RCVD_IN_WHOIS_BOGONS RBL: CompleteWhois:
sender on bogons IP block [102.176.29.76 listed in
combined-HIB.dnsiplists.completewhois.com]
I wonder why score for RCVD_IN_WHOIS_BOGONS is 0 in 3.2.0-rc1 ?
(unlike RCVD_IN_WHOIS_INVALID and RCVD_IN_WHOIS_HIJACKED...
almost
Michael,
Perhaps the closest thing is /usr/local/libdata/, intended
for 'miscellaneous utility data files'.
Ok, found it, looks good, maybe that's best.
Thanks, this is exactly why I posted this.
I'd feel more comfortable if some FreeBSD master guru would take a look
and have a final say.
I'd feel more comfortable if some FreeBSD master guru would
take a look and have a final say.
Any master guru's out there?
I consulted one, a FreeBSD maintainer from the office next door :)
After reading our thread, his answer was a
clear and decisive: /var/db/spamassasin
(but for
Michael,
I am the maintainer for the FreeBsd SA port and about to release patches
that change the default state directory from /var/lib/spamassassin to
/usr/local/lib/spamassassin
This makes it more consistent with FBSD's directory structure (they
don't use /var/lib for anything).
I'm not
William,
The perl process(es) initiated by amavisd + spamassassin
to handle email(s) are very often running up to 100 percent
of both CPUs, and staying there until killed. Then amavisd (master)
spawns another one or two, which each handle perhaps 10 to 20 emails
before getting stuck once
In case this came by unnoticed, gmail.com is adding DKIM signatures
to their outgoing mail - for about two weeks now. Some initial
problems seem to be solved by now.
For verifying signatures stick to the most current versions of Mail::DKIM
(0.23) when checking from a SpamAssassin DKIM plugin or
Luis,
OK, but the point is that I run SA trough AMaViS, so procmail recipes
aren't the answer. Thanks a lot, I suppose I should create some type of
whitelist in AMaViS to avoid SA.
As this mailing list use VERP sender envelope addresses,
you need to use regexp-based lookup table in
SpamAssassin 3.2.0-pre2 is released!
Looks fine
Btw, the following warnings (in v320) seem excessive, a null return path
(aka envelope sender) is normal and constitute few percent of all mail:
message: envelope_sender_header '' is not an FQDN - ignoring
at
SpamAssassin 3.2.0-pre2 is released!
This is a *prerelease* of SpamAssassin 3.2.0; not the full release.
Looks fine, runs also under amavisd-new cleanly
(after having to remove some stale rule scores
in my local.cf of course to make a --lint happy).
An updated DKIM plugin patch is now in the
perldoc Mail::SpamAssassin::Conf, look for whitelist.
This topic reminds me of my occasional desire to be able to supply
individual score points (optional, overriding a default) with each
whitelist_from* and whitelist_from_dkim entry, taking into account
reputation of each sender, e.g.:
Alexis,
Thanks Jason. If this malformed email isn't crashing other people's
setups then perhaps it's an issue with the SAWin32 port.
Looks fine here too, SA 3.1.8 on Unix, collects 30 points.
Mark
Theo Van Dinter writes:
body rules aren't run on lines, they're run on paragraphs,
so that text is in the middle of a string.
Matt Kettler writes:
Use rawbody for this. Body rules have CR/LF stripped out.
Giving whole paragraphs to regexp is fine, but why are newlines
stripped out in 'body'
Bill Landry writes,
Mark, your patches for DKIM.pm and DkSignature.pm took care of the issue
I was seeing with GMail DomainKey signatures, since they were missing
the q=dns tag.
Below is a similar patch to Mail/DKIM/DkSignature.pm,
this time to handle missing 'a' tags in DomainKeys signatures,
On Saturday February 17 2007 03:01, Quinn Comendant wrote:
How about an extensive statistics reporting tool, ..., that
can show how well a current spamassassin installation is performing
and where it needs improvements.
Well, not exactly by your words, but in the same spirit,
this time
Also, any suggestions from outside the dev team? Anyone got good ideas
for new SpamAssassin features that would be good to pay someone to work on
for 3 months?
I believe this was once mentioned on a Justin's blog (but can't find
a ref now), the following sounds promising as an additional
Justin Mason writes:
Also, a related project would be to complete the pluginization of our
Bayes engine and APIs, so that other probabilistic classifiers can be
plugged in in place of, or in addition to, Bayes in SpamAssassin.
Right. I felt a need for something like this when I was switching
Also, any suggestions from outside the dev team? Anyone got good ideas
for new SpamAssassin features that would be good to pay someone to work on
for 3 months?
Here's another one, to seize the opportunity when internal changes
are being contemplated:
Split the process into two parts:
-
Matthew Wilson wrote:
- Full, tested, supportable multithreaded support
- Full, tested, supportable support for an asynchronous I/O model
(a la qpsmtpd-async)
I think effort could be better spent elsewhere.
Spam checking lands itself ideally to running parallel individual
processes, with
On Saturday February 17 2007 01:49, Matthew Wilson wrote:
I was/am primarily concerned with RAM usage for high-concurrency
situations.
Ok. Still, in my experience about 30 (maybe 50) SA processes can
fully utilize today's CPU I/O, and it's probably no big deal
to provide about 2 GB of memory
Raul Dias writes:
I have being getting a lot of this in my logs:
Feb 14 21:55:13 s spamd[7249]: dkim: invalid DKIM-Signature: invalid
(unsupported protocol)
at /usr/lib/perl5/site_perl/5.8.0/Mail/SpamAssassin/Plugin/DKIM.pm
line 339
Is this something I should worry about?
I believe it
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5095#c3
Btw, that particular check and message was removed from Mail::DKIM:
-- VERSION 0.20 --
2006-10-24: Jason Long [EMAIL PROTECTED]
* lib/Mail/DKIM/MessageParser.pm: removed problematic check for
control characters
Probably not a
Justin,
well, it may be easy for us to not produce the invalid input
that's causing this one...
No, in that particular case it was Mail::DKIM that was overreacting.
Mark
ok, the warnings are gone. There is only one missing ; in the patch
Missing ; here, right?
Right.
-+ : invalid domain in d tag
++ : invalid domain in d tag;
If you want, you may apply also my patch to Plugin::DKIM.pm.
Fixes two minor problems and adds
Chris,
Feb 13 03:07:31 localhost spamd[15060]: dkim: lookup failed: DNS query
timeout for _policy._domainkey.littlepinkeggs.com
DNS setup of domain littlepinkeggs.com is terribly broken,
they have no name servers, and even whois gets stuck on them.
The response from dkim plugin is normal.
Alexis,
I enabled the DK/DKIM plugins in my SA 3.1.7 setup and I see that the
default scores for their tests are negligible, presumably because
they're still a bit experimental.
Is anyone using these and can suggest appropriate scores for these
plugins, or are these really just too unripe
Claude,
Here is a typical error report in the log file:
Feb 1 11:31:47 yellowsrv amavis[11701]: (11701-03) (!)collect_results
from [] (/usr/bin/ripole): exit 30 ripOLE: decoding of
/var/spool/amavisd/tmp/amavis-20070201T113001-11701/parts/p002 resulted
in error 30\n
Any idea ?
This
Martin,
The MISSING_SUBJECT rule fires on every email, even though they actually
have a Subject: header
If I remember corrently, this effect can be produced by having
syntactically incorrect rules. Make sure to run 'spamassassin --lint'
before starting with modified rules!
Mark
Ideally a milter will fake a return-path header when it fakes the
required received header.
For the record, current versions of MIMEDefang do this. I believe
someone mentioned that current versions of Amavisd-new also do this.
YMMV with older releases and other milters.
Ditto
[EMAIL PROTECTED],
I'm using amavisd with SA. There is a directive there called
sa_mail_body_size_limit = undef; # don't waste time on SA if mail is
larger. This was set to 1024*200 which would be 204800k. I've
actually just now set it to undef. Hopefully this is what you meant? I
don't have
Frank Bures writes:
Since I updated to 3.5.1 from 3.4.2, I am sometimes getting the following
FuzzyOcr: Error running preprocessor(pamthreshold):
/usr/local/bin/pamthreshold -simple -threshold 0.5
FuzzyOcr: Errors in Scanset ocrad-decolorize
FuzzyOcr: Return code: 256, Error: pamthreshold:
Alan,
The DKIM plugin files have all but disappeared on one of my mx's..I'm
left with
/usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/DKIM.pm
/usr/share/man/man3/Mail::SpamAssassin::Plugin::DKIM.3pm.gz
The Plugin/DKIM.pm is all there is to it. No other files
in SA plugins
2007-01-09 08:47:15 [6426] Cannot find executable for pamthreshold
These are listed as helpers to the program. What needs to be
installed to make use of them and what is their value/advantage.
FuzzyOcr seems to be working quite well!
I'll piggyback my pamthreshold-related issue on this
What I meant is that Amavisd may look in a non-standard place for
SpamAssassin's local.cf and other config files. I looked at my Amavis
config file and did not see a place to change it, but I seem to remember
somebody saying that it is possible.
The only thing that needs to be remembered is
On Thursday December 7 2006 18:21, Fred T wrote:
-0.0 P0F_UNIX OS fingerprint BSD/Solaris/HP-UX/Tru64
I'm curious about P0F_UNIX could you share this rule with me? And any
similar fingerprint rules? Thanks!
The rules are quite straightforward (see below) - just matching
on
SMTP-AUTH:
Received: from [128.114.2.223] (account [EMAIL PROTECTED] HELO
[128.114.2.223]) by silver.ucsc.edu (CommuniGate Pro SMTP 4.3.7)
with ESMTPSA id 88402416 for [EMAIL PROTECTED]; Mon, 04 Dec 2006 13:15:07
-0800
Webmail:
Received: from [128.114.2.223] (account [EMAIL PROTECTED])
That's not what it just says. The info before it talks about how
SpamAssassin will attempt to detect RFC 3848 style auth tokens (it'll
also detect Sendmail and a few other styles of auth tokens) and how
Postfix is a pain in the ass about this (but finally, optionally,
provides the info in
John,
a) do any of them have a small enough value that they wouldn't counter
botnet's default score of 5? Meaning, if I do nothing with respect to
those other whitelist mechanisms, they'll still do the right thing and
let the botnet hosts through, right?
Not by default, although I set my
Loren Wilton wrote:
Other than the fact I tend to agree with its conclusions by looking at
those hostnames, I suppose it means that the plugin needs some special case
exceptions for ebay, paypal, and amazon.
Right, too many false positives here as well.
Maybe it will need to run after
Rick,
If I'm reading the docs correctly, it would not be of any use to me
since spamd runs on its on separate server and p0f only supports local
sockets. Correct or is there a way I could use it ?
Not so.
- p0f and p0f-analyzer.pl need to be running on your MX host,
- spamd with a plugin
Daryl,
Yeah, but I have the session info
Lucky you! But the difficulty of providing a p0f plugin for SA
remains, SA can only obtain its information by parsing mail header,
so there are basically just two options:
- let MTA (or amavisd) insert p0f information as a header field, or
- let SA
Sven,
1. does anybody know if there are any problems regarding running
the mail server with p0f behind a Cisco PIX firewall??
No experience there, but PIX has a long history of badly interfering
with ESMTP protocol, so I'm not surprised it also breaks p0f fingerprints.
The 'fixup protocol
Leon,
I see a lot of FP with RCVD_IN_NJABL_DUL, RCVD_IN_DSBL and
RCVD_IN_SORBS_DUL from particulars users.
This is very strange because a lot of those are coming from users on my
server (server with static IP and not a relay server).
http://wiki.apache.org/spamassassin/TrustPath
On Sunday November 26 2006 20:25, Matt Kettler wrote:
Erm.. are you sure? I thought amavisd-new called SA directly at the API
layer, not via spamd...
I didn't even realize amavis *could* use spamd, every amavis person I've
talked to on the list isn't using it.
amavisd-new can't call spamd,
Leon,
451 4.5.0 Error in processing, id=15039-05, mime_decode-1 FAILED:
Can't locate object method max_parts
via package MIME::Parser at /usr/sbin/amavisd line 5933.
Your version of MIME::Parser (i.e. MIME-Tools) is too old,
use 5.420.
Mark
Michael W Cocke wrote:
Well, the mailscanner docs (including the book) say that mailscanner
uses the perl routines available from CPAN. Nothing else...
I'm a fair perl hacker and I've looked at the amavis and mailscanner
code, and I can't exactly put my finger on anything, but I feel like
I
in clamd.
Here it goes...
From: Mark Martinec [EMAIL PROTECTED]
To: amavis-user@lists.sourceforge.net
Date: Thu, 16 Nov 2006 19:06:00 +0100
Subject: Re: [AMaViS-user] Forward mail directly to an MDA
How limited is the RAM?
64MB PC100 SDRAM currently.
I'll try that out. If the box runs out
This was with amavisd-new, but should not be much different than
spamd, except for somewhat smaller daemon main program in clamd.
s/clamd/spamd/
On Friday November 17 2006 21:24, Giampaolo Tomassoni wrote:
Besides, if there wasn't SA pluging, I would prefer a C/C++ version of SA.
Wouldn't it run better? Wouldn't it be faster, wouldn't have a smaller
memory footprint, better reclamation, better hooks for plugins etc? :)
...and buffer
postfix/qmgr[25394]: warning: connect to transport smtp-amavis:
Connection refused
Well, that is about as clear as a warning can get. What don't you
understand about it?
Is amavisd running, are you able to connect?
Any typos in your config?
This warning is not about amavisd daemon
The guy who made the script did simply test shutting and restarting the
amavis/spamd daemon up and down in its own test environment, which basicly
is low mail load or even no mail at all.
After a while amavis is doing it's dirty job, I noticed it needs a lot of
time to shut down. It takes to
Giampaolo,
These commands will only exit after they have completed their job,
i.e. waiting for the existing daemon to have stopped.
...So, I don't have a Linux distribution running on my servers?
May you suggest to me the kind of OS brand I'm running?
Not sure what you are asking here. If
Dylan,
Even after setting the reduced_dns option to 1 the load on the server
stays high. I re-enabled AWL and my load stays low as long as I don't
enable the RelayChecker. I get the following in the log:::
Nov 13 15:51:23 p1-lk-mxfilter.power1.com /usr/sbin/amavisd[30169]:
(30169-01) extra
...Incredimail is a drag on your staff. Luckily we now only have a few
users with Incredimail. We had over a thousand, and we had calls
constantly.
Btw, this incredible mailer is also the one which leaves
empty lines (TAB only) in the header when it tries to wrap
a long header field such as
On Friday November 3 2006 05:23, Matt Kettler wrote:
I believe the option is $sa_timeout
Not sure what the default is, probably 30. Which should be enough to
prevent that problem, unless you have a LOT of sa instances contending
for the AWL database.
Try adding a $sa_timeout = 60 to your
Simon,
Looks like ive solved one issue, and another crops up!... I think that
i may need to move to a mysql storage engine here? approx 17,000
messages a day incoming on this server.
Any pointers here? - Thanks!!
Nov 4 11:39:40 mx1 amavis[32148]: (32148-07) SA TIMED OUT, backtrace:
at
On Thursday November 2 2006 11:28, sokka wrote:
When i send a mail from my local office ID to yahoo it is bouncing back
with Greeting failed
Is this due to domain key verification ?
Not likely.
Greeting is called the first status response
from a SMTP server after connection establishment.
Jeff,
Not to start any flamewars, but does anyone have strong opinions
on MailScanner versus Amavisd-new for use with postfix (and of
course SpamAssassin and ClamAV)?
Of course I'm biased, but I'd be worried running program with
about 400 cases of calling system routines (I/O, file system,
For envelope sender there is a standard header: Return-Path
Return-Path is supposed to be added when the message is placed in the
mailstore (ie, last hop, after the transfer network). Since I do scanning
at the MTA level before delivery, I don't have Return-Path yet.
If scanning at the MTA
Eric A. Hall wrote:
Other possibilities exist too. Envelope sender can be used for some SPF
filters that aren't currently done, for example.
The first problem is that there is no standard header field, and in the
case of envelope recipient(s) where there can be multiple entries, there
is no
Chris,
Okay, I installed Mail::DomainKeys 0.88 from CPAN.
Thanks for reminding me to prepare a version of my patch for this version.
Part of my patch for 0.86 was already incorporated into 0.88, but not all.
I also noticed an additional (marginal) problem, so I'll report later
on a solution.
Thanks for reminding me to prepare a version of my patch for this version.
Part of my patch for 0.86 was already incorporated into 0.88, but not all.
I also noticed an additional (marginal) problem, so I'll report later
on a solution.
Here is an updated patch for Mail::DomainKeys that applies
Chris,
I just got the domainkeys plugin set up, but it's not working the way I
expect. In messages from Yahoo I see:
0.0 DK_SIGNED Domain Keys: message has an unverified signature
but I never see DK_VERIFIED
Is there something I need to configure? I didn't apply the patch,
because I'm
Chris,
No, I'm referring to the plugin patch, which according to bugzilla was
going to be applied to 3.1.1 (so I assume I don't need to worry about
this, since I'm using 3.1.4):
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4623
That patch is in the current code as far as I can tell
Henrik,
My users ARE identifyied by either locally trusted IPS or pop-before-smtp,
i.e. thery end up in mynetworks, but they are STILL verified by the
incoming filter.. And I'm using your suggested setup very strictly..?!
As far as I can see, the incoming milter(s) DOES get invoked for ALL
Henrik,
I do however have a small problem:
My usesrs submit their messages for relaying on port 25 like normal
incoming messages - meaning that they will be verified before they are
signed, causing the verification to fail.
No, if you follow my setup. Mail from mynetworks and from
now i wait to dkim commes on gentoo
Btw, dkim-milter 0.5.2 just came out
http://sourceforge.net/projects/dkim-milter/
It fixes:
- compatibility with Postfix milter environment;
- verifies that the body hash in a signature matches the actual body hash;
- fixes relaxed body canonicalization of
SM, and others:
Both milters are being maintained and are similar in reliability.
dk-milter is not fading in oblivion as there are more domains signing
with DomainKeys than DKIM.
Usage of dk-milter may not be fading, but the interest in fixing standing bugs
seems to be lost (contrary to
I'm finishing up writing what I have learned in the last
couple of weeks on setting up a DKIM/DK signing/verifying
mail system using Postfix, milters, amavisd-new and
SpamAssassin. The following text will be part of the
documentation for amavisd-new (text is also available
at
Pascal,
...an then the cpu load increase a lot and the process never go into
wait mode.
When I comment the folloging line in PerMsgStatus, it seems to work :
Try from a command line first, see if that works:
# su vscan
$ spamassassin -t -D test.msg
Mark
Vivek Khera wrote:
in the current port for 3.1.4, there are no freebsd-specific patches
to SA, so whatever this was is no longer there.
You are one day behind :)
On Aug 23, 2006, at 5:01 PM, Justin Mason wrote:
anyone know what this is/does?
/etc/spamassassin/local.cf:
bayes_store_module Mail::SpamAssassin::BayesStore::MySQL
change to sql there, mysql does not work, sql does
Š¢hanks a lot, that fixed the problem ;-)
That just avoided the problem by using a less efficient plugin
which does not need transactions.
Mark
A little bit off topic on this list, but since you are involved with
amavisd-new, do you know how to avoid the same problem in amavisd-new?
With Bayes db? Fix it within SpamAssassin, and amavisd-new will be happy too.
Like I mentioned previously, I've seen it too and it helped to reinstall
Nope. I didn't write it clear, sorry about that. I want to make amavisd-new
use sql for all *_ quarantine_method, but DBI is complaining about the same
thing.
I understood. It is the same problem, once you resolve the problem with
Mail::SpamAssassin::BayesStore::MySQL, amavisd logging and
Jessica Perry Hekman writes:
Hi all. I just started using spamassassin for the first time. It's
marking everything as spam, because MISSING_SUBJECT is always matching,
although the mail does have Subject: lines.
Btw, the last time the very same thing happened to me was because of an
unrelated
On Sun, August 20, 2006 20:21, Dimitar G. Katerinski wrote:
I'm trying to setup Spamassassin to use mysql for bayes storage. However
I'm experiencing problems with DBI complaining about Transactions not
supported by database at /usr/lib/perl5/DBI.pm line 670.
yep see bug
Chris,
Seems like I have to specify rule priority above 500 for fuzzy_ocr rules,
otherwise the focr_autodisable_score is mostly ineffective as it misses
half the SARE and similar meta rules. Something like:
priority FUZZY_OCR 600
priority FUZZY_OCR_WRONG_CTYPE 600
priority
Justin Mason wrote:
That should not be a problem - if the message is re-signed, and the
resigner inserts his own Sender header field as it is supposed to do,
outer DK and DKIM signatures will succeed and the rule will not fire
yeah -- in a perfect world, maybe ;)
How does one move a
I've been running SA on 5.6.1, but I'm building a new FreeBSD box and its
prefered version is 5.8. I noticed that in the SA docs, it mentions
performance problems with 5.8.
FreeBSD has version 5.6.2 in ports, but I seem to recall that one
shouldn't use perl versions that ended in even
6 is not an even number.
Well... :)
Thank you all for the feedback.
FWIW, I've seen a few mails that had multiple DK signatures, apparently
as the result of going through a DK signed mailing list when the original
message had also been signed.
yeah, I think if the list re-signs the message, that's ok, because it then
On Wednesday August 16 2006 01:47, Chris Stone wrote:
On Wed, 2006-08-16 at 01:37 +0200, Mark Martinec wrote:
header __L_FROM_YAHOO From:addr =~ /@yahoo\.com$/i
header __L_FROM_GMAIL From:addr =~ /@gmail\.com$/i
You should escape the @ signs in the expression: /[EMAIL PROTECTED]/i
Yes
Having received a couple of messages faking to be from yahoo,
despite FORGED_YAHOO_RCVD and few other rules firing, the final
score was not high enough. Since Yahoo! is signing their
outgoing mail with DomainKeys, I came up with:
header __L_FROM_YAHOOFrom:addr =~ /[EMAIL PROTECTED]/i
Thanks Justin and Daryl.
(a) Is From:addr rather than EnvelopeFrom:addr the right header to
use?
I'd say yes. DK signs the message, not the envelope. I'm pretty sure
the current milters look for a From: header to decide on what
selector/etc to use.
Right, DK (as well as DKIM) uses
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5041
Thanks!
Mark -- may I upload that sample to this bug? Without it, everyone
else will be unable to reproduce the issue, test fixes, etc.
You may.
I'll see if I can find a suitable uuencoded publicly-viewable
example for upload too.
I recently noticed a couple of cases where SA (3.1.4 or earlier)
would take over a minute (instead of few seconds) to check a 500 kB
message. Investigation reavealed that cases have one thing in common:
these were all message/partial chunks of a longish transfer of some
document or other data.
I recently noticed a couple of cases where SA (3.1.4 or earlier)
would take over a minute (instead of few seconds) to check a 500 kB
message. ...
...In other words, a single user can, at a click of a button,
bring down a dual processor mailer with SA for two hours,
by sending a 70 MB video
Justin,
Mark -- can you mail a *real* sample? private mail would be fine.
It is coming your way (private) in a minute or two.
It is a real sample, the only change I made is to
replace the From and To header, so that it looks like
a mail from me to you, subject: promotional video ...
Watch
On Tue, 8 Aug 2006, Rob McEwen wrote:
The following are what I have deemed as frequently used official e-bay
smtp servers. This list might be used for whitelisting or/and negative
scoring:
Seems like ebay is signing messages with DomainKeys, I'm getting
DK_VERIFIED in my log for mail from
From: Ralf Hildebrandt [EMAIL PROTECTED]
man antiword
No manual entry for antiword
Looks really useful and straightforward, thanks Ralf!
In the FreeBSD ports collection it comes under: textproc/antiword
or fetch it from its home site: http://www.winfield.demon.nl/
Mark
postgreSQL v8.0.4
SM writes:
Upgrade to Postgresql 8.1.4 if you can. Turn on autovacuum.
Use BayesStore::PgSQL.
Very good advice.
As an interesting side-information, I can say that
when using pen-pals whitelisting with amavisd-new,
SQL database maintenance operations (purging old records)
On Thu, Aug 03, 2006 at 12:21:07AM +0100, Mike Bostock wrote:
I use a default build of sa (i.e. I change absolutely no config
variables) and the default definitions dir is /usr/share/spamassassin
running sa-update puts new definitions in *its* default of
/var/lib/spamassasin/version
Theo,
to change Mail::SpamAssassin to provide a suitable default
for LOCAL_STATE_DIR. Please consider this a feature request.
http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4952 :)
Appreciated!
# sa-update --updatedir /usr/local/share/spamassassin
Warning: This will break
Dan,
Over the past few weeks, my company's mail server has been experiencing
high loads that result in SA skipping emails. I use a postgres database to
manage bayes, awl and userprefs. I am pretty sure that it is the bayes db
that is causing the high load ...
Are you using a
Is it normal that our own MSA ip address is being submitted for RBL
tests?
Daryl C. W. O'Shea writes:
It' normal, in the sense that that's what the code says to do. I'm sure
that this isn't optimal, but it works better than the way we did it
before (lastuntrusted FP'd all over).
Seems
What do you have to do to get that Authenticated sender: line? It's
not unpatched Postfix, is it? I know the Wietse was against such info
being provided.
Apparently postfix 2.3 will support auth tokens.
Any link document that? I'd like to add it to the wiki.
It is only a partial solution. It covers only one method
of authorizing roaming users for submitting mail to their
organization's MSA. It would be much better to have
a more general solution, trusting MSA to do its job
(see parallel thread internal/trusted again, MSA tested
for SPF?)
Daryl,
You've told SA that your users aren't a part of your internal network
though. If you configure SA to treat your users as part of your
internal network then it won't do net tests on them.
I forgot what was the original reason that it became a must to treat
MSA as non-internal. Was it
Sorry, I know the topic has been hashed and rehashed several times
recently. I though I understood issues around internal/trusted
networks and I believe that it worked as expected the last time
I checked, but now I'm suprised again, please help me understand it.
This is SA 3.1.3.
We have a MSA
601 - 700 of 740 matches
Mail list logo