Steven,
spam_scan: DSPAM not available, skipping it
That's fine, you have SA. Few people use DSPAM with amavisd-new.
I have been having a problem with my amavis-new spamassassin install. I
have had a user who complains of spam getting through despite the fact that
I am using dns black lists
On Thursday June 22 2006 01:25, Michael Monnerie wrote:
On Sonntag, 18. Juni 2006 01:37 Michael Monnerie wrote:
So my DSN had to contain dbname= and host=, separated via
semicolon.
Nobody of the devs got anything to say on that? I'm not sure if I did
everything correct (at least it works
boka,
i'm trying to configure sql whitelisting/... etc.
I've made all steps from:
http://wiki.apache.org/spamassassin/UsingSQL
Jun 20 16:15:58 rilej amavis[19547]: Module DBD::mysql 3.0006
Jun 20 16:15:58 rilej amavis[19547]: Module DBI 1.51
...
Jun 20 16:15:58
On Friday June 16 2006 20:33, Rosenbaum, Larry M. wrote:
Is there anything in RFC-2822 (or other RFC) that says that an MTA can't
take those X-Spam headers that SpamAssassin so nicely put at the top of
the message and move them to the bottom? Our MTA moves these headers
and some others and
Ken,
MailScanner works with Postfix and other MTAs as well, but it doesn't do
the 'per-user SA configs' unless you are using it with Sendmail, because
AFAIK, Postfix doesn't easily split multi-recipient emails, so incoming
mail must be passed into the scanner with multiple recipients, meaning
On Thursday June 1 2006 04:05, Matt Kettler wrote:
Simple rule:
trusted_networks - set to cover all machines that might generate a
Received: header that you control.
internal_networks - Will default to match trusted_networks if not declared.
99% of the time, you just set trusted_networks.
Bowie,
it is imperative than MSA hosts are excluded from
internal_networks.
What do you do if SA is running on your MSA host?
I believe this is the only exception to the rule,
because the following probably takes precedence:
The machine you're scanning on should be internal trusted
On Thursday June 1 2006 20:53, DAve wrote:
Bayes, arrgg!! More than once I've been given examples of bayes being
the solution I need. I really really really want bayes to work. But each
time I set it up, the db gets huge, scan times go through the roof, and
I end up disappointed.
I currently
header TWO_SUBJS ALL =~ /(?:^|\n)Subject:.*\nSubject:/s
header DOUBLE_SUBJECT ALL =~ /\nSubject: *\nSubject:.\s+\S/m
So this is what it boils down to, tested:
header L_DOUBLE_SUBJECT ALL =~ /^Subject:.*^Subject:/smi
score L_DOUBLE_SUBJECT 0.9
header L_DOUBLE_FROMALL =~
Every now an then I see a spam getting trough thanks to
one or two DK_POLICY_* tests triggered, and each one of them
contributing -1 score points. (this is with SA trunk,
but I don't think this has changed recently).
Seems like all the following tests:
DK_POLICY_SIGNALL, DK_POLICY_SIGNSOME,
Justin,
in my checkout:
rules/72_active.cf:##{ DK_POLICY_SIGNALL
rules/72_active.cf:score DK_POLICY_SIGNALL 0.001
could you do a further grep of your 'rules' dir to figure out
why those lines aren't being used?
Thanks for the hint, my mistake it seems.
I fetched a snapshot from
it's accually a 13 mg file
a 13 milligram file, that is an amazingly lightweight file!
(sorry, coudn't resist)
Is there a way to force plugin loading befor ethe defaut configs? Or
am I doing something wrong?
.pre files are loaded before .cf files -- this is where you
need to keep the loadplugin lines.
Oh... The SA is running as a plugin to amavisd-new as well... Maybe
it's amavisd's fault? Or
[1353] warn: dns: sendto() failed: at
/usr/lib/perl5/site_perl/5.8.3/Mail/SpamAssassin/DnsResolver.pm line 340.
The error report in sub bgsend does not show the failure reason
because it mistakenly reports $@ instead of $!, as far as I can tell.
Also, send() returns undef on error according
Nicolas,
[1353] warn: dns: sendto() failed: at
/usr/lib/perl5/site_perl/5.8.3/Mail/SpamAssassin/DnsResolver.pm line
340.
Please apply my patch from my previous message, and repeat your
command line test, concentrating on a any dns: logged entries, e.g.:
# su vscan -c 'spamassassin -t
thanks for that fix; it's now in trunk, and as bug 4901 for b3_1_0.
Thanks, that was quick!
but I don't get that last point -- warn() should always be noiser than
dbg(), hence less likely to go by unnoticed
You may disregard it. It would be true if dbg would log to
syslog or some other
3) Find out how much free memory you have without spamd running. ...
4) Divide the free memory by your answer from 2. That should give you a
good rough-estimate number to work with.
As an alternative to the above, you can calculate an approximate upper
limit for m by taking the resulting
Wolfgang, Loren,
real mail servers (those that deliver the ham part of mail) rarely ever
run XP but that this OS is the best candidate for creating a spam zombie
Not completely unreasonable. XP is targeted within MS as a personal or
very small company OS. The equivalent of a linux/unix
Justin,
Mark Martinec writes:
As a curiosity (but off topic), harvesting results from p0f
(passive operating system fingerprinting), here are two more:
http://www.ijs.si/software/amavisd/fig1.gif
Spam score vs. IP distance in hops (our server is
in European academic network
mouss wrote:
since most filters skip large messages, it may be tempting for spammers
to send large messagess:
I did some statistical analysis few weeks ago with SA 3.1.1
(SA called from amavisd-new, but that is beside the point).
Please see:
http://www.ijs.si/software/amavisd/fig4.gif
On Tuesday April 11 2006 23:17, Kelson wrote:
mouss wrote:
- multiple internal hops at either sender or receiver (I have N
Received headers added by my own MTA. and for mail fetched from an MSP,
there are still more).
Actually, if I'm reading this right, it's the number of IP hops
I see RedhatEL,Fedora,CentOS is a common theme. Anyone not running a RedHat
based distribution
Our entire servers farm is FreeBSD-based. No complaints there, rock solid.
The ports-based critical components like SA, ClamAV, Postfix, amavisd-new
are very responsive and gives confidence that such
Matt Kettler wrote:
in the /tools directory of the tarball is a script called
check_whitelist. If you run check-whitelist --clean, it will run
through the current user's AWL and purge any AWL entries which have only
been seen once.
$ check_whitelist --clean
Out of memory during request for
Michael,
This line right here tells me that you are NOT using MySQL for you AWL db.
Oops, my bad. Bayes is on SQL, AWL is obviously not.
Still, is the complaint warranted or am I expecting too much
from a bdb-based awl?
Mark
Tom,
From Loren Wilton:
Run a force-expire manually from a cron job and turn off auto expire.
... or switch bayes db to SQL, where auto-expire is much faster
and is no longer an issue.
Mark
Tom,
... or switch bayes db to SQL, where auto-expire is much faster
and is no longer an issue.
i would prefer to go this route if possible - are there any good
how-to's that deal with making this switch?
Mail-SpamAssassin-3.1.0/sql/README*
Mark
Alistair Ross writes:
I recently switched from a spamassassin only based setup to an
amavis-new combo setup, which seems to be doing all the right things,
apart from the fact that it's picking up 60% of the spam. The rest of
the spam is blatantly being identified as spam, then being
For the archive:
TROUBLE in check_mail: spam_scan FAILED: panic: swash_fetch at
/etc/mail/spamassassin/70_sare_specific.cf, rule SARE_SPEC_SHORTQ, line
1, GEN6 line 1706.
The problem turned out to be missing perl library directory 'unicore'
in chroot jail. The need for it is documented in
Peter,
TROUBLE in check_mail: spam_scan FAILED: panic: swash_fetch at
/etc/mail/spamassassin/70_sare_specific.cf, rule SARE_SPEC_SHORTQ, line 1,
GEN6 line 1706.
Search the amavisd-new web page for 'swash_fetch'.
It is consequence of Perl bugs when handling UTF-8 characters.
What version of
From SickBoy,
It is true, that amavisd-new preloads some of the SA code, but it is
also true, that this invocation of SA is more like using the spamassasin
commandline, meaning very,very resource-hungy.
This is a gross misinformation. amavisd-new behaves pretty much
as spamd does, the main
This is related to the topic 'trusted_networks?' from last weak,
but instead of snatching the thread I'll start a new one.
Meanwhile I've read and re-read the Mail::SpamAssassin::Conf
man page, but I'm no wiser. Using SA 3.1, Postfix, amavisd-new.
I have a mail relay on an internal network
From Matt Kettler,
Depending on what MTA you use there will be a variety of MTA integration
tools for you to choose from. Popular ones include qmail-scanner (for
qmail), mimedefang (sendmail), exiscan (exim), MailScanner (multiple) and
amavisd-new (multiple).
...
For what it's worth, I use
Shane,
From Martin Hepworth:
In that case, from my understanding of amavis-new, your stuck with the way
it works. As far as I know amavis-new calls SA from the perl API, like
MailScanner does.
Exactly, and just like spamd does.
amavisd-new is just like spamd, with different protocols spoken
Steven,
i am looking for a way to modify my subject line so that the spam assassin
hits show in the subjectline but since i am useing amavisd-new i think it
has to occure in the amavisd.conf file.
Unfortunately this is not available off the shelf. The only modification
to the Subject header
Sep 20 22:34:18 logger amavis[21071]: (21071-01-16) SA TIMED OUT,
backtrace: at /usr/lib/perl5/site_perl/5.8.3/Mail/SpamAssassin/
EvalTests.pm line 973
Nope.. processing the real whitelist, not the AWL, in that trace.
What's your amavis timeout set for?
The default amavisd-new timeout
I came across the same problem as reported by Irina,
but this time with Perl 5.8.7 and SA 3.1.0-rc2.
Filed as bug #4570:
http://bugzilla.spamassassin.org/show_bug.cgi?id=4570
Mark
P.S. sorry for a missing ref to a thread,
I fetched the subject from the archive
Since I use SpamAssassin 3.001000, I have sometimes zombies. And
I`ve found out it. The zombie was pyzor.
My first guess it that it is a symptom of:
http://bugzilla.spamassassin.org/show_bug.cgi?id=4518
Yep, that's a possibility...
I expect the scenario goes like that:
- SA
http://bugzilla.spamassassin.org/show_bug.cgi?id=4518
I expect the scenario goes like that:
- SA spawns a pyzor process, which does not finish in 5 seconds;
- due to #4518 the pipe is not auto-closed by SA until a next
mail-to-be-checked by this process comes around, which may
take
the problem is that when i run:
# spamassassin -tD spam-sample
then the shell script stops and i have to ctrl C
This one is easy: it is waiting on your input.
# spamassassin -tD spam-sample
# spamassassin -tD spam-sample
Mark
I know (I read changelog now) ... sorry.
But I have problem with this combination (SA3 + amavisd-new-20030616-p10):
Oct 5 15:33:11 x amavis[25039]: (24614-01) ESMTP: 500 5.5.2
Error: bad syntax; PENALIZE: ...
FIY: After PENALIZE: is only one line from email source.
Something in SA
701 - 740 of 740 matches
Mail list logo
