Re: Problem with txrep database

On 2016-07-04 11:16, Ralf Hildebrandt wrote: Using SpamAssassin version 3.4.1 on Ubuntu precise (14.04) My /etc/mail/spamassassin/local.cf has: use_txrep1 normalize_charset1 txrep_factoryMail::SpamAssassin::SQLBasedAddrList user_awl_dsn

Re: Numerous problems with SA under Raspbian jessie & Ubuntu 15.10

On 2015-12-20 16:15, Jari Fredriksson wrote: Dec 20 17:04:08.149 [32761] dbg: timing: total 128808 ms - load_scoreonly_sql: 0.27 (0.0%), signal_user_changed: 127278 (98.8%), b_tie_ro: 127275 (98.8%), parse: 6 (0.0%), extract_message_metadata: 187 (0.1%), get_uri_detail_list: 8 (0.0%),

Re: Numerous problems with SA under Raspbian jessie & Ubuntu 15.10

Btw, the fix for: "each on reference is experimental at ..." "keys on reference is experimental at /usr/share/perl5/Mail/SpamAssassin/Plugin/URILocalBL.pm" is at Bug 7208: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7208 Mark

Re: Google redirects

On 2015-12-18 16:29, Axb wrote: On 12/18/2015 04:17 PM, Mark Martinec wrote: On 2015-12-17 22:41, Axb wrote: could you make a version using redirector_pattern so the redirected target can be looked up via URIBL plugin? Isn't this already the case? Redirect targets are added to a list of URIs

Re: Google redirects

On 2015-12-17 22:41, Axb wrote: could you make a version using redirector_pattern so the redirected target can be looked up via URIBL plugin? Isn't this already the case? Redirect targets are added to a list of URIs and are subject to same rules as directly collected URIs. Mark

Re: redirector_pattern question

On 2015-12-18 11:19, Paul Stead wrote: After the messages last night I've been looking into the redirector_pattern config option - I'm seeing weird results... Given the redirector_pattern of: redirector_pattern m'https?://www.google.com/url?q=([^&]+).*'i I've noticed that spamassassin can

Re: DNS lookups fail with SpamAssassin since Net::DNS 1.03

Not sure about SPF. It's supposed to be fixed in the current 3.4 branch and in trunk, which is why I'm not seeing a problem with Net::DNS 1.03 or Net::DNS 1.04. Will check how the released version of 3.4.1 fares with Net::DNS 1.04 regarding SPF. The emergency patches were applied to FreeBSD

Re: DNS lookups fail with SpamAssassin since Net::DNS 1.03

Ian Eiloart wrote: I had this problem after upgrading from a rather old version of SA. After upgrading to Net::DNS 1.04, the errors aren’t logged, but SpamAssassin isn’t finding SPF records. I wonder whether anyone can offer any suggestions. [...] Yesterday, I upgraded Net::DNS 1.03 to

Re: Re-4: A rule to check X-ASN header

My eventual goal is to test for "Has google in the sender name OR domain" and "is NOT from a ASN owned by Google". https://www.ultratools.com/tools/asnInfoResult?domainName=Google Am I'm not explaining myself correctly? ... nevertheless ... a valid DKIM signature by google is as good if not a

Re: DNS lookups fail with SpamAssassin since Net::DNS 1.03

Net::DNS 1.03 breaks compatibility with SpamAssassin: DNS lookups no longer work, and warnings like the following pop up: On 2015-11-13 19:22, Quanah Gibson-Mount wrote: Well, IO::Socket::IP support is new in Net::DNS 1.03, but it is only used if IO::Socket::INET6 is not present. I would

DNS lookups fail with SpamAssassin since Net::DNS 1.03

Net::DNS 1.03 breaks compatibility with SpamAssassin: DNS lookups no longer work, and warnings like the following pop up: lookup failed: Can't locate object method "handles" via package "IO::Socket::IP" at /usr/local/lib/perl5/site_perl/Net/DNS/Resolver/Base.pm line 735. There is a CPAN

Re: Relay Country Plugin GEOIP issue

2015-10-15 00:09, a...@satester.com wrote: Does the Geo::IP package need to be recompiled for the change to go into effect? No. Use of uninitialized value $hasStructureInfo in numeric eq (==) at (eval 31) line 5520 According to comments in Geo/IP.pm your GeoIP database files must be very

Re: charset=utf-16 tricks out SA

2015-10-10 03:03, RW wrote: I'm not seeing any body tokens, even after training. I was expecting that the text would be tokenized as individual UTF-8 sequences. ASCII characters encoded as UTF-16 and decoded with the wrong endianness are still valid UTF-16. Normalizing them into UTF-8 should

Re: charset=utf-16 tricks out SA

Reindl Harald wrote: no custom body rules hit like they do for ISO/UTF8 :-( What is your normalize_charsets setting? enabled, that's what i meant with "like they do for ISO/UTF8" and adding "dear potencial partner" to CUST_BODY_17 did not change the score see attached sample and rule below

Re: command arguments for spamd on FreeBSD

I recently updated SpamAssassin to version 3.4.1 on FreeBSD 8.4-release p36, running Postfix/Dovecot2. My question is simple, how do I pass command arguments to spamd? (and did this change since 3.3.x?) I am quite sure that before upgrading the following lines in rc.conf worked correctly to pass

Re: Heads up: Net::DNS update may have quietly broken your SpamAssassin.

Olivier Nicole wrote: "Bill Cole" writes: I noticed today that the hit rate on URIBL* rules had dropped to to zero since my last round of updates, and after many hours of trying to determine why which included reviewing BIND configs and packet

Re: Heads up: Net::DNS update may have quietly broken your SpamAssassin.

Not to forget the fix at: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202283 which is also needed with Net::DNS 1.01 or later. Sorry, wrong link, should be: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7231 Already cherrypicked in the FreeBSD port of SpamAssassin:

Re: New warnings after Perl upgrade to 5.20?

Larry Rosenman wrote: Getting the following on sa-learn: each on reference is experimental at /usr/local/lib/perl5/site_perl/Mail/SpamAssassin/Plugin/URILocalBL.pm line 353. keys on reference is experimental at /usr/local/lib/perl5/site_perl/Mail/SpamAssassin/Plugin/URILocalBL.pm

Re: ALL_TRUSTED triggering _intermittently_ on external mails?

PGNd wrote: I'm running postfix 3.0.1 amavisd-new-2.10.1 (20141025) SpamAssassin version 3.4.1 on linux/64. amavisd/spamassasin is invoked as a postfix prequeue proxy filter. Spam is getting scanned and scored. Usually correctly. Intermittenly, I get an email that

Re: ALL_TRUSTED triggering _intermittently_ on external mails?

PGNd wrote: The LHLO/LMTP header still is added at the backend, and UNPARSEABLE_RELAY still hits. I've not yet determined what the actual problem with the parsing is. It's a shortcoming/bug in the SpamAssassin ad-hoc parser. Please open a Bugzilla ticket and provide a sample of your

Re: Confused about Bayes expiry

Ian Zimmerman wrote: I am very confused by the various features involving expiry from Bayes. perldoc Mail::SpamAssassin::Conf : bayes_expiry_max_db_size (default: 15) What should be the maximum size of the Bayes tokens database? When expiry occurs,

RE: PerMsgStatus Util warnings

Jim Barber wrote: From: Mark Martinec [mailto:mark.martinec...@ijs.si] Are you using some third-party SpamAssasin plugin that relies on the deprecated subroutine Mail::SpamAssassin::Util::uri_to_domain ? I'm getting the same error: May 15 12:34:41 smtp-syd mimedefang-multiplexor[30108

Re: PerMsgStatus Util warnings

Alex Regan wrote: I have v3.4.1 with amavisd v2.9.1 on fedora20 and receiving the following warnings: May 13 23:32:31 mail01 amavis[17306]: (17306-10) _WARN: plugin: eval failed: Undefined subroutine Mail::SpamAssassin::Util::RegistrarBoundaries::trim_domain called at

Re: PerMsgStatus Util warnings

Alex Regan wrote: Please open a bug report (one should do, even though these are two independent issues). Bug filed, thanks so much. https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7195 Great, thanks. Please also try the posted patch and see if that resolves the first type of a

Re: PerMsgStatus Util warnings

I have v3.4.1 with amavisd v2.9.1 on fedora20 and receiving the following warnings: May 13 23:32:31 mail01 amavis[17306]: (17306-10) _WARN: plugin: eval failed: Undefined subroutine Mail::SpamAssassin::Util::RegistrarBoundaries::trim_domain called at

Re: interesting spammer trick (bayes)

On 2015-05-03 10:55, Reindl Harald wrote: recently i observed by playing around with bayes-training that some junk (maybe unintentional) is using the mimetype 'application/octet-stream' instead 'text/html' containing the payload of a form with javascript prevets the attachment from tokenizing

Re: need_tags

On 5/3/2015 2:40 AM, Robert Schetterer wrote: Hi , i try to understand this http://search.cpan.org/dist/Mail-SpamAssassin/lib/Mail/SpamAssassin.pm need_tags ... Currently the only tag that needs to be explicitly requested is 'TIMING' ... the goal would be to have time stats of every rule

Re: need_tags

The requirement for timing can be requested by a application using the SpamAssassin library. Currently amavisd does turn it on and the SpamAssassin timing report is included in the amavisd log, but the spamd does not include the timing report in its log. On 2015-05-05 1:20, Kevin A. McGrail

Re: TxRep $msgscore warning

my $sa_args = { local_tests_only = $SALocalTestsOnly, dont_copy_prefs= 1, userprefs_filename = $config, user_dir = $Features{'Path:QUARANTINEDIR'}, debug = 'TxRep' };

Re: SA 3.4.1 - error messages in log?

On May 2, 2015 7:08:10 PM Mark Martinec wrote: May 2 06:45:29 sunshine spamd[22293]: Use of uninitialized value $hasStructureInfo in numeric eq (==) at (eval 46) line 5520. This one seems to come from a module Geo::IP, called form a SpamAssassin plugin URILocalBL. [...] Try disabling

Re: dkim invalid and 3.4.1

1.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid The score for this rule should be a zero or a near-zero. There must be some problem with assigning a score to such test rule (the 1.0 is a default value if a score line is missing). T_DKIM_INVALID is a test rule, as such its

Re: dkim invalid and 3.4.1

On 2015-05-03 5:34, Nick Edwards wrote: Is there any reason reason=invalid (public key: not available) is declared as error to fail t_dkim_invalid 1.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid This is published a neutral so should not be considered invalid This

Re: SA 3.4.1 - error messages in log?

On 2015-05-02 14:39, Art Greenberg wrote: I just moved from 3.4.0 to 3.4.1 and am seeing messages from SA in maillog that I've not seen before. Do they indicate an issue with my installation? Here is a segment from the log. This pattern repeats each time SA processes a message. The use of

Re: ANNOUNCE: Apache SpamAssassin 3.4.1 available (bug)

On 2015-05-01 20:34, Forrest wrote: Upgrading from a simple 3.4.0 installation, 3.4.1 refuses to start, with this error: Starting spamd: child process [3723] exited or timed out without signaling production of a PID file: exit 255 at /usr/local/perl/bin/spamd line 2986. I've seen this

Re: spam score question

On April 22, 2015 8:44:59 PM EDT, Thom Miller t...@cagroups.com wrote: On Sat, 18 Apr 2015 08:16:40 -0700 Michael Williamson michael.h.william...@gmail.com wrote: It appears to me that spamassassin can produce different spam scores for the same email. In particular, I have noticed that

Re: FPs on RCVD_ILLEGAL_IP

Dianne Skoll wrote: On Mon, 20 Apr 2015 17:02:09 -0700 (PDT) John Hardin jhar...@impsec.org wrote: I suggest that this rule should treat 0/8 as equivalent to 127/8. That's essentially what it's reserved for, just local to the LAN vs. local to the host. Does 0/8 really mean that? On at least

Re: FPs on RCVD_ILLEGAL_IP

In any case, I think that RCVD_ILLEGAL_IP should not be adding score points if it sees an 0.0.0.0/8 address in a Received header field. Mark

Re: FPs on RCVD_ILLEGAL_IP

shanew wrote: I presume detecting forged Received headers was the point of this rule all along, so if we all toss this rule out the window (or adjust to exclude this edge case), aren't we potentially encouraging spammers to hide their true networks in the same way? There is no benefit to

Re: FPs on RCVD_ILLEGAL_IP

Dianne Skoll wrote: Mark Martinec mark.martinec...@ijs.si wrote: I can only conclude that a rule like RCVD_ILLEGAL_IP will hit mostly on misconfigured or misguided sending mailers, not primarily on spam. I disagree. Now that the Microsoft issue has been fixed, well over 95% of the mail

Re: FPs on RCVD_ILLEGAL_IP

John Hardin wrote: I suggest that this rule should treat 0/8 as equivalent to 127/8. That's essentially what it's reserved for, just local to the LAN vs. local to the host. I fully agree. Mark

Re: Fwd: Fwd: Re: effectiveness of DCC checks?

Kevin A. McGrail wrote: Vernon, do you have a recommended score for the implementation of DCC with SA? There are concerns that bulk mail from good senders has been hit by DCC which is completely by design. Vernon replied off-list so I wanted to bring the relevant portion back to the list: My

Re: effectiveness of DCC checks?

John Hardin wrote: [...] The 1.1 points is hardcoded: 50_scores.cf:score DCC_CHECK0 1.1 0 1.1 It's reasonable to argue that this score should be informational only, and that it should only be scored meaningfully in metas. Steve Freegard wrote: However - I'll readily agree with

Re: Spamassassin not catching spam (Follow-up)

well, a better setup would run spamassassin via milter *before-queue* and proper reject junk at SMTP level - so you have a tag level let say between 5.5 and 7.9 points and reject above 8.0 the flagged ones can go in a seperate folder via sieve and the absolute high score junk is proper rejected

Re: Recommendations for ASF SA Implementation

2015-03-17 22:16, Kevin A. McGrail wrote: I am working on recommendations for the ASF to modernize the installation of SA for the foundation. We have some givens: Using Ubuntu Using Postfix Need to stick with maintainable packages Likely needs to stay away from lots of tweaks and heavy

Re: SA 3.3, Debian and *BL...

dns_available yes Marco Gaiarin wrote: Ok, i have: dns_available test: 172.0.0.1 That's wrong. The documentation tells that you need to specify a domain name there, and that SpamAssassin will test for a NS record of that domain name: | dns_available { yes | no | test[: domain1

Re: whitelist_from_rcvd not working, WAIDW

http://pastebin.com/EV6g15aN I have this in user_prefs: trusted_networks 198.1.2.3/32 [...lots snipped...] whitelist_from_rcvd *@wetransfer.com *.wetransfer.com Why is the whitelist not firing? It seems the: Received: (from itz@localhost) by myalias.trusted.mx

Re: Bayes expiration with Redis backend

Matteo Dessalvi wrote: I am using a centralized Redis instance to host the bayesian data for a bunch of MTAs. AFAICS the SA filter is working quite well and the BAYES_* rules are triggered correctly, no false positive so far. But I am concerned about the expiration of the bayesian data.

Re: Lots of Polish spam

Axb wrote: didn't need a password to extract but... whatever format those .eml are in, none of text editors was able to handle them so that didn't help. $ mkdir Spam; cd Spam $ 7z e -pspam ../Spam.zip Sophos reports it as Troj/Tinba-O, like most others on virustotal.com ClamAV does not

Re: DKIM dependency issues

Alex Regan wrote: Feb 15 18:44:41.383 [16434] dbg: spf: [...] Compilation failed in require at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Plugin/SPF.pm line 500. Looks to me like the same issue (but a different symptom) as reported my mls mid January 2015 on the SA users mailing list:

Re: DKIM dependency issues

On 16. feb. 2015 00.59.42 Alex Regan mysqlstud...@gmail.com wrote: I've done a little more testing, and it certainly sounds like a local configuration issue, but it only happens on mbox files. The ones I've tested have only one message. [...] Tests on a few other mbox messages have produced

Re: sa-update failing: SHA1 verification failed

Tim Taylor wrote: For the last few days (from 31 Jan 2015), sa-update has been failing on my server. I've checked and can't see that any package updates happened around then, so I'm puzzled by why this is happening (it's been working fine for over a year beforehand). I'm running sa-update

Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9

mls wrote: The Rule2XSBody plugin is loaded on ubuntu in sa-compile.pre. After commenting it out the issue no longer happened. Great, that is an important finding! Benny Pedersen wrote: warn dont use cpan direct in ubuntu, you will break dependice, and later ask why does it not work if you

Re: Problem installing Spammassassin 3.4.0

Carlo Filippetto wrote: I have a CentOS release 5.5 (Final) SpamAssassin version 3.3.1 running on Perl version 5.8.8 I would like to upgrade it to 3.4.0 so I upgrade cpan module and install all the module on INSTALL document in the default root of the packages. When I tried to install it

Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9

mls wrote: Search for 'rules: INC:' in the resulting debug output. Is any of the reported elements reported as tainted (with an 'Y') ? I don't see tainted elements. But please check here: http://paste2.org/HzINJUwL Thanks. Strange... Does the problem go away if you disable the Rule2XSBody

Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9

Jan 20 08:16:11.048 [18848] dbg: bayes: found bayes db version 3 Jan 20 08:16:11.049 [18848] warn: plugin: eval failed: Insecure dependency in sprintf while running with -T switch at /usr/share/perl5/Mail/SpamAssassin/Logger.pm line 241. Jan 20 08:16:11.050 [18848] dbg: config: score set 1

Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9

Please find the output here: http://paste2.org/KNtnHHbv Thanks. Seems like the array @INC contains a tainted element, don't know why. Try inserting the following two lines: use Scalar::Util qw(tainted); dbg(rules: INC: %s, join(, , map($_: .(tainted($_)?'Y':'n'), @INC))); right before

Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9

Klaus wrote: Thanks. I am running SA version 3.4.0. Jan 17 08:00:12.091 [2891] warn: rules: failed to compile Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9.

Re: possible bug in Mail::DKIM when keysize is under 1024 bits

On Jan 11, 2015, at 3:40 PM, Kevin A. McGrail kmcgr...@pccc.com wrote: I disagree as well. You can't cherry pick your quotes and you are missing the long-lived caveat as well as the next sentence: Verifiers MUST be able to validate signatures with keys ranging from 512 bits to 2048 bits If it

Re: possible bug in Mail::DKIM when keysize is under 1024 bits

On January 12, 2015 8:06:00 AM EST, Mark Martinec It would be wrong to assign score to short keys. Kevin A. McGrail wrote: Actually the rfc specifies that keys 512 to 2048 bits must be verified so I think there is a grey area and there is this long-lived key caveat as well. I think if we

Re: spamassassin bayes rules

Filip Havlíček wrote: Anybody can help with this? I still cannot find some helpful information, thanks. Dne 10.12.2014 v 14:52 Christian Grunfeld napsal(a): when you run bayes in SQL and does sa-learn --username it will not try to setuid to that user (in a real system user scenario it will

Re: spamd: spf: lookup failed: addr is not a string at /usr/share/perl5/IO/Socket/IP.pm line 646.

Michael Grant wrote: I'm getting this message in my mail.log: spamd: spf: lookup failed: addr is not a string at /usr/share/perl5/IO/Socket/IP.pm line 646. I'm running debian stable with Spamassassin from backports: SpamAssassin Server version 3.4.0 running on Perl 5.14.2 and

Re: Help with Disk quota exceeded for a user depending on the mail quota

Almond wrote: 3) ...spamd[28040]: plugin: eval failed: error writing to /tmp/.spamassassin28040V31F7ftmp: Disk quota exceeded at /usr/share/perl5/vendor_perl/Mail/SpamAssassin/Message.pm line 965, GEN840 line 1575. this was the situation on /tmp before tmpwatch installation:

Re: fixing errors with --debug --lint

The From header is supposed to have a space between the display name and the address. It's just a convention for better readability. RFC 5322 section 3.4.: address = mailbox / group mailbox = name-addr / addr-spec name-addr = [display-name] angle-addr

Re: different results when using --debug

On Dec 08, 2014, at 19.28, Mark Martinec mark.martinec...@ijs.si wrote: Actually, looking at a diff of DBM.pm between 3.4.0 and 3.4.1 I can see the taint bug has already been fixed by r1608413: @@ -814,3 +816,3 @@ my @vars = $self-get_storage_variables(); - dbg(bayes: DB journal sync: last

Re: different results when using --debug

btb wrote: i hope it's not too soon to ask about this again. i'm not quite sure how to debug something like this when when it's --debug that is what behaves differently :) i've put the commands and output into a pastebin this time. Possibly this PR is related:

Re: different results when using --debug

btb wrote: i hope it's not too soon to ask about this again. i'm not quite sure how to debug something like this when when it's --debug that is what behaves differently :) i've put the commands and output into a pastebin this time. Please show the debug output from: spamassassin

Re: different results when using --debug

Ben wrote: On 2014.12.08 10.13, Mark Martinec wrote: btb wrote: i hope it's not too soon to ask about this again. i'm not quite sure how to debug something like this when when it's --debug that is what behaves differently :) i've put the commands and output into a pastebin this time

Re: different results when using --debug

Does the following patch help? --- lib/Mail/SpamAssassin/BayesStore/DBM.pm (revision 1643879) +++ lib/Mail/SpamAssassin/BayesStore/DBM.pm (working copy) @@ -1348,7 +1348,7 @@ if ($opts-{verbose}) { print $msg,\n; } else { - dbg($msg); + dbg(%s, $msg);

Re: different results when using --debug

listsb-spamassas...@bitrate.net wrote: i was testing with a sample message, and noticed that when running manually with --debug, there seem to be numerous differences in the results, such as scores for the same tests differing, visual ordering of results differing [is this significant?], and

Re: SA dns_server option

Matteo Dessalvi wrote: I have a short question about the dns_server option of SA. Is this option used when SA is called from Amavis and there isn't any spamd process running? Yes it is. To be more clear: should I also be forced to add the IP address of the caching DNS server to

Re: SA dns_server option

For example DKIM validation is done by amavisd calling Net::DNS directly A nitpick: Actually, amavisd is calling Mail::DKIM when DKIM validation is enabled, which in turn calls Net::DNS. The validation result is then passed to SpamAssassin's DKIM plugin, so that it doesn't need to do the

Re: Confused by new version of spamassassin

2014-11-25 13:52, Paul Gardiner wrote: On 25/11/2014 12:39, Paul Gardiner wrote: On 25/11/2014 12:13, Axb wrote: On 11/25/2014 12:50 PM, Paul Gardiner wrote: I'm using spampd as follows: spampd --port=10025 --relayhost=127.0.0.1:25 --user=paul --group=users

Re: could not create IO::Socket::IP socket on [127.0.0.1]:783: Address already in use

Tom Schulz wrote: Here is my debug output. It looks like the socket is created for 127.0.0.1 and then an attempt is also made for ::1. That fails as expected. But in my case that failure causes a retry that includes retrying for 127.0.0.1. This now fails because the port has already been created

Re: amavis question

Robert Moskowitz wrote: I am running a new mailserver virtual domain environment with postfix and mysql for the virtual domain definitions. amavis-new seems to be rejecting all emails for my one domain not a sub domain of my main one. That is, my domain (as you can see from my email addr) is

Re: MISSING_SUBJECT versus empty subject

Matus UHLAR - fantomas wrote: I remember I have asked the same some years ago. http://www.gossamer-threads.com/lists/spamassassin/users/104646 the explanation was that the current rule detects empty subject the same as no subject at all. IIRC it was in fact the same rule as it is now: header

Re: could not create IO::Socket::IP socket on [127.0.0.1]:783: Address already in use

Tom Schulz wrote: I am not sure if this is a bug or a usage problem. I have been running spamd on Solaris 10 and Perl v5.8.9 for years, starting it with the command: spamd -d -c -m 18 --min-spare=1 --max-spare=4 --syslog-socket=inet I upgraded Perl to v5.20.1 and installed the current

Re: .co.at

snowshoe... high fashion May cause FPs co.at is a subdomain hoster/pseudo tld uri AXB_URI_WHATCOAT/http\:\/\/\w+\.co\.at\// uri AXB_URI_WHATCOAT m{http://\w+\.co\.at/} http://en.wikipedia.org/wiki/Leaning_toothpick_syndrome :) Mark

Re: DMARC policy check with AskDNS posible?

After a couple of iterations and re-reading the policy syntax in a DMARC draft, I ended up with the following set of rules ( based on https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7099 ): ifplugin Mail::SpamAssassin::Plugin::AskDNS askdns __DMARC_POLICY_NONE _dmarc._AUTHORDOMAIN_

Re: DNS checks not being performed-

Niamh Holding wrote: spamd[26862]: spamd: connection from 127.0.0.1 [127.0.0.1]:46489 to port 783, fd 5 spamd[26862]: spamd: setuid to spamtest succeeded spamd[26862]: spamd: processing message 2014121508.3321875.277...@sailthru.com for spamtest:1028 spamd[26862]: plugin: eval failed:

Re: ***UNCHECKED(Encrypted)*** Re: DNS checks not being performed-

Is your IO::Socket::IP at version 0.21 or older? $ perl -le 'use IO::Socket::IP; print IO::Socket::IP-VERSION' 0.21 CHANGES: * Ensure that IO::Socket-new( Domain = ... ) definitely returns a socket in the right family Mark

Re: ***UNCHECKED(Encrypted)*** Re: DNS checks not being performed-

Niamh Holding wrote: MUf ... as it was already said: do NOT mix manually installed CPAN modules with MUf packages of any kind. use either one or the other. so don't use yum and cpan? Well, you probably can - if you are careful. But using an 8 years old version of perl you'd be safer with

Re: DNS checks not being performed-

Reindl Harald wrote: BTW: what is the Re: ***UNCHECKED(Encrypted)*** in your subjects?\ Sorry, my fault. Forgot to remove this from a Subject when replying. It was added here because the posting includes a PGP signature and the file(1) utility cannot distinguish a PGP/GPG encrypted message

Re: DMARC policy check with AskDNS posible?

2014-06-03 09:43, Christian Laußat wrote: I'm trying to improve my rules for DMARC policy checking. For now I only use the Authentication-Results header from the OpenDMARC milter as described here: https://kvm.laussat.info/2014/05/19/using-dmarc-in-spamassassin/ To get ride of this dependency,

Re: Subroutine IO::Socket::INET6::AF_INET6

Niamh Holding wrote: After updating to SpamAssassin 3.4.0 (2014-02-07) I'm getting the following- /usr/lib/perl5/5.8.8/Exporter.pm line 65. at /usr/lib/perl5/vendor_perl/5.8.8/IO/Socket/INET6.pm line 16 rpm -q perl-IO-Socket-INET6 perl-IO-Socket-INET6-2.51-2.fc6 Upgrade or deinstall

Re: spf: lookup failed: addr is not a string

Benny Pedersen wrote: Spampd 2.30 does not work with perl 5.18, spampd 2.42 does, seem lot is changed in perl, so is it not just mail::dkim that needs updates for perl 5.18 ? Or is it unrelated ? me wrote: Don't know about Spampd, it's probably unrelated. [...] I'm not aware of any

Re: shellshock via SMTP?

2014-10-29 16:26, Joe Acquisto-j4 wrote: Comments on the ZD net article that claims shellshock exploit via crafty SMTP headers? Just asking, that's all . . . I attached a link to it below, please excuse if that is improper behavior.

Re: spf: lookup failed: addr is not a string

Thomas Preißler wrote: Hey Mark, thanks for your explanation! I'm beginning to understand what is going on here. Because you have a older version of Mail::DKIM, spamassassin is unable to provide it with its own resolver, so Mail::DKIM does it by directly calling Net::DNS, which uses

Re: spf: lookup failed: addr is not a string

Benny Pedersen wrote: The problem is solved with perl 5.18, 5.20, 5.21.5, which deal with pPOK vs. POK flags somewhat differently. Spampd 2.30 does not work with perl 5.18, spampd 2.42 does, seem lot is changed in perl, so is it not just mail::dkim that needs updates for perl 5.18 ? Or is it

Re: spf: lookup failed: addr is not a string

On 2014-10-28 13:25, Thomas Preißler wrote: Finally, I’m able to reproduce this issue on a plain debian wheezy system: - install debian wheezy - enable backports and run apt-get update - apt-get -t wheezy-backports install spamassassin - apt-get install libmail-dkim-perl - set 156.154.70.1 as

Re: spf: lookup failed: addr is not a string

Thomas Preißler wrote: Already tried that. When using unbound as a local caching nameserver and 156.154.70.1 as the resolver, spamassassin produces the same error message. The same happens when unbound accesses the root nameservers directly and acts as a local resolver. But when unbound caches

Re: tag DKIMDOMAIN is still blocking action 0

Chris, Ran some spam and ham through 'spamassassin -D -t' today mainly looking to see if there were any mention of dns issues as I had reported earlier. At the end of the run I see this whether it's ham or spam: Oct 21 19:30:09.086 [31076] dbg: check: tagrun - tag DKIMDOMAIN is still

Re: tag DKIMDOMAIN is still blocking action 0

Chris, Mark, now I'm confused. As you can see the 'action 0 .' takes place before the DKIM lookup Oct 22 09:16:14.220 [8459] dbg: check: tagrun - action 0 blocking on tags DKIMDOMAIN Yes, that's normal. It happens immediately after basic information has been extracted from a mail header

Re: dns: bad dns reply: Connection refused

2014-10-20 20:11, Reindl Harald wrote: [...] sorry, no, but what i face repeatly are messages like below in fact only if the machine has more than 1 dns in resolv.conf configure it to just use 127.0.0.1 and that won't happen Oct 19 09:04:42 caladan spamd[20546]: dns: no callback for id

Re: rejected Null-Senders

On Tue, 2014-10-07 at 17:46 +0200, Reindl Harald wrote: can somebody comment in what context null-senders and so bounces and probably autorepsonders are blocked by DKIM_ADSP_NXDOMAIN,USER_IN_BLACKLIST DKIM_ADSP_NXDOMAIN is checking a domain in a From header field, not the envelope sender

Re: Program failure (69) of spamc

2014-09-10 23:25 Geoff Soper wrote: Hi, I'm calling spamc (3.3.2) from procmail as suggested at https://wiki.apache.org/spamassassin/UsedViaProcmail Having made a change to not use the lockfile (as suggsted in another thread) I'm now getting the following error in my procmail log: procmail:

Re: Dealing with suspicious unicode in domains

Alex writes: Just came across this article about measures Google is taking to block domains using suspicious unicode characters: http://threatpost.com/google-tweaks-gmail-to-help-limit-spam/107732 Does SA yet have similar measures? I seem to recall some discussion about this probably a year

Re: Google, IPv6 and SPF (was Re: No SPF/DKIM/DMARC rule)

David F. Skoll wrote: Google must be using some secret algorithm to decide whether or not to be strict. https://support.google.com/mail/answer/81126?p=ipv6_authentication_errorrd=1#authentication (September 2013) - Sign messages with DKIM. We do not authenticate messages signed with keys

Re: Bayer Filter Not Working

On 2014-07-05 14:18, Herbert J. Skuhra wrote: Jun 24 13:47:53.167 [3245] warn: plugin: eval failed: Insecure dependency in sprintf while running with -T switch at /usr/local/share/perl/5.14.2/Mail/SpamAssassin/Logger.pm line 241. Jun 24 13:47:53.168 [3245] dbg: config: score set 0 chosen. That

Re: Installing IO::Socket::IP

Chris, Looking for another pair of eyes here. I've been trying to install this module for a few hours now and having no luck. When testing on the module begins the output for each test is: Socket version 1.97 required--this is only version 1.82 So, I found Socket V1.97 and tried to install it

Re: Installing IO::Socket::IP

Chris, Looks like gcc is not happy: const-xs.inc:834: error: format not a string literal and no format arguments http://pastebin.com/CYgt0Uq7 Remove the -Werror=format-security from your compiler options. Mark

  1   2   3   4   5   6   7   8   >