Re: [clapf-users] question after setting up clapf on a fresh debian install

Mon, 05 Sep 2011 10:05:22 -0700 

Hello,
SOry I can view quarantine (qrunner crontab) but it failed to deliver every time, train as ham work When i select a message then deliver then submit, there is no log in my mail log 

Please help

Regards,
Xavier Rosenfeld
Le 05/09/2011 18:21, Xavier Rosenfeld a écrit :



-------- Message original --------

Sujet: 	Re: [clapf-users] question after setting up clapf on a fresh 
debian install

Date :  Mon, 05 Sep 2011 18:17:53 +0200
De :    Xavier Rosenfeld <xav...@rosenfeld.fr>
Pour :  clapf-users@lists.acts.hu



Thanks you for your reply.


Built in software mean does clapf is also an antispam or i have to 
install one ? but now i think yes !


I am a little bit confused with training clapf.

My clapf is installed on a mail gateway, all email box are on other 
server. So how to train emails located on other server ? Need i copy 
maildir to the gateway before training ?



Actually i setting up forwarding message, my user sent spam at 
spam@mydomain and ham at ham@mydomain, look at my counter and a 
learning spam log


*Counters:*

rcvd    53
mynetwork       30
ham     51
spam    1
possible_spam   0
unsure  51
minefield       0
zombie  19
virus   1
false positive error    1
false negative error    3
spam / total ratio      1.89 %
virus / total ratio     1.89 %




Sep  5 18:00:27 test postfix/smtpd[15644]: connect from 
mail-bw0-f54.google.com[209.85.214.54]
Sep  5 18:00:27 test postgrey[12615]: action=pass, reason=unlikely a 
zombie, client_name=mail-bw0-f54.google.com, 
client_address=209.85.214.54, sender=xrosenf...@gmail.com, 
recipient=xav...@rosenfeld.fr
Sep  5 18:00:27 test postfix/smtpd[15644]: 8D08711F41: 
client=mail-bw0-f54.google.com[209.85.214.54]
Sep  5 18:00:27 test postfix/cleanup[15682]: 8D08711F41: 
message-id=<cap7hxundghyrc8xmsj1ke2ef11p8cu-7iucmxfqmk0bxccp...@mail.gmail.com>
Sep  5 18:00:27 test postfix/qmgr[15472]: 8D08711F41: 
from=<xrosenf...@gmail.com>, size=1477, nrcpt=1 (queue active)

Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: fork()

Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
sent: 220 av-engine.localhost LMTP
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
got: LHLO test.rosenfeld.fr
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
sent: 250-av-engine.localhost

250-PIPELINING
250-SIZE
250-8BITMIME
250 XFORWARD NAME ADDR PROTO HELO

Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
got: XFORWARD NAME=mail-bw0-f54.google.com ADDR=209.85.214.54
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
smtp client address: *209.85.214.54*
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
got: XFORWARD PROTO=ESMTP HELO=mail-bw0-f54.google.com
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
got: MAIL FROM:<xrosenf...@gmail.com> SIZE=1477
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
got: RCPT TO:<xav...@rosenfeld.fr>
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
got: DATA
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
sent: 250 Ok

250 Ok
250 Ok
250 Ok
354 Send mail data; end it with <CRLF>.<CRLF>

Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
period: *QUIT

*

Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
got: (.)
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
parsing message
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
fixup subject line
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
sender IP: 209.85.214.54
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
trying to pass to CLAMD
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
CLAMD CMD: SCAN /var/spool/clapf/tmp/4e64f21be6d9e85610b99d45523064
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
CLAMD DEBUG: 56 /var/spool/clapf/tmp/4e64f21be6d9e85610b99d45523064: OK
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
engine: clamd, virus info: ''
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
round 0 in injection
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
query user data from xav...@rosenfeld.fr
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
user data stmt: SELECT user.uid, user.gid, user.username, user.domain, 
user.policy_group FROM user,t_email WHERE user.uid=t_email.uid AND 
t_email.email='xav...@rosenfeld.fr'
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
zombie check: + [1] mail-bw0-f54.google.com
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
sql: SELECT whitelist, blacklist FROM t_white_list,t_black_list where 
(t_white_list.uid=1 or t_white_list.uid=0) and 
t_white_list.uid=t_black_list.uid

Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: list:

Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
running Bayesian test
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
updated 14/17 tokens
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
saving to queue: 
/var/lib/clapf/queue/rosenfeld.fr/x/xavier/s.4e64f21be6d9e85610b99d45523064
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
dropped spam
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
from=<xrosenf...@gmail.com>, to=<xav...@rosenfeld.fr>, 
spaminess=0.9999, result=SPAM, size=1480, relay=127.0.0.1:10026, 
delay=0.01, 
delays=0.01/0.00/0.00/0.00/0.00/0.00/0.00/0.00/0.00/0.00/0.00, 
status=, subject=viagra
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
got: QUIT
Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: 
sent: 221 av-engine.localhost Goodbye

Sep  5 18:00:27 test clapf[15684]: 4e64f21be6d9e85610b99d45523064: removed

Sep  5 18:00:27 test postfix/lmtp[15683]: 8D08711F41: 
to=<xav...@rosenfeld.fr>, relay=127.0.0.1[127.0.0.1]:10025, 
delay=0.33, delays=0.29/0.02/0.02/0.01, dsn=2.0.0, status=sent (250 Ok 
4e64f21be6d9e85610b99d45523064 <xav...@rosenfeld.fr>)

Sep  5 18:00:27 test clapf[15684]: child has finished
Sep  5 18:00:27 test clapf[15684]: processed 1 messages
Sep  5 18:00:27 test postfix/qmgr[15472]: 8D08711F41: removed

Sep  5 18:00:35 test postfix/smtpd[15687]: warning: dict_nis_init: NIS 
domain name not set - NIS lookups disabled
Sep  5 18:00:35 test postfix/smtpd[15687]: connect from 
localhost[127.0.0.1]
Sep  5 18:00:35 test postfix/smtpd[15687]: disconnect from 
localhost[127.0.0.1]

Sep  5 18:00:35 test clapf[15688]: 4e64f223b1ddd8c5f9ff09aa3f88c8: fork()

Sep  5 18:00:35 test postfix/smtpd[15654]: connect from 
localhost[127.0.0.1]
Sep  5 18:00:35 test postfix/smtpd[15654]: disconnect from 
localhost[127.0.0.1]
Sep  5 18:00:35 test clapf[15688]: 4e64f223b1ddd8c5f9ff09aa3f88c8: 
sent: 220 av-engine.localhost LMTP
Sep  5 18:00:35 test clapf[15688]: 4e64f223b1ddd8c5f9ff09aa3f88c8: 
got: QUIT
Sep  5 18:00:35 test clapf[15688]: 4e64f223b1ddd8c5f9ff09aa3f88c8: 
sent: 221 av-engine.localhost Goodbye

Sep  5 18:00:35 test clapf[15688]: 4e64f223b1ddd8c5f9ff09aa3f88c8: removed
Sep  5 18:00:35 test clapf[15688]: child has finished
Sep  5 18:00:35 test clapf[15688]: processed 0 messages

Sep  5 18:00:57 test postfix/smtpd[15644]: disconnect from 
mail-bw0-f54.google.com[209.85.214.54]


Why the webui quarantine is empty ? how to view quarantine email ?

Best regards,
Xavier

Le 05/09/2011 14:02, Janos SUTO a écrit :


Hello,

On Mon, 05 Sep 2011 00:42:52 +0200, Xavier Rosenfeld wrote:


I have followed this how to

http://clapf.acts.hu/wiki/doku.php/howto:debian_6.0.1_clapf_mysql_clamd
But i have installed the nightly instead of the 0.4.7.1 version cause
make install error.
I don't think i am protected from spam email cause the how to don't
speak about spam software, is there a built in spam software ?



what do you mean by 'built in spam software'? Have you trained the token
database? If you haven't then you should do so: take a few hundred spam
emails and good emails, then train clapf. Finally take one of the spam
emails and test it with spamdrop, ie.

spamdrop -D < the_spam_email.eml

and it will tell whether it recognises the spam email as a spam.



All is working exept a crontab error
/usr/bin/php /usr/local/libexec/clapf/qrunner.php
/var/www/spamgw.yourdomain.com (failed)
qrunner.php does not exist on my system (i use nightly) what i have
to do for having the same functionnality ?



Sorry, it will be fixed in the Makefile. Manual fix:

cp util/qrunner.php to /usr/local/libexec/clapf


Best regards,
Janos





























					Reply via email to