On Thu, September 22, 2011 21:26, Vernon Schryver wrote: >> SpamAssassin is configured to use the right path, this is its >> configuration: >> use_dcc 1 >> dcc_path /usr/local/bin/dccproc >> dcc_home /var/dcc >> dcc_dccifd_path /var/dcc/dccifd > > Are you using a current version of SpamAssassin?
Yes I have SpamAssassin 3.3.1 and this is its output: # spamassassin -V SpamAssassin version 3.3.1 running on Perl version 5.10.1 > Have you tried the SpamAssassin DCC test? I've forgotten how to > invoke it and do not see it mentioned in > http://spamassassin.apache.org/full/3.3.x/doc/Mail_SpamAssassin_Plugin_DCC.html I try this method of testing DCC with Spamassassin as described somewhere: # spamassassin -D < /usr/share/doc/spamassassin-3.3.1/sample-nonspam.txt and I got a lot of output, but this is the most important: Sep 23 10:12:38.503 [2790] dbg: dcc: dccifd local socket chosen: /var/dcc/dccifd Sep 23 10:12:38.503 [2790] dbg: dns: entering helper-app run mode Sep 23 10:12:38.503 [2790] dbg: dcc: connecting to a local socket /var/dcc/dccifd Sep 23 10:12:38.640 [2790] dbg: dcc: dccifd got response: X-DCC-dcc1-Metrics: mbox2 1182; Body=many Fuz1=many Fuz2=many Sep 23 10:12:38.640 [2790] dbg: dns: leaving helper-app run mode Sep 23 10:12:38.642 [2790] dbg: dcc: listed: BODY=999999/999999 FUZ1=999999/999999 FUZ2=999999/999999 REP=0/90 Sep 23 10:12:38.644 [2790] dbg: rules: ran eval rule DCC_CHECK ======> got hit (1) So It seems to work right! There is *NOT* any warning like: open(/var/dcc/map): Permission denied in all the output and neither in the log file (in that moment of test was running). But I got that warning, one for every incoming e-mail processed by spamassassin. > I understood that the SpamAssassin people were going to ship the > new version of the SpamAssassin DCC plugin in > /usr/var/dcc/build/dcc/misc/DCC.pm > If that file differs from the DCC.pm you are using, > it might be entertaining to try it. I haven't any directory named "dcc" under the directory /var # ls /usr/var/dcc/build/dcc/misc/DCC.pm ls: cannot access /usr/var/dcc/build/dcc/misc/DCC.pm: No such file or directory I have this inside the package "spamassassin": # rpm -ql spamassassin | grep -i dcc /usr/share/man/man3/Mail::SpamAssassin::Plugin::DCC.3pm.gz /usr/share/perl5/Mail/SpamAssassin/Plugin/DCC.pm /usr/share/spamassassin/25_dcc.cf >> I don't see any UDP connection after dccifd started, >> the output of the command "netstat -pu" is empty and >> there isn't any firewall (I disabled the default software firewall). > > Is dccifd running? If dccifd is running and SpamAssassin can reach > the UNIX domain socket at /var/dcc/dccifd, then SpamAssassin should > never try dccproc. Since SpamAssassin cannot use dccproc to reach > /var/dcc/map, one might expect problems reaching /var/dcc/dccifd. The dccifd program is running, I show only the two lines of output: # ps -ef root 1505 1 0 09:45 ? 00:00:00 /var/dcc/libexec/dccifd -tREP,20 -tCMN,5, -llog -wwhiteclnt -Uuserdirs -A -SHELO -Smail_host -SSend root 1506 1505 0 09:45 ? 00:00:00 /var/dcc/libexec/dccifd -tREP,20 -tCMN,5, -llog -wwhiteclnt -Uuserdirs -A -SHELO -Smail_host -SSend As I show before in the output of debugging Spamassassin, there is the right socket under /var/dcc/dccifd: srw-rw-rw-. 1 root root 0 Sep 23 09:45 /var/dcc/dccifd but it seems that every incoming e-mail causes Spamassassin to ignore it and invoke dccproc. I think that /var/dcc/map is locked by dccifd daemon and dccproc can't access it so the warning: open(/var/dcc/map): Permission denied This can be the right explanation, I think... Oh no! I try to disable dccifd on his config file /var/dcc/dcc_conf: DCCIFD_ENABLE=off and restart all the server. After the boot, the dccifd daemon wasn't started but in the log file /var/log/maillog there was that warnig: # last reboot system boot 2.6.32-131.12.1. Fri Sep 23 11:06 - 11:25 (00:19) and inside the /var/log/maillog (I replace the real name of server with "-----") Sep 23 11:26:13 ----- dccproc[2024]: open(/var/dcc/map): Permission denied > If dccifd is not running, then perhaps /var/dcc/libexec/rcDCC has > not been sym-linked to the right /etc/rc* directories. I also did as usual all the right links after installation of DCC: lrwxrwxrwx. 1 root root 22 Sep 21 13:27 /etc/init.d/dcc -> /var/dcc/libexec/rcDCC lrwxrwxrwx. 1 root root 13 Sep 21 13:28 /etc/rc3.d/S40dcc -> ../init.d/dcc This last link was made by the command "chkconfig dcc on" after the command "chkconfig --add dcc". Dccifd starts as well at the boot time, but *WHY* there is not any connection on UDP even if I got this output from cdcc command: # /usr/local/bin/cdcc "info -N" # 09/23/11 11:00:45 CEST /var/dcc/map # Re-resolve names after 11:12:54 Check RTTs after 11:15:44 # 351.82 ms threshold, 224.35 ms average 12 total, 12 working servers IPv6 on version=3 dcc1.dcc-servers.net,- RTT+1000 ms anon # 80.91.36.101,- dcc1.aftenposten.no dcc1.aftenposten.no ID 1215 # 100% of 11 requests ok 143.56+1000 ms RTT 100 ms queue wait # 137.208.8.26,- samantha.wu-wien.ac.at wuwien ID 1290 # 100% of 11 requests ok 124.02+1000 ms RTT 100 ms queue wait # 209.169.14.30,- h5-vjs.colo.indra.com x.dcc-servers ID 104 # 100% of 11 requests ok 250.56+1000 ms RTT 100 ms queue wait dcc2.dcc-servers.net,- RTT+1000 ms anon # 64.254.89.30,- dcc-public.dmv.com dmv.com ID 1181 # protocol version 9 # 100% of 11 requests ok 211.34+1000 ms RTT 100 ms queue wait # 208.82.128.50,- dcc.quonix.net ID 1282 # protocol version 9 # 100% of 11 requests ok 212.86+1000 ms RTT 100 ms queue wait dcc3.dcc-servers.net,- RTT+1000 ms anon # 209.169.14.26,- h1-vjs.colo.indra.com x.dcc-servers ID 104 # 100% of 11 requests ok 250.87+1000 ms RTT 100 ms queue wait dcc4.dcc-servers.net,- RTT+1000 ms anon # 200.81.186.149,- dcc1.sion.com SION ID 1111 # protocol version 9 # 100% of 11 requests ok 356.52+1000 ms RTT 100 ms queue wait dcc5.dcc-servers.net,- RTT+1000 ms anon # 136.199.199.102,- urts102.uni-trier.de URT ID 1060 # 100% of 11 requests ok 123.44+1000 ms RTT 100 ms queue wait # 193.166.171.33,- dcc1.stat.fi STAT_FI_X86_64_VIRTUAL ID 1245 # 100% of 11 requests ok 156.64+1000 ms RTT 100 ms queue wait dcc.to.infn.it,- RTT+0 ms anon # 192.84.137.21,- birubiru.to.infn.it INFN-TO ID 1233 # 100% of 11 requests ok 251.82+0 ms RTT 100 ms queue wait dcc1.pa.iasf.cnr.it,- RTT+0 ms anon # *194.119.212.6,- mail2.ifc.inaf.it dcc1 ID 1182 # 100% of 20 requests ok 124.78+0 ms RTT 100 ms queue wait dcc.ba.infn.it,- RTT+0 ms anon # 192.135.10.194,- dcc.ba.infn.it debian ID 1169 # protocol version 9 # 100% of 11 requests ok 127.36+0 ms RTT 100 ms queue wait ################ # 09/23/11 11:00:46 CEST greylist /var/dcc/map # Re-resolve names after 11:21:30 Check RTTs after 11:15:44 # 1 total, 0 working servers # continue not asking greylist server 31 seconds after 1 failures @,- Greylist 32768 secret1425104514y957 # *127.0.0.1,6276 localhost # not answering >> > Are you doing anything with "jails" or chroot in mail processing? >> >> No, I let the default settings. > > Do the default settings involve jails or chroot? > I cannot guess after some Google for Scientific Linux. > Are you using sendmail, postfix, or something else? I use postfix and it is not chrooted, but I don't' know about jails. The warning appears even when Spamassassin starts (I replace the real name of server with "-----"): Sep 23 11:34:10 ----- spamd[2719]: logger: removing stderr method Sep 23 11:34:14 ----- dccproc[2722]: open(/var/dcc/map): Permission denied Sep 23 11:34:16 ----- spamd[2721]: spamd: server started on port 783/tcp (running version 3.3.1) Sep 23 11:34:16 ----- spamd[2721]: spamd: server pid: 2721 Sep 23 11:34:16 ----- spamd[2721]: spamd: server successfully spawned child process, pid 2724 Sep 23 11:34:16 ----- spamd[2721]: spamd: server successfully spawned child process, pid 2726 >> > What happens with a manual invocation of dccproc like mine above? >> >> Nothing, the log directory under /var/dcc/ is also empty. > > What kind of nothing happens? When you feed `dccproc -C` a test > message like > asdf: asdf > > asdf > does dccproc emit the X-DCC header? Or do you see the complaint > about /var/dcc/map that SpamAssassin sees? I try this: # /usr/local/bin/dccproc -C asdf: asdf asdf ^C# the last line is a CTRL-C I pressed to exit from shell (how I can close the shell?). There is no output. >> Yes I think the same because on previous versions of Linux I used >> (Scientific Linux 5) and previous >> version of DCC everything was OK. The commands "./configure" and > > Could you re-install DCC to use the username/UID used by SpamAssassin? > That should make the setuid bit on /usr/local/bin/dccproc irrelevant. Yes, I tried it as a last change, but it still remains the problem. Thanks, Aldo Necci ----------------------------------------- This email was sent using SquirrelMail. https://webmail.dia.uniroma3.it Web Site: http://www.squirrelmail.org _______________________________________________ DCC mailing list [email protected] http://www.rhyolite.com/mailman/listinfo/dcc
