Tom Hendrikx wrote:
> On 13-04-12 06:13, Frantisek Hanzlik wrote:
>> Paul Cockings wrote:
>>> On 27/03/2012 11:08, Frantisek Hanzlik wrote:
>>>> I'm trying test dspam (latest git version). What seem for me quite
>>>> unacceptable is displaying base64 (maybe quoted-printable too)
>>>> Sender and Subject items as-is, which make them human-unreadable.
> <snip>
>>>>
>>>> I'm thinking several months ago there in list was mentioned that
>>>> some patch solving this problem was accepted and included in, but
>>>> is it true?
>>>>
> <snip>
>>>
>>> Maybe you are thinking about the two fixes in GIT on 22/Feb/2012 ?
>
> this was another issue with webui, nothing related to this. Relevant
> commits are: defd76fa7f2e2548067fd7157e6ac2aee06520cd and
> 2169b243927712edbb22b51d7f61b97d79de9103 (2011-11-10 by Alex Prokofiev).
>
>>>
>>> You could take a look at the options in [web-ui-location]/configure.pl
>>> Here you will see some options:
>>>
>>> $CONFIG{'HISTORY_HTMLIZE'} = "no"; # Wether to HTML-ize sender and
>>> subject in history "yes" or "no"
>>> $CONFIG{'QUARANTINE_HTMLIZE'} = "no"; # Wether to HTML-ize sender and
>>> subject in quarantine "yes" or "no"
>>> $CONFIG{'MIME_DECODE'} = 0;
>>>
>>> Please alter these options 1 at a time and report back your success or
>>> failure
>>
>> Hello Paul,
>> thanks for Your reply and these recommendations. After some tries,
>> I'm still not lucky. Maybe I'm doin something wrong. My thinking is
>> as (e.g. when dspam.cgi process quarantine): When I in browser see
>> MIME encoded strings, then I must surely enable MIME_DECODE (i.e.
>> $CONFIG{'MIME_DECODE'} = 1;). Eventual usage of QUARANTINE_HTMLIZE
>> setting should be done only when resulting string will be contain
>> garbage at diacritics chracters, I'm right?
>>
>> Thus I set "$CONFIG{'MIME_DECODE'} = 1;"
>> (btw, i not understand, why isn't MIME decoding switched on as default,
>> or rather permanently? Probably everyone want readable output instead
>> human-unreadable strings. Or it is non-default option because on some
>> systems MIME::WordDecoder and Unicode::Map8 are not available?
>
> MIME_DECODE is only in git master, and is part of above (currently)
> non-portable bugfix. It will not be part of any release without more
> work to it. The releases only contain the *_HTMLIZE options.
>
> The fact that MIME_DECODE it is optional, is because it introduced a new
> dependency for webui. When its value will be proved, we might remove the
> config option (and make the dependency non-optional). Feel free to
> improve the code in order to make it ready for production use, note that
> the real problem is in DSPAM itself, not in the webui.
>
>>
>> I'm still doing some tries, but it seem as there is problem with processing
>> multi-line header items, both in dspam.cgi (as it display badly when
>> processing quarantine mboxes) and dspam (as it write incomplete "From:"
>> and "Subject:" (and maybe "To:" too) pieces of corresponding items.
>>
>> e.g.:
>>
>> a) when in mail header is:
>> ...
>> From: "=?iso-8859-1?B?RXVyb3BlIERlYnRjb2xsZWN0?=
>> =?iso-8859-1?B?aW9u?=" <a.przyw...@gce-mailer-8.com>
>> Subject: =?iso-8859-1?B?Q29sbGVjdCB5b3VyIHJlY2Vp?=
>> =?iso-8859-1?B?dmFibGVzIGluIEZyYW5jZSBhbmQgaW4gdGhlIHdvcmxk?=
>> Date: Wed, 11 Apr 2012 10:04:13 +0200
>> ...
>> then web page shows (i have custom date format) only:
>> 62% 11.04 11:12 "=?iso-8859-1?B?RXVyb3BlIERlYnRjb2xsZWN0?=
>> =?iso-8859-1?B?Q29sbGVjdCB5b3VyIHJlY2Vp?=
>>
>>
>> b) when in header are items:
>> From: =?windows-1250?Q?Nakladatelstv=ED?= FRAUS <ka...@fraus.cz>
>> Subject: =?windows-1250?Q?Pozv=E1nka?= na =?windows-1250?Q?Semin=E1=F8?= -
>> =?windows-1250?Q?=C8esk=FD?= jazyk pro =?windows-1250?Q?Z=8A nov=EC?=
>> ...
>> then in logs (both system and user) is only:
>> 1333375296 I Nakladatelství 4f79b140237537245819226 Pozvánka
>> Delivered ...
>> instead of right:
>> 1333375296 I Nakladatelství FRAUS <ka...@fraus.cz>
>> 4f79b140237537245819226 Pozvánka na Seminář Český jazyk pro ZŠ nově
>> Delivered ...
>>
>
> This looks like an issue with either header processing or writing
> message summary to the *.log files.
>
> How is a) different from b) here? You didn't show logfile contents for a).
Sorry, here is whole header for example a) (it is quite different
message from b) - which wasn't evaluated as spam):
From QUARANTINE Wed Apr 11 11:19:40 2012
Return-Path: <wew_475_38...@wew122.com>
Received: from mail122.wew122.com (mail122.wew122.com [109.239.116.44] (may be
forged))
by unitplus.cz (8.14.5/8.14.5) with ESMTP id q3B9JVcJ019006
for <onemi...@unitplus.cz>; Wed, 11 Apr 2012 11:19:39 +0200
Received: from TRT-77 (unknown [192.168.200.77])
by mail122.wew122.com (Postfix) with SMTP id D65FDB942F
for <onemi...@unitplus.cz>; Wed, 11 Apr 2012 10:08:51 +0200 (CEST)
From: "=?iso-8859-1?B?RXVyb3BlIERlYnRjb2xsZWN0?=
=?iso-8859-1?B?aW9u?=" <a.przyw...@gce-mailer-8.com>
To: "onemi...@unitplus.cz" <onemi...@unitplus.cz>
Reply-To: "a.przyw...@gce-mailer-8.com" <a.przyw...@gce-mailer-8.com>
Subject: =?iso-8859-1?B?Q29sbGVjdCB5b3VyIHJlY2Vp?=
=?iso-8859-1?B?dmFibGVzIGluIEZyYW5jZSBhbmQgaW4gdGhlIHdvcmxk?=
Date: Wed, 11 Apr 2012 10:06:58 +0200
Message-ID: <20120411-10065895-9a7a8798-0@TRT-77>
X-Priority: 3
Precedence: bulk
List-Abuse: <mailto:ab...@wew122.com>
List-Unsubscribe:
<http://stats.gce-mailer-8.com/unsubscribe.aspx?c=iZstxQvmKiEk3A2CbaRFeRIsZO8YXpf4p89WxNzngfQ%3d>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--=35a9944e_20d6_4919_beae_467a7e6093f0"
X-DSPAM-Result: Spam
X-DSPAM-Processed: Wed Apr 11 11:19:40 2012
X-DSPAM-Confidence: 0.6488
X-DSPAM-Probability: 1.0000
X-DSPAM-Signature: 4f854cac190171842820900
X-DSPAM-User: jsvabova
and things which seems weird for me (i use 'reformime' from maildrop
package for manual MIME decoding: reformime -h '=?iso-8859-1?B?aW9u?='):
- dspam maybe take into account only first header items lines, and not
continuation lines - as "system.log" for this message is:
1334135980 S "Europe Debtcollect 4f854cac190564597965134 Collect your
recei 0.026172 ingo Quarantined <20120411-10065895-9a7a8798-0@TRT-77>
and right should be (From:/Subject: with continuation lines):
1334135980 S "Europe Debtcollection" <a.przyw...@gce-mailer-8.com>
4f854cac190564597965134 Collect your receivables in France and in the world
0.026172 ingo Quarantined <20120411-10065895-9a7a8798-0@TRT-77>
- dspam seems always use "From:" address as sender address, even if in
message header is "Return-Path" item (rfc822).
In this example sender address isn't ever printed (because it is on
continuation line), but in other messages I see in dspam system/user logs
"From:" address, while sendmail logs display "Return-Path" address.
Maybe more correct would be in dspam logs display "Return-Path" address
with eventual preceding text from "From:" item?
- and finally dspam webui at "Quarantine" page display only data from first
line (for "From:" and "Subject:" items), when teher are continuation lines:
62% 11.04 11:12 "=?iso-8859-1?B?RXVyb3BlIERlYnRjb2xsZWN0?=
=?iso-8859-1?B?Q29sbGVjdCB5b3VyIHJlY2Vp?=
what when I translate is:
62% 11.04 11:12 "Europe Debtcollect Collect your recei
instead of (sender addr taken from "From:"):
62% 11.04 11:12 "Europe Debtcollection" <a.przyw...@gce-mailer-8.com>
Collect your receivables in France and in the world
or maybe better (sender addr taken from "Return-Path:"):
62% 11.04 11:12 "Europe Debtcollection" <wew_475_38...@wew122.com>
Collect your receivables in France and in the world
>> PS: When I can request for improvements: IMO in history and quarantine
>> pages, when logged user is manager of (shared,managed) group, would be
>> for easier human classification helpful display message recipients too.
>> Would be easily possible do it, please?
>>
>
> It might be, you probably know more Perl than I do. We would be glad to
> review/accept your patch :)
I'll go learn Perl :(
But header continuation line processing should be likely improved too, and
I know C similarly as this Perl (in our country is sentence "I gape at it
as bull-calf" :)
Franta
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Dspam-user mailing list
Dspam-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspam-user
