Re: [AMaViS-user] can we get sql scores to match for virtusers?
Jo, Our environment = * Sendmail + virtusertable for aliasing * Amavisd + amavisd-milter + sql lookup of reject scores/whitelists/etc As it turns out, if a message comes in for say [EMAIL PROTECTED] which is virtuser(ed) to [EMAIL PROTECTED] then it doesn't match in the SQL lookup and the default scores/rules/whitelists are used. So I'm guessing that sendmail gives this to amavisd before applying the virtusertable, yes? So is there no way for us to determine the final destination in amavisd? It all depends on your MTA and setup. Amavisd just uses mail addresses exactly as given to it by MTA, and has no way of doing otherwise. In a Postfix (or other dual-MTA) setups one has a choice to do virtual mapping by a MTA in front of amavisd, or in MTA after it. If you are using a milter setup I don't know if you have a choice. Mark - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Brand-new viruses, banned content and spamassassin
Henrik, Hi, 2.5.0-pre1 is running fine here. I've been looking this for an hour, but I can't figure it out. What exactly do I need to set to always make SPAM the deciding category over BANNED? It should be automatic. As long as recipient is a banned_lover (or banning checks are disabled entirely), i.e. when ban is not a blocking reason, then spam check results applies. See the original issue raised by Giampaolo Tomassoni that stirred this topic. I'm getting lots of postcard.exe's right now, and banned notifications are sent unnecessarily. They have enough points to discard as spam, which is what I would like to do. Hmm, don't know, just tried to send a banned+spam (low scoring spam) message to a banned_lover, and the DSN indicated it was blocked for being spam. If the recipient is not a spam lover, then the DSN rightfully reports the reject reason is a banned file, not spam. It looks like what you are looking for is for a CC_BANNED to have a lower priority than CC_SPAM. The ranking of contents categories is currently hard-wired and not configurable. It could be dangerous to place CC_BANNED below CC_SPAM, as this would trigger a spam response instead of a banned response (for a message that is both), and a spam response is normally less severe and less informative than banned (or a virus) response. Mark - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Brand-new viruses, banned content and spamassassin
for being spam. If the recipient is not a spam lover, then the DSN -banned rightfully reports the reject reason is a banned file, not spam. Mark - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] $final_bad_header_destiny = D_BOUNCE still delivered !?!
Hi, I have the following config (postfix + amavisd-new-2.4.4-2.fc6): $QUARANTINEDIR = $MYHOME/quarantine; $final_bad_header_destiny = D_BOUNCE; # $bad_header_quarantine_to # commented out thus using the default ('bad-header-quarantine') All other badh related amavisd parameters are pretty much default (not specified, thus using the values as specified in amavisd.conf-default). Now i got a bad header message but it's Passed (see below)??? How come? I would expect it to be Blocked? /var/log/maillog: Jan 31 17:25:49 pegasus amavis[31972]: (31972-11) Passed BAD-HEADER, [168.100.1.3] [65.83.58.34] [EMAIL PROTECTED] - [EMAIL PROTECTED], quarantine: badh-FphkxkIvoIqg, Message-ID: [EMAIL PROTECTED], mail_id: FphkxkIvoIqg, Hits: -5.599, queued_as: C696EF40FB, 7913 ms (b.t.w. own address replaced by *) After that the message is put in quarantine but it is also delivered to procmail and received by the recipient. I wouldn't expect this message to be delivered? Only when it would have been D_PASS. But it is D_BOUNCE. Any ideas? Thanks, -- jan - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Brand-new viruses, banned content and spamassassin
On Wed, Jan 31, 2007 at 10:38:35PM +0100, Mark Martinec wrote: It looks like what you are looking for is for a CC_BANNED to have a lower priority than CC_SPAM. The ranking of contents categories is currently hard-wired and not configurable. It could be dangerous to place CC_BANNED below CC_SPAM, as this would trigger a spam response instead of a banned response (for a message that is both), and a spam response is normally less severe and less informative than banned (or a virus) response. Ok, seems I understood it wrong then. :) It would be nice to have some option to control it. So if both CC_SPAM and CC_BANNED are hit, the one with D_DISCARD would be used. I guess covering all the possible situations could get complex, but I can't imagine this problem being very rare. Cheers, Henrik - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis and FuzzyOcr
Mark Martinec wrote: Jeff, Done, and this did produce more output. FuzzyOcr is being called by the vscan user, and produces exactly the same log output as other users, with no errors. Still no scores from it in the headers for the vscan user. Does that give a clue? 2.3b from ports. Well, I don't know. I've been using 2.3b in the past (now we are at 3.5.1) and it's been behaving the same: either invoked from a command line as user vscan, or from amavisd, adding its score contribution to the final SA score, and adding its test names that were triggered to the %T macro (if you have the following line (without an initial '#') in $log_templ: [? %#T ||, Tests: \[[%T|,]\]]# ) The list of tests is also in X-Spam-Status of a quarantined message. Btw, the beta versions of 3.5.0 had some issues with amavisd, but that did not produce the effect you describe. Perhaps you should carefully compare again both SA logs. Mark Everything is fine. This is an embarrassing case of RTFM. I'd installed Sare rules and FuzzyOcr around the same time. Not having seen many FuzzyOcr headers, I mistook the Sare Stock hits for Ocr. I do still have an issue here, which is that some Sare rules are not being used by the vscan user. I won't waste any else's time with it until I review the config and consult the docs more thoroughly. If I really can't fix it myself, I'll ask for help. You guys were very generous with your time. Thanks. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis and FuzzyOcr
Jeff wrote: Everything is fine. This is an embarrassing case of RTFM. I'd installed Sare rules and FuzzyOcr around the same time. Not having seen many FuzzyOcr headers, I mistook the Sare Stock hits for Ocr. I do still have an issue here, which is that some Sare rules are not being used by the vscan user. Maybe different user_prefs? Gary V - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/