Re: [AMaViS-user] FuzzyOcr
Did you install netpbm ver. 10 at least? -Original Message- From: troxlinux [mailto:xserverli...@gmail.com] Sent: Wednesday, June 03, 2009 7:45 AM To: amavis-user@lists.sourceforge.net Subject: [AMaViS-user] FuzzyOcr Hi lists recently it installs from the svn of fuzzyocr.own-hero.net FuzzyOcr, but when the amavisd-new scan the mail and to launch the sa shows me an error: amavis[3915]: (03915-01) (!)SA error: FuzzyOcr: /usr/bin/pngtopnm: Returned [256], skipping any idea howto resolve this problem? regardss -- rickygm http://gnuforever.homelinux.com --- --- OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ -- OpenSolaris 2009.06 is a cutting edge operating system for enterprises looking to deploy the next generation of Solaris that includes the latest innovations from Sun and the OpenSource community. Download a copy and enjoy capabilities such as Networking, Storage and Virtualization. Go to: http://p.sf.net/sfu/opensolaris-get ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] upgrading from 2.5.2 to 2.6.1-r1?
Hello All, I want to upgrade my installation of amavisd-new 2.5.2 to 2.6.1-r1 and 2.6.2 is out now (google for message-id patch earlier) Biggest issues are going to be new data structures to support partitioning if you use SQL, and making sure DKIM perl module is up to date. Hi, No I don't have SQL. So other than that there should be no issues? Regards, Leon -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] upgrading from 2.5.2 to 2.6.1-r1?
Hello All, I want to upgrade my installation of amavisd-new 2.5.2 to 2.6.1-r1 and spamassassin-3.2.3 to 3.2.5 Should I do any changes to my config files? # ls /etc/amavisd.conf /etc/amavisd.conf # ls -l /etc/spamassassin/ total 112 drwxr-xr-x 2 root root 296 Oct 29 2007 FuzzyOcr -rw-r--r-- 1 root root 11545 Oct 29 2007 FuzzyOcr.cf -rw-r--r-- 1 root root 42033 Oct 29 2007 FuzzyOcr.pm -rw-r--r-- 1 root root 698 Oct 29 2007 FuzzyOcr.preps -rw-r--r-- 1 root root 1497 Oct 29 2007 FuzzyOcr.scansets -rw-r--r-- 1 root root 440 Oct 29 2007 FuzzyOcr.words -rw-r--r-- 1 root root 1651 Oct 30 03:00 amavis-sanesecurity_v2.cf -rw-r--r-- 1 root root 1301 Oct 31 2007 init.pre -rw-r--r-- 1 root root 7299 Nov 19 11:06 local.cf -rw-r--r-- 1 root root 7271 Oct 30 11:47 local.cf.30.10.2008.backup -rw-r--r-- 1 root root 1349 Oct 31 2007 local.cf.example drwx-- 2 root root 176 Nov 2 15:47 sa-update-keys -r 1 root root 664 Oct 23 2007 secrets.cf.example -rw-r--r-- 1 root root 2607 Feb 10 2008 v310.pre -rw-r--r-- 1 root root 1195 Oct 23 2007 v312.pre -rw-r--r-- 1 root root 2416 Oct 31 2007 v320.pre Here are the packages for update: # emerge -pv amavisd-new Calculating dependencies... done! [ebuild U ] perl-core/Compress-Raw-Zlib-2.015 [2.005] USE=-test% 205 kB [ebuild U ] perl-core/IO-Compress-Base-2.015 [2.005] USE=-test% 94 kB [ebuild U ] perl-core/Time-HiRes-1.97.15 [1.97.07] 85 kB [ebuild N] virtual/perl-IO-Compress-Base-2.015 0 kB [ebuild N] virtual/perl-Compress-Raw-Zlib-2.015 0 kB [ebuild U ] virtual/perl-Time-HiRes-1.97.15 [1.97.07] 0 kB [ebuild U ] perl-core/IO-Compress-Zlib-2.015 [2.005] USE=-test% 139 kB [ebuild N] virtual/perl-IO-Compress-Zlib-2.015 0 kB [ebuild U ] perl-core/Compress-Zlib-2.015 [2.005] USE=-test% 64 kB [ebuild N] virtual/perl-Compress-Zlib-2.015 0 kB [ebuild U ] mail-filter/amavisd-new-2.6.1-r1 [2.5.2] USE=mysql -courier -dkim% -ldap -milter -postgres -qmail -razor% -spamassassin% 891 kB Total: 11 packages (7 upgrades, 4 new), Size of downloads: 1,475 kB mail portage # emerge -pv spamassassin These are the packages that would be merged, in order: Calculating dependencies... done! [ebuild U ] perl-core/Compress-Raw-Zlib-2.015 [2.005] USE=-test% 205 kB [ebuild U ] perl-core/IO-Compress-Base-2.015 [2.005] USE=-test% 94 kB [ebuild U ] perl-core/Time-HiRes-1.97.15 [1.97.07] 85 kB [ebuild U ] perl-core/Storable-2.18 [2.16] 174 kB [ebuild N] perl-core/Package-Constants-0.01 3 kB [ebuild N] virtual/perl-IO-Compress-Base-2.015 0 kB [ebuild N] virtual/perl-Compress-Raw-Zlib-2.015 0 kB [ebuild U ] virtual/perl-Storable-2.18 [2.16] 0 kB [ebuild U ] virtual/perl-Time-HiRes-1.97.15 [1.97.07] 0 kB [ebuild U ] perl-core/IO-Compress-Zlib-2.015 [2.005] USE=-test% 139 kB [ebuild N] virtual/perl-IO-Compress-Zlib-2.015 0 kB [ebuild U ] perl-core/Compress-Zlib-2.015 [2.005] USE=-test% 64 kB [ebuild N] virtual/perl-Compress-Zlib-2.015 0 kB [ebuild U ] perl-core/IO-Zlib-1.09 [1.05] 10 kB [ebuild N] virtual/perl-IO-Zlib-1.09 0 kB [ebuild U ] perl-core/Archive-Tar-1.40 [1.32] USE=-bzip2% 48 kB [ebuild N] virtual/perl-Archive-Tar-1.40 0 kB [ebuild U ] mail-filter/spamassassin-3.2.5 [3.2.3] USE=berkdb ipv6 mysql ssl -doc -ldap -postgres -qmail -sqlite -tools 989 kB Total: 18 packages (11 upgrades, 7 new), Size of downloads: 1,806 kB Best Regards, Leon -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis bottleneck?
: Increasing the number of $max_servers should increase throughput as long as : enough memory is. Since you already set $max_servers = 25 I think you're : system is permanently in a state of swapping. You should check memory : allocation and the average time amavis needs to check a mail. : : Greetings Bernd : HI Bernd I can confirm the swap space wasn't continuously used during this busy period. I was monitoring all server aspect at the time and swap was relatively unused during this period. how can I build a amavis processing stat? i.e. the time it takes to scan a message? the log file isn't very friendly. I have seen amavis-stats which use rrdtool. Thanks Try using logwatch to analyze your bottleneck. Leon - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis-stats and php5
Thx for your answer, yes you're right i'm using rrdtool 1.2xx. Can I apply some patch for this rrdtool versio. I'm afraid that I won't find older rrdtool package Br pet Hi, I'd recommend to use mailgraph, instead of amavis-stats. Mailgraph support is mush better (it has a mailing list) and amavis-stats has some issues that may require some code hacking (and almost no support). Regards, Leon Kolchinsky - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis-stats and php5
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 06, 2008 12:28 PM To: Leon Kolchinsky Cc: 'Jevos, Peter'; AMaViS-user@lists.sourceforge.net Subject: Re: [AMaViS-user] Amavis-stats and php5 Have you got a page I could look at the output of mailgraph I used it before, but was not happy with the output, but maybe I didn'tget it right? Thanks, .peter I've sent you the link to huetmann at violine.at Regards, Leon Kolchinsky - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Release candidate amavisd-new-2.5.3-rc1
Right, May be for now it is a good idea for amavis-logwatch to ignore these. Leon I've updated amavis-logwatch to version 1.48.26, which resolves this issue, and includes a number of additional changes and fixes. See the Changes file. http://www.mikecappella.com/logwatch MrC Thanks Mike, I've installed and checked the new version. It's working fine (ignoring those additional modules /unicore/lib/ lines). Thanks, Leon Kolchinsky - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Release candidate amavisd-new-2.5.3-rc1
There were some recent reports that a mail message with large and mangled header could cause perl regular expressions used in parsing a header to exceed available memory due to deep recursion, and cause amavisd process to crash, letting such messages to stay stuck in a MTA queue, reporting unsightly 'process went away' by amavisd-nanny, and leaving behind temporary directories. It is not a security threat, but is annoying nevertheless, so I decided to release a last maintenance release of 2.5, collecting all bug fixes that have accumulated by now, and leave all new features to 2.6 (to be pre-released soon). amavisd-new-2.5.3-rc1 release candidate is available at: http://www.ijs.si/software/amavisd/amavisd-new-2.5.3-rc1.tar.gz Please try it out - I plan to release it in two or three days. There are no compatibility issues with 2.5.2. Does this release solve the issue I have (As seen in my logwatch summary)?: 150 Extra code modules loaded at runtime 50 unicore/lib/gc_sc/Digit.pl 50 unicore/lib/gc_sc/SpacePer.pl 50 unicore/lib/gc_sc/Word.pl Eventhough I have this in my amavisd.conf: @additional_perl_modules = qw( /etc/mail/spamassassin/FuzzyOcr.pm Mail::SpamAssassin::CompiledRegexps::body_0 MLDBM String::Approx Time::HiRes /usr/lib/perl5/5.8.8/unicore/lib/gc_sc/Digit.pl /usr/lib/perl5/5.8.8/unicore/lib/gc_sc/SpacePer.pl /usr/lib/perl5/5.8.8/unicore/lib/gc_sc/Word.pl ); Regards, Leon Kolchinsky - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Release candidate amavisd-new-2.5.3-rc1
Leon, Does this release solve the issue I have (As seen in my logwatch summary)?: 150 Extra code modules loaded at runtime 50 unicore/lib/gc_sc/Digit.pl 50 unicore/lib/gc_sc/SpacePer.pl 50 unicore/lib/gc_sc/Word.pl Eventhough I have this in my amavisd.conf: @additional_perl_modules = qw( /etc/mail/spamassassin/FuzzyOcr.pm Mail::SpamAssassin::CompiledRegexps::body_0 MLDBM String::Approx Time::HiRes /usr/lib/perl5/5.8.8/unicore/lib/gc_sc/Digit.pl /usr/lib/perl5/5.8.8/unicore/lib/gc_sc/SpacePer.pl /usr/lib/perl5/5.8.8/unicore/lib/gc_sc/Word.pl ); No, it doesn't get away with these particular reports for .pl files under unicore/lib. It is not a bug and there is nothing I can do (except to suppress logging it). Files under perl.../unicore/lib are not true perl modules, and can not be loaded once and for all, perl wants to be able to read them as needed. This is also a reason why these files need to be copied to chroot subtree if amavisd is running chrooted. It's a bit unsightly, but that is how Perl people concieved unicode support. Mark Thanks for the info Mark :) Regards, Leon - SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Warning: /usr/bin/unrar reason: Error reading:Bad file descriptor
Hi, Even after upgrade to unrar-3.7.8 I got the same error :( If you want, try http://www.rarlabs.com/rar/rarlinux-3.7.1.tar.gz. This package has unrar ( just binary) command. It works with av-. Here, I am using it, because ( as I said ) even with last source code available from rarlabs, the version is still beta. I just replaced my unrar with this one ( I didn't install nothing from that package, except unrar binary ). I hope it helps. Regards, Cássio Thanks Cássio, Your solution is working. I've also replaced my unrar and it just worked. Best Regards, Leon Kolchinsky - SF.Net email is sponsored by: The Future of Linux Business White Paper from Novell. From the desktop to the data center, Linux is going mainstream. Let it simplify your IT future. http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Warning: /usr/bin/unrar reason: Error reading:Bad file descriptor
After I've moved my mailserver to Gentoo I've started to get these kinds of warnings at the log: Dec 2 13:05:50 mail amavis[28455]: (28455-20) (!)killing process [29120] running /usr/bin/unrar (reason: Error reading: Bad file descriptor at (eval 72) line 810, GEN172 line 2.) Dec 2 13:21:25 mail amavis[29368]: (29368-14) (!)killing process [29776] running /usr/bin/unrar (reason: Error reading: Bad file descriptor at (eval 72) line 810, GEN122 line 2.) Dec 2 13:21:25 mail amavis[29368]: (29368-14) (!)do_unrar: Error reading: Bad file descriptor at (eval 72) line 810, GEN122 line 2. Dec 2 05:28:22 mail amavis[13909]: (13909-11) (!)killing process [14759] running /usr/bin/unrar (reason: Error reading: Bad file descriptor at (eval 72) line 810, GEN91 line 2.) Does the above occur on every email containing a rar archive? Are you able to unrar something at the shell, outside of amavisd? Yes this is happening with every e-mail containing .rar archive: Dec 3 16:35:06 mail amavis[14072]: (14072-09) (!)killing process [14397] running /usr/bin/unrar (reason: Error reading: Bad file descriptor at (eval 72) line 810, GEN80 line 2.) Dec 3 16:35:06 mail amavis[14072]: (14072-09) (!)do_unrar: Error reading: Bad file descriptor at (eval 72) line 810, GEN80 line 2. On the command line I can unpack the archive with -e flag but not with av- flag (unrar just won't recognize this option) - thanks for Cassio's notes :) The versions I have: amavisd-new-2.5.2 unrar-3.7.6 Dec 3 16:37:20 mail amavis[14072]: (14072-10) p003 1/2 Content-Type: application/octet-stream, size: 29415 B, name: arch.rar Dec 3 16:37:20 mail amavis[14072]: (14072-10) (!)killing process [15147] running /usr/bin/unrar (reason: Error reading: Bad file descriptor at (eval 72) line 810, GEN88 line 2.) Dec 3 16:37:20 mail amavis[14072]: (14072-10) (!)do_unrar: Error reading: Bad file descriptor at (eval 72) line 810, GEN88 line 2. Even after upgrade to unrar-3.7.8 I got the same error :( Best Regards, Leon Kolchinsky - SF.Net email is sponsored by: The Future of Linux Business White Paper from Novell. From the desktop to the data center, Linux is going mainstream. Let it simplify your IT future. http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Warning: /usr/bin/unrar reason: Error reading: Bad file descriptor
Hello All, After I've moved my mailserver to Gentoo I've started to get these kinds of warnings at the log: Dec 2 13:05:50 mail amavis[28455]: (28455-20) (!)killing process [29120] running /usr/bin/unrar (reason: Error reading: Bad file descriptor at (eval 72) line 810, GEN172 line 2.) Dec 2 13:21:25 mail amavis[29368]: (29368-14) (!)killing process [29776] running /usr/bin/unrar (reason: Error reading: Bad file descriptor at (eval 72) line 810, GEN122 line 2.) Dec 2 13:21:25 mail amavis[29368]: (29368-14) (!)do_unrar: Error reading: Bad file descriptor at (eval 72) line 810, GEN122 line 2. Dec 2 05:28:22 mail amavis[13909]: (13909-11) (!)killing process [14759] running /usr/bin/unrar (reason: Error reading: Bad file descriptor at (eval 72) line 810, GEN91 line 2.) These are the versions of SA and amavisd-new installed: [mail-filter/spamassassin-3.2.3 USE=berkdb ipv6 mysql ssl -doc -ldap -postgres -qmail -sqlite -tools 0 kB mail-filter/amavisd-new-2.5.2 USE=mysql -courier -ldap -milter -postgres -qmail 0 kB # /usr/bin/unrar -V UNRAR 3.70 freeware Copyright (c) 1993-2007 Alexander Roshal Usage: unrar command -switch 1 -switch N archive files... @listfiles... path_to_extract\ What could be the problem? Should I fix it and how? Best Regards, Leon Kolchinsky - SF.Net email is sponsored by: The Future of Linux Business White Paper from Novell. From the desktop to the data center, Linux is going mainstream. Let it simplify your IT future. http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] preserved tempdirs
Hi!
Yesterday I ran into a problem that might also bring other amavis users
into trouble:
Mailbombs containing special attachments caused clamav to get into
trouble. It became very slow on scanning those attachments, so amavisd
killed it after it reached the timeout. In my case (pre-queue-setup), it
caused the mail to be rejected with a 451 temporary error. The bad thing
is that amavisd didn't remove the temporary directory (PRESERVING
EVIDENCE ...), in some cases containing more than 100 MB of unpacked
files. Since it was a temporary error, the relaying mail-server retried
delivery after some delay, so the same procedure looped until the
filesystem containing the temporary files was full. After this point,
mail delivery was completely disabled.
I know that my pre-filter-setup isn't recommended for production use,
but I believe that this kind of loop (processing fails, directory is
kept and the mail is requeued) could potentially also happen in a common
post-queue scenario.
Maybe the decision what to do with a temporary directory after
processing the mail had failed should be configurable in order to
prevent possible DOS-attacks? Possible actions could be:
- keep directories only until a certain amount of disk space is filled
- move those temporary directories into another place
- generally do not preserve evidences
Cheers,
Hi,
You may try this as a cronjob:
* */2 * * * /bin/bash -c (find /var/spool/amavis -type d -name 'amavis-*'
-prune -mmin +120 -exec rm -rf {} \;)
Regards,
Leon Kolchinsky
-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis timings on a new server
When I send some test mails I can see that most of processing time is
spent
on:
SMTP DATA: 37 (34%)38
fwd-connect: 17 (15%)77
Is there a way to improve these timings or is it OK?
The figures are pretty much normal, as Gary and Mike noted.
The SMTP DATA transfer needs to deal with input, one line at a time
unfortunately, because SMTP protocol requires dot-destuffing, and
timer is supposed to be reset for each line (as decent MTA does it).
You could shave off a millisecond or two by the following change
(which is in my current code, to be in the next version):
--- amavisd.orig 2007-06-27 12:43:00.0 +0200
+++ amavisd 2007-11-04 23:39:30.0 +0100
@@ -13940,8 +13940,8 @@
for ($! = 0; defined($ln=$sock); $! = 0) { # optimized for
speed
alarm($smtpd_timeout); # as fast as: last if time$tmax;
- if ($ln =~ /^\./) {
+ if (substr($ln,0,1) eq '.') { # faster than $ln=~/^\./
if ($ln eq .\015\012)
{ $complete = 1; $within_data_transfer = 0; last }
-$ln =~ s/^\.(.+\015\012)\z/$1/s; # dot de-stuffing,
rfc2821
+substr($ln,0,1) = ''; # dot de-stuffing, rfc2821
}
$size += length($ln); # message size is defined in rfc1870
Also, you can relatively safely comment out the: alarm($smtpd_timeout);
which is mostly useful when a feed is slow, which does not happen in a
normal post-queue setup with Postfix. This will cut a few milliseconds
more of a SMTP DATA section. And make sure the size limit in amavisd is
not enabled ($smtpd_message_size_limit and @message_size_limit_maps,
both are disabled by default).
The fwd-connect section is governed almost entirely by a Postfix time to
respond
to a new SMTP session on port 10025. Things like
smtpd_client_restrictions,
and DNS resolving of a loopback interface address may have some effect
there.
But it is mostly an idle latency, CPU can be used meanwhile for some other
task.
Mark
Thanks guys for your responses,
The test messages I've sent consists of only one line test message.
I understand that the numbers I'm getting are pretty normal, but I've read
on the list one of Marks' responses and he says that most of check
*_restrictions should be disabled on smtpd at port 10025
(http://www.webservertalk.com/archive390-2006-2-1396006.html).
This is what I have in master.cf:
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks
Should I disable the following restrictions, i.e. delete these lines to
improve fwd-connect timings? Is it safe to disable those?
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
Best Regards,
Leon Kolchinsky
-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now http://get.splunk.com/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Amavis timings on a new server
,reject_rbl_client list.dsbl.org,check_client_access hash:/etc/postfix/client_checks,check_sender_access regexp:/etc/postfix/filter-catchall.regexp,permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_client_access hash:/etc/postfix/reset_content_filterhash:/etc/postfix/access smtpd_tls_CAfile = /etc/ssl/certs/cert.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/cert.pem smtpd_tls_key_file = /etc/ssl/certs/cert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes strict_rfc821_envelopes = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual, mysql:/etc/postfix/mysql-virtual.cf Best Regards, Leon Kolchinsky - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavis upgrade
Guess I've got an old version of amavis, (v2.2.12) that installed from a SLES 10 sp1 cd. I've downloaded amavisd-new-2.5.2. Are there specific instructions on upgrading for SLES 10? My paths are /var/spool/amavis and not /var/amavis. Will this mess things up? thx, -Jim McIver Here are some notes from Gary V.: a) In local.cf if you have explicitly configured trusted_networks and/or internal_networks you will need to remove the loopback interface as 127/8 is now enabled by default. If you run sa-compile and enable the Rule2XSBody plugin and you are using @additional_perl_modules, in amavisd.conf you may desire adding something like: my($sa_instdir) = '/var/lib/spamassassin/compiled/3.002002'; unshift(@INC, $sa_instdir, $sa_instdir.'/auto'); In order for the body_0.pm module to get pre-loaded. @additional_perl_modules = qw( /etc/spamassassin/Botnet.pm Mail::SpamAssassin::CompiledRegexps::body_0.pm ); At least this works for 3.2.1. I found that there is a body_500.pm module that seems to come and go (I have not spent any time looking into why). I found that if you were to add body_500.pm to @additional_perl_modules and then it goes away, amavisd-new will die. ... (!)_DIE: Can't locate Mail/SpamAssassin/CompiledRegexps/body_500.pm in @INC ... So, don't add it. b) If using SLES install from Anders builds: ftp://ftp.norrbring.com/pub/linux/inst-source Regards, Leon Kolchinsky - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Steps to install SaneSecurity and MSRBLsignaturesinClamAV
In local.cf if you have explicitly configured trusted_networks and/or internal_networks you will need to remove the loopback interface as 127/8 is now enabled by default. If you run sa-compile and enable the Rule2XSBody plugin and you are using @additional_perl_modules, in amavisd.conf you may desire adding something like: my($sa_instdir) = '/var/lib/spamassassin/compiled/3.002002'; unshift(@INC, $sa_instdir, $sa_instdir.'/auto'); In order for the body_0.pm module to get pre-loaded. @additional_perl_modules = qw( /etc/spamassassin/Botnet.pm Mail::SpamAssassin::CompiledRegexps::body_0.pm ); At least this works for 3.2.1. I found that there is a body_500.pm module that seems to come and go (I have not spent any time looking into why). I found that if you were to add body_500.pm to @additional_perl_modules and then it goes away, amavisd-new will die. ... (!)_DIE: Can't locate Mail/SpamAssassin/CompiledRegexps/body_500.pm in @INC ... So, don't add it. -- Gary V Thanks Gary, I'll use your tips during next week upgrade :) Best Regards, Leon Kolchinsky - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Steps to install SaneSecurity and MSRBL signatures in ClamAV
Hello All,
I've installed on my mail server SaneSecurity and MSRBL signatures and made
a little reference for my own use during this installation.
Please comment or suggest fixes of the following:
-
Steps to install SaneSecurity and MSRBL signatures in ClamAV on SLES9:
1) cd /data/cronjobs/sanesecurity
wget http://www200.pair.com/mecham/spam/UpdateSaneSecurity.sh.txt
mv UpdateSaneSecurity.sh.txt UpdateSaneSecurity.sh
chmod u+x UpdateSaneSecurity.sh
2) Now change the following values in the script:
a) PATH=/usr/sbin:/bin:/usr/bin:/usr/local/bin
b) CLAM_USER=vscan
c) CLAM_GROUP=vscan
d) Remove -h option from rsync lines (won't work on SuSE with -h)
3) Make sure SelfCheck is enabled in clamd.conf and NotifyClamd enabled
in freshclam.conf so there is no need to reload clamav database via script.
4)
./UpdateSaneSecurity.sh
[code]
# ls -l /var/lib/clamav
total 4837
drwxr-xr-x 4 vscan vscan 544 Aug 7 09:57 .
drwxr-xr-x 37 root root 1000 Aug 7 04:18 ..
-rw-r--r-- 1 vscan vscan 146779 Aug 7 09:25 MSRBL-Images.hdb
-rw-r--r-- 1 vscan vscan 146779 Aug 7 09:47 MSRBL-Images.hdb-bak
-rw-r--r-- 1 vscan vscan 229231 Jul 31 12:15 MSRBL-SPAM.ndb
-rw-r--r-- 1 vscan vscan 229231 Aug 7 09:47 MSRBL-SPAM.ndb-bak
-rw-r--r-- 1 vscan vscan 1523952 Oct 24 2006 clamav-1e59655201a82c81
-rw-r--r-- 1 vscan vscan 601680 Oct 24 2006 clamav-921896b001a72674
srwxrwxrwx 1 vscan vscan 0 Aug 7 09:02 clamd-socket
-rw-rw 1 vscan vscan 4 Aug 7 09:02 clamd.pid
drwxr-xr-x 2 vscan vscan 376 Aug 7 09:57 daily.inc
-rw-rw 1 vscan vscan 5 Jul 25 14:57 freshclam.pid
drwxr-xr-x 2 vscan vscan 248 Aug 7 09:57 main.inc
-rw-r--r-- 1 vscan vscan 1112788 Aug 7 09:47 phish.ndb
-rw-r--r-- 1 vscan vscan 186565 Aug 6 13:56 phish.ndb.gz
-rw-r--r-- 1 vscan vscan 624830 Aug 7 09:47 scam.ndb
-rw-r--r-- 1 vscan vscan 125016 Aug 6 13:57 scam.ndb.gz
[/code]
5)
Now we add a crontab entry with download attempts performed every 4th hour:
crontab -e
Insert this entry. Replace MM (minutes) below with a number between 1 and
59:
MM */4 * * * /data/cronjobs/sanesecurity/UpdateSaneSecurity.sh
Save and exit the file. The above cron job should run every four hours. Logs
of the last download are located in /var/tmp/clamdb/
6) Add rules to a SpamAssassin config file (e.g. local.cf), as suggested in
release notes:
header L_AV_Phish X-Amavis-AV-Status =~ m{\b(Email|HTML)\.Phishing\.}i
header L_AV_SS_Phish X-Amavis-AV-Status =~
m{\b(Email|Html)\.Phishing(\.[^., ]*)*\.Sanesecurity\.}
header L_AV_SS_ScamX-Amavis-AV-Status =~
m{\b(Email|Html)\.(Scam[A-Za-z0-9]?)(\.[^., ]*)*\.Sanesecurity\.}
header L_AV_SS_SpamX-Amavis-AV-Status =~
m{\b(Email|Html)\.(Spam|Bou|Stk|Loan|Cred|Job|Dipl|Doc)(\.[^.,
]*)*\.Sanesecurity\.}
header L_AV_SS_Hdr X-Amavis-AV-Status =~ m{\b(Email|Html)\.Hdr(\.[^.,
]*)*\.Sanesecurity\.}
header L_AV_SS_Img X-Amavis-AV-Status =~
m{\b(Email|Html)\.(Img|ImgO)(\.[^., ]*)*\.Sanesecurity\.}
header L_AV_MSRBL_Img X-Amavis-AV-Status =~ m{\bMSRBL-Images/}
header L_AV_MSRBL_Spam X-Amavis-AV-Status =~ m{\bMSRBL-SPAM\.}
score L_AV_Phish 14
score L_AV_SS_Phish -3
score L_AV_SS_Scam8
score L_AV_SS_Spam8
score L_AV_SS_Hdr 6
score L_AV_SS_Img 3.5
score L_AV_MSRBL_Img 3.5
score L_AV_MSRBL_Spam 6
7) /etc/init.d/amavis restart
References:
---
http://www200.pair.com/mecham/spam/spamfilter20061118.html
http://www.ijs.si/software/amavisd/release-notes.txt
http://www.sanesecurity.co.uk/clamav/usage.htm
http://www.msrbl.com/site/msrblspamdownload
-
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now http://get.splunk.com/
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Steps to install SaneSecurity and MSRBL signatures inClamAV
Hello All, I've installed on my mail server SaneSecurity and MSRBL signatures and made a little reference for my own use during this installation. Following my own post: I've sent phish_sigtest and scam_sigtest files as an attachements to one of my mail accounts. These mails detected as viruses by ClamAV and deleted. --- A virus was found: Html.Scam.Sanesecurity.TestSig Scanner detecting a virus: ClamAV-clamd Content type: Virus (9,0) Internal reference code for the message is 04713-02/HwH63NkMMF7Z A virus was found: Html.Phishing.Sanesecurity.TestSig Scanner detecting a virus: ClamAV-clamd Content type: Virus (9,0) Internal reference code for the message is 04713-01/byVzwqgorlFV So what is wrong in my configuration? Isn't ClamAV supposed to make the message get thru to SA which in turn should be aware of Sanesecurity scores made by ClamAV? Best Regards, Leon Kolchinsky - This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now http://get.splunk.com/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Announce: Amavis log reporter updated v1.48.8
Hello Amavis users, I've made enough changes in the Amavis log reporting utility to probably warrant this more general list announcement. The updates since my May 6th announcement are: New Features: - Ability to limit each detailed section's level 1 output (i.e. Top N). Variables that control depth levels in detailed reports may now be specified as m.n, where m is the maximum level to output, and n specifies the number of level 1 items output. For example, the setting: $amavis_SpamBlocked = 2.10 will output the top 10 level 1 items, with each of those items providing 2 sub-levels of detail. - Show SA test scores in spam/ham reports - Add additional ccats MTA-BLOCKED, OVERSIZED, OTHER - Added content-type section (log_level = 2) - Added SpamAssassin bypassed count summary ($sa_mail_body_size_limit) - Rework white/blacklisted section; sender is now tracked. Thanks Mike, I'll try it next week :) Regards, Leon - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] How to print running configuration?
Ok you are suggesting to grep the source, but I was looking for a cleaner solution only for variables and their values at run-time. My problem is that I'm not really sure that a variable has the value I imagine and I'd like to check at runtime. For example with your method I dont' know the value of $warnvirussender, and the output is very dirty and not at runtime. I was looking for a command that dumps variables at runtime or a switch for the daemon to get the dump in logs or on the console. I checked the debug switch but It doesn't do what I'm looking for. Other hints? Bye and Thanks Nope, only this: grep -vE ^$|^# /etc/amavisd.conf Regards, Leon Kolchinsky - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] AMaViS Security Announcement ASA-2007-1:exploitablesecurity vulnerability in file(1) utility
- Original Message - From: Anders Norrbring [EMAIL PROTECTED] To: amavis-user@lists.sourceforge.net Sent: Tuesday, March 27, 2007 7:12 PM Subject: Re: [AMaViS-user] AMaViS Security Announcement ASA-2007-1:exploitablesecurity vulnerability in file(1) utility MrC skrev: Leon, Is there any file 4.20 or newer src.rpm for SuSE? I've tried to google but didn't find any :( ftp://ftp.astron.com/pub/file/ ./configure; make; make install Mark For SUSE, ./configure --prefix=/usr, then make and make install Anders. Thanks guys :) There is a src.rpm since 27.03.07: http://software.opensuse.org/download/Base:/install/standard/src/file-4.20-4.4.src.rpm Regards, Leon - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] AMaViS Security Announcement ASA-2007-1: exploitablesecurity vulnerability in file(1) utility
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 == = AMaViS Security Announcement Date: 2007-03-23 affected version(s):amavis, amavisd, amavisd-new, amavis-ng Vulnerability:file utility Priority: urgent Solution: update to file 4.20 or later References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007- 1532 Author: Mark Martinec [EMAIL PROTECTED] Rainer Link [EMAIL PROTECTED] Advisory ID:ASA-2007-1 Contact:[EMAIL PROTECTED] WWW: http://www.amavis.org/security/ - - 0. Preface As amavisd-new (http://www.ijs.si/software/amavisd/) is currently the only maintained AMaViS branch, most of the following refers to amavisd-new. 1. Problem description A security issue (integer underflow) in the GNU file(1) utility can lead to a heap overflow. 2. Impact Gain shell access to a remote system running a content filter which uses GNU file below 4.20. It is important to say that the executable code runs under privileges of the process running amavisd (usually vscan or amavis), which is not root. If amavisd is running chrooted, the impact is limited by the chroot jail environment. 3. Solution Update to GNU file 4.20 or newer, the latest version can be found at ftp://ftp.astron.com/pub/file/ Or update your system using an up to date package or port. 4. Acknowledgement Credits to Kees Cook of the Ubuntu team for providing us with up-to-date references and details. 5. References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 http://mx.gw.com/pipermail/file/2007/000161.html http://www.ijs.si/software/amavisd/#sec http://www.amavis.org/security/ 6. Revision history 2007-03-23: initial release Is there any file 4.20 or newer src.rpm for SuSE? I've tried to google but didn't find any :( Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] My SUSE builds are updated
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Anders Norrbring Sent: Tuesday, March 20, 2007 8:33 PM To: amavis-user@lists.sourceforge.net Subject: [AMaViS-user] My SUSE builds are updated Now my Amavis-new builds for SUSE are updated to amavis-new v2.4.5 ftp://ftp.norrbring.com/pub/linux/inst-source -- Thank you Anders :) Leon. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Deliver quarantined message
Hello, I have a relay SMTP server system Amavisd-new+Postfix+MySQL-based. I have configured spamassassin to quarantine spam message. Now I would like to know a simple way to release a quarantined message after, for example, I have verified that the message is a false positive.. Could someone explain how it is possible to setup amavis so I can do this? TIA, rocsca Hi, You could use my script for resending ham and optionally whitelisting (whitelist_from_rcvd in local.cf) the senders of these ham messages. I suggest you run it in one of the following modes (from the directory antispam.php file is in or using full path to the script): Actually I'm using only 3-rd option, the first two used in the test period. 1) php antispam.php /var/spool/imap/user/spamcop/ham /etc/mail/spamassassin/local.cf /home/someuser/spam_scripts/resending/forbid.txt 2) php antispam.php /var/spool/imap/user/spamcop/ham /etc/mail/spamassassin/local.cf 3) php antispam.php /var/spool/imap/user/spamcop/ham Explanations (more explanations are in the script itself): a) local.cf - at the end of all configurations you should have: WHITELIST whitelist_from_rcvd name1ogroups.com yahoo.com whitelist_from_rcvd name2ogroups.com yahoo.com whitelist_from_rcvd name3ogroups.com yahoo.com Never add anything below. b) forbid.txt - file with the list of e-mails I won't add to whitelist_from_rcvd directive in any way even if it is the sender of the ham message c) /var/spool/imap/user/spamcop/ham - this is where you should have your quarantined FP ham. The script itself is attached. Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Nonexistent recipient domains - custom reply?
Hi, We have an old domain that we want to send an auto-reply stating the new domain when we get emails. Can this be done? Thanks in advance for any help! If you're using Cyrus, you can just use sieve script for every user you have to create an autoreply and forward e-mail to the new domain. Donno how to do it with amavis. Scott Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] No space left on device
-Original Message-
From: [EMAIL PROTECTED] [mailto:amavis-user-
[EMAIL PROTECTED] On Behalf Of Clifton Royston
Sent: Monday, February 12, 2007 10:03 PM
To: Bryan K. Walton
Cc: amavis-user@lists.sourceforge.net
Subject: Re: [AMaViS-user] No space left on device
On Mon, Feb 12, 2007 at 11:01:26AM -0600, Bryan K. Walton wrote:
On Mon, Feb 12, 2007 at 10:49:26AM -0600, Noel Jones wrote:
-- begin snip --
Feb 9 20:31:59 gw1.machlink.com amavis[11299]: (11299-03) (!!)
TROUBLE in check_mail: mime_decode-1 FAILED: MIME::Parser: can't
close: No space left on device at /usr/share/perl5/MIME/Parser.pm
line
834.
-- end snip --
To get back going, you will need to stop amavisd-new and clean out
the tmpfs. You can save those files elsewhere for later analysis, or
Yes, I did this Saturday morning. Clearing out all of the tmpfs files
in /var/amavis/tmp got Amavisd-New working again.
Is the snip above the earliest TROUBLE message amavisd-new logs? If
so, move that particular mail message out of the way (postsuper -h
QUEUEID) and see if mail then processes normally. Then you can
analyze that message to see why amavisd-new choked on it. Maybe it
has a big archive that filled up the tmpfs.
Unfortunately, I simply deleted everything in /var/amavis/tmp rather
than move it out of the way. The log snippet above wasn't the first
trouble message, but it appears to be the second. What is peculiar is
that /var/amavis/tmp usually only has 7 tmp files in it (one for each
running amavis server). However, on Saturday morning, there were
THOUSANDS. Therefore I'm inclined to believe that the problem wasn't
simply one message.
It can happen with the same message being retried until it completely
fills up the system. It can also happen that there's a highly
compressed message (zip bomb) which fills up the tmpfs, and then
everything else fails to uncompress.
Unfortunately if the initial problematic message is no longer
available, it's hard to narrow it down.
-- Clifton
I'm using the following cronjob to ensure I won't have this kind of
situation:
*/40 * * * * /bin/bash -c (find /var/spool/amavis -type d -name 'amavis-*'
-prune -mmin +30 -exec rm -rf {} \;)
Regards,
Leon Kolchinsky
--
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] loading additional perl module
Hello All, Could someone tell me if Adding the following line to v310.pre file, so that the plugin gets loaded at startup: loadplugin FuzzyOcr /etc/mail/spamassassin/FuzzyOcr.pm Is the same as adding the following to amavisd.conf? : @additional_perl_modules = qw( /etc/mail/spamassassin/FuzzyOcr.pm MLDBM String::Approx ); i.e. what are the differences between these 2 cases? Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] First public pre-release (-pre2)ofamavisd-new-2.4.5
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Mark Martinec Sent: Wednesday, January 24, 2007 5:05 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] First public pre-release (-pre2)ofamavisd-new- 2.4.5 Leon, Sometimes I wonder why we bother and keep writing software and preparing patches, especially with security-related stuff... You're right here. The problem is that it takes so much long for OS maintainers to release a new ver. For Suse for example, the latest version available is perl-Convert-UUlib-1.051-31 (even from opensuse factory). I'd prefer to grab newer .src.rpm and compile it on my system, but unfortunately there is no 1.06 version for the OS I'm currently running mail server on. Well, it is easy for me to drop a requirement for 1.06 and continue being happy with 1.05. The only reason for a requirement are security concerns. The uulib has a rather buggy history, but is quite useful for the duties it performs in decoding malformed messages. The uulib was target for exploits in the past, the last one with known exploitable bugs is 1.04, which is why 1.05 used to be a minimal required version up to amavisd 2.4.4. Looking at its change log, both the 1.05 and the 1.06 look like potential candidates for future attacks: 1.08(1.07): fixed an uninitialised variable ... 1.06: fix some signed/unsigned char problems of unknown relevance I guess I'll be removing a requirement for 1.06, for the amount of trouble it is causing: --- amavisd.origTue Jan 23 17:13:25 2007 +++ amavisd Wed Jan 24 16:01:18 2007 @@ -16479,4 +16479,3 @@ # avoid an exploitable security hole in Convert::UUlib 1.04 and older! - # avoid likely security holes in Convert::UUlib 1.051 and older -use Convert::UUlib 1.06 qw(:constants); +use Convert::UUlib 1.05 qw(:constants);# 1.08 or newer is preferred! use Compress::Zlib 1.35; # avoid security vulnerability in = 1.34 Yep, It may be a good idea for now :) Mark - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] First public pre-release (-pre2) ofamavisd-new-2.4.5
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Mark Martinec Sent: Wednesday, January 24, 2007 1:57 AM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] First public pre-release (-pre2) ofamavisd-new- 2.4.5 Gary, For those using Debian stable: Looks like I will have to upgrade Perl and therefore break out of 'stable' on my Debian Sarge system(s): Thanks for trying it out. ~# amavisd-new reload Problem in Amavis::Unpackers code: Convert::UUlib version 1.06 required--this is only version 1.051 at (eval 47) line 22. The 1.06 is absolutely minimal. I would very much recommend 1.08, which is out for more than a month now, fixing dealing with uninitialized variables. I also had to reinstall libcompress-zlib-perl. For some reason it removed my treasured copy obtained from backports.org and reinstalled version 1.34 from stable 1.34 from January 2005, two years back, nice. We are at 2.003 with Compress::Zlib I believe. Sometimes I wonder why we bother and keep writing software and preparing patches, especially with security-related stuff... You're right here. The problem is that it takes so much long for OS maintainers to release a new ver. For Suse for example, the latest version available is perl-Convert-UUlib-1.051-31 (even from opensuse factory). I'd prefer to grab newer .src.rpm and compile it on my system, but unfortunately there is no 1.06 version for the OS I'm currently running mail server on. Mark Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Rejected count is wrong with mailgraph
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Mark Martinec Sent: Thursday, January 11, 2007 1:53 AM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] Rejected count is wrong with mailgraph Leon, I'm monitoring my system (Postfix+Cyrus+Amavisd-new: SA+ClamAV) with mailgraph, amavis-stats and pflogsumm (preprocessing logs before handing them to pflogsumm with prepflog.pl - http://web.tiscali.it/postfix/ to get more accurate results). My findings are: I don't have much experience with any of these, so I'll just try to point out some possible discrepancies in counts obtained from parsing log-level 0 amavisd log entries (having in mind 2.4.x series), assuming the basic parsing is done well and that possible higher-log-level log entries are not triggering false/multiple counts. - long log entries (somewhere over 1000 characters) are split into multiple log entries (showing ... at glue points), which are possibly interleaved by log entries from other parallel child processes. Log analyzer must know how to glue fragments together before parsing them, correlating shown mail id and process id; wraps often occur when SA tests logging is enabled (macro %T is used in $log_templ); - a message with multiple recipients may show as two log entries when action differs between recipients, e.g. if some are spam lovers or have high kill level (log will show 'Passed ' for them), while other recipients may show 'Blocked ' as an additional log entry for the same message; - if by-recipient log entries are enabled ($log_recip_templ), these may look quite similar to by-message entries ($log_templ), so it is prudent to enable just one or the other, and make sure the log analyzer know it is seeing by-recip or by-message entries. Mark Thanks for the comments Mark. The thing is that All Spam/Virus stats are OK, so there is no problem with amavis log parsing. The problem seems to be with postfix Rejected count. I've already posted it to mailgraph list, meanwhile I'll use pflogsumm stats to evaluate Rejected rates. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ Regards, Leon - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Rejected count is wrong with mailgraph
Hello All, I've posted this info to mailgraph list, but since many of you here using the same tools to monitor mail stats, this may be usefull info for amavis list too. I'm monitoring my system (Postfix+Cyrus+Amavisd-new: SA+ClamAV) with mailgraph, amavis-stats and pflogsumm (preprocessing logs before handing them to pflogsumm with prepflog.pl - http://web.tiscali.it/postfix/ to get more accurate results). My findings are: -- 1) Spam and Virus count is similar for amavis-stats and maigraph, which is good :) 2) Recieved total in mailgraph is almost similar to sum of All Passed+All Blocked in amavis-stats and very close to delivered count with pflogsumm ((zcat `ls -rt /var/log/mail-*.gz | tail -n 1`; cat /var/log/mail) | prepflog.pl | pflogsumm.pl -d today --problems_first 21), but I think that Recieved total should be renamed to Delivered total, cause this is what it's actually means, this is the count of delivered to recipients mail and not Recieved by postfix from the outside world. 3) I can see that I have 1265 rejected mails in pflogsumm stats (and I can see where the exact rejection count by e-mail) but mailgraph saying that Rejected total is 3167 mails, so I think that mailgraph Rejected count is wrong! 4) I don't have tools to check Sent total and Bounce total, but its worth to check this, cause I already know that Rejected total is wrong. Any thoughts/patches/comments are welcome. Best Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] amavis-stats
the compress directive, or - as I did - add the delaycompress
directive. That way logrotate doesn't compress the first rotation, only the
remaining -
8) Make sure you have delaycompress option for mail.info rotation config.:
a) Make change to /etc/logrotate.d/syslog so it looks like (i.e. separate
config for /var/log/mail.info):
/var/log/mail /var/log/mail.warn /var/log/mail.err {
compress
dateext
maxage 365
rotate 99
missingok
notifempty
size +4096k
create 640 root root
sharedscripts
postrotate
/etc/init.d/syslog reload
endscript
}
/var/log/mail.info {
compress
delaycompress
dateext
maxage 365
rotate 99
missingok
notifempty
size +4096k
create 640 vscan root
sharedscripts
postrotate
/etc/init.d/syslog reload
endscript
}
b) If you'd like to use separate amavis.log file be sure to set
in /etc/amavisd.conf:
$DO_SYSLOG = 0;
and $scan_logfile = /var/log/amavis.log;
in amavis-stats.conf
and to use this one for /etc/logrotate.d/amavisd-new:
/var/log/amavis.log {
compress
dateext
maxage 365
rotate 99
compress
delaycompress
size=+4096k
notifempty
missingok
create 644 vscan root
postrotate
/etc/init.d/amavis reload
endscript
}
Or this one I've found on the net:
/var/log/amavis.log {
weekly
compress
delaycompress
create 640 vscan root
postrotate
if [- f /var/spool/amavis/amavisd.pid]; then
of /etc/init.d/amavis restart /dev/null
fi
endscript
}
But I'm using the first option (a.
---
c) # vi /etc/amavisd.conf
$LOGFILE = /var/log/amavis.log;
$log_level = 2; # verbosity 0..5, -d
$log_recip_templ = undef;# disable by-recipient level-0 log entries
$DO_SYSLOG = 1; # log via syslogd (preferred)
$syslog_facility = 'mail'; # Syslog facility as a string
# e.g.: mail, daemon, user, local0, ... local7
$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string,
# choose from: emerg, alert, crit, err, warning, notice, info,
debug
d) Now we need to make sure amavis-stats will startup on reboot:
Add the following line to /etc/init.d/boot.local (Actually I recommend to
start amavis-stats with -c /etc/amavis-stats.conf option, otherwise it
seems that files created in /var/lib/amavis-stats with wrong group ownership
and apache wouldn't read them):
amavis-stats -c /etc/amavis-stats.conf start
9) To uninstall amavis-stats, simply rm -rdf the following:
--
/usr/share/amavis-stats /var/cache/amavis-stats /var/lib/amavis-stats
/usr/sbin/amavis-stats
/usr/doc/amavis-stats.pod /usr/doc/amavis-stats.txt /etc/amavis-stats.conf
Thanks for any help.
--
No folly is more costly than the folly of intolerant idealism.
-- Winston Churchill
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share
your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
Regards,
Leon Kolchinsky
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] amavis-stats configuration problems
that have to rotate # their log files more than once a month. The Webalizer will save its # internal state before exiting, and restore it the next time run, in # order to continue processing where it left off. This mode also causes # The Webalizer to scan for and ignore duplicate records (records already # processed by a previous run). See the README file for additional # information. The value may be 'yes' or 'no', with a default of 'no'. # The file 'webalizer.current' is used to store the current state data, # and is located in the output directory of the program (unless changed # with the IncrementalName option below). Please read at least the section # on Incremental processing in the README file before you enable this option. Incremental yes -- 4) And finally: Next week I'll probably try Mailgraph. Does it have per domain stats? What about delaycompress option for Mailgraph? Does it need to be set? Best Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] advice on black lists use
-Original Message- From: Clifton Royston [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 9:08 PM To: Leon Kolchinsky Cc: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] advice on black lists use On Sat, Dec 23, 2006 at 06:10:12PM +0200, Leon Kolchinsky wrote: Hello All, Below is a list ob black lists I'm using with main.cf config. smtpd_recipient_restrictions = . . . reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client relays.ordb.org, reject_rbl_client safe.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, In the weekly logs I can see that the safe.dnsbl.sorbs.net is the hitter of the week (or may be it's just logically right cause it's before 2 latter): blocked using safe.dnsbl.sorbs.net (total: 9051) blocked using list.dsbl.org (total: 131) blocked using sbl.spamhaus.org (total: 18) No entries for zombie.dnsbl.sorbs.net and relays.ordb.org at all. ORDB has just shut down in the last week (and was little active before that.) See their web page for more info: http://www.ordb.org/news/?id=38 Anyone using ORDB would do well to remove the references ASAP. I have unfortunately found SORBS to be often inaccurate, with little interest in correcting wrong listings in any of their categories. (E.g. I've seen cases of dedicated UNIX mailservers mislisted as Windows zombies, static IP space with mailservers mislisted as dynamic, etc.) There's good intent behind it, but it's understaffed and it seems as though some of the volunteers have a bad attitude about correcting mistakes. If you still want to use it, be prepare to do some whitelisting on occasion. The Spamhaus SBL is a good choice. The CBL (read the web page at http://cbl.abuseat.org/) and NJABL (see page at http://www.njabl.org/) are also excellent choices. I believe the maintainers of all these to be extremely conscientious. You can query all of these together (one config line, one DNS lookup!) via the Spamhaus SBL-XBL zone, queried as sbl-xbl.spamhaus.org. More info on this combined list at http://www.spamhaus.org/xbl/index.lasso NJABL also has a dynamic IP space list (DUL) via dynablock.njabl.org. I don't have a good feel for how accurate that is. I need an advice from powerusers on what bl's are better to use and in what order. Order isn't really so important, in that for good mail you'll end up having to query all of them. I'd try querying the SBL-XBL zone first, then others. I have not put any time lately into checking which order is best. OK. Thanks for the info. I've also googled a little and found that: Here the lists I've read about and some explanations on why should I use them. The following bl's would be recommended that doesn’t enlist half of the Internet (for instance all dialups in the world) in one overnight - 1) sbl-xbl.spamhaus.org 2) safe.dnsbl.sorbs.net 3) list.dsbl.org 4) cbl.abuseat.org - XBL has some delay until updates are propagated from CBL, so querying XBL first and then CBL gives you two advantages: * You profit from the high reliability and low response times of Spamhaus' DNS setup * After SBL-XBL filtered out the bulk, CBL can kick in to catch the rest, ie those not yet propagated from CBL to XBL. 5) dnsbl.njabl.org - as stated here http://www.spamhaus.org/xbl/index.lasso; Mail servers already using dnsbl.njabl.org are advised to continue doing so, as dnsbl.njabl.org is itself a composite list and contains more than the open proxy IPs list part now incorporated in XBL What about those 4 lists? Anyone have any experience with them?: blackholes.easynet.nl will-spam-for-food.eu.org zen.spamhaus.org zombie.dnsbl.sorbs.net P.S.: Policyd-weight indeed sounds very interesting, as Henrik stated. Any usage experience? Configuration tips? -- Clifton -- Clifton Royston -- [EMAIL PROTECTED] / [EMAIL PROTECTED] President - I and I Computing * http://www.iandicomputing.com/ Custom programming, network design, systems and network consulting services Regards, Leon - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] advice on black lists use
Hello All, Below is a list ob black lists I'm using with main.cf config. smtpd_recipient_restrictions = . . . reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client relays.ordb.org, reject_rbl_client safe.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl.spamhaus.org, . . . In the weekly logs I can see that the safe.dnsbl.sorbs.net is the hitter of the week (or may be it's just logically right cause it's before 2 latter): blocked using safe.dnsbl.sorbs.net (total: 9051) blocked using list.dsbl.org (total: 131) blocked using sbl.spamhaus.org (total: 18) No entries for zombie.dnsbl.sorbs.net and relays.ordb.org at all. I need an advice from powerusers on what bl's are better to use and in what order. Best Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] perl = 5.8.1 rpm for RH9?
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Shaun T. Erickson Sent: Sunday, December 17, 2006 6:02 AM To: amavis-user@lists.sourceforge.net Subject: [AMaViS-user] perl = 5.8.1 rpm for RH9? My Google foo seems to be lacking tonight. :( Does anyone know where I can get an rpm for RH9 of perl 5.8.1 or higher, so that I can run the latest amavisd-new? I can't seem to find one anywhere ... -- -ste As an alternative you can compile amavisd-new and SA from rpm.src for RH and leave your current perl version. If you do it I'd recommend installing newer versions of the following perl modules (This is what I did for SLES9): Amavis and SA like newer versions: perl-IO-Zlib-1.04-29.i586.rpm perl-BerkeleyDB-0.31-12.i586.rpm perl-MIME-tools-5.420-20.i586.rpm perl-Compress-Zlib-1.42-20.i586.rpm perl-Convert-UUlib-1.051-31.i586.rpm for FuzzyOcr, latest version: perl-Tie-Cache-0.17-274.i586.rpm perl-Tie-IxHash-1.21-618.i586.rpm perl-MLDBM-2.01-280.i586.rpm perl-MLDBM-Sync-0.30-276.i586.rpm for sa-update to work better: perl-IO-String-1.08-30.i586.rpm perl-Archive-Tar-1.30-17.i586.rpm Leon - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] time gap between amavis and postfix/smtp inthelogs?
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Mark Martinec Sent: Friday, December 15, 2006 4:26 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] time gap between amavis and postfix/smtp inthelogs? Leon, my postfix is not chrooted. I doubt it. Check the 5-th column in master.cf. cp -p /etc/localtime /var/spool/postfix/etc/ This fixes time zones in chroot jail. No chroot jail: # == # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # == smtp inet n - n - - smtpd -o receive_override_options=no_address_mappings smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o receive_override_options=no_address_mappings submission inet n - n- -smtpd -o smtpd_enforce_tls=yes -o receive_override_options=no_address_mappings Mark - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] disaster recovery backup fo bayesian DB?
Hello All, I've asked this question on SA list but didn't get answers, so Ill try here. I thought of disaster recovery backup. I've read the man pages but still not clear about backing up Bayesian DB files (I don't use SQL DB for now). 1) Is the following command is legit? sa-learn --sync --showdots --backup backup.txt Is this command make backup of bayes_seen, bayes_toks, user_prefs, auto-whitelist altogether? 2) Should I stop SA(amavisd-new) from running during this backup? 3) Where can I read amore about AWL backup and .mutex files (I'm not familiar with those)? # ls -l /var/spool/amavis/.spamassassin total 14513 drwx-- 2 vscan vscan 280 Dec 15 15:43 . drwx-- 1 vscan root 456 Dec 13 10:25 .. -rw--- 1 vscan vscan 2654208 Dec 15 16:34 auto-whitelist -rw--- 1 vscan vscan6 Dec 15 16:34 auto-whitelist.mutex -rw--- 1 vscan vscan 5466 Dec 15 16:32 bayes.mutex -rw--- 1 vscan vscan72144 Dec 15 16:34 bayes_journal -rw--- 1 vscan vscan 10498048 Dec 15 16:32 bayes_seen -rw--- 1 vscan vscan 5189632 Dec 15 16:32 bayes_toks -rw-r--r-- 1 vscan vscan 1547 Oct 26 09:24 user_prefs Best Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] time gap between amavis and postfix/smtp in the logs?
(mail.mydomain.com) Dec 11 16:32:28 mail postfix/pipe[12276]: 252431BA8F: to=[EMAIL PROTECTED], orig_to=[EMAIL PROTECTED], relay=cyrus, delay=1, status=sent (mail.mydomain.com) Dec 11 16:32:28 mail postfix/pipe[12256]: 252431BA8F: to=[EMAIL PROTECTED], orig_to=[EMAIL PROTECTED], relay=cyrus, delay=1, status=sent (mail.mydomain.com) --- Now for the questions I have: 1) What's the meaning of these lines do_notify_and_quarantine: rec_ccat=(1,0), ccat=(1,1) ? 2) As I see it: When amavis at 16:32:27 sending the mail (12137-03) back to postfix (id=12137-03), postfix/smtp queue it as 252431BA8F at 14:32:27, Then it sends the message with pipe transport (at least this is how I understand this) at 16:32:28 Why there is two hour gap (14:32 and 16:32) in between amavis and postfix/smtp transport (cause I can see that postfix/pipe is showing right time in the logs)? Best Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Urgent Help Mails Deferred by Postfix
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Andres Sent: Thursday, December 14, 2006 3:49 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] Urgent Help Mails Deferred by Postfix On 12/14/06, Michael Scheidell [EMAIL PROTECTED] wrote: Try a newer version of 'file' and make sure its first in the path? Sorry, but, what 'file' ? amavisd-new ? It started to work bad from time to time, no changes were made... file is just a utility. # man file FILE(1) FILE(1) NAME file - determine file type SYNOPSIS file [ -bcikLnNprsvz ] [ -f namefile ] [ -F separator ] [ -m magicfiles ] file ... file -C [ -m magicfile ] DESCRIPTION This manual page documents version 4.09 of the file command. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] WARN: MIME::Parser error:
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Sauer, Peter Sent: Wednesday, December 13, 2006 2:09 PM To: amavis-user@lists.sourceforge.net Subject: [AMaViS-user] WARN: MIME::Parser error: Hi I got amavisd-new 2.4.4 on a ubuntu dapper server running. Following error appears several times in my log files: Dec 10 08:54:46 sv0027 amavis[32083]: (32083-01-12) WARN: MIME::Parser error: unexpected end of preamble Dec 10 08:57:30 sv0027 amavis[32101]: (32101-01-12) WARN: MIME::Parser error: part did not end with expected boundary Dec 10 08:47:28 sv0027 amavis[29834]: (29834-01-8) WARN: MIME::Parser error: multipart boundary is missing, or contains CR or LF WARN: MIME::Parser error: couldn't parse head; error near:; \000Content-Transfer-Encoding: 8bit; Sender: [EMAIL PROTECTED]; Reply-To: [EMAIL PROTECTED]; Date: Tue, 12 Dec 2006 13:18:01 +0800; X-Mailer:Dynamailer V 8.4; X-MimeOLE:Produced By Mircosoft MimeOLE V6.00 I got following MIME::Parser Module installed: Dec 11 02:00:20 sv0027 amavis[23711]: Module MIME::Parser5.420 Has anybody an idee ?? Did you try to reinstall perl-MIME-tools? I think I had similar MIME::Parser errors after upgrading to 2.4.4 version. I've installed perl-MIME-tools-5.420-20 to solve these. Best regards Peter - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] deleting high-scoring spam? [ feature request ]
-Original Message- From: [EMAIL PROTECTED] [mailto:amavis-user- [EMAIL PROTECTED] On Behalf Of Peter Matulis Sent: Wednesday, December 13, 2006 6:35 AM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] deleting high-scoring spam? [ feature request ] --- Gary V [EMAIL PROTECTED] wrote: Peter wrote: --- Joshua wrote: On Tuesday 12 December 2006 17:56, Peter Matulis wrote: Is there currently a feature (not a hack) in amavisd-new that allows for the deletion/discard of mail with SA scores greater than a specified value? Look for $sa_kill_level_deflt in the config file. I'm using this setting to determine what is spam. My evasive action is D_PASS. I want to keep doing this until the SA score reaches another specified value at which point my evasive action becomes D_DISCARD. Peter But $sa_tag2_level_deflt determines what is spam. Sorry, yes, I currently have $sa_tag2_level_deflt = $sa_kill_level_deflt Set $sa_kill_level_deflt to the score at which you wish to discard, then set $final_spam_destiny to D_DISCARD. Then what happens to mail between those two values? Clearly I'm missing something here. I want it to be passed (D_PASS). $sa_tag2_level_deflt = 5; $sa_kill_level_deflt = 20; Now spam will get quarantined at 20. If you don't want this high scoring spam to get quarantined then you would set: spam_quarantine_to = undef; Alternately you could keep some spam in the quarantine: $sa_tag2_level_deflt = 5; $sa_kill_level_deflt = 15; $sa_quarantine_cutoff_level = 25; I don't want to do any quarantining at all. I achieve this by having 'spam_quarantine_to' commented out. Nowhere do you mention D_PASS. Why? This will give you some idea: http://www200.pair.com/mecham/spam/amavisd-settings.html __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] hung child processes
Hello, After upgrading to perl-spamassassin-3.1.7-3 spamassassin-3.1.7-3 amavisd-new-2.4.4-4 Sometimes, I got similar problems after restarting amavis, postfix stops communicate with amavis (and I see that mailq rapidly grows). I needed to restart postfix to make it work normally again: # /etc/init.d/amavis restart Shutting down virus-scanner (amavisd-new):Daemon [26955] terminated by SIGTERM done Starting virus-scanner (amavisd-new): done - But thanks for the tip Mark, I'll try 'postfix flush'. P.S.: As I understand terminated by SIGTERM is normal? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Martinec Sent: Monday, December 04, 2006 4:40 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] hung child processes Bill, Problem 1: after an 'amavisd reload' or 'amavisd stop' command, not all child processes die. The main server thread exits and some children may exit, but often one or more children hang around. Example: ... 31249 ?R877:28 amavisd (ch4-31249-04) Note that 31249 is still hanging around. A manual 'kill -TERM' will not make it go away. I have to use 'kill -9' to zap it. Net::Server only uses SIGTERM to kill its child processes on shutdown. If a child process does not respond to SIGTERM, a manual SIGKILL might be necessary. It would be interesting to find out what the stuck process was doing. Running at log level 5 for a while would make it possible to examine the last log entries by a process, which need to be manually killed. Attaching truss or strace to such process might also indicate what it is doing. Problem 2: Sometimes, but not always, after an 'amavisd reload', the communications between amavisd and postfix get hosed. The amavisd process list will show the master and all virgin children and the mail logs will show postfix unable to connect to the content filter on 127.0.0.1:10025. I can manually telnet to 127.0.0.1:10025 and get a prompt from amavisd. A 'postfix stop; postfix start' clears up this problem. 'postfix flush' suffices. Most likely the Postfix remembered that the content filter was down and avoids repeated new attempts, knowing that these would most likely fail. Postfix would retry again in a couple of minutes. With a manual 'postfix flush' you can tell it to retry right away. Mark - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] spam_lovers syntax
Hi, I've used this syntax to avoid spam/header/banned_files checks for selected e-mail adrr.: @spam_lovers_maps = @bypass_spam_checks_maps = @banned_files_lovers_maps = @bypass_banned_checks_maps = @bad_header_lovers_maps = @bypass_header_checks_maps = ( read_hash(/var/spool/amavis/spam-lovers.txt), And it seems to work partially - 1) When I send e-mail to one of my server's e-mails listed in spam-lovers.txt from another domains, I got the following headers added by my amavisd-new (for examplee): X-Virus-Scanned: amavisd-new at mydomain.ac.il X-Spam-Score: 1.429 X-Spam-Level: * X-Spam-Status: No, score=1.429 tagged_above=-999 required=5 tests=[AWL=-0.893, BAYES_50=0.001, HTML_30_40=0.374, HTML_MESSAGE=0.001, MIME_BASE64_NO_NAME=0.224, SUBJECT_ENCODED_TWICE=1.723] 2) When I send an e-mail from one of the listed e-mail I see that the only header added by amvis is: X-Virus-Scanned: amavisd-new at mydomain.ac.il I thought that only X-Virus-Scanned header should be added in both cases. Why it isn't so? I want e-mail coming to e-mails listed in spam-lovers.txt file scanned for viruses only. How can I achieve this? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Martinec Sent: Tuesday, November 28, 2006 7:53 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] spam_lovers syntax Leon, I want to add several mailinglists to spam_lovers_maps directives, so mails sent to these lists go directly to the list without spam checks: Couls I just do it like this (i.e. every address on a new line)? @spam_lovers_maps = @bypass_spam_checks_maps = ( [ qw( [EMAIL PROTECTED] adjunc@ mydomain.ac.il bab@ mydomain.ac.il bella@ mydomain.ac.il ) ], ); ... Yes, correct, except there should be no space after '@' in addresses. If you have many such addresses, using hash-based lookup is faster. A hash lookup table can be loaded from a plain text file (one address per line): @spam_lovers_maps = @bypass_spam_checks_maps = ( read_hash(/etc/amavisd/spam-lovers.txt), ); or constructed with an expression. Mark - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SA whitelist usage
Hello, I think that Anders has a point here. whitelist_from_rcvd should add -100 points to any scanned e-mail, so theoretically it should pass at any condition. Why is this not happening is a mystery to me. He isn't blaming SA people but functionality that is not working. Correct me if I wrong. Best Regards, Leon Kolchinsky -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary V Sent: Thursday, November 30, 2006 7:12 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] SA whitelist usage Gary wrote: Andres wrote: On 11/29/06, Gary V [EMAIL PROTECTED] wrote: The user could send emails before with no problem... Thanks! This may give you some ideas: http://www200.pair.com/mecham/spam/bypassing.html#10 Gary V Hey Gary, what is the objetive of setting whitelist and trusted_networks if them will be not be taked with high priority at the time of determining if this is spam or not? Is there another way of telling SA not to filter messages from a certain domain? (I really think that whitelist is pretty useless now...) I know that I have to blame SA people for this... Your blame is misdirected. I thank the SA people. You have to blame spam/viruses/spyware and others who wish to do harm. The link I gave you provided three different ways to work around the issue. It's not a good idea to whitelist your own domain using something like whitelist_from because spammers often spoof your own domain (not that you are doing this). It is less of a problem if you use whitelist_from_rcvd but I'm not sure this will help if the sender is not sending from your network. If we had the headers to look at we might see something useful. Here is another idea on a way possible to do this (if you don't have Postfix 2.3.x). This should add and 'X-SMTP-Auth: no' header to all messages except authenticated. The spamassassin rule then adds -15 points if this header is missing. Requires Postfix 2.1 or later. etc/postfix/main.cf: smtpd_data_restrictions = reject_unauth_pipelining permit_sasl_authenticated check_client_access pcre:/etc/postfix/add_auth_header.pcre /etc/postfix/add_auth_header.pcre /^/ PREPEND X-SMTP-Auth: no /etc/mail/spamassassin/local.cf: header __NO_SMTP_AUTH X-SMTP-Auth =~ /^no$/ meta SMTP_AUTH !__NO_SMTP_AUTH describe SMTP_AUTH Message sent using SMTP Authentication tflags SMTP_AUTH nice score SMTP_AUTH -15 From: http://archives.neohapsis.com/archives/postfix/2004-02/2363.html http://archives.neohapsis.com/archives/postfix/2004-02/2364.html Possibly add permit_mynetworks: smtpd_data_restrictions = reject_unauth_pipelining permit_mynetworks permit_sasl_authenticated check_client_access pcre:/etc/postfix/add_auth_header.re Gary V - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SA whitelist usage
So, if I got you right If I want to whitelist_from_rcvd to work for users of my own server I should delist it from trusted_networks and internal_networks (i.e. 127/8 should never be included)? This way the first untrusted server would be my own, right? # Internal clear_internal_networks internal_networks 127/8 IP_of_first_mail_relay IP_of_second_mail_relay # Trusted clear_trusted_networks trusted_networks 127/8 IP_of_first_mail_relay IP_of_second_mail_relay Becomes: # Internal clear_internal_networks internal_networks IP_of_first_mail_relay IP_of_second_mail_relay # Trusted clear_trusted_networks trusted_networks IP_of_first_mail_relay IP_of_second_mail_relay and now: whitelist_from_rcvd [EMAIL PROTECTED] mydomain.net.il Would work as it should? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary V Sent: Saturday, December 02, 2006 6:12 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] SA whitelist usage Gary wrote: In this particular header, the sender and the rDNS of the relay host must (at least partially) match the the sender and host in whitelist_from_rcvd. Actually I think the sender would be retrieved from a different header. The thing is, whitelist_from_rcvd might be useful in a situation where the mail comes from an organization that hosts their own servers. It would be much much less useful to whitelist a sender from a known source of spam such as rr.com or comcast or yahoo for example. It would also be of limited use if the sender moves from ISP to ISP (a mobile user). Then for sure it would not work 'all the time'. Gary V - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] SA whitelist usage
Hi Gary, Now then I've read your reply and gave it another thought, I think you're right. This is not the right tool for whitelisting internal server users. I'll try one of your bypassing examples on http://www200.pair.com/mecham/spam/bypassing.html Best Regards, Leon Kolchinsky -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary V Sent: Saturday, December 02, 2006 9:20 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] SA whitelist usage Leon wrote: So, if I got you right If I want to whitelist_from_rcvd to work for users of my own server I should delist it from trusted_networks and internal_networks (i.e. 127/8 should never be included)? This way the first untrusted server would be my own, right? # Internal clear_internal_networks internal_networks 127/8 IP_of_first_mail_relay IP_of_second_mail_relay # Trusted clear_trusted_networks trusted_networks 127/8 IP_of_first_mail_relay IP_of_second_mail_relay Becomes: # Internal clear_internal_networks internal_networks IP_of_first_mail_relay IP_of_second_mail_relay # Trusted clear_trusted_networks trusted_networks IP_of_first_mail_relay IP_of_second_mail_relay and now: whitelist_from_rcvd [EMAIL PROTECTED] mydomain.net.il Would work as it should? I think you are using the wrong tool. If you properly list your internal network (127/8 is in your internal network and therefore should be included) then senders in your network will benefit from ALL_TRUSTED which is a form of whitelisting. If the mail comes from an internal network, then there are a number of tests that will be skipped (to the senders benefit). Let's say your network is 666.666.666.0/24. Your clients are in this network. Let's say the client wanting the send mail is 666.666.666.113 and your email server is 666.666.666.12. clear_internal_networks internal_networks 127/8 666.666.666.0/24 clear_trusted_networks trusted_networks 127/8 666.666.666.0/24 Mail sent from anyone in your network will now benefit from ALL_TRUSTED. Let's say you have a sender [EMAIL PROTECTED] and the last host (according to rDNS) in the chain to relay mail to your network (the first untrusted host) is host.example.com (but is could also be host2.example.com). You will want to set: whitelist_from_rcvd [EMAIL PROTECTED] example.com whitelist_from_rcvd is not the right tool to whitelist senders inside your network. It's better suited to whitelist senders outside your network. The right way to do help out senders in your network is to properly set up the trust path. Don't just include the IP address of your sever, include your entire network so any user that sends mail from your network benefits. Gary V - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Determining which rules a clean message violated
Hi, You have number of options to do that: 1. Check the file for particular scoring with: # spamassassin -t -D mailfile. 2. in amavisd.conf (this option will show you the scorings for all mails, not only for spam): $sa_tag_level_deflt = -999; Regards, Leon Kolchinsky -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, November 30, 2006 4:30 PM To: amavis-user@lists.sourceforge.net Subject: [AMaViS-user] Determining which rules a clean message violated I'm currently using a the common Postfix/Amavisd-new/SpamAssassin combo to filter messages before passing them onto my Lotus Domino server. This is working well, and I've written a little PHP frontend to handle quarantine searches as well as releasing/training on messages. To facilitate training I quarantine clean messages for 7 days along with all the others. The problem I have, is in finding out which SpamAssassin rules a clean message actually triggered. These show up in the headers of the delivered message, but not in the quarantined message nor anywhere in the database (that I can find). Aside from going to the receiving user's mailbox and examining the delivered message, is there any way I can determine this? Michael Gaskins Berkeley County Government Trainer/Application Developer (IT Department) [EMAIL PROTECTED] 843-719-4759 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] debug question
Hi,
1. So as I conclude from your and Marks' replyes the only module I really
should install is Mail::SPF::Query
Is there default SA rules (not carried by plugin) relaying on this module?
2. I'll try this syntax without --lint:
spamassassin -D sample-spam.txt
3. I'll ask SA list on DCC issue
Best Regards,
Leon
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gary V
Sent: Monday, November 27, 2006 5:07 PM
To: amavis-user@lists.sourceforge.net
Subject: Re: [AMaViS-user] debug question
Leon wrote:
Hi,
First, I've compiled and installed new perl modules (some of them for
FuzzyOCR):
perl-BerkeleyDB-0.31-12.i586.rpm
perl-Compress-Zlib-1.42-20.i586.rpm
perl-Convert-UUlib-1.051-31.i586.rpm
perl-IO-Multiplex-1.08-14.i586.rpm
perl-MIME-tools-5.420-20.i586.rpm
perl-MLDBM-2.01-280.i586.rpm
perl-MLDBM-Sync-0.30-276.i586.rpm
perl-Net-Server-0.94-18.i586.rpm
perl-Tie-Cache-0.17-274.i586.rpm
perl-Tie-IxHash-1.21-618.i586.rpm
Second I've moved from old amavisd.conf style settings to new 2.4.4 style
settings, using the following howto's from Gary V. as a reference:
http://www200.pair.com/mecham/spam/upgrade244.html
http://www200.pair.com/mecham/spam/amavisd-settings.html
Restarted amavis, and BerkeleyDB-based Amavis::Cache not available
messages are gone.
Now I have several questions regarding spamassassin --lint -D output (I
run it as amavis user, vscan on Suse):
1) I got the following module not installed lines:
[3210] dbg: diag: module not installed: Mail::SPF::Query ('require'
failed)
[3210] dbg: diag: module not installed: IP::Country::Fast ('require'
failed)
[3210] dbg: diag: module not installed: Net::Ident ('require' failed)
[3210] dbg: diag: module not installed: IO::Socket::INET6 ('require'
failed)
Are these modules really needed for a proper Spam detection and should I
try
to install them?
They are only needed if you desire the features they provide.
From DependencyInfo.pm
module = 'Mail::SPF::Query',
desc = 'Used to check DNS Sender Policy Framework (SPF) records to fight
email
address forgery and make it easier to identify spams.',
module = 'IP::Country::Fast',
alt_name = 'IP::Country',
desc = 'Used by the RelayCountry plugin (not enabled by default) to
determine
the domain country codes of each relay in the path of an email.',
module = 'Net::Ident',
desc = 'If you plan to use the --auth-ident option to spamd, you will
need
to install this module.',
module = 'IO::Socket::INET6',
desc = 'This is required if the first nameserver listed in your IP
configuration or /etc/resolv.conf file is available only via
an IPv6 address.',
2) I've installed Razor2 in /var/spool/amavis directory and enabled it in
local.cf with use_razor2 1 and there is an uncommented line
loadplugin Mail::SpamAssassin::Plugin::Razor2
in v310.pre file.
In amavisd.conf there is $sa_local_tests_only = 0;
And indeed I see that Razor test are run and the module is loaded, but as
you can see below there is a local tests only, skipping Razor message:
[3210] dbg: diag: module installed: Razor2::Client::Agent, version 2.82
[3210] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC
[3210] dbg: razor2: local tests only, skipping Razor
[3210] dbg: plugin: registered
Mail::SpamAssassin::Plugin::Razor2=HASH(0x9291740)
What could be the problem here?
As of SA version 3.1.6, --lint turns off net tests. You now have to
feed a message to debug to get net tests.
spamassassin -D sample-spam.txt
3) As I understand spamassassin --lint -D run some tests on test
message.
I do not have DCC installed, so it's kinda weird what rule is triggering
the
following message:
[3210] info: rules: meta test DIGEST_MULTIPLE has undefined dependency
'DCC_CHECK'
I suggest asking about this on the SA list. Do you plan on installing
DCC? If you do install it, this 'informational' message may go away.
Best Regards,
Leon Kolchinsky
Gary V
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
AMaViS
Re: [AMaViS-user] debug question
Hi,
First, I've compiled and installed new perl modules (some of them for
FuzzyOCR):
perl-BerkeleyDB-0.31-12.i586.rpm
perl-Compress-Zlib-1.42-20.i586.rpm
perl-Convert-UUlib-1.051-31.i586.rpm
perl-IO-Multiplex-1.08-14.i586.rpm
perl-MIME-tools-5.420-20.i586.rpm
perl-MLDBM-2.01-280.i586.rpm
perl-MLDBM-Sync-0.30-276.i586.rpm
perl-Net-Server-0.94-18.i586.rpm
perl-Tie-Cache-0.17-274.i586.rpm
perl-Tie-IxHash-1.21-618.i586.rpm
Second I've moved from old amavisd.conf style settings to new 2.4.4 style
settings, using the following howto's from Gary V. as a reference:
http://www200.pair.com/mecham/spam/upgrade244.html
http://www200.pair.com/mecham/spam/amavisd-settings.html
Restarted amavis, and BerkeleyDB-based Amavis::Cache not available
messages are gone.
Now I have several questions regarding spamassassin --lint -D output (I
run it as amavis user, vscan on Suse):
1) I got the following module not installed lines:
[3210] dbg: diag: module not installed: Mail::SPF::Query ('require' failed)
[3210] dbg: diag: module not installed: IP::Country::Fast ('require' failed)
[3210] dbg: diag: module not installed: Net::Ident ('require' failed)
[3210] dbg: diag: module not installed: IO::Socket::INET6 ('require' failed)
Are these modules really needed for a proper Spam detection and should I try
to install them?
2) I've installed Razor2 in /var/spool/amavis directory and enabled it in
local.cf with use_razor2 1 and there is an uncommented line
loadplugin Mail::SpamAssassin::Plugin::Razor2
in v310.pre file.
In amavisd.conf there is $sa_local_tests_only = 0;
And indeed I see that Razor test are run and the module is loaded, but as
you can see below there is a local tests only, skipping Razor message:
[3210] dbg: diag: module installed: Razor2::Client::Agent, version 2.82
[3210] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC
[3210] dbg: razor2: local tests only, skipping Razor
[3210] dbg: plugin: registered
Mail::SpamAssassin::Plugin::Razor2=HASH(0x9291740)
What could be the problem here?
3) As I understand spamassassin --lint -D run some tests on test message.
I do not have DCC installed, so it's kinda weird what rule is triggering the
following message:
[3210] info: rules: meta test DIGEST_MULTIPLE has undefined dependency
'DCC_CHECK'
Best Regards,
Leon Kolchinsky
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gary V
Sent: Sunday, November 26, 2006 6:05 PM
To: amavis-user@lists.sourceforge.net
Subject: Re: [AMaViS-user] debug question
Leon wrote:
Hello All,
I've upgraded to:
amavisd-new-2.4.4-4
spamassassin-3.1.7-3
from:
amavisd-new-20030616p9-3.6
spamassassin-2.64-3.7
on SLES9
When I run amavisd debug and see some suspicious output like:
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Net::Server:
Group
Not Defined. Defaulting to EGID '101 101'
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Net::Server: User
Not Defined. Defaulting to EUID '65'
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Amavis::DB code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Amavis::Cache
code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: SQL base code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: SQL::Log code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: SQL::Quarantine
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Lookup::SQL code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Lookup::LDAP code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Courier proto
code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Pipe-out proto
code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: BSMTP-out proto
code NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: OS_Fingerprint
code
NOT loaded
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.Ftried: unfreeze, freeze -d, melt, fcat
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.lzo tried: lzop -d
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.rpm
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.cpio
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.tar
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.deb
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.doc
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.cab
Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for
.tnef
Nov 23 16:40:23 mydomain.ac.il /usr/sbin/amavisd[3]: BerkeleyDB-based
Amavis::Cache not available, using memory-based local cache
Should I do
[AMaViS-user] debug question
Hello All, I've upgraded to: amavisd-new-2.4.4-4 spamassassin-3.1.7-3 from: amavisd-new-20030616p9-3.6 spamassassin-2.64-3.7 on SLES9 When I run amavisd debug and see some suspicious output like: Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Net::Server: Group Not Defined. Defaulting to EGID '101 101' Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Net::Server: User Not Defined. Defaulting to EUID '65' Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Amavis::DB code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Amavis::Cache code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: SQL base code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: SQL::Log code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: SQL::Quarantine NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Lookup::SQL code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Lookup::LDAP code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Courier proto code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: Pipe-out proto code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: BSMTP-out proto code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: OS_Fingerprint code NOT loaded Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .Ftried: unfreeze, freeze -d, melt, fcat Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .lzo tried: lzop -d Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .rpm Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .cpio Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .tar Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .deb Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .doc Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .cab Nov 23 16:40:21 mydomain.ac.il /usr/sbin/amavisd[32221]: No decoder for .tnef Nov 23 16:40:23 mydomain.ac.il /usr/sbin/amavisd[3]: BerkeleyDB-based Amavis::Cache not available, using memory-based local cache Should I do something about BerkeleyDB-based Amavis::Cache not available, using memory-based local cache or any other message? Any tips are welcome. Best Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Can't locate object method max_parts
Hello All, I'm running SLES9 with the following versions: spamassassin-2.64-3.2 perl-spamassassin-2.64-3.2 amavisd-new-20030616p9-3.6 I've installed new versions of SA and amavis (see below) with the following packets (compiled from src.rpm's): # rpm -Uvh amavisd-new-2.4.4-4.i586.rpm perl-BerkeleyDB-0.25-2.i586.rpm perl-Compress-Zlib-1.35-12.i586.rpm perl-Convert-UUlib-1.051-11.i586.rpm # rpm -Uvh perl-spamassassin-3.1.7-3.i586.rpm spamassassin-3.1.7-3.i586.rpm Restarted SA and amavis, and started to get the following errors while there was no email-coming through my system and mailque growing! Example of maillog errors: Nov 22 14:25:39 mail postfix/smtp[15132]: 23CBE1CA24: to= [EMAIL PROTECTED] , orig_to= [EMAIL PROTECTED], relay=127.0.0.1[127.0.0.1], delay=25, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=15039-05, mime_decode-1 FAILED: Can't locate object method max_parts via package MIME::Parser at /usr/sbin/amavisd line 5933. (in reply to end of DATA command)) Nov 22 14:28:14 mail postfix/smtp[15215]: AC330192F3: to=[EMAIL PROTECTED], orig_to=[EMAIL PROTECTED], relay=127.0.0.1[127.0.0.1], delay=0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=15038-09, mime_decode-1 FAILED: Can't locate object method max_parts via package MIME::Parser at /usr/sbin/amavisd line 5933. (in reply to end of DATA command)) According to Theo Van Dinter, these errors come from amavis. What may be causing these errors and how to solve this? Best Regards, Leon Kolchinsky - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
