Re: SA-Update not updating DB
If you need testers, please let me know, I can help. On Tue, Nov 14, 2017 at 2:36 PM, John Hardin wrote: > On Tue, 14 Nov 2017, Rafael Leiva-Ochoa wrote: > > I am running SpamAssassin 3.4.1, and I have been trying to update the DB >> located on /var/lib/spamassassin/3.004001/ using SA-UPDATE. But, it has >> not >> gotten an update in almost 2 weeks. >> > > The rules update service has been down due to infrastructure problems for > a few months now. It is very close (like, this week) to being fixed. > > -- > John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ > jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org > key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 > --- > We should endeavour to teach our children to be gun-proof > rather than trying to design our guns to be child-proof > --- > 229 days since the first commercial re-flight of an orbital booster > (SpaceX) >
Re: SA-Update not updating DB
On Tue, 14 Nov 2017, Rafael Leiva-Ochoa wrote: I am running SpamAssassin 3.4.1, and I have been trying to update the DB located on /var/lib/spamassassin/3.004001/ using SA-UPDATE. But, it has not gotten an update in almost 2 weeks. The rules update service has been down due to infrastructure problems for a few months now. It is very close (like, this week) to being fixed. -- John Hardin KA7OHZhttp://www.impsec.org/~jhardin/ jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 --- We should endeavour to teach our children to be gun-proof rather than trying to design our guns to be child-proof --- 229 days since the first commercial re-flight of an orbital booster (SpaceX)
SA-Update not updating DB
Hi Everyone, I am running SpamAssassin 3.4.1, and I have been trying to update the DB located on /var/lib/spamassassin/3.004001/ using SA-UPDATE. But, it has not gotten an update in almost 2 weeks. Here is the command, and output I am getting. [root@mail-master 3.004001]# sa-update -v -D --nogpg --channel sought.rules.yerp.org --channel updates.spamassassin.org Nov 13 12:44:36.624 [21250] dbg: logger: adding facilities: all Nov 13 12:44:36.625 [21250] dbg: logger: logging level is DBG Nov 13 12:44:36.625 [21250] dbg: generic: SpamAssassin version 3.4.1 Nov 13 12:44:36.626 [21250] dbg: generic: Perl 5.024003, PREFIX=/usr, DEF_RULES_DIR=/usr/share/spamassassin, LOCAL_RULES_DIR=/etc/mail/spamassassin, LOCAL_STATE_DIR=/var/lib/spamassassin Nov 13 12:44:36.626 [21250] dbg: config: timing enabled Nov 13 12:44:36.641 [21250] dbg: config: score set 0 chosen. Nov 13 12:44:36.702 [21250] dbg: generic: sa-update version svn1652181 Nov 13 12:44:36.702 [21250] dbg: generic: using update directory: /var/lib/spamassassin/3.004001 Nov 13 12:44:38.203 [21250] dbg: diag: perl platform: 5.024003 linux Nov 13 12:44:38.204 [21250] dbg: diag: [...] module installed: Digest::SHA1, version 2.13 Nov 13 12:44:38.204 [21250] dbg: diag: [...] module installed: HTML::Parser, version 3.72 Nov 13 12:44:38.204 [21250] dbg: diag: [...] module installed: Net::DNS, version 1.09 Nov 13 12:44:38.205 [21250] dbg: diag: [...] module installed: NetAddr::IP, version 4.079 Nov 13 12:44:38.205 [21250] dbg: diag: [...] module installed: Time::HiRes, version 1.9746 Nov 13 12:44:38.205 [21250] dbg: diag: [...] module installed: Archive::Tar, version 2.26 Nov 13 12:44:38.206 [21250] dbg: diag: [...] module installed: IO::Zlib, version 1.10 Nov 13 12:44:38.206 [21250] dbg: diag: [...] module installed: Digest::SHA1, version 2.13 Nov 13 12:44:38.206 [21250] dbg: diag: [...] module installed: MIME::Base64, version 3.15 Nov 13 12:44:38.206 [21250] dbg: diag: [...] module installed: DB_File, version 1.84 Nov 13 12:44:38.207 [21250] dbg: diag: [...] module installed: Net::SMTP, version 3.10 Nov 13 12:44:38.207 [21250] dbg: diag: [...] module installed: Mail::SPF, version v2.009 Nov 13 12:44:38.207 [21250] dbg: diag: [...] module installed: Geo::IP, version 1.50 Nov 13 12:44:38.207 [21250] dbg: diag: [...] module installed: Net::CIDR::Lite, version 0.21 Nov 13 12:44:38.208 [21250] dbg: diag: [...] module installed: Razor2::Client::Agent, version 2.84 Nov 13 12:44:38.208 [21250] dbg: diag: [...] module installed: IO::Socket::IP, version 0.39 Nov 13 12:44:38.208 [21250] dbg: diag: [...] module installed: IO::Socket::INET6, version 2.72 Nov 13 12:44:38.209 [21250] dbg: diag: [...] module installed: IO::Socket::SSL, version 2.049 Nov 13 12:44:38.209 [21250] dbg: diag: [...] module installed: Compress::Zlib, version 2.074 Nov 13 12:44:38.209 [21250] dbg: diag: [...] module installed: Mail::DKIM, version 0.4 Nov 13 12:44:38.209 [21250] dbg: diag: [...] module installed: DBI, version 1.636 Nov 13 12:44:38.210 [21250] dbg: diag: [...] module installed: Getopt::Long, version 2.49 Nov 13 12:44:38.210 [21250] dbg: diag: [...] module installed: LWP::UserAgent, version 6.23 Nov 13 12:44:38.210 [21250] dbg: diag: [...] module installed: HTTP::Date, version 6.02 Nov 13 12:44:38.210 [21250] dbg: diag: [...] module installed: Encode::Detect::Detector, version 1.01 Nov 13 12:44:38.211 [21250] dbg: diag: [...] module installed: Net::Patricia, version 1.22 Nov 13 12:44:38.211 [21250] dbg: diag: [...] module installed: Net::DNS::Nameserver, version 1537 Nov 13 12:44:38.220 [21250] dbg: util: secure_tmpfile created a temporary file /tmp/.spamassassin212505mRIBjtmp Nov 13 12:44:38.221 [21250] dbg: channel: attempting channel sought.rules.yerp.org Nov 13 12:44:38.221 [21250] dbg: channel: using existing directory /var/lib/spamassassin/3.004001/sought_rules_yerp_org Nov 13 12:44:38.222 [21250] dbg: channel: channel cf file /var/lib/spamassassin/3.004001/sought_rules_yerp_org.cf Nov 13 12:44:38.222 [21250] dbg: channel: channel pre file /var/lib/spamassassin/3.004001/sought_rules_yerp_org.pre Nov 13 12:44:38.226 [21250] dbg: channel: metadata version = 3402014020421, from file /var/lib/spamassassin/3.004001/sought_rules_yerp_org.cf Nov 13 12:44:38.386 [21250] dbg: dns: 1.4.3.sought.rules.yerp.org => 3402014020421, parsed as 3402014020421 Nov 13 12:44:38.386 [21250] dbg: channel: current version is 3402014020421, new version is 3402014020421, skipping channel Nov 13 12:44:38.387 [21250] dbg: channel: attempting channel updates.spamassassin.org Nov 13 12:44:38.387 [21250] dbg: channel: using existing directory /var/lib/spamassassin/3.004001/updates_spamassassin_org Nov 13 12:44:38.388 [21250] dbg: channel: channel cf file /var/lib/spamassassin/3.004001/updates_spamassassin_org.cf Nov 13 12:44:38.388 [21250] dbg: channel: channel pre file /var/lib/spamassassin/3.004001/updates_spamassassin_org.pre Nov 13 12:44:38.392 [21250] dbg: chan
listed by xbl [Was: SPF check though external relay]
~$ rblcheck 81.17.24.158 81.17.24.158 not listed by sbl.spamhaus.org 81.17.24.158 listed by xbl.spamhaus.org 81.17.24.158 not listed by pbl.spamhaus.org 81.17.24.158 not listed by bl.spamcop.net 81.17.24.158 not listed by psbl.surriel.com 81.17.24.158 not listed by dul.dnsbl.sorbs.net [I wanted to react privately, but soemthing about your address told me it would go to /dev/null if I did.] -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet, fetch the TXT record for the domain.
Re: DNS issues
> Reindl Harald kirjoitti 14.11.2017 kello 20.35: > > > > Am 14.11.2017 um 19:26 schrieb Jari Fredriksson: >>> Bill Cole kirjoitti 14.11.2017 >>> kello 20.20: >>> >>> dns_server >> Thanks! There may be stupid questions after all, but luckily there are also >> insightful answers! > > WTF - i pointed that out in my first response and then you have no better to > do than calling "chattr +i" on /etc/resolv.conf kludge while everybody but > you konws that: https://www.google.com/search?q=dhclient+chattr > > Weitergeleitete Nachricht > Betreff: Re: DNS issues > Datum: Tue, 14 Nov 2017 14:30:07 +0100 > Von: Reindl Harald > An: Jari Fredriksson , users@spamassassin.apache.org > > > Where does SA take its DNS resolver? > > http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html > > dns_server ip-addr-port (default: entries provided by Net::DNS) > Yes, sorry about that… No excuses. I failed today, but after all everything seems bright now. I’m glad I asked. signature.asc Description: Message signed with OpenPGP
Re: DNS issues
> Bill Cole kirjoitti 14.11.2017 > kello 20.20: > > dns_server Thanks! There may be stupid questions after all, but luckily there are also insightful answers! br. jarif signature.asc Description: Message signed with OpenPGP
Re: DNS issues
On 14 Nov 2017, at 13:08, Jari Fredriksson wrote: > The problem is that SpamAssassin seems to irrational. My original question > was and is: where does it get it’s resolver? RTFM. $ perldoc Mail::SpamAssassin::Conf [...] dns_server ip-addr-port (default: entries provided by Net::DNS) Specifies an IP address of a DNS server, and optionally its port number. The dns_server directive may be specified multiple times, each entry adding to a list of available resolving name servers. The ip-addr-port argument can either be an IPv4 or IPv6 address, optionally enclosed in brackets, and optionally followed by a colon and a port number. In absence of a port number a standard port number 53 is assumed. When an IPv6 address is specified along with a port number, the address must be enclosed in brackets to avoid parsing ambiguity regarding a colon separator. A scoped link-local IP address is allowed (assuming underlying modules allow it). Examples : dns_server 127.0.0.1 dns_server 127.0.0.1:53 dns_server [127.0.0.1]:53 dns_server [::1]:53 dns_server fe80::1%lo0 dns_server [fe80::1%lo0]:53 In absence of dns_server directives, the list of name servers is provided by Net::DNS module, which typically obtains the list from /etc/resolv.conf, but this may be platform dependent. Please consult the Net::DNS::Resolver documentation for details. signature.asc Description: OpenPGP digital signature
Re: DNS issues
> Jari Fredriksson kirjoitti 14.11.2017 kello 19.59: > > > >> Reindl Harald kirjoitti 14.11.2017 kello 19.24: >> >> >> >> Am 14.11.2017 um 17:46 schrieb Jari Fredriksson: Jari Fredriksson kirjoitti 14.11.2017 kello 18.42: > Reindl Harald kirjoitti 14.11.2017 kello 15.30: > > > > Am 14.11.2017 um 07:11 schrieb Jari Fredriksson: >> I have a couple of issues with my LAN /w SpamAssassin, >> 1. Wrong resolved used >> Nov 14 07:51:51 whirlwind spamd[4041]: spamd: connection from >> gamecock.fredriksson.dy.fi [192.168.1.123]:59338 to port 783, fd 5 >> Nov 14 07:51:51 whirlwind spamd[4041]: spamd: processing message >> <20171114055150.15886142...@mail.bitwell.biz> for spam:1001 >> Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: >> Connection refused, failing over to [127.0.0.1]:53 >> Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 >> failed: Connection refused, failing over to [::1]:53 >> $ cat /etc/resolv.conf >> jarif@whirlwind:~$ cat /etc/resolv.conf >> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by >> resolvconf(8) >> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN >> # 127.0.0.53 is the systemd-resolved stub resolver. >> # run "systemd-resolve --status" to see details about the actual >> nameservers. >> nameserver 127.0.0.53 >> search fredriksson.dy.fi > > horrible idea on a server to begin with It is actually a dual boot Ubuntu / Windows 10 workstation. Acts as an additional spamd when on Linux mode. >> >> spam-detection after the MX which can't reject is worthless but taht's a >> different topic > > My MX can (bitwell.(fi|biz)) using postcreen, clams-milter and > spamass-milter). ja...@iki.fiis a bit problematic as the mail comes to me > from a iki.fi forwarding service which I joined some 1995. The purpose of > that service is to offer an ever valid email-address that will be forwarded > to whichever the real mailbox happens to be. It’s a bit outdated concept > these days, but there it is). My MX rejects those still but not by postscreen. > > I think my postscreen setup was made specifically after YOUR advice. If that > is so, then thank You. It works like charm. > > br. jarif > > >> >>> .. and 127.0.0.53 is the NetworkDamager and it’s companion DNSMasq. I hate >>> those, but will not once again remove them just the get them back as I >>> upgrade that Ubuntu >> >> than Ubuntu is crap but why don't you do your homework then learn how to >> prevent it touching /etc/resolv.conf or just protect the file with "chattr >> +i /etc/resolv.conf”? > > If I wanted that I could do it. If I find out that dnsmasq does not honor > dhcp then I will. Give him a sack. > >> >> [root@srv-rhsoft:~]$ touch /etc/resolv.conf >> touch: setting times of '/etc/resolv.conf': Operation not permitted >> >> [root@srv-rhsoft:~]$ chattr -i /etc/resolv.conf >> >> [root@srv-rhsoft:~]$ touch /etc/resolv.conf >> >> [root@srv-rhsoft:~]$ chattr +i /etc/resolv.conf >> >> [root@srv-rhsoft:~]$ touch /etc/resolv.conf >> touch: setting times of '/etc/resolv.conf': Operation not permitted > > Kludge. I know with 100% certainty that dnsmasq does honor the DHCP. If that would be else, I could not access my LAN servers at all, I could not watch TV from TV server with VDR DVB streams. But I can. The problem is that SpamAssassin seems to irrational. My original question was and is: where does it get it’s resolver? signature.asc Description: Message signed with OpenPGP
Re: DNS issues
> Reindl Harald kirjoitti 14.11.2017 kello 19.24: > > > > Am 14.11.2017 um 17:46 schrieb Jari Fredriksson: >>> Jari Fredriksson kirjoitti 14.11.2017 kello 18.42: >>> >>> >>> Reindl Harald kirjoitti 14.11.2017 kello 15.30: Am 14.11.2017 um 07:11 schrieb Jari Fredriksson: > I have a couple of issues with my LAN /w SpamAssassin, > 1. Wrong resolved used > Nov 14 07:51:51 whirlwind spamd[4041]: spamd: connection from > gamecock.fredriksson.dy.fi [192.168.1.123]:59338 to port 783, fd 5 > Nov 14 07:51:51 whirlwind spamd[4041]: spamd: processing message > <20171114055150.15886142...@mail.bitwell.biz> for spam:1001 > Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: > Connection refused, failing over to [127.0.0.1]:53 > Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 > failed: Connection refused, failing over to [::1]:53 > $ cat /etc/resolv.conf > jarif@whirlwind:~$ cat /etc/resolv.conf > # Dynamic resolv.conf(5) file for glibc resolver(3) generated by > resolvconf(8) > # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN > # 127.0.0.53 is the systemd-resolved stub resolver. > # run "systemd-resolve --status" to see details about the actual > nameservers. > nameserver 127.0.0.53 > search fredriksson.dy.fi horrible idea on a server to begin with >>> >>> It is actually a dual boot Ubuntu / Windows 10 workstation. Acts as an >>> additional spamd when on Linux mode. > > spam-detection after the MX which can't reject is worthless but taht's a > different topic My MX can (bitwell.(fi|biz)) using postcreen, clams-milter and spamass-milter). ja...@iki.fi is a bit problematic as the mail comes to me from a iki.fi forwarding service which I joined some 1995. The purpose of that service is to offer an ever valid email-address that will be forwarded to whichever the real mailbox happens to be. It’s a bit outdated concept these days, but there it is). My MX rejects those still but not by postscreen. I think my postscreen setup was made specifically after YOUR advice. If that is so, then thank You. It works like charm. br. jarif > >> .. and 127.0.0.53 is the NetworkDamager and it’s companion DNSMasq. I hate >> those, but will not once again remove them just the get them back as I >> upgrade that Ubuntu > > than Ubuntu is crap but why don't you do your homework then learn how to > prevent it touching /etc/resolv.conf or just protect the file with "chattr +i > /etc/resolv.conf”? If I wanted that I could do it. If I find out that dnsmasq does not honor dhcp then I will. Give him a sack. > > [root@srv-rhsoft:~]$ touch /etc/resolv.conf > touch: setting times of '/etc/resolv.conf': Operation not permitted > > [root@srv-rhsoft:~]$ chattr -i /etc/resolv.conf > > [root@srv-rhsoft:~]$ touch /etc/resolv.conf > > [root@srv-rhsoft:~]$ chattr +i /etc/resolv.conf > > [root@srv-rhsoft:~]$ touch /etc/resolv.conf > touch: setting times of '/etc/resolv.conf': Operation not permitted Kludge. signature.asc Description: Message signed with OpenPGP
Re: DNS issues
> Jari Fredriksson kirjoitti 14.11.2017 kello 18.42: > > > >> Reindl Harald kirjoitti 14.11.2017 kello 15.30: >> >> >> >> Am 14.11.2017 um 07:11 schrieb Jari Fredriksson: >>> I have a couple of issues with my LAN /w SpamAssassin, >>> 1. Wrong resolved used >>> Nov 14 07:51:51 whirlwind spamd[4041]: spamd: connection from >>> gamecock.fredriksson.dy.fi [192.168.1.123]:59338 to port 783, fd 5 >>> Nov 14 07:51:51 whirlwind spamd[4041]: spamd: processing message >>> <20171114055150.15886142...@mail.bitwell.biz> for spam:1001 >>> Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: >>> Connection refused, failing over to [127.0.0.1]:53 >>> Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 >>> failed: Connection refused, failing over to [::1]:53 >>> $ cat /etc/resolv.conf >>> jarif@whirlwind:~$ cat /etc/resolv.conf >>> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by >>> resolvconf(8) >>> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN >>> # 127.0.0.53 is the systemd-resolved stub resolver. >>> # run "systemd-resolve --status" to see details about the actual >>> nameservers. >>> nameserver 127.0.0.53 >>> search fredriksson.dy.fi >> >> horrible idea on a server to begin with > > It is actually a dual boot Ubuntu / Windows 10 workstation. Acts as an > additional spamd when on Linux mode. .. and 127.0.0.53 is the NetworkDamager and it’s companion DNSMasq. I hate those, but will not once again remove them just the get them back as I upgrade that Ubuntu… But they should honor the dhcp setting I have prepared for them, and the URIBL_BLOCKED samples I have seen are NOT from this specific box but from specific Debian server instances in my LAN specialised to be spamd and clamd. br. jarif > > > > >> >>> Where does SA take its DNS resolver? >> >> http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html >> >> dns_server ip-addr-port (default: entries provided by Net::DNS) >> >>> 2. URIBL BLOCKED >>> I have two kinds of resolvers for my LAN. >>> - non forwarding caching name servers x 3 - these are meant to be by >>> SpamAssassin and servers >>> - forwarding caching and filtering (PiHole) name servers x 2 - these are >>> meant to be used by desktop PC’s, cellphones and laptops >> >> do youself a favor and just setup a dedicated unbound which does recursion >> out of the box on the machine running the inbound mailserver >> >> > > I have 3 dedicated bind9 for that. None of them run on mail server though, > but on same LAN. > > br. jarif signature.asc Description: Message signed with OpenPGP
Re: DNS issues
> Reindl Harald kirjoitti 14.11.2017 kello 15.30: > > > > Am 14.11.2017 um 07:11 schrieb Jari Fredriksson: >> I have a couple of issues with my LAN /w SpamAssassin, >> 1. Wrong resolved used >> Nov 14 07:51:51 whirlwind spamd[4041]: spamd: connection from >> gamecock.fredriksson.dy.fi [192.168.1.123]:59338 to port 783, fd 5 >> Nov 14 07:51:51 whirlwind spamd[4041]: spamd: processing message >> <20171114055150.15886142...@mail.bitwell.biz> for spam:1001 >> Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: >> Connection refused, failing over to [127.0.0.1]:53 >> Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 >> failed: Connection refused, failing over to [::1]:53 >> $ cat /etc/resolv.conf >> jarif@whirlwind:~$ cat /etc/resolv.conf >> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by >> resolvconf(8) >> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN >> # 127.0.0.53 is the systemd-resolved stub resolver. >> # run "systemd-resolve --status" to see details about the actual nameservers. >> nameserver 127.0.0.53 >> search fredriksson.dy.fi > > horrible idea on a server to begin with It is actually a dual boot Ubuntu / Windows 10 workstation. Acts as an additional spamd when on Linux mode. > >> Where does SA take its DNS resolver? > > http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html > > dns_server ip-addr-port (default: entries provided by Net::DNS) > >> 2. URIBL BLOCKED >> I have two kinds of resolvers for my LAN. >> - non forwarding caching name servers x 3 - these are meant to be by >> SpamAssassin and servers >> - forwarding caching and filtering (PiHole) name servers x 2 - these are >> meant to be used by desktop PC’s, cellphones and laptops > > do youself a favor and just setup a dedicated unbound which does recursion > out of the box on the machine running the inbound mailserver > > I have 3 dedicated bind9 for that. None of them run on mail server though, but on same LAN. br. jarif signature.asc Description: Message signed with OpenPGP
DNS issues
I have a couple of issues with my LAN /w SpamAssassin, 1. Wrong resolved used Nov 14 07:51:51 whirlwind spamd[4041]: spamd: connection from gamecock.fredriksson.dy.fi [192.168.1.123]:59338 to port 783, fd 5 Nov 14 07:51:51 whirlwind spamd[4041]: spamd: processing message <20171114055150.15886142...@mail.bitwell.biz> for spam:1001 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: sendto() to [::1]:53 failed: Connection refused, failing over to [127.0.0.1]:53 Nov 14 07:51:51 whirlwind spamd[4041]: dns: bad dns reply: corrupt wire-format data at /usr/share/perl5/Net/DNS/Packet.pm line 118, line 63. Nov 14 07:51:53 whirlwind spamd[4041]: dns: sendto() to [127.0.0.1]:53 failed: Connection refused, failing over to [::1]:53 Nov 14 07:51:53 whirlwind spamd[4041]: dns: bad dns reply: corrupt wire-format data at /usr/share/perl5/Net/DNS/Packet.pm line 118, line 147. $ cat /etc/resolv.conf jarif@whirlwind:~$ cat /etc/resolv.conf # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # 127.0.0.53 is the systemd-resolved stub resolver. # run "systemd-resolve --status" to see details about the actual nameservers. nameserver 127.0.0.53 search fredriksson.dy.fi Where does SA take its DNS resolver? 2. URIBL BLOCKED I have two kinds of resolvers for my LAN. - non forwarding caching name servers x 3 - these are meant to be by SpamAssassin and servers - forwarding caching and filtering (PiHole) name servers x 2 - these are meant to be used by desktop PC’s, cellphones and laptops Now I get Administrative warnings on SpamAssassin resport about URIBL_BLOCK. The Dhcp tells the SpamAssassin boxes to use only the non-forwarding resolvers, but apparently there is something not working here now. Where does SA take its DNS resolver? br. jarif signature.asc Description: Message signed with OpenPGP