Childish actions of Harald Reindl

[Ryan Coleman]

Sigh. 

Some people are always going to be children 

Can we please have him removed from the mailing list so that every time I send 
a reply to the list they are not immediately bounced back to me by his server?

> Begin forwarded message:
> 
> From: mailer-dae...@services.d3photography.com (Mail Delivery System)
> Subject: Undelivered Mail Returned to Sender
> Date: August 4, 2016 at 4:42:35 PM CDT
> To: ryan.cole...@cwis.biz
> 
> This is the mail system at host services.d3photography.com.
> 
> I'm sorry to have to inform you that your message could not
> be delivered to one or more recipients. It's attached below.
> 
> For further assistance, please send mail to postmaster.
> 
> If you do so, please include this problem report. You can
> delete your own text from the attached returned message.
> 
>   The mail system
> 
> <h.rei...@thelounge.net>: host mail-gw.thelounge.net[91.118.73.19] said: 554
>5.7.1 <ryan.cole...@cwis.biz>: Sender address rejected: Creep Away - You
>are asking to not get off-list mails so just do not start them at your own
>if you can not stand the response, please forward this to YOUR tech-support
>first, time: Aug 04 23:42:18, client: 50.93.253.222, server:
>mail-gw.thelounge.net, contact: <postmas...@thelounge.net> +4315953999 (in
>reply to RCPT TO command)
> Reporting-MTA: dns; services.d3photography.com
> X-Postfix-Queue-ID: 094D3402D0
> X-Postfix-Sender: rfc822; ryan.cole...@cwis.biz
> Arrival-Date: Thu,  4 Aug 2016 16:41:59 -0500 (CDT)
> 
> Final-Recipient: rfc822; h.rei...@thelounge.net
> Action: failed
> Status: 5.7.1
> Remote-MTA: dns; mail-gw.thelounge.net
> Diagnostic-Code: smtp; 554 5.7.1 <ryan.cole...@cwis.biz>: Sender address
>rejected: Creep Away - You are asking to not get off-list mails so just do
>not start them at your own if you can not stand the response, please
>forward this to YOUR tech-support first, time: Aug 04 23:42:18, client:
>50.93.253.222, server: mail-gw.thelounge.net, contact:
><postmas...@thelounge.net> +4315953999
> 
> From: Reindl Harald <h.rei...@thelounge.net>
> Subject: Auto-Forwarder -> Reject from now on
> Date: August 4, 2016 at 4:40:22 PM CDT
> To: ryan.cole...@cwis.biz
> Resent-From: Ryan Coleman <ryan.cole...@cwis.biz>
> Resent-To: Reindl Harald <h.rei...@thelounge.net>
> 
> 
> 
> --Pj59V6CtWjUrMHf0gdcMp85rN8LMrnoxQ
> Content-Type: multipart/mixed;
>   boundary=j9P2bmcUmBPG16hQ1EcWPOsUpvqshjG8V
> 
> 
> --j9P2bmcUmBPG16hQ1EcWPOsUpvqshjG8V
> Content-Transfer-Encoding: quoted-printable
> Content-Type: text/plain;
>   charset=utf-8;
>   format=flowed
> 
> STOP THAT BULLSHIT - NOBODY IS TALKING TO YOU BUT YOU ARE SPAMMING
> 
> /etc/postfix/blacklist_sender_regex.cf:
> /^ryan\.coleman@cwis\.biz$/ REJECT Creep Away - You are asking to not=20
> get off-list mails so just do not start them at your own if you can not=20
> stand the response
> 
>  Weitergeleitete Nachricht 
> Betreff: Re: why is this maillist here marked as
> Weitersenden-Datum: Thu, 4 Aug 2016 16:01:49 -0500
> Weitersenden-Von: Ryan Coleman <ryan.cole...@cwis.biz>
> Weitersenden-An: Reindl Harald <h.rei...@thelounge.net>
> Datum: Thu, 4 Aug 2016 23:00:47 +0200
> Von: Reindl Harald <h.rei...@thelounge.net>
> An: users@spamassassin.apache.org
> 
> Am 04.08.2016 um 22:37 schrieb Benny Pedersen:
>> precedence bulk ?
>> 
>> it should imho really be precedence list
> 
> because it don't matter and the main point of that header is to supress=3D=
> 20
> autoresponders answering to list mail which works fine with both
> 
> 
> --j9P2bmcUmBPG16hQ1EcWPOsUpvqshjG8V--
> 
> --Pj59V6CtWjUrMHf0gdcMp85rN8LMrnoxQ
> Content-Disposition: attachment;
>   filename=signature.asc
> Content-Type: application/pgp-signature;
>   name=signature.asc
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2
> 
> iEYEARECAAYFAlejtkYACgkQhmBjz394AnkwNQCfd1AQ4K2Yo+bMMG2AiJhwve+E
> J20AnA6CYu+Pk++qYA4etAtbtLXZUu6K
> =pPaD
> -END PGP SIGNATURE-
> 
> --Pj59V6CtWjUrMHf0gdcMp85rN8LMrnoxQ--
> 
> 
> Begin forwarded message:
> 
> From: mailer-dae...@services.d3photography.com (Mail Delivery System)
> Subject: Undelivered Mail Returned to Sender
> Date: August 4, 2016 at 4:42:34 PM CDT
> To: ryan.cole...@cwis.biz
> 
> This is the mail system at host services.d3photography.com.
> 
> I'm sorry to have to inform you that your message could not
> be delivered to one or more recipients. It's attached below.
> 
> For further assistance, please send mail to postmaster.
> 
> If you

Re: detect if html attachment without plugin

[Ryan Coleman]

There is no reason whatsoever to attack list users in this manner.

None. If they’re annoying you then ignore them.


> On Aug 4, 2016, at 11:41 AM, Reindl Harald <h.rei...@thelounge.net> wrote:
> 
> Am 04.08.2016 um 18:38 schrieb Ryan Coleman:
>>> On Aug 4, 2016, at 9:04 AM, Reindl Harald <h.rei...@thelounge.net> wrote:
>>> 
>>> may is suggest that you sue your drug dealer and leave us in peace until 
>>> you found a better one - and no - that is not an attack, i just try to find 
>>> a logical reason for what you are posting all the time
>> 
>> DUDE. STOP
> 
> *you* are the one who has to instantaneously stop quote without context!
> 

Re: detect if html attachment without plugin

[Ryan Coleman]

> On Aug 4, 2016, at 9:04 AM, Reindl Harald  wrote:
> 
> may is suggest that you sue your drug dealer and leave us in peace until you 
> found a better one - and no - that is not an attack, i just try to find a 
> logical reason for what you are posting all the time
> 



DUDE. STOP.

Re: Paragraph Length Limit (new rule)

[Ryan Coleman]

> On Aug 3, 2016, at 4:37 PM, John Hardin <jhar...@impsec.org> wrote:
> 
> On Wed, 3 Aug 2016, Ryan Coleman wrote:
> 
>> So your script dings my websites because I use .php as an extension without 
>> doing SEO?
>> 
>> That seems really silly. Many websites use internal pages without SEO 
>> because of the royal PITB they can be to program all the little variables. 
>> For crying out loud most unsubscribe links are scripts with variables!
> 
> Ruga doesn't say whether or not that is in combination with the 
> excessively-long paragraph hit.
> 

Fair enough… You are correct on that count.

>>> On Aug 3, 2016, at 4:07 PM, Ruga <r...@protonmail.com> wrote:
>>> 
>>> An additional rule scores 1.0 for any uri to a php page,

Re: Paragraph Length Limit (new rule)

[Ryan Coleman]

So your script dings my websites because I use .php as an extension without 
doing SEO?

That seems really silly. Many websites use internal pages without SEO because 
of the royal PITB they can be to program all the little variables. For crying 
out loud most unsubscribe links are scripts with variables!



> On Aug 3, 2016, at 4:07 PM, Ruga  wrote:
> 
> An additional rule scores 1.0 for any uri to a php page, 

Re: Paragraph Length Limit (new rule)

[Ryan Coleman]

Keep in mind we do not know that. It is better to not reply and wait a few 
hours than get Reindl worked up. :)


> On Aug 3, 2016, at 5:55 AM, Ruga  wrote:
> 
> I am AWAY for my office. 
> Real spam truly unnecessary. 
> 
> Sent from ProtonMail Mobile
> 
> 
> On Wed, Aug 3, 2016 at 12:51 PM, Reindl Harald <'h.rei...@thelounge.net'> 
> wrote:
>> 
>> Am 03.08.2016 um 12:49 schrieb Ruga: 
>> > echo "$( cat /dev/urandom | env LC_CTYPE=C tr -dc 'a-zA-Z0-9' | fold 
>> > -w 999 | head -n 1 )" >example.txt 
>> > 
>> > spamassassin -t -D B_LLL.rule > 
>> you where asked for a real *mail* example instead some generic stuff 
>> 
>> > On Wed, Aug 3, 2016 at 12:15 PM, Axb <'axb.li...@gmail.com'> wrote 
>> >> please pastebin a sample msg 
>> 

Re: Is greylisting effective? (was Re: Using Postfix and Postgrey - not scanning after hold)

[Ryan Coleman]

> On Aug 1, 2016, at 10:15 AM, Benny Pedersen  wrote:
> 
>>> 
>>> i bet greylist is cough invalid mailservers at the doorstep, it could be 
>>> that postscreen is bad aswell ?
>> Sure, if by “invalid” you mean Amazon, most banks, several airlines,
>> large mail services, and many many others.
> 
> basicly badly marketing
> 
>> Nearly any company with multiple mail servers will send mail from any
>> of their servers, and may retry from a different server than the
>> initial attempt, thus resetting the greylist.
> 
> marketing trys to fuck how smtp works have always being a fail with greylist


What on earth are you trying to say here? Because after my 20 years in the 
industry I haven’t a clue what you’re saying.

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

Robert,

As I tried to point out you are at the end of a thread injecting new “life” 
into it, which isn’t benefitting the group discussion of an issue.

Thank you,
Ryan

> On Jul 29, 2016, at 3:39 PM, Robert Schetterer  wrote:
> 
> Am 29.07.2016 um 22:22 schrieb Dianne Skoll:
>> On Fri, 29 Jul 2016 22:21:04 +0200
>> Robert Schetterer > wrote:
>> 
>>> now compare with pure postscreen
>> 
>> I don't use postfix or postscreen.  
> 
> hm.. that does not fit the subject..why did you involved yourself ?

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

Apparently you missed the rest of the thread as it was bypassing the scanning 
the SA would do.

But you’re jumping in 11 days (and 42 messages) after the thread started.


> On Jul 29, 2016, at 1:28 PM, Robert Schetterer  wrote:
> 
> the subject Using Postfix and Postgrey - not scanning after hold
> does not match spamassassin list theme
> 
> however no need to flame in any case

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

Greylisting was the hangup. For whatever reason other settings changes were 
being ignored as long as postgrey was in the mix. I removed postgrey and the 
RBSL configuration I did a few months ago finally started to work. So there was 
likely something else at play but regardless - I removed Postgrey and my email 
started getting filtered properly.


A couple things to keep in mind: 1) I personally get 50-150 pieces of spam *per 
hour*. As the owner of a business it’s common to have your public email address 
getting slammed.
2) I have spam sorted by ManageSieve so that it’s organized and processed to 
limit the employee’s exposure. Eventually all spam over a certain score will be 
discarded, but not now.
3) I have, when I’m lucky, a few hours a week to devote to server operation and 
health. Plenty of time to check the dailies and apply updates and do a reboot; 
but when you have to focus on a server configuration problem that sucks. And it 
takes a while to clear out the garbage data from the real stuff.

Now I get 10 emails a day that slip through the scanners instead of 300/day. 

I call that a win. This is a dedicated VM for email - if it takes more and more 
CPU cycles c'est la vie. That’s a small price to pay. My MySQL server has more 
issues than my mail server for resources — a fix that was delayed for months 
because of the email issue.

—
Ryan


> On Jul 29, 2016, at 10:20 AM, sha...@shanew.net wrote:
> 
> On the off chance that your decision to turn off greylisting was
> related to Matus Uhlar's message that concludes with:
> "if you run SA, there's no point in running greylisting anymore."
> 
> That could be interpreted to read "if you run SA at all, there's no
> need for greylisting at all", but I don't think that's what he meant.
> I think the correct interpretation (at least the one that makes sense
> to me) is "during processing of mail, it makes no sense to run
> greylisting after SA does its thing".
> 
> I would generalize that even more to say that greylisting should come
> before any other content-based filtering (virus scanners, defanging,
> etc.).
> 
> On the other hand, you may have disabled greylisting because you're
> tired of futzing with it and just want your mail to work right again,
> in which case, nevermind.
> 
> 
> 
> On Thu, 28 Jul 2016, Ryan Coleman wrote:
> 
>> Doesn’t matter. I killed it. It’s gone.
>> 
>> I have eliminated postgrey from the installation and things are back to 
>> “normal”
>> 
>>> On Jul 28, 2016, at 12:53 PM, Bill Cole 
>>> <sausers-20150...@billmail.scconsult.com> wrote:
>>> 
>>> On 19 Jul 2016, at 15:50, Ryan Coleman wrote:
>>> 
>>>> strange... how do you run spamassassin from postfix?
>>>> 
>>>> 
>>>> In master.cf like everyone else…
>>> 
>>> Um, not so much...
>>> 
>>>> smtp  inet  n   -   -   -   -   smtpd
>>>> -o content_filter=spamassassin
>>> [...]
>>>> spamassassin unix - n   n   -   -   pipe
>>>> user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} 
>>>> ${recipient}
>>> 
>>> FWIW, that's probably roughly the 5th most common way to integrate Postfix 
>>> and SpamAssassin. I'd guess that amavisd-new as a before-queue filter is 
>>> 1st, followed by amavisd-new as an after-queue filter, spamass-milter, and 
>>> MIMEDefang (also a milter). There are pros and cons for every approach but 
>>> a 'pipe' content_filter using spamc's '-e' option probably has the fewest 
>>> "pros" and has the problems described at 
>>> https://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix. Also, you 
>>> probably want 'flags=Rq' in the pipe arguments and there is no '-f' 
>>> argument documented for spamc, so that should probably go unless you know 
>>> something the spamc man page doesn't...
>>> 
>>> A possible cause of your trouble could be spamc not knowing the correct way 
>>> to talk to spamd. In that case, the '-e' option causes spamc to bypass 
>>> spamd and just pipe its input to the given command, exiting with a 
>>> successful return code unless that command fails. This seems to match what 
>>> you're describing.
>> 
>> 
> 
> -- 
> Public key #7BBC68D9 at| Shane Williams
> http://pgp.mit.edu/|  System Admin - UT CompSci
> =--+---
> All syllogisms contain three lines |  sha...@shanew.net
> Therefore this is not a syllogism  | www.ischool.utexas.edu/~shanew

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

No, asshole. I fixed it by removing postgrey from the equation.


> On Jul 28, 2016, at 2:49 PM, Reindl Harald <h.rei...@thelounge.net> wrote:
> 
> 
> 
> Am 28.07.2016 um 21:36 schrieb Ryan Coleman:
>> Doesn’t matter. I killed it. It’s gone.
>> 
>> I have eliminated postgrey from the installation and things are back to 
>> “normal”
> 
> in other words you burried a problem by remove something instead fix the 
> reason while on every sane setup greylisting comes long before any content 
> scanner
> 
>>> On Jul 28, 2016, at 12:53 PM, Bill Cole 
>>> <sausers-20150...@billmail.scconsult.com> wrote:
>>> 
>>> On 19 Jul 2016, at 15:50, Ryan Coleman wrote:
>>> 
>>>> strange... how do you run spamassassin from postfix?
>>>> 
>>>> 
>>>> In master.cf like everyone else…
>>> 
>>> Um, not so much...
>>> 
>>>> smtp  inet  n   -   -   -   -   smtpd
>>>> -o content_filter=spamassassin
>>> [...]
>>>> spamassassin unix - n   n   -   -   pipe
>>>> user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} 
>>>> ${recipient}
>>> 
>>> FWIW, that's probably roughly the 5th most common way to integrate Postfix 
>>> and SpamAssassin. I'd guess that amavisd-new as a before-queue filter is 
>>> 1st, followed by amavisd-new as an after-queue filter, spamass-milter, and 
>>> MIMEDefang (also a milter). There are pros and cons for every approach but 
>>> a 'pipe' content_filter using spamc's '-e' option probably has the fewest 
>>> "pros" and has the problems described at 
>>> https://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix. Also, you 
>>> probably want 'flags=Rq' in the pipe arguments and there is no '-f' 
>>> argument documented for spamc, so that should probably go unless you know 
>>> something the spamc man page doesn't...
>>> 
>>> A possible cause of your trouble could be spamc not knowing the correct way 
>>> to talk to spamd. In that case, the '-e' option causes spamc to bypass 
>>> spamd and just pipe its input to the given command, exiting with a 
>>> successful return code unless that command fails. This seems to match what 
>>> you're describing.
> 
> 

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

Doesn’t matter. I killed it. It’s gone. 

I have eliminated postgrey from the installation and things are back to “normal”

> On Jul 28, 2016, at 12:53 PM, Bill Cole 
> <sausers-20150...@billmail.scconsult.com> wrote:
> 
> On 19 Jul 2016, at 15:50, Ryan Coleman wrote:
> 
>> strange... how do you run spamassassin from postfix?
>> 
>> 
>> In master.cf like everyone else…
> 
> Um, not so much...
> 
>> smtp  inet  n   -   -   -   -   smtpd
>>  -o content_filter=spamassassin
> [...]
>> spamassassin unix - n   n   -   -   pipe
>>  user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} 
>> ${recipient}
> 
> FWIW, that's probably roughly the 5th most common way to integrate Postfix 
> and SpamAssassin. I'd guess that amavisd-new as a before-queue filter is 1st, 
> followed by amavisd-new as an after-queue filter, spamass-milter, and 
> MIMEDefang (also a milter). There are pros and cons for every approach but a 
> 'pipe' content_filter using spamc's '-e' option probably has the fewest 
> "pros" and has the problems described at 
> https://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix. Also, you 
> probably want 'flags=Rq' in the pipe arguments and there is no '-f' argument 
> documented for spamc, so that should probably go unless you know something 
> the spamc man page doesn't...
> 
> A possible cause of your trouble could be spamc not knowing the correct way 
> to talk to spamd. In that case, the '-e' option causes spamc to bypass spamd 
> and just pipe its input to the given command, exiting with a successful 
> return code unless that command fails. This seems to match what you're 
> describing.

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

Someone who has dealt with your attitude over in the MySQL mailing list and 
would like you to shut up.

Your opinion is laden with so much bullshit and pompous holier-than-thouness 
that I will not honor it.

Go away.

> On Jul 19, 2016, at 3:02 PM, Reindl Harald <h.rei...@thelounge.net> wrote:
> 
> 
> 
> Am 19.07.2016 um 21:54 schrieb Ryan Coleman:
>> Go away.
> 
> who the hell do you think you are?
> 
>>> On Jul 19, 2016, at 2:50 PM, Reindl Harald <h.rei...@thelounge.net
>>> <mailto:h.rei...@thelounge.net>> wrote:
>>> 
>>> maybe you should try to understand how the parts of your mailsystem
>>> are supposed to work together, then you don#t get responses trying to
>>> explain you why your supposed solution for a non existing problem is
>>> broken by design
> 

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

> On Jul 19, 2016, at 1:51 AM, Benny Pedersen <m...@junc.eu> wrote:
> 
> On 2016-07-19 06:44, Ryan Coleman wrote:
>> How do I get Spamassassin configured with Postfix to have the email
>> checked there FIRST before running it through Postgrey?
> 
> using postfix ?
> 
>> Or how do I get it to dump back into the queue after the hold time and
>> scan through SpamAssassin?
> 
> postgrey is check_policy_service with see no body content, is you using 
> mailscanner with postfix ?, if so dont do this, its unsupported with postfix, 
> tip use sendmail to mailscanner, and then use sendmail as a content_filter in 
> postfix is supported it just require sendmail to listen only on 127.0.0.2 !

Nope, not using mailscanner.


> and then follow guiden on how to run mailscanner with sendmail not postfix
> 
> here i just save all troubles by using spampd
> 
>> I’m watching all my log files and emails that are clearing PostGrey
>> are definitely not going to SpamAssassin next; and they never get
>> there in the first place because of Postgrey.
> 
> content scanning is more in deep scanning then postgrey, so 
> check_policy_service is cheaper then content_filter
> 
>> I have a theory that I can fix my massive spam issue (250-750
>> emails/day to my mailboxes alone) if I can get them switched or to
>> play together.
> 
> you miss to give more info on how you configured postfix
> 
> postconf -nf

root@mail:/etc/postfix# postconf -nf
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
inet_interfaces = all
mailbox_size_limit = 0
message_size_limit = 8192
mydestination = localhost
myhostname = myhost.mydomain.com
mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128 10.50.0.0/16
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
relayhost =
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_helo_required = yes
smtpd_recipient_restrictions = sleep 5,

permit_mynetworks,permit_sasl_authenticated,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_sender_domain,reject_unknown_recipient_domain,reject_unauth_destination,check_policy_service
inet:127.0.0.1:6
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/domain/domain_2015_multi.crt
smtpd_tls_key_file = /etc/ssl/domain/domain_2015.key
smtpd_use_tls = yes
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
root@mail:/etc/postfix# 



> postconf -Mf
smtp   inet  n   -   -   -   -   smtpd
-o content_filter=spamassassin
submission inet  n   -   -   -   -   smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup unix  n   -   -   60  1   pickup
cleanupunix  n   -   -   -   0   cleanup
qmgr   unix  n   -   n   300 1   qmgr
tlsmgr unix  -   -   -   1000?   1   tlsmgr
rewriteunix  -   -   -   -   -   trivial-rewrite
bounce unix  -   -   -   -   0   bounce
defer  unix  -   -   -   -   0   bounce
trace  unix  -   -   -   -   0   bounce
verify unix  -   -   -   -   1   verify
flush  unix  n   -   -   1000?   0   flush
proxymap   unix  -   -   n   -   -   proxymap
proxywrite unix  -   -   n   -   1   proxymap
smtp   unix  -   -   -   -   -   smtp
relay  unix  -   -   -   -   -   smtp
showq  unix  n   -   -   -   -   showq
error  unix  -   -   -   -   -   error
retry  unix  -   -   -   -   -   error
discardunix  -   -   -   -   -   discard
local  unix  -   n   n   -   -   local
virtualunix  -   n   n   -   -   virtual
lmtp   unix  -   -   -   -   -   lmtp
anvil  unix  -   -   -   -   1   anvil
scache unix  -   -   -   -   1   scache
maildrop   unix  -   n   n   -   -   pipe flags=DRhu
user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp   unix  -   n   n   

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

Go away.



> On Jul 19, 2016, at 2:50 PM, Reindl Harald  wrote:
> 
> maybe you should try to understand how the parts of your mailsystem are 
> supposed to work together, then you don#t get responses trying to explain you 
> why your supposed solution for a non existing problem is broken by design

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

> On Jul 19, 2016, at 2:20 AM, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
> 
> On 18.07.16 23:44, Ryan Coleman wrote:
>> How do I get Spamassassin configured with Postfix to have the email checked
>> there FIRST before running it through Postgrey?
> 
> you can not - postgrey as a policy service is always run before
> spamassassin, no matter how it's used.
> 
>> Or how do I get it to dump back into the queue after the hold time and scan
>> through SpamAssassin?
>> 
>> I’m watching all my log files and emails that are clearing PostGrey are
>> definitely not going to SpamAssassin next; and they never get there in the
>> first place because of Postgrey.
> 
> strange... how do you run spamassassin from postfix?

In master.cf like everyone else…


smtp  inet  n   -   -   -   -   smtpd
  -o content_filter=spamassassin
submission inet n   -   -   -   -   smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

pickupunix  n   -   -   60  1   pickup
cleanup   unix  n   -   -   -   0   cleanup
qmgr  unix  n   -   n   300 1   qmgr
tlsmgrunix  -   -   -   1000?   1   tlsmgr
rewrite   unix  -   -   -   -   -   trivial-rewrite
bounceunix  -   -   -   -   0   bounce
defer unix  -   -   -   -   0   bounce
trace unix  -   -   -   -   0   bounce
verifyunix  -   -   -   -   1   verify
flush unix  n   -   -   1000?   0   flush
proxymap  unix  -   -   n   -   -   proxymap
proxywrite unix -   -   n   -   1   proxymap
smtp  unix  -   -   -   -   -   smtp
relay unix  -   -   -   -   -   smtp
showq unix  n   -   -   -   -   showq
error unix  -   -   -   -   -   error
retry unix  -   -   -   -   -   error
discard   unix  -   -   -   -   -   discard
local unix  -   n   n   -   -   local
virtual   unix  -   n   n   -   -   virtual
lmtp  unix  -   -   -   -   -   lmtp
anvil unix  -   -   -   -   1   anvil
scacheunix  -   -   -   -   1   scache
maildrop  unix  -   n   n   -   -   pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp  unix  -   n   n   -   -   pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmailunix  -   n   n   -   -   pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix  -   n   n   -   -   pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix  -   n   n   -   2   pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} 
${user} ${extension}
mailman   unix  -   n   n   -   -   pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
spamassassin unix - n   n   -   -   pipe
  user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} 
${recipient}

How would you suggest I run it?


> 
>> I have a theory that I can fix my massive spam issue (250-750 emails/day to
>> my mailboxes alone) if I can get them switched or to play together.
> 
> they should play together, we should find out why they don't…

That’s what I’m hoping!

Re: Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

> On Jul 19, 2016, at 3:14 AM, Reindl Harald <h.rei...@thelounge.net> wrote:
> 
> 
> 
> Am 19.07.2016 um 06:44 schrieb Ryan Coleman:
>> How do I get Spamassassin configured with Postfix to have the email checked 
>> there FIRST before running it through Postgrey?
> 
> why would anyone wants to first run the most expensive filter using RBL/URIBL 
> and later greylist a message resulting in to have it scan a second time?

It doesn’t even scan the first time. But you didn’t even bother reading the 
email I wrote, did you?

Please do not reply to my emails - you’ve gone well past the edge of civility 
three times on me.  

Using Postfix and Postgrey - not scanning after hold

[Ryan Coleman]

How do I get Spamassassin configured with Postfix to have the email checked 
there FIRST before running it through Postgrey?

Or how do I get it to dump back into the queue after the hold time and scan 
through SpamAssassin?

I’m watching all my log files and emails that are clearing PostGrey are 
definitely not going to SpamAssassin next; and they never get there in the 
first place because of Postgrey.

I have a theory that I can fix my massive spam issue (250-750 emails/day to my 
mailboxes alone) if I can get them switched or to play together.

Thanks!

Re: Can I drop ****** SPAM ******** not send it on?

[Ryan Coleman]

Thanks to this header my server automatically filtered your email into my 
scanned spam folder.

Seems appropriate enough.

:)


> On Mar 7, 2016, at 12:05 PM, Reindl Harald  wrote:
> 
> 
> 
> Am 07.03.2016 um 19:01 schrieb Chalmers:
>> I see. Hmmm.
>> I have the system really screwed down tight, and understand how I can use 
>> the mail reading client to run a rule to divert such a message to a specific 
>> mailbox. I thought it may be possible to divert messages that do get marked 
>> as spam to be dumped.
>> I can't see how some get through but they do, and as they are always spam, 
>> I'm happy to dump them. I have the system set to just reject nearly 
>> everything suspicious at the gate, but 1 or 2 still sneak through, so I'm 
>> just trying to not even see them in the mailboxes at all.
>> I could put my configs up, but it's just clutter at this stage.
> 
> as i already posted spamass-milter has a reject-score different from the 
> tag-score to be sure what got rejected
> 
> if you don't care just write a sieve rule on the mailserver or use a proper 
> mailcient like Tunderbird which supports useable filters
> 
>>> On 7 Mar 2016, at 5:44 pm, RW  wrote:
>>> 
>>> On Sun, 6 Mar 2016 07:35:37 +
>>> rob...@chalmers.com.au wrote:
>>> 
 I'm trying to drop such messages, not have them still appear in my
 mailbox, but can't find a way? Any ideas?
>>> 
>>> Are you sure you really want to do this? IMO it's a really bad idea.
>>> 
>>> Rejecting or discarding very high-scoring spam is one-thing, but it's
>>> sensible to file the lower-scoring spam into a folder somewhere.
>>> 
>>> How to do any of this has nothing to do with SpamAssassin, so you need
>>> say what you are currently doing with you mail
> 

Re: Learning only on read emails?

[Ryan Coleman]

I figured out a way to get the spamd user to scan the spam folders. Definitely 
helping.

applying email in the inbox that have been read to the HAM is next on the list.


> On Oct 20, 2015, at 9:39 AM, RW <rwmailli...@googlemail.com> wrote:
> 
> On Tue, 20 Oct 2015 08:29:27 -0500
> Ryan Coleman wrote:
> 
>> 
>>> On Oct 20, 2015, at 8:21 AM, RW <rwmailli...@googlemail.com> wrote:
>>> 
>>> On Tue, 20 Oct 2015 15:14:42 +0300
>>> Jari Fredriksson wrote:
>>> 
>>>> On 10/20/2015 12:41 AM, Ryan Coleman wrote:
>>>>> Actually it makes absolute sense since I dump my spam into a
>>>>> folder to be scanned as spam and anything that is still in my
>>>>> inbox, and read, is indeed ham.
>>>>> 
>>>>> I just have to re-investigate the ./new and ./cur folders to make
>>>>> sure they will operate how I want. But if the email was delivered
>>>>> to my phone and it moves (but not read) then it?s not an option.
>>>> 
>>>> cur and new folders work as supposed when the IMAP server is
>>>> Courier, but NOT when you use Dovecot.
>>> 
>>> How does it not work as expected? 
>> 
>> I haven?t seen anything appear in the ?new? folder, to be honest.
> 
> Bear in mind that the "new" directory is there for mail that's been
> delivered into the maildir folder without going through a mail client.
> If the mail is delivered there by a pop/imap client, or copied/moved
> between maildir folders, "new" shouldn't be used. Even when it is used,
> an IMAP server should move mail from "new" to "cur" immediately
> after its existence been reported to a client, and that can be
> instantaneous if the IMAP client supports IDLE.
> 
> In my experience Dovecot's MDA does the right thing. There is a
> complication though in that when Sieve is used to set a flag, the MDA
> has no choice but to put it in "cur".

Re: Learning only on read emails?

[Ryan Coleman]

> On Oct 20, 2015, at 8:21 AM, RW <rwmailli...@googlemail.com> wrote:
> 
> On Tue, 20 Oct 2015 15:14:42 +0300
> Jari Fredriksson wrote:
> 
>> On 10/20/2015 12:41 AM, Ryan Coleman wrote:
>>> Actually it makes absolute sense since I dump my spam into a folder
>>> to be scanned as spam and anything that is still in my inbox, and
>>> read, is indeed ham.
>>> 
>>> I just have to re-investigate the ./new and ./cur folders to make
>>> sure they will operate how I want. But if the email was delivered
>>> to my phone and it moves (but not read) then it?s not an option.
>> 
>> cur and new folders work as supposed when the IMAP server is Courier, 
>> but NOT when you use Dovecot.
> 
> How does it not work as expected? 

I haven’t seen anything appear in the “new” folder, to be honest.

Re: Learning only on read emails?

[Ryan Coleman]

Actually it makes absolute sense since I dump my spam into a folder to be 
scanned as spam and anything that is still in my inbox, and read, is indeed ham.

I just have to re-investigate the ./new and ./cur folders to make sure they 
will operate how I want. But if the email was delivered to my phone and it 
moves (but not read) then it’s not an option.



> On Oct 19, 2015, at 4:35 PM, Reindl Harald <h.rei...@thelounge.net> wrote:
> 
> 
> 
> Am 19.10.2015 um 23:21 schrieb Ryan Coleman:
>> Ok so it was established I don’t have a ham scan (correct). So how do I do 
>> it so that it only scans the read emails in a MAILDIR?
> 
> that makes no sense
> 
> train a spcific ham and a specific spam folder where you move messages you 
> are sure how to classify and not a generic inbox just because you have read a 
> message
> 
> 

Learning only on read emails?

[Ryan Coleman]

Ok so it was established I don’t have a ham scan (correct). So how do I do it 
so that it only scans the read emails in a MAILDIR?

—
Ryan

Re: Learning only on read emails?

[Ryan Coleman]

> On Oct 19, 2015, at 4:45 PM, Reindl Harald <h.rei...@thelounge.net> wrote:
> Am 19.10.2015 um 23:41 schrieb Ryan Coleman:
>> Actually it makes absolute sense since I dump my spam into a folder to be 
>> scanned as spam and anything that is still in my inbox, and read, is indeed 
>> ham.
> 
> do what you want - everybody else on this world is selecting messages and not 
> rely on a read state while easily a spam message you are not sure about got 
> trained as ham

I sort my emails out at the end of each calendar year. Training a ham folder at 
that point is, well, pointless. I will try to find another way.

> a sane training is specific spam / ham folders, a script which receives that 
> message svia IMAP, stores them on the mailfilter-machine for later re-build 
> of bayes and deletes them from the IMAP folder at the end
> 
> P.S.: no need for reply-all on a mailing list

Habit. Besides, there’s no reply-to header rewrite on this mailing list. If I 
hit reply it goes only to you. Reply to all, as a keystroke, is the only way I 
can make sure it stays on the record.

Re: Learning only on read emails?

[Ryan Coleman]

> On Oct 19, 2015, at 5:25 PM, Reindl Harald <h.rei...@thelounge.net> wrote:
> 
> 
> 
> Am 20.10.2015 um 00:17 schrieb Ryan Coleman:
>>> On Oct 19, 2015, at 4:45 PM, Reindl Harald <h.rei...@thelounge.net> wrote:
>>> Am 19.10.2015 um 23:41 schrieb Ryan Coleman:
>>>> Actually it makes absolute sense since I dump my spam into a folder to be 
>>>> scanned as spam and anything that is still in my inbox, and read, is 
>>>> indeed ham.
>>> 
>>> do what you want - everybody else on this world is selecting messages and 
>>> not rely on a read state while easily a spam message you are not sure about 
>>> got trained as ham
>> 
>> I sort my emails out at the end of each calendar year. Training a ham folder 
>> at that point is, well, pointless. I will try to find another way.
> 
> they you don't get really mails, having some hundret mails each day and sort 
> them out at the end of the year won't work - *anyways* that has nothing to do 
> with copy specific training mails to just two folders

I actually get THOUSANDS of emails a day. Most of it is spam. And not caught by 
SA. And when it is put into the spam folder it is not learned. 

But, hey, you know… you obviously know me better than me so why don’t you have 
this back and forth publicly with yourself and keep me out of it.

> not possible?
> surely!
> 
> 0  47764SPAM
> 0  20371HAM
> 02229900TOKEN
> 
>>> a sane training is specific spam / ham folders, a script which receives 
>>> that message svia IMAP, stores them on the mailfilter-machine for later 
>>> re-build of bayes and deletes them from the IMAP folder at the end
>>> 
>>> P.S.: no need for reply-all on a mailing list
>> 
>> Habit. Besides, there’s no reply-to header rewrite on this mailing list. If 
>> I hit reply it goes only to you
> 
> nonsense - there are list headers and if you use a broken client just remove 
> anything but the list-address

Wow, you really are an asshole, huh?

I looked at the headers before I said anything. Broken Client? No… Apple Mail. 
There are lists where it works because it EXISTS IN THE HEADERS.

Speaking of learning spam… your email address will be joining the blacklist 
very soon.


> list-help: <mailto:users-h...@spamassassin.apache.org>
> list-unsubscribe: <mailto:users-unsubscr...@spamassassin.apache.org>
> List-Post: <mailto:users@spamassassin.apache.org>
> List-Id: 
> 

Re: Learning only on read emails?

[Ryan Coleman]

That’s more information than Dovecot gives for the structure, so that will help.

Do you happen to know what the other flags mean? 
Examples I have:
Tch
Tad
STad
Sade
Sadg
RSad
FRSadfi

F I presume is flagged - that email (the last one) is definitely one I flagged 
in Apple Mail. The “fi” seems to be the waiting on the flag. I changed it and 
now it’s FRSadj.


My guesses so far…
F=Flagged
R=Replied
S=Seen


> On Oct 19, 2015, at 6:48 PM, Bill Cole 
> <sausers-20150...@billmail.scconsult.com> wrote:
> 
> On 19 Oct 2015, at 17:21, Ryan Coleman wrote:
> 
>> Ok so it was established I don’t have a ham scan (correct). So how do I do 
>> it so that it only scans the read emails in a MAILDIR?
> 
> Assuming your delivery and client access mechanisms (IMAP4/POP3/whatever) 
> follow standard Maildir behavior & naming, a message which has been seen by a 
> mail client program (i.e. marked as "read" by an IMAP4 client, maybe just 
> downloaded by a POP3 client, consult your IMAP4/POP3/whatever server docs & 
> config for the last word...) will be in the 'cur' subdirectory and its name 
> will match the regular expression "^[0-9]*\..*\..*:2,[A-R]*S[T-Za-z]*$" Or 
> looked at another way: the name will end with ':2," followed by one or more 
> letters in ASCII ordering (capitals first) with one of those letters being 
> 'S' (for "Seen").
> 
> (Or in shell, with a slight chance of breakage on a pathological system: 
> *.*.*:2,*S*)

Re: Learning only on read emails?

[Ryan Coleman]

Thanks, I’m going to read about it tonight.

> On Oct 19, 2015, at 5:40 PM, Eric Wong <e...@80x24.org> wrote:
> 
> Ryan Coleman <ryan.cole...@cwis.biz> wrote:
>> Ok so it was established I don’t have a ham scan (correct). So how do
>> I do it so that it only scans the read emails in a MAILDIR?
> 
> Since 2008, I use inotify (via incrond) on Maildirs:
> 
>   http://mid.gmane.org/20140822083434.ga8...@dcvr.yhbt.net

Re: Learning only on read emails?

[Ryan Coleman]

> On Oct 19, 2015, at 6:48 PM, Bill Cole 
> <sausers-20150...@billmail.scconsult.com> wrote:
> 
> On 19 Oct 2015, at 17:21, Ryan Coleman wrote:
> 
>> Ok so it was established I don’t have a ham scan (correct). So how do I do 
>> it so that it only scans the read emails in a MAILDIR?
> 
> Assuming your delivery and client access mechanisms (IMAP4/POP3/whatever) 
> follow standard Maildir behavior & naming, a message which has been seen by a 
> mail client program (i.e. marked as "read" by an IMAP4 client, maybe just 
> downloaded by a POP3 client, consult your IMAP4/POP3/whatever server docs & 
> config for the last word...) will be in the 'cur' subdirectory and its name 
> will match the regular expression "^[0-9]*\..*\..*:2,[A-R]*S[T-Za-z]*$" Or 
> looked at another way: the name will end with ':2," followed by one or more 
> letters in ASCII ordering (capitals first) with one of those letters being 
> 'S' (for "Seen").
> 
> (Or in shell, with a slight chance of breakage on a pathological system: 
> *.*.*:2,*S*)

Well, damn! I learned something new today.  I never bothered to look at the 
file name structure that closely before!

Checking if sa-learn is actually learning

[Ryan Coleman]

How do I go about checking that my automated scripts that handle spam learning 
are actually learning? I have literally hundreds of emails a day that go into 
the “new” folder I have set up and it does not seem to be learning from them. 

OS: Ubuntu 14.04.3 LTS
MTA: Postfix 2.11.0-1ubuntu1
postgrey 1.34-12
spamassassin/spamc 3.4.0-1ubuntu2.1


sa-learn commands:
[scans domains for specified folders and scans them]
> /usr/bin/find /var/mail/vhosts/ -name '*.Spam.New*' -type d -exec 
> /usr/bin/sa-learn --no-sync --spam --progress {}* \;
> /usr/bin/find /var/mail/vhosts/ -name '*.Spam.Suspected*' -type d -exec 
> /usr/bin/sa-learn --no-sync --spam --progress {}* \;

I swear I had issues in the past without having —no-sync, but is that causing 
it?