[AMaViS-user] AMaViS Security Announcement: ZOO archive decompression infinite loop DoS

2007-05-17 Thread Mark Martinec
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 === AMaViS Security Announcement Date: 2007-05-17 affected version(s):amavis, amavisd, amavisd-new, amavis-ng Vulnerability:

Re: [AMaViS-user] SQL and 'policy banks'

2007-05-17 Thread Martin Schiøtz
Can I use different 'policy' (SQL) based on which 'policy bank' the mail arrived? The %sql_clause associative array is part of policy banks, so you can switch SQL clauses to be used, based on a policy bank. For example: $interface_policy{'10026'} = 'ALT'; $policy_bank{'ALT'} = {

Re: [AMaViS-user] Question about some log information

2007-05-17 Thread MrC
Perhaps someone can explain me some amavis log entries. It's amavisd-new 2.4.5 with default config. I got (shorted): amavis[48404]:(48404-01-9) Passed SPAM, [212.71.111.45] [89.220.41.153] amavis[48123]:(48123-01-13) Passed SPAM, [88.238.102.203] [47.62.141.62] Whats the first ip

Re: [AMaViS-user] Question about some log information

2007-05-17 Thread Thomas Vogt
Hello Thank you. I have assumed it but was not sure. Nn most cases, should this not be the same ip for %a and %e? I checked a few thousand CLEAN marked emails (of course some of them was spam too but not detected). More than 95% of this emails had the same ip for %a and %e. I guess the 5% with

Re: [AMaViS-user] SQL and 'policy banks'

2007-05-17 Thread Martin Schiøtz
On 5/17/07, Martin Schiøtz [EMAIL PROTECTED] wrote: Can I use different 'policy' (SQL) based on which 'policy bank' the mail arrived? The %sql_clause associative array is part of policy banks, so you can switch SQL clauses to be used, based on a policy bank. For example:

Re: [AMaViS-user] Question about some log information

2007-05-17 Thread MrC
-Original Message- From: Thomas Vogt [mailto:[EMAIL PROTECTED] Sent: Thursday, May 17, 2007 9:44 AM To: MrC Cc: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] Question about some log information Hello Thank you. I have assumed it but was not sure. Nn most

Re: [AMaViS-user] SQL and 'policy banks'

2007-05-17 Thread Mark Martinec
Martin, It seems like these parameters is always overwritten by the SQL policy table? I was wrong this works fine: These static settings are only overruled by values from SQL if corresponding SQL fields are not NULL (and they exist). Mark

Re: [AMaViS-user] [sa_spam_report_header = 1] Producing broken report text

2007-05-17 Thread Mark Martinec
Anant Nitya, I have enabled __ sa_spam_report_header = 1 __ in my amavisd.conf, it works for few and produces broken text for others. amavisd-new-2.5.0, perl 5.8.8 [BROKEN REPORT HEADER] X-Spam-Status: Yes, score=47.791 required=6 tests=[BAYES_99=3.5, DCC_CHECK=2.17,