Re: Removing test for FROM/MX_MATCHES_NOT_HELO(DOMAIN)
On Nov 7, 2007, at 7:25 AM, Robert Felber wrote: when added to the 1 score for $from_match_regex_verified_helo[0], Which you have set to 0 I should've clarified, this was done after the instance of mail being discussed, so the change does not apply. I don't think FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1 was due to other scores, I explained it rather to not raise wrong assumptions when setting $from_match_regex_verified_helo[0] to 0 (also I haven't seen a log- excerpt, which caused me to make that statement, I can neither say whether it is impossible that FROM/MX_MATCHES_NOT_HELO(DOMAIN) can be "1" if $from_match_regex_verified_helo[0] is set to 0, but I'd guess so). No you are right it cannot be 1, because once the config changes were picked up after a full policyd-weight reload, that score is gone -- it was only after refreshing the config (but not reloading policyd- weight) that the score was still =1. Thanks for your your help. Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: Removing test for FROM/MX_MATCHES_NOT_HELO(DOMAIN)
On Wed, Nov 07, 2007 at 07:08:44AM -0500, Sahil Tandon wrote: > On Nov 7, 2007, at 3:16 AM, Robert Felber wrote: > > >FROM/MX_MATCHES_NOT_HELO(DOMAIN) for instance is calculated such: > > > >$from_match_regex_verified_helo[0] + > >($total_dnsbl_score/4) + > >($bogus_mx_penalty * $bogus_mx_penalty) + > >$glob_numeric_score > > In the same email that had FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1, there were > three negative DNSBL scores that > summed to -4.5. That sum div by 4 = -1.125 which, No, total_dnsbl_score is the score for dnsbls that have hit. > when added to the 1 score for > $from_match_regex_verified_helo[0], Which you have set to 0 > should've made the aggregate FROM/MX_MATCHES_NOT_HELO(DOMAIN)=-.125, no? > There was no positive bogus_mx_score/penalty on the email. > The only variable I do not understand is > $glob_numeric_score, iwhich may bring the aggregate back to 1. Sorry, was from the devel version, which is $helo_numeric_score[0] * $total_dnsbl_score I don't think FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1 was due to other scores, I explained it rather to not raise wrong assumptions when setting $from_match_regex_verified_helo[0] to 0 (also I haven't seen a log-excerpt, which caused me to make that statement, I can neither say whether it is impossible that FROM/MX_MATCHES_NOT_HELO(DOMAIN) can be "1" if $from_match_regex_verified_helo[0] is set to 0, but I'd guess so). > >However: config changes are picked up by childs after MAINTENANCE_LEVEL > >requests while each child has an own maintenance counter. > >To speed up a complete reloading of all childs use policyd-weight reload. > > That explains it. Thanks for the clarification. > > Sahil > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ -- Robert Felber (PGP: 896CF30B) Munich, Germany Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: Removing test for FROM/MX_MATCHES_NOT_HELO(DOMAIN)
On Nov 7, 2007, at 3:16 AM, Robert Felber wrote: FROM/MX_MATCHES_NOT_HELO(DOMAIN) for instance is calculated such: $from_match_regex_verified_helo[0] + ($total_dnsbl_score/4) + ($bogus_mx_penalty * $bogus_mx_penalty) + $glob_numeric_score In the same email that had FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1, there were three negative DNSBL scores that summed to -4.5. That sum div by 4 = -1.125 which, when added to the 1 score for $from_match_regex_verified_helo[0], should've made the aggregate FROM/ MX_MATCHES_NOT_HELO(DOMAIN)=-.125, no? There was no positive bogus_mx_score/penalty on the email. The only variable I do not understand is $glob_numeric_score, which may bring the aggregate back to 1. However: config changes are picked up by childs after MAINTENANCE_LEVEL requests while each child has an own maintenance counter. To speed up a complete reloading of all childs use policyd-weight reload. That explains it. Thanks for the clarification. Sahil Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: Removing test for FROM/MX_MATCHES_NOT_HELO(DOMAIN)
On Tue, Nov 06, 2007 at 09:29:26PM -0500, Sahil Tandon wrote: > This score penalizes legitimate email from people who send "From:" personal > domain names using their ISP's > SMTP server (which, generally, is not the authorized MX for > some-domain-name.org). A penalizing is "accepted" as long as this false penalizing does not lead to a reject. This is what policyd-weight is for - that checks may hit - but do no harm. > In order to disable this > test, based on > http://www.mail-archive.com/[email protected]/msg00525.html, I > added > @from_match_regex_verified_helo = (0, -2 ); into > policyd-weight.conf. /var/log/maillog > confirms that the new conf is loaded. Nevertheless, new email is still being > tagged with a > FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1. > > What am I doing wrong? > Probably nothing. Policyd-weight does score certain checks by using results of other checks. FROM/MX_MATCHES_NOT_HELO(DOMAIN) for instance is calculated such: $from_match_regex_verified_helo[0] + ($total_dnsbl_score/4) + ($bogus_mx_penalty * $bogus_mx_penalty) + $glob_numeric_score There is no possibility to "disable" a check. However: config changes are picked up by childs after MAINTENANCE_LEVEL requests while each child has an own maintenance counter. To speed up a complete reloading of all childs use policyd-weight reload. -- Robert Felber (PGP: 896CF30B) Munich, Germany Policyd-weight Mailinglist - http://www.policyd-weight.org/
