I'm glad I hadn't updated yet. :-) Of course, if the blacklisting of the "_none" account doesn't work, you could not use graylisting...At least that would be better than no spamdyke at all. I'm not sure if Sam will be checking in or not, he just mentioned he'd be gone for a week or two...
I guess you could always use the pre version 4 version...Greylisting works fine on it...And, then upgrade once Sam gets a chance to look at your issue. I would try adding "[EMAIL PROTECTED]" to you blacklist, do one for each domain that's getting the "_none" created in it, and see if it works. You might search your logs and see which domains at getting: "from: (unknown)" often, and test on that domain... If it works, I'd expect it to blcok any e-mails w/o a from address, which, probably aren't legit anyway. I thought there was a setting already to do this, but I couldn't find it... Michael J. Colvin NorCal Internet Services www.norcalisp.com > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Bob Alanis > Sent: Monday, July 28, 2008 2:37 PM > To: spamdyke users > Subject: Re: [spamdyke-users] super long "_none" directory > nesting on 4.0.1 > > Sam left town? Oh boy. :) > > Michael, that "_none" blacklist idea sounds like it might do > the trick. > Once I have my nested _none directories deleted I'll give > that a whirl. > I hate being without spamdyke after using it for a week (the > spam on our server dropped to a teeeensy amount with spamdyke > on the job) so it's worth a shot. > > I'm glad to hear I'm not the only one experiencing this > (though at the same time I'm sorry others are having trouble). > > ~ Bob Alanis > > > Michael Colvin wrote: > > The _none directories are caused by mail attempting to be > delivered to > > addresses with an empty "From" field. You can see this in your log > > with something like: > > > > Jul 28 12:47:06 limelight spamdyke[21357]: DENIED_GRAYLISTED from: > > (unknown) > > to: [EMAIL PROTECTED] origin_ip: 64.183.66.155 origin_rdns: > > tedperez.com > > auth: (unknown) > > > > In pre-version 4, this causes a file called "_none" to be > created in > > the directory xzhgmf0lkb, which is a sub-directory of > domain.net. In > > the new version 4, I believe, this process has changed, and > it sounds > > like there's possibly a bug causing the continual sub-directory > > creation. Great timing to find it right as Sam leaves > town, huh! :-) > > > > I haven't tried it, but maybe try blacklisting the address > "_none" for > > that domain (All domains) and see if that blacklists the > email, which > > is likely spam anyway, instead of graylisting it... > > > > Michael J. Colvin > > NorCal Internet Services > > www.norcalisp.com > > > > > > > > > > > > > > > > > >> -----Original Message----- > >> From: [EMAIL PROTECTED] > >> [mailto:[EMAIL PROTECTED] On Behalf Of > Bob Alanis > >> Sent: Monday, July 28, 2008 1:25 PM > >> To: spamdyke users > >> Subject: Re: [spamdyke-users] super long "_none" directory > nesting on > >> 4.0.1 > >> > >> Thanks again Nightduke, > >> > >> I'll give wipe a try for sure. > >> > >> As far as restarting Spamdyke, I'm not inclined to do so > since there > >> is no reason to believe that it won't start this whole > nested _none > >> thing all over again. I'm curious if this is a bug in the > software > >> or if there is something in my config or elsewhere I > should change to > >> avoid this. Remember, these thousands of nested _none directories > >> are popping up for many sites, not just the one I included in the > >> recipient-blacklist-entry line. The only pattern I could > see is that > >> the domains which got it the worst are the ones which normally get > >> the most spam (with lots of the spam having nothing in the "from" > >> field). > >> > >> ~ Bob Alanis > >> > >> > >> > >> nightduke wrote: > >> > >>> Wipe seems to delete faster... > >>> http://sourceforge.net/project/showfiles.php?group_id=804 > >>> > >>> 2008/7/28 nightduke <[EMAIL PROTECTED]>: > >>> > >>> > >>>> Well stop the mail server... > >>>> > >>>> create a new graylist > >>>> add domains > >>>> rename old greylistold > >>>> create a cron job to remove greylistold this midnight i > >>>> > >> will take hours... > >> > >>>> Try secure delete seems to delete faster...support > >>>> > >> recursive directorys... > >> > >>>> > >> > http://pnboy.pinguix.com/my_packages/zenwalk/secure_delete/3.1/secure > >> > >>>> _delete-3.1-i486-54.1.tgz > >>>> > >>>> Regards > >>>> > >>>> Nightduke > >>>> > >>>> > >>>> > >>>> 2008/7/28 Bob Alanis <[EMAIL PROTECTED]>: > >>>> > >>>> > >>>>> Thanks Nightduke, > >>>>> > >>>>> I can certainly put that domain into a > >>>>> > >> recipient-blacklist-file. I > >> > >>>>> don't think that will address the real issue of all those > >>>>> > >> nested directories. > >> > >>>>> I've turned off Spamdyke for nwo and have been trying to delete > >>>>> those nested _none directories for a whole day. > Running "rm -rf > >>>>> /var/qmail/spamdyke/greylist" for 12 hours still didn't > >>>>> > >> get rid of > >> > >>>>> all of them. I've found one instance of over 3000 _none > >>>>> > >> directories > >> > >>>>> nested inside each other, and there are likely several > instances > >>>>> like that (and some with possibly more _none > directories). This > >>>>> issue is happening for tons of domains, not just the one > >>>>> > >> I listed in the recipient-blacklist-entry line. > >> > >>>>> Anyone have any ideas about the nested _none problem? > >>>>> > >>>>> ~ Bob Alanis > >>>>> > >>>>> > >>>>> nightduke wrote: > >>>>> > >>>>> Can you add the domains to a blacklisted file > >>>>> > >>>>> [EMAIL PROTECTED] > >>>>> > >>>>> Don't put the domain there, i think will be better to put the > >>>>> domains in a text file. > >>>>> > >>>>> I hope this helps. > >>>>> > >>>>> Regards > >>>>> > >>>>> Nightduke > >>>>> > >>>>> > >>>>> 2008/7/27 Bob Alanis <[EMAIL PROTECTED]>: > >>>>> > >>>>> > >>>>> Hello folks, > >>>>> > >>>>> I've been using Spamdyke for about a week now and I'm > >>>>> > >> loving it, but > >> > >>>>> I'm running into some problems on our server. I'm > >>>>> > >> running Spamdyke > >> > >>>>> 4.0.1 on a Plesk 8.2.0 server (which runs Fedora Core > 4) and was > >>>>> able to install and get Spamdyke running just fine. The > >>>>> > >> problem is > >> > >>>>> that our server is experiencing some super high loads and > >>>>> > >> they seem > >> > >>>>> to be related to Spamdyke. More specifically it seems to > >>>>> > >> be related > >> > >>>>> to the fact that in my greylisting folder > >>>>> (/var/qmail/spamdyke/greylist/) there are hundreds of > >>>>> > >> folders called > >> > >>>>> "_none" all nested within eachother. Here's an example > >>>>> > >> of what I'm talking about (with our client's domain name > removed)... > >> > >>>>> > >> > /var/qmail/spamdyke/greylist/DOMAINREMOVEDFORPRIVACY.COM/ceceliamora > >> > >>>>> ledewitt/_none/_none/_none/_none/_none/_none/_none > >>>>> > >>>>> That's a very short example, there are tons of instances where > >>>>> /_none/_none/_none/_none/ goes on for over 1000 times > >>>>> > >> (highest I've > >> > >>>>> found so far was 1,412 _none folders nested in a row). > >>>>> > >>>>> This was causing our nightly backup software to freak out > >>>>> > >> as it was > >> > >>>>> having trouble copying such long directories. I managed > >>>>> > >> to get it > >> > >>>>> to ignore my greylist directory during the nightly backups, but > >>>>> today we had a server crash (well, high load causing it to not > >>>>> respond). After the server rebooted, I noticed this when > >>>>> > >> I typed dmesg... > >> > >>>>> spamdyke[5315]: segfault at 0000000000000000 rip > 0000003517773e56 > >>>>> rsp > >>>>> 00007fff11129a28 error 4 > >>>>> spamdyke[9267]: segfault at ffffffff95c1e5e8 rip > 00000035177740b2 > >>>>> rsp > >>>>> 00007fff95c1a518 error 4 > >>>>> > >>>>> My greylist directory has 479 domain names listed (we > >>>>> > >> don't actually > >> > >>>>> have that many sites on our server, more like 300 plus > >>>>> > >> many domain > >> > >>>>> aliases), and many of them have this _none/_none/_none problem. > >>>>> > >>>>> When I run a config test the only error I get is... > >>>>> > >>>>> ERROR: Missing qmail-smtpd command > >>>>> > >>>>> But this wasn't keeping spamdyke from working all week. > >>>>> > >>>>> My /etc/spamdyke.conf file is... > >>>>> > >>>>> -------------------- > >>>>> > >>>>> log-level=info > >>>>> tls-level=smtp > >>>>> tls-certificate-file=/var/qmail/control/servercert.pem > >>>>> smtp-auth-level=observe > >>>>> local-domains-file=/var/qmail/control/rcpthosts > >>>>> max-recipients=100 > >>>>> idle-timeout-secs=60 > >>>>> recipient-whitelist-file=/var/qmail/spamdyke/whitelist_recipient > >>>>> [EMAIL PROTECTED] > >>>>> graylist-level=always > >>>>> graylist-dir=/var/qmail/spamdyke/greylist > >>>>> graylist-exception-ip-file=/var/qmail/spamdyke/never_greylist > >>>>> graylist-min-secs=180 > >>>>> graylist-max-secs=604800 > >>>>> sender-blacklist-file=/var/qmail/spamdyke/blacklist_senders > >>>>> > recipient-blacklist-file=/var/qmail/spamdyke/blacklist_recipients > >>>>> ip-blacklist-file=/var/qmail/spamdyke/blacklist_ip > >>>>> sender-whitelist-file=/var/qmail/spamdyke/whitelist_sender > >>>>> ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip > >>>>> greeting-delay-secs=5 > >>>>> reject-empty-rdns > >>>>> dns-blacklist-entry=zen.spamhaus.org > >>>>> dns-blacklist-entry=dnsbl.ahbl.org > >>>>> dns-blacklist-entry=bl.spamcop.net > >>>>> reject-missing-sender-mx > >>>>> local-domains-file=/var/qmail/control/rcpthosts > >>>>> > >>>>> --------------------- > >>>>> > >>>>> The [EMAIL PROTECTED] line > is due to a > >>>>> client being mailbombed at the moment. I've added their > >>>>> > >> domain to > >> > >>>>> this line temporarily. > >>>>> > >>>>> Any suggestions? If there is any more info I can provide > >>>>> > >> I would be > >> > >>>>> happy to. Is this normal spamdyke behavior? > >>>>> > >>>>> ~ Bob Alanis > >>>>> > >>>>> > >>>>> _______________________________________________ > >>>>> spamdyke-users mailing list > >>>>> [email protected] > >>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > >>>>> > >>>>> > >>>>> > >>>>> _______________________________________________ > >>>>> spamdyke-users mailing list > >>>>> [email protected] > >>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > >>>>> > >>>>> > >>>>> > >>>>> _______________________________________________ > >>>>> spamdyke-users mailing list > >>>>> [email protected] > >>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > >>>>> > >>>>> > >>>>> > >>>>> > >>> _______________________________________________ > >>> spamdyke-users mailing list > >>> [email protected] > >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > >>> > >>> > >>> > >> _______________________________________________ > >> spamdyke-users mailing list > >> [email protected] > >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users > >> > >> > > > > _______________________________________________ > > spamdyke-users mailing list > > [email protected] > > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > > > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
