> Sam left town? Oh boy. :) Maybe it is time for us to try a patch?
Pablo. 2008/7/28 Bob Alanis <[EMAIL PROTECTED]>: > Sam left town? Oh boy. :) > > Michael, that "_none" blacklist idea sounds like it might do the trick. > Once I have my nested _none directories deleted I'll give that a whirl. > I hate being without spamdyke after using it for a week (the spam on our > server dropped to a teeeensy amount with spamdyke on the job) so it's > worth a shot. > > I'm glad to hear I'm not the only one experiencing this (though at the > same time I'm sorry others are having trouble). > > ~ Bob Alanis > > > Michael Colvin wrote: >> The _none directories are caused by mail attempting to be delivered to >> addresses with an empty "From" field. You can see this in your log with >> something like: >> >> Jul 28 12:47:06 limelight spamdyke[21357]: DENIED_GRAYLISTED from: (unknown) >> to: [EMAIL PROTECTED] origin_ip: 64.183.66.155 origin_rdns: tedperez.com >> auth: (unknown) >> >> In pre-version 4, this causes a file called "_none" to be created in the >> directory xzhgmf0lkb, which is a sub-directory of domain.net. In the new >> version 4, I believe, this process has changed, and it sounds like there's >> possibly a bug causing the continual sub-directory creation. Great timing >> to find it right as Sam leaves town, huh! :-) >> >> I haven't tried it, but maybe try blacklisting the address "_none" for that >> domain (All domains) and see if that blacklists the email, which is likely >> spam anyway, instead of graylisting it... >> >> Michael J. Colvin >> NorCal Internet Services >> www.norcalisp.com >> >> >> >> >> >> >> >> >>> -----Original Message----- >>> From: [EMAIL PROTECTED] >>> [mailto:[EMAIL PROTECTED] On Behalf Of Bob Alanis >>> Sent: Monday, July 28, 2008 1:25 PM >>> To: spamdyke users >>> Subject: Re: [spamdyke-users] super long "_none" directory >>> nesting on 4.0.1 >>> >>> Thanks again Nightduke, >>> >>> I'll give wipe a try for sure. >>> >>> As far as restarting Spamdyke, I'm not inclined to do so >>> since there is no reason to believe that it won't start this >>> whole nested _none thing all over again. I'm curious if this >>> is a bug in the software or if there is something in my >>> config or elsewhere I should change to avoid this. Remember, >>> these thousands of nested _none directories are popping up >>> for many sites, not just the one I included in the >>> recipient-blacklist-entry line. The only pattern I could see >>> is that the domains which got it the worst are the ones which >>> normally get the most spam (with lots of the spam having >>> nothing in the "from" field). >>> >>> ~ Bob Alanis >>> >>> >>> >>> nightduke wrote: >>> >>>> Wipe seems to delete faster... >>>> http://sourceforge.net/project/showfiles.php?group_id=804 >>>> >>>> 2008/7/28 nightduke <[EMAIL PROTECTED]>: >>>> >>>> >>>>> Well stop the mail server... >>>>> >>>>> create a new graylist >>>>> add domains >>>>> rename old greylistold >>>>> create a cron job to remove greylistold this midnight i >>>>> >>> will take hours... >>> >>>>> Try secure delete seems to delete faster...support >>>>> >>> recursive directorys... >>> >>>>> >>> http://pnboy.pinguix.com/my_packages/zenwalk/secure_delete/3.1/secure >>> >>>>> _delete-3.1-i486-54.1.tgz >>>>> >>>>> Regards >>>>> >>>>> Nightduke >>>>> >>>>> >>>>> >>>>> 2008/7/28 Bob Alanis <[EMAIL PROTECTED]>: >>>>> >>>>> >>>>>> Thanks Nightduke, >>>>>> >>>>>> I can certainly put that domain into a >>>>>> >>> recipient-blacklist-file. I >>> >>>>>> don't think that will address the real issue of all those >>>>>> >>> nested directories. >>> >>>>>> I've turned off Spamdyke for nwo and have been trying to delete >>>>>> those nested _none directories for a whole day. Running "rm -rf >>>>>> /var/qmail/spamdyke/greylist" for 12 hours still didn't >>>>>> >>> get rid of >>> >>>>>> all of them. I've found one instance of over 3000 _none >>>>>> >>> directories >>> >>>>>> nested inside each other, and there are likely several instances >>>>>> like that (and some with possibly more _none directories). This >>>>>> issue is happening for tons of domains, not just the one >>>>>> >>> I listed in the recipient-blacklist-entry line. >>> >>>>>> Anyone have any ideas about the nested _none problem? >>>>>> >>>>>> ~ Bob Alanis >>>>>> >>>>>> >>>>>> nightduke wrote: >>>>>> >>>>>> Can you add the domains to a blacklisted file >>>>>> >>>>>> [EMAIL PROTECTED] >>>>>> >>>>>> Don't put the domain there, i think will be better to put the >>>>>> domains in a text file. >>>>>> >>>>>> I hope this helps. >>>>>> >>>>>> Regards >>>>>> >>>>>> Nightduke >>>>>> >>>>>> >>>>>> 2008/7/27 Bob Alanis <[EMAIL PROTECTED]>: >>>>>> >>>>>> >>>>>> Hello folks, >>>>>> >>>>>> I've been using Spamdyke for about a week now and I'm >>>>>> >>> loving it, but >>> >>>>>> I'm running into some problems on our server. I'm >>>>>> >>> running Spamdyke >>> >>>>>> 4.0.1 on a Plesk 8.2.0 server (which runs Fedora Core 4) and was >>>>>> able to install and get Spamdyke running just fine. The >>>>>> >>> problem is >>> >>>>>> that our server is experiencing some super high loads and >>>>>> >>> they seem >>> >>>>>> to be related to Spamdyke. More specifically it seems to >>>>>> >>> be related >>> >>>>>> to the fact that in my greylisting folder >>>>>> (/var/qmail/spamdyke/greylist/) there are hundreds of >>>>>> >>> folders called >>> >>>>>> "_none" all nested within eachother. Here's an example >>>>>> >>> of what I'm talking about (with our client's domain name removed)... >>> >>>>>> >>> /var/qmail/spamdyke/greylist/DOMAINREMOVEDFORPRIVACY.COM/ceceliamora >>> >>>>>> ledewitt/_none/_none/_none/_none/_none/_none/_none >>>>>> >>>>>> That's a very short example, there are tons of instances where >>>>>> /_none/_none/_none/_none/ goes on for over 1000 times >>>>>> >>> (highest I've >>> >>>>>> found so far was 1,412 _none folders nested in a row). >>>>>> >>>>>> This was causing our nightly backup software to freak out >>>>>> >>> as it was >>> >>>>>> having trouble copying such long directories. I managed >>>>>> >>> to get it >>> >>>>>> to ignore my greylist directory during the nightly backups, but >>>>>> today we had a server crash (well, high load causing it to not >>>>>> respond). After the server rebooted, I noticed this when >>>>>> >>> I typed dmesg... >>> >>>>>> spamdyke[5315]: segfault at 0000000000000000 rip 0000003517773e56 >>>>>> rsp >>>>>> 00007fff11129a28 error 4 >>>>>> spamdyke[9267]: segfault at ffffffff95c1e5e8 rip 00000035177740b2 >>>>>> rsp >>>>>> 00007fff95c1a518 error 4 >>>>>> >>>>>> My greylist directory has 479 domain names listed (we >>>>>> >>> don't actually >>> >>>>>> have that many sites on our server, more like 300 plus >>>>>> >>> many domain >>> >>>>>> aliases), and many of them have this _none/_none/_none problem. >>>>>> >>>>>> When I run a config test the only error I get is... >>>>>> >>>>>> ERROR: Missing qmail-smtpd command >>>>>> >>>>>> But this wasn't keeping spamdyke from working all week. >>>>>> >>>>>> My /etc/spamdyke.conf file is... >>>>>> >>>>>> -------------------- >>>>>> >>>>>> log-level=info >>>>>> tls-level=smtp >>>>>> tls-certificate-file=/var/qmail/control/servercert.pem >>>>>> smtp-auth-level=observe >>>>>> local-domains-file=/var/qmail/control/rcpthosts >>>>>> max-recipients=100 >>>>>> idle-timeout-secs=60 >>>>>> recipient-whitelist-file=/var/qmail/spamdyke/whitelist_recipient >>>>>> [EMAIL PROTECTED] >>>>>> graylist-level=always >>>>>> graylist-dir=/var/qmail/spamdyke/greylist >>>>>> graylist-exception-ip-file=/var/qmail/spamdyke/never_greylist >>>>>> graylist-min-secs=180 >>>>>> graylist-max-secs=604800 >>>>>> sender-blacklist-file=/var/qmail/spamdyke/blacklist_senders >>>>>> recipient-blacklist-file=/var/qmail/spamdyke/blacklist_recipients >>>>>> ip-blacklist-file=/var/qmail/spamdyke/blacklist_ip >>>>>> sender-whitelist-file=/var/qmail/spamdyke/whitelist_sender >>>>>> ip-whitelist-file=/var/qmail/spamdyke/whitelist_ip >>>>>> greeting-delay-secs=5 >>>>>> reject-empty-rdns >>>>>> dns-blacklist-entry=zen.spamhaus.org >>>>>> dns-blacklist-entry=dnsbl.ahbl.org >>>>>> dns-blacklist-entry=bl.spamcop.net >>>>>> reject-missing-sender-mx >>>>>> local-domains-file=/var/qmail/control/rcpthosts >>>>>> >>>>>> --------------------- >>>>>> >>>>>> The [EMAIL PROTECTED] line is due to a >>>>>> client being mailbombed at the moment. I've added their >>>>>> >>> domain to >>> >>>>>> this line temporarily. >>>>>> >>>>>> Any suggestions? If there is any more info I can provide >>>>>> >>> I would be >>> >>>>>> happy to. Is this normal spamdyke behavior? >>>>>> >>>>>> ~ Bob Alanis >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> spamdyke-users mailing list >>>>>> [email protected] >>>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> spamdyke-users mailing list >>>>>> [email protected] >>>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> spamdyke-users mailing list >>>>>> [email protected] >>>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>>>> >>>>>> >>>>>> >>>>>> >>>> _______________________________________________ >>>> spamdyke-users mailing list >>>> [email protected] >>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>> >>>> >>>> >>> _______________________________________________ >>> spamdyke-users mailing list >>> [email protected] >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>> >>> >> >> _______________________________________________ >> spamdyke-users mailing list >> [email protected] >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> >> > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
