it works now with resolv.conf set to 127.0.0.1. is there a downside to running spamdyke binary compiled with +EXCESSIVE and full-log-dir turned off?
On Mon, Aug 11, 2008 at 3:04 PM, Sam Clippinger <[EMAIL PROTECTED]> wrote: > Version 3.1.8 works with 0.0.0.0 because it uses the system resolver > library to parse /etc/resolv.conf and apparently the library ignores the > invalid 0.0.0.0 entry. Version 4.0.x parses /etc/resolv.conf itself and > it doesn't ignore that entry. I'll fix that in the next version though... > > -- Sam Clippinger > > slamp slamp wrote: >> hmm, i wonder why v3.1.8 works fine then. anyway i will try this when >> i get home and give you feedback. thanks for this great app! >> >> On Mon, Aug 11, 2008 at 10:39 AM, Sam Clippinger <[EMAIL PROTECTED]> wrote: >> >>> No, your /etc/resolv.conf should list specific IP addresses for your >>> nameservers. The address 0.0.0.0 is not valid, so other programs (ones >>> that use the system resolver) must be ignoring that line and using the >>> default "127.0.0.1". spamdyke doesn't do this -- it only uses >>> "127.0.0.1" if it doesn't find any "nameserver" lines at all. >>> >>> If you want all programs on your server to use the nameserver that is >>> running on the server, you should change your /etc/resolv.conf to list >>> "nameserver 127.0.0.1". That should also fix spamdyke. >>> >>> -- Sam Clippinger >>> >>> slamp slamp wrote: >>> >>>> well isn't 0.0.0.0 in linux means all interfaces? i didn't just want >>>> dnscache to listen to localhost which is the default, i also wanted it >>>> to listen to eth0. so i configured it to listen to all interfaces. all >>>> applications that rely on resolv.conf works fine i guess except for >>>> spamdyke v4. >>>> >>>> # netstat -anp |grep 53 >>>> tcp 0 0 0.0.0.0:53 0.0.0.0:* >>>> LISTEN 3075/dnscache >>>> udp 0 0 0.0.0.0:53 0.0.0.0:* >>>> 3075/dnscache >>>> >>>> >>>> # cat /etc/resolv.conf >>>> nameserver 0.0.0.0 >>>> >>>> >>>> >>>> On Sun, Aug 10, 2008 at 3:39 PM, Sam Clippinger <[EMAIL PROTECTED]> wrote: >>>> >>>> >>>>> It looks like there is a problem in your /etc/resolv.conf file. That >>>>> file should contain a list of IP addresses for nameservers, but >>>>> spamdyke's log indicates it is finding only one IP address there, >>>>> 0.0.0.0, which is obviously invalid. Either that's really what your >>>>> /etc/resolv.conf file contains (in that case, how are any processes on >>>>> your server resolving names?) or something's wrong with spamdyke's parser. >>>>> >>>>> If it's not parsing the file correctly, try increasing the memory limit >>>>> in your "run" file and see if that helps. On my server, I've set the >>>>> limit to 80000000 and everything seems to work correctly. >>>>> >>>>> -- Sam Clippinger >>>>> >>>>> slamp slamp wrote: >>>>> >>>>> >>>>>> my run file: >>>>>> >>>>>> #!/bin/sh >>>>>> QMAILDUID=`id -u vpopmail` >>>>>> NOFILESGID=`id -g vpopmail` >>>>>> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` >>>>>> BLACKLIST=`cat /var/qmail/control/blacklists` >>>>>> SMTPD="/var/qmail/bin/qmail-smtpd" >>>>>> SPAMDYKE="/usr/bin/spamdyke" >>>>>> SPAMDYKE_CONF="/etc/mail/spamdyke.conf" >>>>>> TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" >>>>>> RBLSMTPD="/usr/bin/rblsmtpd" >>>>>> HOSTNAME=`hostname` >>>>>> VCHKPW="/home/vpopmail/bin/vchkpw" >>>>>> REQUIRE_AUTH=0 >>>>>> >>>>>> exec /usr/bin/softlimit -m 40000000 \ >>>>>> /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" >>>>>> \ >>>>>> -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \ >>>>>> $SPAMDYKE -f $SPAMDYKE_CONF $SMTPD $VCHKPW /bin/true 2>&1 >>>>>> >>>>>> >>>>>> >>>>>> full-log-dir output.: >>>>>> >>>>>> 08/09/2008 09:08:19 STARTED: VERSION = >>>>>> 4.0.2+TLS+CONFIGTEST+DEBUG+EXCESSIVE, PID = 11465 >>>>>> >>>>>> 08/09/2008 09:08:19 LOG OUTPUT >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option local-domains-file from file >>>>>> /etc/mail/spamdyke.conf, line 3: /var/qmail/control/rcpthosts >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option max-recipients from file /etc/mail/spamdyke.conf, >>>>>> line 4: 5 >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option idle-timeout-secs from file >>>>>> /etc/mail/spamdyke.conf, line 5: 300 >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option reject-empty-rdns from file >>>>>> /etc/mail/spamdyke.conf, line 6: >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option reject-unresolvable-rdns from file >>>>>> /etc/mail/spamdyke.conf, line 7: >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option reject-ip-in-cc-rdns from file >>>>>> /etc/mail/spamdyke.conf, line 8: >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option ip-whitelist-file from file >>>>>> /etc/mail/spamdyke.conf, line 9: /home/vpopmail/etc/whitelist_ip >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option greeting-delay-secs from file >>>>>> /etc/mail/spamdyke.conf, line 10: 5 >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option dns-blacklist-entry from file >>>>>> /etc/mail/spamdyke.conf, line 11: zen.spamhaus.org >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option reject-missing-sender-mx from file >>>>>> /etc/mail/spamdyke.conf, line 12: >>>>>> EXCESSIVE(process_config_file()@configuration.c:3535): set >>>>>> configuration option tls-certificate-file from file >>>>>> /etc/mail/spamdyke.conf, line 13: /var/qmail/control/servercert.pem >>>>>> EXCESSIVE(do_spamdyke()@spamdyke.c:2221): found remote IP address in >>>>>> environment variable TCPREMOTEIP: 209.85.198.244 >>>>>> >>>>>> 08/09/2008 09:08:19 - Remote IP = 209.85.198.244 >>>>>> >>>>>> 08/09/2008 09:08:19 CURRENT ENVIRONMENT >>>>>> PATH=/var/qmail/bin:/usr/local/bin:/usr/bin:/bin >>>>>> PWD=/var/qmail/supervise/smtp >>>>>> SHLVL=0 >>>>>> PROTO=TCP >>>>>> TCPLOCALIP=172.16.133.4 >>>>>> TCPLOCALPORT=25 >>>>>> TCPLOCALHOST=mail.recipient.com >>>>>> TCPREMOTEIP=209.85.198.244 >>>>>> TCPREMOTEPORT=10638 >>>>>> BADMIMETYPE= >>>>>> BADLOADERTYPE=M >>>>>> CHKUSER_RCPTLIMIT=50 >>>>>> CHKUSER_WRONGRCPTLIMIT=10 >>>>>> QMAILQUEUE=/var/qmail/bin/simscan >>>>>> NOP0FCHECK=1 >>>>>> >>>>>> 08/09/2008 09:08:19 CURRENT CONFIG >>>>>> config-file=/etc/mail/spamdyke.conf >>>>>> dns-blacklist-entry=zen.spamhaus.org >>>>>> full-log-dir=/var/log/spamdyke >>>>>> greeting-delay-secs=5 >>>>>> idle-timeout-secs=300 >>>>>> ip-whitelist-file=/home/vpopmail/etc/whitelist_ip >>>>>> local-domains-file=/var/qmail/control/rcpthosts >>>>>> log-level=debug >>>>>> max-recipients=5 >>>>>> reject-empty-rdns=1 >>>>>> reject-ip-in-cc-rdns=1 >>>>>> reject-missing-sender-mx=1 >>>>>> reject-unresolvable-rdns=1 >>>>>> tls-certificate-file=/var/qmail/control/servercert.pem >>>>>> >>>>>> 08/09/2008 09:08:19 LOG OUTPUT >>>>>> EXCESSIVE(load_resolver_file()@search_fs.c:637): found nameserver at >>>>>> /etc/resolv.conf(1): 0.0.0.0 >>>>>> >>>>>> 08/09/2008 09:08:19 CURRENT CONFIG >>>>>> config-file=/etc/mail/spamdyke.conf >>>>>> dns-blacklist-entry=zen.spamhaus.org >>>>>> dns-server-ip-primary=0.0.0.0 >>>>>> full-log-dir=/var/log/spamdyke >>>>>> greeting-delay-secs=5 >>>>>> idle-timeout-secs=300 >>>>>> ip-whitelist-file=/home/vpopmail/etc/whitelist_ip >>>>>> local-domains-file=/var/qmail/control/rcpthosts >>>>>> log-level=debug >>>>>> max-recipients=5 >>>>>> reject-empty-rdns=1 >>>>>> reject-ip-in-cc-rdns=1 >>>>>> reject-missing-sender-mx=1 >>>>>> reject-unresolvable-rdns=1 >>>>>> tls-certificate-file=/var/qmail/control/servercert.pem >>>>>> >>>>>> 08/09/2008 09:08:19 LOG OUTPUT >>>>>> EXCESSIVE(nihdns_parse_servers()@dns.c:333): found nameserver: 0.0.0.0:53 >>>>>> >>>>>> 08/09/2008 09:08:19 - Remote rDNS = (unknown) >>>>>> >>>>>> 08/09/2008 09:08:19 LOG OUTPUT >>>>>> DEBUG(filter_rdns_missing()@filter.c:841): checking for missing rDNS; >>>>>> rdns: (unknown) >>>>>> FILTER_RDNS_MISSING ip: 209.85.198.244 >>>>>> DEBUG(filter_ip_whitelist()@filter.c:1120): searching IP whitelist >>>>>> file(s); ip: 209.85.198.244 >>>>>> EXCESSIVE(do_spamdyke()@spamdyke.c:2301): environment variable found >>>>>> for local port: TCPLOCALPORT=25 >>>>>> EXCESSIVE(do_spamdyke()@spamdyke.c:2382): preparing to start child >>>>>> process: /var/qmail/bin/qmail-smtpd >>>>>> >>>>>> 08/09/2008 09:08:19 FROM CHILD TO REMOTE: 42 bytes >>>>>> 220 mail.recipient.com - qmail server ESMTP >>>>>> >>>>>> 08/09/2008 09:08:19 FROM REMOTE TO CHILD: 29 bytes >>>>>> EHLO rv-out-0708.google.com >>>>>> >>>>>> 08/09/2008 09:08:19 LOG OUTPUT >>>>>> EXCESSIVE(smtp_filter()@spamdyke.c:567): EHLO received; going to add TLS >>>>>> >>>>>> 08/09/2008 09:08:19 FROM CHILD TO REMOTE: 36 bytes >>>>>> 250-mail.recipient.com - qmail server >>>>>> >>>>>> 08/09/2008 09:08:19 FROM CHILD TO REMOTE: 14 bytes >>>>>> 250-STARTTLS >>>>>> >>>>>> 08/09/2008 09:08:19 FROM CHILD TO REMOTE: 16 bytes >>>>>> 250-PIPELINING >>>>>> >>>>>> 08/09/2008 09:08:19 FROM CHILD TO REMOTE: 14 bytes >>>>>> 250-8BITMIME >>>>>> >>>>>> 08/09/2008 09:08:19 FROM CHILD TO REMOTE: 19 bytes >>>>>> 250-SIZE 20971520 >>>>>> >>>>>> 08/09/2008 09:08:19 FROM CHILD TO REMOTE: 31 bytes >>>>>> 250 AUTH LOGIN PLAIN CRAM-MD5 >>>>>> >>>>>> 08/09/2008 09:08:19 FROM REMOTE TO CHILD: 30 bytes >>>>>> MAIL FROM:<[EMAIL PROTECTED]> >>>>>> >>>>>> 08/09/2008 09:08:19 FROM SPAMDYKE TO REMOTE: 45 bytes >>>>>> 250 Refused. You have no reverse DNS entry. >>>>>> >>>>>> 08/09/2008 09:08:19 LOG OUTPUT >>>>>> EXCESSIVE(middleman()@spamdyke.c:1837): child output file descriptor 6 >>>>>> closed >>>>>> EXCESSIVE(middleman()@spamdyke.c:1342): child input file descriptor 7 >>>>>> indicates EOF >>>>>> EXCESSIVE(middleman()@spamdyke.c:1343): child input file descriptor 7 >>>>>> closed >>>>>> EXCESSIVE(middleman()@spamdyke.c:1942): child process exited normally >>>>>> with return value 1 >>>>>> >>>>>> 08/09/2008 09:08:19 FROM REMOTE TO CHILD: 27 bytes >>>>>> RCPT TO:<[EMAIL PROTECTED]> >>>>>> >>>>>> 08/09/2008 09:08:19 LOG OUTPUT >>>>>> DEBUG(filter_recipient_relay()@filter.c:2176): checking relaying; >>>>>> relay-level: 0 recipient: [EMAIL PROTECTED] ip: 209.85.198.244 >>>>>> rdns: (unknown) local_recipient: true relaying_allowed: false >>>>>> >>>>>> 08/09/2008 09:08:19 FROM SPAMDYKE TO REMOTE: 45 bytes >>>>>> 421 Refused. You have no reverse DNS entry. >>>>>> >>>>>> 08/09/2008 09:08:19 LOG OUTPUT >>>>>> DENIED_RDNS_MISSING from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] >>>>>> origin_ip: 209.85.198.244 origin_rdns: (unknown) auth: (unknown) >>>>>> >>>>>> 08/09/2008 09:08:20 FROM REMOTE TO CHILD: 6 bytes >>>>>> QUIT >>>>>> >>>>>> 08/09/2008 09:08:20 FROM SPAMDYKE TO REMOTE: 45 bytes >>>>>> 221 Refused. You have no reverse DNS entry. >>>>>> >>>>>> 08/09/2008 09:08:20 CLOSED >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Fri, Aug 8, 2008 at 5:39 PM, Sam Clippinger <[EMAIL PROTECTED]> wrote: >>>>>> >>>>>> >>>>>> >>>>>>> I'm also using djbdns, so that's probably not the issue. What does your >>>>>>> "run" file look like? How much memory are you allocating with >>>>>>> "softlimit"? >>>>>>> >>>>>>> Another thing to try: rerun spamdyke's "configure" script with the >>>>>>> "--with-excessive-output" option, then turn on full logging (with >>>>>>> "full-log-dir"). When spamdyke creates the full log files, it will put >>>>>>> a lot more output into the log files to show the values of variables, >>>>>>> etc. You can then repeat your test to see what it prints for that >>>>>>> connection. I'm curious to see what nameservers it tries to contact and >>>>>>> if it logs any responses. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> _______________________________________________ >>>>>> spamdyke-users mailing list >>>>>> [email protected] >>>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>>>> >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> spamdyke-users mailing list >>>>> [email protected] >>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>>> >>>>> >>>>> >>>> _______________________________________________ >>>> spamdyke-users mailing list >>>> [email protected] >>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>> >>>> >>> _______________________________________________ >>> spamdyke-users mailing list >>> [email protected] >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>> >>> >> _______________________________________________ >> spamdyke-users mailing list >> [email protected] >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
