Date: Fri, 20 Feb 2004 20:27:14 -0600 From: Tim Legant <[EMAIL PROTECTED]> Subject: Re: addresses being incorrectly added to blacklist To: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii
"F. Even" <[EMAIL PROTECTED]> writes:
But this is a BUG, can we not at least agree on that?
No, this is documented behavior.
No one can explain to me why this is happening, except to "remove
this."
I honestly thought I had explained why it happens. When the code that auto-cleans the pending queue deletes a message, it adds the sender's email address to the file configured in PENDING_DELETE_APPEND. I can point you to the source code file and line where it happens, if you would like. It is straightforward.
The issue I am having though is that the message is NOT being deleted. It is being released.
Even according to the documentation, it "suggests" that this could be used for blacklisting:
[quote] PENDING_DELETE_APPEND Filename to which a sender's e-mail address should be automatically appended when a message is "deleted" by tmda-pending. tmda-filter's automated pending queue cleanup feature (see PENDING_CLEANUP_ODDS) also respects this setting.
Example:
PENDING_DELETE_APPEND = "/full/path/to/blacklist" [/quote]
I don't like this example. It doesn't make any sense, given the behavior documented in the sentence immediately before it. I will see about removing it.
It makes sense in that if the message is in fact "deleted" from the queue, it belongs in the file, whether automatically or manually. But when I release a message......it shouldn't be added.....esp. according to the explanation above.
The problem here though is that it is adding it to the blacklist EVEN IF it has been confirmed or manually released.
Confirmed and released messages remain in the pending queue until they are deleted. At that point the sender's address will be added to PENDING_DELETE_APPEND, whether that deletion occurs because of a user's action in tmda-pending/tmda-cgi or because that message has aged beyond PENDING_LIFETIME.
The only way this makes sense at all is if "released = delete" as applied to the queue. That still doesn't explain why though it takes about a week or so for these addresses to be added to the list after they have been released from the queue. I just had two addresses get added to the blacklist for messages that have been released within the last couple of weeks. These messages are no longer in the queue. There are no messages to "delete." Why did they appear in the blacklist? Because the confirmation e-mail may never have been received?
If someone can explain to me how to enable some USEFUL logging to determine why this is happening, I'll be happy to keep watching it contributing information.
I don't understand what you're looking for. The reason why this happens has been explained three times. I don't see how additional logging could make it any clearer.
The explanations do not make sense in regards to what is actually happening. More logging would tell me exactly what is going on. It might clear up some of those questions I've proposed above. Since when is logging bad? It seems like very little of what TMDA does is actually logged. That is rather annoying in trying to troubleshoot what is actually going on. A log entry explaing when something is added to the misc. lists and WHY would be extremely helpful in diagnosing these issues.
I do think the option's purpose is confusing and I'm not sure that it is even useful. One thing we could consider would be to not append addresses from confirmed/released messages to PENDING_DELETE_APPEND.
As it is written, it's not confusing, but it apparently acts completely different than how it is described from what you are telling me. I still don't understand completely what the option does based on what has been said on this list, because it's behavior is not completely in line with what has been described even on this list.
Another possibility would be to remove the option entirely; the addresses that get appended to the file are practically guaranteed to be bogus, especially if we don't write confirmed/released addresses to the file. I'm not sure just what the point of saving a file full of garbage would be. Adding bogus addresses to your blacklist and having TMDA check them is just a drain on your system's resources.
Trending. Some "verified" spam is caught through there. I get a bunch of crap from [EMAIL PROTECTED] They will be added to a real-time blackhole. I also see some of the bounces going to horribly misconfigured (most likely spam-based) MTA's. That data will also be entered into a blackhole.
Would getting rid of the option make sense to you?
I don't have much say one way or the other. I guess it may as well be, as I'm not getting a satisfactory explanation of why it works the way it works, and a hostile response to the mere suggestion that increased logging would be helpful.
What I find frustrating is that I'm being told this is "as designed," that when the messages are deleted from the queue they are added to the blacklist according to that option, yet when I release a message, I suddenly find that e-mail address in the blacklist about a week or so later. The message has already been removed from the queue, validly released. I'm not understanding what is going on. The explanations offered don't fit what is happening.
Thanks, Frank _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
