On 2025-06-10 19:21:11 -0700, jdow wrote: > On 20250610 17:26:41, Vincent Lefevre wrote: > > On 2025-06-10 18:16:08 -0400, Bill Cole wrote: > > > On 2025-06-10 at 12:21:38 UTC-0400 (Tue, 10 Jun 2025 18:21:38 +0200) > > > Vincent Lefevre<vinc...@vinc17.net> > > > is rumored to have said: > > > > > > > The file > > > > /var/lib/spamassassin/4.000001/updates_spamassassin_org/50_scores.cf > > > > is ignored on my Debian/stable server. > > > Are you 100% certain of that? > > > > > > Running 'spamassassin --lint -D config' will give you a rundown of the > > > config files as they get loaded. Somewhere in the middle of the output > > > should be 4 lines like this: > > > > > > dbg: config: fixed relative path: > > > /var/lib/spamassassin/4.000001/updates_spamassassin_org/50_scores.cf > > > dbg: config: using > > > "/var/lib/spamassassin/4.000001/updates_spamassassin_org/50_scores.cf" for > > > included file > > > dbg: config: read file > > > /var/lib/spamassassin/4.000001/updates_spamassassin_org/50_scores.cf > > > dbg: config: parsing file > > > /var/lib/spamassassin/4.000001/updates_spamassassin_org/50_scores.cf > > > > > > If they are there, that file IS loaded and parsed by SA. If they're not > > > present, there should be clues in whatever SA does emit. > > I have that. > > > > Then I don't understand why I still have the issue with > > > > RCVD_IN_VALIDITY_CERTIFIED_BLOCKED > > RCVD_IN_VALIDITY_RPBL_BLOCKED > > RCVD_IN_VALIDITY_SAFE_BLOCKED > > > > (in the spamd logs and in the message headers). > > Be rash. Search for these strings in all the usual places including > user_prefs and under the /etc/mail(/spamassassin) tree, for example. Of > course, the really dumb question is, "Are you running a version that looks > in the folder you are mucking around in?"
Well, it appears that the scores of the _BLOCKED strings are set in the file /var/lib/spamassassin/4.000001/updates_spamassassin_org/72_scores.cf by score RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 0.001 0.001 0.001 score RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 0.001 0.001 0.001 score RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 0.001 0.001 0.001 This is also something that is updated by sa-update. So everyone should have them, this is not a local config. So I still don't understand why there is an issue specific to my machine, i.e. the fact that RCVD_IN_VALIDITY_CERTIFIED, etc. (the strings without _BLOCKED) with a score of 0[*] still trigger a DNS request and associated error in the logs and message headers. [*] as given by /var/lib/spamassassin/4.000001/updates_spamassassin_org/50_scores.cf I recall that this file has # Validity (née ReturnPath) Certified # https://www.validity.com/resource-center/fact-sheet-certification/ # CERTIFIED is a subset of SAFE, thus the score is cumulative. # -2 + -3 = -5 points for CERTIFIED # disabled by default 2025-05-11 WKC bz#8278 score RCVD_IN_VALIDITY_CERTIFIED 0 score RCVD_IN_VALIDITY_SAFE 0 score RCVD_IN_VALIDITY_RPBL 0 # Uncomment these if you enable the ones above #score RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 #score RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 #score RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 i.e. only the versions without _BLOCKED have been set to 0. The _BLOCKED versions are set by the 72_scores.cf file above, if I understand correctly. And why "Uncomment these if you enable the ones above" while the scores are already set in the 72_scores.cf file I've mentioned above? -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)
