Auto-whitelist
Greetings,
not sure how many people still run 10.4 mail systems. but what the heck
I have a mail server that has been running spammassassin for years. pumping SA learn and running spamtrainer.
recently i received OS and postfix error messages regarding insufficient storage space although i had 30gig of room on the drive.
During a clone operation i discovered a very large Auto-whitelist file in /var/clamav/.spamassassin
i don't remember setting Auto-Whitelist 1
mylocal.cf doesn't mention AutoWhitelist
and my amavisd.conf has it commented out .
#$saautowhitelist = 0; # turn on AWL (default: false)
# Bayesian Auto Learn
auto_learn 1
# Safe Reporting
safe_reporting 0
# Full/Terse Reporting
usetersereport 0
# Subject Tag
subject_tag * Warning: Junk Mail *
# Rewrite the Subject
rewrite_subject 0
# Use Bayesian Filtering
use_bayes 1
# OK locals
ok_locales en
# OK languages
ok_languages en fr de ja
# Required hits to be marked as spam
required_hits 5
I ran a test message through SA, i did not see anything referencing Auto-Whitelist.
here is debug ::: ::
}mx1:/var/clamav root# spamassassin -D < /private/var/root/Documents/Message1.rtf
debug: SpamAssassin version 3.0.1
debug: Score set 0 chosen.
debug: running in taint mode? yes
debug: Running in taint mode, removing unsafe env vars, and resetting PATH
debug: PATH included '/bin', keeping.
debug: PATH included '/sbin', keeping.
debug: PATH included '/usr/bin', keeping.
debug: PATH included '/usr/sbin', keeping.
debug: Final PATH set to: /bin:/sbin:/usr/bin:/usr/sbin
debug: using "/etc/mail/spamassassin/init.pre" for site rules init.pre
debug: config: read file /etc/mail/spamassassin/init.pre
debug: using "//usr/share/spamassassin" for default rules dir
debug: config: read file //usr/share/spamassassin/10_misc.cf
debug: config: read file //usr/share/spamassassin/20antiratware.cf
debug: config: read file //usr/share/spamassassin/20bodytests.cf
debug: config: read file //usr/share/spamassassin/20_compensate.cf
debug: config: read file //usr/share/spamassassin/20dnsbltests.cf
debug: config: read file //usr/share/spamassassin/20_drugs.cf
debug: config: read file //usr/share/spamassassin/20fake_helotests.cf
debug: config: read file //usr/share/spamassassin/20headtests.cf
debug: config: read file //usr/share/spamassassin/20htmltests.cf
debug: config: read file //usr/share/spamassassin/20metatests.cf
debug: config: read file //usr/share/spamassassin/20_phrases.cf
debug: config: read file //usr/share/spamassassin/20_****.cf
debug: config: read file //usr/share/spamassassin/20_ratware.cf
debug: config: read file //usr/share/spamassassin/20uritests.cf
debug: config: read file //usr/share/spamassassin/23_bayes.cf
debug: config: read file //usr/share/spamassassin/25body_testses.cf
debug: config: read file //usr/share/spamassassin/25body_testspl.cf
debug: config: read file //usr/share/spamassassin/25_hashcash.cf
debug: config: read file //usr/share/spamassassin/25head_testses.cf
debug: config: read file //usr/share/spamassassin/25head_testspl.cf
debug: config: read file //usr/share/spamassassin/25_spf.cf
debug: config: read file //usr/share/spamassassin/25_uribl.cf
debug: config: read file //usr/share/spamassassin/30textde.cf
debug: config: read file //usr/share/spamassassin/30textes.cf
debug: config: read file //usr/share/spamassassin/30textfr.cf
debug: config: read file //usr/share/spamassassin/30textit.cf
debug: config: read file //usr/share/spamassassin/30textnl.cf
debug: config: read file //usr/share/spamassassin/30textpl.cf
debug: config: read file //usr/share/spamassassin/30textsk.cf
debug: config: read file //usr/share/spamassassin/50_scores.cf
debug: config: read file //usr/share/spamassassin/60_whitelist.cf
debug: using "//etc/mail/spamassassin" for site rules dir
debug: config: read file //etc/mail/spamassassin/local.cf
debug: using "/private/var/root/.spamassassin" for user state dir
debug: using "/private/var/root/.spamassassin/user_prefs" for user prefs file
debug: config: read file /private/var/root/.spamassassin/user_prefs
debug: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840)
debug: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1a8be70)
debug: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4)
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) implements 'parse_config'
debug: plugin: Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1a8be70) implements 'parse_config'
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) inhibited further callbacks
debug: config: SpamAssassin failed to parse line, skipping: auto_learn 1
debug: config: SpamAssassin failed to parse line, skipping: safe_reporting 0
debug: config: SpamAssassin failed to parse line, skipping: usetersereport 0
debug: config: SpamAssassin failed to parse line, skipping: subject_tag * Warning: Junk Mail *
debug: config: SpamAssassin failed to parse line, skipping: rewrite_subject 0
debug: using "/private/var/root/.spamassassin" for user state dir
debug: bayes: 17114 tie-ing to DB file R/O /private/var/root/.spamassassin/bayes_toks
debug: bayes: 17114 tie-ing to DB file R/O /private/var/root/.spamassassin/bayes_seen
debug: bayes: found bayes db version 3
debug: using "/private/var/root/.spamassassin" for user state dir
debug: bayes: Not available for scanning, only 0 spam(s) in Bayes DB < 200
debug: bayes: 17114 untie-ing
debug: bayes: 17114 untie-ing db_toks
debug: bayes: 17114 untie-ing db_seen
debug: Score set 1 chosen.
debug: bayes: 17114 tie-ing to DB file R/O /private/var/root/.spamassassin/bayes_toks
debug: bayes: 17114 tie-ing to DB file R/O /private/var/root/.spamassassin/bayes_seen
debug: bayes: found bayes db version 3
debug: bayes: Not available for scanning, only 0 spam(s) in Bayes DB < 200
debug: bayes: 17114 untie-ing
debug: bayes: 17114 untie-ing db_toks
debug: bayes: 17114 untie-ing db_seen
debug: metadata: X-Spam-Relays-Trusted:
debug: metadata: X-Spam-Relays-Untrusted:
debug: ---- MIME PARSER START ----
debug: main message type: text/plain
debug: parsing normal part
debug: added part, type: text/plain
debug: ---- MIME PARSER END ----
debug: decoding: no encoding detected
debug: Loading languages file...
debug: Can't determine language uniquely enough
debug: metadata: X-Languages:
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) implements 'parsed_metadata'
debug: is Net::DNS::Resolver available? yes
debug: Net::DNS version: 0.66
debug: trying (3) sun.com...
debug: looking up NS for 'sun.com'
debug: NS lookup of sun.com succeeded => Dns available (set dns_available to hardcode)
debug: is DNS available? 1
debug: uri found: mailto:[email protected]
debug: uri found: mailto:[email protected]
debug: uri found: mailto:[email protected]
debug: uri found: mailto:[email protected]
debug: uri found: mailto:[email protected]
debug: URIDNSBL: domains to query: beth.k12.pa.us hetnet.nl aim.com
debug: all '*From' addrs:
debug: Running tests for priority: 0
debug: running header regexp tests; score so far=0
debug: registering glue method for checkhashcash_doublespend (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1a8be70))
debug: registering glue method for checkfor_spf_helopass (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
debug: SPF: message was delivered entirely via trusted relays, not required
debug: registering glue method for checkhashcashvalue (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1a8be70))
debug: all '*To' addrs:
debug: registering glue method for checkfor_spfsoftfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
debug: SPF: message was delivered entirely via trusted relays, not required
debug: registering glue method for checkfor_spfpass (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
debug: registering glue method for checkfor_spf_helosoftfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
debug: registering glue method for checkfor_spf_helofail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1af36a4))
debug: running body-text per-line regexp tests; score so far=-2.801
debug: running uri tests; score so far=-2.801
debug: registering glue method for check_uridnsbl (Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840))
debug: Razor2 is not available
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) implements 'check_tick'
debug: URIDNSBL: query for hetnet.nl took 1 seconds to look up (multi.surbl.org.:hetnet.nl)
debug: URIDNSBL: query for aim.com took 1 seconds to look up (multi.surbl.org.:aim.com)
debug: URIDNSBL: query for beth.k12.pa.us took 1 seconds to look up (multi.surbl.org.:beth.k12.pa.us)
debug: URIDNSBL: queries completed: 6 started: 8
debug: URIDNSBL: queries active: at Mon Mar 8 18:06:35 2010
debug: running raw-body-text per-line regexp tests; score so far=-2.801
debug: running full-text regexp tests; score so far=-2.801
debug: Razor2 is not available
debug: Current PATH is: /bin:/sbin:/usr/bin:/usr/sbin
debug: Pyzor is not available: pyzor not found
debug: DCCifd is not available: no r/w dccifd socket found.
debug: DCC is not available: no executable dccproc found.
debug: Running tests for priority: 500
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1924840) implements 'checkpostdnsbl'
debug: URIDNSBL: queries completed: 8 started: 8
debug: URIDNSBL: queries active: at Mon Mar 8 18:06:35 2010
debug: waiting 2 seconds for URIDNSBL lookups to complete
debug: URIDNSBL: queries completed: 0 started: 0
debug: URIDNSBL: queries active: DNSBL=8 at Mon Mar 8 18:06:35 2010
debug: URIDNSBL: query for aim.com took 2 seconds to look up (sbl.spamhaus.org.:132.51.12.64)
debug: URIDNSBL: query for beth.k12.pa.us took 2 seconds to look up (sbl.spamhaus.org.:2.96.96.209)
debug: URIDNSBL: query for aim.com took 2 seconds to look up (sbl.spamhaus.org.:80.73.200.207)
debug: URIDNSBL: query for aim.com took 2 seconds to look up (sbl.spamhaus.org.:107.1.236.64)
debug: URIDNSBL: query for hetnet.nl took 2 seconds to look up (sbl.spamhaus.org.:34.63.75.213)
debug: URIDNSBL: query for hetnet.nl took 2 seconds to look up (sbl.spamhaus.org.:69.63.75.213)
debug: URIDNSBL: query for aim.com took 2 seconds to look up (sbl.spamhaus.org.:232.157.188.205)
debug: URIDNSBL: query for beth.k12.pa.us took 2 seconds to look up (sbl.spamhaus.org.:20.3.172.207)
debug: URIDNSBL: queries completed: 8 started: 0
debug: URIDNSBL: queries active: at Mon Mar 8 18:06:36 2010
debug: done waiting for URIDNSBL lookups to complete
debug: running meta tests; score so far=-2.801
debug: running header regexp tests; score so far=-1.231
debug: running body-text per-line regexp tests; score so far=-1.231
debug: running uri tests; score so far=-1.231
debug: running raw-body-text per-line regexp tests; score so far=-1.231
debug: running full-text regexp tests; score so far=-1.231
debug: Running tests for priority: 1000
debug: running meta tests; score so far=-1.231
debug: running header regexp tests; score so far=-1.231
debug: running body-text per-line regexp tests; score so far=-1.231
debug: running uri tests; score so far=-1.231
debug: running raw-body-text per-line regexp tests; score so far=-1.231
debug: running full-text regexp tests; score so far=-1.231
debug: auto-learn: currently using scoreset 1.
debug: auto-learn: message score: -1.231, computed score for autolearn: -1.231
debug: auto-learn? ham=0.1, spam=12, body-points=0, head-points=-2.801, learned-points=0
debug: auto-learn? yes, ham (-1.231 < 0.1)
debug: Learning Ham
debug: all '*From' addrs:
debug: all '*To' addrs:
debug: uri found: mailto:[email protected]
debug: uri found: mailto:[email protected]
debug: uri found: mailto:[email protected]
debug: uri found: mailto:[email protected]
debug: uri found: mailto:[email protected]
debug: lock: 17114 created /private/var/root/.spamassassin/bayes.lock.mx1.beth.k12.pa.us.17114
debug: lock: 17114 trying to get lock on /private/var/root/.spamassassin/bayes with 0 retries
debug: lock: 17114 link to /private/var/root/.spamassassin/bayes.lock: link ok
debug: bayes: 17114 tie-ing to DB file R/W /private/var/root/.spamassassin/bayes_toks
debug: bayes: 17114 tie-ing to DB file R/W /private/var/root/.spamassassin/bayes_seen
debug: bayes: found bayes db version 3
debug: ebd3a443815ae7214b74ef30dfb2c5524e3adf7a@sa_generated: already learnt correctly, not learning twice
debug: bayes: 17114 untie-ing
debug: bayes: 17114 untie-ing db_toks
debug: bayes: 17114 untie-ing db_seen
debug: bayes: files locked, now unlocking lock
debug: unlock: 17114 unlink /private/var/root/.spamassassin/bayes.lock
debug: is spam? score=-1.231 required=5
debug: tests=ALLTRUSTED,MISSING_DATE,MISSINGSUBJECT
debug: subtests=_UNUSABLEMSGID
X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on mx1.beth.k12.pa.us
X-Spam-Level:
X-Spam-Status: No, score=-1.2 required=5.0 tests=ALLTRUSTED,MISSINGDATE,
MISSING_SUBJECT autolearn=unavailable version=3.0.1
\f0\fs24 \cf0 Return-Path: <[email protected]>\
Received: from murder ([unix socket]) by bragg.beth.k12.pa.us (Cyrus v2.2.12-OS X 10.4.8) with LMTPA; Sun, 07 Mar 2010 22:32:43 -0500\
Received: from smtp3.beth.k12.pa.us (smtp3.beth.k12.pa.us [10.135.1.13]) by bragg.beth.k12.pa.us (Postfix) with ESMTP id 3D3F02CE4B19 for <[email protected]>; Sun, 7 Mar 2010 22:32:43 -0500 (EST)\
Received: from localhost (mx1.beth.k12.pa.us [10.135.1.6]) by smtp3.beth.k12.pa.us (Postfix) with ESMTP id 7E5EB2425D0C for <[email protected]>; Sun, 7 Mar 2010 22:32:07 -0500 (EST)\
Received: from mx1.beth.k12.pa.us ([127.0.0.1]) by localhost (mx1.beth.k12.pa.us [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11329-05 for <[email protected]>; Sun, 7 Mar 2010 19:32:06 -0800 (PST)\
Received: from mail2.beth.k12.pa.us (mail2.beth.k12.pa.us [192.227.0.10]) by mx1.beth.k12.pa.us (Postfix) with ESMTP id 9DDDFCF9E5 for <[email protected]>; Sun, 7 Mar 2010 19:32:06 -0800 (PST)\
Received: from cpsmtpb-ews07.kpnxchange.com (cpsmtpb-ews07.kpnxchange.com [213.75.39.10]) by mail2.beth.k12.pa.us (Postfix) with ESMTP id 36E83E51479 for <[email protected]>; Sun, 7 Mar 2010 22:32:05 -0500 (EST)\
Received: from cpbrm-ews29.kpnxchange.com ([10.94.84.160]) by cpsmtpb-ews07.kpnxchange.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 8 Mar 2010 04:32:05 +0100\
Received: from CPSMTPM-EML04.kpnxchange.com ([213.75.39.74]) by cpbrm-ews29.kpnxchange.com with Microsoft SMTPSVC(6.0.3790.3959); Mon, 8 Mar 2010 04:32:04 +0100\
Received: from localhost ([10.94.77.199]) by CPSMTPM-EML04.kpnxchange.com with Microsoft SMTPSVC(7.0.6001.18000); Mon, 8 Mar 2010 04:32:04 +0100\
X-Sieve: CMU Sieve 2.2\
Content-Class: urn:content-classes:message\
Mime-Version: 1.0\
Content-Type: multipart/alternative; boundary="----=_NextPart_00101CABE6F.E8E7FFDB"\
X-Mimeole: Produced By Microsoft Exchange V6.5\
Message-Id: <[email protected]>\
X-Ms-Has-Attach: \
X-Ms-Tnef-Correlator: \
Thread-Topic: EU INT LOTTO\
Thread-Index: Acqbc/3PXjmnUcQsGeSny2PogEEg==\
X-Originalarrivaltime: 08 Mar 2010 03:32:04.0493 (UTC) FILETIME=[EC150BD0:01CABE6F]\
X-Recipientdomain: beth.k12.pa.us\
X-Spam-Status: No, hits=4.117 tagged_above=-999 required=5 tests=BAYES_50, HTML5060, HTML_MESSAGE, MIMEQP_LONGLINE, NOREALNAME, SUBJALLCAPS, UNDISC_RECIPS, UPPERCASE5075\
X-Spam-Level: **\
EU INT LOTTO\
YOUR EMAIL ID HAS WON \'db1,000,000.00, IN THE FIRST CATEGORY, ALL THE E-MAIL ADDRESSES WERE SELECTED THROUGH ELECTRONIC BALLOTING SYSTEM OF INTERNET E-MAIL USERS, FROM WHICH YOUR E-MAIL ADDRESS CAME OUT AS THE WINNING COUPON.\
Clarification and procedure Contact: [email protected]\
Tel:\'ca\'ca\'ca\'ca +31-630-861-292\'ca\'ca\'ca\'ca\'ca\'ca\'ca\'ca \
Miss. Gillian Rowland \
Qualification winning Number [EU/ILO-564/003/008] \
Expiring date is 19th of March, 2010.\
All response should be send Via Email: [email protected]\
}mx1:/var/clamav root#
postfix receives the mail, then passes it to amavisd.
amavisd decides what scanners to use (clamav/spamassassin and possibly others) and performs the scan
amavisd might not scan the messages if certain criteria are met (size too large, white list, etc), this is all configurable in amavisd.conf. For example, the size threshold by default may be too small, so messages with large graphics may not be scanned.
after amavis processes the message, depending on the config of amavis, certain actions are performed (add headers, discard, reject, bounce, etc).
then amavisd passes the mail back to postfix
postfix delivers any deliverable mail to cyrus/dovecot and/or processes and bounce/rejection.
a rejection doesn't work in the above scenario because it's already been accepted by postfix.
best to discard.
if you would like to learn more about the flow and logic, look at the amavisd config file
/etc/amavisd.conf
and check out the docs
http://www.ijs.si/software/amavisd/
Jeff
Similar Messages
-
Amavis auto-whitelist error after upgrade
I just upgraded a client incrementally from 10.4 -> 10.5 -> 10.6 a few days ago. A few accounts went missing, some mail upgrades didn't appear to complete properly, and many old/disabled users mailboxes were re-activated. I'll check back if I can't get the accounts straightened out, but in the meantime I have an occasional error that I need to resolve.
5/2/11 11:21:53 AM org.amavis.amavisd auto-whitelist: open of auto-whitelist file failed: panic: sv_setpvn called with negative strlen at /System/Library/Perl/Extras/5.10.0/Mail/SpamAssassin/DBBasedAddrList.pm line 163.
Obviously the path variable is getting messed up somehow, but I'm unclear on where the misconfiguration is happening.
I can see the files in /var/amavis/spamassassin are in place (copied from the original configuration, as the auto-whitelist file is 4GB!) and have a modification date of today, so the files are being accessed at some point.
Any insight is greatly appreciated!
TCFound the solution here. I guess my original search here didn't turn up this thread. https://discussions.apple.com/message/6215434
This is probably not the right place to complain, but it seems to me the new forum layout discourages participation and yields less useful data. -
Spamassassin, auto whitelist, backscatter and spam problems.
My Mail is handled by an XServe with Mac OS X Server 10.5.5.
I have many email problems. One of them is an email backscatter problem. Sometimes, but not always, when email is identified as spam, an email gets sent back to the "From" address saying it is spam. This email seems to come directly from my servers, which is bad as spammers usually spoof the From addresses. I have modified amavisd.conf as per below. I changed all the D_BOUNCE instances to D_REJECT, yet still emails seeming to come from my server gets sent back to the From address. This is the relevant bit out of amavisd.conf:
$finalvirusdestiny = D_REJECT;
$finalbanneddestiny = D_REJECT;
$finalspamdestiny = D_REJECT;
$finalbad_headerdestiny = D_PASS;
I tried testing this by sending lots of emails that with keywords in them that rules are set up for to add enough points so that such emails get blocked, however, these emails seem to come through. At first I thought this was the AWL's doing, but by examining the headers of the email, there is no X-SPAM header as I'd expect, which makes me believe Spamassassin has not checked the email?? What can cause emails to bypass spamassassin and how do I get spamassassin to check every email? This seems to be a cause of my other problem of a lot of SPAM passing through the spam filter.
I am also having a lot of trouble understanding the SA AWL.
Is there any way I can change the scores in the AWL database?
I have tried:
spamassassin --remove-addr-from-whitelist=[email protected]
This outputs a message saying it removed an address from the whitelist, but in reality does absolutely nothing. Way I can tell is by using this script which still shows the same entries for the relevant email address:
http://spamassassin.apache.org/full/3.0.x/dist/tools/check_whitelist
I'm stumped. Any answers/thoughts/suggestions would be much appreciated. Please help!postfix receives the mail, then passes it to amavisd.
amavisd decides what scanners to use (clamav/spamassassin and possibly others) and performs the scan
amavisd might not scan the messages if certain criteria are met (size too large, white list, etc), this is all configurable in amavisd.conf. For example, the size threshold by default may be too small, so messages with large graphics may not be scanned.
after amavis processes the message, depending on the config of amavis, certain actions are performed (add headers, discard, reject, bounce, etc).
then amavisd passes the mail back to postfix
postfix delivers any deliverable mail to cyrus/dovecot and/or processes and bounce/rejection.
a rejection doesn't work in the above scenario because it's already been accepted by postfix.
best to discard.
if you would like to learn more about the flow and logic, look at the amavisd config file
/etc/amavisd.conf
and check out the docs
http://www.ijs.si/software/amavisd/
Jeff -
I need to open a case for a whitelisting of our domain. Our organization is getting blocked with error:
451 4.4.0 Primary Target IP address responded with "571 Email from (ipaddress) is currently blocked by Verizon Online's anti spam system."
Tried to use the auto whitelist form but it cam back as denied because of a "dynamic ip address" which is 100% false.
What's the best way to talk to a human?Also, judging by this forum, you might consider taking a good look at your current anti-spam system.
-
Open of auto-white list failed
I have spent the last few days getting cyrus & spam assassin to filter junk mail properly, with some success finally. I have followed the helpful Frontline Spam Defense tutorial from Topicdesk.com and also checked permissions on /var/amavis, plus just about every other trick I could find on these fora (mostly thanks to pterobyte).
Although I have now significantly reduced the spam getting through, I am now getting an error in the system log which seems to imply that it cannot create the white list file (presumably from the emails that I have put into the notjunkmail mailbox?):
Dec 30 10:21:47 eddie org.amavis.amavisd[49]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /var/amavis/.spamassassin/auto-whitelist.lock.eddie.waveneyrivercentre.co.uk.12 84 for /var/amavis/.spamassassin/auto-whitelist.lock: Permission denied
Contents of /var/amavis is:
amavis-20060719T174524-12574 amavis-20070930T043646-14035
amavis-20060905T092217-09995 amavisd.lock
amavis-20060905T095328-10092 amavisd.pid
amavis-20061007T085000-04020 amavisd.sock
amavis-20061007T085008-04039 clamd
amavis-20061023T192617-21733 clamd.pid
amavis-20061023T194248-21871 db
amavis-20061030T064013-20653 tmp
amavis-20061030T065355-20681 whitelist_sender
plus a load more amavis-number files earlier in the list. There is no .spamassassin file.
the /var/amavis directory itself has permissions as follows (output from stat)
234881026 86096 drwxr-xr-x 106 _amavisd _amavisd 0 3604 "Dec 30 10:34:20 2007" "Dec 29 20:55:37 2007" "Dec 29 20:55:37 2007" "Mar 21 00:28:17 2005" 4096 0 0 amavis
Well I hope that someone can help me.
Many thanksThanks David that is a great help
I have carried out the alterations as suggested in the link, we will see what happens.
Here is the output from ls -al /private/var/amavis:
total 32
drwxr-xr-x 106 _amavisd _amavisd 3604 Dec 29 20:55 .
drwxr-xr-x 43 root wheel 1462 Nov 26 11:14 ..
lrwxr-xr-x 1 _amavisd _amavisd 25 Feb 18 2007 .spamassassin -> /var/clamav/.spamassassin
drwx------ 6 _amavisd _amavisd 204 Feb 18 2007 .spamassassin.old
drwxr-x--- 4 _amavisd _amavisd 136 Nov 9 2005 amavis-20051109T091813-08106
drwxr-x--- 4 _amavisd _amavisd 136 Nov 9 2005 amavis-20051109T092204-08134
drwxr-x--- 4 _amavisd _amavisd 136 Sep 24 10:50 amavis-20070924T105049-17755
drwxr-x--- 4 _amavisd _amavisd 136 Sep 30 04:36 amavis-20070930T043646-14035
-rw-r----- 1 _amavisd _amavisd 0 Dec 30 20:10 amavisd.lock
-rw-r----- 1 _amavisd _amavisd 3 Dec 29 20:55 amavisd.pid
srwxr-x--- 1 _amavisd _amavisd 0 Dec 29 20:55 amavisd.sock
srwxrwxrwx 1 _amavisd _amavisd 0 Dec 29 20:53 clamd
-rw-rw---- 1 _amavisd _amavisd 2 Dec 29 20:53 clamd.pid
drwxr-xr-x 9 _amavisd _amavisd 306 Dec 29 20:55 db
drwxr-xr-x 10 _amavisd _amavisd 340 Dec 30 20:10 tmp
-rw-r--r-- 1 _amavisd _amavisd 3 Sep 27 05:43 whitelist_sender
and sudo ls -al /private/var/amavis/.spamassassin/:
total 33376
drwx------ 6 _clamav _clamav 204 Nov 1 09:26 .
drwxr-xr-x 11 _clamav _clamav 374 Dec 30 14:52 ..
-rw------- 1 _clamav _clamav 5271552 Nov 1 09:26 auto-whitelist
-rw------- 1 _clamav _clamav 1302528 Nov 1 09:26 bayes_seen
-rw------- 1 _clamav _clamav 10510336 Nov 1 09:26 bayes_toks
-rw-r--r-- 1 _clamav _clamav 1175 Feb 18 2007 user_prefs
does this tell us anything? the permissions for .spamassassin are ok I think? So would the changes I made have any effect on the server log message? I just checked the log and got another instance of it. Thinking about it, the learn script runs at 3:00 am or something so this log item is probably not connected to that script. So what else could be causing it?
Many thanks again
James -
Hello,
I need to whitelist a domain on 10.10 server:
sudo serveradmin settings mail:postfix:add_whitelist_domain = "domain.com"
but for this i get result:
mail:postfix:add_whitelist_domain = _empty_array
What should I correct?
Is there any documentation how to properly add values to settings in serveradmin?
I found this: mail:postfix:host_whitelist = _empty_array – Add whitelisted hosts
But I not helped.Hi,
the following things you need to do:
Forget what the Server Admin guide says, it doesn't work that way.
I'm assuming you want to use greylisting, right?
/usr/libexec/postfix/greylist.pl has issues in 10.10.x you need to replace it with correct version i.e. from OS X Mavericks (see further down)
delete the files in the following directory to start fresh: sudo rm /Library/Server/Mail/Data/gldb/*
restart the Mail Server
Type the following command to add a domain that should be whitelisted: sudo serveradmin settings mail:postfix:add_whitelist_domain = "google.com"
when it's done it will give you a list of already whitelisted domains and/or the one you just entered
in this case google.com will be whitelisted and will pass through the greylist without the initial temporary rejection
you can follow-up in the smtp.log in the server app to see that it works.
I tested this in 10.10.2 OS X Server 4.0.3.
I don't know what Apple did with the greylist.pl file it's missing some important code.
This is what you need to put in you greylist.pl file to restore what's missing:
#!/usr/bin/perl
use DB_File;
use Fcntl;
use Sys::Syslog qw(:DEFAULT setlogsock);
# Usage: greylist.pl [-v]
# Demo delegated Postfix SMTPD policy server. This server implements
# greylisting. State is kept in a Berkeley DB database. Logging is
# sent to syslogd.
# How it works: each time a Postfix SMTP server process is started
# it connects to the policy service socket, and Postfix runs one
# instance of this PERL script. By default, a Postfix SMTP server
# process terminates after 100 seconds of idle time, or after serving
# 100 clients. Thus, the cost of starting this PERL script is smoothed
# out over time.
# To run this from /etc/postfix/master.cf:
# policy unix - n n - - spawn
# user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
# To use this from Postfix SMTPD, use in /etc/postfix/main.cf:
# smtpd_recipient_restrictions =
# reject_unauth_destination
# check_policy_service unix:private/policy
# NOTE: specify check_policy_service AFTER reject_unauth_destination
# or else your system can become an open relay.
# To test this script by hand, execute:
# % perl greylist.pl
# Each query is a bunch of attributes. Order does not matter, and
# the demo script uses only a few of all the attributes shown below:
# request=smtpd_access_policy
# protocol_state=RCPT
# protocol_name=SMTP
# helo_name=some.domain.tld
# queue_id=8045F2AB23
# [email protected]
# [email protected]
# client_address=1.2.3.4
# client_name=another.domain.tld
# instance=123.456.7
# sasl_method=plain
# sasl_username=you
# sasl_sender=
# size=12345
# [empty line]
# The policy server script will answer in the same style, with an
# attribute list followed by a empty line:
# action=dunno
# [empty line]
# greylist status database and greylist time interval. DO NOT create the
# greylist status database in a world-writable directory such as /tmp
# or /var/tmp. DO NOT create the greylist database in a file system
# that can run out of space.
# In case of database corruption, this script saves the database as
# $database_name.time(), so that the mail system does not get stuck.
$database_name="/Library/Server/Mail/Data/gldb/greylist.db";
$whitelist_host_file="/Library/Server/Mail/Data/gldb/whitelist_host";
$whitelist_domain_file="/Library/Server/Mail/Data/gldb/whitelist_domain";
$whitelist_db_name="/Library/Server/Mail/Data/gldb/whitelist.db";
$greylist_delay=60;
# Auto-whitelist threshold. Specify 0 to disable, or the number of
# successful "come backs" after which a client is no longer subject
# to greylisting.
$auto_whitelist_threshold = 10;
# Syslogging options for verbose mode and for fatal errors.
# NOTE: comment out the $syslog_socktype line if syslogging does not
# work on your system.
$syslog_socktype = 'unix'; # inet, unix, stream, console
$syslog_facility="mail";
$syslog_options="pid";
$syslog_priority="info";
sub add_whitelist {
# check for null host name
my ($_host_name) = $attr{"host_name"};
if ($_host_name eq "") {
syslog $syslog_priority, "Warning: missing whitelist host name attribute";
return 0;
# Open the database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Is host already in white list
$value = read_whitelist_db($attr{"host_name"});
# Add host if not in database
if ($value == 0) {
syslog $syslog_priority, "adding host: %s to whitelist host", $attr{"host_name"} if $verbose;
update_whitelist_db($attr{"host_name"}, 1);
open WHITELIST_FILE, ">> $whitelist_host_file" or
syslog $syslog_priority, "Error: unable to open whitelist host file: %s", $whitelist_host_file;
print WHITELIST_FILE "$attr{\"host_name\"}\n";
close WHITELIST_FILE;
sub add_whitelist_domain {
# check for null host name
my ($_domain_name) = $attr{"domain_name"};
if ($_domain_name eq "") {
syslog $syslog_priority, "Warning: missing whitelist domain name attribute";
return 0;
# Open the database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Is domain already in white list
$value = read_whitelist_db($attr{"domain_name"});
# Add domain if not in database
if ($value == 0) {
syslog $syslog_priority, "adding domain: %s to whitelist doman", $attr{"domain_name"} if $verbose;
update_whitelist_db($attr{"domain_name"}, 1);
open WHITELIST_FILE, ">> $whitelist_domain_file" or
syslog $syslog_priority, "Error: unable to open whitelist domain file: %s", $whitelist_domain_file;
print WHITELIST_FILE "$attr{\"domain_name\"}\n";
close WHITELIST_FILE;
# Demo SMTPD access policy routine. The result is an action just like
# it would be specified on the right-hand side of a Postfix access
# table. Request attributes are available via the %attr hash.
sub smtpd_access_policy {
my($key, $time_stamp, $now, $count, $domain);
# Open the database on the fly.
open_database() unless $database_obj;
# Open the whitelist database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Check if domain is whitelisted
$domain = get_domain_name($attr{"client_name"});
$count = read_whitelist_db($domain);
if ($count > 0) {
syslog $syslog_priority, "domain: %s is whitelisted", $domain if $verbose;
return "dunno";
# Check if host is whitelisted
$count = read_whitelist_db($attr{"client_name"});
if ($count > 0) {
syslog $syslog_priority, "host: %s is whitelisted", $attr{"client_name"} if $verbose;
return "dunno";
# Search the auto-whitelist.
if ($auto_whitelist_threshold > 0) {
$count = read_database($attr{"client_address"});
if ($count > $auto_whitelist_threshold) {
return "dunno";
# Lookup the time stamp for this client/sender/recipient.
$key =
lc $attr{"client_address"}."/".$attr{"sender"}."/".$attr{"recipient"};
$time_stamp = read_database($key);
$now = time();
# If this is a new request add this client/sender/recipient to the database.
if ($time_stamp == 0) {
$time_stamp = $now;
update_database($key, $time_stamp);
# The result can be any action that is allowed in a Postfix access(5) map.
# To label mail, return ``PREPEND'' headername: headertext
# In case of success, return ``DUNNO'' instead of ``OK'' so that the
# check_policy_service restriction can be followed by other restrictions.
# In case of failure, specify ``DEFER_IF_PERMIT optional text...''
# so that mail can still be blocked by other access restrictions.
syslog $syslog_priority, "request age %d", $now - $time_stamp if $verbose;
if ($now - $time_stamp > $greylist_delay) {
# Update the auto-whitelist.
if ($auto_whitelist_threshold > 0) {
update_database($attr{"client_address"}, $count + 1);
return "dunno";
} else {
# Apple
syslog $syslog_priority, "Temporary message rejection to: <$attr{\"recipient\"}> from: <$attr{\"sender\"}> sent from: [$attr{\"client_address\"}] for: $greylist_delay seconds due to greylisting";
return "defer_if_permit Service is unavailable";
# You should not have to make changes below this point.
sub LOCK_SH { 1 }; # Shared lock (used for reading).
sub LOCK_EX { 2 }; # Exclusive lock (used for writing).
sub LOCK_NB { 4 }; # Don't block (for testing).
sub LOCK_UN { 8 }; # Release lock.
# Log an error and abort.
sub fatal_exit {
my($first) = shift(@_);
syslog "err", "fatal: $first", @_;
exit 1;
# Open hash database.
sub open_database {
my($database_fd);
# Use tied database to make complex manipulations easier to express.
$database_obj = tie(%db_hash, 'DB_File', $database_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE);
if ( !$database_obj ) {
# don't prevent mail deliveries due to corrupt database
my $db_backup = $database_name . "." . time();
syslog $syslog_priority, "Warning: open failed for: %s : backing up to: %s",
$database_name, $db_backup;
rename $database_name, $db_backup ||
fatal_exit "Can't save %s as %s: $!", $database_name, $db_backup;
# try again
$database_obj = tie(%db_hash, 'DB_File', $database_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE) ||
fatal_exit "Cannot open database %s: $!", $database_name;
$database_fd = $database_obj->fd;
open DATABASE_HANDLE, "+<&=$database_fd" ||
fatal_exit "Cannot fdopen database %s: $!", $database_name;
syslog $syslog_priority, "open %s", $database_name if $verbose;
# Open hash whitelist database.
sub open_whitelist_db {
my($whitelist_db_fd);
# Use tied database to make complex manipulations easier to express.
$whitelist_db_obj = tie(%db_hash, 'DB_File', $whitelist_db_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE);
if ( !$whitelist_db_obj ) {
# don't prevent mail deliveries due to corrupt database
my $db_backup = $whitelist_db_name . "." . time();
syslog $syslog_priority, "Warning: open failed for: %s : backing up to: %s",
$whitelist_db_name, $db_backup;
rename $whitelist_db_name, $db_backup ||
fatal_exit "Can't save %s as %s: $!", $whitelist_db_name, $db_backup;
# try again
$whitelist_db_obj = tie(%db_hash, 'DB_File', $whitelist_db_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE) ||
fatal_exit "Cannot open database %s: $!", $whitelist_db_name;
$whitelist_db_fd = $whitelist_db_obj->fd;
open WHITELIST_DB_HANDLE, "+<&=$whitelist_db_fd" ||
fatal_exit "Cannot fdopen database %s: $!", $whitelist_db_name;
syslog $syslog_priority, "open %s", $whitelist_db_name if $verbose;
# Read database. Use a shared lock to avoid reading the database
# while it is being changed. XXX There should be a way to synchronize
# our cache from the on-file database before looking up the key.
sub read_database {
my($key) = @_;
my($value);
flock DATABASE_HANDLE, LOCK_SH ||
fatal_exit "Can't get shared lock on %s: $!", $database_name;
# XXX Synchronize our cache from the on-disk copy before lookup.
$value = $db_hash{$key};
syslog $syslog_priority, "lookup %s: %s", $key, $value if $verbose;
flock DATABASE_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $database_name;
return $value;
# Read database. Use a shared lock to avoid reading the database
# while it is being changed. XXX There should be a way to synchronize
# our cache from the on-file database before looking up the key.
sub read_whitelist_db {
my($key) = @_;
my($value);
flock WHITELIST_DB_HANDLE, LOCK_SH ||
fatal_exit "Can't get shared lock on %s: $!", $whitelist_db_name;
# XXX Synchronize our cache from the on-disk copy before lookup.
$value = $db_hash{$key};
syslog $syslog_priority, "whitelist lookup %s: %s", $key, $value if $verbose;
flock WHITELIST_DB_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $whitelist_db_name;
return $value;
# Update database. Use an exclusive lock to avoid collisions with
# other updaters, and to avoid surprises in database readers. XXX
# There should be a way to synchronize our cache from the on-file
# database before updating the database.
sub update_database {
my($key, $value) = @_;
syslog $syslog_priority, "store %s: %s", $key, $value if $verbose;
flock DATABASE_HANDLE, LOCK_EX ||
fatal_exit "Can't exclusively lock %s: $!", $database_name;
# XXX Synchronize our cache from the on-disk copy before update.
$db_hash{$key} = $value;
$database_obj->sync() &&
fatal_exit "Can't update %s: $!", $database_name;
flock DATABASE_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $database_name;
# Update database. Use an exclusive lock to avoid collisions with
# other updaters, and to avoid surprises in database readers. XXX
# There should be a way to synchronize our cache from the on-file
# database before updating the database.
sub update_whitelist_db {
my($key, $value) = @_;
syslog $syslog_priority, "store whitelist host %s: %s", $key, $value if $verbose;
flock WHITELIST_DB_HANDLE, LOCK_EX ||
fatal_exit "Can't exclusively lock %s: $!", $whitelist_db_name;
# XXX Synchronize our cache from the on-disk copy before update.
$db_hash{$key} = $value;
$whitelist_db_obj->sync() &&
fatal_exit "Can't update %s: $!", $whitelist_db_name;
flock WHITELIST_DB_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $whitelist_db_name;
# Parse hostname to obtain domain name
sub get_domain_name {
my($in_host_name) = @_;
my($value);
my($count) = 0;
@tokens = split(/\./, $in_host_name);
$count = $#tokens;
$value=$tokens[$count-1] . "." . $tokens[$count];
return $value;
# Signal 11 means that we have some kind of database corruption (yes
# Berkeley DB should handle this better). Move the corrupted database
# out of the way, and start with a new database.
sub sigsegv_handler {
my $backup = $database_name . "." . time();
rename $database_name, $backup ||
fatal_exit "Can't save %s as %s: $!", $database_name, $backup;
fatal_exit "Caught signal 11; the corrupted database is saved as $backup";
my $wl_backup = $whitelist_db_name . "." . time();
rename $whitelist_db_name, $wl_backup ||
fatal_exit "Can't save %s as %s: $!", $whitelist_db_name, $wl_backup;
fatal_exit "Caught signal 11; the corrupted database is saved as $wl_backup";
$SIG{'SEGV'} = 'sigsegv_handler';
# This process runs as a daemon, so it can't log to a terminal. Use
# syslog so that people can actually see our messages.
setlogsock $syslog_socktype;
openlog $0, $syslog_options, $syslog_facility;
# We don't need getopt() for now.
while ($option = shift(@ARGV)) {
if ($option eq "-v") {
$verbose = 1;
} else {
syslog $syslog_priority, "Invalid option: %s. Usage: %s [-v]",
$option, $0;
exit 1;
# Unbuffer standard output.
select((select(STDOUT), $| = 1)[0]);
# Receive a bunch of attributes, evaluate the policy, send the result.
while (<STDIN>) {
if (/([^=]+)=(.*)\n/) {
$attr{substr($1, 0, 512)} = substr($2, 0, 512);
} elsif ($_ eq "\n") {
if ($verbose) {
for (keys %attr) {
syslog $syslog_priority, "Attribute: %s=%s", $_, $attr{$_};
if ( $attr{"request"} eq "smtpd_access_policy" ) {
$action = smtpd_access_policy();
} elsif ( $attr{"request"} eq "whitelist" ) {
$action = add_whitelist();
} elsif ( $attr{"request"} eq "whitelist_domain" ) {
$action = add_whitelist_domain();
} else {
fatal_exit "unrecognized request type: '%s'", $attr{request};
syslog $syslog_priority, "Action: %s", $action if $verbose;
print STDOUT "action=$action\n\n";
%attr = ();
} else {
chop;
syslog $syslog_priority, "warning: ignoring garbage: %.100s", $_; -
OS X 10.9 Server Mail Domain Whitelisting
I just cannot understand why this isn't working.
I've added gmail, googlemail, mac, me, icloud to the whitelist, but emails from those domains still get greylisted:
$ sudo serveradmin settings Mail | grep whitelist
Mail:postfix:add_whitelist_domain:_array_index:5 = "gmail.com"
Mail:postfix:add_whitelist_domain:_array_index:6 = "googlemail.com"
Mail:postfix:add_whitelist_domain:_array_index:7 = "mac.com"
Mail:postfix:add_whitelist_domain:_array_index:8 = "me.com"
Mail:postfix:add_whitelist_domain:_array_index:9 = "icloud.com"
Mail:postfix:domain_whitelist:_array_index:5 = "gmail.com"
Mail:postfix:domain_whitelist:_array_index:6 = "googlemail.com"
Mail:postfix:domain_whitelist:_array_index:7 = "mac.com"
Mail:postfix:domain_whitelist:_array_index:8 = "me.com"
Mail:postfix:domain_whitelist:_array_index:9 = "icloud.com"
I tried:
$ sudo serveradmin settings Mail:postfix:whitelist_enabled = yes
2014-05-02 02:56:37.103 serveradmin[2894:507] Error: servermgr_mail: postconf read error: /usr/sbin/postconf: warning: whitelist_enabled: unknown parameter
2014-05-02 02:56:37.104 serveradmin[2894:507] unable to save key: whitelist_enabled (unknown parameter)
I've tried restarting the mail service and restarting the computer.
Has anyone been successful in whitelisting a domain on 10.9 Server?
May 2 02:37:47 example.com postfix/smtpd[1398]: connect from mail-oa0-f48.google.com[209.85.219.48]
May 2 02:37:47 example /usr/libexec/postfix/greylist.pl[1403]: Temporary message rejection to: <[email protected]> from: <[email protected]> sent from: [209.85.219.48] for: 60 seconds due to greylisting
May 2 02:37:48 example.com postfix/smtpd[1398]: NOQUEUE: reject: RCPT from mail-oa0-f48.google.com[209.85.219.48]: 450 4.7.1 <[email protected]>: Recipient address rejected: Service is unavailable; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-oa0-f48.google.com>
May 2 02:37:48 example.com postfix/smtpd[1398]: disconnect from mail-oa0-f48.google.com[209.85.219.48]#!/usr/bin/perl
use DB_File;
use Fcntl;
use Sys::Syslog qw(:DEFAULT setlogsock);
# Usage: greylist.pl [-v]
# Demo delegated Postfix SMTPD policy server. This server implements
# greylisting. State is kept in a Berkeley DB database. Logging is
# sent to syslogd.
# How it works: each time a Postfix SMTP server process is started
# it connects to the policy service socket, and Postfix runs one
# instance of this PERL script. By default, a Postfix SMTP server
# process terminates after 100 seconds of idle time, or after serving
# 100 clients. Thus, the cost of starting this PERL script is smoothed
# out over time.
# To run this from /etc/postfix/master.cf:
# policy unix - n n - - spawn
# user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
# To use this from Postfix SMTPD, use in /etc/postfix/main.cf:
# smtpd_recipient_restrictions =
# reject_unauth_destination
# check_policy_service unix:private/policy
# NOTE: specify check_policy_service AFTER reject_unauth_destination
# or else your system can become an open relay.
# To test this script by hand, execute:
# % perl greylist.pl
# Each query is a bunch of attributes. Order does not matter, and
# the demo script uses only a few of all the attributes shown below:
# request=smtpd_access_policy
# protocol_state=RCPT
# protocol_name=SMTP
# helo_name=some.domain.tld
# queue_id=8045F2AB23
# [email protected]
# [email protected]
# client_address=1.2.3.4
# client_name=another.domain.tld
# instance=123.456.7
# sasl_method=plain
# sasl_username=you
# sasl_sender=
# size=12345
# [empty line]
# The policy server script will answer in the same style, with an
# attribute list followed by a empty line:
# action=dunno
# [empty line]
# greylist status database and greylist time interval. DO NOT create the
# greylist status database in a world-writable directory such as /tmp
# or /var/tmp. DO NOT create the greylist database in a file system
# that can run out of space.
# In case of database corruption, this script saves the database as
# $database_name.time(), so that the mail system does not get stuck.
$database_name="/Library/Server/Mail/Data/gldb/greylist.db";
$whitelist_host_file="/Library/Server/Mail/Data/gldb/whitelist_host";
$whitelist_domain_file="/Library/Server/Mail/Data/gldb/whitelist_domain";
$whitelist_db_name="/Library/Server/Mail/Data/gldb/whitelist.db";
$greylist_delay=60;
# Auto-whitelist threshold. Specify 0 to disable, or the number of
# successful "come backs" after which a client is no longer subject
# to greylisting.
$auto_whitelist_threshold = 10;
# Syslogging options for verbose mode and for fatal errors.
# NOTE: comment out the $syslog_socktype line if syslogging does not
# work on your system.
$syslog_socktype = 'unix'; # inet, unix, stream, console
$syslog_facility="mail";
$syslog_options="pid";
$syslog_priority="info";
sub add_whitelist {
# check for null host name
my ($_host_name) = $attr{"host_name"};
if ($_host_name eq "") {
syslog $syslog_priority, "Warning: missing whitelist host name attribute";
return 0;
# Open the database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Is host already in white list
$value = read_whitelist_db($attr{"host_name"});
# Add host if not in database
if ($value == 0) {
syslog $syslog_priority, "adding host: %s to whitelist host", $attr{"host_name"} if $verbose;
update_whitelist_db($attr{"host_name"}, 1);
open WHITELIST_FILE, ">> $whitelist_host_file" or
syslog $syslog_priority, "Error: unable to open whitelist host file: %s", $whitelist_host_file;
print WHITELIST_FILE "$attr{\"host_name\"}\n";
close WHITELIST_FILE;
sub add_whitelist_domain {
# check for null host name
my ($_domain_name) = $attr{"domain_name"};
if ($_domain_name eq "") {
syslog $syslog_priority, "Warning: missing whitelist domain name attribute";
return 0;
# Open the database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Is domain already in white list
$value = read_whitelist_db($attr{"domain_name"});
# Add domain if not in database
if ($value == 0) {
syslog $syslog_priority, "adding domain: %s to whitelist doman", $attr{"domain_name"} if $verbose;
update_whitelist_db($attr{"domain_name"}, 1);
open WHITELIST_FILE, ">> $whitelist_domain_file" or
syslog $syslog_priority, "Error: unable to open whitelist domain file: %s", $whitelist_domain_file;
print WHITELIST_FILE "$attr{\"domain_name\"}\n";
close WHITELIST_FILE;
# Demo SMTPD access policy routine. The result is an action just like
# it would be specified on the right-hand side of a Postfix access
# table. Request attributes are available via the %attr hash.
sub smtpd_access_policy {
my($key, $time_stamp, $now, $count, $domain);
# Open the database on the fly.
open_database() unless $database_obj;
# Open the whitelist database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Check if domain is whitelisted
$domain = get_domain_name($attr{"client_name"});
$count = read_whitelist_db($domain);
if ($count > 0) {
syslog $syslog_priority, "domain: %s is whitelisted", $domain if $verbose;
return "dunno";
# Check if host is whitelisted
$count = read_whitelist_db($attr{"client_name"});
if ($count > 0) {
syslog $syslog_priority, "host: %s is whitelisted", $attr{"client_name"} if $verbose;
return "dunno";
# Search the auto-whitelist.
if ($auto_whitelist_threshold > 0) {
$count = read_database($attr{"client_address"});
if ($count > $auto_whitelist_threshold) {
return "dunno";
# Lookup the time stamp for this client/sender/recipient.
$key =
lc $attr{"client_address"}."/".$attr{"sender"}."/".$attr{"recipient"};
$time_stamp = read_database($key);
$now = time();
# If this is a new request add this client/sender/recipient to the database.
if ($time_stamp == 0) {
$time_stamp = $now;
update_database($key, $time_stamp);
# The result can be any action that is allowed in a Postfix access(5) map.
# To label mail, return ``PREPEND'' headername: headertext
# In case of success, return ``DUNNO'' instead of ``OK'' so that the
# check_policy_service restriction can be followed by other restrictions.
# In case of failure, specify ``DEFER_IF_PERMIT optional text...''
# so that mail can still be blocked by other access restrictions.
syslog $syslog_priority, "request age %d", $now - $time_stamp if $verbose;
if ($now - $time_stamp > $greylist_delay) {
# Update the auto-whitelist.
if ($auto_whitelist_threshold > 0) {
update_database($attr{"client_address"}, $count + 1);
return "dunno";
} else {
# Apple
syslog $syslog_priority, "Temporary message rejection to: <$attr{\"recipient\"}> from: <$attr{\"sender\"}> sent from: [$attr{\"client_address\"}] for: $greylist_delay seconds due to greylisting";
return "defer_if_permit Service is unavailable";
# You should not have to make changes below this point.
sub LOCK_SH { 1 }; # Shared lock (used for reading).
sub LOCK_EX { 2 }; # Exclusive lock (used for writing).
sub LOCK_NB { 4 }; # Don't block (for testing).
sub LOCK_UN { 8 }; # Release lock.
# Log an error and abort.
sub fatal_exit {
my($first) = shift(@_);
syslog "err", "fatal: $first", @_;
exit 1;
# Open hash database.
sub open_database {
my($database_fd);
# Use tied database to make complex manipulations easier to express.
$database_obj = tie(%db_hash, 'DB_File', $database_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE);
if ( !$database_obj ) {
# don't prevent mail deliveries due to corrupt database
my $db_backup = $database_name . "." . time();
syslog $syslog_priority, "Warning: open failed for: %s : backing up to: %s",
$database_name, $db_backup;
rename $database_name, $db_backup ||
fatal_exit "Can't save %s as %s: $!", $database_name, $db_backup;
# try again
$database_obj = tie(%db_hash, 'DB_File', $database_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE) ||
fatal_exit "Cannot open database %s: $!", $database_name;
$database_fd = $database_obj->fd;
open DATABASE_HANDLE, "+<&=$database_fd" ||
fatal_exit "Cannot fdopen database %s: $!", $database_name;
syslog $syslog_priority, "open %s", $database_name if $verbose;
# Open hash whitelist database.
sub open_whitelist_db {
my($whitelist_db_fd);
# Use tied database to make complex manipulations easier to express.
$whitelist_db_obj = tie(%db_hash, 'DB_File', $whitelist_db_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE);
if ( !$whitelist_db_obj ) {
# don't prevent mail deliveries due to corrupt database
my $db_backup = $whitelist_db_name . "." . time();
syslog $syslog_priority, "Warning: open failed for: %s : backing up to: %s",
$whitelist_db_name, $db_backup;
rename $whitelist_db_name, $db_backup ||
fatal_exit "Can't save %s as %s: $!", $whitelist_db_name, $db_backup;
# try again
$whitelist_db_obj = tie(%db_hash, 'DB_File', $whitelist_db_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE) ||
fatal_exit "Cannot open database %s: $!", $whitelist_db_name;
$whitelist_db_fd = $whitelist_db_obj->fd;
open WHITELIST_DB_HANDLE, "+<&=$whitelist_db_fd" ||
fatal_exit "Cannot fdopen database %s: $!", $whitelist_db_name;
syslog $syslog_priority, "open %s", $whitelist_db_name if $verbose;
# Read database. Use a shared lock to avoid reading the database
# while it is being changed. XXX There should be a way to synchronize
# our cache from the on-file database before looking up the key.
sub read_database {
my($key) = @_;
my($value);
flock DATABASE_HANDLE, LOCK_SH ||
fatal_exit "Can't get shared lock on %s: $!", $database_name;
# XXX Synchronize our cache from the on-disk copy before lookup.
$value = $db_hash{$key};
syslog $syslog_priority, "lookup %s: %s", $key, $value if $verbose;
flock DATABASE_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $database_name;
return $value;
# Read database. Use a shared lock to avoid reading the database
# while it is being changed. XXX There should be a way to synchronize
# our cache from the on-file database before looking up the key.
sub read_whitelist_db {
my($key) = @_;
my($value);
flock WHITELIST_DB_HANDLE, LOCK_SH ||
fatal_exit "Can't get shared lock on %s: $!", $whitelist_db_name;
# XXX Synchronize our cache from the on-disk copy before lookup.
$value = $db_hash{$key};
syslog $syslog_priority, "whitelist lookup %s: %s", $key, $value if $verbose;
flock WHITELIST_DB_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $whitelist_db_name;
return $value;
# Update database. Use an exclusive lock to avoid collisions with
# other updaters, and to avoid surprises in database readers. XXX
# There should be a way to synchronize our cache from the on-file
# database before updating the database.
sub update_database {
my($key, $value) = @_;
syslog $syslog_priority, "store %s: %s", $key, $value if $verbose;
flock DATABASE_HANDLE, LOCK_EX ||
fatal_exit "Can't exclusively lock %s: $!", $database_name;
# XXX Synchronize our cache from the on-disk copy before update.
$db_hash{$key} = $value;
$database_obj->sync() &&
fatal_exit "Can't update %s: $!", $database_name;
flock DATABASE_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $database_name;
# Update database. Use an exclusive lock to avoid collisions with
# other updaters, and to avoid surprises in database readers. XXX
# There should be a way to synchronize our cache from the on-file
# database before updating the database.
sub update_whitelist_db {
my($key, $value) = @_;
syslog $syslog_priority, "store whitelist host %s: %s", $key, $value if $verbose;
flock WHITELIST_DB_HANDLE, LOCK_EX ||
fatal_exit "Can't exclusively lock %s: $!", $whitelist_db_name;
# XXX Synchronize our cache from the on-disk copy before update.
$db_hash{$key} = $value;
$whitelist_db_obj->sync() &&
fatal_exit "Can't update %s: $!", $whitelist_db_name;
flock WHITELIST_DB_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $whitelist_db_name;
# Parse hostname to obtain domain name
sub get_domain_name {
my($in_host_name) = @_;
my($value);
my($count) = 0;
@tokens = split(/\./, $in_host_name);
$count = $#tokens;
$value=$tokens[$count-1] . "." . $tokens[$count];
return $value;
# Signal 11 means that we have some kind of database corruption (yes
# Berkeley DB should handle this better). Move the corrupted database
# out of the way, and start with a new database.
sub sigsegv_handler {
my $backup = $database_name . "." . time();
rename $database_name, $backup ||
fatal_exit "Can't save %s as %s: $!", $database_name, $backup;
fatal_exit "Caught signal 11; the corrupted database is saved as $backup";
my $wl_backup = $whitelist_db_name . "." . time();
rename $whitelist_db_name, $wl_backup ||
fatal_exit "Can't save %s as %s: $!", $whitelist_db_name, $wl_backup;
fatal_exit "Caught signal 11; the corrupted database is saved as $wl_backup";
$SIG{'SEGV'} = 'sigsegv_handler';
# This process runs as a daemon, so it can't log to a terminal. Use
# syslog so that people can actually see our messages.
setlogsock $syslog_socktype;
openlog $0, $syslog_options, $syslog_facility;
# We don't need getopt() for now.
while ($option = shift(@ARGV)) {
if ($option eq "-v") {
$verbose = 1;
} else {
syslog $syslog_priority, "Invalid option: %s. Usage: %s [-v]",
$option, $0;
exit 1;
# Unbuffer standard output.
select((select(STDOUT), $| = 1)[0]);
# Receive a bunch of attributes, evaluate the policy, send the result.
while (<STDIN>) {
if (/([^=]+)=(.*)\n/) {
$attr{substr($1, 0, 512)} = substr($2, 0, 512);
} elsif ($_ eq "\n") {
if ($verbose) {
for (keys %attr) {
syslog $syslog_priority, "Attribute: %s=%s", $_, $attr{$_};
if ( $attr{"request"} eq "smtpd_access_policy" ) {
$action = smtpd_access_policy();
} elsif ( $attr{"request"} eq "whitelist" ) {
$action = add_whitelist();
} elsif ( $attr{"request"} eq "whitelist_domain" ) {
$action = add_whitelist_domain();
} else {
fatal_exit "unrecognized request type: '%s'", $attr{request};
syslog $syslog_priority, "Action: %s", $action if $verbose;
print STDOUT "action=$action\n\n";
%attr = ();
} else {
chop;
syslog $syslog_priority, "warning: ignoring garbage: %.100s", $_; -
Bayes Error Question after Spamassassin Upgrade
I have just upgraded to Version 3.1.5 of the Spamassassin and I am getting the following readout when after I run spamassassin -D --lint
xserve1:/var/amavis root# spamassassin -D --lint
[18757] dbg: logger: adding facilities: all
[18757] dbg: logger: logging level is DBG
[18757] dbg: generic: SpamAssassin version 3.1.5
[18757] dbg: config: score set 0 chosen.
[18757] dbg: util: running in taint mode? yes
[18757] dbg: util: taint mode: deleting unsafe environment variables, resetting PATH
[18757] dbg: util: PATH included '/bin', keeping
[18757] dbg: util: PATH included '/sbin', keeping
[18757] dbg: util: PATH included '/usr/bin', keeping
[18757] dbg: util: PATH included '/usr/sbin', keeping
[18757] dbg: util: final PATH set to: /bin:/sbin:/usr/bin:/usr/sbin
[18757] dbg: message: ---- MIME PARSER START ----
[18757] dbg: message: main message type: text/plain
[18757] dbg: message: parsing normal part
[18757] dbg: message: added part, type: text/plain
[18757] dbg: message: ---- MIME PARSER END ----
[18757] dbg: dns: is Net::DNS::Resolver available? yes
[18757] dbg: dns: Net::DNS version: 0.59
[18757] dbg: diag: perl platform: 5.008006 darwin
[18757] dbg: diag: module installed: Digest::SHA1, version 2.10
[18757] dbg: diag: module installed: Archive::Tar, version 1.30
[18757] dbg: diag: module installed: IO::Zlib, version 1.04
[18757] dbg: diag: module installed: DB_File, version 1.814
[18757] dbg: diag: module installed: HTML::Parser, version 3.36
[18757] dbg: diag: module installed: MIME::Base64, version 3.05
[18757] dbg: diag: module installed: Net::DNS, version 0.59
[18757] dbg: diag: module installed: Net::SMTP, version 2.29
[18757] dbg: diag: module installed: Mail::SPF::Query, version 1.999001
[18757] dbg: diag: module installed: IP::Country::Fast, version 604.001
[18757] dbg: diag: module installed: Razor2::Client::Agent, version 2.82
[18757] dbg: diag: module installed: Net::Ident, version 1.20
[18757] dbg: diag: module not installed: IO::Socket::INET6 ('require' failed)
[18757] dbg: diag: module installed: IO::Socket::SSL, version 1.0
[18757] dbg: diag: module installed: Time::HiRes, version 1.68
[18757] dbg: diag: module installed: DBI, version 1.52
[18757] dbg: diag: module installed: Getopt::Long, version 2.34
[18757] dbg: diag: module installed: LWP::UserAgent, version 2.033
[18757] dbg: diag: module installed: HTTP::Date, version 1.47
[18757] dbg: ignore: using a test message to lint rules
[18757] dbg: config: using "/etc/mail/spamassassin" for site rules pre files
[18757] dbg: config: read file /etc/mail/spamassassin/init.pre
[18757] dbg: config: read file /etc/mail/spamassassin/v310.pre
[18757] dbg: config: read file /etc/mail/spamassassin/v312.pre
[18757] dbg: config: using "/usr/local/share/spamassassin" for sys rules pre files
[18757] dbg: config: using "/usr/local/share/spamassassin" for default rules dir
[18757] dbg: config: read file /usr/local/share/spamassassin/10_misc.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_advance_fee.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_anti_ratware.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_body_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_compensate.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_dnsbl_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_drugs.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_fake_helo_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_head_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_html_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_meta_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_net_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_phrases.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_****.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_ratware.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_uri_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/23_bayes.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_accessdb.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_antivirus.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_body_tests_es.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_body_tests_pl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_dcc.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_dkim.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_domainkeys.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_hashcash.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_pyzor.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_razor2.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_replace.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_spf.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_textcat.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_uribl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_de.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_fr.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_it.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_nl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_pl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_pt_br.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/50_scores.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_awl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist_dk.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist_dkim.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist_spf.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist_subject.cf
[18757] dbg: config: using "/etc/mail/spamassassin" for site rules dir
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_adult.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_bayes_poison_nxm.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_evilnum0.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_evilnum1.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_evilnum2.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_html.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_obfu.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_oem.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_random.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_stocks.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sc_top200.cf
[18757] dbg: config: read file /etc/mail/spamassassin/99_FVGT_Tripwire.cf
[18757] dbg: config: read file /etc/mail/spamassassin/Chinese_rules.cf
[18757] dbg: config: read file /etc/mail/spamassassin/local.cf
[18757] dbg: config: read file /etc/mail/spamassassin/weeds.cf
[18757] dbg: config: using "/private/var/root/.spamassassin/user_prefs" for user prefs file
[18757] dbg: config: read file /private/var/root/.spamassassin/user_prefs
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x18796d0)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1c828d8)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x1d91a64)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::Pyzor from @INC
[18757] dbg: pyzor: network tests on, attempting Pyzor
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::Pyzor=HASH(0x1c66f5c)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC
[18757] dbg: razor2: razor2 is available, version 2.82
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::Razor2=HASH(0x466db0)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::SpamCop from @INC
[18757] dbg: reporter: network tests on, attempting SpamCop
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::SpamCop=HASH(0x468e68)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::AWL from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::AWL=HASH(0x1dd02d0)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::AutoLearnThreshold from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::AutoLearnThreshold=HASH(0x1e34100)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::WhiteListSubject from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x1e36be0)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::MIMEHeader from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x1e39d30)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::ReplaceTags from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x1e3e260)
[18757] dbg: config: adding redirector regex: /^http:\/\/chkpt\.zdnet\.com\/chkpt\/\w+\/(.*)$/i
[18757] dbg: config: adding redirector regex: /^http:\/\/www(?:\d+)?\.nate\.com\/r\/\w+\/(.*)$/i
[18757] dbg: config: adding redirector regex: /^http:\/\/.+\.gov\/(?:.*\/)?externalLink\.jhtml\?.*url=(.*?)(?:&.*)?$/i
[18757] dbg: config: adding redirector regex: /^http:\/\/redir\.internet\.com\/.+?\/.+?\/(.*)$/i
[18757] dbg: config: adding redirector regex: /^http:\/\/(?:.*?\.)?adtech\.de\/.*(?:;|\|)link=(.*?)(?:;|$)/i
[18757] dbg: config: adding redirector regex: m'^http.*?/redirect\.php\?.*(?<=[?&])goto=(.*?)(?:$|[&\#])'i
[18757] dbg: config: adding redirector regex: m'^https?:/*(?:[^/]+\.)?emf\d\.com/r\.cfm.*?&r=(.*)'i
[18757] dbg: config: adding redirector regex: m'/(?:index.php)?\?.*(?<=[?&])URL=(.*?)(?:$|[&\#])'i
[18757] dbg: config: adding redirector regex: m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/url\?.*?(?<=[?&])q=(.*?)(?:$|[&\#] )'i
[18757] dbg: config: adding redirector regex: m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%2 0|..[=+\s])site:(.*?)(?:$|%20|[\s+&\#])'i
[18757] dbg: config: adding redirector regex: m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%2 0|..[=+\s])(?:"|%22)(.*?)(?:$|%22|["\s+&\#])'i
[18757] dbg: config: adding redirector regex: m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/translate\?.*?(?<=[?&])u=(.*?)(?:$ |[&\#])'i
[18757] warn: config: failed to parse line, skipping: scare RCVD_IN_NJABL_SPAM 3.0
[18757] dbg: plugin: Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x1e3e260) implements 'finish_parsing_end'
[18757] dbg: replacetags: replacing tags
[18757] dbg: replacetags: done replacing tags
[18757] dbg: bayes: no dbs present, cannot tie DB R/O: /private/var/root/.spamassassin/bayes_toks
[18757] dbg: config: score set 1 chosen.
[18757] dbg: message: ---- MIME PARSER START ----
[18757] dbg: message: main message type: text/plain
[18757] dbg: message: parsing normal part
[18757] dbg: message: added part, type: text/plain
[18757] dbg: message: ---- MIME PARSER END ----
[18757] dbg: bayes: no dbs present, cannot tie DB R/O: /private/var/root/.spamassassin/bayes_toks
[18757] dbg: dns: name server: 209.198.128.11, family: 2, ipv6: 0
[18757] dbg: dns: testing resolver nameservers: 209.198.128.11, 209.198.128.27
[18757] dbg: dns: trying (3) google.com...
[18757] dbg: dns: looking up NS for 'google.com'
[18757] dbg: dns: NS lookup of google.com using 209.198.128.11 succeeded => DNS available (set dns_available to override)
[18757] dbg: dns: is DNS available? 1
[18757] dbg: metadata: X-Spam-Relays-Trusted:
[18757] dbg: metadata: X-Spam-Relays-Untrusted:
[18757] dbg: metadata: X-Spam-Relays-Internal:
[18757] dbg: metadata: X-Spam-Relays-External:
[18757] dbg: message: no encoding detected
[18757] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x18796d0) implements 'parsed_metadata'
[18757] dbg: uridnsbl: domains to query:
[18757] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl-lastexternal
[18757] dbg: dns: checking RBL sa-accredit.habeas.com., set habeas-firsttrusted
[18757] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl
[18757] dbg: dns: checking RBL sa-other.bondedsender.org., set bsp-untrusted
[18757] dbg: dns: checking RBL combined.njabl.org., set njabl-lastexternal
[18757] dbg: dns: checking RBL combined.njabl.org., set njabl
[18757] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois
[18757] dbg: dns: checking RBL list.dsbl.org., set dsbl-lastexternal
[18757] dbg: dns: checking RBL bl.spamcop.net., set spamcop
[18757] dbg: dns: checking RBL sa-trusted.bondedsender.org., set bsp-firsttrusted
[18757] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois-lastexternal
[18757] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs-lastexternal
[18757] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs
[18757] dbg: dns: checking RBL iadb.isipp.com., set iadb-firsttrusted
[18757] dbg: check: running tests for priority: 0
[18757] dbg: rules: running header regexp tests; score so far=0
[18757] dbg: rules: ran header rule __HAS_MSGID ======> got hit: "<"@lint_rules>"
[18757] dbg: rules: ran header rule NO_REAL_NAME ======> got hit: "[email protected]
[18757] dbg: rules: "
[18757] dbg: rules: ran header rule __MSGID_OK_DIGITS ======> got hit: "1159381766"
[18757] dbg: spf: no suitable relay for spf use found, skipping SPF-helo check
[18757] dbg: eval: all '*From' addrs: [email protected]
[18757] dbg: eval: all '*To' addrs:
[18757] dbg: spf: no suitable relay for spf use found, skipping SPF check
[18757] dbg: rules: ran eval rule NO_RELAYS ======> got hit
[18757] dbg: spf: cannot get Envelope-From, cannot use SPF
[18757] dbg: spf: def_spf_whitelist_from: could not find useable envelope sender
[18757] dbg: rules: ran eval rule __UNUSABLE_MSGID ======> got hit
[18757] dbg: spf: spf_whitelist_from: could not find useable envelope sender
[18757] dbg: rules: ran eval rule MISSING_HEADERS ======> got hit
[18757] dbg: rules: running body-text per-line regexp tests; score so far=3.188
[18757] dbg: rules: ran body rule __NONEMPTY_BODY ======> got hit: "I"
[18757] dbg: uri: running uri tests; score so far=3.188
[18757] dbg: bayes: no dbs present, cannot tie DB R/O: /private/var/root/.spamassassin/bayes_toks
[18757] dbg: bayes: not scoring message, returning undef
[18757] dbg: bayes: opportunistic call attempt failed, DB not readable
[18757] dbg: rules: running raw-body-text per-line regexp tests; score so far=3.188
[18757] dbg: rules: running full-text regexp tests; score so far=3.188
[18757] dbg: info: entering helper-app run mode
[18757] dbg: info: leaving helper-app run mode
[18757] dbg: razor2: part=0 engine=4 contested=0 confidence=0
[18757] dbg: razor2: results: spam? 0
[18757] dbg: razor2: results: engine 8, highest cf score: 0
[18757] dbg: razor2: results: engine 4, highest cf score: 0
[18757] dbg: util: current PATH is: /bin:/sbin:/usr/bin:/usr/sbin
[18757] dbg: pyzor: pyzor is not available: no pyzor executable found
[18757] dbg: pyzor: no pyzor found, disabling Pyzor
[18757] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x18796d0) implements 'check_tick'
[18757] dbg: check: running tests for priority: 500
[18757] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x18796d0) implements 'check_post_dnsbl'
[18757] dbg: rules: running meta tests; score so far=3.188
[18757] info: rules: meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK'
[18757] info: rules: meta test SARE_OBFU_CIALIS has undefined dependency 'SARE_OBFU_CIALIS2'
[18757] info: rules: meta test FP_MIXED_****3 has undefined dependency 'FP_PENETRATION'
[18757] dbg: rules: running header regexp tests; score so far=4.666
[18757] dbg: rules: running body-text per-line regexp tests; score so far=4.666
[18757] dbg: uri: running uri tests; score so far=4.666
[18757] dbg: rules: running raw-body-text per-line regexp tests; score so far=4.666
[18757] dbg: rules: running full-text regexp tests; score so far=4.666
[18757] dbg: check: running tests for priority: 1000
[18757] dbg: rules: running meta tests; score so far=4.666
[18757] dbg: rules: running header regexp tests; score so far=4.666
[18757] dbg: config: using "/private/var/root/.spamassassin" for user state dir
[18757] dbg: locker: safe_lock: created /private/var/root/.spamassassin/auto-whitelist.lock.xserve1.topequip.com.18757
[18757] dbg: locker: safe_lock: trying to get lock on /private/var/root/.spamassassin/auto-whitelist with 0 retries
[18757] dbg: locker: safe_lock: link to /private/var/root/.spamassassin/auto-whitelist.lock: link ok
[18757] dbg: auto-whitelist: tie-ing to DB file of type DB_File R/W in /private/var/root/.spamassassin/auto-whitelist
[18757] dbg: auto-whitelist: db-based [email protected]|ip=none scores 0/0
[18757] dbg: auto-whitelist: AWL active, pre-score: 4.666, autolearn score: 4.666, mean: undef, IP: undef
[18757] dbg: auto-whitelist: DB addr list: untie-ing and unlocking
[18757] dbg: auto-whitelist: DB addr list: file locked, breaking lock
[18757] dbg: locker: safe_unlock: unlink /private/var/root/.spamassassin/auto-whitelist.lock
[18757] dbg: auto-whitelist: post auto-whitelist score: 4.666
[18757] dbg: rules: running body-text per-line regexp tests; score so far=4.666
[18757] dbg: uri: running uri tests; score so far=4.666
[18757] dbg: rules: running raw-body-text per-line regexp tests; score so far=4.666
[18757] dbg: rules: running full-text regexp tests; score so far=4.666
[18757] dbg: check: is spam? score=4.666 required=2
[18757] dbg: check: tests=MISSING_HEADERS,MISSING_SUBJECT,NO_REAL_NAME,NO_RECEIVED,NO_RELAYS,TO_CC_ NONE
[18757] dbg: check: subtests=__HAS_MSGID,__MSGID_OK_DIGITS,__MSGID_OK_HOST,__NONEMPTY_BODY,__SANE_M SGID,__UNUSABLE_MSGID
[18757] warn: lint: 1 issues detected, please rerun with debug enabled for more information
I am concerned with the following -
[18757] dbg: bayes: no dbs present, cannot tie DB R/O: /private/var/root/.spamassassin/bayes_toks
[18757] dbg: bayes: not scoring message, returning undef
[18757] dbg: bayes: opportunistic call attempt failed, DB not readable
I know that I have a failure with the IO::Socket::INET6 also.
I am also not getting (never have gotten) the BAYES tag when I look at the Raw Source on Spam Emails. I am assuming that error above could be the issue.
Any help on this would be greatly appreciated. I love this discussion group and it has helped me out of a bind more than once!
Thanks in advance for your time.
G5 Power Mac Mac OS X (10.4.7)Latest news!
I just looked at a spam email and I see that it is tagged here is the info
X-Spam-Status: No, hits=-1.827 tagged_above=-999 required=2 tests=BAYES_00,
DIET_1
Now I am still concerned about the error I listed above about the Bayes DB. Any help would be great. -
Hi
my rules du jour update keeps failing...
It has been filing for weeks.
it says:
**WARNING**: spamassassin --lint failed.
Rolling configuration files back, not restarting SpamAssassin.
Rollback command is: mv -f /etc/mail/spamassassin/tripwire.cf /etc/mail/spamassassin/RulesDuJour/99FVGTTripwire.cf.2; rm -f /etc/mail/spamassassin/tripwire.cf;
Lint output: config: SpamAssassin failed to parse line, skipping: <HTML><HEAD><META HTTP-EQUIV="Refresh" CONTENT="0.1">
config: SpamAssassin failed to parse line, skipping: <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
config: SpamAssassin failed to parse line, skipping: <META HTTP-EQUIV="Expires" CONTENT="-1">
config: SpamAssassin failed to parse line, skipping: </HEAD></HTML>
lint: 4 issues detected. please rerun with debug enabled for more information.
I've run debug but cannot find the error:
debug: SpamAssassin version 3.0.1
debug: Score set 0 chosen.
debug: running in taint mode? yes
debug: Running in taint mode, removing unsafe env vars, and resetting PATH
debug: PATH included '/bin', keeping.
debug: PATH included '/sbin', keeping.
debug: PATH included '/usr/bin', keeping.
debug: PATH included '/usr/sbin', keeping.
debug: Final PATH set to: /bin:/sbin:/usr/bin:/usr/sbin
debug: diag: module not installed: DBI ('require' failed)
debug: diag: module installed: DB_File, version 1.810
debug: diag: module installed: Digest::SHA1, version 2.10
debug: diag: module installed: IO::Socket::UNIX, version 1.21
debug: diag: module installed: MIME::Base64, version 3.05
debug: diag: module installed: Net::DNS, version 0.59
debug: diag: module not installed: Net::LDAP ('require' failed)
debug: diag: module not installed: Razor2::Client::Agent ('require' failed)
debug: diag: module installed: Storable, version 2.13
debug: diag: module installed: URI, version 1.35
debug: ignore: using a test message to lint rules
debug: using "/etc/mail/spamassassin/init.pre" for site rules init.pre
debug: config: read file /etc/mail/spamassassin/init.pre
debug: using "//usr/share/spamassassin" for default rules dir
debug: config: read file //usr/share/spamassassin/10_misc.cf
debug: config: read file //usr/share/spamassassin/20antiratware.cf
debug: config: read file //usr/share/spamassassin/20bodytests.cf
debug: config: read file //usr/share/spamassassin/20_compensate.cf
debug: config: read file //usr/share/spamassassin/20dnsbltests.cf
debug: config: read file //usr/share/spamassassin/20_drugs.cf
debug: config: read file //usr/share/spamassassin/20fake_helotests.cf
debug: config: read file //usr/share/spamassassin/20headtests.cf
debug: config: read file //usr/share/spamassassin/20htmltests.cf
debug: config: read file //usr/share/spamassassin/20metatests.cf
debug: config: read file //usr/share/spamassassin/20_phrases.cf
debug: config: read file //usr/share/spamassassin/20_****.cf
debug: config: read file //usr/share/spamassassin/20_ratware.cf
debug: config: read file //usr/share/spamassassin/20uritests.cf
debug: config: read file //usr/share/spamassassin/23_bayes.cf
debug: config: read file //usr/share/spamassassin/25body_testses.cf
debug: config: read file //usr/share/spamassassin/25body_testspl.cf
debug: config: read file //usr/share/spamassassin/25_hashcash.cf
debug: config: read file //usr/share/spamassassin/25head_testses.cf
debug: config: read file //usr/share/spamassassin/25head_testspl.cf
debug: config: read file //usr/share/spamassassin/25_spf.cf
debug: config: read file //usr/share/spamassassin/25_uribl.cf
debug: config: read file //usr/share/spamassassin/30textde.cf
debug: config: read file //usr/share/spamassassin/30textes.cf
debug: config: read file //usr/share/spamassassin/30textfr.cf
debug: config: read file //usr/share/spamassassin/30textit.cf
debug: config: read file //usr/share/spamassassin/30textnl.cf
debug: config: read file //usr/share/spamassassin/30textpl.cf
debug: config: read file //usr/share/spamassassin/30textsk.cf
debug: config: read file //usr/share/spamassassin/50_scores.cf
debug: config: read file //usr/share/spamassassin/60_whitelist.cf
debug: using "//etc/mail/spamassassin" for site rules dir
debug: config: read file //etc/mail/spamassassin/70sareadult.cf
debug: config: read file //etc/mail/spamassassin/70sareevilnum0.cf
debug: config: read file //etc/mail/spamassassin/70saregenlsubj0.cf
debug: config: read file //etc/mail/spamassassin/70sareheader.cf
debug: config: read file //etc/mail/spamassassin/70sarehighrisk.cf
debug: config: read file //etc/mail/spamassassin/70sarehtml.cf
debug: config: read file //etc/mail/spamassassin/70sareobfu.cf
debug: config: read file //etc/mail/spamassassin/70sarerandom.cf
debug: config: read file //etc/mail/spamassassin/70sareratware.cf
debug: config: read file //etc/mail/spamassassin/70sarespecific.cf
debug: config: read file //etc/mail/spamassassin/70sarespoof.cf
debug: config: read file //etc/mail/spamassassin/70sarestocks.cf
debug: config: read file //etc/mail/spamassassin/70sareuri0.cf
debug: config: read file //etc/mail/spamassassin/70sarewhitelist.cf
debug: config: read file //etc/mail/spamassassin/70sctop200.cf
debug: config: read file //etc/mail/spamassassin/71sare_redirectpre3.0.0.cf
debug: config: read file //etc/mail/spamassassin/72sare_bmlpost25x.cf
debug: config: read file //etc/mail/spamassassin/88FVGTbody.cf
debug: config: read file //etc/mail/spamassassin/88FVGTheaders.cf
debug: config: read file //etc/mail/spamassassin/88FVGTsubject.cf
debug: config: read file //etc/mail/spamassassin/88FVGTuri.cf
debug: config: read file //etc/mail/spamassassin/99FVGTTripwire.cf
debug: config: read file //etc/mail/spamassassin/99sare_fraudpost25x.cf
debug: config: read file //etc/mail/spamassassin/antidrug.cf
debug: config: read file //etc/mail/spamassassin/backhair.cf
debug: config: read file //etc/mail/spamassassin/local.cf
debug: config: read file //etc/mail/spamassassin/tims.cf
debug: config: read file //etc/mail/spamassassin/weeds.cf
debug: using "/Users/timmitra/.spamassassin" for user state dir
debug: using "/Users/timmitra/.spamassassin/user_prefs" for user prefs file
debug: config: read file /Users/timmitra/.spamassassin/user_prefs
debug: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270)
debug: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1bd9524)
debug: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x1bda550)
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) implements 'parse_config'
debug: plugin: Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1bd9524) implements 'parse_config'
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) inhibited further callbacks
debug: using "/Users/timmitra/.spamassassin" for user state dir
debug: bayes: 19001 tie-ing to DB file R/O /Users/timmitra/.spamassassin/bayes_toks
debug: bayes: 19001 tie-ing to DB file R/O /Users/timmitra/.spamassassin/bayes_seen
debug: bayes: found bayes db version 3
debug: using "/Users/timmitra/.spamassassin" for user state dir
debug: bayes: Not available for scanning, only 1 spam(s) in Bayes DB < 200
debug: bayes: 19001 untie-ing
debug: bayes: 19001 untie-ing db_toks
debug: bayes: 19001 untie-ing db_seen
debug: Score set 1 chosen.
debug: ---- MIME PARSER START ----
debug: main message type: text/plain
debug: parsing normal part
debug: added part, type: text/plain
debug: ---- MIME PARSER END ----
debug: bayes: 19001 tie-ing to DB file R/O /Users/timmitra/.spamassassin/bayes_toks
debug: bayes: 19001 tie-ing to DB file R/O /Users/timmitra/.spamassassin/bayes_seen
debug: bayes: found bayes db version 3
debug: bayes: Not available for scanning, only 1 spam(s) in Bayes DB < 200
debug: bayes: 19001 untie-ing
debug: bayes: 19001 untie-ing db_toks
debug: bayes: 19001 untie-ing db_seen
debug: metadata: X-Spam-Relays-Trusted:
debug: metadata: X-Spam-Relays-Untrusted:
debug: decoding: no encoding detected
debug: Loading languages file...
debug: Language possibly: en,sco
debug: metadata: X-Languages: en sco
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) implements 'parsed_metadata'
debug: is Net::DNS::Resolver available? yes
debug: Net::DNS version: 0.59
debug: trying (3) adelphia.net...
debug: looking up NS for 'adelphia.net'
debug: NS lookup of adelphia.net succeeded => Dns available (set dns_available to hardcode)
debug: is DNS available? 1
debug: URIDNSBL: domains to query:
debug: all '*From' addrs: [email protected]
debug: Running tests for priority: 0
debug: running header regexp tests; score so far=0
debug: registering glue method for checkhashcash_doublespend (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1bd9524))
debug: registering glue method for checkfor_spf_helopass (Mail::SpamAssassin::Plugin::SPF=HASH(0x1bda550))
debug: SPF: message was delivered entirely via trusted relays, not required
debug: registering glue method for checkhashcashvalue (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1bd9524))
debug: all '*To' addrs:
debug: registering glue method for checkfor_spfsoftfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1bda550))
debug: SPF: message was delivered entirely via trusted relays, not required
debug: registering glue method for checkfor_spfpass (Mail::SpamAssassin::Plugin::SPF=HASH(0x1bda550))
debug: registering glue method for checkfor_spf_helosoftfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1bda550))
debug: registering glue method for checkfor_spf_helofail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1bda550))
debug: running body-text per-line regexp tests; score so far=-2.623
debug: running uri tests; score so far=-2.623
debug: registering glue method for check_uridnsbl (Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270))
debug: Razor2 is not available
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) implements 'check_tick'
debug: running raw-body-text per-line regexp tests; score so far=-2.623
debug: running full-text regexp tests; score so far=-2.623
debug: Razor2 is not available
debug: Current PATH is: /bin:/sbin:/usr/bin:/usr/sbin
debug: Pyzor is not available: pyzor not found
debug: DCCifd is not available: no r/w dccifd socket found.
debug: DCC is not available: no executable dccproc found.
debug: Running tests for priority: 500
debug: RBL: success for 1 of 1 queries
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x1c7d270) implements 'checkpostdnsbl'
debug: running meta tests; score so far=-2.623
debug: running header regexp tests; score so far=-1.053
debug: running body-text per-line regexp tests; score so far=-1.053
debug: running uri tests; score so far=-1.053
debug: running raw-body-text per-line regexp tests; score so far=-1.053
debug: running full-text regexp tests; score so far=-1.053
debug: Running tests for priority: 1000
debug: running meta tests; score so far=-1.053
debug: running header regexp tests; score so far=-1.053
debug: using "/Users/timmitra/.spamassassin" for user state dir
debug: lock: 19001 created /Users/timmitra/.spamassassin/auto-whitelist.lock.zoot.local.19001
debug: lock: 19001 trying to get lock on /Users/timmitra/.spamassassin/auto-whitelist with 0 retries
debug: lock: 19001 link to /Users/timmitra/.spamassassin/auto-whitelist.lock: link ok
debug: Tie-ing to DB file R/W in /Users/timmitra/.spamassassin/auto-whitelist
debug: auto-whitelist (db-based): [email protected]|ip=none scores 0/0
debug: AWL active, pre-score: -1.053, autolearn score: -1.053, mean: undef, IP: undef
debug: DB addr list: untie-ing and unlocking.
debug: DB addr list: file locked, breaking lock.
debug: unlock: 19001 unlink /Users/timmitra/.spamassassin/auto-whitelist.lock
debug: Post AWL score: -1.053
debug: running body-text per-line regexp tests; score so far=-1.053
debug: running uri tests; score so far=-1.053
debug: running raw-body-text per-line regexp tests; score so far=-1.053
debug: running full-text regexp tests; score so far=-1.053
debug: is spam? score=-1.053 required=5
debug: tests=ALLTRUSTED,MISSING_DATE,MISSING_SUBJECT,NO_REALNAME
debug: subtests=_HAS_MSGID,__MSGID_OK_DIGITS,__MSGID_OK_HOST,__NONEMPTY_BODY,__SANE_MSGID,__SARE _WHITELIST_FLAG,__UNUSABLEMSGID
I removed tripwire.cf last night (before the cron updates) and it still failed (the "99FVGTTripwire.cf" was downloaded this weekend.)
MacBook (BootCamp), various Macs and servers Mac OS X (10.4.7)I have stopped using any of Fred's (FVGT) rules some time ago. They tend to cause false positives and other problems, but that is an other issue.
RulesDuJour is notoriously unreliable. See this for a possible solution:
http://www.global-domination.org/forum/viewtopic.php?p=2190 -
Cannot seem to get Bayes working
Hello all,
I have two servers. On one of them I cannot seem to get bayes working. any ideas where to look.
Tim
output from SpamAssassin -D --lint
debug: SpamAssassin version 3.0.1
debug: Score set 0 chosen.
debug: running in taint mode? yes
debug: Running in taint mode, removing unsafe env vars, and resetting PATH
debug: PATH included '/bin', keeping.
debug: PATH included '/sbin', keeping.
debug: PATH included '/usr/bin', keeping.
debug: PATH included '/usr/sbin', keeping.
debug: Final PATH set to: /bin:/sbin:/usr/bin:/usr/sbin
debug: diag: module not installed: DBI ('require' failed)
debug: diag: module installed: DB_File, version 1.810
debug: diag: module installed: Digest::SHA1, version 2.10
debug: diag: module installed: IO::Socket::UNIX, version 1.21
debug: diag: module installed: MIME::Base64, version 3.05
debug: diag: module not installed: Net::DNS ('require' failed)
debug: diag: module not installed: Net::LDAP ('require' failed)
debug: diag: module not installed: Razor2::Client::Agent ('require' failed)
debug: diag: module installed: Storable, version 2.13
debug: diag: module installed: URI, version 1.35
debug: ignore: using a test message to lint rules
debug: using "/etc/mail/spamassassin/init.pre" for site rules init.pre
debug: config: read file /etc/mail/spamassassin/init.pre
debug: using "//usr/share/spamassassin" for default rules dir
debug: config: read file //usr/share/spamassassin/10_misc.cf
debug: config: read file //usr/share/spamassassin/20antiratware.cf
debug: config: read file //usr/share/spamassassin/20bodytests.cf
debug: config: read file //usr/share/spamassassin/20_compensate.cf
debug: config: read file //usr/share/spamassassin/20dnsbltests.cf
debug: config: read file //usr/share/spamassassin/20_drugs.cf
debug: config: read file //usr/share/spamassassin/20fake_helotests.cf
debug: config: read file //usr/share/spamassassin/20headtests.cf
debug: config: read file //usr/share/spamassassin/20htmltests.cf
debug: config: read file //usr/share/spamassassin/20metatests.cf
debug: config: read file //usr/share/spamassassin/20_phrases.cf
debug: config: read file //usr/share/spamassassin/20_****.cf
debug: config: read file //usr/share/spamassassin/20_ratware.cf
debug: config: read file //usr/share/spamassassin/20uritests.cf
debug: config: read file //usr/share/spamassassin/23_bayes.cf
debug: config: read file //usr/share/spamassassin/25body_testses.cf
debug: config: read file //usr/share/spamassassin/25body_testspl.cf
debug: config: read file //usr/share/spamassassin/25_hashcash.cf
debug: config: read file //usr/share/spamassassin/25head_testses.cf
debug: config: read file //usr/share/spamassassin/25head_testspl.cf
debug: config: read file //usr/share/spamassassin/25_spf.cf
debug: config: read file //usr/share/spamassassin/25_uribl.cf
debug: config: read file //usr/share/spamassassin/30textde.cf
debug: config: read file //usr/share/spamassassin/30textes.cf
debug: config: read file //usr/share/spamassassin/30textfr.cf
debug: config: read file //usr/share/spamassassin/30textit.cf
debug: config: read file //usr/share/spamassassin/30textnl.cf
debug: config: read file //usr/share/spamassassin/30textpl.cf
debug: config: read file //usr/share/spamassassin/30textsk.cf
debug: config: read file //usr/share/spamassassin/50_scores.cf
debug: config: read file //usr/share/spamassassin/60_whitelist.cf
debug: using "//etc/mail/spamassassin" for site rules dir
debug: config: read file //etc/mail/spamassassin/local.cf
debug: using "/Users/admin/.spamassassin" for user state dir
debug: using "/Users/admin/.spamassassin/user_prefs" for user prefs file
debug: config: read file /Users/admin/.spamassassin/user_prefs
debug: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
debug: failed to load Net::DNS::Resolver: Can't locate Net/DNS.pm in @INC (@INC contains: //lib/perl5/site_perl /System/Library/Perl/5.8.6/darwin-thread-multi-2level /System/Library/Perl/5.8.6 /Library/Perl/5.8.6/darwin-thread-multi-2level /Library/Perl/5.8.6 /Library/Perl /Network/Library/Perl/5.8.6/darwin-thread-multi-2level /Network/Library/Perl/5.8.6 /Network/Library/Perl /System/Library/Perl/Extras/5.8.6/darwin-thread-multi-2level /System/Library/Perl/Extras/5.8.6 /Library/Perl/5.8.1) at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Plugin/URIDNSBL.pm line 113.
debug: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4)
debug: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1ae4b0c)
debug: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
debug: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x1a551a8)
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) implements 'parse_config'
debug: plugin: Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1ae4b0c) implements 'parse_config'
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) inhibited further callbacks
debug: using "/Users/admin/.spamassassin" for user state dir
debug: bayes: no dbs present, cannot tie DB R/O: /Users/admin/.spamassassin/bayes_toks
debug: Score set 1 chosen.
debug: ---- MIME PARSER START ----
debug: main message type: text/plain
debug: parsing normal part
debug: added part, type: text/plain
debug: ---- MIME PARSER END ----
debug: bayes: no dbs present, cannot tie DB R/O: /Users/admin/.spamassassin/bayes_toks
debug: metadata: X-Spam-Relays-Trusted:
debug: metadata: X-Spam-Relays-Untrusted:
debug: decoding: no encoding detected
debug: Loading languages file...
debug: Language possibly: en,sco
debug: metadata: X-Languages: en sco
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) implements 'parsed_metadata'
debug: is Net::DNS::Resolver available? no
debug: is DNS available? 0
debug: Running tests for priority: 0
debug: running header regexp tests; score so far=0
debug: registering glue method for checkhashcash_doublespend (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1ae4b0c))
debug: registering glue method for checkfor_spf_helopass (Mail::SpamAssassin::Plugin::SPF=HASH(0x1a551a8))
debug: all '*From' addrs: [email protected]
debug: registering glue method for checkhashcashvalue (Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1ae4b0c))
debug: all '*To' addrs:
debug: registering glue method for checkfor_spfsoftfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1a551a8))
debug: registering glue method for checkfor_spfpass (Mail::SpamAssassin::Plugin::SPF=HASH(0x1a551a8))
debug: registering glue method for checkfor_spf_helosoftfail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1a551a8))
debug: registering glue method for checkfor_spf_helofail (Mail::SpamAssassin::Plugin::SPF=HASH(0x1a551a8))
debug: running body-text per-line regexp tests; score so far=-2.623
debug: running uri tests; score so far=-2.623
debug: registering glue method for check_uridnsbl (Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4))
debug: Razor2 is not available
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) implements 'check_tick'
debug: running raw-body-text per-line regexp tests; score so far=-2.623
debug: running full-text regexp tests; score so far=-2.623
debug: Razor2 is not available
debug: Current PATH is: /bin:/sbin:/usr/bin:/usr/sbin
debug: Pyzor is not available: pyzor not found
debug: DCCifd is not available: no r/w dccifd socket found.
debug: DCC is not available: no executable dccproc found.
debug: Running tests for priority: 500
debug: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x19248b4) implements 'checkpostdnsbl'
debug: running meta tests; score so far=-2.623
debug: running header regexp tests; score so far=-1.053
debug: running body-text per-line regexp tests; score so far=-1.053
debug: running uri tests; score so far=-1.053
debug: running raw-body-text per-line regexp tests; score so far=-1.053
debug: running full-text regexp tests; score so far=-1.053
debug: Running tests for priority: 1000
debug: running meta tests; score so far=-1.053
debug: running header regexp tests; score so far=-1.053
debug: using "/Users/admin/.spamassassin" for user state dir
debug: lock: 8450 created /Users/admin/.spamassassin/auto-whitelist.lock.xserv.kimcell.com.8450
debug: lock: 8450 trying to get lock on /Users/admin/.spamassassin/auto-whitelist with 0 retries
debug: lock: 8450 link to /Users/admin/.spamassassin/auto-whitelist.lock: link ok
debug: Tie-ing to DB file R/W in /Users/admin/.spamassassin/auto-whitelist
debug: auto-whitelist (db-based): [email protected]|ip=none scores 0/0
debug: AWL active, pre-score: -1.053, autolearn score: -1.053, mean: undef, IP: undef
debug: DB addr list: untie-ing and unlocking.
debug: DB addr list: file locked, breaking lock.
debug: unlock: 8450 unlink /Users/admin/.spamassassin/auto-whitelist.lock
debug: Post AWL score: -1.053
debug: running body-text per-line regexp tests; score so far=-1.053
debug: running uri tests; score so far=-1.053
debug: running raw-body-text per-line regexp tests; score so far=-1.053
debug: running full-text regexp tests; score so far=-1.053
debug: is spam? score=-1.053 required=5
debug: tests=ALLTRUSTED,MISSING_DATE,MISSING_SUBJECT,NO_REALNAME
debug: subtests=_HAS_MSGID,__MSGID_OK_DIGITS,__MSGID_OK_HOST,__SANE_MSGID,__UNUSABLEMSGIDyes, link is fixed and have make the ususal changes to support virtual domains. apart from the fact that you "cannot see for looking" the configs of each servers look the same.
Server that works:
0.000 0 3 0 non-token data: bayes db version
0.000 0 596 0 non-token data: nspam
0.000 0 1993 0 non-token data: nham
0.000 0 151334 0 non-token data: ntokens
0.000 0 1163073364 0 non-token data: oldest atime
0.000 0 1165495440 0 non-token data: newest atime
0.000 0 1165487753 0 non-token data: last journal sync atime
0.000 0 1165487811 0 non-token data: last expiry atime
0.000 0 0 0 non-token data: last expire atime delta
0.000 0 0 0 non-token data: last expire reduction count
One that is not working
0.000 0 3 0 non-token data: bayes db version
0.000 0 126 0 non-token data: nspam
0.000 0 3798 0 non-token data: nham
0.000 0 146024 0 non-token data: ntokens
0.000 0 1164060466 0 non-token data: oldest atime
0.000 0 1165492798 0 non-token data: newest atime
0.000 0 1165460404 0 non-token data: last journal sync atime
0.000 0 1165443883 0 non-token data: last expiry atime
0.000 0 1382400 0 non-token data: last expire atime delta
0.000 0 16650 0 non-token data: last expire reduction count -
Spamtrainer -f & X-Spam-***: Question
I switched to a Mac Pro Intel as my server a few months ago. I have been working out the kinks. I was moving from a Tiger Server install on a PowerMac G5. I had all the stuff for amavis, clamav, & spamassassin fixed on that install. I missed something since I have 2 .spamassassin directories and no symlink in /var/clamav/ or /var/amavis/. I have been running the nightly cron job as setup by Spamtrainer 1.2.7. I just updated to 1.5.7.
So since I have been running this I do have a bayes DB.
sudo su - clamav -c "sa-learn --dump magic"
0.000 0 3 0 non-token data: bayes db version
0.000 0 14767 0 non-token data: nspam
0.000 0 1402 0 non-token data: nham
0.000 0 181092 0 non-token data: ntokens
0.000 0 1165964162 0 non-token data: oldest atime
0.000 0 1170363924 0 non-token data: newest atime
0.000 0 1170396013 0 non-token data: last journal sync atime
0.000 0 1170396020 0 non-token data: last expiry atime
0.000 0 2764800 0 non-token data: last expire atime delta
0.000 0 12699 0 non-token data: last expire reduction count
First question is if I run spamtrainer -f will this delete the current DB?
If yes how do I combine the 2 directories before making the symlink?
What directory does spamtrainer -b backup /var/amavis/ or /var/clamav/?
/var/amavis/.spamassassin root# ls -loa
total 61896
-rw------- 1 clamav clamav - 20983808 Feb 2 17:43 auto-whitelist
-rw------- 1 clamav clamav - 95472 Feb 2 17:43 bayes_journal
-rw------- 1 clamav clamav - 5218304 Feb 2 17:43 bayes_seen
-rw------- 1 clamav clamav - 5390336 Feb 2 17:43 bayes_toks
/var/clamav/.spamassassin root# ls -loa
total 13128
-rw------- 1 clamav clamav - 1310720 Feb 2 05:30 bayes_seen
-rw------- 1 clamav clamav - 5410816 Feb 2 05:30 bayes_toks
My final question goes to the X-Spam-*: headers.
They should be in every mail that is delivered right? I only see these headers in mail with subject * JUNK MAIL *.
Will this be fixed after the symlink is done so all mail has X-Spam-*: headers in them?Thanx Alex was waiting for your post.
All appears well sudo su - clamav -c "sa-learn --dump magic"
0.000 0 3 0 non-token data: bayes db version
0.000 0 14789 0 non-token data: nspam
0.000 0 1402 0 non-token data: nham
0.000 0 182231 0 non-token data: ntokens
0.000 0 1165964162 0 non-token data: oldest atime
0.000 0 1170466264 0 non-token data: newest atime
0.000 0 1170482415 0 non-token data: last journal sync atime
0.000 0 1170465843 0 non-token data: last expiry atime
0.000 0 2764800 0 non-token data: last expire atime delta
0.000 0 12699 0 non-token data: last expire reduction count
so that looks good. but I get this error now which i did not get before.
~ root# sudo su clamav -c "spamassassin --lint"
su: Can't start from current directory: Permission denied
su: Trying to start from "/var/clamav"
$satag_leveldeflt was set to -999 so I don't know why all messages did not get X-Spam-*: headers? -
I was just going through a recent test server (10.4.7), which had previously not had spamassassin enabled, in order to get a clearer idea of spamassassin and its learning process.
I fixed the .spamassassin link, added the 2 junkmail users, installed spamtrainer. Ran spamtrainer and it reported (correctly) just the couple of messages I had used to test the spam & ham accounts.
I ran sa-learn on two folders, one spam and one ham, of 400 messages each.
I then redirected an obvious spam message to a user account. This failed to be labeled as spam, with the header stating "X-Spam-Status: No. Hits: 0. Tests: <blank>"
I redirected the message to the junkmail account and ran spamtrainer which reported that the number of messages in the Spam database was now 3. Not the 403 which I kind of expected after the sa-learn process (I obviously have the wrong idea about what is being reported in the table).
Amavis.log shows the scan going through its motions & running a manual test on the text of the message... " spamassassin -D < spam.txt " displays a test score of 0.2 so at least it seems to be being scanned.
But why has the sa-learn process, on 400 spam & ham, not seemed to have had any effect? I can only presume I have missed something obvious...
Ta.
-david
Size of files in .spamassassin folder...
172032 auto-whitelist
90112 bayes_seen
1331200 bayes_toks
1175 user_prefsThanks, Alex.
I carried out a further couple of tests on a purged database (Server V. 10.4.7)...
Test 1. Purge database then test 4 pieces of spam.
Test 2. Purge, sa-learn on 500 each of spam and ham, test same 4 spam.
The following rules & scores were reported for each test...
SPAM1
TEST1: 0.2 no real name, 0.2 invalid date, 0.1 forged rcvd helo. TOTAL 0.5
TEST2: 0.0 no real name, 0.2 invalid date, 0.4 bayes 60. TOTAL 0.6
SPAM2
TEST1: 0.2 no real name, 0.2 invalid date, 0.1 forged rcvd helo. TOTAL 0.5
TEST2: 0.0 no real name, 0.2 invalid date, 0.0 bayes 50. TOTAL 0.2
SPAM3
TEST1: 0.0 missing date, -2.8 all trusted, 2.0 head illegal chars, 1.6 missing subject. TOTAL 0.8
TEST2: -3.3 all trusted, 2.1 head illegal chars, 0.1 missing headers, 1.2 missing subject. TOTAL 0.2
SPAM4
TEST1: 0.2 no real name, 0.2 invalid date, 0.5 info TLD. TOTAL 0.9
TEST2: 0.0 no real name, 0.2 invalid date, 1.9 bayes 99, 0.0 mime qp long line. TOTAL 2.2
Conclusions?
There is obviously a lot of dynamic adjustments to the scores given to non-body rules which are triggered by passing the bayes threshold of 200 messages. I also tested after training with spam only and there was no changes shown to the test scores compared to the tests run on a purged database.
Although I should have scanned also a sample of ham, I'm beginning to think that initial bulk training, particularly from a '3rd party' source, may be of insignificant benefit at best and actually counter-productive at worst. Although the initial training triggers bayes analysis, the subject of newly incoming 'real' mail is likely to be so different from my own sample of spam/ham (particularly ham) that the bayes statistics will be commencing from a skewed basis. It would probably need just as many (if not more) real samples of ham in order to start accurately assessing the incoming text bodies.
On the same basis, ongoing training from a third party spam source would also arguably be counter-productive.
So it seems that there is not really any alternative to in-house training (which was the question I was first trying to answer when I started looking at this closer).
As you have pointed out, Alex (and others in the forum), in order to commence from a more effective starting point then the addition of more rules - rather than more training data - seems the productive way to go. I'll implement URIBL/Sare rules mentioned in other threads and, just out of curiosity, report back on the same tests.
Thanks again for feedback.
-david -
Hello!
I'm getting the following "SA TIMED OUT" errors in my amavis.log file and would like to solve the problem. The time outs seem to causing delays in the processing of mail. I have upgraded clamav to use clamd as per Alex's tutorial at topicdesk.com and that seems to be working ok.
Here are a few of the errors extracted from the log file...
Aug 6 22:44:04 dns1.newzealand.co.nz /usr/bin/amavisd[24250]: (24250-10) SA TIMED OUT, backtrace: at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker.pm line 67\n\teval {...} called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker.pm line 67\n\tMail::SpamAssassin::Locker::jitteryone_secondsleep('Mail::SpamAssassin::Locker::UnixNFSSafe=HASH(0x23cd5e0)') called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker/UnixNFSSafe.pm line 80\n\tMail::SpamAssassin::Locker::UnixNFSSafe::safe_lock('Mail::SpamAssassin::L ocker::UnixNFSSafe=HASH(0x23cd5e0)', '/var/amavis/.spamassassin/auto-whitelist', 30) called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/DBBasedAddrList.pm line 70\n\tMail::SpamAssassin::DBBasedAddrList::new_checker('Mail::SpamAssassin::DBB asedAddrList=HASH(0xfad5c)', 'Mail::SpamAssassin=HASH(0x1d9872c)') called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/AutoWhitelist.pm line 70\n\tMail::SpamAssassin::AutoW...
Aug 7 01:29:35 dns1.newzealand.co.nz /usr/bin/amavisd[740]: (00740-04) SA TIMED OUT, backtrace: at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker.pm line 67\n\teval {...} called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker.pm line 67\n\tMail::SpamAssassin::Locker::jitteryone_secondsleep('Mail::SpamAssassin::Locker::UnixNFSSafe=HASH(0x23cd5e0)') called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker/UnixNFSSafe.pm line 80\n\tMail::SpamAssassin::Locker::UnixNFSSafe::safe_lock('Mail::SpamAssassin::L ocker::UnixNFSSafe=HASH(0x23cd5e0)', '/var/amavis/.spamassassin/auto-whitelist', 30) called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/DBBasedAddrList.pm line 70\n\tMail::SpamAssassin::DBBasedAddrList::new_checker('Mail::SpamAssassin::DBB asedAddrList=HASH(0x1e9972c)', 'Mail::SpamAssassin=HASH(0x1d9872c)') called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/AutoWhitelist.pm line 70\n\tMail::SpamAssassin::Aut...
Aug 7 01:51:43 dns1.newzealand.co.nz /usr/bin/amavisd[1906]: (01906-01) SA TIMED OUT, backtrace: at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/DBBasedAddrList.pm line 167\n\teval {...} called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/DBBasedAddrList.pm line 167\n\tMail::SpamAssassin::DBBasedAddrList::remove_entry('Mail::SpamAssassin::D BBasedAddrList=HASH(0x4870090)', 'HASH(0x4870108)') called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/AutoWhitelist.pm line 110\n\tMail::SpamAssassin::AutoWhitelist::check_address('Mail::SpamAssassin::Au toWhitelist=HASH(0x4870048)', '[email protected]', 81.192.135.247) called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/EvalTests.pm line 902\n\teval {...} called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/EvalTests.pm line 898\n\tMail::SpamAssassin::PerMsgStatus::checkfrom_in_autowhitelist('Mail::SpamAssassin::PerMsgStatus=HASH(0x48602b8)') called at /System/Library/Perl/Extr...
Aug 7 01:54:32 dns1.newzealand.co.nz /usr/bin/amavisd[1992]: (01992-01) SA TIMED OUT, backtrace: at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker.pm line 67\n\teval {...} called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker.pm line 67\n\tMail::SpamAssassin::Locker::jitteryone_secondsleep('Mail::SpamAssassin::Locker::UnixNFSSafe=HASH(0x23cd5e0)') called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/Locker/UnixNFSSafe.pm line 80\n\tMail::SpamAssassin::Locker::UnixNFSSafe::safe_lock('Mail::SpamAssassin::L ocker::UnixNFSSafe=HASH(0x23cd5e0)', '/var/amavis/.spamassassin/auto-whitelist', 30) called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/DBBasedAddrList.pm line 70\n\tMail::SpamAssassin::DBBasedAddrList::new_checker('Mail::SpamAssassin::DBB asedAddrList=HASH(0x1e9972c)', 'Mail::SpamAssassin=HASH(0x1d9872c)') called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/AutoWhitelist.pm line 70\n\tMail::SpamAssassin::Aut...
Aug 7 01:56:05 dns1.newzealand.co.nz /usr/bin/amavisd[1992]: (01992-04) SA TIMED OUT, backtrace: at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/DBBasedAddrList.pm line 167\n\teval {...} called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/DBBasedAddrList.pm line 167\n\tMail::SpamAssassin::DBBasedAddrList::remove_entry('Mail::SpamAssassin::D BBasedAddrList=HASH(0x48ab568)', 'HASH(0x79bc3c)') called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/AutoWhitelist.pm line 110\n\tMail::SpamAssassin::AutoWhitelist::check_address('Mail::SpamAssassin::Au toWhitelist=HASH(0x41fa48)', '[email protected]', 81.192.135.247) called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/EvalTests.pm line 902\n\teval {...} called at /System/Library/Perl/Extras/5.8.6/Mail/SpamAssassin/EvalTests.pm line 898\n\tMail::SpamAssassin::PerMsgStatus::checkfrom_in_autowhitelist('Mail::SpamAssassin::PerMsgStatus=HASH(0x488b5f8)') called at /System/Library/Perl/E...
Any help would be appreciated!
Thanks,
ReganHi Alex
Thanks for your reply - when I originally looked it appeared that perl was sucking up CPU resources, although I didn't check using top -o cpu at the time. Since posting my original message above I turned off some options in my local.cf file which fixed, or more accurately "bypassed" the problem. Not really ideal but it stopped the backlogging of mail - I'd rather fix it if I could.
The changes I made in the local.cf file were:
skiprblchecks 1
bayesautolearn 0
use_bayes 0
postconf -n gives the following...
allowuntrustedrouting = no
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debugpeerlevel = 2
delaywarningtime = 6h
disablevrfycommand = yes
enableserveroptions = yes
fastflushdomains = $relay_domains
html_directory = no
inet_interfaces = all
localrecipientmaps = proxy:unix:passwd.byname $alias_maps
luser_relay =
mail_owner = postfix
mailboxsizelimit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
mapsrbldomains =
maximalqueuelifetime = 5d
messagesizelimit = 0
mydestination = $myhostname,localhost.$mydomain,localhost
mydomain = newzealand.co.nz
mydomain_fallback = localhost
myhostname = smtp.newzealand.co.nz
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpdclientrestrictions = permit_mynetworks rejectrblclient sbl-xbl.spamhaus.org rejectrblclient smtp.dnsbl.sorbs.net permit
smtpddelayreject = no
smtpderror_sleeptime = 1s
smtpdhard_errorlimit = 20
smtpdhelorequired = yes
smtpdhelorestrictions = permit_mynetworks, rejectnon_fqdnhostname, rejectinvalidhostname, permit
smtpdpw_server_securityoptions = login,plain
smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
smtpdsasl_authenable = yes
smtpdsoft_errorlimit = 10
smtpdtlsCAfile = /etc/certificates/secure.newzealand.co.nz.chcrt
smtpdtls_certfile = /etc/certificates/Default.crt
smtpdtls_keyfile = /etc/certificates/Default.key
smtpduse_pwserver = yes
smtpdusetls = no
unknownlocal_recipient_rejectcode = 550
virtualaliasmaps = hash:/etc/postfix/virtual
virtualmailboxdomains = hash:/etc/postfix/virtual_domains
virtual_transport = lmtp:unix:/var/imap/socket/lmtp
regan -
Spamtrainer error with bayes db
Hi,
After 3 days of training spam I now get an error when running spamtrainer.
OS X 10.4.9 Mail Server.
If this is a permissions issue ?
Syncing SpamAssassin Database
Cannot open bayes databases /var/clamav/.spamassassin/bayes_* R/W: lock
failed: File exists
Displaying SpamAssassin Database Stats
0.000 0 1202 0 non-token data: ham
0.000 0 1243 0 non-token data: spam
Done!
Output produced by spamtrainer Version 1.6.1
Neon-Server:/private/var/amavis root# cd /var/clamav/.spamassassin/
Neon-Server:/var/clamav/.spamassassin root# ls
auto-whitelist bayes_journal.old bayes_toks
bayes.lock bayes_seen
Neon-Server:/var/clamav/.spamassassin root# ls -l
total 10632
-rw------- 1 clamav clamav 335872 May 8 18:20 auto-whitelist
-rw------- 1 clamav clamav 23 May 8 18:33 bayes.lock
-rw------- 1 clamav clamav 24960 May 8 18:17 bayes_journal.old
-rw------- 1 clamav clamav 188416 May 8 18:10 bayes_seen
-rw------- 1 clamav clamav 4886528 May 8 18:33 bayes_toks
Neon-Server:/var/clamav/.spamassassin root#
iMacG5 Mac OS X (10.4.9)This is not a spamtrainer issue. Spamtrainer just calls on spamassassin's sa-learn routine.
For some reason your lock doesn't expire.
Stop mail services, try and delete "bayes.lock", restart mail services.
See if the problem is solved. If not check your logs for clues as to why you keep having a lock on it (other processes calling sa-learn for example) -
Migrating Spamassassin Bayes DB
I am migrating a 10.5 mailserver to new hardware running 10.6.
The old mailserver uses a global spamassassin db stored in /var/amavis/.spamassassin and the files in this dir are as follows:
-rw------- 1 _amavisd _amavisd 42123264 Dec 8 22:42 auto-whitelist
-rw------- 1 _amavisd _amavisd 25272 Dec 8 22:42 bayes_journal
-rw------- 1 _amavisd _amavisd 41549824 Dec 8 22:25 bayes_seen
-rw------- 1 _amavisd _amavisd 5115904 Dec 8 22:25 bayes_toks
What is the best way to migrate this bayes db to the new server?
I thought:
sa-learn --backup > backup.txt
might work, but this yields basically an empty output file.
Tips?
Rusty
Message was edited by: Rusty RossThanks, Alex.
I used spamtrainer.
A couple questions on that. The first time I ran spamtrainer -r on the new machine, I got a message from spamtrainer that /var/amavis/.spamassassin did not exist, and then spamtrainer went ahead to create the following two files in /var/amavis:
-rw------- 1 _amavisd _amavisd 41582592 Dec 9 13:21 .spamassassin_seen
-rw------- 1 _amavisd _amavisd 4202496 Dec 9 13:21 .spamassassin_toks
So then, I created /var/amavis/.spamassassin and rain spamtrainer -r again.
This time, spamtrainer created the following two files in /var/amavis/.spamassassin:
-rw------- 1 _amavisd _amavisd 41582592 Dec 9 13:26 bayes_seen
-rw------- 1 _amavisd _amavisd 4202496 Dec 9 13:26 bayes_toks
...which seems right to me.
Two questions.
(1) Can I safely delete .spamassassin_seen and .spamassassin_toks in /var/amavis now?
(2) Should I be concerned that spamtrainer didn't seem to migrate bayes_journal and auto-whitelist?
Thanks.
Maybe you are looking for
-
How to Configure IPMP on Control Domain?
Dear All i am configuring IPMP in Control Domain: and what i need to know exactly is how to setup the routing in the control domain to allaow the vsw to see the IPMP configration on physical network. this is my config now: primary-vsw2 00:11:22:33:44
-
Accessing HTMLB checkbox in javascript
Hi, I have the following scenario: 1) jsp "main.jsp" has a checkbox with id="chkBoxId" 2) In this "main.jsp" at the end, there is a jsp include including another jsp "buttons.jsp" - which contains a SUBMIT button. 3) On this SUBMIT button, I am
-
Public sector records managment
Hai, How the business workplace (SBWP) of records management is different from work basket of public sector records manegement? Thanks, KK
-
Hyperlink doesn't highlight as an option
When I try to add a link (webpage) to my existing iWeb website homepage the hyperlink option does not highlight as an option. Both inspector and insert dropdown menus fail to allow the addition of a link of any kind. Any suggestions?
-
Why sudden onset print issue from Reader pdf files (all other programs printing fine)?
I am suddenly unable to print Adobe Reader pdfs. I am running Reader XI (11.0.05). Printing is fine in all other applications.