Spam stopped at SPAU

Similar Messages

• SOLMAN 4.0 - SP15 - SPAM stops -saplsfes

  Hi all
  We are running in a deep trouble now with Support pack 15 installation on Solution manager 4.0. I started the SPAM with SP15 queue and it was running fine until it started with sapkb70014.
  Whats the problem with this patch? Even sapkb70013 had similar issue. Is that these patches are getting released before proper testing? Whatever, but customers are running in deep trouble with these ever long running patches.
  SP15 is running for more than 36 hours now, constant increase in transport logs. We are unable to use the system for past two days. When we try to login it says ABAP error code: Error and a blank page followed by syntax error at program saplsfes. The known issues with SP15 didnt have this issue updated yet. I have opened a high priority message and waiting for SAP's answer.
  Any one came across this issue? I dunno how to stop the batch job since Im unable to get into the system. And also Im worried to shut down the system to restart since transport logs are growing.
  Please advice.
  Thanks
  Subbu

  Hi Subbu,
  we went into same troubles while implementing SP stack 15 into SolMan.
  We waited for over 24 hours regarding the import of SAPKB0013.
  Running
  brconnect -u / -c -f stats -t SYSTEM_STATS
  brconnect -u / -c -f stats -t oradict_stats
  on our ORACLE DB fixed the problem and performance was very good again so the import went fine.
  Thanks for the hint!!!!!
  Regards,
  Claus

• Console spam: Stopping Handoff advertising

  I am not normally one to be too worried about Console log messages, but I just noticed a huge amount of spam in my system log.
  I am getting this message pretty much continuously:
  16/11/2014 13:36:56.308 sharingd[349]: 13:36:56.307 : Stopping Handoff advertising
  I am getting about 100 of these every hour!
  So Does anyone know what this means and how to stop it???!
  Thanks

  I have the same problem.. The way i feel it is that my machine freezes all the time :-(
  Part of my log:
  17/11/14 15.40.17,323 sharingd[232]: 15:40:17.322 : Starting Handoff advertising
  17/11/14 15.40.25,686 sharingd[232]: 15:40:25.685 : Starting Handoff advertising
  17/11/14 15.40.34,477 sharingd[232]: 15:40:34.477 : Starting Handoff advertising
  17/11/14 15.40.41,118 sharingd[232]: 15:40:41.117 : Starting Handoff advertising
  17/11/14 15.40.50,106 sharingd[232]: 15:40:50.105 : Starting Handoff advertising
  17/11/14 15.40.59,200 sharingd[232]: 15:40:59.199 : Starting Handoff advertising
  17/11/14 15.41.06,376 sharingd[232]: 15:41:06.375 : Starting Handoff advertising
  17/11/14 15.41.15,371 sharingd[232]: 15:41:15.371 : Starting Handoff advertising
  17/11/14 15.41.24,798 sharingd[232]: 15:41:24.798 : Starting Handoff advertising
  17/11/14 15.41.30,906 sharingd[232]: 15:41:30.906 : Starting Handoff advertising
  17/11/14 15.41.36,439 sharingd[232]: 15:41:36.438 : Starting Handoff advertising
  17/11/14 15.41.38,440 sharingd[232]: 15:41:38.440 : Stopping Handoff advertising
  17/11/14 15.41.39,117 sharingd[232]: 15:41:39.116 : Starting Handoff advertising
  17/11/14 15.41.47,908 sharingd[232]: 15:41:47.907 : Starting Handoff advertising
  17/11/14 15.41.56,865 sharingd[232]: 15:41:56.864 : Starting Handoff advertising
  17/11/14 15.42.05,864 sharingd[232]: 15:42:05.864 : Starting Handoff advertising
  17/11/14 15.42.13,442 sharingd[232]: 15:42:13.442 : Starting Handoff advertising
  17/11/14 15.42.22,392 sharingd[232]: 15:42:22.391 : Starting Handoff advertising
  17/11/14 15.42.30,911 sharingd[232]: 15:42:30.910 : Starting Handoff advertising
  17/11/14 15.42.39,933 sharingd[232]: 15:42:39.933 : Starting Handoff advertising
  17/11/14 15.42.49,183 sharingd[232]: 15:42:49.183 : Starting Handoff advertising
  17/11/14 15.42.52,064 sharingd[232]: 15:42:52.063 : Starting Handoff advertising
  17/11/14 15.42.59,054 sharingd[232]: 15:42:59.053 : Starting Handoff advertising
  17/11/14 15.43.03,864 sharingd[232]: 15:43:03.864 : Starting Handoff advertising
  17/11/14 15.43.05,865 sharingd[232]: 15:43:05.864 : Stopping Handoff advertising
  But i also see thise a lot:
  17/11/14 15.40.07,146 discoveryd[51]: Basic DNSResolver  dropping message because it doesn't match the one sent Port:0 MsgID:16716
  Do any of you see this as well?
  Best regards.

• Why am I getting 30 to 40 spam emails daily since switching to firefox Didn"t happen in IE8

  Since making firefox my default browser, I am bombarded daily with spam email. This didn't happen when IE8 was my default browser. It's driving me crazy.

  I can't think of a reason for you to see more spam in Firefox than in IE. Are you using the same email service, same Inbox?
  If you make IE your default browser (you can always start Firefox using its shortcut without making it the default browser), does the spam stop?

• SPAM on Exchange when using "anonymous" authentication on frontend connector

  Hi all,
  I have Exchange 2013 SP1 installation with all roles on one box. My initial configuration worked fine, I was able to send and receive emails just fine. Yesterday however, I noticed that emails were not flowing anymore and when I checked the Queue viewer,
  I saw thousands of SPAM emails being sent - most of them sent to yahoo.com.tw domain. I managed to clean the Queue and I unchecked the anonymous authentication on the default frontend connector and the SPAM stopped but we cannot receive emails anymore (sender
  gets 530 5.7.1 Client was not authenticated message).
  As soon as I enable anonymous, SPAM starts again. I don't have an external relay, I am sending email directly from Exchange. Can you guys offer any advice as to how to go about this? How do I enable send/receive emails without getting all this SPAM? 
  DB

  So, I managed to get a hang of it, we are in the process of acquiring a third party anti-spam solution, but in the meantime, I stopped spammers using my server by using the built in Exchange AntiSpam agents. I followed the suggestions in this article:
  http://www.allspammedup.com/2013/11/exchange-2013-anti-spam-technologies-the-sender-filter-agent/
  and set the sender filter agent to block certain addresses and, more importantly, to block empty sender messages. It is all fine for now, but I will keep monitoring it.
  DB

• Why are Contact Forms being pounded with SPAM?

  Is anyone else experience an unusually high volume of SPAM in thier contact forms?
  I have two clients getting pounded with SPAM. 
  Thanks in advance for your help.

  The spam stopped once we applied the filters for the Comments and the Akismet is sitting there in the system now so they just need to fully role out the control into forms which will do a lot.
  The Amazing thing with that which I need to check with the engineers that I thought is that BC is run by BC, so if they are using Akismet I want to check to see if they are pooling all the spam filters applied on all BC sites into one central database that ALL sites have access too. If they are doing this - SWEET, if not I am going to suggest they do.
  THat would mean if your being spammed what you block will mean sites I build will not get those same spam and so on.
  Making the captcha more secure agaisnt OCR will make them harder to use so there is negatives you got to weigh up.

• Import Basis Support Package 7.00 error

  Hi All,
  I wanted to apply Basis support package 9 for release 7.00 for our solution manager 4.0 system.
  When i started, it gave an error in the phase ADDON_CONFLICT? stage.. The message is as below:
  Phase ADDON_CONFLICTS_?: Explanation of Errors
  Conflicts were found between the Support Packages that you want to
  import and the Add-Ons installed in the system. To guarantee the
  consistency of your system, the import is interrupted until all Conflict
  Resolution Transports (CRTs) for the listed Support Packages are
  included in the queue.
  To include the CRTs in the queue, proceed as follows:
  - Write down the Support Packages and Add-Ons that have conflicts.
  - Leave this screen by choosing 'Cancel' (F12).
  - Load the CRTs for the Support Packages with conflicts from the SAP
    Service Marketplace or request them from your Add-On supplier.
  - Define the extended queue again in the Support Package Manager.
  - Import the queue. The Support Package Manager executes all steps from
    the beginning.
  If the problem involves an SAP Add-On, see SAP Note 53902, which tells
  you which CRTs resolve the conflicts. Otherwise contact the supplier of
  your Add-On for details on how to proceed.
  The following contains a table of Support Packages for each Add-On for
  which conflicts were detected. The column 'Information on the Conflict
  Resolution' specifies how you can resolve a conflict. For more
  information, select the corresponding 'Information for the Conflict
  Resolution'.
  Conflicts Between Add-On ST 400 and Support Packages
  Software Component   Release      Support Package        Information on
                                                           Conflict Resolution
  SAP_BASIS            700          SAPKB70009             Include CRT
  Can anyone guide me how to proceed.
  Thanks,
  Sailesh K

  Hi Shailesh,
  You are employing one or more Add-Ons in your system, apply patches regularly and want to know how the consistency of your Add-Ons is guaranteed. The list of Add-Ons installed in your system is stored in table AVERS.
  During patch application the SAP Patch Manager (SPAM) checks for conflicts between patches in the queue and the installed Add-Ons. A conflict occurs if an object delivered in a patch is also delivered in an Add-On. If conflicts are detected, SPAM stops processing at step ADDON_CONFLICTS_? and asks the user to load the corresponding CRTs into his system. The attributes of such CRTs match the Add-On id, Add-On release and patch predecessor (i.e. the patch in conflict).
  The patch application can only resume if all CRTs are selected in the patch queue. To resolve a conflict SPAM does not check if the conflicting object is contained in a CRT. It suffices that the corresponding CRT has been selected in the patch queue. All conflicts raised by its patch predecessor(s) are then resolved in one go.
  CRTs were introduced to protect the consistency of Add-Ons during the application of patches, such as Hot Packages and Legal Change Patches (LCP). There are two types of CRTs:
  1. Conflict Resolution Transports (CRT)
  A CRT resolves conflicts between one patch and one version of an Add-On including all previous versions. Example:
  Consider a system where Add-On IS-X is installed. During the application of patches P1 and P2 SPAM detected conflicts between the patches and the Add-On.
  To resolve these conflicts two separate CRTs are required, CRT1 and CRT2. A consistent patch queue looks like this:
      P1
      CRT1
      P2
      CRT2
  SPAM will only let you resume the patch application if you redefine the patch queue containing all four patches. You can see the name of the patch for which a CRT resolves a conflict in the "Predecessor" field in the patch queue dialog.
  2. Collective Conflict Resolution Transports (CCRT) are similar to CRTs but resolve conflicts between several patches and an Add-On. Example:
  Consider the previous example but this time the conflicts between patches P1, P2 and Add-On IS-X are resolved not by two CRTs but by one Collective CRT (CCRT) CCRT1. A consistent patch queue looks like this:
  P1
  P2
  CCRT1
  SPAM will only let you resume the patch application if you redefine the patch queue containing all three patches. The CCRT is added at the end of its highest predecessor, here P2. You can see the highest predecessor for a CCRT in field "Valid to patch#" when you scroll the patch queue dialog to the right.
  Keep in mind that a CCRT describes a range of patches for which conflicts are resolved, with the lower limit being the predecessor and higher limit the highest predecessor.
  Cheers,
  Shyam

• Error while importing SAPKB70013 component?

  Hi,
  We got Solman 4.0 running in windows 2003 server.
  When i tried to import the BASIS sp components SAPKB70013, SPAM stopped at XPRA_EXECUTION stage with the following error
  "Method push_client is not declared or inherited in the class CL_FDT_STORAGE_DB"
  I went thru the sap note 822379 (Known problems with SPs in SAP NW 7.0s)
  But i could not find any solution from this note  to resolve this issue.
  Appreciate your help.
  Ram

  HI,
  In SPAM i got the following components:
  SAPKB70013
  SAPKA70013
  SAPK-400C4INCPRXRM
  SAPKITL423
  And here is queue log details:
  Post-import method SFW_AFTERIMPORT started for SFBF L, date and time: 20080825172919
  Post-processing for SFBF BF_TRANSTEST was already performed successfully earlier
  Post-import method SFW_AFTERIMPORT completed for SFBF L, date and time: 20080825172919
  Post-import method ACID_CREATE_INCLUDE_AFTER_IMP started for ACID L, date and time: 20080825172919
  Post-processing for ACID BADI_CONFLICT_CHECK was already performed successfully earlier
  Post-processing for ACID BGRFC_SCHEDULER was already performed successfully earlier
  Post-processing for ACID FDT_CALL_SEQUENCE was already performed successfully earlier
  Post-processing for ACID FDT_CHECK_GENERATED_RESULT was already performed successfully earlier
  Post-processing for ACID FDT_GENERATION_ERROR was already performed successfully earlier
  Post-processing for ACID FDT_PROCESSOR was already performed successfully earlier
  Post-processing for ACID FDT_STORAGE was already performed successfully earlier
  Post-processing for ACID FDT_UNKNOWN_OBJECT was already performed successfully earlier
  Post-processing for ACID SBTI_XBP_EXT was already performed successfully earlier
  Post-processing for ACID SFW_API was already performed successfully earlier
  Post-processing for ACID SFW_TREE was already performed successfully earlier
  Post-processing for ACID WDR_CHECK_P13N was already performed successfully earlier
  Post-processing for ACID WDR_CONFIG_CHECK was already performed successfully earlier
  Post-processing for ACID WDR_EVENT_HANDLER_NOT_FOUND was already performed successfully earlier
  Post-processing for ACID WDR_RUNTIME_COMPONENTS was already performed successfully earlier
  Post-processing for ACID WDR_RUNTIME_DYNAMIC was already performed successfully earlier
  Post-processing for ACID WDR_RUNTIME_EVENTS was already performed successfully earlier
  Post-processing for ACID WDR_RUNTIME_NAVIGATION was already performed successfully earlier
  Post-processing for ACID WDR_RUNTIME_P13N was already performed successfully earlier
  Post-processing for ACID WDR_RUNTIME_PHASEMODEL was already performed successfully earlier
  Post-import method ACID_CREATE_INCLUDE_AFTER_IMP completed for ACID L, date and time: 20080825172919
  Post-import method AFTER_IMP_NROB started for NROB L, date and time: 20080825172919
  Post-processing for NROB FDT_GENNRR was already performed successfully earlier
  Post-import method AFTER_IMP_NROB completed for NROB L, date and time: 20080825172919
  Post-import method AFTER_IMP_SXCI started for SXCI L, date and time: 20080825172919
  Post-processing for SXCI BADI_DB2CCMS was already performed successfully earlier
  Post-processing for SXCI BPM_SPI_AS was already performed successfully earlier
  Post-import method AFTER_IMP_SXCI completed for SXCI L, date and time: 20080825172919
  Post-import method AFTER_IMP_SXSD started for SXSD L, date and time: 20080825172919
  Post-processing for SXSD EXT_SDL_CALLBACK was already performed successfully earlier
  Post-import method AFTER_IMP_SXSD completed for SXSD L, date and time: 20080825172919
  Post-import method FDT_AFTER_IMPORT started for FDT0001 T, date and time: 20080825172919
  Program terminated (job: RDDEXECL, no.: 17290000)
  See job log
  Execution of programs after import (XPRA)
  End date and time : 20080825173106
  Ended with return code:  ===> 12 <===
         |   ######################################  
  Date
  Time
  Message
  MsgID/No./Ty
  25.08.2008
  17:29:02
  Job started
  00
  516
  S
  25.08.2008
  17:29:04
  Step 001 started (program RDDEXECL, variant , user ID DDIC)
  00
  550
  S
  25.08.2008
  17:29:04
  All DB buffers of application server rambasis were synchronized
  PU
  170
  S
  25.08.2008
  17:30:20
  ABAP/4 processor: SYNTAX_ERROR
  00
  671
  A
  |25.08.2008 |17:30:20 |Job cancelled 
  Thanks
  Ram

• New for ABAP in functional upgrade from 4.6c to ECC6.0

  i want to know the enhancements, additions and changes in the technical side/ABAP , when moved from 4.6c to ECC6.0 in case of FUNCTIONAL UPGRADE only....
  our compny has done FUNCTIONAL UPGRADE so far..whats new for technical ppl like us apart from changing bdcs, some missing functions, etc...
  thanx,
  Naveen Vishal

  Hi
  Technical upgrade is the fast upgrade without additional functionality but with minor user interface changes to ensure business continuity.  In the past, all objects modified by a customer had to be manually re-modified during an upgrade. Now, modifications are either automatically adopted or the system provides you with an assistant for adjusting your modifications to the newly upgraded configuration using transactin SPAU and SPDD.
  SPDD:  This transaction allows you to adjust modifications to ABAP Dictionary objects during an upgarde.
  Using this transaction we can adjust the Domains, Data Elements, Tables, Strcutures, Transparent tables, pooled and cluster tables including their technical settings, indexs of transparent tables. If you adjust data elements that have been changed with the Modification Assistant in an earlier release, the changes can be copied automatically.
  Steps to run SPDD: 
         1.      1)  Start transaction SE03 as user DDIC and choose Administration ® Set system change option
         2.      2)  Select Modifiable in the Global setting dialog box.
         3.      3) Choose Continue.
         4.      4) Choose Edit ® Select all.
         5.      5) Save your changes.
         6.      Then log on as a normal user, since user DDIC may not perform any repairs.
  SPAU:  This transaction allows you to adjust programs, function modules, screens, interfaces, documentation and text elements after an upgrade.
  After you adjusted or edited an object, you can use User/Status function to modify the status of the object. Before doing this, you can also add other developers or testers that are allowed to edit the object and create a short note.
  Steps to run SPAU:
  1) Start transaction SE03 as user DDIC and choose Tools ® Administration ® Set system change option.
         2.      2)  Select Modifiablein the Global setting dialog box.
         3.      3) Choose Continue.
         4.      4) Choose Edit ® Select all.
         5.      5) Save your entries.
         6.      Then log on as a normal user, since user DDIC may not perform any repairs.
  Other important topics in Technical Upgrade:
  Updaring the Development System: Perform the adjust int he development system using SPDD and SPAU transctions and assign to transport requests.  The upgrade control program R3up exports the transport that you have marked in a later upgrade phase.
  Upgrading the Production System: During this phase, the R3up upgrade control program checks whether there are any change requests registered for transport from the development system to the production system. If this is the case, R3up offers to import the transport automatically, instead of you carrying out adjustments with transactions SPDD/SPAU. If you choose this procedure, you still have the option of stopping SPDD/SPAU to check the changes accepted automatically before they are activated.
  If you decide to import a transport automatically, a subsequent analysis checks whether there is an entry in the transport you specified for each modified object found in this SAP System. Only if this is the case is the transport marked as suitable.
  If there are more modified objects in the production system than in the test system, they cannot be dealt with by the transport. This means that you have to adjust these objects.
  If you had more modified objects in the test system than in the production system and these are also contained in the transport, you import these into the production system with the transport
  regards
  karthik
  Reward points if useful

• How to increase emails in email app, newb with Mac

  Using the native email app on the Mac, how do i increase the date range of emails that are displayed?  Seems it only gave me a couple months of old emails. My ipad3 has no issues with this. Still new to the Mac, not sure which os, def a 10.x.x. Thanks in advance

  I wanted to bounce an email from a real person I know,
  in real life, I told the person to stop emailing me.
  And if they don't stop emailing you, what is bouncing going to do?
  Better to create a new email address.
  If my bounce doesnt' work I'll just keep junking.
  I suspect that would be a far better option.
  I wasn't going to bounce spammers....hellowww LOL
  Good. Some people believe that bouncing SPAM stops it. There have been
  similar requests here before.
  Dave

• Forwarding after filtering or mail box delivery

  I am using Messaging Server 6.2-3.04 (built July 15 2005)
  Does anyone know how I can forward a message after its been run through a filter or processed.?
  Let me further explain, I read Jay's posting about "Anti-Virus for Sun Messaging server" Apr 26, 2006. This is exactly what I want to do [run ClamAV and Spamassassin], Then deliver the message and only forward this already Virus/Spam filtered message.
  I have set up Spamassassin and it works great filtering messages etc, but the system must be forwarding prior to runing it through spamassassin?
  In UWC I just check the forward box. I want all messages in my inbox and only filtered [scanned] messages forwarded.
  I'm forwarding to my blackberry and basically get all messages with spam.
  I am using the example for "To File Spam to a Separate Folder" my option.dat file is:
  spamfilter1_config_file=/opt/SUNWmsgsr/config/spamassassin.opt
  spamfilter1_library=/opt/SUNWmsgsr/lib/libspamass.so
  spamfilter1_optional=1
  spamfilter1_string_action=data:,require "fileinto"; fileinto "$U";
  Any help would be much appreciated
  Thanks in advance
  -James

  Hi,
  After a bit of experimenting I think I got working what you are after. I have configured spamassassin to tag messages, then I filter spam emails into a 'Spam' folder and those emails that aren't filtered are delivered to the INBOX and another copy is forwarded to an external account. This configuration can be applied on a individual user-level basis.
  Here is my basic setup:
  2005Q4 - latest patch (118207-51)
  (working spamd -> I am assuming you have this)
  <-- spamassassin.opt -->
  debug=0
  host=localhost
  ! This port setting should match what spamd listens on, by default its 783
  port=10783
  mode=2
  field=
  <-- options.dat (replace msg_base with appropriate settngs) -->
  spamfilter1_config_file=<msg_base>/config/spamassassin.opt
  spamfilter1_library=<msg_base>/lib/libspamass.so
  spamfilter1_optional=1
  spamfilter1_string_action=data:,require ["addheader","spamtest"];addheader "Spam-test: $U";spamadjust "$U";
  <-- sieve filter rule /tmp/sieve.script-->
  require ["spamtest","relational","comparator-i;ascii-numeric","fileinto"];
  if spamtest :value "ge" :comparator "i;ascii-numeric" "5" {
  fileinto "Spam";
  stop;
  else { 
  redirect "[email protected]";
  keep;
  I don't have access to the filter tool that sun provides (we have written our own), so if you want to enable this on an account you will have to manually maintain it until future releases of the sun filter tool supports the spamtest extensions.
  To add the sieve filter rule, you will need to use ldapmodify e.g.:
  ldapmodify -b -h <ldap_host> -p 389 -D "cn=Directory Manager" -w <directory manager password> -f /tmp/change.ldif
  where:
  <-- /tmp/change.ldif -->
  dn: <dn of account to modify>
  changetype: modify
  replace: mailsieverulesource
  mailsieverulesource: /tmp/sieve.script
  As always try this on a test account/dev system first.
  Hope this helps.
  Shane.

• SLS_PACKAGE_INFO is unknown

  Hi,
     when i try to import a SP (SAPKB70106) SPAM stop at DDIC_ACTIVATION, and the logs display a dump.
  When I go to ST22 tcode i see this dump.
  Runtime Errors         SYNTAX_ERROR
  Date and Time          25.02.2011 11:13:23
  Short text
       Syntax error in program "SAPLPA_PACKAGE_SERVICES ".
  What happened?
       Error in the ABAP Application Program
       The current ABAP program "SAPLSFW_COMMON" had to be terminated because it has
       come across a statement that unfortunately cannot be executed.
       The following syntax error occurred in program "SAPLPA_PACKAGE_SERVICES " in
        include "CL_PACKAGE_HELPER=============CU " in
       line 179:
       "Type "SLS_PACKAGE_INFO" is unknown"
       The include has been created and last changed by:
       Created by: "SAP "
       Last changed by: "SAP "
       Error in the ABAP Application Program
       The current ABAP program "SAPLSFW_COMMON" had to be terminated because it has
       come across a statement that unfortunately cannot be executed.
  I cannot find any notes to solve this problem
  Can you help me?
  thanks!!

  Hi,
  This is a very annoying situation. I didn't find any usefull notes that can help if you are already in that trap.
  The idea to import the structure from anoter system helped me out.
  I exported the structure SLS_PACKAGE_INFO from our solution manger system (SM3).
  Just create a new request, add object manualy and realase. Copy cofile and data file to the transport directory of the dead system (in my case DM4). And import it.
  My example:
  tp addtobuffer sm3K900033 DM4 pf=D:\usr\sap\trans\bin\TP_DOMAIN_DM4.PFL
  tp import SM3K900033 DM4 pf=D:\usr\sap\trans\bin\TP_DOMAIN_DM4.PFL
  Then you can login and run transaction without syntax error.
  Regards,
  Tamas

• SA/Sieve Woes

  Hi all,
  We have MS 2005Q6 core patch -58 installed. Below is the story and problems that we have encountered when setting up Spam Assassin.
  SA is setup to label spam with addtag [SPAM] so that every spam email is tagged in the tcp_local channel. The spamfilter1_string_action looks like this:
  require ["addheader","fileinto"];
  addtag "[SPAM]";
  addheader "$U";
  fileinto "Spam";
  stop;Problem 1. In a user level sieve script, the (header :matches "Subject"
  "[SPAM]*") did match nothing even though the [SPAM] tag did appear in the
  final subject line. It looks as if the addtag processing is only done
  after the header match operations, or the header match uses the "original"
  subject line for the match. Is there anything wrong with the sieve script?
  After some time, we modified the script with the intention to give every scanned email detailed sa results even for non-spams, and at the same time add a new header for user leve sieve scripts.
  #mode=2,field= in spamassassin.opt
  require ["spamtest","relational","comparator-i;ascii-numeric","fileinto","addheader"];
  spamadjust "$U";
  addheader "Spam-Test: $U";
  if spamtest :value "ge" :comparator "i;ascii-numeric" "5"{
    addheader "Spam: Y";
    addtag "[SPAM]";
    fileinto "Spam";
  }else{
    keep;
  }Problem 2. The above script runs well, except one thing that cost me a full day debugging. Note the 2nd addheader line, which reads addheader "Spam: Y". The problem is, it seems that we cannot have a 2nd addheader in one single script, which is longer than 7 characters in length including the space in between. If you say addheader "ABCDE: Y", you are busted. The filter will just refuse to run. Is this a bug or something?
  OK, never mind, who care about a 7 byte header. We want to have a fine-grain control over the traditional email forwarding feature that uses mailForwardingAddress attribute. I suppose Sieve is more flexible when it comes to filtering and redirecting mail. So we disable the mailForwardingAddress, and use Sieve. So now, we try to setup a user level sieve to redirect important emails, even it is identified as spam like this:
  require ["fileinto","copy"];
  if header :match "Spam" "Y" {
    fileinto :copy "Spam";
  if header :match "Priority" "Urgent" {
    redirect "[email protected]";
  }Problem 3. When SA identifies a spam, it is marked as such with addtag [SPAM] (see code above). The tag should appear once. It is the case for the email left in the Spam folder of the server. But the email received by "[email protected]" contains 2 tags [SPAM] [SPAM] in the subject line. Clearly, SA is run twice, one for the incoming message, and one for the redirected message, and the log file confirms this. It seems that the redirect action cause the mail to be queued in the tcp_local channel, which causes SA to run. But it is interesting that the traditional emailForwardingAddress attribute kind of forwarding doesn't have this kind of behavior. Is there a way we can prevent SA from running twice in sieve to save resources and not to duplicate the tag?
  Anyone can shed some lights on these matters?
  Thanks in advance.
  PY

  Hi,
  SA is setup to label spam with addtag [SPAM] so
  that every spam email is tagged in the tcp_local
  channel. The spamfilter1_string_action looks like
  this:
  require ["addheader","fileinto"];
  addtag "[SPAM]";
  addheader "$U";
  fileinto "Spam";
  stop;Problem 1. In a user level sieve script, the (header
  :matches "Subject"
  [SPAM]*") did match nothing even though the [SPAM]
  tag did appear in the
  final subject line. It looks as if the addtag
  processing is only done
  after the header match operations, or the header
  match uses the "original"
  subject line for the match. Is there anything wrong
  with the sieve script?Please provide the actual spamfilter1_string_action you used - not just the 'cleaned' version.
  Also I should point out that matching on a modified subject header can lead to unexpected behaviour e.g. forwarded spam emails getting filtered to spam folder because [SPAM] appears in the subject line. It is much better to use the spamadjust/spamtest if possible.
  After some time, we modified the script with the
  intention to give every scanned email detailed sa
  results even for non-spams, and at the same time add
  a new header for user leve sieve scripts.
  #mode=2,field= in spamassassin.opt
  require
  ["spamtest","relational","comparator-i;ascii-numeric",
  "fileinto","addheader"];
  spamadjust "$U";
  addheader "Spam-Test: $U";
  if spamtest :value "ge" :comparator "i;ascii-numeric"
  "5"{
  addheader "Spam: Y";
  addtag "[SPAM]";
  fileinto "Spam";
  lse{
  keep;Problem 2. The above script runs well, except one
  thing that cost me a full day debugging. Note the
  2nd addheader line, which reads addheader "Spam:
  Y". The problem is, it seems that we cannot have a
  2nd addheader in one single script, which is longer
  than 7 characters in length including the space in
  between. If you say addheader "ABCDE: Y", you are
  busted. The filter will just refuse to run. Is this
  a bug or something?There is one limit you may be hitting (I found this one yesterday) and that is that spamfilterX_string_action is currently limited to a maximum of 256 characters - that is AFTER the expansion of the $U btw. Please log a support call (if you haven't already) and ask to be added to bug #6485247.
  There is a workaround to this limit and that is to use channel-level filtering, refer to my last reply in a forum question yesterday:
  http://forum.sun.com/jive/thread.jspa?threadID=109607
  OK, never mind, who care about a 7 byte header. We
  want to have a fine-grain control over the
  traditional email forwarding feature that uses
  mailForwardingAddress attribute. I suppose Sieve is
  more flexible when it comes to filtering and
  redirecting mail. So we disable the
  mailForwardingAddress, and use Sieve. So now, we try
  to setup a user level sieve to redirect important
  emails, even it is identified as spam like this:
  require ["fileinto","copy"];
  if header :match "Spam" "Y" {
  fileinto :copy "Spam";
  if header :match "Priority" "Urgent" {
  redirect "[email protected]";Problem 3. When SA identifies a spam, it is marked
  as such with addtag [SPAM] (see code above). The tag
  should appear once. It is the case for the email
  left in the Spam folder of the server. But the email
  received by "[email protected]" contains 2 tags
  [SPAM] [SPAM] in the subject line. Clearly, SA is
  run twice, one for the incoming message, and one for
  the redirected message, and the log file confirms
  this. It seems that the redirect action cause the
  mail to be queued in the tcp_local channel, which
  causes SA to run. But it is interesting that the
  traditional emailForwardingAddress attribute kind of
  forwarding doesn't have this kind of behavior. Is
  there a way we can prevent SA from running twice in
  sieve to save resources and not to duplicate the
  tag?
  Anyone can shed some lights on these matters?
  Thanks in advance.Well I'm not going to troubleshoot each of your issues as that will take me a ages - sieve scripts can be tricky. What is your overall goal of the filtering? From what you have mentioned so far it is:
  At the system level:
  -> add the [SPAM] tag to all spam emails
  -> add the X-Spam: Y to all spam emails emails (you should use X- for custom headers btw.)
  -> add the Spam-test: <score> to all scanned emails
  At the user level:
  -> filter all Spam emails to a spam folder
  -> forward non-spam high priority emails to another address
  Are you using separate front-end MTA/back-end store configuration and not using LMTP between the two? This will change whether spamadjust/spamtest can be used for the user level sieve rules.
  Regards,
  Shane.

• Facebook IQ test -  worm?  Virus?

  I'm new to the forum, so please excuse me if I didn't put this question in the right place.
  This evening I was on facebook and a chat window opened from my niece. It said something about a test she took and that she didn't think I could beat her. It didn't sound like the typical phishing deal - it sounded like my niece teasing me and so, like a fool, I clicked on it.
  CAUTION: DO NOT GO TO THIS LINK!
  This was the link: apps dot facebook dot com/winnerwinners CAUTION: DO NOT GO TO THIS LINK!
  I took the quiz, but at the end, it asked for my cell phone number in order to send me the results. Well, at least I wasn't enough of an idiot to do THAT. I just closed the window.
  Afterwards, my niece told me that her computer had sent that same message through "chat" to 50 people. She said that one friend who opened it eventually lost a lot on his computer - pictures, video, etc. Her computer is a macbook Pro. The friend who lost all sorts of stuff has a macbook, too.
  I've been searching and found something almost identical to this on Yahoo and it was a scam to get you to agree to some service that you would then have to pay for. But I don't see anything about viruses/worms like this that harm your computer.
  Does anyone have anything on this or know if I should do something?
  Thanks!
  Message was edited by: Host

  Actually, I guess it's not just Facebook - I recently got an invitation from a friend (??) to join "Shtyle" (at least that is what I think it was called and appeared to be a knock-off of Facebook). She gave that site my personal and real email address (which I only use for personal emails); although I never joined and asked her to delete my email address, soon thereafter my inbox became bloated with more and more spam daily up to the point where I had to abandon it and create a new one. Spam stopped immediately, so it was definitely that site selling it. There should be some sort of accountability coupled with a hefty fine - that might cut down on this nonsense.
  Edit: I just googled Shtyle and found some posts that reported this: when someone joins that, they are required to furnish their password for their Yahoo account/addressbook, so that might be how I got the Spam. If this is correct, let this be a warning: do not ever trust any site which requires you to reveal a password for another site.
  Message was edited by: Barbara Daniels1

• Testing sieve filter

  Hello,
  I would like to make some test with the sieve filter.
  The rule is stored in /tmp/filter :
  require ["fileinto", "reject", "vacation", "relational", "comparator-i;ascii-numeric", "regex", "envelope", "notify", "subaddress", "copy"];
  if header :contains "Subject" "{Spam?}"
  {fileinto "SPAM"; stop;}
  the command imsimta test -exp -mm -block -input=/tmp/filter gives :
  Expression: require ["fileinto", "reject", "vacation", "relational", "comparator-i;ascii-numeric", "regex", "envelope", "notify", "subaddress", "copy"];
  Expression: Expression: if header :contains "Subject" "{Spam?}"
  Expression: Expression: {fileinto "SPAM"; stop;}
  Expression: Dump: header:2000115;0 3 1 :contains 1 "Subject" 1 "{Spam?}"
  Dump: if 8 ; fileinto:2000113;0 1 1 "SPAM" ; "" stop
  Evaluation error: No message context for header test
  But when I add -message=/tmp/17.msg where /tmp/17.msg is :
  Received: from mmp-1-1.sipr-dc.ucl.ac.be ([127.0.0.1])
  by mmp.sipr-dc.ucl.ac.be (Sun Java System Messaging Server 6.2-3.04 (built Jul
  15 2005)) with SMTP id <[email protected]> for
  [email protected]; Mon, 02 Oct 2006 11:04:43 +0200 (CEST)
  Date: Mon, 02 Oct 2006 11:04:38 +0200 (CEST)
  Date-warning: Date header was inserted by mmp.sipr-dc.ucl.ac.be
  From: [email protected]
  Subject: {Spam?} test number 3
  To: [email protected]
  Message-id: <[email protected]>
  test number 3
  the command imsimta test -exp -mm -block -input=/tmp/filter -message=/tmp/17.msg gives
  15:49:33.27: Exit code = 13 (13) - IMTA__ERROPENINP, error opening file !AD for input: Permission denied
  What's wrong ?
  # imsimta version
  Sun Java(tm) System Messaging Server 6.2-3.04 (built Jul 15 2005)
  libimta.so 6.2-3.04 (built 01:32:55, Jul 15 2005)
  SunOS mmp-1-1 5.10 Generic_118855-14 i86pc i386 i86pc

  Sounds like Messaging is complaining that the file itself has wrong ownership/permissions to be read. It's either your filter file, or the message file.