SA und Rules du Jour

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

SA und Rules du Jour

Post by thomas.km »

Hallo,

Postfix
Debian 3.1
SA 3.x

Ich wollte heute Rules du Jour einsetzen und habe das Script runtergeladen und ausgeführt.

Leider bringt spamassassin --lint ca 187 Fehler:

warning: description for SB_NEW_BULK is over 50 chars
warning: description for SOMETHING_FOR_ADULTS is over 50 chars
warning: description for HTML_NONELEMENT_90_100 is over 50 chars
warning: description for FORGED_MUA_MOZILLA is over 50 chars
warning: description for RATWARE_JPFREE is over 50 chars
warning: description for INVALID_TZ_CST is over 50 chars
warning: description for NOT_ADVISOR is over 50 chars
warning: description for RCVD_IN_MAPS_RSS is over 50 chars
warning: description for RCVD_ILLEGAL_IP is over 50 chars


Woran kann das liegen?
Ich google schon den ganzen Tag und habe nur einen Verweis gefunden das es an den languages liegen kann.
Habe dann in der local.cf von SA schon von "all" auf "de" oder "de en" gewechselt, aber immer der gleiche Fehler.

Hat jemand eine Idee?
Grüße
Thomas
Top

timeless2
Posts: 416
Joined: 2005-03-04 14:45
Location: Paris

Re: SA und Rules du Jour

Post by timeless2 »

Die Beschreibungen der Regeln auf 50 Zeichen kürzen.
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

ich habe nun herausgefunden das die Standard Regeln von SA /usr/share/spamassassin nicht zur Version gepasst haben.
Nach dem entfernen dieser Regeln hat es auch mit rules du jour gepasst.

Mich würde interessieren welche Rulesets Ihr verwendet
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

Eine Frage noch zu obriger Fehlermeldung:
welche Beschreibung ist da genau gemeint?

wenn ich mir mal exemplarisch ein ruleset anschaue wo er meckert:

cat 65_debian.cf
# Special SpamAssassin rules for Debian
# Duncan Findlay

header D_SENT_BY_DEBCONF Subject =~ /^Debconf:/
score D_SENT_BY_DEBCONF -5.0
describe D_SENT_BY_DEBCONF Sent by Debconf

body D_SENT_BY_AFBACKUP /^[Afbackup]: Overall exit status:/
score D_SENT_BY_AFBACKUP -5.0
describe D_SENT_BY_AFBACKUP Sent by Afbackup

header D_SENT_BY_APTLC Subject =~ /^apt-listchanges: (changelogs|news) for/
score D_SENT_BY_APTLC -5.0
describe D_SENT_BY_APTLC Sent by apt-listchanges

header __ANACRON_SUBJ Subject =~ /^Anacron job '[a-z0-9_.-]+' on/i
header __ANACRON_FROM From =~ /^Anacron/
meta D_SENT_BY_ANACRON __ANACRON_SUBJ && __ANACRON_FROM
score D_SENT_BY_ANACRON -5.0
describe D_SENT_BY_ANACRON Sent by Anacron Daemon


header __CRON_FROM From =~ /^Cron Daemon/
header __CRON_HEADER X-Cron-Env =~ /./
meta D_SENT_BY_CRON __CRON_FROM && __CRON_HEADER
score D_SENT_BY_CRON -5.0
describe D_SENT_BY_CRON Sent by Cron Daemon


was müsste da geändert werden?
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

ok, das ist wohl gemeint:

lang de describe USER_IN_WHITELIST Absenderadresse steht in Ihrer persönlichen weißen Liste
lang de describe USER_IN_DEF_WHITELIST Absenderadresse steht in der allgemeinen weißen Liste
lang de describe USER_IN_BLACKLIST_TO Empfängeradresse steht in Ihrer persönlichen schwarzen Liste
lang de describe USER_IN_WHITELIST_TO Empfängeradresse steht in Ihrer persönlichen weißen Liste
lang de describe USER_IN_MORE_SPAM_TO Empfängeradresse soll fast alle (Spam-) Nachrichten erhalten
lang de describe USER_IN_ALL_SPAM_TO Empfängeradresse soll alle (Spam-) Nachrichten erhalten
lang de describe T_RCVD_IN_IADB_LIST Senderechner in IADB-Liste (http://www.isipp.com)


aber wieso soll ich alle 200 Beschreibungen in dem file kürzen? dann ergeben sie ja im SA report keinen sinn mehr wenn ich da einfach text entferne
Auch im aktuellen SA package sind die Beschreibungen für 50 Zeichen.
Das verstehe ich nicht recht.
Top

User avatar
Joe User
Project Manager
Project Manager
Posts: 11518
Joined: 2003-02-27 01:00
Location: Hamburg

Re: SA und Rules du Jour

Post by Joe User »

Sind die englischen Beschreibungen denn <50 Zeichen? Dann verzichte auf die deutschen und gut.
PayPal.Me/JoeUserFreeBSD Remote Installation
Wings for LifeWings for Life World Run

„If there’s more than one possible outcome of a job or task, and one
of those outcomes will result in disaster or an undesirable consequence,
then somebody will do it that way.“ -- Edward Aloysius Murphy Jr.
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

so habe ich mir das auch gedacht, leider finde ich nur 30_text_de _pl _nl _fr
aber nirgends was mit _en

Oder suche ich falsch?
Top

User avatar
Joe User
Project Manager
Project Manager
Posts: 11518
Joined: 2003-02-27 01:00
Location: Hamburg

Re: SA und Rules du Jour

Post by Joe User »

Nö, englisch ist default ;)
PayPal.Me/JoeUserFreeBSD Remote Installation
Wings for LifeWings for Life World Run

„If there’s more than one possible outcome of a job or task, and one
of those outcomes will result in disaster or an undesirable consequence,
then somebody will do it that way.“ -- Edward Aloysius Murphy Jr.
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

Danke.

Was ich nicht ganz verstehe:
Ich sammele seit Tagen Spam aus meinem Thunderbird zusammen und gebe den sa-learn zum fressen.
Und da ist nun auch schon eine Menge drin:

0.000 0 3 0 non-token data: bayes db version
0.000 0 1422 0 non-token data: nspam
0.000 0 177 0 non-token data: nham
0.000 0 141671 0 non-token data: ntokens
0.000 0 1058995800 0 non-token data: oldest atime
0.000 0 1167335046 0 non-token data: newest atime
0.000 0 0 0 non-token data: last journal sync atime
0.000 0 0 0 non-token data: last expiry atime
0.000 0 0 0 non-token data: last expire atime delta
0.000 0 0 0 non-token data: last expire reduction count


Schicke ich nun eine Spam Mail die ich vorher an sa-learn verfüttert habe, zum Server, kommt ein Score von 0.0
und nicht ein Text wird performed (so wie ich das in mail.info vergleichen kann)
Hier was ich meine:
Dec 28 20:44:06 srv01 spamd[31553]: connection from localhost.localdomain [127.0.0.1] at port 33939
Dec 28 20:44:06 srv01 spamd[31553]: processing message <45941E90.7060006@gmx.de> for web1p1:0.
Dec 28 20:44:06 srv01 spamd[31553]: clean message (0.0/5.0) for web1p1:0 in 0.2 seconds, 1537 bytes.
Dec 28 20:44:06 srv01 spamd[31553]: result: . 0 - scantime=0.2,size=1537,mid=<45941E90.7060006@gmx.de>,autolearn=ham

Und hier eine die sonst wo her kommt:
da steht ja wenigstens dabei was für Tests performed wurden:

Dec 28 20:46:27 srv01 spamd[5511]: connection from localhost.localdomain [127.0.0.1] at port 33951
Dec 28 20:46:27 srv01 spamd[5511]: processing message <45941F1E.4010005@domain.de> for web1p1:0.
Dec 28 20:46:28 srv01 spamd[5511]: identified spam (7.6/5.0) for web1p1:0 in 0.7 seconds, 2942 bytes.
Dec 28 20:46:28 srv01 spamd[5511]: result: Y 7 - AWL,RM_bpoem_InstantDL,SARE_OEM_AND_OTHER,SARE_OEM_A_1,SARE_OEM_MONEY_ADOBE,SARE_OEM_MONEY_MS,SARE_OEM_MONE
Y_WIN,SARE_OEM_POP_PRICES3,SARE_OEM_PRODS_1,SARE_OEM_PRODS_2,SARE_OEM_PRODS_FEW,SARE_OEM_SOFT_IS,SARE_PRODUCTS_02,SARE_PRODUCTS_03,SARE_URI_OEM scantime=0.7,
size=2942,mid=<45941F1E.4010005@domain.de>,autolearn=no

Ich bin seit Tagen SA am tunen und Doku lesen, aber ich werde irgendwie nicht ganz schlau aus dem Tool.
Gibt irgendwo ein ausführliches Log was SA mit einer Mail macht?
Um zu sehen wieso er eine Mail die vorher als spam in den Bayes Filter geladen wurde, mit 0.0 bewertet und kein ruleset in mail.info für die Mail angegeben ist....?
Top

timeless2
Posts: 416
Joined: 2005-03-04 14:45
Location: Paris

Re: SA und Rules du Jour

Post by timeless2 »

thomas.km wrote:0.000 0 177 0 non-token data: nham
Füttere noch ein paar Ham-Mails (>200) und dein SA wird die Bayes-DB zur Spambewertung hinzuziehen. Das war ja bisher nicht der Fall. Die Logdatei, was SA mit der Mail macht, hast du schon gefunden, bzw. wie SA die Mails bewertet (Punktzahl und zugehörige Regeln).
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

das hatte ich gestern Nacht noch gemacht weil es mir auch aufgefallen ist, da ändert sich leider nicht viel wenn ich mir angucke was da alles in der Nacht bis heute Vormittag durchmarschiert ist :-//

Keine Ahnung an welcher Ecke ich noch tunen soll :-(

sa-learn --dump magic
0.000 0 3 0 non-token data: bayes db version
0.000 0 2432 0 non-token data: nspam
0.000 0 530 0 non-token data: nham
0.000 0 209195 0 non-token data: ntokens
0.000 0 1069369200 0 non-token data: oldest atime
0.000 0 1167387612 0 non-token data: newest atime
0.000 0 0 0 non-token data: last journal sync atime
0.000 0 1167389138 0 non-token data: last expiry atime
0.000 0 0 0 non-token data: last expire atime delta
0.000 0 0 0 non-token data: last expire reduction count
Top

User avatar
Joe User
Project Manager
Project Manager
Posts: 11518
Joined: 2003-02-27 01:00
Location: Hamburg

Re: SA und Rules du Jour

Post by Joe User »

Sind es nicht >2000 Ham? Meine kürzlich diese Zahl gelesen zu haben...
PayPal.Me/JoeUserFreeBSD Remote Installation
Wings for LifeWings for Life World Run

„If there’s more than one possible outcome of a job or task, and one
of those outcomes will result in disaster or an undesirable consequence,
then somebody will do it that way.“ -- Edward Aloysius Murphy Jr.
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

nope

habe spamd im debug gestartet und da steht auch 200 von jeder Sorte

Dec 28 23:15:14 srv01 spamd[7351]: debug: bayes: Not available for scanning, only 130 spam(s) in Bayes DB < 200
Dec 28 23:48:52 srv01 spamd[7846]: debug: bayes: Not available for scanning, only 0 ham(s) in Bayes DB < 200


Aber die habe ich ja nun :-//
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

hier nochmal debugging...

wie ich da einige Lesefehler wegbekommen soll, ist mir nicht klar.

Code: Select all

Dec 29 15:05:51 srv01 postfix/smtpd[18190]: connect from m111.net81-65-55.noos.fr[81.65.55.111]
Dec 29 15:05:54 srv01 postfix/smtpd[18190]: 9CE1BC012: client=m111.net81-65-55.noos.fr[81.65.55.111]
Dec 29 15:05:58 srv01 postfix/cleanup[18193]: 9CE1BC012: message-id=<195a01c72b9b$0245c2c0$02af30b0@dragosescuinhih>
Dec 29 15:05:59 srv01 postfix/qmgr[17157]: 9CE1BC012: from=<dragosescuinhih@noos.fr>, size=19351, nrcpt=1 (queue active)
Dec 29 15:05:59 srv01 postfix/smtpd[18199]: connect from localhost.localdomain[127.0.0.1]
Dec 29 15:05:59 srv01 postfix/smtpd[18199]: D54A4C01F: client=localhost.localdomain[127.0.0.1]
Dec 29 15:05:59 srv01 postfix/cleanup[18193]: D54A4C01F: message-id=<195a01c72b9b$0245c2c0$02af30b0@dragosescuinhih>
Dec 29 15:05:59 srv01 postfix/qmgr[17157]: D54A4C01F: from=<dragosescuinhih@noos.fr>, size=19874, nrcpt=1 (queue active)
Dec 29 15:05:59 srv01 postfix/smtpd[18199]: disconnect from localhost.localdomain[127.0.0.1]
Dec 29 15:05:59 srv01 amavis[17424]: (17424-09) Passed, <dragosescuinhih@noos.fr> -> <mail@domain.com>, Message-ID: <195a01c72b9b$0245c2c0$02af30b0@dragosescuinhih>, Hits: -
Dec 29 15:05:59 srv01 postfix/smtp[18194]: 9CE1BC012: to=<mail@domain.com>, relay=127.0.0.1[127.0.0.1], delay=6, status=sent (250 2.6.0 Ok, id=17424-09, from MTA: 250 Ok: queued as D54A4C01F)
Dec 29 15:05:59 srv01 postfix/qmgr[17157]: 9CE1BC012: removed
Dec 29 15:05:59 srv01 spamd[17853]: logmsg: connection from localhost.localdomain [127.0.0.1] at port 34518
Dec 29 15:05:59 srv01 spamd[17853]: connection from localhost.localdomain [127.0.0.1] at port 34518
Dec 29 15:05:59 srv01 spamd[17853]: logmsg: info: setuid to web1p1 succeeded
Dec 29 15:05:59 srv01 spamd[17853]: info: setuid to web1p1 succeeded
Dec 29 15:05:59 srv01 spamd[17853]: debug: read_scoreonly_config: cannot open "/home/email/web1p1/.spamassassin/user_prefs": Datei oder Verzeichnis nicht gefunden
Dec 29 15:05:59 srv01 spamd[17853]: debug: user has changed
Dec 29 15:05:59 srv01 spamd[17853]: debug: bayes: 17853 tie-ing to DB file R/O /etc/spamassassin/bayes_toks
Dec 29 15:05:59 srv01 spamd[17853]: Cannot open bayes databases /etc/spamassassin/bayes_* R/O: tie failed: Keine Berechtigung
Dec 29 15:05:59 srv01 spamd[17853]: debug: bayes: 17853 untie-ing DB file toks
Dec 29 15:05:59 srv01 spamd[17853]: debug: Score set 1 chosen.
Dec 29 15:05:59 srv01 spamd[17853]: logmsg: processing message <195a01c72b9b$0245c2c0$02af30b0@dragosescuinhih> for web1p1:1148.
Dec 29 15:05:59 srv01 spamd[17853]: processing message <195a01c72b9b$0245c2c0$02af30b0@dragosescuinhih> for web1p1:1148.
Dec 29 15:06:00 srv01 spamd[17853]: debug: bayes: 17853 tie-ing to DB file R/O /etc/spamassassin/bayes_toks
Dec 29 15:06:00 srv01 spamd[17853]: Cannot open bayes databases /etc/spamassassin/bayes_* R/O: tie failed: Keine Berechtigung
Dec 29 15:06:00 srv01 spamd[17853]: debug: bayes: 17853 untie-ing DB file toks
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: parsed as [ ip=127.0.0.1 rdns=localhost.localdomain helo=localhost by=srv01.domain.com ident= envfrom= intl=0 id=D54A4C01F auth= ]
Dec 29 15:06:00 srv01 spamd[17853]: debug: is Net::DNS::Resolver available? yes
Dec 29 15:06:00 srv01 spamd[17853]: debug: Net::DNS version: 0.48
Dec 29 15:06:00 srv01 spamd[17853]: debug: IP is reserved, not looking up PTR: 127.0.0.1
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: parsed as [ ip=127.0.0.1 rdns= helo=srv01.domain.com by=localhost ident= envfrom= intl=0 id=17424-09 auth= ]
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: parsed as [ ip=81.65.55.111 rdns=m111.net81-65-55.noos.fr helo=noos.fr by=srv01.domain.com ident= envfrom= intl=0 id=9CE1BC012 auth= ]
Dec 29 15:06:00 srv01 spamd[17853]: debug: looking up A records for 'srv01.domain.com'
Dec 29 15:06:00 srv01 spamd[17853]: debug: A records for 'srv01.domain.com': 85.14.216.254
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: 'from' 127.0.0.1 has reserved IP
Dec 29 15:06:00 srv01 spamd[17853]: debug: looking up A records for 'srv01.domain.com'
Dec 29 15:06:00 srv01 spamd[17853]: debug: A records for 'srv01.domain.com': 85.14.216.254
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: 'by' srv01.domain.com has public IP 85.14.216.254
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: relay 127.0.0.1 trusted? yes internal? no
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: 'from' 127.0.0.1 has reserved IP
Dec 29 15:06:00 srv01 spamd[17853]: debug: looking up A records for 'localhost'
Dec 29 15:06:00 srv01 spamd[17853]: debug: A records for 'localhost': 127.0.0.1
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: relay 127.0.0.1 trusted? yes internal? no
Dec 29 15:06:00 srv01 spamd[17853]: debug: looking up A records for 'srv01.domain.com'
Dec 29 15:06:00 srv01 spamd[17853]: debug: A records for 'srv01.domain.com': 85.14.216.254
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: 'by' srv01.domain.com has public IP 85.14.216.254
Dec 29 15:06:00 srv01 spamd[17853]: debug: received-header: relay 81.65.55.111 trusted? no internal? no
Dec 29 15:06:00 srv01 spamd[17853]: debug: metadata: X-Spam-Relays-Trusted: [ ip=127.0.0.1 rdns=localhost.localdomain helo=localhost by=srv01.domain.com ident= envfrom= intl=0 id=D54A4C01F auth= ] [ ip=127.0.0.1 rdns= helo=srv01.domain.com by=localhost ident= envfrom= intl=0 id=17424-09 auth= ]
Dec 29 15:06:00 srv01 spamd[17853]: debug: metadata: X-Spam-Relays-Untrusted: [ ip=81.65.55.111 rdns=m111.net81-65-55.noos.fr helo=noos.fr by=srv01.domain.com ident= envfrom= intl=0 id=9CE1BC012 auth= ]
Dec 29 15:06:00 srv01 spamd[17853]: debug: ---- MIME PARSER START ----
Dec 29 15:06:00 srv01 spamd[17853]: debug: main message type: multipart/related
Dec 29 15:06:00 srv01 spamd[17853]: debug: parsing multipart, got boundary: ----=_NextPart_320_CD89_B2D9989B.733BA16D
Dec 29 15:06:00 srv01 spamd[17853]: debug: found part of type multipart/alternative, boundary: ----=_NextPart_8F9_5E9B_834DC9C7.19B54391
Dec 29 15:06:00 srv01 spamd[17853]: debug: parsing multipart, got boundary: ----=_NextPart_8F9_5E9B_834DC9C7.19B54391
Dec 29 15:06:00 srv01 spamd[17853]: debug: found part of type text/plain, boundary: ----=_NextPart_8F9_5E9B_834DC9C7.19B54391
Dec 29 15:06:00 srv01 spamd[17853]: debug: parsing normal part
Dec 29 15:06:00 srv01 spamd[17853]: debug: added part, type: text/plain
Dec 29 15:06:00 srv01 spamd[17853]: debug: found part of type text/html, boundary: ----=_NextPart_8F9_5E9B_834DC9C7.19B54391
Dec 29 15:06:00 srv01 spamd[17853]: debug: parsing normal part
Dec 29 15:06:00 srv01 spamd[17853]: debug: added part, type: text/html
Dec 29 15:06:00 srv01 spamd[17853]: debug: added part, type: multipart/alternative
Dec 29 15:06:00 srv01 spamd[17853]: debug: found part of type image/gif, boundary: ----=_NextPart_320_CD89_B2D9989B.733BA16D
Dec 29 15:06:00 srv01 spamd[17853]: debug: parsing normal part
Dec 29 15:06:00 srv01 spamd[17853]: debug: added part, type: image/gif
Dec 29 15:06:00 srv01 spamd[17853]: debug: ---- MIME PARSER END ----
Dec 29 15:06:00 srv01 spamd[17853]: debug: decoding: quoted-printable
Dec 29 15:06:00 srv01 spamd[17853]: debug: decoding: quoted-printable
Dec 29 15:06:00 srv01 spamd[17853]: debug: uri found: cid:6bdc001c72b9bf02895b70d77f932b@dragosescuinhih
Dec 29 15:06:00 srv01 spamd[17853]: debug: URIDNSBL: domains to query:
Dec 29 15:06:00 srv01 spamd[17853]: debug: is Net::DNS::Resolver available? yes
Dec 29 15:06:00 srv01 spamd[17853]: debug: Net::DNS version: 0.48
Dec 29 15:06:00 srv01 spamd[17853]: debug: all '*From' addrs: dragosescuinhih@noos.fr
Dec 29 15:06:00 srv01 spamd[17853]: debug: Running tests for priority: 0
Dec 29 15:06:00 srv01 spamd[17853]: debug: running header regexp tests; score so far=0
Dec 29 15:06:00 srv01 spamd[17853]: debug: SPF: checking HELO (helo=noos.fr, ip=81.65.55.111)
Dec 29 15:06:00 srv01 spamd[17853]: debug: SPF: trimmed HELO down to 'noos.fr'
Dec 29 15:06:00 srv01 spamd[17853]: debug: SPF: cannot load or create Mail::SPF::Query module
Dec 29 15:06:00 srv01 spamd[17853]: debug: forged-HELO: from=noos.fr helo=noos.fr by=domain.com
Dec 29 15:06:00 srv01 spamd[17853]: debug: all '*To' addrs: mail@domain.com web1p1@srv01.domain.com
Dec 29 15:06:00 srv01 spamd[17853]: debug: SPF: relayed through one or more trusted relays, cannot use header-based Envelope-From, skipping
Dec 29 15:06:00 srv01 spamd[17853]: debug: running body-text per-line regexp tests; score so far=0.222
Dec 29 15:06:00 srv01 postfix/smtpd[18190]: disconnect from m111.net81-65-55.noos.fr[81.65.55.111]
Dec 29 15:06:01 srv01 spamd[17853]: debug: running uri tests; score so far=0.222
Dec 29 15:06:01 srv01 spamd[17853]: debug: madiff: left: 0, orig: 270, max-difference: 0.00%
Dec 29 15:06:01 srv01 spamd[17853]: debug: Razor2 is available
Dec 29 15:06:01 srv01 spamd[17853]: debug: entering helper-app run mode
Dec 29 15:06:01 srv01 spamd[17853]: debug: Using results from Razor v2.67
Dec 29 15:06:01 srv01 spamd[17853]: debug: Found Razor2 part: part=0 engine=4 ct=0 cf=0
Dec 29 15:06:01 srv01 spamd[17853]: debug: Found Razor2 part: part=1 engine=4 ct=0 cf=0
Dec 29 15:06:01 srv01 spamd[17853]: debug: Found Razor2 part: part=2 engine=4 ct=0 cf=0
Dec 29 15:06:01 srv01 spamd[17853]: debug: leaving helper-app run mode
Dec 29 15:06:01 srv01 spamd[17853]: debug: Razor2 results: spam? 0  highest cf score: 0
Dec 29 15:06:01 srv01 spamd[17853]: debug: running raw-body-text per-line regexp tests; score so far=0.279
Dec 29 15:06:01 srv01 spamd[17853]: debug: running full-text regexp tests; score so far=0.279
Dec 29 15:06:01 srv01 spamd[17853]: debug: Razor2 is available
Dec 29 15:06:01 srv01 spamd[17853]: debug: Pyzor is available: /usr/bin/pyzor
Dec 29 15:06:01 srv01 spamd[17853]: debug: entering helper-app run mode
Dec 29 15:06:01 srv01 spamd[18206]: debug: changing real uid from 0 to match effective uid 1148
Dec 29 15:06:01 srv01 spamd[18206]: debug: setuid: helper proc 18206: ruid=1148 euid=1148
Dec 29 15:06:02 srv01 spamd[17853]: debug: Pyzor: got response: downloading servers from http://pyzor.sourceforge.net/cgi-bin/inform-servers-0-3-x
Dec 29 15:06:02 srv01 spamd[17853]: debug: leaving helper-app run mode
Dec 29 15:06:02 srv01 spamd[17853]: debug: Pyzor: couldn't grok response "downloading servers from http://pyzor.sourceforge.net/cgi-bin/inform-servers-0-3-x"
Dec 29 15:06:02 srv01 spamd[17853]: debug: DCCifd is not available: no r/w dccifd socket found.
Dec 29 15:06:02 srv01 spamd[17853]: debug: DCC is available: /usr/bin/dccproc
Dec 29 15:06:02 srv01 spamd[17853]: debug: entering helper-app run mode
Dec 29 15:06:02 srv01 spamd[18207]: debug: changing real uid from 0 to match effective uid 1148
Dec 29 15:06:02 srv01 spamd[18207]: debug: setuid: helper proc 18207: ruid=1148 euid=1148
Dec 29 15:06:02 srv01 spamd[17853]: debug: DCC: got response: X-DCC-EATSERVER-Metrics: srv01.domain.com 1166; Body=1 Fuz1=1 Fuz2=1
Dec 29 15:06:02 srv01 spamd[17853]: debug: leaving helper-app run mode
Dec 29 15:06:02 srv01 spamd[17853]: debug: Running tests for priority: 500
Dec 29 15:06:02 srv01 spamd[17853]: debug: RBL: success for 11 of 11 queries
Dec 29 15:06:02 srv01 spamd[17853]: debug: running meta tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running header regexp tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running body-text per-line regexp tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running uri tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running raw-body-text per-line regexp tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running full-text regexp tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: Running tests for priority: 1000
Dec 29 15:06:02 srv01 spamd[17853]: debug: running meta tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running header regexp tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: lock: 17853 created /home/email/web1p1/.spamassassin/auto-whitelist.lock.srv01.domain.com.17853
Dec 29 15:06:02 srv01 spamd[17853]: debug: lock: 17853 trying to get lock on /home/email/web1p1/.spamassassin/auto-whitelist with 0 retries
Dec 29 15:06:02 srv01 spamd[17853]: debug: lock: 17853 link to /home/email/web1p1/.spamassassin/auto-whitelist.lock: link ok
Dec 29 15:06:02 srv01 spamd[17853]: debug: Tie-ing to DB file R/W in /home/email/web1p1/.spamassassin/auto-whitelist
Dec 29 15:06:02 srv01 spamd[17853]: debug: auto-whitelist (db-based): dragosescuinhih@noos.fr|ip=81.65 scores 0/0
Dec 29 15:06:02 srv01 spamd[17853]: debug: auto-whitelist (db-based): dragosescuinhih@noos.fr|ip=none scores 0/0
Dec 29 15:06:02 srv01 spamd[17853]: debug: AWL active, pre-score: 4.313, autolearn score: 4.313, mean: undef, IP: 81.65.55.111
Dec 29 15:06:02 srv01 spamd[17853]: debug: add_score: New count: 1, new totscore: 4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: DB addr list: untie-ing and unlocking.
Dec 29 15:06:02 srv01 spamd[17853]: debug: DB addr list: file locked, breaking lock.
Dec 29 15:06:02 srv01 spamd[17853]: debug: unlock: 17853 unlink /home/email/web1p1/.spamassassin/auto-whitelist.lock
Dec 29 15:06:02 srv01 spamd[17853]: debug: Post AWL score: 4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running body-text per-line regexp tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running uri tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running raw-body-text per-line regexp tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: running full-text regexp tests; score so far=4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: auto-learn: currently using scoreset 1.
Dec 29 15:06:02 srv01 spamd[17853]: debug: auto-learn: message score: 4.313, computed score for autolearn: 4.313
Dec 29 15:06:02 srv01 spamd[17853]: debug: auto-learn? ham=0.1, spam=12, body-points=4.091, head-points=4.256, learned-points=0
Dec 29 15:06:02 srv01 spamd[17853]: debug: auto-learn? no: inside auto-learn thresholds, not considered ham or spam
Dec 29 15:06:02 srv01 spamd[17853]: debug: is spam? score=4.313 required=5
Dec 29 15:06:02 srv01 spamd[17853]: debug: tests=DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST,DNS_FROM_RFC_WHOIS,EXTRA_MPART_TYPE,HTML_30_40,HTML_MESSAGE,RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL
Dec 29 15:06:02 srv01 spamd[17853]: debug: subtests=__ANY_OUTLOOK_MUA,__CT,__CTYPE_HAS_BOUNDARY,__CTYPE_MULTIPART_ALT,__HAS_MIMEOLE,__HAS_MSGID,__HAS_MSMAIL_PRI,__HAS_OUTLOOK_IN_MAILER,__HAS_SUBJECT,__HAS_X_MAILER,__HAS_X_PRIORITY,__MIME_BASE64,__MIME_HTML,__MIME_QP,__MIME_VERSION,__MSGID_OK_HEX,__MSGID_OK_HOST,__NEXTPART_ALL,__NEXTPART_NORMAL,__OE_MSGID_2,__OE_MUA,__OUTLOOK_DOLLARS_MSGID,__RCVD_IN_NJABL,__RCVD_IN_SORBS,__RFC_IGNORANT_ENVFROM,__SANE_MSGID,__SARE_BODY_BLNK_5_100,__SARE_META_MURTY3,__SARE_URI_ANY,__TAG_EXISTS_BODY,__TAG_EXISTS_HEAD,__TAG_EXISTS_HTML,__TAG_EXISTS_META
Dec 29 15:06:02 srv01 spamd[17853]: logmsg: clean message (4.3/5.0) for web1p1:1148 in 2.7 seconds, 19728 bytes.
Dec 29 15:06:02 srv01 spamd[17853]: clean message (4.3/5.0) for web1p1:1148 in 2.7 seconds, 19728 bytes.
Dec 29 15:06:02 srv01 spamd[17853]: logmsg: result: .  4 - DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST,DNS_FROM_RFC_WHOIS,EXTRA_MPART_TYPE,HTML_30_40,HTML_MESSAGE,RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL scantime=2.7,size=19728,mid=<195a01c72b9b$0245c2c0$02af30b0@dragosescuinhih>,autolearn=no
Dec 29 15:06:02 srv01 spamd[17853]: result: .  4 - DNS_FROM_RFC_ABUSE,DNS_FROM_RFC_POST,DNS_FROM_RFC_WHOIS,EXTRA_MPART_TYPE,HTML_30_40,HTML_MESSAGE,RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL scantime=2.7,size=19728,mid=<195a01c72b9b$0245c2c0$02af30b0@dragosescuinhih>,autolearn=no
Dec 29 15:06:02 srv01 postfix/local[18200]: D54A4C01F: to=<web1p1@srv01.domain.com>, orig_to=<mail@domain.com>, relay=local, delay=3, status=sent (delivered to command: /usr/bin/procmail -t /etc/procmailrc-courier)
Dec 29 15:06:02 srv01 postfix/qmgr[17157]: D54A4C01F: removed
Das ist ein kompletter Debug Log für eine Mail.
Ich verwende site-based rules, keine user_prefs, daher sind die Fehlermeldungen ok. Auch wenn ich nicht verstehe wieso die da sind.
Aber diese Dinge:
* R/O: tie failed: Keine Berechtigung
kann ich mir nicht erklären.
Top

timeless2
Posts: 416
Joined: 2005-03-04 14:45
Location: Paris

Re: SA und Rules du Jour

Post by timeless2 »

thomas.km wrote:hier nochmal debugging...

wie ich da einige Lesefehler wegbekommen soll, ist mir nicht klar.

Code: Select all

Dec 29 15:05:59 srv01 spamd[17853]: processing message <195a01c72b9b$0245c2c0$02af30b0@dragosescuinhih> for web1p1:1148.
Dec 29 15:06:00 srv01 spamd[17853]: debug: bayes: 17853 tie-ing to DB file R/O /etc/spamassassin/bayes_toks
Dec 29 15:06:00 srv01 spamd[17853]: Cannot open bayes databases /etc/spamassassin/bayes_* R/O: tie failed: Keine Berechtigung
Dec 29 15:06:00 srv01 spamd[17853]: debug: bayes: 17853 untie-ing DB file toks
Du musst deinen Spamassassin unter dem User web1p1:1148 trainieren und das auch in einer Datei ablegen, auf die dieser User zugreifen kann.
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

ich will es unter keinem trainieren, side based, nicht user based. :-/

Daher starte ich in der /etc/procmailrc SA auch mit -x das keine user files created werden.
Top

User avatar
Joe User
Project Manager
Project Manager
Posts: 11518
Joined: 2003-02-27 01:00
Location: Hamburg

Re: SA und Rules du Jour

Post by Joe User »

Dann wirst Du Deine User in eine zusätzliche gemeinsame Gruppe stecken und die Bayes-Datenbanken dieser Gruppe zuordnen müssen.
PayPal.Me/JoeUserFreeBSD Remote Installation
Wings for LifeWings for Life World Run

„If there’s more than one possible outcome of a job or task, and one
of those outcomes will result in disaster or an undesirable consequence,
then somebody will do it that way.“ -- Edward Aloysius Murphy Jr.
Top

thomas.km
Posts: 364
Joined: 2003-09-14 11:35
Location: Schleswig-Holstein

Re: SA und Rules du Jour

Post by thomas.km »

Joe User wrote:Dann wirst Du Deine User in eine zusätzliche gemeinsame Gruppe stecken und die Bayes-Datenbanken dieser Gruppe zuordnen müssen.
das sehe ich nicht so.

Wozu die User?

Es reicht wenn spamd die nötigen Rechtes für die Bayes Datenbanken hat.
Macht auch Sinn.

Hat geklappt.
Top