Re: [exim] Exim and spamd

Pàgina inicial
Delete this message
Reply to this message
Autor: George
Data:  
A: Bill Hacker
CC: exim-users
Assumpte: Re: [exim] Exim and spamd
>George wrote:
>
>>Hello list,
>>
>>I'm using SA 3.10 wih Exim 4.60 on Darwin and I'm getting the
>>following in Exim panic log:
>>
>>2005-12-08 07:18:50 IR6QJD-00008X-PB spam acl condition: Resource
>>temporarily unavailable on spamd socket
>>
>>I get this message 40 to 50 times per day on a low volume server.
>>(maybe 1000/day volume)
>>
>
>[1]
>
>>The corresponding reference in my mail log that is used by imap pop
>>and spamd shows the following:
>>
>>Dec 8 07:18:50 dnsbureau spamd[281]: spamd: bad protocol: header
>>error: (Content-Length mismatch: Expected 9274 bytes, got 8123
>>bytes) at /usr/bin/spamd line 1674, <GEN16> line 161.\n
>>
>
>[2]
>
>>The particular email did not have an attachment, so that could not
>>be a real issue. I'm using Unix sockets as it seems more stable to
>>me than an IP. Also, it does happen also sometimes, when no other
>>processes are running.
>>
>>This problem started with 4.52, and on to 4.54 and 4.60 but it
>>wasn't present with 4.51.
>>
>>I'm just trying to figure out if this is an Exim of spamd issue. If
>>you have some info, I'll appreciate it.
>
>[3]
>
>>
>>George
>>
>
>[1] Perhaps implied, but not clearly stated: Does spamd succeed in
>utilizing the socket at other times?


Yes, every time.

>
>- Presuming Exim and spamd are running as different users, are they
>at least in the same group?


No. My perimeters for spamd start up are: /usr/bin/spamd -d -x -q -L
-m 10 -u amavisd --socketpath=/tmp/spamd

>
>- do both, probably by group perms, have r/w access rights to the socket?


socket is created by spamd as root/wheel automatically and the child
processes are amavisd (it's just a username, no amavisd)

>
>- might either be leaving the socket set with ownership and/or perm
>settings that block the other?


No. Upon the next call it works. I looked in crash logs, reporters,
system logs not a trace other than in the panic log and mail log.

>
>i.e. -
>
>- might you be invoking spamd more than once against the same message?


No.

>
>- are you calling spamd during a connection, afterwards, or both?


During

>
>- does Exim always run as the same UID:GID, or does it adopt the
>UID:GID of, for example, an
>authenticated MUA user,


Exim is fixed user. Authentication is mysql based. No system users.

>
>- if so, is that done before or after the point at which you invoke spamd?


Before...
During data acl

     warn   message       = X-Spam-Status: $spam_report\n\
                            X-New-Subject: [***SPAM***] $h_subject:
            condition     = ${if <{$message_size}{80k}{1}{0}}
            spam          = $acl_m0:true


>
>
>[2] AFAIK, a symptom of Apple taking a Microdaft approach (RFC-iggerant).
>Essentially identical messages seen here (FreeBSD 4.X, Exim 4.54)
>but exclusively and only on messages originating from Apple's advert
>broadcasts. Until they were block-listed, anyway. Should be
>unrelated to the more general socket issue.
>
>[3] Presuming your perms are OK, *and* that you destroy the socket
>as part of/before trying to use it after an abnormal shutdown,
>suspect this is neither an Exim or spamd variation, but rather an OS
>X issue.


Tested various different versions. If Exim is 4.51 spamd acts OK.
From that point on this issue is surfacing with every new release up
to 4.60.

>
>- helpful to know at what point(s) you are calling spamd, and what
>UID:GID socket ownership & perms are active at various points in
>time.


During data acl as I mentioned above. I'm not sure if the problem
hangs on ownership issue. Socket doesn't become stale or
dysfunctional.

I checked bug reports at SpamAssassin but did not find any reference.

Thanks Bill.

>Bill Hacker
>
>
>--
>## List details at http://www.exim.org/mailman/listinfo/exim-users
>## Exim details at http://www.exim.org/
>## Please use the Wiki with this list - http://www.exim.org/eximwiki/