Hello,
OK, can we assume that i am not going to change to this "exiscan" thing,
and that i am going to continue to use routers and transports.
I have a problem, as documented in the first email (copied below), which
needs fixing, and i was wondering if anyone had any advice that doesn't
involve scrapping the router/transport solution.
After all, routers and transports has been working perfectly for us for
months, but ever since upgrading, it's stopped working on 50% of the email!
Thanks in advance, and here's my first email...
Yesterday, i upgraded SpamAssassin from "3.0.3-2sarge1" to
"3.1.7-1~bpo.1" on a Debian Sarge box, using the following repository:
============================================================
deb
http://www.backports.org/debian sarge-backports main contrib non-free
============================================================
However, since the upgrade, around 50% of the messages have been
bouncing with the following message:
============================================================
421 SMTP incoming data timeout - message abandoned
============================================================
Having investigated a little further, we are seeing lots of messages
like these:
============================================================
mail:/var/log/exim4# grep BSMTP /var/log/exim4/mainlog.1
2007-02-27 17:10:34 1HM5le-0008Sj-5j <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 17:23:09 1HM5xn-00009Z-Cn <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 17:33:14 1HM67a-0000GO-BB <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 17:51:29 1HM6PC-0000UI-Kl <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:02:01 1HM6ZN-0000aK-JK <user2@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:14:39 1HM6lf-0000hq-4x <user3@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:31:31 1HM71z-0000rC-Qm <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:42:12 1HM7CJ-0000xC-Ss <user4@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:42:14 1HM7CM-0000xN-HD <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:42:19 1HM7CR-0000xX-4h <user2@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
============================================================
Do you know what is happening here? Do i need to adjust some config due
to the upgrade?
My current exim config (which worked fine with "3.0.3-2sarge1") is as
follows:
Router:
============================================================
sa_router:
no_verify
check_local_user
# When to scan a message :
# - it isn't already flagged as spam from Spamassassin
# - it isn't already scanned
# - it isn't local
# - it isn't from one internal domain user to another
condition = "${if and { \
{!eq {$received_protocol}{spam-scanned}} \
{!eq {$received_protocol}{local}} \
{!eq {$sender_address_domain}{$domain}} \
} \
{1}{0}}"
driver = accept
transport = sa_spamcheck
local_parts = /etc/spamassassinUsers
============================================================
Transport:
============================================================
sa_spamcheck:
driver = pipe
command = /usr/sbin/exim4 -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/spamc
home_directory = "/tmp"
current_directory = "/tmp"
user = spamcheck
group = spamcheck
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
============================================================
Thanks in advance for any advice,
Richard.
Arthur Hagen wrote:
> On Wed, 2007-02-28 at 20:15 +0100, Renaud Allard wrote:
>> For the moment, you are using routers and transports to scan for spam.
>> This means you cannot deny mails at SMTP time. It is much better to use
>> the built in spam and antivirus scan functions.
>
> The problem with not using routers at all is that different recipients
> have different definitions of spam, and it seems quite tough to set up
> something that allows for scanning at SMTP time, while still allowing
> individual users' whitelists and special considerations.
>
> The best I've come up with is far from perfect:
>
> ...
> acl_smtp-rcpt = acl_check_rcpt
> acl_smtp_data = acl_check_data
> spamd_address = 127.0.0.1 783
> ...
> begin acl
> acl_check_rcpt:
> ...
> accept domains = +local_domains
> endpass
> verify = recipient
> # Allow for user-anything@ addresses
> set acl_m0 = ${sg{$local_part}{-.*}{}}
> set acl_m0 = ${lookup{$acl_m0}dbm{/etc/aliases.db}}
> set acl_m0 = ${if eq {}{$acl_m0}{nobody}{$acl_m0}}
>
> accept domains = +relay_to_domains
> endpass
> verify = recipient
> set acl_m0 = nobody
> ...
> acl_check_data:
> ...
> # Reject spam messages with score over 15
> deny message = Spam is not wanted here
> spam = $acl_m0:true
> condition = ${if >{$spam_score_int}{150}{1}{0}}
>
> warn spam = $acl_m0
> message = X-Spam-Flag: YES\n\
> X-Spam-Score: $spam_score ($spam_bar)\n\
> X-Spam-Report: $spam_report\n\
> X-Spam-Scanned-By: $acl_m0
> ...
> (router section)
> dnslookup:
> driver = dnslookup
> domains = ! +local_domains
> transport = remote_smtp
> ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
> headers_remove =
> X-Spam-Status:X-Spam-Flag:X-Spam-Score:X-Spam-Report:X-Spam-Scanned-By:X-Is-A-Bounce
> no_more
>
>
> The idea is that local incoming mail gets scanned by the recipient,
> while relayed mail or mail where the recipient can't be determined gets
> scanned by the "nobody" user.
> This is far from perfect, as it will not handle aliases pointing to
> other aliases. The main problem is that when there /is/ a local
> recipient, but the above acl_m0 rules fail to determine it, the uid will
> be incorrect, and spamassassin fails to access the user's rules:
>
> Feb 27 23:55:11 myhost spamd[2382]: auto-whitelist: open of
> auto-whitelist file failed: locker: safe_lock: cannot create tmp
> lockfile /home/username/.spamassassin/auto-whitelist.lock.myhost.mydomain.com.2382 for /home/username/.spamassassin/auto-whitelist.lock: Permission denied
>
> Anyone know how to fix this, or better yet, have an alternative approach
> that does allow for per-user scanning before the mail is accepted?
>
> I already know that there is a logistical problem when there's more than
> one local recipient. It would be acceptable, but far from perfect, to
> have that kind of email scanned by just one of the users (as is what
> happens with the above) or "nobody".
>
> Regards,
--
Richard Hobbs (Systems Administrator)
Toshiba Research Europe Ltd. - Speech Technology Group
Email: richard.hobbs@???
Web: http://www.toshiba-europe.com/research/
Tel: +44 1223 376964 Mobile: +44 7811 803377
