Re: [exim] Problem since upgrading spamassassin

Góra strony
Delete this message
Reply to this message
Autor: Richard Hobbs
Data:  
Dla: exim-users
Temat: Re: [exim] Problem since upgrading spamassassin
Hello,

OK, can we assume that i am not going to change to this "exiscan" thing,
and that i am going to continue to use routers and transports.

I have a problem, as documented in the first email (copied below), which
needs fixing, and i was wondering if anyone had any advice that doesn't
involve scrapping the router/transport solution.

After all, routers and transports has been working perfectly for us for
months, but ever since upgrading, it's stopped working on 50% of the email!

Thanks in advance, and here's my first email...

Yesterday, i upgraded SpamAssassin from "3.0.3-2sarge1" to
"3.1.7-1~bpo.1" on a Debian Sarge box, using the following repository:

============================================================
deb http://www.backports.org/debian sarge-backports main contrib non-free
============================================================

However, since the upgrade, around 50% of the messages have been
bouncing with the following message:

============================================================
421 SMTP incoming data timeout - message abandoned
============================================================

Having investigated a little further, we are seeing lots of messages
like these:

============================================================
mail:/var/log/exim4# grep BSMTP /var/log/exim4/mainlog.1
2007-02-27 17:10:34 1HM5le-0008Sj-5j <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 17:23:09 1HM5xn-00009Z-Cn <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 17:33:14 1HM67a-0000GO-BB <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 17:51:29 1HM6PC-0000UI-Kl <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:02:01 1HM6ZN-0000aK-JK <user2@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:14:39 1HM6lf-0000hq-4x <user3@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:31:31 1HM71z-0000rC-Qm <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:42:12 1HM7CJ-0000xC-Ss <user4@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:42:14 1HM7CM-0000xN-HD <user1@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
2007-02-27 18:42:19 1HM7CR-0000xX-4h <user2@???>:
sa_spamcheck transport output: An error was detected while processing a
file of BSMTP input.
============================================================

Do you know what is happening here? Do i need to adjust some config due
to the upgrade?

My current exim config (which worked fine with "3.0.3-2sarge1") is as
follows:

Router:
============================================================
sa_router:
   no_verify
   check_local_user
   # When to scan a message :
   # - it isn't already flagged as spam from Spamassassin
   # - it isn't already scanned
   # - it isn't local
   # - it isn't from one internal domain user to another
   condition = "${if and { \
                         {!eq {$received_protocol}{spam-scanned}} \
                         {!eq {$received_protocol}{local}} \
                         {!eq {$sender_address_domain}{$domain}} \
                         } \
                         {1}{0}}"
   driver    = accept
   transport = sa_spamcheck
   local_parts = /etc/spamassassinUsers
============================================================


Transport:
============================================================
sa_spamcheck:
driver = pipe
command = /usr/sbin/exim4 -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/spamc
home_directory = "/tmp"
current_directory = "/tmp"
user = spamcheck
group = spamcheck
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
============================================================

Thanks in advance for any advice,
Richard.



Arthur Hagen wrote:
> On Wed, 2007-02-28 at 20:15 +0100, Renaud Allard wrote:
>> For the moment, you are using routers and transports to scan for spam.
>> This means you cannot deny mails at SMTP time. It is much better to use
>> the built in spam and antivirus scan functions.
>
> The problem with not using routers at all is that different recipients
> have different definitions of spam, and it seems quite tough to set up
> something that allows for scanning at SMTP time, while still allowing
> individual users' whitelists and special considerations.
>
> The best I've come up with is far from perfect:
>
> ...
> acl_smtp-rcpt = acl_check_rcpt
> acl_smtp_data = acl_check_data
> spamd_address = 127.0.0.1 783
> ...
> begin acl
> acl_check_rcpt:
> ...
>   accept  domains       = +local_domains
>           endpass
>           verify        = recipient
>           # Allow for user-anything@ addresses
>           set acl_m0    = ${sg{$local_part}{-.*}{}}
>           set acl_m0    = ${lookup{$acl_m0}dbm{/etc/aliases.db}}
>           set acl_m0    = ${if eq {}{$acl_m0}{nobody}{$acl_m0}}

>
>   accept  domains       = +relay_to_domains
>           endpass
>           verify        = recipient
>           set acl_m0    = nobody
> ...
> acl_check_data:
> ...
>   # Reject spam messages with score over 15
>   deny  message = Spam is not wanted here
>         spam = $acl_m0:true
>         condition = ${if >{$spam_score_int}{150}{1}{0}}

>
>   warn  spam = $acl_m0
>         message = X-Spam-Flag: YES\n\
>                   X-Spam-Score: $spam_score ($spam_bar)\n\
>                   X-Spam-Report: $spam_report\n\
>                   X-Spam-Scanned-By: $acl_m0
> ...
> (router section)
> dnslookup:
>   driver = dnslookup
>   domains = ! +local_domains
>   transport = remote_smtp
>   ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
>   headers_remove =
> X-Spam-Status:X-Spam-Flag:X-Spam-Score:X-Spam-Report:X-Spam-Scanned-By:X-Is-A-Bounce
>   no_more

>
>
> The idea is that local incoming mail gets scanned by the recipient,
> while relayed mail or mail where the recipient can't be determined gets
> scanned by the "nobody" user.
> This is far from perfect, as it will not handle aliases pointing to
> other aliases. The main problem is that when there /is/ a local
> recipient, but the above acl_m0 rules fail to determine it, the uid will
> be incorrect, and spamassassin fails to access the user's rules:
>
> Feb 27 23:55:11 myhost spamd[2382]: auto-whitelist: open of
> auto-whitelist file failed: locker: safe_lock: cannot create tmp
> lockfile /home/username/.spamassassin/auto-whitelist.lock.myhost.mydomain.com.2382 for /home/username/.spamassassin/auto-whitelist.lock: Permission denied
>
> Anyone know how to fix this, or better yet, have an alternative approach
> that does allow for per-user scanning before the mail is accepted?
>
> I already know that there is a logistical problem when there's more than
> one local recipient. It would be acceptable, but far from perfect, to
> have that kind of email scanned by just one of the users (as is what
> happens with the above) or "nobody".
>
> Regards,


-- 
Richard Hobbs (Systems Administrator)
Toshiba Research Europe Ltd. - Speech Technology Group
Email: richard.hobbs@???
Web: http://www.toshiba-europe.com/research/
Tel: +44 1223 376964        Mobile: +44 7811 803377