Discussion:
[SA-exim] Greylisting problem
Andrew Hutchings
2006-11-30 13:56:39 UTC
Permalink
Hi,

I have just setup sa-exim on my Ubuntu Dapper based server.
I have set:
SApermreject: 12.0
SAtempreject: 3.5
SAgreylistraisetempreject: 6.0

And done the necessary to setup greylisting in Spamassassin. However
tuplets only seem to be getting added when whitelisting. Instead of
greylisting it is just temp rejecting.

Can you think of anything I might have missed?

Regards
Andrew
- --
Andrew Hutchings (A-Wing) - Linux Jedi
A-Wing Internet Services - www.a-wing.co.uk
Windows is the path to the darkside...Windows leads to Blue Screen. Blue
Screen leads to downtime. Downtime leads to suffering...I sense much
Windows in you.
Marc MERLIN
2006-11-30 15:24:09 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I have just setup sa-exim on my Ubuntu Dapper based server.
SApermreject: 12.0
SAtempreject: 3.5
SAgreylistraisetempreject: 6.0
And done the necessary to setup greylisting in Spamassassin. However
tuplets only seem to be getting added when whitelisting. Instead of
greylisting it is just temp rejecting.
Can you think of anything I might have missed?
I'm not sure what you mean: are you saying that greylisting is never able to
write tuplets, and therefore mails always get temprejected?
If so, check your permissions on disk, and your exim/spamassassin logs to
see why spamassassin doesn't have perms to write in
/var/spool/sa-exim/tuplets/

Marc
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/
Andrew Hutchings
2006-11-30 15:36:51 UTC
Permalink
Post by Marc MERLIN
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I have just setup sa-exim on my Ubuntu Dapper based server.
SApermreject: 12.0
SAtempreject: 3.5
SAgreylistraisetempreject: 6.0
And done the necessary to setup greylisting in Spamassassin. However
tuplets only seem to be getting added when whitelisting. Instead of
greylisting it is just temp rejecting.
Can you think of anything I might have missed?
I'm not sure what you mean: are you saying that greylisting is never able to
write tuplets, and therefore mails always get temprejected?
If so, check your permissions on disk, and your exim/spamassassin logs to
see why spamassassin doesn't have perms to write in
/var/spool/sa-exim/tuplets/
Marc
- --
Andrew Hutchings (A-Wing) - Linux Jedi
A-Wing Internet Services - www.a-wing.co.uk
Windows is the path to the darkside...Windows leads to Blue Screen. Blue
Screen leads to downtime. Downtime leads to suffering...I sense much
Windows in you.
Andrew Hutchings
2006-11-30 15:43:01 UTC
Permalink
Post by Marc MERLIN
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I have just setup sa-exim on my Ubuntu Dapper based server.
SApermreject: 12.0
SAtempreject: 3.5
SAgreylistraisetempreject: 6.0
And done the necessary to setup greylisting in Spamassassin. However
tuplets only seem to be getting added when whitelisting. Instead of
greylisting it is just temp rejecting.
Can you think of anything I might have missed?
I'm not sure what you mean: are you saying that greylisting is never able to
write tuplets, and therefore mails always get temprejected?
If so, check your permissions on disk, and your exim/spamassassin logs to
see why spamassassin doesn't have perms to write in
/var/spool/sa-exim/tuplets/
Marc
(Try again :)

Hi Marc,

Not quite, it is writing tuplets for whitelisted items (mail with a
score <3.5), but it isn't greylisting anything, just constantly temp
rejecting if >3.5 && <12 with nothing new in the tuplets.
It definitely isn't a permissions problem with /var/spool/sa-exim/tuplets/

Regards
Andrew

- --
Andrew Hutchings (A-Wing) - Linux Jedi
A-Wing Internet Services - www.a-wing.co.uk
Windows is the path to the darkside...Windows leads to Blue Screen. Blue
Screen leads to downtime. Downtime leads to suffering...I sense much
Windows in you.
Marc MERLIN
2006-11-30 16:32:59 UTC
Permalink
Post by Andrew Hutchings
Post by Marc MERLIN
I'm not sure what you mean: are you saying that greylisting is never able to
write tuplets, and therefore mails always get temprejected?
If so, check your permissions on disk, and your exim/spamassassin logs to
see why spamassassin doesn't have perms to write in
/var/spool/sa-exim/tuplets/
Marc
(Try again :)
(actually we got 3 copies :)
Post by Andrew Hutchings
Hi Marc,
Not quite, it is writing tuplets for whitelisted items (mail with a
score <3.5), but it isn't greylisting anything, just constantly temp
rejecting if >3.5 && <12 with nothing new in the tuplets.
It definitely isn't a permissions problem with /var/spool/sa-exim/tuplets/
Ah, I see.

Mmmh, beats me.
I would say turn on debugging for spamassassin, something like
spamassassin -t -D < /tmp/greylistmail
and look at the output.
If necessary, add prints in the perl module so that it gives you a clue why
it's not writing to disk when it enters the greylist code

Marc
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/
Andrew Hutchings
2006-11-30 20:02:54 UTC
Permalink
Post by Marc MERLIN
Post by Andrew Hutchings
Not quite, it is writing tuplets for whitelisted items (mail with a
score <3.5), but it isn't greylisting anything, just constantly temp
rejecting if >3.5 && <12 with nothing new in the tuplets.
It definitely isn't a permissions problem with /var/spool/sa-exim/tuplets/
Ah, I see.
Mmmh, beats me.
I would say turn on debugging for spamassassin, something like
spamassassin -t -D < /tmp/greylistmail
and look at the output.
If necessary, add prints in the perl module so that it gives you a clue why
it's not writing to disk when it enters the greylist code
Marc
After reading through the SA module code I figured out where I was going
wrong. All spam in question had no from set, and I had the option
greylistnullfrom set to 0. Unfortunately this doesn't produce any warn
or anything, it just exits gracefully, which made it very hard to debug.

So as a feature request, could this output a message to state that there
is no from set and greylistnullfrom is 0?

Regards
Andrew

- --
Andrew Hutchings (A-Wing) - Linux Jedi
A-Wing Internet Services - www.a-wing.co.uk
Windows is the path to the darkside...Windows leads to Blue Screen. Blue
Screen leads to downtime. Downtime leads to suffering...I sense much
Windows in you.
Marc MERLIN
2006-11-30 20:21:40 UTC
Permalink
Post by Andrew Hutchings
After reading through the SA module code I figured out where I was going
wrong. All spam in question had no from set, and I had the option
greylistnullfrom set to 0. Unfortunately this doesn't produce any warn
or anything, it just exits gracefully, which made it very hard to debug.
Oh, I see.
Post by Andrew Hutchings
So as a feature request, could this output a message to state that there
is no from set and greylistnullfrom is 0?
The small problem here is that spamassassin doesn't have a way to write in
the exim logs or to talk to SA-Exim.
However, it wouldn't be too hard to have the SA module put out some mail
header saying X-Greylisted: No, null from and greylistnullfrom is 0
or some such.
That said, people aren't very likely to notice that either, so I'm not sure
what makes more sense between better documentation, or that.

Marc
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/
Andrew Hutchings
2006-11-30 20:45:37 UTC
Permalink
Post by Marc MERLIN
Post by Andrew Hutchings
So as a feature request, could this output a message to state that there
is no from set and greylistnullfrom is 0?
The small problem here is that spamassassin doesn't have a way to write in
the exim logs or to talk to SA-Exim.
Indeed, sorry, I meant in the spamassassin debugging messages, as most
of Greylisting.pm does.
Post by Marc MERLIN
However, it wouldn't be too hard to have the SA module put out some mail
header saying X-Greylisted: No, null from and greylistnullfrom is 0
or some such.
That said, people aren't very likely to notice that either, so I'm not sure
what makes more sense between better documentation, or that.
I think the documentation option may be better. As well as possibly SA
debugging messages.

Maybe a documentation section on debugging problems using "spamassassin
- -t -D" and some test meassages that have the required mail headers
already set (such as the IP header).

Regards
Andrew
- --
Andrew Hutchings (A-Wing) - Linux Jedi
A-Wing Internet Services - www.a-wing.co.uk
Windows is the path to the darkside...Windows leads to Blue Screen. Blue
Screen leads to downtime. Downtime leads to suffering...I sense much
Windows in you.

Loading...