[SA-exim] "Couldn't get Connecting IP header X-SA-Exim-Connect-IP" error message

Discussion:

Matt Bostock

2006-12-10 23:11:15 UTC

Hello,

I'm running SA-Exim from FreeBSD ports. I think I've got everything covered but
I keep getting this in /var/log/maillog:

Dec 7 07:19:57 hostname spamd[93251]: Couldn't get Connecting IP header
X-SA-Exim-Connect-IP for message , skipping greylisting call

It's happening for every incoming message; how can I fix this?

Any help is very much appreciated.
Many thanks,
Matt

Marc MERLIN

2006-12-10 23:36:24 UTC

Permalink

Post by Matt Bostock
Hello,
I'm running SA-Exim from FreeBSD ports. I think I've got everything covered but
Dec 7 07:19:57 hostname spamd[93251]: Couldn't get Connecting IP header
X-SA-Exim-Connect-IP for message , skipping greylisting call
It's happening for every incoming message; how can I fix this?

First things first: is sa-exim running?
Do you see any SA-Exim headers in your mail?

If not, did you configure/enable SA-Exim ?

Marc

--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/

Matt Bostock

2006-12-11 05:54:50 UTC

Permalink

This post might be inappropriate. Click to display it.

Marc MERLIN

2006-12-11 15:17:50 UTC

Permalink

Post by Matt Bostock
Now here's an interesting bit - the tuplets *aren't* being written to during normal operation, but they are when I run the 'spamassassin -t D' command. I have the tuplets directory chowned to spamd:spamd and chmod 770. Should the tuplets dir be chowned to the exim user and group?

Yes. That's indicated in the docs somewhere, and you may want to file a
bug with the ports maintainer as it should be set right for you at
install time ideally.

Marc

Matt Bostock

2006-12-11 22:29:56 UTC

Permalink

Post by Marc MERLIN
Yes. That's indicated in the docs somewhere, and you may want to file a
bug with the ports maintainer as it should be set right for you at
install time ideally.

Hmmm... I chmodded /var/spool/sa-exim to 777 recursively (there are no other users on this server) just to test, and the tuplets still aren't being written. Any ideas of what might be causing this?

Much appreciated,
Matt

Magnus Holmgren

2006-12-11 23:01:09 UTC

Permalink

Post by Matt Bostock
Now here's an interesting bit - the tuplets *aren't* being written to
during normal operation, but they are when I run the 'spamassassin -t D'
command. I have the tuplets directory chowned to spamd:spamd and chmod 770.
Should the tuplets dir be chowned to the exim user and group?

Depends. If spamd is run with -u spamd, then spamd should own the tuplets dir.
If spamd runs as root and thus setuids to the calling user, then the Exim
user should own the tuplets dir. But if you get "Couldn't get Connecting IP
header X-SA-Exim-Connect-IP", something else must be the problem.

--
Magnus Holmgren ***@lysator.liu.se
(No Cc of list mail needed, thanks)

"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans

Matt Bostock

2006-12-11 23:09:29 UTC

Permalink

Post by Magnus Holmgren
Depends. If spamd is run with -u spamd, then spamd should own
the tuplets dir.
If spamd runs as root and thus setuids to the calling user,
then the Exim user should own the tuplets dir. But if you get
"Couldn't get Connecting IP header X-SA-Exim-Connect-IP",
something else must be the problem.

Thanks Magnus, that makes sense. I've got spamd running with -u spamd,
but even chmod 777 isn't working for the tuplets directory. The only
time tuplets are being created is when I run 'spamassassin -t D <
/var/spool/exim/SAtempreject/samplespam'

Best regards,
Matt

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.15.15/581 - Release Date:
09/12/2006

Matt Bostock

2006-12-22 20:25:21 UTC

Permalink

Off hand, I'm not too sure then.
Your best bet is to put some debugging prints around the
error in the perl module.
You could also take one mail you received, make sure it has
the headers, save it to disk, and run it through spamassassin
-t -D < /tmp/mail and see what happens

Hi Marc,

The plot thickens...

I've done some debugging in greylisting.pm and have it set to print out
*all* headers to the logs just before it looks for X-SA-Exim-Connect-IP.
After checking the logs, it appears that the X-SA-Exim-* headers aren't
being added by the local_scan patch by the time greylisting.pm is
called. Oddly enough, although greylisting (and tuplets) aren't working,
the emails are being saved to /var/spool/exim/SA* and *do* have the
X-SA-Exim-* headers there.

Does that make sense?

Many thanks,
Matt

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.15.26/597 - Release Date:
21/12/2006

Marc MERLIN

2006-12-22 20:55:04 UTC

Permalink

Post by Matt Bostock

Hi Marc,
The plot thickens...
I've done some debugging in greylisting.pm and have it set to print out
*all* headers to the logs just before it looks for X-SA-Exim-Connect-IP.
After checking the logs, it appears that the X-SA-Exim-* headers aren't
being added by the local_scan patch by the time greylisting.pm is
called. Oddly enough, although greylisting (and tuplets) aren't working,
the emails are being saved to /var/spool/exim/SA* and *do* have the
X-SA-Exim-* headers there.
Does that make sense?

Argh, I understand what you're saying, bu tno, it does not make any sense to
me.
Off hand, I'm not sure what you're seeing, and I'm leaving on a Plane in 30mn
where I will have limited or no internet connectivity for a week.

I'm afraid I can't help right now and I don't have any great wisdom to give
you at this moment.

Marc

Matt Bostock

2006-12-22 22:00:13 UTC

Permalink

Post by Marc MERLIN
Argh, I understand what you're saying, bu tno, it does not
make any sense to me.
Off hand, I'm not sure what you're seeing, and I'm leaving on
a Plane in 30mn where I will have limited or no internet
connectivity for a week.
I'm afraid I can't help right now and I don't have any great
wisdom to give you at this moment.

Thanks anyway Marc, have a great holiday. Merry Christmas!

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.15.26/597 - Release Date:
21/12/2006

Matt Bostock

2006-12-22 23:12:59 UTC

Permalink

My bad, I had SAaddSAEheaderBeforeSA set to 0. I'm really sorry for
wasting your time.

Maybe it would be helpful to add a hint about SAaddSAEheaderBeforeSA to
greylisting.pm in the "Couldn't get Connecting IP header
X-SA-Exim-Connect-IP for message <...>" log message?

Many thanks for all of your help and have a great Christmas,
Matt

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.15.26/597 - Release Date:
21/12/2006

Marc MERLIN

2006-12-23 06:09:52 UTC

Permalink

Post by Matt Bostock
My bad, I had SAaddSAEheaderBeforeSA set to 0. I'm really sorry for
wasting your time.
Maybe it would be helpful to add a hint about SAaddSAEheaderBeforeSA to
greylisting.pm in the "Couldn't get Connecting IP header
X-SA-Exim-Connect-IP for message <...>" log message?

Oh, right those two are fundamentally incompatible.
I kind of forgot about SAaddSAEheaderBeforeSA, since I've never used it
and only added it for someone else.

I'll definitely have to add a big warning if both are enabled, as you
pointed out, they cannot work together.

Sorry about that.
Marc