You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by mls <ml...@xlist.pw> on 2015/01/18 13:18:51 UTC
Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Hi,
I am seeing more and more emails that cause the following PERL warnings when
scanned with spamassassin
Jan 17 08:00:12.091 [2891] warn: rules: failed to compile
Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping:
Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while
running with -T switch at (eval 1037) line 9.
Jan 17 08:00:12.091 [2891] warn: BEGIN failed--compilation aborted at (eval
1037) line 9.)
Jan 17 08:00:12.118 [2891] warn: rules: failed to compile
Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping:
Jan 17 08:00:12.118 [2891] warn: (Insecure dependency in require while
running with -T switch at (eval 1038) line 9.
Jan 17 08:00:12.118 [2891] warn: BEGIN failed--compilation aborted at (eval
1038) line 9.)
Jan 17 08:00:12.142 [2891] warn: rules: failed to compile
Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping:
Jan 17 08:00:12.143 [2891] warn: (Insecure dependency in require while
running with -T switch at (eval 1039) line 9.
Jan 17 08:00:12.143 [2891] warn: BEGIN failed--compilation aborted at (eval
1039) line 9.)
Jan 17 08:00:12.163 [2891] warn: rules: failed to compile
Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping:
Jan 17 08:00:12.164 [2891] warn: (Insecure dependency in require while
running with -T switch at (eval 1040) line 9.
Jan 17 08:00:12.164 [2891] warn: BEGIN failed--compilation aborted at (eval
1040) line 9.)
Jan 17 08:00:12.237 [2891] warn: plugin: eval failed: Timeout::_run: Insecure
dependency in eval while running with -T switch at
/usr/share/perl5/Mail/SpamAssassin/PerMsgStatus.pm line 2436.)
Is there a mitigation for this issue? I am retrieving mails with getmail and
the delivery is done by maildrop. In a maildrop filter I am calling SA that due
to the warnings above does not terminate with an exit code of 0. maildrop
returns back an error to getmail that then stops retrieving emails .
Thanks & regards,
mls
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by Benny Pedersen <me...@junc.eu>.
On 21. jan. 2015 22.57.37 mls <ml...@xlist.pw> wrote:
> On Tuesday 20 January 2015 18:30:18 Mark Martinec wrote:
> > If not in v320.pre then it must be in some other .pre file.
> > As Benny Pedersen noted your log shows that this plugin is enabled.
> > Perhaps in /etc/spamassassin/sa-compile.pre .
> The Rule2XSBody plugin is loaded on ubuntu in sa-compile.pre. After commenting
> it out the issue no longer happened.
>
> Thanks mls
report this as a bug on lunchpad, no need to thank me for not using ubuntu :)
note maintainers should not create new pre file if the loadplugin exists in
other pre file, so good to know there is problem with that plugin other
then just another loadplugin, both things should be resolved in lunchpad if
possible unless its a unkonwn sa bug
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by mls <ml...@xlist.pw>.
On Tuesday 20 January 2015 18:30:18 Mark Martinec wrote:
> If not in v320.pre then it must be in some other .pre file.
> As Benny Pedersen noted your log shows that this plugin is enabled.
> Perhaps in /etc/spamassassin/sa-compile.pre .
The Rule2XSBody plugin is loaded on ubuntu in sa-compile.pre. After commenting
it out the issue no longer happened.
Thanks mls
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by Mark Martinec <Ma...@ijs.si>.
mls wrote:
> The Rule2XSBody plugin is loaded on ubuntu in sa-compile.pre.
> After commenting it out the issue no longer happened.
Great, that is an important finding!
Benny Pedersen wrote:
> warn dont use cpan direct in ubuntu, you will break dependice, and
> later ask why does it not work
>
> if you like to use cpan, then remove perl complete first then install
> perl with make, make install, then when perl is installed in
> /usr/local tree then begin installing all needed perl modules you need
> with a cpan shell as documented
>
> dont mix repo managers, if ubuntu miss something report to lunchpad
An alternative is to try it under perlbrew
http://perlbrew.pl/
http://search.cpan.org/~gugod/App-perlbrew-0.72/bin/perlbrew
It installs any chosen version of perl locally in your home directory,
not touching anything on the system. You need to install necessary
SpamAssassin dependencies inside the perlbrew context as well (e.g.
using the cpan installation command, which will automatically track
the necessary dependencies). All the 'installed' modules will be
located inside the perlbrew subdirectory.
Mark
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by Benny Pedersen <me...@junc.eu>.
On 21. jan. 2015 22.58.32 mls <ml...@xlist.pw> wrote:
> On Tuesday 20 January 2015 20:17:57 Mark Martinec wrote:
> > It may be worth trying with the current trunk version from SVN
> > (a would-be-3.4.1), as Kevin suggested, so that we'd be on the same
> > page.
> >
> >
> > http://wiki.apache.org/spamassassin/DevelopmentStuff :
> >
> > The code itself is maintained in a Subversion repository
> > $ svn checkout https://svn.apache.org/repos/asf/spamassassin/trunk
> >
> > followed by the usual CPAN install:
> > perl Makefile.PL; make; make test; make install
> > sa-update
> Thanks, will try that out.
>
> mls
warn dont use cpan direct in ubuntu, you will break dependice, and later
ask why does it not work
if you like to use cpan, then remove perl complete first then install perl
with make, make install, then when perl is installed in /usr/local tree
then begin installing all needed perl modules you need with a cpan shell as
documented
dont mix repo managers, if ubuntu miss something report to lunchpad
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by mls <ml...@xlist.pw>.
On Tuesday 20 January 2015 20:17:57 Mark Martinec wrote:
> It may be worth trying with the current trunk version from SVN
> (a would-be-3.4.1), as Kevin suggested, so that we'd be on the same
> page.
>
>
> http://wiki.apache.org/spamassassin/DevelopmentStuff :
>
> The code itself is maintained in a Subversion repository
> $ svn checkout https://svn.apache.org/repos/asf/spamassassin/trunk
>
> followed by the usual CPAN install:
> perl Makefile.PL; make; make test; make install
> sa-update
Thanks, will try that out.
mls
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by Mark Martinec <Ma...@ijs.si>.
> Jan 20 08:16:11.048 [18848] dbg: bayes: found bayes db version 3
> Jan 20 08:16:11.049 [18848] warn: plugin: eval failed: Insecure
> dependency in sprintf
> while running with -T switch at
> /usr/share/perl5/Mail/SpamAssassin/Logger.pm line 241.
> Jan 20 08:16:11.050 [18848] dbg: config: score set 1 chosen.
[...]
> Jan 20 08:16:11.068 [18848] dbg: plugin:
> Mail::SpamAssassin::Plugin::DNSEval=HASH(0xae42840)
> implements 'check_start', priority 0
> Jan 20 08:16:11.081 [18848] warn: plugin: eval failed: Insecure
> dependency in sprintf
> while running with -T switch at
> /usr/share/perl5/Mail/SpamAssassin/Logger.pm line 241.
Btw, the fix for your first two cases of 'Insecure dependency in
sprintf'
for SpamAssassin 3.4.0 is in:
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=7065#c1
It is unrelated to the 'Insecure dependency in require' further down,
which is the topic of this thread.
The RedHat bug report as pointed out by Kevin A. McGrail is intriguing,
as I don't see how it was resolved (just says 'upgraded').
It may be worth trying with the current trunk version from SVN
(a would-be-3.4.1), as Kevin suggested, so that we'd be on the same
page.
http://wiki.apache.org/spamassassin/DevelopmentStuff :
The code itself is maintained in a Subversion repository
$ svn checkout https://svn.apache.org/repos/asf/spamassassin/trunk
followed by the usual CPAN install:
perl Makefile.PL; make; make test; make install
sa-update
Mark
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by Mark Martinec <Ma...@ijs.si>.
mls wrote:
>> Search for 'rules: INC:' in the resulting debug output.
>> Is any of the reported elements reported as tainted (with an 'Y') ?
> I don't see tainted elements. But please check here:
> http://paste2.org/HzINJUwL
Thanks. Strange...
>> Does the problem go away if you disable the Rule2XSBody plugin,
>> i.e. by commenting-out a line:
>> loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody
>> in one of the .pre config files (probably in v320.pre) ?
> My mailserver runs on ubuntu 14.04 and Rule2XSBody is commented out by
> default
> in /etc/spamassassin/v320.pre
If not in v320.pre then it must be in some other .pre file.
As Benny Pedersen noted your log shows that this plugin is enabled.
Perhaps in /etc/spamassassin/sa-compile.pre .
Mark
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by Benny Pedersen <me...@junc.eu>.
mls skrev den 2015-01-20 08:52:
> http://paste2.org/HzINJUwL
> My mailserver runs on ubuntu 14.04 and Rule2XSBody is commented out by
> default
> in /etc/spamassassin/v320.pre
see line 88 in the above url ?
and you miss running local nameserver as you are URIBL_BLOCKED
http://serverfault.com/questions/637334/uribl-blocked-despite-caching-nameserver
note the user there is not uribl blocked since he get other results then
127.0.0.255
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by mls <ml...@xlist.pw>.
On Tuesday 20 January 2015 04:44:01 Mark Martinec wrote:
> Thanks. Seems like the array @INC contains a tainted element,
> don't know why.
>
> Try inserting the following two lines:
>
> use Scalar::Util qw(tainted);
> dbg("rules: INC: %s", join(", ", map("$_: ".(tainted($_)?'Y':'n'),
> @INC)));
>
> right before the debug line which you commented out previously.
> (that debug line is no longer needed, it may be commented-out again).
>
> Search for 'rules: INC:' in the resulting debug output.
> Is any of the reported elements reported as tainted (with an 'Y') ?
I don't see tainted elements. But please check here:
http://paste2.org/HzINJUwL
> Does the problem go away if you disable the Rule2XSBody plugin,
> i.e. by commenting-out a line:
> loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody
> in one of the .pre config files (probably in v320.pre) ?
My mailserver runs on ubuntu 14.04 and Rule2XSBody is commented out by default
in /etc/spamassassin/v320.pre
Regards,
mls
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by Mark Martinec <Ma...@ijs.si>.
> Please find the output here:
> http://paste2.org/KNtnHHbv
Thanks. Seems like the array @INC contains a tainted element,
don't know why.
Try inserting the following two lines:
use Scalar::Util qw(tainted);
dbg("rules: INC: %s", join(", ", map("$_: ".(tainted($_)?'Y':'n'),
@INC)));
right before the debug line which you commented out previously.
(that debug line is no longer needed, it may be commented-out again).
Search for 'rules: INC:' in the resulting debug output.
Is any of the reported elements reported as tainted (with an 'Y') ?
Does the problem go away if you disable the Rule2XSBody plugin,
i.e. by commenting-out a line:
loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody
in one of the .pre config files (probably in v320.pre) ?
Mark
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by mls <ml...@xlist.pw>.
On Monday 19 January 2015 18:42:54 Mark Martinec wrote:
> In Mail/SpamAssassin/Plugin/Check.pm near line 453 (version 3.4.0)
> (i.e. in sub flush_evalstr) there is a commented-out debug line:
>
> # dbg("rules: eval code(2): %s", $self->{evalstr});
>
> Try uncommenting it and enable debugging (option '-D rules'
> in spamd or in a command-line spamassassin, or '-d rules'
> in amavisd). Let's see what was the code that the eval()
> was trying to compile.
>
> Mark
Thanks for your help.
Please find the output here:
http://paste2.org/KNtnHHbv
mls
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by Mark Martinec <Ma...@ijs.si>.
Klaus wrote:
> Thanks. I am running SA version 3.4.0.
> Jan 17 08:00:12.091 [2891] warn: rules: failed to compile
> Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping:
> Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require
> while running with -T switch at (eval 1037) line 9.
In Mail/SpamAssassin/Plugin/Check.pm near line 453 (version 3.4.0)
(i.e. in sub flush_evalstr) there is a commented-out debug line:
# dbg("rules: eval code(2): %s", $self->{evalstr});
Try uncommenting it and enable debugging (option '-D rules'
in spamd or in a command-line spamassassin, or '-d rules'
in amavisd). Let's see what was the code that the eval()
was trying to compile.
Mark
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping: Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running with -T switch at (eval 1037) line 9
Posted by mls <ml...@xlist.pw>.
On Sunday 18 January 2015 08:46:47 Kevin A. McGrail wrote:
> Based on a quick search, this page leads me to believe it's fixed in a
> newer version of SA:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1141695
>
> Regards,
> KAM
Thanks. I am running SA verion 3.4.0. According to the spamassassin.apache.org
this is the latest stable version available. Unfortunately the links to trunk
on https://wiki.apache.org/spamassassin/DownloadFromSvn does not work. Does
anyone know which commit resolved this issue?
Regards,
Klaus
Re: Mail::SpamAssassin::Plugin::Check::_head_tests_0_1, skipping:
Jan 17 08:00:12.091 [2891] warn: (Insecure dependency in require while running
with -T switch at (eval 1037) line 9
Posted by "Kevin A. McGrail" <KM...@PCCC.com>.
On 1/18/2015 7:18 AM, mls wrote:
> I am seeing more and more emails that cause the following PERL warnings when
> scanned with spamassassin
Based on a quick search, this page leads me to believe it's fixed in a
newer version of SA:
https://bugzilla.redhat.com/show_bug.cgi?id=1141695
Regards,
KAM