You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by da...@chaosreigns.com on 2014/04/08 23:37:03 UTC
Having difficulty following instructions for testing a rule
I'm using a script recommended on the wiki for running masscheck. One of
the directories it uses is ~/masscheckwork/nightly_mass_check/
Under that directory, to the file masses/spamassassin/user_prefs, I
appended:
rawbody FOUR_BLANK_LINES /\r?\n\r?\n\r?\n\r?\n/ms
(which I have successfully tested by adding it to
/etc/spamassassin/local.cf)
Then I ran this for a couple hours:
./mass-check ham:dir:$HOME/masscheckwork/ham/ spam:dir:$HOME/masscheckwork/spam/
Then:
./hit-frequencies -x -p -a > freqs
And freqs contains no evidence of my new rule. user_prefs still has that
new rule in it. I'm confident that file is in the right place.
What am I missing?
Related wiki pages:
https://wiki.apache.org/spamassassin/MassCheck
http://wiki.apache.org/spamassassin/HitFrequencies
--
"Happiness does not depend on what you have or who you are;
it solely relies on what you think."
- Zig Ziglar, Steps to the Top, p 186
http://www.ChaosReigns.com
Re: Having difficulty following instructions for testing a rule
Posted by John Hardin <jh...@impsec.org>.
On Fri, 11 Apr 2014, darxus@chaosreigns.com wrote:
> On 04/08, John Hardin wrote:
>> I think allow_user_rules needs to go into the system local.cf. If
>> the user can put it into their own private config file it offers no
>> security.
>
> That makes some sense, but didn't help.
>
> $ tail -n 1 /etc/spamassassin/local.cf
> allow_user_rules 1
>
> $ tail -n 1 spamassassin/user_prefs
> rawbody FOUR_BLANK_LINES /\r?\n\r?\n\r?\n\r?\n/ms
>
> $ grep -c FOUR_BLANK_LINES freqs
> 0
>
>> A piece of advice: put the rules into a sandbox .cf script instead.
>> You don't need to check it in, and compiling SA prior to the
>> masscheck will incorporate them into the rules.
>
> I guess I should try that. Just create a new directory under
> rulesrc/sandbox, and put a file containing the rule in it?
I think that's all. A quick scan of the code doesn't indicate it's looking
for only a specific list of user dirs under sandbox.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
USMC Rules of Gunfighting #20: The faster you finish the fight,
the less shot you will get.
-----------------------------------------------------------------------
2 days until Thomas Jefferson's 271st Birthday
Re: Having difficulty following instructions for testing a rule
Posted by da...@chaosreigns.com.
On 04/08, John Hardin wrote:
> I think allow_user_rules needs to go into the system local.cf. If
> the user can put it into their own private config file it offers no
> security.
That makes some sense, but didn't help.
$ tail -n 1 /etc/spamassassin/local.cf
allow_user_rules 1
$ tail -n 1 spamassassin/user_prefs
rawbody FOUR_BLANK_LINES /\r?\n\r?\n\r?\n\r?\n/ms
$ grep -c FOUR_BLANK_LINES freqs
0
> A piece of advice: put the rules into a sandbox .cf script instead.
> You don't need to check it in, and compiling SA prior to the
> masscheck will incorporate them into the rules.
I guess I should try that. Just create a new directory under
rulesrc/sandbox, and put a file containing the rule in it?
--
"This hurts quite a bit. Very painful."
"Think of the sensation as reassurance that you are not dead yet. What
you are feeling is life in you!" - Johnny The Homicidal Maniac
http://www.ChaosReigns.com
Re: Having difficulty following instructions for testing a rule
Posted by John Hardin <jh...@impsec.org>.
On Tue, 8 Apr 2014, darxus@chaosreigns.com wrote:
> On 04/08, John Hardin wrote:
>>> And freqs contains no evidence of my new rule. user_prefs still has that
>>> new rule in it. I'm confident that file is in the right place.
>>
>> Did you enable allow_user_rules ?
>
> I had not, but adding it didn't help.
>
> $ grep -c FOUR_BLANK_LINES freqs
> 0
>
> $ cat spamassassin/user_prefs
> bayes_auto_learn 0
> lock_method flock
> bayes_store_module Mail::SpamAssassin::BayesStore::SDBM
> use_auto_whitelist 0
> whitelist_bounce_relays example.com
> score ANY_BOUNCE_MESSAGE 0
> score BOUNCE_MESSAGE 0
> trusted_networks [redacted]
> internal_networks [redacted]
> allow_user_rules 1
> rawbody FOUR_BLANK_LINES /\r?\n\r?\n\r?\n\r?\n/ms
I think allow_user_rules needs to go into the system local.cf. If the user
can put it into their own private config file it offers no security.
A piece of advice: put the rules into a sandbox .cf script instead. You
don't need to check it in, and compiling SA prior to the masscheck will
incorporate them into the rules.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Christian martyrs don't explode. -- Marisol
-----------------------------------------------------------------------
5 days until Thomas Jefferson's 271st Birthday
Re: Having difficulty following instructions for testing a rule
Posted by da...@chaosreigns.com.
On 04/08, John Hardin wrote:
> >And freqs contains no evidence of my new rule. user_prefs still has that
> >new rule in it. I'm confident that file is in the right place.
>
> Did you enable allow_user_rules ?
I had not, but adding it didn't help.
$ grep -c FOUR_BLANK_LINES freqs
0
$ cat spamassassin/user_prefs
bayes_auto_learn 0
lock_method flock
bayes_store_module Mail::SpamAssassin::BayesStore::SDBM
use_auto_whitelist 0
whitelist_bounce_relays example.com
score ANY_BOUNCE_MESSAGE 0
score BOUNCE_MESSAGE 0
trusted_networks [redacted]
internal_networks [redacted]
allow_user_rules 1
rawbody FOUR_BLANK_LINES /\r?\n\r?\n\r?\n\r?\n/ms
--
"I'd rather be happy than right any day."
- Slartiblartfast, The Hitchhiker's Guide to the Galaxy
http://www.ChaosReigns.com
Re: Having difficulty following instructions for testing a rule
Posted by John Hardin <jh...@impsec.org>.
On Tue, 8 Apr 2014, darxus@chaosreigns.com wrote:
> I'm using a script recommended on the wiki for running masscheck. One of
> the directories it uses is ~/masscheckwork/nightly_mass_check/
>
> Under that directory, to the file masses/spamassassin/user_prefs, I
> appended:
>
> rawbody FOUR_BLANK_LINES /\r?\n\r?\n\r?\n\r?\n/ms
>
> (which I have successfully tested by adding it to
> /etc/spamassassin/local.cf)
>
> And freqs contains no evidence of my new rule. user_prefs still has that
> new rule in it. I'm confident that file is in the right place.
Did you enable allow_user_rules ?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
News flash: Lowest Common Denominator down 50 points
-----------------------------------------------------------------------
5 days until Thomas Jefferson's 271st Birthday