You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Skip Brott <sb...@dmp.com> on 2007/07/20 16:10:10 UTC
Sa-update question
Using the recommended actions from this list, I run this:
sa-update --channelfile
/etc/mail/spamassassin/saupdate/sare-sa-update-channels.txt -D
I get this result from each channel:
[29610] dbg: gpg: gpg: Signature made Mon 04 Jun 2007 08:14:08 PM CDT using
DSA key ID 856AA88A
[29610] dbg: gpg: [GNUPG:] SIG_ID vAQaZijSKL/MKS3+hHVCDl3GfgY 2007-06-05
1181006048
[29610] dbg: gpg: [GNUPG:] GOODSIG 3C5C05EB856AA88A Daryl C. W. O'Shea
<sp...@dostech.ca>
[29610] dbg: gpg: gpg: Good signature from "Daryl C. W. O'Shea
<sp...@dostech.ca>"
[29610] dbg: gpg: [GNUPG:] VALIDSIG ABE0C8743B87262E5FB04F2B3C5C05EB856AA88A
2007-06-05 1181006048 0
[29610] dbg: gpg: [GNUPG:] TRUST_UNDEFINED
[29610] dbg: gpg: gpg: WARNING: This key is not certified with a trusted
signature!
[29610] dbg: gpg: gpg: There is no indication that the signature belongs to
the owner.
[29610] dbg: gpg: Primary key fingerprint: ABE0 C874 3B87 262E 5FB0 4F2B
3C5C 05EB 856A A88A
[29610] dbg: gpg: found signature made by key
ABE0C8743B87262E5FB04F2B3C5C05EB856AA88A
[29610] dbg: gpg: key id 856AA88A is not release trusted
error: GPG validation failed!
The update downloaded successfully, but the GPG signature verification
failed.
channel: GPG validation failed, channel failed
I assume I am not the only one who sees this error (or at least who has seen
it). Has anyone successfully addressed this? Or do you simply use the
--nogpg option when running it?
- Skip
RE: Sa-update question
Posted by Skip Brott <sb...@dmp.com>.
Steven Stern wrote:
> Did you import his key with sa-update --import his.key.file.here
Yes and I found my problem. I missed the last line where I also had to
include the --gpgkey option. I had been thinking that the --import option
took care of it, but is required both.
Re: Sa-update question
Posted by Steven Stern <su...@sterndata.com>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Skip Brott wrote:
> Using the recommended actions from this list, I run this:
>
> sa-update --channelfile
> /etc/mail/spamassassin/saupdate/sare-sa-update-channels.txt -D
>
> I get this result from each channel:
>
> [29610] dbg: gpg: gpg: Signature made Mon 04 Jun 2007 08:14:08 PM CDT
> using DSA key ID 856AA88A
> [29610] dbg: gpg: [GNUPG:] SIG_ID vAQaZijSKL/MKS3+hHVCDl3GfgY 2007-06-05
> 1181006048
> [29610] dbg: gpg: [GNUPG:] GOODSIG 3C5C05EB856AA88A Daryl C. W. O'Shea
> <sp...@dostech.ca>
> [29610] dbg: gpg: gpg: Good signature from "Daryl C. W. O'Shea
> <sp...@dostech.ca>"
> [29610] dbg: gpg: [GNUPG:] VALIDSIG
> ABE0C8743B87262E5FB04F2B3C5C05EB856AA88A 2007-06-05 1181006048 0
> [29610] dbg: gpg: [GNUPG:] TRUST_UNDEFINED
> [29610] dbg: gpg: gpg: WARNING: This key is not certified with a trusted
> signature!
> [29610] dbg: gpg: gpg: There is no indication that the signature belongs
> to the owner.
> [29610] dbg: gpg: Primary key fingerprint: ABE0 C874 3B87 262E 5FB0 4F2B
> 3C5C 05EB 856A A88A
> [29610] dbg: gpg: found signature made by key
> ABE0C8743B87262E5FB04F2B3C5C05EB856AA88A
> [29610] dbg: gpg: key id 856AA88A is not release trusted
> error: GPG validation failed!
> The update downloaded successfully, but the GPG signature verification
> failed.
> channel: GPG validation failed, channel failed
>
>
> I assume I am not the only one who sees this error (or at least who has
> seen it). Has anyone successfully addressed this? Or do you simply use
> the --nogpg option when running it?
>
> - Skip
>
Did you import his key with sa-update --import his.key.file.here
- --
Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFGoQzJeERILVgMyvARAm19AJsEcglKuytcgFS7Ro9EjseOLJ0ilQCeNUSl
LUwsW/O8YR2r1cleqOdwmDo=
=V48J
-----END PGP SIGNATURE-----
Re: Sa-update question
Posted by Gene Heskett <ge...@verizon.net>.
On Saturday 21 July 2007, Theo Van Dinter wrote:
>On Sat, Jul 21, 2007 at 05:10:49AM -0400, Daryl C. W. O'Shea wrote:
>> >Now, I can presume to delete any earlier v3xx.pre files I guess.
>>
>> No.
>
>More specifically, the other pre files load other plugins. You can never
> just assume to delete config files unless you fully know that they're not
> being used for anything.
>
>In SA's case, it reads *.pre not just v320.pre.
So I've been made to understand now, thanks. I hadn't deleted them yet
pending an affirmative answer.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Life is knowing how far to go without crossing the line.
Re: Sa-update question
Posted by Theo Van Dinter <fe...@apache.org>.
On Sat, Jul 21, 2007 at 05:10:49AM -0400, Daryl C. W. O'Shea wrote:
> >Now, I can presume to delete any earlier v3xx.pre files I guess.
> No.
More specifically, the other pre files load other plugins. You can never just
assume to delete config files unless you fully know that they're not being
used for anything.
In SA's case, it reads *.pre not just v320.pre.
--
Randomly Selected Tagline:
A gift of a flower will soon be made to you.
Re: Sa-update question
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Gene Heskett wrote:
> On Friday 20 July 2007, Richard Frovarp wrote:
>> Gene Heskett wrote:
>>> Also, how about /etc/mail/spamassassin/RuleDuJour? Can that copy of all
>>> this go away also? It is not being mentioned in the --lint -D report
>>> output.
>> That was just a staging area for RDJ and never used by spamassassin.
>> Updates were downloaded there first and then linted to make sure they
>> worked. Blow it away.
>>
>>> And finally, I assume I have to add this PDFInfo.pm to a config file
>>> someplace as its not being mentioned in the --lint -D output either. SA is
>>> 3.20, so where do I enable that?
>> Instruction are in the pm file.
>
> The only thing is, either I'm blind, or its now working. I
> edited /etc/mail/spamassassin/v320.pre intending to add it, and found it
> already there, so I re-ran the --lint -D, and it was there. So I just
> restarted spamassassin.
v320.pre has ImageInfo by default, but not PDFInfo.
> Now, I can presume to delete any earlier v3xx.pre files I guess.
No.
Daryl
Re: Sa-update question
Posted by Gene Heskett <ge...@verizon.net>.
On Friday 20 July 2007, Richard Frovarp wrote:
>Gene Heskett wrote:
>> Also, how about /etc/mail/spamassassin/RuleDuJour? Can that copy of all
>> this go away also? It is not being mentioned in the --lint -D report
>> output.
>
>That was just a staging area for RDJ and never used by spamassassin.
>Updates were downloaded there first and then linted to make sure they
>worked. Blow it away.
>
>> And finally, I assume I have to add this PDFInfo.pm to a config file
>> someplace as its not being mentioned in the --lint -D output either. SA is
>> 3.20, so where do I enable that?
>
>Instruction are in the pm file.
The only thing is, either I'm blind, or its now working. I
edited /etc/mail/spamassassin/v320.pre intending to add it, and found it
already there, so I re-ran the --lint -D, and it was there. So I just
restarted spamassassin.
Now, I can presume to delete any earlier v3xx.pre files I guess. Amazing how
this cruft collects, and many thanks to all the responders here.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
*** Topic for #redhat: ReDHaT is the answer to all your problems. It
could be the start too!
Re: Sa-update question
Posted by Richard Frovarp <Ri...@sendit.nodak.edu>.
Gene Heskett wrote:
> Also, how about /etc/mail/spamassassin/RuleDuJour? Can that copy of all this
> go away also? It is not being mentioned in the --lint -D report output.
>
>
That was just a staging area for RDJ and never used by spamassassin.
Updates were downloaded there first and then linted to make sure they
worked. Blow it away.
>
> And finally, I assume I have to add this PDFInfo.pm to a config file someplace
> as its not being mentioned in the --lint -D output either. SA is 3.20, so
> where do I enable that?
>
>
Instruction are in the pm file.
Re: Sa-update question
Posted by Gene Heskett <ge...@verizon.net>.
On Friday 20 July 2007, Richard Frovarp wrote:
>Gene Heskett wrote:
>> On Friday 20 July 2007, Richard Frovarp wrote:
>>> Skip Brott wrote:
>>>> I ran with the --nogpg option and was able to get all the files to
>>>> download. Yay! But do I really want to run it that way?
>>>>
>>>> And on that note, how does SA know where to find the .cf files in
>>>> /var/lib/spamassassin? Does it see subfolders and load the .cf files
>>>> from there? Or do those downloaded updates automatically replace my
>>>> .cf files in /etc/mail/spamassassin, where I have always kept my rules?
>>>>
>>>> - Skip
>>>
>>> What instructions were you following? It doesn't appear that you
>>> followed them completely. You need a --gpgkey config switch in there.
>>>
>>> /etc/mail/spamassassin always overrules anything else located anywhere
>>> else. SA knows perfectly well how to load the files from
>>> /var/lib/spamassassin. So long as sa-update runs, you have nothing to
>>> worry about. If you have any duplicates in /var/lib/spamassassin and
>>> /etc/mail/spamassassin, the ones in /etc/mail will override those in
>>> /var. So get rid of the duplicate rules in /etc, as those under /var are
>>> the ones being updated.
>>
>> If this is so, and it appears to be, then why did I just repeat an
>> lsof|grep spamd every second for 2 cycles of my mail fetching activities
>> without ever seeing spamd have a file open in /var/lib/spamassassin?
>>
>> Where is this configured, and I'll fix it.
>>
>> Yes, the ones in /var are being updated by sa-update whereas the ones in
>> /etc are not, but if its using them, I'd have to assume they would show up
>> in an lsof. They do not, here on a fully up2date FC6 install.
>>
>> In fact, I have 3 subtrees in /var/lib/spamassassin:
>> 3.001007 3.002000 3.002001
>> each of which appears to contain >95% dups, with differing file dates,
>> with the most recent being dated July 16 in the 3.002001 tree.
>>
>> Can I safely delete the earlier dated trees?
>
>Because the files aren't open? spamd would read the files in, store the
>contents in memory, and then close the buffer to the file upon startup.
>
>spamassassin --lint -D will tell you what rule files it's reading in.
>You should see them there.
>
>Those trees refer to the version number of SA. If you are only running
>3.2.1, then the other trees can go away.
Thanks, they will. About 20 megs of them.
Although the output of spamassassin --lint -D was very verbose, and it would
tend to confirm that I can remove the dups in /etc/mail/spamassassin, it also
noted that Fast.pm could not be found, but its presently in, according to a
locate:
[root@coyote saupdates_openprotect_com]# locate Fast.pm
/root/.cpan/build/IP-Country-2.20/blib/lib/IP/Country/Fast.pm
/root/.cpan/build/IP-Country-2.20/lib/IP/Country/Fast.pm
Where should I copy it to to assure it will be found by SA? For grins, I
copied /root/.cpan/build/IP-Country-2.20/lib/IP/Country/Fast.pm
to /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/Plugin/
and reran the --lint -D check, but the error persists:
[21359] dbg: diag: module not installed: IP::Country::Fast ('require' failed)
So where should it be copied to?
Better yet, have smart install perl-IP-Country, fixed that right up.
Also, how about /etc/mail/spamassassin/RuleDuJour? Can that copy of all this
go away also? It is not being mentioned in the --lint -D report output.
Also, /var/lib/spamassassin also has an empty subdir ".spamassassin" in it.
Does it have a use?
And finally, I assume I have to add this PDFInfo.pm to a config file someplace
as its not being mentioned in the --lint -D output either. SA is 3.20, so
where do I enable that?
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
We have ears, earther...FOUR OF THEM!
Re: Sa-update question
Posted by Richard Frovarp <Ri...@sendit.nodak.edu>.
Gene Heskett wrote:
> On Friday 20 July 2007, Richard Frovarp wrote:
>
>> Skip Brott wrote:
>>
>>> I ran with the --nogpg option and was able to get all the files to
>>> download. Yay! But do I really want to run it that way?
>>>
>>> And on that note, how does SA know where to find the .cf files in
>>> /var/lib/spamassassin? Does it see subfolders and load the .cf files
>>> from there? Or do those downloaded updates automatically replace my
>>> .cf files in /etc/mail/spamassassin, where I have always kept my rules?
>>>
>>> - Skip
>>>
>> What instructions were you following? It doesn't appear that you
>> followed them completely. You need a --gpgkey config switch in there.
>>
>> /etc/mail/spamassassin always overrules anything else located anywhere
>> else. SA knows perfectly well how to load the files from
>> /var/lib/spamassassin. So long as sa-update runs, you have nothing to
>> worry about. If you have any duplicates in /var/lib/spamassassin and
>> /etc/mail/spamassassin, the ones in /etc/mail will override those in
>> /var. So get rid of the duplicate rules in /etc, as those under /var are
>> the ones being updated.
>>
>
> If this is so, and it appears to be, then why did I just repeat an lsof|grep
> spamd every second for 2 cycles of my mail fetching activities without ever
> seeing spamd have a file open in /var/lib/spamassassin?
>
> Where is this configured, and I'll fix it.
>
> Yes, the ones in /var are being updated by sa-update whereas the ones in /etc
> are not, but if its using them, I'd have to assume they would show up in an
> lsof. They do not, here on a fully up2date FC6 install.
>
> In fact, I have 3 subtrees in /var/lib/spamassassin:
> 3.001007 3.002000 3.002001
> each of which appears to contain >95% dups, with differing file dates, with
> the most recent being dated July 16 in the 3.002001 tree.
>
> Can I safely delete the earlier dated trees?
>
>
Because the files aren't open? spamd would read the files in, store the
contents in memory, and then close the buffer to the file upon startup.
spamassassin --lint -D will tell you what rule files it's reading in.
You should see them there.
Those trees refer to the version number of SA. If you are only running
3.2.1, then the other trees can go away.
Re: Sa-update question
Posted by Gene Heskett <ge...@verizon.net>.
On Friday 20 July 2007, Richard Frovarp wrote:
>Skip Brott wrote:
>> I ran with the --nogpg option and was able to get all the files to
>> download. Yay! But do I really want to run it that way?
>>
>> And on that note, how does SA know where to find the .cf files in
>> /var/lib/spamassassin? Does it see subfolders and load the .cf files
>> from there? Or do those downloaded updates automatically replace my
>> .cf files in /etc/mail/spamassassin, where I have always kept my rules?
>>
>> - Skip
>
>What instructions were you following? It doesn't appear that you
>followed them completely. You need a --gpgkey config switch in there.
>
>/etc/mail/spamassassin always overrules anything else located anywhere
>else. SA knows perfectly well how to load the files from
>/var/lib/spamassassin. So long as sa-update runs, you have nothing to
>worry about. If you have any duplicates in /var/lib/spamassassin and
>/etc/mail/spamassassin, the ones in /etc/mail will override those in
>/var. So get rid of the duplicate rules in /etc, as those under /var are
>the ones being updated.
If this is so, and it appears to be, then why did I just repeat an lsof|grep
spamd every second for 2 cycles of my mail fetching activities without ever
seeing spamd have a file open in /var/lib/spamassassin?
Where is this configured, and I'll fix it.
Yes, the ones in /var are being updated by sa-update whereas the ones in /etc
are not, but if its using them, I'd have to assume they would show up in an
lsof. They do not, here on a fully up2date FC6 install.
In fact, I have 3 subtrees in /var/lib/spamassassin:
3.001007 3.002000 3.002001
each of which appears to contain >95% dups, with differing file dates, with
the most recent being dated July 16 in the 3.002001 tree.
Can I safely delete the earlier dated trees?
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
"A radioactive cat has eighteen half-lives."
Re: Sa-update question
Posted by Richard Frovarp <Ri...@sendit.nodak.edu>.
Skip Brott wrote:
> I ran with the --nogpg option and was able to get all the files to
> download. Yay! But do I really want to run it that way?
>
> And on that note, how does SA know where to find the .cf files in
> /var/lib/spamassassin? Does it see subfolders and load the .cf files
> from there? Or do those downloaded updates automatically replace my
> .cf files in /etc/mail/spamassassin, where I have always kept my rules?
>
> - Skip
What instructions were you following? It doesn't appear that you
followed them completely. You need a --gpgkey config switch in there.
/etc/mail/spamassassin always overrules anything else located anywhere
else. SA knows perfectly well how to load the files from
/var/lib/spamassassin. So long as sa-update runs, you have nothing to
worry about. If you have any duplicates in /var/lib/spamassassin and
/etc/mail/spamassassin, the ones in /etc/mail will override those in
/var. So get rid of the duplicate rules in /etc, as those under /var are
the ones being updated.
RE: Sa-update question
Posted by Skip Brott <sb...@dmp.com>.
I ran with the --nogpg option and was able to get all the files to download.
Yay! But do I really want to run it that way?
And on that note, how does SA know where to find the .cf files in
/var/lib/spamassassin? Does it see subfolders and load the .cf files from
there? Or do those downloaded updates automatically replace my .cf files in
/etc/mail/spamassassin, where I have always kept my rules?
- Skip