You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Wolfgang Zeikat <wo...@desy.de> on 2007/07/12 16:05:30 UTC
Errors with PDFInfo.pm
Hi,
On 07/12/07 15:39, Robert Schetterer wrote:
> Hi, @ll
> the newest version of pdfinfo plugin
> matched some new pdf spam right now
>
> * 2.0 GMD_PDF_FUZZY2_T3 BODY: Fuzzy MD5 Match
> * 3D4E25DE4A05695681D694716D579474
>
yes it does that here too in SA 3.1.8, but I get errors like:
Jul 12 15:59:53 spamlock3 spamd[13136]: Use of uninitialized value in
concatenation (.) or string at /etc/mail/spamassassin/PDFInfo.pm line
300, <GEN394> line 532.
Jul 12 15:59:53 spamlock3 spamd[13136]: Use of uninitialized value in
concatenation (.) or string at /etc/mail/spamassassin/PDFInfo.pm line
261, <GEN394> line 532.
Jul 12 15:59:53 spamlock3 spamd[13136]: Use of uninitialized value in
concatenation (.) or string at /etc/mail/spamassassin/PDFInfo.pm line
262, <GEN394> line 532.
I noticed that some of the latest pdf spam mails do not contain a
filename in the mime headers, could that be a reason for the above
behaviour?
Can I debug that closer to see what's going wrong?
Cheers,
wolfgang
Re: Errors with PDFInfo.pm
Posted by Wolfgang Zeikat <wo...@desy.de>.
Hi Dallas,
On 07/17/07 15:17, Dallas Engelken wrote:
> Wolfgang Zeikat wrote:
>> Line 272 is (after the earlier changes):
>> dbg("pdfinfo: MD5 results for ".($name ? $name : '')." - md5=$md5
>> fuzzy1=$fuzzy_md5 fuzzy2=$tags_md5");
>>
>> Line 283 is:
>> $pms->{pdfinfo}->{fuzzy_md5}->{$tags_md5} = 1;
>>
>
> I'd say $tags_md5 is undef then.... which is odd because if it made it
> that far, then the message has a pdf in it.... and all pdfs have tag
> structures.
as far as I can tell from our logs, there are not necessarily pdf's
involved each time the warnings occur.
>
> Got samples that make that warn appear?
Yup, I have found one sample with pdf that triggers the warnings, I will
send it to you off list.
Thanks and best regards,
wolfgang
Re: Errors with PDFInfo.pm
Posted by Dallas Engelken <da...@uribl.com>.
Wolfgang Zeikat wrote:
> Hello again,
>
> On 07/12/07 16:22, Dallas Engelken wrote:
>> Wolfgang Zeikat wrote:
>>> I noticed that some of the latest pdf spam mails do not contain a
>>> filename in the mime headers, could that be a reason for the above
>>> behaviour?
>>
>>
>> Possibly, but seeing that line 300 is just a dbg() line itself, you
>> can either comment it out, or change it to something that will not
>> through a warn.
>>
>> # dbg("pdfinfo: found part, type=$type file=$name cte=$cte");
>> dbg("pdfinfo: found part, type=".($type ? $type : '')."
>> file=".($name ? $name : '')." cte=".($cte ? $cte : '')."");
>>
>
> Thanks, that fixed those. Lately, I see a lot of:
> Jul 17 14:27:10 spamlock2 spamd[9786]: Use of uninitialized value in
> concatenation (.) or string at /etc/mail/spamassassin/PDFInfo.pm line
> 272, <GEN25171> line 1579.
> Jul 17 14:27:10 spamlock2 spamd[9786]: Use of uninitialized value in
> hash element at /etc/mail/spamassassin/PDFInfo.pm line 283, <GEN25171>
> line 1579.
>
> Line 272 is (after the earlier changes):
> dbg("pdfinfo: MD5 results for ".($name ? $name : '')." - md5=$md5
> fuzzy1=$fuzzy_md5 fuzzy2=$tags_md5");
>
> Line 283 is:
> $pms->{pdfinfo}->{fuzzy_md5}->{$tags_md5} = 1;
>
I'd say $tags_md5 is undef then.... which is odd because if it made it
that far, then the message has a pdf in it.... and all pdfs have tag
structures.
Got samples that make that warn appear?
--
Dallas Engelken
dallase@uribl.com
http://uribl.com
Re: Errors with PDFInfo.pm
Posted by Wolfgang Zeikat <wo...@desy.de>.
Hello again,
On 07/12/07 16:22, Dallas Engelken wrote:
> Wolfgang Zeikat wrote:
>> I noticed that some of the latest pdf spam mails do not contain a
>> filename in the mime headers, could that be a reason for the above
>> behaviour?
>
>
> Possibly, but seeing that line 300 is just a dbg() line itself, you can
> either comment it out, or change it to something that will not through a
> warn.
>
> # dbg("pdfinfo: found part, type=$type file=$name cte=$cte");
> dbg("pdfinfo: found part, type=".($type ? $type : '')." file=".($name
> ? $name : '')." cte=".($cte ? $cte : '')."");
>
Thanks, that fixed those. Lately, I see a lot of:
Jul 17 14:27:10 spamlock2 spamd[9786]: Use of uninitialized value in
concatenation (.) or string at /etc/mail/spamassassin/PDFInfo.pm line
272, <GEN25171> line 1579.
Jul 17 14:27:10 spamlock2 spamd[9786]: Use of uninitialized value in
hash element at /etc/mail/spamassassin/PDFInfo.pm line 283, <GEN25171>
line 1579.
Line 272 is (after the earlier changes):
dbg("pdfinfo: MD5 results for ".($name ? $name : '')." - md5=$md5
fuzzy1=$fuzzy_md5 fuzzy2=$tags_md5");
Line 283 is:
$pms->{pdfinfo}->{fuzzy_md5}->{$tags_md5} = 1;
Regards,
wolfgang
Re: Errors with PDFInfo.pm
Posted by Dallas Engelken <da...@uribl.com>.
Wolfgang Zeikat wrote:
> Hi,
>
> On 07/12/07 15:39, Robert Schetterer wrote:
>
> > Hi, @ll
> > the newest version of pdfinfo plugin
> > matched some new pdf spam right now
> >
> > * 2.0 GMD_PDF_FUZZY2_T3 BODY: Fuzzy MD5 Match
> > * 3D4E25DE4A05695681D694716D579474
> >
>
> yes it does that here too in SA 3.1.8, but I get errors like:
>
> Jul 12 15:59:53 spamlock3 spamd[13136]: Use of uninitialized value in
> concatenation (.) or string at /etc/mail/spamassassin/PDFInfo.pm line
> 300, <GEN394> line 532.
> Jul 12 15:59:53 spamlock3 spamd[13136]: Use of uninitialized value in
> concatenation (.) or string at /etc/mail/spamassassin/PDFInfo.pm line
> 261, <GEN394> line 532.
> Jul 12 15:59:53 spamlock3 spamd[13136]: Use of uninitialized value in
> concatenation (.) or string at /etc/mail/spamassassin/PDFInfo.pm line
> 262, <GEN394> line 532.
>
> I noticed that some of the latest pdf spam mails do not contain a
> filename in the mime headers, could that be a reason for the above
> behaviour?
Possibly, but seeing that line 300 is just a dbg() line itself, you can
either comment it out, or change it to something that will not through a
warn.
# dbg("pdfinfo: found part, type=$type file=$name cte=$cte");
dbg("pdfinfo: found part, type=".($type ? $type : '')."
file=".($name ? $name : '')." cte=".($cte ? $cte : '')."");
Thanks,
--
Dallas Engelken
dallase@uribl.com
http://uribl.com