You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Matthew Yette <my...@mvnhealth.com> on 2007/07/19 20:13:49 UTC
whitelist_from with multiple recips not firing?
I am using SA 3.2.0 using SQL backend userprefs. There is a sending address that is whitelisted for an entire domain, as well as specific users on that domain. However, on the messages that come in from this whitelisted address for multiple recipients (in this case 2), the USER_IN_WHITELIST rule does not fire, and the message gets hit as spam. Is there something special that needs to be done to have it apply to multiple-recipient messages? This is my custom SQL userprefs query:
SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' OR username = _DOMAIN_ ORDER BY username ASC
Thanks!
Matt Yette
Network Analyst I
Faxton St. Lukes Healthcare
315-624-5843
myette@mvnhealth.com
<¤#/srv/gw/mvndom/wptemp/43ccc243.qm8
Re: whitelist_from with multiple recips not firing?
Posted by Duane Hill <d....@yournetplus.com>.
On Thu, 19 Jul 2007 at 15:19 -0700, sm@resistor.net confabulated:
> At 13:43 19-07-2007, Duane Hill wrote:
>> As I stated before, I can tell Postfix to feed the message through one
>> recipient at a time and can use:
>>
>> /usr/local/bin/spamc -u ${recipient}
>>
>> to tell spamc what user it will run as. Then, the SQL query works like it
>> should. I have multiple global, domain and user settings in our user level
>> set up.
>
> For a site-wide setup you would be scanning the same message multiple times.
> How about using the domain part of the address for scanning? Once you get
> the score, determine the score threshold for each of the recipients and
> deliver or reject as appropriate. From a SMTP perspective, it would be
> accept or reject all though.
If I wanted a site-wide setup, I would just remove the recipient
restriction and the username switch and let spamc use the default username
of 'spamd'.
-------
_|_
(_| |
Re: whitelist_from with multiple recips not firing?
Posted by SM <sm...@resistor.net>.
At 13:43 19-07-2007, Duane Hill wrote:
>As I stated before, I can tell Postfix to feed the message through
>one recipient at a time and can use:
>
> /usr/local/bin/spamc -u ${recipient}
>
>to tell spamc what user it will run as. Then, the SQL query works
>like it should. I have multiple global, domain and user settings in
>our user level set up.
For a site-wide setup you would be scanning the same message multiple
times. How about using the domain part of the address for
scanning? Once you get the score, determine the score threshold for
each of the recipients and deliver or reject as appropriate. From a
SMTP perspective, it would be accept or reject all though.
Regards,
-sm
Re: whitelist_from with multiple recips not firing?
Posted by Duane Hill <d....@yournetplus.com>.
On Thu, 19 Jul 2007 at 15:44 -0400, myette@mvnhealth.com confabulated:
>> I don't know that SA has a way for running messages through for each
>> individual recipient. I don't believe you can specify multiple username
>> paramenters using spamc and/or spamassassin.
>
>> Here we use Postfix and I instruct Postfix to send the message through SA
>> for each recipient. It works like a charm. Perhaps whatever you are using
>> in qmail can do the same.
>
> Thanks for the response, Duane. I would think that, even if SA has trouble dealing w/ pulling rules on messages w/ multiple recips, it would at least grab a domain-wide value?
Someone would have to correct me if I'm wrong. I believe SA, without any
extraneous development, can operate as site-wide or at the user level.
Operating as site-wide eliminates the ability at the domain and user
levels. Operating at the user level, you can have domain wide rules. This
also means the message is either going into its final route to the
individual recipient (SA being executed within a proc mail or something
similar within that account), or the message is being fed into SA for each
recipient from the MTA or other source.
As I stated before, I can tell Postfix to feed the message through one
recipient at a time and can use:
/usr/local/bin/spamc -u ${recipient}
to tell spamc what user it will run as. Then, the SQL query works like it
should. I have multiple global, domain and user settings in our user level
set up.
-------
_|_
(_| |
[Solution] Re: whitelist_from with multiple recips not firing?
Posted by Matthew Yette <my...@mvnhealth.com>.
>>> "Matthew Yette" <my...@mvnhealth.com> 7/20/2007 8:24 AM >>>
>>> "Daryl C. W. O'Shea" <sp...@dostech.ca> 7/19/2007 4:51 PM >>>
>You would have to get the calling software to pass as the username
>either (i) something like @example.com; or (ii) a non-existent account
>at the domain.
>Get it to do that and you'll see the results you want. SA will be happy
>with it... I do the same in my own milter.
Twas a qmail-scanner setting.
# st: Enable or diasable scanner per domain (1/0)
my $settings_pd='1';
Need to make sure that's set to 1. Then run qmail-scanner-queue.pl -p
Thanks gang!
<¤#/srv/gw/mvndom/wptemp/43ccc243.qm8
Re: whitelist_from with multiple recips not firing?
Posted by Matthew Yette <my...@mvnhealth.com>.
>>> "Daryl C. W. O'Shea" <sp...@dostech.ca> 7/19/2007 4:51 PM >>>
>You would have to get the calling software to pass as the username
>either (i) something like @example.com; or (ii) a non-existent account
>at the domain.
>Get it to do that and you'll see the results you want. SA will be happy
>with it... I do the same in my own milter.
Oddly enough, global and domain-wide preferences apply just fine. For example, a message addressed to user@domain.com from user@sender.com will be whitelisted if the username "domain.com" contains a whitelist_from *@sender.com. So there's the domain-wide setting. Same goes for the global as well. It only ignores the site-wide preference (and user-specific, for that matter) when an incoming message has multiple recipients. It still uses the global, however, and that's how I've been able to get around this problem thus far, even though I'd rather not kludge it like that.
I am using qmail-scanner 1.25st. Do you think its related to how q-s calls SA and how it breaks out multi-recipient messages to the scanner?
<¤#/srv/gw/mvndom/wptemp/43ccc243.qm8
Re: whitelist_from with multiple recips not firing?
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Matthew Yette wrote:
> >I don't know that SA has a way for running messages through for each
> >individual recipient. I don't believe you can specify multiple username
> >paramenters using spamc and/or spamassassin.
>
> >Here we use Postfix and I instruct Postfix to send the message through SA
> >for each recipient. It works like a charm. Perhaps whatever you are using
> >in qmail can do the same.
>
> Thanks for the response, Duane. I would think that, even if SA has
> trouble dealing w/ pulling rules on messages w/ multiple recips, it
> would at least grab a domain-wide value?
You would have to get the calling software to pass as the username
either (i) something like @example.com; or (ii) a non-existent account
at the domain.
Get it to do that and you'll see the results you want. SA will be happy
with it... I do the same in my own milter.
Daryl
Re: whitelist_from with multiple recips not firing?
Posted by Matthew Yette <my...@mvnhealth.com>.
>I don't know that SA has a way for running messages through for each
>individual recipient. I don't believe you can specify multiple username
>paramenters using spamc and/or spamassassin.
>Here we use Postfix and I instruct Postfix to send the message through SA
>for each recipient. It works like a charm. Perhaps whatever you are using
>in qmail can do the same.
Thanks for the response, Duane. I would think that, even if SA has trouble dealing w/ pulling rules on messages w/ multiple recips, it would at least grab a domain-wide value?
<¤#/srv/gw/mvndom/wptemp/43ccc243.qm8
Re: whitelist_from with multiple recips not firing?
Posted by Duane Hill <d....@yournetplus.com>.
On Thu, 19 Jul 2007 at 15:14 -0400, myette@mvnhealth.com confabulated:
> After further testing, it most definitely has to do with a message hacing multiple recipients (I've tried changing around my custom SQL query to no avail). qmail-queue.log log entry w/ debug on:
>
> Thu, 19 Jul 2007 15:10:20 EDT:16677: g_e_h: return-path is "myette@mvnhealth.com", recips is "matt@mattyette.com,test@mattyette.com"
> Thu, 19 Jul 2007 15:10:20 EDT:16677: from="Matthew Yette" <my...@mvnhealth.com>,subj=test ( mailto:myette@mvnhealth.com> ), x-qmail-scanner-message-id=<46...@mvnhealth.com> via SMTP from 64.9.116.126
> Thu, 19 Jul 2007 15:10:20 EDT:16677: ini_sc: start scanning
> Thu, 19 Jul 2007 15:10:20 EDT:16677: ini_sc: recursively scan the directory /var/spool/qmailscan/tmp/mail.integrityhosting.org118487221972216677/
> Thu, 19 Jul 2007 15:10:20 EDT:16677: scanloop: starting scan of directory "/var/spool/qmailscan/tmp/mail.integrityhosting.org118487221972216677"...
> Thu, 19 Jul 2007 15:10:20 EDT:16677: scanloop: scanner=spamassassin,plain_text_msg=0
> Thu, 19 Jul 2007 15:10:20 EDT:16677: SA: REPORT hits = -2.6/4.0
> -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
> [score: 0.0000]
> 0.0 HTML_MESSAGE BODY: HTML included in message
> Thu, 19 Jul 2007 15:10:20 EDT:16677: SA: required_hits 4.0 / sa_quarantine +0 / sa_delete +0.9
> Thu, 19 Jul 2007 15:10:20 EDT:16677: SA: finished scan of dir "/var/spool/qmailscan/tmp/mail.integrityhosting.org118487221972216677" in 0.715 secs - hits=-2.6/4.0
>
> As you can see, recips is "matt@mattyette.com,test@mattyette.com" and USER_IN_WHITELIST does NOT fire, even though it's in my SQL database as username = mattyette.com, preference is whitelist_from and value is myette@mvnhealth.com.
>
> This has to be something that's cropped up before, I'm hoping it's a quick and easy solution. :)
I don't know that SA has a way for running messages through for each
individual recipient. I don't believe you can specify multiple username
paramenters using spamc and/or spamassassin.
Here we use Postfix and I instruct Postfix to send the message through SA
for each recipient. It works like a charm. Perhaps whatever you are using
in qmail can do the same.
-------
_|_
(_| |
Re: whitelist_from with multiple recips not firing?
Posted by Matthew Yette <my...@mvnhealth.com>.
After further testing, it most definitely has to do with a message hacing multiple recipients (I've tried changing around my custom SQL query to no avail). qmail-queue.log log entry w/ debug on:
Thu, 19 Jul 2007 15:10:20 EDT:16677: g_e_h: return-path is "myette@mvnhealth.com", recips is "matt@mattyette.com,test@mattyette.com"
Thu, 19 Jul 2007 15:10:20 EDT:16677: from="Matthew Yette" <my...@mvnhealth.com>,subj=test ( mailto:myette@mvnhealth.com> ), x-qmail-scanner-message-id=<46...@mvnhealth.com> via SMTP from 64.9.116.126
Thu, 19 Jul 2007 15:10:20 EDT:16677: ini_sc: start scanning
Thu, 19 Jul 2007 15:10:20 EDT:16677: ini_sc: recursively scan the directory /var/spool/qmailscan/tmp/mail.integrityhosting.org118487221972216677/
Thu, 19 Jul 2007 15:10:20 EDT:16677: scanloop: starting scan of directory "/var/spool/qmailscan/tmp/mail.integrityhosting.org118487221972216677"...
Thu, 19 Jul 2007 15:10:20 EDT:16677: scanloop: scanner=spamassassin,plain_text_msg=0
Thu, 19 Jul 2007 15:10:20 EDT:16677: SA: REPORT hits = -2.6/4.0
-2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1%
[score: 0.0000]
0.0 HTML_MESSAGE BODY: HTML included in message
Thu, 19 Jul 2007 15:10:20 EDT:16677: SA: required_hits 4.0 / sa_quarantine +0 / sa_delete +0.9
Thu, 19 Jul 2007 15:10:20 EDT:16677: SA: finished scan of dir "/var/spool/qmailscan/tmp/mail.integrityhosting.org118487221972216677" in 0.715 secs - hits=-2.6/4.0
As you can see, recips is "matt@mattyette.com,test@mattyette.com" and USER_IN_WHITELIST does NOT fire, even though it's in my SQL database as username = mattyette.com, preference is whitelist_from and value is myette@mvnhealth.com.
This has to be something that's cropped up before, I'm hoping it's a quick and easy solution. :)
Thanks again,
Matt
>>> "Matthew Yette" <my...@mvnhealth.com> 7/19/2007 2:24 PM >>>
>>> "Matthew Yette" <my...@mvnhealth.com> 7/19/2007 2:13 PM >>>
I am using SA 3.2.0 using SQL backend userprefs. There is a sending address that is whitelisted for an entire domain, as well as specific users on that domain. However, on the messages that come in from this whitelisted address for multiple recipients (in this case 2), the USER_IN_WHITELIST rule does not fire, and the message gets hit as spam. Is there something special that needs to be done to have it apply to multiple-recipient messages? This is my custom SQL userprefs query:
SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' OR username = _DOMAIN_ ORDER BY username ASC
Thanks!
Matt Yette
-------------------------------
One other point - in my SQL prefs database, I am only using "domain.com" as the username for domain-wide preferences, and not "%domain.com" and SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' OR username = CONCAT('%',_DOMAIN_) ORDER BY username ASC as Dallas calls for in his SQL docs. Would this have a negative impact in terms of applying rules on multiple-recipient mail?
( mailto:myette@mvnhealth.com )
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipients(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient(s), please contact the sender by return e-mail and destroy all copies of the original message. Thank you.
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipients(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient(s), please contact the sender by return e-mail and destroy all copies of the original message. Thank you.
<¤#/srv/gw/mvndom/wptemp/43ccc243.qm8
Re: whitelist_from with multiple recips not firing?
Posted by Matthew Yette <my...@mvnhealth.com>.
>>> "Matthew Yette" <my...@mvnhealth.com> 7/19/2007 2:13 PM >>>
I am using SA 3.2.0 using SQL backend userprefs. There is a sending address that is whitelisted for an entire domain, as well as specific users on that domain. However, on the messages that come in from this whitelisted address for multiple recipients (in this case 2), the USER_IN_WHITELIST rule does not fire, and the message gets hit as spam. Is there something special that needs to be done to have it apply to multiple-recipient messages? This is my custom SQL userprefs query:
SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' OR username = _DOMAIN_ ORDER BY username ASC
Thanks!
Matt Yette
-------------------------------
One other point - in my SQL prefs database, I am only using "domain.com" as the username for domain-wide preferences, and not "%domain.com" and SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '@GLOBAL' OR username = CONCAT('%',_DOMAIN_) ORDER BY username ASC as Dallas calls for in his SQL docs. Would this have a negative impact in terms of applying rules on multiple-recipient mail?
( mailto:myette@mvnhealth.com )
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipients(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient(s), please contact the sender by return e-mail and destroy all copies of the original message. Thank you.
<¤#/srv/gw/mvndom/wptemp/43ccc243.qm8