You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Kathryn Kleinschafer <ka...@rheel.co.nz> on 2008/05/14 06:06:08 UTC
How to output Debugged Lint to file
Hi all,
My installation of spamassassin seems to have stopped using all the
rules I have added when checking email. They now reside in
/var/lib/spamassassin/3.002002
I'm trying to run spamassassin -D --lint and output it to say test.txt
so that I can see it all later and try and trouble shoot why its not
using the rules.
Can anyone tell me how I can do this or if there is a better way to
check why they are not working.
I think they are not working because I am testing a piece of spam that
came through that usually would have been stopped. It is only hitting on
bayes (low) and a couple of other rules which I think are spamassassin
default rules.
I would expect it to hit on at least the sought_rules
Any help would be greatly appreciated.
Regards,
Kate
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
I am running it by going:
sudo -u postfix spamassassin -p
/etc/MailScanner/spam.assassin.prefs.conf -t < messagename.mai
Matt Kettler wrote:
> Kathryn Kleinschafer wrote:
>> Awesome thanks.
>>
>> the output showed
>> [3887] dbg: config: using "/etc/mail/spamassassin" for site rules pre
>> files
>> [3887] dbg: config: read file /etc/mail/spamassassin/init.pre
>> [3887] dbg: config: read file /etc/mail/spamassassin/v310.pre
>> [3887] dbg: config: read file /etc/mail/spamassassin/v312.pre
>> [3887] dbg: config: read file /etc/mail/spamassassin/v320.pre
>> [3887] dbg: config: using "/var/lib/spamassassin/3.002002" for sys
>> rules pre files
>> [3887] dbg: config: read file
>> /var/lib/spamassassin/3.002002/saupdates_openprotect_com.pre
>> [3887] dbg: config: using "/var/lib/spamassassin/3.002002" for
>> default rules dir
>> [3887] dbg: config: read file
>> /var/lib/spamassassin/3.002002/saupdates_openprotect_com.cf
>> [3887] dbg: config: read file
>> /var/lib/spamassassin/3.002002/sought_rules_yerp_org.cf
>> [3887] dbg: config: read file
>> /var/lib/spamassassin/3.002002/updates_spamassassin_org.cf
>>
>> which seems to me that it is actually loading up the correct files -
>> yet when i do a test on a piece of mail which should hit heaps of
>> rules especially the sought_rules it is not hitting at all.
>> Are there any other tests I can do?
>
> Hmm, how are you running your test?
>
> spamassassin -t < somemessage.txt ?
>
> Or are you passing other parameters, or using spamc for the test?
>
Re: How to output Debugged Lint to file
Posted by Matt Kettler <mk...@verizon.net>.
Kathryn Kleinschafer wrote:
> Awesome thanks.
>
> the output showed
> [3887] dbg: config: using "/etc/mail/spamassassin" for site rules pre
> files
> [3887] dbg: config: read file /etc/mail/spamassassin/init.pre
> [3887] dbg: config: read file /etc/mail/spamassassin/v310.pre
> [3887] dbg: config: read file /etc/mail/spamassassin/v312.pre
> [3887] dbg: config: read file /etc/mail/spamassassin/v320.pre
> [3887] dbg: config: using "/var/lib/spamassassin/3.002002" for sys
> rules pre files
> [3887] dbg: config: read file
> /var/lib/spamassassin/3.002002/saupdates_openprotect_com.pre
> [3887] dbg: config: using "/var/lib/spamassassin/3.002002" for default
> rules dir
> [3887] dbg: config: read file
> /var/lib/spamassassin/3.002002/saupdates_openprotect_com.cf
> [3887] dbg: config: read file
> /var/lib/spamassassin/3.002002/sought_rules_yerp_org.cf
> [3887] dbg: config: read file
> /var/lib/spamassassin/3.002002/updates_spamassassin_org.cf
>
> which seems to me that it is actually loading up the correct files -
> yet when i do a test on a piece of mail which should hit heaps of
> rules especially the sought_rules it is not hitting at all.
> Are there any other tests I can do?
Hmm, how are you running your test?
spamassassin -t < somemessage.txt ?
Or are you passing other parameters, or using spamc for the test?
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
[quote]
Does it actually read the files in the update channel dirs? Something
like this, below the point where the debugging output has been snipped.
[/quote]
Yes I think it does - the relevant output is below.
[5153] dbg: config: fixed relative path:
/var/lib/spamassassin/3.002002/sought_rules_yerp_org/20_sought.cf
[5153] dbg: config: using
"/var/lib/spamassassin/3.002002/sought_rules_yerp_org/20_sought.cf" for
included file
[5153] dbg: config: read file
/var/lib/spamassassin/3.002002/sought_rules_yerp_org/20_sought.cf
Regards,
Kate
Karsten Bräckelmann wrote:
> On Thu, 2008-05-15 at 10:46 +1200, Kathryn Kleinschafer wrote:
>
>> I run the update via a crontab entry (set when logged in as root) how do
>> I specify who its done by and what the umask is?
>>
>
> Edit the crontab as the user you want it to be run. Alternatively, have
> a look at 'man crontab'.
>
>
>> spamassassin is run by postfix user - all this part of the setup should
>> be fine as I haven't played with the config files and it had all been
>> running well.
>>
>> I run the test as user postfix to ensure I get the same results as when
>> the automatic tests run.
>>
>
>
>
>> David B Funk wrote:
>>
>
>
>>> Also look to see what User-ID your SA filtering process runs as
>>> and then check to see if there are some parts of your SA setup or
>>> your Perl installation that aren't properly readable/usable by that
>>> User-ID.
>>> (for example, if an update was done as 'root' with a umask of 077
>>> then the installed rules/updates would not be useable by anybody
>>> else).
>>>
>
> The debug output pasted earlier seems to hint that the updates are at
> least readable, I believe. Though the debug output only showed a tiny
> fraction of the very first part:
>
> dbg: config: read file /var/lib/spamassassin/3.00x00y/sought_rules_yerp_org.cf
>
> Does it actually read the files in the update channel dirs? Something
> like this, below the point where the debugging output has been snipped.
>
> dbg: config: read file /var/lib/spamassassin/3.00x00y/sought_rules_yerp_org/20_sought.cf
>
> guenther
>
>
>
Re: How to output Debugged Lint to file
Posted by Karsten Bräckelmann <gu...@rudersport.de>.
On Thu, 2008-05-15 at 10:46 +1200, Kathryn Kleinschafer wrote:
> I run the update via a crontab entry (set when logged in as root) how do
> I specify who its done by and what the umask is?
Edit the crontab as the user you want it to be run. Alternatively, have
a look at 'man crontab'.
> spamassassin is run by postfix user - all this part of the setup should
> be fine as I haven't played with the config files and it had all been
> running well.
>
> I run the test as user postfix to ensure I get the same results as when
> the automatic tests run.
> David B Funk wrote:
> > Also look to see what User-ID your SA filtering process runs as
> > and then check to see if there are some parts of your SA setup or
> > your Perl installation that aren't properly readable/usable by that
> > User-ID.
> > (for example, if an update was done as 'root' with a umask of 077
> > then the installed rules/updates would not be useable by anybody
> > else).
The debug output pasted earlier seems to hint that the updates are at
least readable, I believe. Though the debug output only showed a tiny
fraction of the very first part:
dbg: config: read file /var/lib/spamassassin/3.00x00y/sought_rules_yerp_org.cf
Does it actually read the files in the update channel dirs? Something
like this, below the point where the debugging output has been snipped.
dbg: config: read file /var/lib/spamassassin/3.00x00y/sought_rules_yerp_org/20_sought.cf
guenther
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
I run the update via a crontab entry (set when logged in as root) how do
I specify who its done by and what the umask is?
spamassassin is run by postfix user - all this part of the setup should
be fine as I haven't played with the config files and it had all been
running well.
I run the test as user postfix to ensure I get the same results as when
the automatic tests run.
Regards,
Kate
David B Funk wrote:
> On Thu, 15 May 2008, Kathryn Kleinschafer wrote:
>
>
>> Hi,
>>
>> Pastebin for email: http://pastebin.ca/1018368
>> Pastebin for spam check results: http://pastebin.ca/1018373
>>
>> Thanks
>> Kate
>>
>> Karsten Bräckelmann wrote:
>>
>>> On Wed, 2008-05-14 at 16:25 +1200, Kathryn Kleinschafer wrote:
>>>
>>>
>>>> which seems to me that it is actually loading up the correct files - yet
>>>> when i do a test on a piece of mail which should hit heaps of rules
>>>> especially the sought_rules it is not hitting at all.
>>>> Are there any other tests I can do?
>>>>
>
> Feeding your example spam thru our SA hit lots of rules, including
> 3 different hits from JM_SOUGHT_* (JM_SOUGHT_1, JM_SOUGHT_2, JM_SOUGHT_3).
>
> Is there any way that you can get your mail system to keep internal
> copies of the queue-files (or how ever your messages are fed to SA)
> so you can see what is actually being checked?
>
> Also look to see what User-ID your SA filtering process runs as
> and then check to see if there are some parts of your SA setup or
> your Perl installation that aren't properly readable/usable by that
> User-ID.
> (for example, if an update was done as 'root' with a umask of 077
> then the installed rules/updates would not be useable by anybody
> else).
> Shell search paths might be another reason for differences between
> manual tests and automatic processing scores.
>
>
>
Re: How to output Debugged Lint to file
Posted by David B Funk <db...@engineering.uiowa.edu>.
On Thu, 15 May 2008, Kathryn Kleinschafer wrote:
> Hi,
>
> Pastebin for email: http://pastebin.ca/1018368
> Pastebin for spam check results: http://pastebin.ca/1018373
>
> Thanks
> Kate
>
> Karsten Bräckelmann wrote:
> > On Wed, 2008-05-14 at 16:25 +1200, Kathryn Kleinschafer wrote:
> >
> >> which seems to me that it is actually loading up the correct files - yet
> >> when i do a test on a piece of mail which should hit heaps of rules
> >> especially the sought_rules it is not hitting at all.
> >> Are there any other tests I can do?
Feeding your example spam thru our SA hit lots of rules, including
3 different hits from JM_SOUGHT_* (JM_SOUGHT_1, JM_SOUGHT_2, JM_SOUGHT_3).
Is there any way that you can get your mail system to keep internal
copies of the queue-files (or how ever your messages are fed to SA)
so you can see what is actually being checked?
Also look to see what User-ID your SA filtering process runs as
and then check to see if there are some parts of your SA setup or
your Perl installation that aren't properly readable/usable by that
User-ID.
(for example, if an update was done as 'root' with a umask of 077
then the installed rules/updates would not be useable by anybody
else).
Shell search paths might be another reason for differences between
manual tests and automatic processing scores.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
Is it possible that this --allowplugins was somehow disrupting the
sa-update as now that I have removed it my rules are being used again
(which may mean that they are back up to day?)
Kate
Theo Van Dinter wrote:
> On Thu, May 22, 2008 at 09:57:49AM +1200, Kathryn Kleinschafer wrote:
>
>>> Any reason for the non-default --allowplugins?
>>>
>>>
>> One of the channels - Open Protect required it
>> "If you use SA versions 3.2.0 or above, use the following command:
>> *sa-update --allowplugins --gpgkey
>> D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel
>> saupdates.openprotect.com*, "
>>
>
> That doesn't mean they require it, that just means they told you to use it.
> It also means you open yourself up to possible security attacks, which is why
> it's disabled by default.
>
> I'm not saying it's bad if you trust the channel to not screw you, but ...
>
>
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
Theo Van Dinter wrote:
> On Thu, May 22, 2008 at 09:57:49AM +1200, Kathryn Kleinschafer wrote:
>
>>> Any reason for the non-default --allowplugins?
>>>
>>>
>> One of the channels - Open Protect required it
>> "If you use SA versions 3.2.0 or above, use the following command:
>> *sa-update --allowplugins --gpgkey
>> D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel
>> saupdates.openprotect.com*, "
>>
>
> That doesn't mean they require it, that just means they told you to use it.
> It also means you open yourself up to possible security attacks, which is why
> it's disabled by default.
>
> I'm not saying it's bad if you trust the channel to not screw you, but ...
>
>
Hmmm when you put it like that i might take that bit out. thanks
Re: How to output Debugged Lint to file
Posted by Theo Van Dinter <fe...@apache.org>.
On Thu, May 22, 2008 at 09:57:49AM +1200, Kathryn Kleinschafer wrote:
> >Any reason for the non-default --allowplugins?
> >
> One of the channels - Open Protect required it
> "If you use SA versions 3.2.0 or above, use the following command:
> *sa-update --allowplugins --gpgkey
> D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel
> saupdates.openprotect.com*, "
That doesn't mean they require it, that just means they told you to use it.
It also means you open yourself up to possible security attacks, which is why
it's disabled by default.
I'm not saying it's bad if you trust the channel to not screw you, but ...
--
Randomly Selected Tagline:
"Where's Roxanne? Not here today... She might have a lab... Those poor
Calc. 2 kids ..." - Prof. Farr
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
Karsten Bräckelmann wrote:
> On Thu, 2008-05-15 at 10:01 +1200, Kathryn Kleinschafer wrote:
>
>> I run sa-update from the crontab daily which I believe should update the
>> rules. (i'm relatively new to this so could have it completely wrong)
>> The command I use in crontab is
>>
>> 00 01 * * * sa-update --allowplugins --channelfile
>>
>
> Any reason for the non-default --allowplugins?
>
One of the channels - Open Protect required it
"If you use SA versions 3.2.0 or above, use the following command:
*sa-update --allowplugins --gpgkey
D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel
saupdates.openprotect.com*, "
>
>> /etc/mail/spamassassin/update-channels.txt --gpgkeyfile
>> /etc/mail/spamassassin/gpgkeys.txt
>> and in the update-channels.txt I have
>> sought.rules.yerp.org
>> saupdates.openprotect.com
>> updates.spamassassin.org
>>
>
> You do have all GPG keys in gpgkeys.txt, do you?
>
Yes - do they need to be in any specific order?
update channels file
sought.rules.yerp.org
saupdates.openprotect.com
updates.spamassassin.org
gpgkey file
6C6191E3
D1C035168C1EBC08464946DA258CDB3ABDE9DC10
>
>
>> We were getting this same spam a month or so ago and it was all getting
>> stopped but now its not thats why i'm very worried I have broken my
>> spamassassin.
>> Does URIBL_BLACK come default with spamassassin?
>>
>
> Yes.
>
> Now, please re-read my previous posts, and answer the questions. If it
> helps to do so, feel free to answer inline, placing answers directly
> below the question.
>
> guenther
>
>
>
Re: How to output Debugged Lint to file
Posted by Karsten Bräckelmann <gu...@rudersport.de>.
On Thu, 2008-05-15 at 10:01 +1200, Kathryn Kleinschafer wrote:
> I run sa-update from the crontab daily which I believe should update the
> rules. (i'm relatively new to this so could have it completely wrong)
> The command I use in crontab is
> 00 01 * * * sa-update --allowplugins --channelfile
Any reason for the non-default --allowplugins?
> /etc/mail/spamassassin/update-channels.txt --gpgkeyfile
> /etc/mail/spamassassin/gpgkeys.txt
> and in the update-channels.txt I have
> sought.rules.yerp.org
> saupdates.openprotect.com
> updates.spamassassin.org
You do have all GPG keys in gpgkeys.txt, do you?
> We were getting this same spam a month or so ago and it was all getting
> stopped but now its not thats why i'm very worried I have broken my
> spamassassin.
> Does URIBL_BLACK come default with spamassassin?
Yes.
Now, please re-read my previous posts, and answer the questions. If it
helps to do so, feel free to answer inline, placing answers directly
below the question.
guenther
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
I run sa-update from the crontab daily which I believe should update the
rules. (i'm relatively new to this so could have it completely wrong)
The command I use in crontab is
00 01 * * * sa-update --allowplugins --channelfile
/etc/mail/spamassassin/update-channels.txt --gpgkeyfile
/etc/mail/spamassassin/gpgkeys.txt
and in the update-channels.txt I have
sought.rules.yerp.org
saupdates.openprotect.com
updates.spamassassin.org
We were getting this same spam a month or so ago and it was all getting
stopped but now its not thats why i'm very worried I have broken my
spamassassin.
Does URIBL_BLACK come default with spamassassin?
Karsten Bräckelmann wrote:
> On Thu, 2008-05-15 at 09:09 +1200, Kathryn Kleinschafer wrote:
>
>> Pastebin for email: http://pastebin.ca/1018368
>> Pastebin for spam check results: http://pastebin.ca/1018373
>>
>
> OK. And what about my questions above? Err, wait, they are actually
> below your reply. ;)
>
>
>
>> Karsten Bräckelmann wrote:
>>
>>> On Wed, 2008-05-14 at 16:25 +1200, Kathryn Kleinschafer wrote:
>>>
>>>
>>>> which seems to me that it is actually loading up the correct files - yet
>>>> when i do a test on a piece of mail which should hit heaps of rules
>>>> especially the sought_rules it is not hitting at all.
>>>> Are there any other tests I can do?
>>>>
>>> How do you tell the Sought rules should hit? If used correctly, they are
>>> a moving target. [1]
>>>
>
> Why do you believe it should hit the Sought rules?
>
>
>>> Also, can you elaborate on "not hitting at all"? Including the actual
>>> results, the SA headers, would be a good start. And maybe put a sample
>>> up a pastebin.
>>>
>
> Oh, yeah, definitely. Please do elaborate on your definition of "not
> hitting at all". Usually implies no rules hit, and often that SA didn't
> even process the message. Which it did in this case.
>
>
> OK, just checked locally. Scores 8.6 (that's without the munged To) for
> me. Granted, it hits a couple custom rules. :)
>
> However, it *indeed* hits Sought (as of 3 hours ago!), plus URIBL_BLACK.
>
> * 3.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist
> * [URIs: lm6xv9muv93y98.blogspot.com]
> * 2.0 JM_SOUGHT_3 JM_SOUGHT_3
>
> Please do note again, that you need to keep the Sought rules updated.
> See the docs. [1] If you don't, I'm not impressed by them not hitting.
> The entire purpose of Sought is, to catch recent, changing phrases in
> low scoring spam.
>
> FWIW, the default JM_SOUGHT_* score is a whopping 4.0.
>
> For URIBL_BLACK to hit on this kind of throw-away addresses, you need to
> tweak your conf:
> util_rb_2tld blogspot.com
>
> Other than that, it hits better on Bayes for me. Plus custom rules
> involving blogspot.com addresses in general, and such addresses in mail
> directly delivered by the MUA to MX.
>
> HTH
>
> guenther
>
>
> [1] http://wiki.apache.org/spamassassin/SoughtRules
>
>
Re: How to output Debugged Lint to file
Posted by Karsten Bräckelmann <gu...@rudersport.de>.
On Thu, 2008-05-15 at 09:09 +1200, Kathryn Kleinschafer wrote:
>
> Pastebin for email: http://pastebin.ca/1018368
> Pastebin for spam check results: http://pastebin.ca/1018373
OK. And what about my questions above? Err, wait, they are actually
below your reply. ;)
> Karsten Bräckelmann wrote:
> > On Wed, 2008-05-14 at 16:25 +1200, Kathryn Kleinschafer wrote:
> >
> >> which seems to me that it is actually loading up the correct files - yet
> >> when i do a test on a piece of mail which should hit heaps of rules
> >> especially the sought_rules it is not hitting at all.
> >> Are there any other tests I can do?
> >
> > How do you tell the Sought rules should hit? If used correctly, they are
> > a moving target. [1]
Why do you believe it should hit the Sought rules?
> > Also, can you elaborate on "not hitting at all"? Including the actual
> > results, the SA headers, would be a good start. And maybe put a sample
> > up a pastebin.
Oh, yeah, definitely. Please do elaborate on your definition of "not
hitting at all". Usually implies no rules hit, and often that SA didn't
even process the message. Which it did in this case.
OK, just checked locally. Scores 8.6 (that's without the munged To) for
me. Granted, it hits a couple custom rules. :)
However, it *indeed* hits Sought (as of 3 hours ago!), plus URIBL_BLACK.
* 3.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist
* [URIs: lm6xv9muv93y98.blogspot.com]
* 2.0 JM_SOUGHT_3 JM_SOUGHT_3
Please do note again, that you need to keep the Sought rules updated.
See the docs. [1] If you don't, I'm not impressed by them not hitting.
The entire purpose of Sought is, to catch recent, changing phrases in
low scoring spam.
FWIW, the default JM_SOUGHT_* score is a whopping 4.0.
For URIBL_BLACK to hit on this kind of throw-away addresses, you need to
tweak your conf:
util_rb_2tld blogspot.com
Other than that, it hits better on Bayes for me. Plus custom rules
involving blogspot.com addresses in general, and such addresses in mail
directly delivered by the MUA to MX.
HTH
guenther
[1] http://wiki.apache.org/spamassassin/SoughtRules
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
Hi,
Pastebin for email: http://pastebin.ca/1018368
Pastebin for spam check results: http://pastebin.ca/1018373
Thanks
Kate
Karsten Bräckelmann wrote:
> On Wed, 2008-05-14 at 16:25 +1200, Kathryn Kleinschafer wrote:
>
>> which seems to me that it is actually loading up the correct files - yet
>> when i do a test on a piece of mail which should hit heaps of rules
>> especially the sought_rules it is not hitting at all.
>> Are there any other tests I can do?
>>
>
> How do you tell the Sought rules should hit? If used correctly, they are
> a moving target. [1]
>
> Also, can you elaborate on "not hitting at all"? Including the actual
> results, the SA headers, would be a good start. And maybe put a sample
> up a pastebin.
>
> guenther
>
>
> [1] http://wiki.apache.org/spamassassin/SoughtRules
>
>
Re: How to output Debugged Lint to file
Posted by Karsten Bräckelmann <gu...@rudersport.de>.
On Wed, 2008-05-14 at 16:25 +1200, Kathryn Kleinschafer wrote:
> which seems to me that it is actually loading up the correct files - yet
> when i do a test on a piece of mail which should hit heaps of rules
> especially the sought_rules it is not hitting at all.
> Are there any other tests I can do?
How do you tell the Sought rules should hit? If used correctly, they are
a moving target. [1]
Also, can you elaborate on "not hitting at all"? Including the actual
results, the SA headers, would be a good start. And maybe put a sample
up a pastebin.
guenther
[1] http://wiki.apache.org/spamassassin/SoughtRules
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: How to output Debugged Lint to file
Posted by Kathryn Kleinschafer <ka...@rheel.co.nz>.
Awesome thanks.
the output showed
[3887] dbg: config: using "/etc/mail/spamassassin" for site rules pre files
[3887] dbg: config: read file /etc/mail/spamassassin/init.pre
[3887] dbg: config: read file /etc/mail/spamassassin/v310.pre
[3887] dbg: config: read file /etc/mail/spamassassin/v312.pre
[3887] dbg: config: read file /etc/mail/spamassassin/v320.pre
[3887] dbg: config: using "/var/lib/spamassassin/3.002002" for sys rules
pre files
[3887] dbg: config: read file
/var/lib/spamassassin/3.002002/saupdates_openprotect_com.pre
[3887] dbg: config: using "/var/lib/spamassassin/3.002002" for default
rules dir
[3887] dbg: config: read file
/var/lib/spamassassin/3.002002/saupdates_openprotect_com.cf
[3887] dbg: config: read file
/var/lib/spamassassin/3.002002/sought_rules_yerp_org.cf
[3887] dbg: config: read file
/var/lib/spamassassin/3.002002/updates_spamassassin_org.cf
which seems to me that it is actually loading up the correct files - yet
when i do a test on a piece of mail which should hit heaps of rules
especially the sought_rules it is not hitting at all.
Are there any other tests I can do?
Kate
Matt Kettler wrote:
> Kathryn Kleinschafer wrote:
>> Hi all,
>>
>> My installation of spamassassin seems to have stopped using all the
>> rules I have added when checking email. They now reside in
>> /var/lib/spamassassin/3.002002
>>
>> I'm trying to run spamassassin -D --lint and output it to say
>> test.txt so that I can see it all later and try and trouble shoot why
>> its not using the rules.
>>
>> Can anyone tell me how I can do this or if there is a better way to
>> check why they are not working.
> The debug output goes to stderr. you need to redirect it with 2>
> instead of >
>
> ie: spamassassin -D --lint 2> output.txt
>
>
>
Re: How to output Debugged Lint to file
Posted by Matt Kettler <mk...@verizon.net>.
Kathryn Kleinschafer wrote:
> Hi all,
>
> My installation of spamassassin seems to have stopped using all the
> rules I have added when checking email. They now reside in
> /var/lib/spamassassin/3.002002
>
> I'm trying to run spamassassin -D --lint and output it to say test.txt
> so that I can see it all later and try and trouble shoot why its not
> using the rules.
>
> Can anyone tell me how I can do this or if there is a better way to
> check why they are not working.
The debug output goes to stderr. you need to redirect it with 2> instead
of >
ie: spamassassin -D --lint 2> output.txt