You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Chris <cp...@earthlink.net> on 2005/10/02 03:53:14 UTC
SA tags above header info
I may have missed a thread on this but is there a reason that SA is now
placing its tags above the headers:
X-Spam-Virus: No
X-Spam-Seen: Tokens 251
X-Spam-New: Tokens 446
X-Spam-Remote: Host localhost.localdomain
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
cpollock.localdomain
X-Spam-Hammy: Tokens 50
X-Spam-Status: No, score=2.5 required=5.0 tests=AWL,BAYES_50,PYZOR_CHECK,
SPF_PASS autolearn=disabled version=3.1.0
X-Spam-Spammy: Tokens 24
X-Spam-Pyzor: Reported 0 times.
X-Spam-Token: Summary Tokens: new, 195; hammy, 50; neutral, 177; spammy,
24.
X-Spam-DCC: dcc.uncw.edu cpollock.localdomain 1201; Body=1 Fuz1=1 Fuz2=45
X-Spam-Untrusted: Relays [ ip=207.44.182.114 rdns=mx.linuxquestions.org
helo=mx.linuxquestions.org by=mx-pigeons.atl.sa.earthlink.net ident=
envfrom= intl=0 id=1elSGg5H63Nl34g2 auth= ] [ ip=64.179.4.149
rdns=web1.linuxquestions.org helo=web1.linuxquestions.org
by=mx.linuxquestions.org ident= envfrom= intl=0 id= auth= ] [
ip=127.0.0.1 rdns=localhost helo=web1.linuxquestions.org
by=web1.linuxquestions.org ident= envfrom= intl=0 id=j921TJaO032650
auth= ]
X-Spam-Level: **
X-Spam-RBL: Results <dns:linuxquestions.org> [64.179.4.149]
<dns:linuxquestions.org?type=MX> [10 mail.linuxquestions.org., 15
mx.linuxquestions.org., 20 mx1.linuxquestions.org.]
Status: U
Return-Path: <fo...@linuxquestions.org>
--
Chris
Registered Linux User 283774 http://counter.li.org
20:51:34 up 21 days, 9:04, 1 user, load average: 0.57, 0.69, 0.73
Mandriva Linux 10.1 Official, kernel 2.6.8.1-12mdk
Re: SA tags above header info
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Magnus Holmgren wrote:
> One remark I haven't seen yet is that the "DomainKey-Signature:" field can
> include an "h" tag, which specifies which header fields are included in the
> signature. If that tag is included (and I think it usually is(?)) and there
> aren't already any X-Spam-* fields that have been signed, then it should be
> safe to add SA's header lines below, just like before. If the "h" tag isn't
> present, adding it shouldn't change the verfication status, but I don't think
> it's allowed.
You can't alter the signature. The signature tags are all used in
calculation of the key.
> Always prepending SA's header lines clearly is the easiest thing to do.
>
>> (Yes, I think it looks ugly, too.)
>
> Me too, but it's probably just because I'm used to it. Always adding new
> headers to the top has the additional benefit that it's easier to see which
> relay added what.
Personally, I now prefer the headers being prepended over them being
appended. There was about a week or two where I wasn't sure about it
though.
Daryl
Re: SA tags above header info
Posted by Magnus Holmgren <ho...@lysator.liu.se>.
On Monday 03 October 2005 18:14, Nix took the opportunity to write:
> On Sat, 1 Oct 2005, jdow@earthlink.net stated:
> > Which begs the question I don't remember anybody asking: "What the
> > <censored> is "DomainKeys" and why should it experience a special
> > exception to sane ordering if header information with time of
> > application ordered message tags?
>
> It's a scheme whereby the headers get cryptographically signed, as a
> body, with a key derived from a DNS lookup; another anti-forgery
> scheme, like SPF, only hopefully more forwarding-friendly.
>
> The idea is that relays sign the headers from a given Received: line on
> down, thus validating the path a mail has taken without breaking the
> ability for further relays to add Received lines. So adding things
> above Received lines is safe: adding them below invalidates the DK
> signature.
One remark I haven't seen yet is that the "DomainKey-Signature:" field can
include an "h" tag, which specifies which header fields are included in the
signature. If that tag is included (and I think it usually is(?)) and there
aren't already any X-Spam-* fields that have been signed, then it should be
safe to add SA's header lines below, just like before. If the "h" tag isn't
present, adding it shouldn't change the verfication status, but I don't think
it's allowed.
Always prepending SA's header lines clearly is the easiest thing to do.
> (Yes, I think it looks ugly, too.)
Me too, but it's probably just because I'm used to it. Always adding new
headers to the top has the additional benefit that it's easier to see which
relay added what.
--
Magnus Holmgren holmgren@lysator.liu.se
(No Cc of list mail needed, thanks)
Re: SA tags above header info
Posted by Nix <ni...@esperi.org.uk>.
On Sat, 1 Oct 2005, jdow@earthlink.net stated:
> Which begs the question I don't remember anybody asking: "What the
> <censored> is "DomainKeys" and why should it experience a special
> exception to sane ordering if header information with time of
> application ordered message tags?
It's a scheme whereby the headers get cryptographically signed, as a
body, with a key derived from a DNS lookup; another anti-forgery
scheme, like SPF, only hopefully more forwarding-friendly.
The idea is that relays sign the headers from a given Received: line on
down, thus validating the path a mail has taken without breaking the
ability for further relays to add Received lines. So adding things
above Received lines is safe: adding them below invalidates the DK
signature.
(Yes, I think it looks ugly, too.)
--
`Next: FEMA neglects to take into account the possibility of
fire in Old Balsawood Town (currently in its fifth year of drought
and home of the General Grant Home for Compulsive Arsonists).'
--- James Nicoll
Re: SA tags above header info
Posted by jdow <jd...@earthlink.net>.
From: "JamesDR" <ro...@bellsouth.net>
> Chris wrote:
>> I may have missed a thread on this but is there a reason that SA is now
>> placing its tags above the headers:
>>
>> X-Spam-Virus: No
>> X-Spam-Seen: Tokens 251
>> X-Spam-New: Tokens 446
>> X-Spam-Remote: Host localhost.localdomain
>> X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
>
> [snip]
>
> Yes, 3.1.0 now places sa headers on the top, this is a feature for
> DomainKeys: per thread "ANNOUNCE: SpamAssassin 3.1.0 available!"
> 2005-9-14:
>
> - modify header ordering for DomainKeys compatibility, by placing markup
> headers at the top of the message instead at the bottom of the list.
Which begs the question I don't remember anybody asking: "What the
<censored> is "DomainKeys" and why should it experience a special
exception to sane ordering if header information with time of
application ordered message tags?
{^_^}
Re: SA tags above header info
Posted by JamesDR <ro...@bellsouth.net>.
Chris wrote:
[snip]
>
>
> Something is very odd then, I have the domainkeys plugin commented out.
> Tags in ham are placed above the header info while tags for spam are placed
> in the usual place. One other question, what/where is the --max-clients
> setting? I've observed an error telling me it needs to be set higher,
> however, man spamd doesn't seem to contain a setting for that, or, is it
> somewhere else?
>
> Thanks
>
I have the same thing (DK plugin is commented out.)
Hmm, I don't see anything either about --max-clients, you might try
increasing --max-spare or -m (--max-children), this should give you more
available 'connections', but watch mem usage etc. These are all in the
man spamd page.
HTH
--
Thanks,
JamesDR
Re: SA tags above header info
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
Chris wrote:
> Something is very odd then, I have the domainkeys plugin commented out.
Whether or not you're using the DomainKeys plugin makes no difference
regarding header placement.
> Tags in ham are placed above the header info while tags for spam are placed
> in the usual place.
It'll appear this way when using report safe since the only received
header present is the one generated by SpamAssassin.
When not using report safe the X-Spam headers will be in the same place
for both ham and spam.
> One other question, what/where is the --max-clients
> setting? I've observed an error telling me it needs to be set higher,
> however, man spamd doesn't seem to contain a setting for that, or, is it
> somewhere else?
The option was renamed in 3.1 to reflect what it actually controls.
It's now called --max-children. You can use -m for --max-children (just
like you could use -m for --max-clients before). We missed updating the
debug message. It'll be fixed in 3.1.1.
Daryl
Re: SA tags above header info
Posted by Chris <cp...@earthlink.net>.
On Saturday 01 October 2005 11:34 pm, JamesDR wrote:
> Chris wrote:
> > On Saturday 01 October 2005 09:34 pm, JamesDR wrote:
> >>Chris wrote:
> >>>I may have missed a thread on this but is there a reason that SA is
> >>> now placing its tags above the headers:
> >>>
> >>>X-Spam-Virus: No
> >>> X-Spam-Seen: Tokens 251
> >>> X-Spam-New: Tokens 446
> >>> X-Spam-Remote: Host localhost.localdomain
> >>> X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
> >>
> >>[snip]
> >>
> >>Yes, 3.1.0 now places sa headers on the top, this is a feature for
> >>DomainKeys: per thread "ANNOUNCE: SpamAssassin 3.1.0 available!"
> >>2005-9-14:
> >>
> >>- modify header ordering for DomainKeys compatibility, by placing
> >> markup headers at the top of the message instead at the bottom of the
> >> list.
> >>
> >>HTH
> >
> > Thanks James and I've got that msg still in my SATalk folder too. I
> > just referred to it and saw also the answer to my other question.
> > --lint works fine now.
> >
> > Thanks
>
> Glad I could help chris.
>
> Jdow:
> That's the single reason I can't upgrade yet (the mail server adds
> headers there and expects them to be there. Will have to mod my tool to
> put these other headers that the mail server needs where it expects them
> back, not a big deal just time :-D)... I would be nice if there was a
> conf switch of sorts that you could turn off that feature with... I
> don't have any interest in DomainKeys.
Something is very odd then, I have the domainkeys plugin commented out.
Tags in ham are placed above the header info while tags for spam are placed
in the usual place. One other question, what/where is the --max-clients
setting? I've observed an error telling me it needs to be set higher,
however, man spamd doesn't seem to contain a setting for that, or, is it
somewhere else?
Thanks
--
Chris
Registered Linux User 283774 http://counter.li.org
08:45:03 up 21 days, 20:57, 1 user, load average: 0.41, 0.40, 0.36
Mandriva Linux 10.1 Official, kernel 2.6.8.1-12mdk
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vulcans do not approve of violence.
-- Spock, "Journey to Babel", stardate 3842.4
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: SA tags above header info
Posted by JamesDR <ro...@bellsouth.net>.
Chris wrote:
> On Saturday 01 October 2005 09:34 pm, JamesDR wrote:
>
>>Chris wrote:
>>
>>>I may have missed a thread on this but is there a reason that SA is now
>>>placing its tags above the headers:
>>>
>>>X-Spam-Virus: No
>>> X-Spam-Seen: Tokens 251
>>> X-Spam-New: Tokens 446
>>> X-Spam-Remote: Host localhost.localdomain
>>> X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
>>
>>[snip]
>>
>>Yes, 3.1.0 now places sa headers on the top, this is a feature for
>>DomainKeys: per thread "ANNOUNCE: SpamAssassin 3.1.0 available!"
>>2005-9-14:
>>
>>- modify header ordering for DomainKeys compatibility, by placing markup
>> headers at the top of the message instead at the bottom of the list.
>>
>>HTH
>
>
> Thanks James and I've got that msg still in my SATalk folder too. I just
> referred to it and saw also the answer to my other question. --lint works
> fine now.
>
> Thanks
>
Glad I could help chris.
Jdow:
That's the single reason I can't upgrade yet (the mail server adds
headers there and expects them to be there. Will have to mod my tool to
put these other headers that the mail server needs where it expects them
back, not a big deal just time :-D)... I would be nice if there was a
conf switch of sorts that you could turn off that feature with... I
don't have any interest in DomainKeys.
--
Thanks,
JamesDR
Re: SA tags above header info
Posted by Chris <cp...@earthlink.net>.
On Saturday 01 October 2005 09:34 pm, JamesDR wrote:
> Chris wrote:
> > I may have missed a thread on this but is there a reason that SA is now
> > placing its tags above the headers:
> >
> > X-Spam-Virus: No
> > X-Spam-Seen: Tokens 251
> > X-Spam-New: Tokens 446
> > X-Spam-Remote: Host localhost.localdomain
> > X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
>
> [snip]
>
> Yes, 3.1.0 now places sa headers on the top, this is a feature for
> DomainKeys: per thread "ANNOUNCE: SpamAssassin 3.1.0 available!"
> 2005-9-14:
>
> - modify header ordering for DomainKeys compatibility, by placing markup
> headers at the top of the message instead at the bottom of the list.
>
> HTH
Thanks James and I've got that msg still in my SATalk folder too. I just
referred to it and saw also the answer to my other question. --lint works
fine now.
Thanks
--
Chris
Registered Linux User 283774 http://counter.li.org
21:50:53 up 21 days, 10:03, 2 users, load average: 0.14, 0.88, 1.51
Mandriva Linux 10.1 Official, kernel 2.6.8.1-12mdk
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If at first you don't succeed, try again
-- Murphy's Laws on Work n°8
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: SA tags above header info
Posted by JamesDR <ro...@bellsouth.net>.
Chris wrote:
> I may have missed a thread on this but is there a reason that SA is now
> placing its tags above the headers:
>
> X-Spam-Virus: No
> X-Spam-Seen: Tokens 251
> X-Spam-New: Tokens 446
> X-Spam-Remote: Host localhost.localdomain
> X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
[snip]
Yes, 3.1.0 now places sa headers on the top, this is a feature for
DomainKeys: per thread "ANNOUNCE: SpamAssassin 3.1.0 available!" 2005-9-14:
- modify header ordering for DomainKeys compatibility, by placing markup
headers at the top of the message instead at the bottom of the list.
HTH
--
Thanks,
JamesDR
Re: SA tags above header info
Posted by Chris <cp...@earthlink.net>.
On Saturday 01 October 2005 08:53 pm, Chris wrote:
> I may have missed a thread on this but is there a reason that SA is now
> placing its tags above the headers:
>
Replying to myself, this seems to only happen in hams. But, another
question, running --lint I'm getting:
[chris@cpollock chris]$ spamassassin --lint
[26424] warn: config: warning: score set for non-existent rule
FUZZY_GUARANTEE
[26424] warn: config: warning: score set for non-existent rule FUZZY_BILLION
[26424] warn: config: warning: score set for non-existent rule FUZZY_XPILL
[26424] warn: config: warning: score set for non-existent rule
SUBJECT_FUZZY_TIO
[26424] warn: config: warning: score set for non-existent rule
FUZZY_TRAMADOL
[26424] warn: config: warning: score set for non-existent rule
SUBJECT_FUZZY_VPI
[26424] warn: config: warning: score set for non-existent rule
FUZZY_THOUSANDS
[26424] warn: config: warning: score set for non-existent rule
FUZZY_OBLIGATION
[26424] warn: config: warning: score set for non-existent rule
SUBJECT_FUZZY_MED
[26424] warn: config: warning: score set for non-existent rule FUZZY_VICODIN
[26424] warn: config: warning: score set for non-existent rule FUZZY_MILLION
[26424] warn: config: warning: score set for non-existent rule
FUZZY_AFFORDABLE
[26424] warn: config: warning: score set for non-existent rule FUZZY_REMOVE
[26424] warn: config: warning: score set for non-existent rule
FUZZY_MORTGAGE
[26424] warn: config: warning: score set for non-existent rule FUZZY_PRICES
[26424] warn: config: warning: score set for non-existent rule
SUBJECT_FUZZY_CHE
[26424] warn: config: warning: score set for non-existent rule FUZZY_PHENT
[26424] warn: config: warning: score set for non-existent rule FUZZY_MILF
[26424] warn: config: warning: score set for non-existent rule
FUZZY_PRESCRIPT
[26424] warn: config: warning: score set for non-existent rule
FUZZY_SOFTWARE
[26424] warn: config: warning: score set for non-existent rule
FUZZY_PHARMACY
[26424] warn: config: warning: score set for non-existent rule FUZZY_OFFERS
[26424] warn: config: warning: score set for non-existent rule
FUZZY_MEDICATION
[26424] warn: config: warning: score set for non-existent rule FUZZY_CREDIT
[26424] warn: config: warning: score set for non-existent rule FUZZY_CPILL
[26424] warn: config: warning: score set for non-existent rule
SUBJECT_FUZZY_PEN
[26424] warn: config: warning: score set for non-existent rule FUZZY_MONEY
[26424] warn: config: warning: score set for non-existent rule
FUZZY_CELEBREX
[26424] warn: config: warning: score set for non-existent rule FUZZY_FOLLOW
[26424] warn: config: warning: score set for non-existent rule FUZZY_PLEASE
[26424] warn: config: warning: score set for non-existent rule FUZZY_ERECT
[26424] warn: config: warning: score set for non-existent rule FUZZY_VLIUM
[26424] warn: config: warning: score set for non-existent rule FUZZY_ROLEX
[26424] warn: config: warning: score set for non-existent rule FUZZY_AMBIEN
[26424] warn: config: warning: score set for non-existent rule
FUZZY_REFINANCE
[26424] warn: config: warning: score set for non-existent rule FUZZY_VIOXX
[26424] warn: config: warning: score set for non-existent rule FUZZY_VPILL
[26424] warn: lint: 37 issues detected, please rerun with debug enabled for
more
I appear to be missing a rule(s)?
--
Chris
Registered Linux User 283774 http://counter.li.org
21:13:51 up 21 days, 9:26, 2 users, load average: 0.31, 0.60, 0.61
Mandriva Linux 10.1 Official, kernel 2.6.8.1-12mdk