Re: [Assp-test] Logging Options: Log filled with SEGV warnings

On 2021-09-03 09:11, K Post wrote: > 1) Can the logfile configuration be set to use a different disk? > This was relatively easy on linux. I do not know if Windows has a similar functionality. Basically the ASSP log directories are re-directed to another area with more space. ASSPDIR="/usr/loca

[Assp-test] These log entries have no timestamp

assp 2.6.5 *SPAM-Evaporator* build 21074 Is there a reason these log entries do not receive a timestamp like all of the rest of the entries? I use fail2ban to scan the ASSP logs for persistent login attempts; these entries cause fail2ban to complain about the (lack of a) timestamp. Info: Worke

Re: [Assp-test] Forged UPS messages that made it through ASSP

On 11/2/20 11:26 AM, EPI Tech wrote: > That's what I thought too, but I do not have that address or domain > whitelisted. > The only entry I have is that '@UPS.COM' is listed in the strictspf.txt file. > It may be in the temporary whitelist populated by outgoing mail. -- James Moe moe dot j

Re: [Assp-test] Forged UPS messages that made it through ASSP

On 11/2/20 10:39 AM, EPI Tech wrote: > 20-10-22.maillog.txt:Oct-22-20 07:13:00 m1-65179-08821 [Worker_2] [TLS-out] > 212.171.45.199 to: m_sa...@epiinc.com > Whitelisted sender address: upsbillingcen...@ups.com for recipient > m_sa...@epiinc.com > The sender's address, upsbillingcen...@ups.c

Re: [Assp-test] Forged UPS messages that made it through ASSP

On 10/29/20 12:47 PM, t...@epiinc.com wrote: > Subject: Your UPS Invoice is Ready > Feature Matching: > While there were lots of red flags in the analysis, I did not see where any of them classified the message as spam. I did forget to ask for a log of one of the incoming messages being proc

Re: [Assp-test] Forged UPS messages that made it through ASSP

On 10/29/20 10:17 AM, t...@epiinc.com wrote: > I have attached 1 of 1000+ emails that seems to bypass ASSP and I'm not > sure why. > What does the Mail Analyzer have to say about the message? -- James Moe moe dot james at sohnen-moe dot com 520.743.3936 Think. ___

Re: [Assp-test] {DKIM Fail} Re: Message body modification

On 03/11/2019 3.58 pm, K Post wrote: > Right, but what I'm trying to accomplish (as described in detail in my > previous > thread) is flagging, maybe just with subject modification mail from outside > senders with a name that matches one of our organization's senders.  I'd love > to > be able to

[Assp-test] ASSP filtering EHLO responses?

Hello, ASSP 2.6.1 *Fortress* build 19007 perl 5.26.1 linux 4.12.14-lp150.12.48-default x86_64 Today a user could not send mail; an error message about STARTTLS not being offered. Server setup: incoming: assp port 25 -> mail server 125 outgoing: assp port 5025 -> mail server 587 Tw

Re: [Assp-test] {DKIM Fail} Repeatedly stuck thread on specific DNS query

On 25/01/2019 9.20 AM, K Post wrote: > For about 24 hours, I keep getting notices of a stuck MainThread doing a > dns looking up of _domainkey.bounce.spopessentials2.com >    It's always this same > record causing this.  It's a legitimate mail from Amer

Re: [Assp-test] {DKIM Fail} Re: [Assp-user] Multiple identical log entries for a DNSBL event

On 23/11/2018 12.16 AM, Thomas Eckardt wrote: > The mail has multiple different envelope recipients, > and it is blocked by DNSBL. A blocking line is written to the > maillog.txt for each of them, to make sure, all envelope recipients > would get (if requested) a blockreport for the mail. > > ASS

Re: [Assp-test] [Assp-user] Multiple identical log entries for a DNSBL event

On 20/11/2018 10.56 PM, Thomas Eckardt wrote: > I need to know, if the DNSBL check is done multiple times or if only the > logline is printed multiple times. > I have no idea. The logs are from . > The '[spam found] (DNSBL' line is the final one for this check. Are > there any DNSBL/RBL rela

[Assp-test] [Assp-user] Multiple identical log entries for a DNSBL event

ASSP 2.6.1 (18271) perl 5.26.1 linux 4.12.14-lp150.12.16-default x86_64 Occasionally ASSP outputs multiple log entries, a count of 5, for the same event for several events. They are always DNSBL. There were 8 of then today. What causes this? 2018-11-16_14:02:29 02139-18256 [Worker_1] [TLS-in

Re: [Assp-test] {DKIM Fail} Re: DNSBL blocked mail not saved

On 10/1/18 10:35 PM, Thomas Eckardt wrote: > The RBL (DNSBL) check may lead in to an empty file, if the check is > forced. An empty file will be removed - nobody needs it. > ASSP checks the whole Received chain for a suspect IP address. If even one in the middle of the chain is flagged, the mess

[Assp-test] DNSBL blocked mail not saved

Hello, assp 2.6.1 perl 5.26.1 linux An entry in the log: 2018-09-30_22:19:29 71168-18511 [Worker_1] [TLS-in] [TLS-out] [DNSBL] 209.85.167.52 to: ji...@sohnen-moe.com [spam found] (DNSBL, 209.85.167.52 listed in safe.dnsbl.sorbs.net) [Re Fail2ban users Already banned] -> /usr/local/bin/ass

Re: [Assp-test] {DKIM Fail} Re: [Assp-user] Why no Bayesian header?

On 08/26/2018 01:29 AM, Thomas Eckardt wrote: >>Prob: 0.0 => ham > The header is only added in case the value is NOT zero (> 0.1) > Ah. That was not noted in the option's description. Thank you. -- James Moe moe dot james at sohnen-moe dot com 520.743.3936 Think. ---

[Assp-test] [Assp-user] Why no Bayesian header?

assp 2.1.6 perl 5.26.2 18128 "AddSpamProbHeader" is enabled. Yet no probability header is added to the message. Is there another option required? >From the log: ji...@sohnen-moe.com Bayesian Check - Prob: 0.0 => ham - answer/query relation: 100% of 449 >From the message header: X-Assp-ID

Re: [Assp-test] 18065 with OCR Plugin, Workers stuck

On 03/25/2018 01:01 PM, K Post wrote: > Hey James - I don't see any new content in your last reply. > True. I realized I had not posted the response to the list. -- James Moe moe dot james at sohnen-moe dot com 520.743.3936 Think. -

Re: [Assp-test] 18065 with OCR Plugin, Workers stuck

On 03/23/2018 07:38 PM, K Post wrote: > Mar-23-18 20:10:09 Info: Loop in Worker_6 was not active for 215 seconds > [...] > Mar-23-18 20:10:09 Warning: try to terminate inactive/stuck Worker_6 > Once a worker gets stuck, it is stuck forever, a zombie, eating CPU brains. I had a similar issue w

[Assp-test] ASSP workers not terminating

ASSP 2.6.1 (17355) linux v4.4.103-36-default x86_64 perl 5.18.2 Once again some workers got stuck in a termination loop. There was a burst of messages that caused all of the workers to activate; workers 4 and 5 timed out and stuck in a loop that ran a CPU's usage to 100%. IIRC the worker state w