Re: SA and Ubuntu 14.04 LTS

On Tue, 2014-07-15 at 22:34 -0500, Chris wrote: > On Wed, 2014-07-16 at 04:26 +0200, Karsten Bräckelmann wrote: > > On Tue, 2014-07-15 at 00:11 -0500, Chris wrote: > > > dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC > > > from /usr/lib/perl5/site_perl/5.10.1/Mail/SpamAssassin/Plugin/DCC.pm >

Re: SA and Ubuntu 14.04 LTS

On Wed, 2014-07-16 at 04:26 +0200, Karsten Bräckelmann wrote: > On Tue, 2014-07-15 at 00:11 -0500, Chris wrote: > > dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC > > from /usr/lib/perl5/site_perl/5.10.1/Mail/SpamAssassin/Plugin/DCC.pm > > Debug states loading a plugin from "an explicitly gi

Re: SA and Ubuntu 14.04 LTS

On Tue, 2014-07-15 at 00:11 -0500, Chris wrote: > dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC > from /usr/lib/perl5/site_perl/5.10.1/Mail/SpamAssassin/Plugin/DCC.pm Debug states loading a plugin from "an explicitly given absolute referenced file name", rather than resolving from @INC (in

Re: Dealing with a bad network device affecting DNS lookups

--On Wednesday, July 16, 2014 2:26 AM + lists-spamassassin wrote: I'm really not certain that using "time" and "nslookup" (which is a somewhat depreciated tool at this point) gives you results that show where the problem might be. I would suggest that for debugging/proof of issue purposes

Re: Dealing with a bad network device affecting DNS lookups

Original Message > Date: Tuesday, July 15, 2014 15:04:22 -0700 > From: Quanah Gibson-Mount > To: Dave Warren , users@spamassassin.apache.org > Subject: Re: Dealing with a bad network device affecting DNS lookups > > --On Tuesday, July 15, 2014 3:52 PM -0700 Dave Warren >

Re: Dealing with a bad network device affecting DNS lookups

On 7/15/2014 6:18 PM, Axb wrote: On 07/16/2014 12:04 AM, Quanah Gibson-Mount wrote: --On Tuesday, July 15, 2014 3:52 PM -0700 Dave Warren wrote: Are you saying that if you perform something like "dig @8.8.8.8 asdfalksdflk.example.com a", Rackspace intercepts the packet on port 53 and does som

Re: Dealing with a bad network device affecting DNS lookups

On 07/16/2014 12:04 AM, Quanah Gibson-Mount wrote: --On Tuesday, July 15, 2014 3:52 PM -0700 Dave Warren wrote: Are you saying that if you perform something like "dig @8.8.8.8 asdfalksdflk.example.com a", Rackspace intercepts the packet on port 53 and does something with it? Right And it's

Fwd: Dealing with a bad network device affecting DNS lookups

(Accidentally off list, sorry) Begin forwarded message: > From: Dominic Benson > Date: 15 July 2014 22:59:14 BST > To: Quanah Gibson-Mount > Subject: Re: Dealing with a bad network device affecting DNS lookups > > >> On 15 Jul 2014, at 22:46, Quanah Gibson-Mount wrote: >> >> --On Tuesday, J

Re: Dealing with a bad network device affecting DNS lookups

--On Tuesday, July 15, 2014 3:52 PM -0700 Dave Warren wrote: Are you saying that if you perform something like "dig @8.8.8.8 asdfalksdflk.example.com a", Rackspace intercepts the packet on port 53 and does something with it? Right And it's taken them since October to resolve it? And you st

Re: Dealing with a bad network device affecting DNS lookups

On 2014-07-15 14:46, Quanah Gibson-Mount wrote: I've been complaining about it since last October. Supposedly it will be fixed by the end of this month. In the meantime, I still have floods of spam coming in that I'd like scored correctly. Are you saying that if you perform something like "d

Re: Dealing with a bad network device affecting DNS lookups

On 2014-07-15 14:40, John Hardin wrote: On Tue, 15 Jul 2014, Martin Hepworth wrote: On Tuesday, 15 July 2014, Quanah Gibson-Mount wrote: --On Wednesday, July 16, 2014 12:08 AM +0200 Axb wrote: and what's prevents you from running a recursor on those servers? In a halfway well connected n

Re: Dealing with a bad network device affecting DNS lookups

--On Tuesday, July 15, 2014 3:41 PM -0700 John Hardin wrote: On Tue, 15 Jul 2014, Quanah Gibson-Mount wrote: --On Wednesday, July 16, 2014 12:12 AM +0200 Axb wrote: And what appliance is that? No idea. Again, I don't run the network and what's on it. Whatever it is, if it breaks yo

Re: Dealing with a bad network device affecting DNS lookups

On Tue, 15 Jul 2014, Quanah Gibson-Mount wrote: --On Wednesday, July 16, 2014 12:12 AM +0200 Axb wrote: And what appliance is that? No idea. Again, I don't run the network and what's on it. Whatever it is, if it breaks your DNS traffic, trash it. I have no control over it or its usag

Re: Dealing with a bad network device affecting DNS lookups

On Tue, 15 Jul 2014, Martin Hepworth wrote: On Tuesday, 15 July 2014, Quanah Gibson-Mount wrote: --On Wednesday, July 16, 2014 12:08 AM +0200 Axb wrote: and what's prevents you from running a recursor on those servers? In a halfway well connected network, and Rackpace is VERY well connec

Re: Dealing with a bad network device affecting DNS lookups

Then I think we can all agree that just extending the timeout is not a fix. You have network issues that should be resolved. -- Jeremy McSpadden Flux Labs | http://www.fluxlabs.net | Endless Solutions Office : 850-250-5590x501 | Cell : 850-890-2543 | Fax : 850-254-2955

Re: Dealing with a bad network device affecting DNS lookups

--On Wednesday, July 16, 2014 12:12 AM +0200 Axb wrote: And what appliance is that? No idea. Again, I don't run the network and what's on it. Whatever it is, if it breaks your DNS traffic, trash it. I have no control over it or its usage or presence. --Quanah -- Quanah Gibson-Mount S

Re: Dealing with a bad network device affecting DNS lookups

--On Tuesday, July 15, 2014 11:13 PM +0100 Martin Hepworth wrote: Run your own caching server on the sa box itself, makes a surprising difference and something I always reconmend  *sigh* I DO already. That still does not prevent FIRST TIME LOOKUPS from failing. --Quanah -- Quanah Gibso

Re: Dealing with a bad network device affecting DNS lookups

On Tuesday, 15 July 2014, Quanah Gibson-Mount wrote: > --On Wednesday, July 16, 2014 12:08 AM +0200 Axb > wrote: > > > and what's prevents you from running a recursor on those servers? >> >> In a halfway well connected network, and Rackpace is VERY well connected, >> DNS requests should takes l

Re: Dealing with a bad network device affecting DNS lookups

On 07/15/2014 11:09 PM, Quanah Gibson-Mount wrote: --On Wednesday, July 16, 2014 12:08 AM +0200 Axb wrote: and what's prevents you from running a recursor on those servers? In a halfway well connected network, and Rackpace is VERY well connected, DNS requests should takes less that 1 sec.

Re: Dealing with a bad network device affecting DNS lookups

--On Wednesday, July 16, 2014 12:08 AM +0200 Axb wrote: and what's prevents you from running a recursor on those servers? In a halfway well connected network, and Rackpace is VERY well connected, DNS requests should takes less that 1 sec. The problem isn't the DNS requests. The problem is

Re: Dealing with a bad network device affecting DNS lookups

On 07/15/2014 10:58 PM, Quanah Gibson-Mount wrote: --On Tuesday, July 15, 2014 9:51 PM + Jeremy McSpadden wrote: Have you considered running your own DNS server locally ? I do. ;) But I don't run the network (our servers are hosted @ Rackspace), and any outbound DNS request hits the ne

Re: Dealing with a bad network device affecting DNS lookups

--On Tuesday, July 15, 2014 10:00 PM + Jeremy McSpadden wrote: Run a DNS server on your rack space servers. If your using rack space DNS your rbl queries are more than likely going to cause quite a few FPs. Never good to use ISP or hosting DNS servers. As I said... I *already* run my ow

Re: Dealing with a bad network device affecting DNS lookups

--On Tuesday, July 15, 2014 9:51 PM + Jeremy McSpadden wrote: Have you considered running your own DNS server locally ? I do. ;) But I don't run the network (our servers are hosted @ Rackspace), and any outbound DNS request hits the network appliance, so my own DNS doesn't help with

Re: Dealing with a bad network device affecting DNS lookups

Have you considered running your own DNS server locally ? -- Jeremy McSpadden Flux Labs | http://www.fluxlabs.net | Endless Solutions Office : 850-250-5590x501 | Cell : 850-890-2543 | Fax : 850-254-2955 On Jul 15, 2014, at 3:47 PM, "Quanah Gibson-Mount" mailto:qua...@

Dealing with a bad network device affecting DNS lookups

Hi, Apparently there is a network device somewhere on the network my production servers use that is causing very long delays with first time DNS lookups. This is having a significant impact on SA's ability to score spam, as the various RBL lookups time out, as well as Razor and Pyzor. I've a

DOJ claims CryptoLocker 100% ineffective now - was Re: Ideas sought for blocking new variant of cryptolocker

FYI http://www.crn.com/news/security/300073406/doj-cryptolocker-trojan-is-now-out-of-commission.htm?cid=nl_sec#

Re: SA and Ubuntu 14.04 LTS

Chris, Well, I don't run SA on Ubuntu, so I don't know how it is installed. I just pointed out what was looking strange to me, what direction I would dig into. Good luck, Olivier --

Re: SA and Ubuntu 14.04 LTS

On Tue, 2014-07-15 at 12:25 +0700, Olivier Nicole wrote: > Chris, > > I see something odd when the path mentions > /usr/lib/perl5/site-perl/5.10.1 and the search path for Perls modules > looks at /usr/lib/perl/5.18 > > It looks to me that you have 2 versions of Perls (5.10 and 5.18) and > that so