On Fri, Oct 11, 2002 at 04:21:39PM -0500, Mitchell Leben wrote: > In my procmail log I am seeing that the -P option is being removed: > I see in the man file that: > -P, --pipe Deliver to STDOUT (now default) > so I guess the -P is redundant.
Yeah, -P used to not be the default, but we changed it for 2.4. Now it just spits a warning message out that the option is defunct. > So SA is checking those catalogues on remote servers for each message it > scans? I want to get a handle on the bandwidth this requires, since I am > on a fairly slow connection. You can check if you run SA with a -D... If DNS is available via SA, then yes. If DNS isn't available, then no. :) > Just a general discussion of the way SA functions, and the reasoning > behind it. I'd like walk through of what happens when a message comes in. > The blacklist functions for example are not well documented. I wish I > could just read the source code and get my answers, but I aren't smart > enough. Ah, I'm sure the list can answer this for you, but I don't think there's a document out there (yet?) that explains this type of stuff in more than a short-short version. Here's a a little more than short-short: The message comes in and is passed to SA via STDIN. It then takes the message and runs it through various types of tests (body, header, rawbody, uri, whitelist, blacklist, awl, etc) in order. Most rules are some form of regular expression check, some are more involved (eval tests). Each rule has a score which is added to the message total if a rule hits. At the end, if the score is > the required number, it's spam and the message is rewritten as configured. If the score is < the required number, then the X-Spam-Status header is added. Either way, SA then returns the message to STDOUT. -- Randomly Generated Tagline: "Running Linux 1.2 Because a 486 is a terrible thing to waste." - Unknown
msg09073/pgp00000.pgp
Description: PGP signature
