[SAtalk] Funny false positive

Sat, 19 Oct 2002 10:33:25 -0700 

>From the qpopper mailing list. SA 2.41 thinks it's porn. I can see the
all-caps "unlimited", but I don't see the porn phrases.
SPAM: -------------------- Start SpamAssassin results ----------------------
SPAM: This mail is probably spam.  The original message has been altered
SPAM: so you can recognise or block similar unwanted mail in future.
SPAM: See http://spamassassin.org/tag/ for more details.
SPAM: 
SPAM: Content analysis details:   (8.10 hits, 5 required)
SPAM: UNLIMITED          (3.8 points)  BODY: Unlimited in caps
SPAM: HOT_NASTY          (1.9 points)  BODY: Possible porn - Hot, Nasty, Wild, Young
SPAM: LARGE_COLLECTION   (1.8 points)  BODY: Possible porn - Large Number of movies, 
pics
SPAM: SPAM_PHRASE_00_01  (0.6 points)  BODY: Spam phrases score is 00 to 01 (low)
SPAM: 
SPAM: -------------------- End of SpamAssassin results ---------------------

Suddenly got a new development on one of my qpopper servers, have 5 machines, all 
running RH 7.0 with Qpopper 4.03, 4 of them are still fine, the 5th machine now has a 
"hanging" problem.  

Symptoms appear to be that ever 3-4 hours the machine gets an error in the logs that 
looks like the following:

Oct 18 08:02:16 qpop5 popper[27438]: I/O error flushing output to client eagleloc at 
xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx]: Operation not permitted (1) [pop_send.c:689] 

Then multiple entries in the log that are like:
Oct 18 09:52:37 ns5 popper[13502]: (null) at xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx): -ERR 
POP EOF or I/O Error [popper.c:820]

Once this starts, the only way to get qpopper back to running to restart xinetd.  If 
you telnet to port 110 during this period you successfully connect but never get the 
initial ok message.

I have recompiled and re-installed the binary, rebooted the server, checked the file 
systems, checked memory and disk space, anyone have any ideas?

Yesterday I upgraded the Daemon to 4.04, but that didn't have any effect, I am running 
the Daemon in server mode via xinetd.  Thanks in advance!

/etc/xinetd.d/pop3 entry as follows:

service pop3
{
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        instances       = UNLIMITED
        server          = /usr/local/sbin/popper
        server_args     = popper -S -s -T 30 -c -R -C
        port            = 110
}

Reply via email to