In the last episode (Jun 03), Cassandra Lynette Brockett said:
> I have seen many entries like this since configuring spamass-milter
> on my site (usernames and hosts addresses that count hidden) :-
>
> Jun 3 16:12:16 hotline sendmail[2444]: h53NCEH02444: from=<[EMAIL PROTECTED]>,
> size=3600, class=-60, nrcpts=1, msgid=<[EMAIL PROTECTED]>, proto=ESMTP, daemon=MTA,
> relay=mailinglist.relay.com [<mailinglist_ip>]
> Jun 3 16:12:16 hotline spamd[1366]: connection from localhost.localdomain
> [127.0.0.1] at port 4770
> Jun 3 16:12:16 hotline spamd[2446]: info: setuid to localuser succeeded
> Jun 3 16:12:19 hotline spamd[2446]: processing message <[EMAIL PROTECTED]> for
> localuser:503.
> Jun 3 16:12:22 hotline spamd[2446]: clean message (-2.0/5.0) for localuser:503 in
> 6.0 seconds, 3661 bytes.
> Jun 3 16:12:24 hotline spamd[1366]: connection from localhost.localdomain
> [127.0.0.1] at port 4773
> Jun 3 16:12:24 hotline spamd[2457]: info: setuid to localuser succeeded
> Jun 3 16:12:24 hotline spamd[2457]: processing message <[EMAIL PROTECTED]> for
> localuser:503.
> Jun 3 16:12:26 hotline spamd[2457]: clean message (-102.0/5.0) for localuser:503 in
> 1.9 seconds, 4125 bytes.
> Jun 3 16:12:26 hotline sendmail[2453]: h53NCEH02444: to=<[EMAIL PROTECTED]>,
> delay=00:00:12, xdelay=00:00:04, mailer=local, pri=139732, dsn=2.0.0, stat=Sent
>
> Yes, spamd is being run twice for each message, this is because I
> don't want spamass-milter to do anything but test the message and if
> it is higher than a certain value - reject it.
>
> On the first occassion spamd is being called (from what I can tell
> from spamass-milter via "spamc -c localuser") and on the second
> occassion it is from /etc/procmail as the running user.
>
> All of my site-wide score modifications and user-preferences are in
> both the local user_prefs file, and an sql database that is checked
> when spamd is called (I patched my spamd process to handle both when
> called with -q as the documentation suggests should happen). As far
> as I can tell the sql lookup is being done in both cases, but the
> system-wide and per-user settings are not being used in the first
> instance... The user in question has a whitelist for every email
> originating from the mailinglist in their local user_prefs file so it
> should be being tagged with -102.0. I tried running
Whitelist entries for remote addresses should work fine from a milter;
they work for me at least..
There _is_ a difference between running spamassassin from a milter and
running it from procmail, though. The milter hooks are at the message
receipt stage of sendmail processing, so you're seeing the message
exactly at the remote system sent it. Procmail sees the message after
it has been routed through sendmail, so the most obvious thing you'll
see is an extra Received: header for the local machine. Depending on
your masquerading rules, your From: and To: headers may be modified as
well. Notice that the message size is different on the "clean message"
lines.
If this particular list is only identified by its envelope FROM
address, then the first SA run will not see it at all. Sendmail adds a
"Return-path:" header to the top of each message with this info, so
your second SA run from procmail can see it. I'm thinking about adding
an option to spamass-milter that inserts the envelope header lines into
the message header during the SA check to work around this.
--
Dan Nelson
[EMAIL PROTECTED]
-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
