Greg Earle wrote:
> (I'm still using 2.63 on my production mail server, btw. Please don't
> shoot
> me.)
I'll avoid shooting you, but I will warn you that you have a DoS vulnerability.
2.64 and higher are immune to this particular DoS.
3.0.1-3.0.3 are also subject to a separate DoS that's fixed in 3.0.4. 3.0.0 and
earlier (including 2.64) aren't subject to this one.
Upgrade to 3.0.4 if you can, or at least upgrade to 2.64.
Doing 2.64 should be easy, the requirements for perl modules and config options
are all the same. The only hangup doing 2.64 is you'll need remove the
spamcop_uri.cf to re-install Mail::SpamcopURI after the upgrade (SpamcopURI is
technically a patch and gets overwritten in the upgrade. Also if the .cf file
remains, make test will blow up as baseline 2.64 doesn't understand those
commands)
3.0.4 has some config option and requirement changes, but would be very
worthwhile if you can spare the effort.
>
> Why do I only get one SPAMCOP_URI_RBL_* hit when it's fed to "spamd"
> as it comes in, yet I get 5 of them when I run it manually?
Time. Unless both tests happen simultaneously, or within a very short time of
each other, it's easy for the URIBL to "catch up" and add more listings.
Compare running the message through spamc and spamassassin one right after the
other. You should get the same uribl hits.
$spamassassin < spam
$spamc < spam
Why is
> "autolearn=no" set when "spamd" gets it, but "autolearn=spam" is set
> when "spamassassin" gets it?
The first factor is score differences, as above.
The second factor is 99.99% of the time with results like this you are using
different users for the test. Spamassassin stores it's bayes database in the
user's home directory by default. However, this is the user EXECUTING
spamassassin. It is not necessarily the recipient of the message.
Very often spamc gets called as root when mail arrives, and spamd will scan the
mail as "nobody" to avoid scanning mail as root. It will pick a bayes DB and
user_prefs out of nobody's home directory.
However, when you run spamassassin, it will use the current user. Even if it is
root.
> Do "body" matches not work on HTML in 2.63?
As someone else pointed out, html tags are stripped from the body before "body"
rules run. Use rawbody instead.
see the manpage entry for "body" and "rawbody" in man Mail::SpamAssassin::Conf
for details on what things are done to the message to create the "body" and
"rawbody" text.
