Hi,
I did as you suggested (I modified one of the Received headers with an ip that was in one of the RBL lists) and yes, I did get several hits. I first switched to the user "defang" which is the owner of the mimedefang process, just to make sure i imitated the production environment as much as possible. So my question is: why would these checks (they're all in the 20_dnsbl_tests.cf file) work when I run them from the commandline, but not via mimedefang ? Does anyone know of a way to debug mimedefang/spamassassin so I can see the output of each spamassassin scan ? do I need to write some code in mimedefang.pl somewhere ? is there an easier option ? regards, Tom. --------------------------------------------------------------------------- Tom Van Overbeke - ABSI Service Delivery Coordinator email: [EMAIL PROTECTED] Tel: +32 2 333 40 00 - Fax: +32 2 333 40 60 website: http://www.absi.be --------------------------------------------------------------------------- mouss <[EMAIL PROTECTED]> 21/09/2006 01:39 Please respond to mouss To: users@spamassassin.apache.org cc: Subject: Re: rbl checks from 20_dnsbl_tests.cf won't work after upgradingto 3.1.5 [EMAIL PROTECTED] wrote: > Hi, > > We have fully reinstalled one of our 2 mailrelays to solaris 10 / > mimedefang / spamassassin 3.1.5 / clamav. > > since the upgrade, i've noticed that the checks from 20_dnsbl_tests.cf > don't work anymore. > the file used is the one from version 3.1.5 (it has this line in it: > require_version 3.001005) > > when I do spamassassin --lint -D everything seems fine: > > (this is run with the defang user that also run's mimedefang): > > I'll insert the relevant lines from the --lint: > > [15859] dbg: dns: is Net::DNS::Resolver available? yes > [15859] dbg: dns: Net::DNS version: 0.58 > [15859] dbg: diag: perl platform: 5.008004 solaris > [15859] dbg: diag: module installed: Digest::SHA1, version 2.11 > [15859] dbg: diag: module installed: LWP::UserAgent, version 2.033 > [15859] dbg: diag: module installed: HTTP::Date, version 1.47 > [15859] dbg: diag: module installed: Archive::Tar, version 1.30 > [15859] dbg: diag: module installed: IO::Zlib, version 1.04 > [15859] dbg: diag: module installed: MIME::Base64, version 3.07 > [15859] dbg: diag: module installed: HTML::Parser, version 3.55 > [15859] dbg: diag: module installed: DB_File, version 1.814 > [15859] dbg: diag: module installed: Net::DNS, version 0.58 > [15859] dbg: diag: module installed: Net::SMTP, version 2.29 > [15859] dbg: diag: module not installed: Mail::SPF::Query ('require' > failed) > [15859] dbg: diag: module not installed: IP::Country::Fast ('require' > failed) > [15859] dbg: diag: module installed: Razor2::Client::Agent, version 2.82 > [15859] dbg: diag: module not installed: Net::Ident ('require' failed) > [15859] dbg: diag: module not installed: IO::Socket::INET6 ('require' > failed) > [15859] dbg: diag: module not installed: IO::Socket::SSL ('require' > failed) > [15859] dbg: diag: module installed: Time::HiRes, version 1.9 > [15859] dbg: diag: module installed: DBI, version 1.52 > [15859] dbg: diag: module installed: Getopt::Long, version 2.35 > > ... > > > [15859] dbg: config: read file > /usr/perl5/5.8.4/share/spamassassin/20_dnsbl_tests.cf > > ... > > > [15859] dbg: config: read file > /usr/perl5/5.8.4/etc/mail/spamassassin/sa-mimedefang.cf > [15859] dbg: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from > @INC > [15859] dbg: plugin: registered > Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82499a4) > [15859] dbg: dns: name server: 193.110.158.169, family: 2, ipv6: 0 > [15859] dbg: dns: testing resolver nameservers: 193.110.158.169, > 193.110.158.168 > [15859] dbg: dns: trying (3) cingular.com... > [15859] dbg: dns: looking up NS for 'cingular.com' > [15859] dbg: dns: NS lookup of cingular.com using 193.110.158.169 > succeeded => DNS available (set dns_available to over > ride) > [15859] dbg: dns: is DNS available? 1 > [15859] dbg: metadata: X-Spam-Relays-Trusted: > [15859] dbg: metadata: X-Spam-Relays-Untrusted: > [15859] dbg: metadata: X-Spam-Relays-Internal: > [15859] dbg: metadata: X-Spam-Relays-External: > [15859] dbg: message: no encoding detected > [15859] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x82499a4) > implements 'parsed_metadata' > [15859] dbg: uridnsbl: domains to query: > [15859] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set > sblxbl-lastexternal > [15859] dbg: dns: checking RBL sa-accredit.habeas.com., set > habeas-firsttrusted > [15859] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl > [15859] dbg: dns: checking RBL sa-other.bondedsender.org., set > bsp-untrusted > [15859] dbg: dns: checking RBL combined.njabl.org., set njabl-lastexternal > [15859] dbg: dns: checking RBL combined.njabl.org., set njabl > [15859] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., > set whois > [15859] dbg: dns: checking RBL list.dsbl.org., set dsbl-lastexternal > [15859] dbg: dns: checking RBL bl.spamcop.net., set spamcop > [15859] dbg: dns: checking RBL sa-trusted.bondedsender.org., set > bsp-firsttrusted > [15859] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., > set whois-lastexternal > [15859] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs-lastexternal > [15859] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs > [15859] dbg: dns: checking RBL iadb.isipp.com., set iadb-firsttrusted > [15859] dbg: check: running tests for priority: 0 > [15859] dbg: rules: running header regexp tests; score so far=0 > [15859] dbg: rules: ran header rule __HAS_MSGID ======> got hit: "<" > > > in /etc/mail/mimedefang-filter i've got > $SALocalTestsOnly = 0; > en in /usr/perl5/5.8.4/etc/mail/spamassassin/sa-mimedefang.cf i've got: > > skip_rbl_checks 0 > > > actually, this is as far as i can tell exactly the same setup as on our > other mailrelay, but on the other one, i see lots of hits like SPAMCOP and > RCVD_IN_XBLand the like, but not one such entry in the new setup. > > How can I debug this further ? the server has the same ip address and > network config as before the upgrade... > Can I run a manual test of this .cf file to see what it does ? if so, how > ? > "build" a message with Received headers that contain hops listed in some rbls, and do # spamassassin -D -t < message.eml 2>&1 |more
