On Mon, 2010-08-09 at 17:16 +0200, Andreas Dunkl wrote:
> Box-A: Running Ubuntu 10.04, Spamassassin 3.3.1 compiled from source.
> SA is configured to accept remote connections from specified IP´s, which
> works perfectly. No special Setup yet, no external rules, no nothing.
>
> Box-B: Running a Commercial Product with some-kind-of SA integrated
> (MDaemon), and the Option to configure an external SA.
>
> When setting up Box-A as external spamd on Box-B, the following occurs:
> (I just dumped the Traffic via ngrep to see what happens, IP/Hostnames
> wiped out for Privacy Reasons)
>
> T B.B.B.B:1751 -> A.A.A.A:783 [AP]
> REPORT SPAMC/1.3..Content-length: 2172....
Protocol version 1.3? This appears to be a really old spamc, AFAIK
pre-dating SA 3.2.0.
> The interesting Part is the Answer of spamd:
>
> T A.A.A.A:783 -> B.B.B.B:1751 [AP]
> SPAMD/1.1 0 EX_OK..
>
> T A.A.A.A:783 -> B.B.B.B:1751 [AFP]
> Content-length: 693..Spam: False ; 0.8 / 6.5....Spam detection
REPORT -- Check if message is spam or not, and return score plus report
> Just for Fun, i configured another box (Box-C) (which is in Production
> for months) as an external spamd for Box-B, which gives me the same
> curios results as above.
Sure. The behavior you see is caused by the command spamc issues, not
affected by the spamd server.
> Using another spamc (The one running on Box-C), the answers are as
> expected (report_safe 1) Notice PROCESS instead of REPORT, also the
> Protocolversions are diferent:
>
> T C.C.C.C:37088 -> A.A.A.A:783 [AP]
> PROCESS SPAMC/1.5..User: someu...@tld.invalid..content-length:
> 1189....
PROCESS -- Process this message as described above and return modified
message
> Results in:
>
> T B.B.B.B:783 -> C.C.C.C:37088 [AP]
> SPAMD/1.1 0 EX_OK..Content-length: 1362..Spam: False ; -1.9 /
> 6.5....X-Spam-Level: .X-Spam-Status: No, score=-1.9 require
> d=6.5 tests=BAYES_00,TVD_SPACE_RATIO..autolearn=no
> version=3.3.1.X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16).
The original message, with the X-Spam headers added.
> Am i doing something completely wrong here? Just wondering.
That commercial application running on box B uses different options with
spamc. If it adds the returned string as headers, it is broken.
See man spamc. Command line options resulting in the observed behavior
can directly be given when calling spamc, or in a special spamc.conf
file in your site configuration dir.
If the application doesn't actually call spamc, it is just plain broken
and you want to take t up with the support of the commercial product.
The spamd/PROTOCOL file in the sources might be interesting, too.
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
