On Thu, Jun 15 2017, David Jones wrote: > On 06/15/2017 06:42 PM, Gerald Turner wrote: >> What could be the cause? >> >> - Cruft left behind by old SA versions >> (e.g. /etc/spamassassin/v310.pre, /var/lib/spamassassin/3.003001, >> etc.)? > > Make sure you remove all old rule dirs like that > one. /var/lib/spamassassin should only have your new 3.004001 > directory.
Interesting. I had these files in /var/lib/spamassassin:
# ls -l
drwxr-xr-x 3 debian-spamd debian-spamd 4096 May 5 2013 3.003001
drwxr-xr-x 3 debian-spamd debian-spamd 4096 Apr 23 2015 3.003002
drwxr-xr-x 3 debian-spamd debian-spamd 4096 Jun 11 07:09 3.004000
drwxr-xr-x 3 debian-spamd debian-spamd 4096 Jun 15 06:47 3.004001
drwxr-xr-x 6 debian-spamd debian-spamd 4096 Jun 11 13:25 compiled
drwx------ 3 debian-spamd debian-spamd 4096 Jun 11 13:55 sa-update-keys
# ls -l compiled
drwxr-xr-x 3 debian-spamd debian-spamd 4096 Sep 3 2010 5.010
drwxr-xr-x 3 debian-spamd debian-spamd 4096 May 5 2013 5.014
drwxr-xr-x 3 debian-spamd debian-spamd 4096 Apr 26 2015 5.020
drwxr-xr-x 3 debian-spamd debian-spamd 4096 Jun 11 13:25 5.024
I removed *all* of these directories except for sa-update-keys, then
re-ran sa-update and sa-compile, resulting in much cleaner
/var/lib/spamassassin directory:
# ls -l
drwxr-xr-x 3 debian-spamd debian-spamd 4096 Jun 15 17:54 3.004001
drwxr-xr-x 3 debian-spamd debian-spamd 4096 Jun 15 17:55 compiled
drwx------ 3 debian-spamd debian-spamd 4096 Jun 11 13:55 sa-update-keys
# ls -l compiled
drwxrwxr-x 3 debian-spamd debian-spamd 4096 Jun 15 17:55 5.024
>> - Is there a bug with the project's sa-update channel / auto-
>> mass-check setup?
>>
> I hope not. I have spent dozens and dozens of hours getting the
> masscheck processing running again on a new server. It seems to be
> working fine to me. We tested for a couple of weeks before going live
> with sa-update updates recently.
I hope not either. Apologies for insinuating updates are bugged. Your
work on SA is much appreciated, thanks! :)
>> Any ideas?
>>
> 1. Clean up any old versions of rules in /var/lib/spamassassin.
> 2. Make sure that spamd is restarted to pickup the rule changes
> 3. Run this to find any issues:
>
> spamassassin -D --lint 2>&1 | grep -Ei '(failed|undefined dependency|score
> set for non-existent rule)'
This resulted in:
Jun 15 17:56:03.036 [12601] dbg: diag: [...] module not installed:
Digest::SHA1 ('require' failed)
Jun 15 17:56:03.036 [12601] dbg: diag: [...] module not installed: Geo::IP
('require' failed)
Jun 15 17:56:03.036 [12601] dbg: diag: [...] module not installed:
Net::CIDR::Lite ('require' failed)
Jun 15 17:56:03.037 [12601] dbg: diag: [...] module not installed:
Encode::Detect::Detector ('require' failed)
Jun 15 17:56:03.037 [12601] dbg: diag: [...] module not installed:
Net::Patricia ('require' failed)
Jun 15 17:56:03.945 [12601] dbg: config: warning: score set for non-existent
rule FILL_THIS_FORM_FRAUD_PHISH
Jun 15 17:56:03.945 [12601] dbg: config: warning: score set for non-existent
rule RCVD_IN_SORBS_SPAM
Jun 15 17:56:03.946 [12601] dbg: config: warning: score set for non-existent
rule URI_OBFU_WWW
Much of these Perl modules are packaged as Recommends/Suggests metadata
to the Debian spamassassin package. Installed all of them except for
for Digest::SHA1 - I believe there must have been a historical change
from Digest::SHA1 to Digest::SHA, and SA has compatibility to load
either - at least that's my understanding after poking around SA's
source a bit.
[INSTALL, DEPENDENCIES] libdigest-sha-perl:amd64 5.96-1+b1
[INSTALL, DEPENDENCIES] libencode-detect-perl:amd64 1.01-4+b3
[INSTALL, DEPENDENCIES] libgeo-ip-perl:amd64 1.50-1+b1
[INSTALL, DEPENDENCIES] libnet-patricia-perl:amd64 1.22-1+b3
[INSTALL, DEPENDENCIES] libnet-cidr-lite-perl:amd64 0.21-1
Sadly, after this long overdue pass at SA cleanup, I still have the zero
score warnings:
spamd[12588]: rules: meta test __MONEY_FRAUD_8 has dependency 'LOTTO_AGENT'
with a zero score
spamd[12588]: rules: meta test __ADVANCE_FEE_2_NEW has dependency
'LOTTO_AGENT' with a zero score
spamd[12588]: rules: meta test FREEMAIL_FORGED_FROMDOMAIN has dependency
'HEADER_FROM_DIFFERENT_DOMAINS' with a zero score
spamd[12588]: rules: meta test __ADVANCE_FEE_5_NEW has dependency
'LOTTO_AGENT' with a zero score
spamd[12588]: rules: meta test __FORM_FRAUD has dependency 'LOTTO_AGENT' with
a zero score
spamd[12588]: rules: meta test __ADVANCE_FEE_3_NEW has dependency
'LOTTO_AGENT' with a zero score
spamd[12588]: rules: meta test __MONEY_FRAUD_5 has dependency 'LOTTO_AGENT'
with a zero score
spamd[12588]: rules: meta test __FORM_FRAUD_3 has dependency 'LOTTO_AGENT'
with a zero score
spamd[12588]: rules: meta test __FORM_FRAUD_5 has dependency 'LOTTO_AGENT'
with a zero score
spamd[12588]: rules: meta test __ADVANCE_FEE_4_NEW has dependency
'LOTTO_AGENT' with a zero score
spamd[12588]: rules: meta test __MONEY_FRAUD_3 has dependency 'LOTTO_AGENT'
with a zero score
--
Gerald Turner <gtur...@unzane.com> Encrypted mail preferred!
OpenPGP: 4096R / CA89 B27A 30FA 66C5 1B80 3858 EC94 2276 FDB8 716D
signature.asc
Description: PGP signature
