SV: Local State Dir - /var/lib/spamassassin - SARE rules no hits
Daniel Flensburg
Daniel.Flensburg at iris.se
Mon Nov 24 13:19:39 GMT 2008
I check with MailWatch, either in MessageDetail on the specific message or Reports > "SA Rule Hits" for a complete list of the rule hits:
Rule - Description - Total - Ham - % - Spam - %
The SARE-rules are in /var/lib/spamassassin/3.001004/saupdates_openprotect_com
and, as a test I ran another sa-update script that put each ruleset in a subfolder of /var/lib/spamassassin/3.001004
/var/lib/spamassassin/3.001004 look like this:
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_adult_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 98 2008-11-17 11:09 70_sare_adult_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_bayes_poison_nxm_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 109 2008-11-17 11:09 70_sare_bayes_poison_nxm_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_evilnum0_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 101 2008-11-17 11:09 70_sare_evilnum0_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_genlsubj0_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 102 2008-11-17 11:09 70_sare_genlsubj0_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_genlsubj1_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 102 2008-11-17 11:09 70_sare_genlsubj1_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_genlsubj2_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 102 2008-11-17 11:09 70_sare_genlsubj2_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_header_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 99 2008-11-17 11:09 70_sare_header_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_html_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 97 2008-11-17 11:09 70_sare_html_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_obfu_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 97 2008-11-17 11:09 70_sare_obfu_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_oem_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 96 2008-11-17 11:09 70_sare_oem_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_random_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 99 2008-11-17 11:09 70_sare_random_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_specific_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 101 2008-11-17 11:09 70_sare_specific_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_spoof_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 98 2008-11-17 11:09 70_sare_spoof_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_stocks_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 99 2008-11-17 11:09 70_sare_stocks_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_unsub_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 98 2008-11-17 11:09 70_sare_unsub_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_uri0_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 97 2008-11-17 11:09 70_sare_uri0_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_uri1_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 97 2008-11-17 11:09 70_sare_uri1_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_uri2_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 97 2008-11-17 11:09 70_sare_uri2_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:09 70_sare_whitelist_rcvd_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 107 2008-11-17 11:09 70_sare_whitelist_rcvd_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:10 70_sare_whitelist_spf_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 106 2008-11-17 11:10 70_sare_whitelist_spf_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:10 72_sare_bml_post25x_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 104 2008-11-17 11:10 72_sare_bml_post25x_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:10 72_sare_redirect_post3_0_0_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 111 2008-11-17 11:10 72_sare_redirect_post3_0_0_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:10 99_fvgt_tripwire_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 101 2008-11-17 11:10 99_fvgt_tripwire_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-11-17 11:10 99_sare_fraud_post25x_cf_sare_sa-update_dostech_net
-rw-r--r-- 1 postfix postfix 106 2008-11-17 11:10 99_sare_fraud_post25x_cf_sare_sa-update_dostech_net.cf
drwxr-xr-x 2 postfix postfix 1024 2008-10-07 08:45 saupdates_openprotect_com
-rw-r--r-- 1 postfix postfix 1695 2008-10-07 08:45 saupdates_openprotect_com.cf
-rw-r--r-- 1 postfix postfix 50 2008-10-07 08:45 saupdates_openprotect_com.pre
drwxr-xr-x 2 postfix postfix 1024 2008-11-20 12:58 sought_rules_yerp_org
-rw-r--r-- 1 postfix postfix 119 2008-11-20 12:58 sought_rules_yerp_org.cf
-rw-r--r-- 1 postfix postfix 1335 2008-10-15 14:52 sought.txt
drwxr-xr-x 2 postfix postfix 2048 2008-10-06 15:20 updates_spamassassin_org
-rw-r--r-- 1 postfix postfix 2200 2008-10-06 15:20 updates_spamassassin_org.cf
-rw-r--r-- 1 postfix postfix 43 2008-10-06 15:20 updates_spamassassin_org.pre
The owner of the files used to be root:root but I changed this recently for testing purposes.
/Daniel
-----Ursprungligt meddelande-----
Från: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] För Martin Hepworth
Skickat: den 24 november 2008 14:01
Till: MailScanner discussion
Ämne: Re: Local State Dir - /var/lib/spamassassin - SARE rules no hits
2008/11/24 Daniel Flensburg <Daniel.Flensburg at iris.se>:
> Thanks for the reply Jason!
>
> But...
>
> spamassassin -D --lint -p /opt/MailScanner/etc/spam.assassin.prefs.conf
>
> gives me the impression the SARE-rules are working, but still no SARE-hits, why?:
>
>
> [...]
> [5284] dbg: config: read file /etc/spamassassin/init.pre
> [5284] dbg: config: read file /etc/spamassassin/v310.pre
> [5284] dbg: config: read file /etc/spamassassin/v312.pre
> [5284] dbg: config: using "/var/lib/spamassassin/3.001004" for sys rules pre files
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/saupdates_openprotect_com.pre
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/updates_spamassassin_org.pre
> [5284] dbg: config: using "/var/lib/spamassassin/3.001004" for default rules dir
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_adult_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_bayes_poison_nxm_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_evilnum0_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_genlsubj0_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_genlsubj1_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_genlsubj2_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_header_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_html_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_obfu_cf_sare_sa-update_dostech_net.cf
> [5284] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_oem_cf_sare_sa-update_dostech_net.cf
> [...]
>
> ...and:
>
> [...]
> [5547] dbg: plugin: fixed relative path: /var/lib/spamassassin/3.001004/updates_spamassassin_org/empty.pre
> [5547] dbg: config: using "/var/lib/spamassassin/3.001004/updates_spamassassin_org/empty.pre" for included file
> [5547] dbg: plugin: fixed relative path: /var/lib/spamassassin/3.001004/70_sare_adult_cf_sare_sa-update_dostech_net/200705210700.cf
> [5547] dbg: config: using "/var/lib/spamassassin/3.001004/70_sare_adult_cf_sare_sa-update_dostech_net/200705210700.cf" for included file
> [5547] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_adult_cf_sare_sa-update_dostech_net/200705210700.cf
> [5547] dbg: plugin: fixed relative path: /var/lib/spamassassin/3.001004/70_sare_bayes_poison_nxm_cf_sare_sa-update_dostech_net/200506020000.cf
> [5547] dbg: config: using "/var/lib/spamassassin/3.001004/70_sare_bayes_poison_nxm_cf_sare_sa-update_dostech_net/200506020000.cf" for included file
> [5547] dbg: config: read file /var/lib/spamassassin/3.001004/70_sare_bayes_poison_nxm_cf_sare_sa-update_dostech_net/200506020000.cf
> [...]
>
> /Daniel
>
> -----Ursprungligt meddelande-----
> Från: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] För Jason Ede
> Skickat: den 24 november 2008 12:37
> Till: MailScanner discussion
> Ämne: RE: Local State Dir - /var/lib/spamassassin - SARE rules no hits
>
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
>> bounces at lists.mailscanner.info] On Behalf Of Daniel Flensburg
>> Sent: 24 November 2008 10:56
>> To: MailScanner discussion
>> Subject: SV: Local State Dir - /var/lib/spamassassin - SARE rules no
>> hits
>>
>> Hi Kai!
>>
>> Sorry about the reply button, I think you are right.
>>
>> I tried the setting below and restarted the server. I cannot see any
>> SARE hits yet.
>> I'm pretty sure it's not working. (tried to send text that another
>> working server get SARE hits on outgoing tests, no hits on "my"side)
>>
>> What is the best way to test if rules in /var/lib/spamassassin are
>> working correctly?
>>
>> Why does the two commands below give different results?
>>
>> spamassassin -D --lint
>
> Try spamassassin -D --lint -p /<path to spam.assassin.prefs.conf file in MS directory>
>
> On my system its spamassassin -D --lint -p /etc/MailScanner/spam.assassin.prefs.conf
>
> Jason
>
>>
>> /opt/MailScanner/bin/MailScanner --debug --debug-sa
>>
>> Regards,
>>
>> /Daniel
>>
>> -----Ursprungligt meddelande-----
>> Från: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
>> bounces at lists.mailscanner.info] För Kai Schaetzl
>> Skickat: den 23 november 2008 15:31
>> Till: mailscanner at lists.mailscanner.info
>> Ämne: Re: Local State Dir - /var/lib/spamassassin - SARE rules no hits
>>
>> Daniel Flensburg wrote on Fri, 21 Nov 2008 16:10:48 +0100:
>>
>> > You have no idea what you did?
>>
>> I found this snippet:
>> http://lists.mailscanner.info/pipermail/mailscanner/2008-
>> April/083684.html
>>
>> so
>>
>> SpamAssassin Local State Dir = /var/lib/spamassassin
>>
>> should work for you. Double-check that and don't forget to restart
>> MailScanner.
>>
>> Btw, I just notice that your start message doesn't thread correctly.
>> Please, if you send a question to a mailing list, do *not* hit reply,
>> the
>> "new message" button is for that!
>>
>> Kai
>>
>> --
>> Kai Schätzl, Berlin, Germany
>> Get your web at Conactive Internet Services: http://www.conactive.com
>>
>>
>>
>
Daniel
How are you checking for hits against the SARE set and where abouts
are they installed to?
--
Martin Hepworth
Oxford, UK
--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner
Before posting, read http://wiki.mailscanner.info/posting
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list