Are ezmlm messages scanned for virus and spam?

holck

322
+1/-0

Are ezmlm messages scanned for virus and spam?

« on: December 30, 2006, 10:44:53 AM »

I have successfully upgraded from version 6.01 to version 7.0, and also managed to get ezmlm working as before. But I am a bit worried that messages to the ezmlm lists are not scanned for virus and span. On version 6.01 I added a line to the "editor" file for each list to pipe the messages through a virus scanner (I used odeiavir). But I'm not sure how this works under version 7 and with qpsmtpd. Any suggestions?

Happy new year to everybody, thank you for all the work that has been put into this.

Logged

......

cactus

4,880
+3/-0

Re: Are ezmlm messages scanned for virus and spam?

« Reply #1 on: December 30, 2006, 01:19:05 PM »

Quote from: "holck"

I have successfully upgraded from version 6.01 to version 7.0, and also managed to get ezmlm working as before. But I am a bit worried that messages to the ezmlm lists are not scanned for virus and span. On version 6.01 I added a line to the "editor" file for each list to pipe the messages through a virus scanner (I used odeiavir). But I'm not sure how this works under version 7 and with qpsmtpd. Any suggestions?

I don't know but you can off course send a test message and see if it has the tags X-Spam-Status and X-Spam-Check-By. If they are not there there has certainly been no check, if they are there the latter will tell you if the spam check was done by your server.

Logged

Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)

holck

322
+1/-0

Are ezmlm messages scanned for virus and spam?

« Reply #2 on: December 30, 2006, 06:13:40 PM »

Good idea, thank you!

I checked this, and it seemed the messages are indeed checked by my server, at least for spam - the header shows the following lines

Code: [Select]

X-SoftScan-Status: clean (virus: 1/1/1/1, spam: 1, paranoid: 1/1)
X-Secure-TLS: Yes, message received through TLS by some.machine.xx (AES256-SHA)
X-Cloudmark-Score: 0.000000 []
X-Spam-Status: No, hits=0.0 required=5.0	tests=
X-Spam-Check-By: my.server.xx
X-pstn-levels: (S:24.80035/99.90000 P:95.9108 )
X-pstn-settings: 3 (1.0000:1.0000) s gt3 gt2 gt1 p
X-pstn-addresses: from <mailad@myserver.xx> [567/24]

But the number seemed a little odd, so I checked the spamd log - it contains these lines

Code: [Select]

2006-12-29 20:11:08.466646500 [6530] info: spamd: connection from localhost [127.0.0.1] at port 45448
2006-12-29 20:11:08.491648500 [6530] info: spamd: checking message <4595684A.1060408@myserver.xx> for qpsmtpd:1005
2006-12-29 20:11:11.311352500 [6530] warn: pyzor: check failed: internal error
2006-12-29 20:11:11.374351500 [6530] info: spamd: clean message (0.0/5.0) for qpsmtpd:1005 in 2.9 seconds, 595 bytes.
2006-12-29 20:11:11.374363500 [6530] info: spamd: result: . 0 - scantime=2.9,size=595,user=qpsmtpd,uid=1005,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=45448,mid=<4595684A.1060408@myserver.xx>,autolearn=disabled
2006-12-29 20:11:11.578851500 [6373] info: prefork: child states: II

The line with "check failed: internal error" seems a little worrying?

Logged

......

cactus

4,880
+3/-0

Are ezmlm messages scanned for virus and spam?

« Reply #3 on: December 30, 2006, 06:27:10 PM »

Quote from: "holck"

X-Spam-Status: No, hits=0.0 required=5.0 tests=
X-Spam-Check-By: my.server.xx[/code]

Your server does indeed seems to check your e-mail message.... however it has not performed any tests what so ever as they should be listed after the tests= item.

Quote from: "holck"

But the number seemed a little odd, so I checked the spamd log - it contains these lines
Code: [Select]
2006-12-29 20:11:08.466646500 [6530] info: spamd: connection from localhost [127.0.0.1] at port 45448 2006-12-29 20:11:08.491648500 [6530] info: spamd: checking message <4595684A.1060408@myserver.xx> for qpsmtpd:1005 2006-12-29 20:11:11.311352500 [6530] warn: pyzor: check failed: internal error 2006-12-29 20:11:11.374351500 [6530] info: spamd: clean message (0.0/5.0) for qpsmtpd:1005 in 2.9 seconds, 595 bytes. 2006-12-29 20:11:11.374363500 [6530] info: spamd: result: . 0 - scantime=2.9,size=595,user=qpsmtpd,uid=1005,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=45448,mid=<4595684A.1060408@myserver.xx>,autolearn=disabled
The line with "check failed: internal error" seems a little worrying?

Unfortunately I can not give more information about this error... but I think it is strange to give a message such a low score when an internal error occurs. Might be something for the bugtracker. Can you reproduce the error?

Quote from: "holck"

Code: [Select]
2006-12-29 20:11:11.374363500 [6530] info: spamd: result: . 0 - scantime=2.9,size=595,user=qpsmtpd,uid=1005,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=45448,mid=<4595684A.1060408@myserver.xx>,autolearn=disabled 2006-12-29 20:11:11.578851500 [6373] info: prefork: child states: II

... although it seems to me that the last line you posted is another process running (6373 instead of 6530). Did the spamassassin daemon crash? Are there any messages in the messages log file?

Logged

Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)