SpamD Package Needs Testers
-
For kicks, add another ip to the alias. Does the problem go away?
-
For kicks, add another ip to the alias. Does the problem go away?
Afraid not:
===
php: : There were error(s) loading the rules: no IP address found for SBS /tmp/rules.debug:44: could not parse host specification pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [44]: rdr pass on re1 proto tcp from <spamd-white>to port smtp -> {SBS} port smtpSBS = "{ 192.168.10.10 192.168.10.101 }"
===</spamd-white>
-
-
Actually I am not too sure the {} business is correct. Try changing your alias to $aliasname. $SBS
-
Actually I am not too sure the {} business is correct. Try changing your alias to $aliasname. $SBS
That fixed it :-)
Need to change the instructions on the settings page and it's all done!
Thanks for that!
-
New changes on their way. Reinstall in about 5 minutes.
-
Make that another 5, found a small other problem and bounced the version.
-
I have turned on greylisting of connections and tested it from a few clients using Telnet to port 25 on cmd.exe (from Windows).
From each client it looks like they connection is being treated as blacklisted (blacklisted connections stutter for the entire conversation rtather than the first 109 that greylisted connections do).
I have also followed the rules and connected (through telnet again to port 25) and then waited for the default 25 minutes before connecting again. I understand that in this case the connecting IP should be whitelisted but it's not, it continues to be chatted to like it's a blacklisted connection (stutter the whole way through the conversation).
The settings tab has been left at it's default settings with the exception of the NextMTA and greylisting.
Any suggestions?
-
Yeah, /var/db/spamd is not being created. I am researching it. Gotta run for the evening but will look into it tomorrow. If someone beats me to the solution, please post it!
-
The /var/db/spamd problem has been resolved. After 5 minutes from this posting reinstall the package and please test.
-
i today test long time spamd and we long time not received any mail, any mail conn no accepted..
after spamd removed. (sorry log cleared, test prev. 4-5hours)i think smtp connection no expired added after graylist or tracking..
-
The /var/db/spamd problem has been resolved. After 5 minutes from this posting reinstall the package and please test.
Seems to be working so far - will have to wait the obligatory 25 minutes to see if the greys move to the white. However non-blacklisted server are now only being stuttered for 10 second and they are appearing in the SpamD Database tab as grey.
Will update you. Fingers crossed.
-
i today test long time spamd and we long time not received any mail, any mail conn no accepted..
after spamd removed. (sorry log cleared, test prev. 4-5hours)i think smtp connection no expired added after graylist or tracking..
Prior to the release of just an hour or so ago it didn't work. Reinstall the package and greylist tracking should be working.
-
Then you are not running the latest version as i just commited fixes an hour ago. You have not been loved long time. Reinstall and long time test again.
-
The /var/db/spamd problem has been resolved. After 5 minutes from this posting reinstall the package and please test.
Seems to be working so far - will have to wait the obligatory 25 minutes to see if the greys move to the white. However non-blacklisted server are now only being stuttered for 10 second and they are appearing in the SpamD Database tab as grey.
Will update you. Fingers crossed.
Good deal. Thank you for your clear and detailed reports.
-
i today test long time spamd and we long time not received any mail, any mail conn no accepted..
after spamd removed. (sorry log cleared, test prev. 4-5hours)i think smtp connection no expired added after graylist or tracking..
long time = 5hour and i use 1.2-RELEASE built on Sun Feb 24 17:04:58 EST 2008, sorry, fair enough.
-
I think you are not reading us correctly. The fix was commited ONE hour ago. So your 5 hour test did NOT include the fix.
-
The /var/db/spamd problem has been resolved. After 5 minutes from this posting reinstall the package and please test.
Seems to be working so far - will have to wait the obligatory 25 minutes to see if the greys move to the white. However non-blacklisted server are now only being stuttered for 10 second and they are appearing in the SpamD Database tab as grey.
Will update you. Fingers crossed.
Good deal. Thank you for your clear and detailed reports.
Greys are moving to Whites and Black's are being blocked … excellent work. Fantastic!
The SpamD Database tab is a bit messy and the headers don't correspond with the columns (for example the Attempts column has entries such as 1208560605 in it and what I assume is the real Attempts column has no header and values such as 0 and 1 in it). This doesn't affect the package itself but I thought I would point it out as nothing else is broken :-)
Again, good work.
-
No problem-o. I need to get my mail account setup shortly and forwarding to do some more tests. I am definitely not done fixing / improving the package.
Thanks for testing!
-
I've been composing this message for several hours while fighting fires around here. Please forgive me if you've fixed some of these things since I started.
Bugs found so far:
Once I added a few traplist entries I noticed that on the SpamD Database tab, the icons for blacklist and spamtrap are not displaying.
spamd.conf:
the symlink needs to be in /usr/local/etc/spamd/ rather than /usr/local/etc.The SpamD External Sources tab adds entries similar to :
test:
:black:
:msg="you are rejected":
:method=http:
:http:
:file=www.openbsd.org/spamd/traplist.gz:The documentation does not show the :http: entry. My edits last night were geared toward removing the ":http:" lines.
Wierd, today I'm not getting the warning message when I start "/usr/local/libexec/spamd -d -v" manually even with those lines.
The all entry seems to be not generating correctly. This is what is generated:
all:
:whitelist:blacklist:nixspam:uatraps:test:This is what should be generated, assuming you want "blacklist" to override "whitelist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklistIf you want "whitelist" to override the "blacklist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklist:whitelistI would prefer to rename "whitelist" to something like "local-overrides" or "local-whitelist", and "blacklist" to "local-blacklist", just to avoid confusion when discussing having whitelist "whitelist" override entries in blacklist "blacklist". Probably not terribly important in the grand scheme of things.
-
I've been composing this message for several hours while fighting fires around here. Please forgive me if you've fixed some of these things since I started.
Bugs found so far:
Once I added a few traplist entries I noticed that on the SpamD Database tab, the icons for blacklist and spamtrap are not displaying.
spamd.conf:
the symlink needs to be in /usr/local/etc/spamd/ rather than /usr/local/etc.The SpamD External Sources tab adds entries similar to :
test:
:black:
:msg="you are rejected":
:method=http:
:http:
:file=www.openbsd.org/spamd/traplist.gz:The documentation does not show the :http: entry. My edits last night were geared toward removing the ":http:" lines.
Wierd, today I'm not getting the warning message when I start "/usr/local/libexec/spamd -d -v" manually even with those lines.
The all entry seems to be not generating correctly. This is what is generated:
all:
:whitelist:blacklist:nixspam:uatraps:test:This is what should be generated, assuming you want "blacklist" to override "whitelist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklistIf you want "whitelist" to override the "blacklist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklist:whitelistI would prefer to rename "whitelist" to something like "local-overrides" or "local-whitelist", and "blacklist" to "local-blacklist", just to avoid confusion when discussing having whitelist "whitelist" override entries in blacklist "blacklist". Probably not terribly important in the grand scheme of things.
As far as I know every one of these are fixed. Please reinstall and test again and report back further issues.
-
I have reinstalled the package: spamd Services 4.3.5
Once I added a few traplist entries I noticed that on the SpamD Database tab, the icons for blacklist and spamtrap are not displaying.
I still don't have icons for blacklist and spamtrap. I get missing image markers in Safari and the words "blacklist" and "spamtrap" in Firefox, both on OS X 10.5.2. Maybe you just don't have icons generated for them.
Also missing are the helo/ehlo and datestamp column headers, as was mentioned by someone else earlier.
Clicking the blacklist link does not result in the IP being added to /var/db/blacklist.txt.
Clicking the whitelist link does not result in the IP being added to /var/db/whitelist.txt.Tried in both browsers. The link icon dances back and forth when clicked.
The SpamD External Sources tab adds entries similar to :
test:
:black:
:msg="you are rejected":
:method=http:
:http:
:file=www.openbsd.org/spamd/traplist.gz:The documentation does not show the :http: entry.
The ":http:" line is still being created. Seems to do no harm, but from the documentation, I can't see where it is needed/requested to be there.
The all entry seems to be not generating correctly. This is what is generated:
all:
:whitelist:blacklist:nixspam:uatraps:test:This is what should be generated, assuming you want "blacklist" to override "whitelist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklistIf you want "whitelist" to override the "blacklist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklist:whitelistI am still seeing the linear list in all as well.
-
The missing items never existed to begin with. This thread is concerning bugs for existing features only.
Please take your feature requests to the Bounty thread and they will be dealt with separately very soon.
Now with that said, what are the bugs with the existing features now?
-
to extend tests …
what is the corect way to my remote users connect from thunderbird to my smtp server ( to send mails ) ?without Spamd i´ve been using Smtp-auth but now ... my users are treated as spammers ...
any way ??
-
to extend tests …
what is the corect way to my remote users connect from thunderbird to my smtp server ( to send mails ) ?without Spamd i´ve been using Smtp-auth but now ... my users are treated as spammers ...
any way ??
Tell them to use port 587. That is the mail submission port. SpamD should only be interfering with port 25.
-
On another note, the time for spamd to whitelist / blacklist seems a long time (i gfuess 25 min total as screen indicates?), is there any way to configure it for faster. in the real world scenarion, the users will want their mail to be ASAP, but what is really "ideal" or the delicate balance for this spamd solution to be effective?
-
The missing items never existed to begin with. This thread is concerning bugs for existing features only.
Please take your feature requests to the Bounty thread and they will be dealt with separately very soon.
Now with that said, what are the bugs with the existing features now?
From the bounty starter post:
@lambert:I've not previously managed a spamd installation so my requirements will be met by getting the package working and committed to the project with, at least the functionality it had back when sullrich initially built it plus the fixes for issues rcarr noted in his post. I don't know enough about spamd to have further requirements at this time. I'm trying to avoid having to learn it in too much detail too… :-) Too many projects running right now.
http://forum.pfsense.org/index.php/topic,5660.msg33728.html#msg33728
If someone can get it working that far, I can find out what I want changed, if anything, beyond that and offer another bounty.
I believe that at least the following still applies, although he showed the issue differently with an external sources defined whitelist which still shows the same problem.
all:
:whitelist:blacklist:uatraps:nixspam:mywhitelist:should be according to exactly what rcarr had written:
all:
:whitelist:blacklist:uatraps:mywhitelist:nixspam:mywhitelist:The all entry seems to be not generating correctly. This is what is generated:
all:
:whitelist:blacklist:nixspam:uatraps:test:This is what should be generated, assuming you want "blacklist" to override "whitelist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklistIf you want "whitelist" to override the "blacklist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklist:whitelistThe fix for the below is to delete line 66 of spamd.inc. If you don't want to, don't. I've paid my part of the bounty.
The SpamD External Sources tab adds entries similar to :
test:
:black:
:msg="you are rejected":
:method=http:
:http:
:file=www.openbsd.org/spamd/traplist.gz:The documentation does not show the :http: entry.
-
Tell them to use port 587. That is the mail submission port. SpamD should only be interfering with port 25.
i will try another way .. because i don´t know how and who are my users …. i have an small wifi provider ...
i think in use another name to my mx servers and users can use normal smtp servers .. on the normal servers i only send mails from authenticated users on MX spamd do receiving ..
i this way i think ... no user configuration was involved .. -
The missing items never existed to begin with. This thread is concerning bugs for existing features only.
Please take your feature requests to the Bounty thread and they will be dealt with separately very soon.
Now with that said, what are the bugs with the existing features now?
From the bounty starter post:
@lambert:I've not previously managed a spamd installation so my requirements will be met by getting the package working and committed to the project with, at least the functionality it had back when sullrich initially built it plus the fixes for issues rcarr noted in his post. I don't know enough about spamd to have further requirements at this time. I'm trying to avoid having to learn it in too much detail too… :-) Too many projects running right now.
http://forum.pfsense.org/index.php/topic,5660.msg33728.html#msg33728
If someone can get it working that far, I can find out what I want changed, if anything, beyond that and offer another bounty.
I believe that at least the following still applies, although he showed the issue differently with an external sources defined whitelist which still shows the same problem.
all:
:whitelist:blacklist:uatraps:nixspam:mywhitelist:should be according to exactly what rcarr had written:
all:
:whitelist:blacklist:uatraps:mywhitelist:nixspam:mywhitelist:The all entry seems to be not generating correctly. This is what is generated:
all:
:whitelist:blacklist:nixspam:uatraps:test:This is what should be generated, assuming you want "blacklist" to override "whitelist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklistIf you want "whitelist" to override the "blacklist" entries:
all:
:nixspam:whitelist:uatraps:whitelist:test:whitelist:blacklist:whitelistThe fix for the below is to delete line 66 of spamd.inc. If you don't want to, don't. I've paid my part of the bounty.
The SpamD External Sources tab adds entries similar to :
test:
:black:
:msg="you are rejected":
:method=http:
:http:
:file=www.openbsd.org/spamd/traplist.gz:The documentation does not show the :http: entry.
Thanks, I'll get these taken care. It is not that I do not wish to fix these things, I am just trying to keep this thread focused to get it knocked out quickly since I am running out of time before I have to travel for a week. Just trying to get everyone up and running before a long delay.
-
In regards to the ordering issue, I believe you will want to create the entries in the order you want them to apply. This might not be optimal but it does work. Let's discuss improvements to this in the Bounty thread.
-
I'm unsure if this has been reported (I have a feeling it has).
The buttons on the SpamD Database page (the ones for deleting, whitelisting, blacklisting etc.) at the end of the row do not appear to work. I have a SpamTrap address I want to now remove and I'm unable to. I assume manually editing the config files will allow me to do this in the meantime?
This is hte code for the delete button that is showing up in Firefox:
===
javascript:toggle_on("d24", "/themes/nervecenter/images/icons/icon_x_p.gif");getURL("spamd_db.php?buttonid=d24&srcip=The actual code in the source though is (Note that I changed the @ in the javascript below to AT so that it wouldn't show up as a link in the forum and I get MORE spam!)
===
javascript:toggle_on("d24", "/themes/nervecenter/images/icons/icon_x_p.gif");getURL("spamd_db.php?buttonid=d24&srcip=''''catchallATblueivy.co.uk''''&action=delete", outputrule);'It's got something to do with the quotes around \catchallATblueivy.co.uk.
-
===
javascript:toggle_on("d24", "/themes/nervecenter/images/icons/icon_x_p.gif");getURL("spamd_db.php?buttonid=d24&srcip=''''catchallATblueivy.co.uk''''&action=delete", outputrule);'It's got something to do with the quotes around \catchallATblueivy.co.uk.
Looks like maybe just a quote mismatch, you have double quotes in the front of the address and single quotes after the address. Hopefully a simple fix.
-
I am currently traveling without access to fix these issues. If you can, please hold off on further bug reports until I return so that I do not feel overwhelmed. Thanks!
-
I think that there may be an error in parsing "bad" e-mail addresses when displaying the SpamD database:
I'm seeing the following when "sorting by Attempts":
| Type | IP | From | To | Attempts ↑ |
| GREY | 77.205.81.230 | | ty{n2000@HECOUNCIL.ORG> | 1209078047 |
| GREY | 83.9.63.26 | <martac-ti|< td=""></martac-ti|<> | {pyr@AOLLC.COM> | 1209076738 |Knobee
-
I think that there may be an error in parsing "bad" e-mail addresses when displaying the SpamD database:
I'm seeing the following when "sorting by Attempts":
| Type | IP | From | To | Attempts ↑ |
| GREY | 77.205.81.230 | | ty{n2000@HECOUNCIL.ORG> | 1209078047 |
| GREY | 83.9.63.26 | <martac-ti|< td=""></martac-ti|<> | {pyr@AOLLC.COM> | 1209076738 |Knobee
It's a known issue when someone puts a | in the email address.
-
@submicron:
===
javascript:toggle_on("d24", "/themes/nervecenter/images/icons/icon_x_p.gif");getURL("spamd_db.php?buttonid=d24&srcip=''''catchallATblueivy.co.uk''''&action=delete", outputrule);'It's got something to do with the quotes around \catchallATblueivy.co.uk.
Looks like maybe just a quote mismatch, you have double quotes in the front of the address and single quotes after the address. Hopefully a simple fix.
This looks like a parsing bug of some kind, notice there is an email address for the ip address. Can you reproduce this?
-
Here are the issues I've come across so far with our testing:
-
Spamtrap email addresses don't get saved or applied. Entering in an address doesn't add it to the database, and eventually the field is listed again as empty. Re-Adding the entry similarly doesn't work.
-
No RRD Graph reporting. This was part of the original bounty and I'm quite sure it was in the original spamd package.
-
As previously reported, entries in the "queue" cannot be whitelisted, blacklisted or deleted. The icons just wiggle instead of doing anything.
-
-
I concur with those issues. I am seeing the same on one of my client's firewall. I just didn't have time to put it down in words. I personally find the third one most annoying.
Add to this the parsing error that Knobee & blueivy reported earlier. I too am seeing that in some entries.
Francois
-
I'm still trying to chase down why this happened and what the details are, but as soon as I removed a blacklist from the spamd configuration, my shaper rules blew up:
Apr 28 16:54:07 spamlogd[81627]: exiting
Apr 28 16:54:07 spamlogd[81627]: exiting
Apr 28 16:54:09 spamd[77903]: listening for incoming connections.
Apr 28 16:54:09 spamd[77903]: listening for incoming connections.
Apr 28 16:54:12 check_reload_status: reloading filter
Apr 28 16:54:16 php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:41: syntax error /tmp/rules.debug:46: queue qlanRoot has no parent /tmp/rules.debug:46: errors in queue definition /tmp/rules.debug:48: queue qlandef has no parent /tmp/rules.debug:48: errors in queue definition /tmp/rules.debug:50: queue qlanacks has no parent /tmp/rules.debug:50: errors in queue definition /tmp/rules.debug:52: queue qPenaltyDown has no parent /tmp/rules.debug:52: errors in queue definition /tmp/rules.de
Apr 28 16:54:16 php: : There were error(s) loading the rules: /tmp/rules.debug:41: syntax error /tmp/rules.debug:46: queue qlanRoot has no parent /tmp/rules.debug:46: errors in queue definition /tmp/rules.debug:48: queue qlandef has no parent /tmp/rules.debug:48: errors in queue definition /tmp/rules.debug:50: queue qlanacks has no parent /tmp/rules.debug:50: errors in queue definition /tmp/rules.debug:52: queue qPenaltyDown has no parent /tmp/rules.debug:52: errors in queue definition /tmp/rules.debug:54: queue qP2
Apr 28 16:55:35 spamlogd[77901]: exiting
Apr 28 16:55:35 spamlogd[77901]: exiting
Apr 28 16:55:38 spamd[78329]: listening for incoming connections.
Apr 28 16:55:38 spamd[78329]: listening for incoming connections.
Apr 28 16:55:41 check_reload_status: reloading filter
Apr 28 16:55:46 php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:41: syntax error /tmp/rules.debug:46: queue qlanRoot has no parent /tmp/rules.debug:46: errors in queue definition /tmp/rules.debug:48: queue qlandef has no parent /tmp/rules.debug:48: errors in queue definition /tmp/rules.debug:50: queue qlanacks has no parent /tmp/rules.debug:50: errors in queue definition /tmp/rules.debug:52: queue qPenaltyDown has no parent /tmp/rules.debug:52: errors in queue definition /tmp/rules.de
Apr 28 16:55:46 php: : There were error(s) loading the rules: /tmp/rules.debug:41: syntax error /tmp/rules.debug:46: queue qlanRoot has no parent /tmp/rules.debug:46: errors in queue definition /tmp/rules.debug:48: queue qlandef has no parent /tmp/rules.debug:48: errors in queue definition /tmp/rules.debug:50: queue qlanacks has no parent /tmp/rules.debug:50: errors in queue definition /tmp/rules.debug:52: queue qPenaltyDown has no parent /tmp/rules.debug:52: errors in queue definition /tmp/rules.debug:54: queue qP2
Apr 28 16:56:06 check_reload_status: reloading filter
Apr 28 16:56:16 php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:41: syntax error /tmp/rules.debug:46: queue qlanRoot has no parent /tmp/rules.debug:46: errors in queue definition /tmp/rules.debug:48: queue qlandef has no parent /tmp/rules.debug:48: errors in queue definition /tmp/rules.debug:50: queue qlanacks has no parent /tmp/rules.debug:50: errors in queue definition /tmp/rules.debug:52: queue qPenaltyDown has no parent /tmp/rules.debug:52: errors in queue definition /tmp/rules.de
Apr 28 16:56:16 php: : There were error(s) loading the rules: /tmp/rules.debug:41: syntax error /tmp/rules.debug:46: queue qlanRoot has no parent /tmp/rules.debug:46: errors in queue definition /tmp/rules.debug:48: queue qlandef has no parent /tmp/rules.debug:48: errors in queue definition /tmp/rules.debug:50: queue qlanacks has no parent /tmp/rules.debug:50: errors in queue definition /tmp/rules.debug:52: queue qPenaltyDown has no parent /tmp/rules.debug:52: errors in queue definition /tmp/rules.debug:54: queue qP2Anyone seen anything like this?
-
Yep, its definitely related to spamd, I had to kill the install of spamd and now the shaper rules are not broken anymore.