How to use private rules? - SpamAssassin

This is a discussion on How to use private rules? - SpamAssassin ; Hello, I am ongoing to install a new server for (currently) 43 users with apache2, postgresql 8.2, courier, clamav-ng and spamassassin. Since the resources are very limited, the inbound MTA check only and then let the $USER choose what to ...

+ Reply to Thread
Results 1 to 7 of 7

Thread: How to use private rules?

  1. How to use private rules?

    Hello,

    I am ongoing to install a new server for (currently) 43 users with
    apache2, postgresql 8.2, courier, clamav-ng and spamassassin.

    Since the resources are very limited, the inbound MTA check only
    and then let the $USER choose what to do. Because an
    experience from last Friday where I have hit the limits of my hosting
    providers mailserver (over 4000 messages stuck in the queue) I lock
    already the ~/.promailrc to let only one message after one processing
    per $USER.

    So with spamassassin I have now a problem, since if called with

    +---[ ~/.procmailrc ]----------

    | :0
    | * > 250000
    | .ATTENTION.big_messages/
    |
    | :0fw
    | * < 250000
    | |/usr/bin/spamc

    +-------------------------------

    I can not use private rules and if I call it with

    :0fw
    * < 250000
    |/usr/bin/spamassassin

    incoming batch-spam can kill the server which must be responsible under
    any circumstands...

    How can I solv this problem?

    Note: Some of the $USER have tonns of custom rules and since
    they are working for them, they wan to use it... :-)


    Thanks, Greetings and nice Day
    Michelle Konzack
    Systemadministrator
    24V Electronic Engineer
    Tamay Dogan Network
    Debian GNU/Linux Consultant


    --
    Linux-User #280138 with the Linux Counter, http://counter.li.org/
    ##################### Debian GNU/Linux Consultant #####################
    Michelle Konzack Apt. 917 ICQ #328449886
    +49/177/9351947 50, rue de Soultz MSN LinuxMichi
    +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFIM1wjC0FPBMSS+BIRAkEGAJwIyUaPjhPRr3VumdE9Wg zCNFGsQgCfW5VP
    RpOOFI64vlhooaLE1xa3qYQ=
    =+8kZ
    -----END PGP SIGNATURE-----


  2. Re: How to use private rules?

    Michelle Konzack wrote:
    > Because an
    > experience from last Friday where I have hit the limits of my hosting
    > providers mailserver (over 4000 messages stuck in the queue) I lock
    > already the ~/.promailrc to let only one message after one processing
    > per $USER.


    You are serializing now? Or you wish to serialize?

    > | :0fw
    > | * < 250000
    > | |/usr/bin/spamc


    Not serialized. No lock file. Processing may occur in parallel.

    > incoming batch-spam can kill the server which must be responsible under
    > any circumstands...
    >
    > How can I solv this problem?


    If you want to serialize mail processing to cap the machine load you
    could use a procmail lockfile to only process one message at a time.

    :0fw:spamc.lock
    * < 250000
    |/usr/bin/spamc

    That would prevent your machine from being overloaded with large
    batches of incoming mail. Message processing would be serialized one
    at a time.

    Bob


  3. Re: How to use private rules?

    Am 2008-05-21 10:53:40, schrieb Bob Proulx:
    > Michelle Konzack wrote:
    > > Because an
    > > experience from last Friday where I have hit the limits of my hosting
    > > providers mailserver (over 4000 messages stuck in the queue) I lock
    > > already the ~/.promailrc to let only one message after one processing
    > > per $USER.

    >
    > You are serializing now? Or you wish to serialize?


    I am already using

    LOCKFILE=~/.procmailrc.lock

    at the beginning of the file to serialize the incoming messages and this
    troddle already the whole thing. A CPU load of 100% is not realy funny.

    But now if I use "spamc" we can not use private rules which we need and
    AFAIK

    :0fw
    * < 250000
    |/usr/bin/spamassassin

    sould not be used. What to do now to run spamassassin save?

    Thanks, Greetings and nice Day
    Michelle Konzack
    Systemadministrator
    24V Electronic Engineer
    Tamay Dogan Network
    Debian GNU/Linux Consultant


    --
    Linux-User #280138 with the Linux Counter, http://counter.li.org/
    ##################### Debian GNU/Linux Consultant #####################
    Michelle Konzack Apt. 917 ICQ #328449886
    +49/177/9351947 50, rue de Soultz MSN LinuxMichi
    +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFINL3pC0FPBMSS+BIRAknHAKCo9mATXtc+8o5vu/l2ADaA6QCBwwCZAVP+
    g10xFVUQGIJ1ul5B+TofowI=
    =ek9p
    -----END PGP SIGNATURE-----


  4. Re: How to use private rules?

    On Wed, 2008-05-21 at 01:17 +0200, Michelle Konzack wrote:
    > I am ongoing to install a new server for (currently) 43 users

    [...]
    > I can not use private rules and if I call it with
    > |/usr/bin/spamassassin
    >
    > incoming batch-spam can kill the server which must be responsible under
    > any circumstands...


    True. Using spamc is *much* more efficient, and highly recommended.
    However, allow_user_rules 1 isn't an option in this case, and not
    recommended anyway.


    > How can I solv this problem?
    >
    > Note: Some of the $USER have tonns of custom rules and since
    > they are working for them, they wan to use it... :-)


    Given the small-ish number of users, there is a way to do this. However,
    it may result in quite some administrative overhead, depending on the
    frequency of changes.

    You simply could aggregate these custom rules in server wide $user.cf
    files, with a *default* score of 0. Each user now can enable the rules
    he wants by assigning it a non-zero score in user_prefs.

    Since you mentioned "tons of custom rules" per user, I assume there are
    third party, non user-written rules as well. If so, there is the
    additional benefit of not maintaining (und updating) multiple copies.

    HTH

    guenther -- barely awake, having his first coffee


    --
    char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a \x10\xf4\xf4\xc4";
    main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}


  5. Re: How to use private rules?


    Michelle Konzack writes:
    > Am 2008-05-21 10:53:40, schrieb Bob Proulx:
    > > Michelle Konzack wrote:
    > > > Because an
    > > > experience from last Friday where I have hit the limits of my hosting
    > > > providers mailserver (over 4000 messages stuck in the queue) I lock
    > > > already the ~/.promailrc to let only one message after one processing
    > > > per $USER.

    > >
    > > You are serializing now? Or you wish to serialize?

    >
    > I am already using
    >
    > LOCKFILE=~/.procmailrc.lock
    >
    > at the beginning of the file to serialize the incoming messages and this
    > troddle already the whole thing. A CPU load of 100% is not realy funny.
    >
    > But now if I use "spamc" we can not use private rules which we need and
    > AFAIK
    >
    > :0fw
    > * < 250000
    > |/usr/bin/spamassassin
    >
    > sould not be used. What to do now to run spamassassin save?


    Sorry, I must have missed something. This sounds like you want
    to use "allow_user_rules" -- is there a problem with using that?

    --j.


  6. Re: How to use private rules?

    Am 2008-05-23 09:21:59, schrieb Justin Mason:
    > Michelle Konzack writes:
    > > :0fw
    > > * < 250000
    > > |/usr/bin/spamassassin
    > >
    > > sould not be used. What to do now to run spamassassin save?

    >
    > Sorry, I must have missed something. This sounds like you want
    > to use "allow_user_rules" -- is there a problem with using that?


    Yes, "allow_user_rules" does not work if I use "/usr/bin/spamc" instead
    of "/usr/bin/spamassassin".

    Some time ago I had used spamassasin directly but there went something
    wrong and spamassassin has eaten in a singel process 16 GByte of memory
    and I had to kille the whole machine by cuting the power.

    Thanks, Greetings and nice Day
    Michelle Konzack
    Systemadministrator
    24V Electronic Engineer
    Tamay Dogan Network
    Debian GNU/Linux Consultant


    --
    Linux-User #280138 with the Linux Counter, http://counter.li.org/
    ##################### Debian GNU/Linux Consultant #####################
    Michelle Konzack Apt. 917 ICQ #328449886
    +49/177/9351947 50, rue de Soultz MSN LinuxMichi
    +33/6/61925193 67100 Strasbourg/France IRC #Debian (irc.icq.com)

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iD8DBQFIN3ZVC0FPBMSS+BIRAsBMAKCVDqyM3pJbzdWTMPXFsv P7z40OwwCeMiwc
    gtkHq93oSdlqj0Lfx8BPVCk=
    =F0KT
    -----END PGP SIGNATURE-----


  7. Re: How to use private rules?


    Michelle Konzack writes:
    > Am 2008-05-23 09:21:59, schrieb Justin Mason:
    > > Michelle Konzack writes:
    > > > :0fw
    > > > * < 250000
    > > > |/usr/bin/spamassassin
    > > >
    > > > sould not be used. What to do now to run spamassassin save?

    > >
    > > Sorry, I must have missed something. This sounds like you want
    > > to use "allow_user_rules" -- is there a problem with using that?

    >
    > Yes, "allow_user_rules" does not work if I use "/usr/bin/spamc" instead
    > of "/usr/bin/spamassassin".


    it should. If it's not working, you should look into your setup,
    something's wrong there...

    --j.


+ Reply to Thread