Partial solution: Question about RelayCountry - SpamAssassin

This is a discussion on Partial solution: Question about RelayCountry - SpamAssassin ; I dug deeper into the problem of why I was not getting the X-Spam-Relay-Countries header added to my mail, and I think I understand things a bit better. (The goal is to see what countries the few false negatives are ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Partial solution: Question about RelayCountry

  1. Partial solution: Question about RelayCountry

    I dug deeper into the problem of why I was not getting the
    X-Spam-Relay-Countries header added to my mail, and I think I understand
    things a bit better. (The goal is to see what countries the few false
    negatives are going through.)

    First of all, the correct add_header command seems to not be:
    add_header all Relay-Country _RELAYCOUNTRY_

    Instead, it should be:
    add_header all Relay-Countries _RELAYCOUNTRY_

    I saw that the plugin was active by running spamassassin -D.

    Also, by running spamassassin manually with a known piece of spam, I
    could see the X-Spam-Relay-Countries header being added but not when I ran
    spamc through sendmail/spamass-milter.

    The problem was that the headers were not be passed through by (drum roll
    please): spamass-milter even though I am *not* using the -M option. Also,
    I am using spamass-milter to reject mail during reception (via -r 5)

    I'm not looking for spamass-milter support from here (unless someone knows
    what to do), but I do like the way my system works and I'd like to
    continue using a milter to reject the spam. Are other people using milters
    with sendmail that don't suffer from this problem?

    TIA

    On Monday, Jul 7th 2008 at 05:41 -0000, quoth Justin Mason:

    =>
    =>Matus UHLAR - fantomas writes:
    =>> On 06.07.08 23:09, Steven W. Orr wrote:
    =>> > Should I expect to see X-Relay-Countries as an added header in my
    =>> > unrejected mail or is that only added to rejected mail? (Right now I do
    =>> > not see anything in the accepted mail.)
    =>>
    =>> you should see it in any mail I'd say. It is only used for bayes DB and
    =>> someone was trying to make a filter that will count number of different
    =>> countries the mail travelled through...
    =>
    =>No. You will only see it if you add the appropriate "add_header" line.

    Ok. I just modified my setup but no joy. The current configuration is
    below. Also, messages are coming through with:

    X-Spam-Status: No, score=1.4 required=5.0 tests=AWL,BAYES_60,RDNS_NONE
    autolearn=no version=3.2.5
    X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
    saturn.syslang.net

    Is there anything obvious I'm missing?

    TIA


    In init.pre:
    # Uncommented
    loadplugin Mail::SpamAssassin::Plugin::RelayCountry

    In 00_add_headers.cf:

    clear_headers
    add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME_
    add_header spam Flag _YESNOCAPS_
    add_header spam Level _STARS(*)_
    add_header all Status "_YESNO_, score=_SCORE_ \
    required=_REQD_ tests=_TESTS_ \
    autolearn=_AUTOLEARN_ \
    version=_VERSION_"
    add_header spam RBL _RBL_
    add_header spam Spammy _SPAMMYTOKENS(2.long)_


    ifplugin Mail::SpamAssassin::Plugin::RelayCountry
    add_header all Relay-Country _RELAYCOUNTRY_
    endif # Mail::SpamAssassin::Plugin::RelayCountry

    In 00_plugins_RelayCountry.cf:
    ifplugin Mail::SpamAssassin::Plugin::RelayCountry
    # put loadplugin Mail::SpamAssassin::Plugin::RelayCountry in init.pre
    header RELAYCOUNTRY_CN X-Relay-Countries =~ /\bCN\b/
    describe RELAYCOUNTRY_CN Relayed through china
    score RELAYCOUNTRY_CN 1.0

    header RELAYCOUNTRY_KR X-Relay-Countries =~ /\bKR\b/
    describe RELAYCOUNTRY_KR Relayed through Korea
    score RELAYCOUNTRY_KR 1.0

    header RELAYCOUNTRY_RU X-Relay-Countries =~ /RU/
    describe RELAYCOUNTRY_RU Relayed through Russian Federation
    score RELAYCOUNTRY_RU 2.0

    header RELAYCOUNTRY_BR X-Relay-Countries =~ /BR/
    describe RELAYCOUNTRY_BR Relayed through Brazil
    score RELAYCOUNTRY_BR 2.0

    header RELAYCOUNTRY_TR X-Relay-Countries =~ /TR/
    describe RELAYCOUNTRY_TR Relayed through Turkey
    score RELAYCOUNTRY_TR 2.0
    endif # Mail::SpamAssassin::Plugin::RelayCountry



    --
    Time flies like the wind. Fruit flies like a banana. Stranger things have .0.
    happened but none stranger than this. Does your driver's license say Organ ..0
    Donor?Black holes are where God divided by zero. Listen to me! We are all- 000
    individuals! What if this weren't a hypothetical question?
    steveo at syslang.net


  2. Re: Partial solution: Question about RelayCountry

    On Thursday, Jul 10th 2008 at 23:22 -0000, quoth Matt Kettler:

    =>Actually it is functionally correct as is written. It doesn't matter what the
    =>added header is name, unless you wish to be pedantic about semantics.
    =>
    =>The rules check X-Relay-Countries, which is an internal pseudo-header created
    =>by the RelayCountry plugin. That header isn't added to the message, but the
    =>rules will still match on it. They will work even if your add_header doesn't
    =>exist at all.
    =>
    =>The only purpose of the add_header is to create a human readable copy, but SA
    =>doesn't use it internally.
    =>
    =>Hmm, any chance you neglected to restart spamd after editing the configs?
    =>
    =>Do you get the same lack of modifications piping messages through spamc on the
    =>command line?
    =>

    On Thursday, Jul 10th 2008 at 23:48 -0000, quoth David B Funk:

    =>On Thu, 10 Jul 2008, Steven W. Orr wrote:
    =>
    =>The issue here is the way that sendmail milters work.
    =>In the sendmail "system" milters work more as a 'T' not a traditional
    =>unix "pipe". That is, the milter daemon receives a -copy- of the
    =>input message, it then needs to activly send specific commands back
    =>to the sendmail process telling sendmail what (if any) changes should
    =>be made to the original.
    =>
    =>More detail; spamass-milter receives a copy of the input message, it
    =>then sends that on to spamd using the spamc-2-spamd protoocl.
    =>spamass-milter receives the results of the scoring back from spamd,
    =>spamass-milter evaluates the spamd results and then sends specific
    =>commands back to the sendmail process telling sendmail to make a few
    =>explicit changes to the original message (such as adding the
    =>'X-Spam-Status' and 'X-Spam-Report' headers).
    =>
    =>No changes will be added to the original messsage -except- for those
    =>that spamass-milter knows to add. So if spamd adds headers that
    =>spamass-milter doesn't know about, spamass-milter will not tell sendmail
    =>to add them and thus they won't show up in the final results.
    =>
    =>So to get your X-Spam-Relay-Countries header, you'll have to modify
    =>spamass-milter to know about it and tell sendmail to add it.

    Thanks to David and Matt. Understanding what I'm working with is key to
    this. I solved my problem by simply

    add_header ham Status country=_RELAYCOUNTRY_

    Now the countries involved are visible in the few false negatives that
    come through.

    --
    Time flies like the wind. Fruit flies like a banana. Stranger things have .0.
    happened but none stranger than this. Does your driver's license say Organ ..0
    Donor?Black holes are where God divided by zero. Listen to me! We are all- 000
    individuals! What if this weren't a hypothetical question?
    steveo at syslang.net


+ Reply to Thread