Mailing List Archive: DBMail: users

RELEASE: ripdefang-dbmail 0.01

Index | Next | Previous | View Threaded

michael.monnerie at is

May 28, 2009, 3:41 AM

Post #1 of 5 (1196 views)
Permalink

RELEASE: ripdefang-dbmail 0.01

http://zmi.at/x/ripdefang-dbmail

I just released this very first version of a "un-defang" tool. It's for
everybody who has defanged spams and wants to get the original spam back
into the mail system again.

Usage is very simple: Take a spam that is defanged by amavis, and resend
or forward it to an alias address which calls this script. In my case I
use dbmail ( http://dbmail.org/ ), where I created the following alias:
# dbmail-users -x undefang [at] mydomai -t "|/usr/bin/ripdefang-dbmail"

I then grep'ed a sample collection of 7074 mails, saved that to an mbox
(if you want it: http://zmi.at/x/spambox.mbox.bz2) and ran a
# formail -n 10 <spambox.mbox -s /usr/bin/ripdefang

but that got me only around 3343 mails, and ATM I don't know what the
error is. But it's a start, and maybe others want to help improve the
script.

mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4

Attachments:

signature.asc (0.19 KB)

michael.monnerie at is

May 28, 2009, 11:48 PM

Post #2 of 5 (1110 views)
Permalink

Re: RELEASE: ripdefang-dbmail 0.01 [In reply to]

On Donnerstag 28 Mai 2009 Michael Monnerie wrote:
> http://zmi.at/x/ripdefang-dbmail
>
> I just released this very first version of a "un-defang" tool. It's
> for everybody who has defanged spams and wants to get the original
> spam back into the mail system again.

Question to Paul: I run above script with
formail </tmp/spambox.mbox -s /usr/bin/ripdefang-dbmail

and in the dbmail logs I see:
May 28 08:19:45 mailsrv1.zmi.at dbmail/lmtpd[17408]: Error:[serverchild]
serverchild.c,PerformChildTask(+385): maximum number of connections
reached, stopping now

And I have in dbmail.conf:
[LMTP]
PORT = 24
NCHILDREN = 1
MINSPARECHILDREN = 1
MAXSPARECHILDREN = 2
MAXCHILDREN = 5

How can I have the limit reached? 5 messages received by normal e-mail
traffic and in the same time dbmail-smtp called? Or is dbmail-smtp
running asynchronously?

I'll rerun now on a 2nd mailserver, which has no mailtraffic. Still, I'd
like to understand what causes the problem.

Also, I'm feeding 7000 messages to that script, but only 3300 arrived
the first time, and yesterday I reran that script and got 3900 messages.
Still a lot missing, but why was there a difference at all? Can dbmail-
smtp loose messages?

mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4

Attachments:

signature.asc (0.19 KB)

paul at nfg

May 29, 2009, 12:35 AM

Post #3 of 5 (1116 views)
Permalink

Re: RELEASE: ripdefang-dbmail 0.01 [In reply to]

Michael Monnerie wrote:
> On Donnerstag 28 Mai 2009 Michael Monnerie wrote:
>> http://zmi.at/x/ripdefang-dbmail
>>
>> I just released this very first version of a "un-defang" tool. It's
>> for everybody who has defanged spams and wants to get the original
>> spam back into the mail system again.
>
> Question to Paul: I run above script with
> formail </tmp/spambox.mbox -s /usr/bin/ripdefang-dbmail
>
> and in the dbmail logs I see:
> May 28 08:19:45 mailsrv1.zmi.at dbmail/lmtpd[17408]: Error:[serverchild]
> serverchild.c,PerformChildTask(+385): maximum number of connections
> reached, stopping now

One things has nothing to do with the other. Here, a lmtpd child is
simply exiting because MAXCONNECTS was reached. A new lmtpd child will
be spawned immediately. But your script doesn't use lmtp at all as far
as I can tell.

>
> And I have in dbmail.conf:
> [LMTP]
> PORT = 24
> NCHILDREN = 1
> MINSPARECHILDREN = 1
> MAXSPARECHILDREN = 2
> MAXCHILDREN = 5

That is a *very* narrow pipe for lmtp. You better make damn sure your
mta doesn't try to establish more than 1 lmtp connection.

>
> How can I have the limit reached? 5 messages received by normal e-mail
> traffic and in the same time dbmail-smtp called? Or is dbmail-smtp
> running asynchronously?

The error is not an error, but normal behaviour within the context of a
preforking server.

>
> I'll rerun now on a 2nd mailserver, which has no mailtraffic. Still, I'd
> like to understand what causes the problem.
>
> Also, I'm feeding 7000 messages to that script, but only 3300 arrived
> the first time, and yesterday I reran that script and got 3900 messages.
> Still a lot missing, but why was there a difference at all? Can dbmail-
> smtp loose messages?

Only if the disks are full. Remember, dbmail-smtp (pipe) doesn't have a
mechanism for telling the MTA what errors might have occurred during
delivery.

>
> mfg zmi
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> DBmail mailing list
> DBmail [at] dbmail
> http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail

--
________________________________________________________________
Paul Stevens paul at nfg.nl
NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
The Netherlands________________________________http://www.nfg.nl
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail

michael.monnerie at is

May 30, 2009, 1:25 AM

Post #4 of 5 (1100 views)
Permalink

Re: RELEASE: ripdefang-dbmail 0.01 [In reply to]

On Freitag 29 Mai 2009 Paul J Stevens wrote:
> > And I have in dbmail.conf:
> > [LMTP]
> > PORT � � = 24
> > NCHILDREN � � � � = 1
> > MINSPARECHILDREN �= 1
> > MAXSPARECHILDREN �= 2
> > MAXCHILDREN = 5
>
> That is a *very* narrow pipe for lmtp. You better make damn sure your
> mta doesn't try to establish more than 1 lmtp connection.

It's working on a server with >200 domains... But why 1 lmtp? It starts
with 1 plus 1 spare, and goes up to 5 if necessary. And wouldn't postfix
just retry later if all 5 are busy? No mail should be lost, right?

> > Can dbmail- smtp loose messages?
>
> Only if the disks are full. Remember, dbmail-smtp (pipe) doesn't have
> a mechanism for telling the MTA what errors might have occurred
> during delivery.

Would it write that to syslog or somewhere? I got about 80 errors on
stderr which would explain that no e-mails are sent for that messages,
but I'm missing a lot more. There's a "-r" option to dbmail-smtp, but
that would only send me the 80 messages instead of on stderr, right?

mfg zmi
--
// Michael Monnerie, Ing.BSc ----- http://it-management.at
// Tel: 0660 / 415 65 31 .network.your.ideas.
// PGP Key: "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4
// Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4

Attachments:

signature.asc (0.19 KB)

paul at nfg

May 30, 2009, 2:16 AM

Post #5 of 5 (1096 views)
Permalink

Re: RELEASE: ripdefang-dbmail 0.01 [In reply to]

Michael Monnerie wrote:

>>> Can dbmail- smtp loose messages?
>> Only if the disks are full. Remember, dbmail-smtp (pipe) doesn't have
>> a mechanism for telling the MTA what errors might have occurred
>> during delivery.
>
> Would it write that to syslog or somewhere? I got about 80 errors on
> stderr which would explain that no e-mails are sent for that messages,
> but I'm missing a lot more. There's a "-r" option to dbmail-smtp, but
> that would only send me the 80 messages instead of on stderr, right?

It would report errors in the logs. Reporting to the return-path address
can only be done if delivery triggers an internal dbmail bounce, which
may not be the case. If delivery to dbmail-smtp returns a EX_TEMPFAIL or
EX_UNAVAILABLE value postfix will keep the message in the queue, but any
other return value will make postfix assume delivery was succesfull.

You should probably fix your script to return either error or simply the
return value of dbmail-smtp.

Take a look at README_FILTER from the postfix documentation for an
example for making robust email handling scripts.

--
________________________________________________________________
Paul Stevens paul at nfg.nl
NET FACILITIES GROUP GPG/PGP: 1024D/11F8CD31
The Netherlands________________________________http://www.nfg.nl
_______________________________________________
DBmail mailing list
DBmail [at] dbmail
http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads