Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: SpamAssassin: users

Unable to verify custom rules being loaded from 'local.cf'

  

 
SpamAssassin users RSS feed   Index | Next | Previous | View Threaded


ashish.sharma3 at hp

Jul 17, 2013, 5:59 AM

Post #1 of 3 (97 views)
Permalink
Unable to verify custom rules being loaded from 'local.cf'
-------- Original Message --------
Subject: Unable to verify custom rules being loaded from 'local.cf'
From: "Sharma, Ashish" <ashish.sharma3 [at] hp>
To: users [at] spamassassin
CC:

Hi,

I have a amavisd-new setup with spamassassin(3.3.1) on RHEL 5.8 , at the following location:

/etc/mail/spamassassin/local.cf

I have added some custom rule sets as follows:

#xxxxxx java script hack prevention rule
describe SCRIPTED_NAME_xxxxxx Attachment name or filename is a script
mimeheader __ContentTypeName Content-Type =~ /name.*\=.*<script.*?>/i
mimeheader __DispositionTypeFileName Content-Disposition =~ /filename.*\=.*<script.*?>/i
meta SCRIPTED_NAME_xxxxxx (__ContentTypeName || __DispositionTypeFileName)
score SCRIPTED_NAME_xxxxxx 12.0

#xxxxxx html redirect prevention via meta tag
describe META_TAG_xxxxxx Attachment name or filename is a html meta tag
mimeheader __ContentTypeMetaName Content-Type =~ /name.*\=.*<meta.*?>/i
mimeheader __DispositionTypeMetaFileName Content-Disposition =~ /filename.*\=.*<meta.*?>/i
meta META_TAG_xxxxxx (__ContentTypeMetaName || __DispositionTypeMetaFileName)
score META_TAG_xxxxxx 12.0


here 'spamassassin --lint' is giving no issues on a local and production setup,

but when I test the rule set with some custom test emails, the local setup works fine while the production setup show that no rules were hit for the same sample email.

I am confused as to what is going wrong here?

How can I test whether the custom rule sets in 'local.cf' are being loaded by spamassassin on my production setup?

Thanks
Ashish


KMcGrail at PCCC

Jul 17, 2013, 6:39 AM

Post #2 of 3 (92 views)
Permalink
Re: Unable to verify custom rules being loaded from 'local.cf' [In reply to]
> How can I test whether the custom rule sets in 'local(munged to avoid
> URIBLs).cf' are being loaded by spamassassin on my production setup?

Put your rules in another file, let's say ASHISH.cf.

Run spamassassin -D --lint 2>&1 | grep ASHISH

Look for something like:
Jul 17 09:22:26.419 [12158] dbg: config: read file
/etc/mail/spamassassin/ASHISH.cf

NOTE: You are using amavis. Are you restarting amavis to reload the
rules on the server that the mail is passing through? Are you putting
the cf file in the correct place to be loaded by amavis?

Regards,
KAM

IMPORTANT NOTE: First email to the list was blocked because
local(munged).cf is blacklisted. Any of the Blacklist experts have any
thoughts on that issue? Is it a legit URL in spams?


axb.lists at gmail

Jul 17, 2013, 6:49 AM

Post #3 of 3 (92 views)
Permalink
Re: Unable to verify custom rules being loaded from 'local.cf' [In reply to]
On 07/17/2013 03:39 PM, Kevin A. McGrail wrote:


>
> IMPORTANT NOTE: First email to the list was blocked because
> local(munged).cf is blacklisted. Any of the Blacklist experts have any
> thoughts on that issue? Is it a legit URL in spams?

HE!

local[[.]]cf listed on black.uribl.com
local[[.]]cf listed on jp.surbl.org
local[[.]]cf listed on ws.surbl.org
local[[.]]cf listed on uri.invaluement.com
local[[.]]cf listed on dbl.spamhaus.org


local.cf is a parked domain
will see this is taken care of...

SpamAssassin users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.