(SCANNED)Re: defang_spam not working

Steve Scotter amavis-users at spectrumcs.net
Sun Feb 19 15:41:48 CET 2012 

Hi Mark,

Thanks for your reply.

I replied a about an hour later to my own post basically saying that setting $altermime = undef 'fixed' my issue, and abandoned trying to use altermine.

------------------------------------------------

Sorry for the school boy error of not providing version information...

# altermime --version
alterMIME v0.3.11 (November-2008) by Paul L Daniels - http://www.pldaniels.com/altermime

# amavisd -V
amavisd-new-2.7.0 (20110701)

# perl -v
This is perl 5, version 14, subversion 2 (v5.14.2) built for amd64-freebsd

# uname -a
FreeBSD untrustedhost.example.com 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan  3 07:46:30 UTC 2012     root at farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  amd64

------------------------------------------------

To try and help resolve this issue I've applied your attached patch, re-enabled altermime and sent a couple of test messages though but unfortunately the problem persists. The email arrives but is not defanged when altermime is enabled.

Please find attached sanitized amavisd logs of two "/usr/local/sbin/amavisd debug" sessions (one with altermime enabled, one with altermime disabled) and the emails that arrived.

If you need any more information or someone to test any further patches I'm happy to help.

Regards

Stephen Scotter
Systems Consultant
T. +44 (0) 7970 463925

-------- Original Message --------
Subject: (SCANNED)Re: defang_spam not working (16-Feb-2012 23:56)
From:    Mark Martinec <Mark.Martinec+amavis at ijs.si>
To:      amavis-users at spectrumcs.net

> Steve,
> 
> > I'm having problems with my amavis not defang'ing spam. Messages are having
> > their subject rewritten and X-SPAM-Headers but are not defang'd.
> > 
> > Could anyone shed any light on which settings I need to be paying attention
> > to? I've gone over my amavisd.conf with a find tooth comb to no avail.
> 
> Sorry for delay. While investigating what could potentially be the reason,
> I found two problems regarding defanging in 2.7.0, and I'm attaching
> a patch to fix these. The bug can only manifest itself under certain
> conditions, and you are not saying neither which version of amavisd and
> perl are you using, nor the defanging method of choice (like whether
> altermime is installed and enabled, or whether Anomy::Sanitizer is
> to be used for defanging).
> 
> Here is the description of the two problems addressed by the patch:
> 
> - fixed defanging by mimedefang, it was failing with perl 5.10 or later
>   due to an unhandled "Insecure dependency in sprintf" while logging the
>   result if the $log_level was 2 or higher, or when debugging was enabled;
> 
> - fixed defanging by Anomy::Sanitizer, it was failing with an error message:
> 
>   "mangling by anomy failed: replacement size 0, mail will pass unmodified"
> 
> 
> > I'm using SQL backup with default policies. Recipients access is associated
> > with the "Default Policy" (ie *_lover's all N, bypass_*_checks all N,
> > spam_modifies_subj = Y, all over fields NULL).
> > 
> > $defang_virus  = 1;
> > $defang_banned = 1;
> > $defang_spam = 1;
> > $defang_bad_header = 1;
> > $defang_undecipherable = 1;
> > $defang_all = 1; //for testing purposes only
> > 
> > $sa_tag_level_deflt  = -9999; //add spam headers to all messages
> > $sa_tag2_level_deflt = 5.0; //anything >= 5 considered
> > $sa_kill_level_deflt = 10.0;//anything >= 10 is quarantined
> > $sa_quarantine_cutoff_level = 25;//anything >= 25 is discarded completely.
> > 
> > $final_virus_destiny = D_DISCARD;
> > $final_banned_destiny = D_BOUNCE;
> > $final_spam_destiny = D_DISCARD;
> > ##$final_bad_header_destiny = D_REJECT;
> > $final_bad_header_destiny = D_PASS;
> > 
> > While testing I checked to see if messages marked with a bad header are
> > being defang'd by sending a malformed email with two Subject: headers.
> > They also aren't being defang'd.
> > Is there any change I'm missing a perl module required to defang or is it
> > definitely a configuration issue?
> 
> Mail to local recipients with a bad header, or spam with score between
> tag2 and kill levels, should have been defanged, unless you are meeting the
> bug conditions above (perl >= 5.10, altermime installed, log level >= 2).
> 
> If you have altermime installed, try disabling it ($altermime = undef),
> or apply the patch. If the problem persists, I'd like to see the full
> log of the event (at $log_level=5).
> 
>   Mark
> 
> 
> 
> To: amavis-users at amavis.org
> Cc: amavis-users at spectrumcs.net


To: Mark.Martinec+amavis at ijs.si
    amavis-users at amavis.org



DISCLAIMER
This email is for the use of the intended recipient(s) only. If you have received this email in error, please notify the sender immediately and then delete it. 
If you are not the intended recipient, you must not keep, use, disclose, copy or distribute this email without the authors prior permission. 
We have taken precautions to minimise the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message.
We cannot accept liability for any loss or damage caused by software viruses.
The information contained in this communication may be confidential and may be subject to the attorney-client privilege. 
If you are the intended recipient and you do not wish to receive similar electronic messages from us in future then please respond to the sender to this effect.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0.patch
Type: application/octet-stream
Size: 2041 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20120219/52fa9032/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: amavisd-altermime-disabled.log
Type: application/octet-stream
Size: 110008 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20120219/52fa9032/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: amavisd-altermime-enabled.log
Type: application/octet-stream
Size: 109065 bytes
Desc: not available
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20120219/52fa9032/attachment-0002.obj>
-------------- next part --------------
An embedded message was scrubbed...
From: unknown sender
Subject: no subject
Date: no date
Size: 6057
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20120219/52fa9032/attachment.eml>
-------------- next part --------------
An embedded message was scrubbed...
From: unknown sender
Subject: no subject
Date: no date
Size: 817
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20120219/52fa9032/attachment-0001.eml>

More information about the amavis-users mailing list