upgrade to SpamAssassin 3.10 unusual error

jjma

jjma

Verified User
Joined
Mar 29, 2004
Messages
275
Location
Edinburgh,Scotland
Just upgraded to 3.10 from 3.04 and this error is coming up in the logs::

Dec 21 12:32:02 sp1 spamd[1994]: config: failed to parse line, skipping: rewrite_subject 1
Dec 21 12:32:02 sp1 spamd[1994]: config: failed to parse line, skipping: subject_tag *****SPAM*****
Dec 21 12:38:44 sp1 spamd[10032]: config: failed to parse line, skipping: rewrite_subject 1
Dec 21 12:38:44 sp1 spamd[10032]: config: failed to parse line, skipping: report_header 1
Dec 21 12:38:44 sp1 spamd[10032]: config: failed to parse line, skipping: use_terse_report 1
Dec 21 12:38:44 sp1 spamd[10032]: config: failed to parse line, skipping: defang_mime 0


Headers are being modified by spamd::


X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on
sp1.domain.com
X-Spam-Level:
X-Spam-Status: No, score=0.2 required=5.0 tests=AWL autolearn=ham
version=3.1.0

Any way to debug this?

Jon
 
I received this after the upgrade to dovecot... had to disable spamd (sa ver 3.04) . I thought I'd go back and upgrade SA to 3.1.0... guess it's still an issue there, eh? :(
 
Some of the configuration directives changed in 3.1.0... I'm fairly certain that use_terse_report went away. I believe there's some posts around about this... Also see, e.g.

http://wiki.apache.org/spamassassin/SubjectRewrite?highlight=(rewrite_subject)

Here's my custom user_prefs:
Code: 
report_safe     |report_safe|

|blacklist_from|
|whitelist_from|

required_score |required_hits|
rewrite_header subject |subject_tag|
I don't recall if there's a way to rewrite this file via the taskq.
 
Last edited:
1 server updated with Dovecot, (SA v 3.1.0, CentOS 4.1) = same error message

1 server not updated with Dovecot, (SA v3.1.0, CentOS 3.6) = No error message.

Both servers run the last DA v 1.26.1
 
I have the same error. Spamd

spamd[2328]: spamd: setuid to admin succeeded
spamd[2328]: config: failed to parse line, skipping: rewrite_subject 1
spamd[2328]: config: failed to parse line, skipping: subject_tag *****SPAM*****
Click to expand...

Strangely enough my spamassassing never worked before I 'upgraded' to dovecot... No lines in the /var/log/maillog indicating a problem, spam was just not marked and caught.

Today I upgraded Directadmin to 1.261 as well as customapache using "./build all" (does this upgrade spamassassin too??) and installed Dovecot. Then this error started appearing. I am not sure whether it is the version of spamd, the Dovecot install or some other factor...

Harro
 
If you are upgrading spamd then it is your own responsibility to check the changelog, their are a number of directive changes in the config files in 3.1.0 so the old things like terse report have become invalid. There are also changes where modules have to be manually enabled which used to be enabled by default. If DA is now distributing 3.1.0 which I dont think they are then yes they should change their template. If they have upgraded I suggest you send an email to [email protected] regarding having the template changed to adapt to the new version.
 
I have seen the light! Suddenly it hit me: to enable spamassassin you have to go into the userlevel and enable it...

I am a bit slow in some respects ;-) new to DA and the whole circus of automisation.

I noticed that, when I enable spamassassin, the user_prefs file contains parts of the old, deprecated variables. I removed them and the errors stopped!

There is a link to a script on the spamassassin website that should fix all the user_prefs, but the link is dead!

http://wiki.apache.org/spamassassin/UpgradeTo300

Now the question is... where do I find the 'default' user_prefs. If I edit THAT then all should be well again.

DA_support team: please add lines to the install script that not only adds the new code, but REMOVES the old code.

This is what is contains on my system, after the spamassassin upgrade:

required_hits 5.0
rewrite_subject 1
subject_tag *****SPAM*****
report_safe 1


required_score 5.0
rewrite_header subject *****SPAM*****
Click to expand...

The red parts (for sure) shouldn't be there anymore.


Ballyn: where did you find those userprefs? And what do the words between vertical bars mean?

<edit part2>
I found the template file! It is here:

/usr/local/directadmin/data/templates/user_prefs

and I did contain the wrong variables. Fixed now, all should be well again.

Thanks guys for helping me see the light!

Harro
</edit part2>
 
Last edited:
Hello,

Ok, I'll work something out for the next release.
I've added 2 new TOKENS to the user_prefs template:
VERSION - not used, but hold the SA version.
VERSION3=yes or no. "yes" if you have 3.x.x

The new template is messier, but should be backwards compatible:
Code: 
|?RW_HEADER_SUB=rewrite_header subject `subject_tag`|
|*if subject_tag=""|
|?RW_HEADER_SUB=|
|*endif|

|*if VERSION3="yes"|
required_score |required_hits|
|RW_HEADER_SUB|
|*else|

required_hits   |required_hits|
rewrite_subject |rewrite_subject|
subject_tag     |subject_tag|

|*endif|

report_safe     |report_safe|

|blacklist_from|
|whitelist_from|
The RW_HEADER_SUB token is set/unset because the "rewrite_header subject **SPAM**" part needs to be non-existant if it's not to be rewritten, so it got messy, but should work.

The "report_safe".. still works in 3.x, I believe (correct me if I'm wrong on that).

Versions system:
http://www.directadmin.com/features.php?id=595

John
 
Good stuff! Quick reponse, once again, to issues :-)

One thing that surprises me, but that is spamassassin-related, not DA, is that it detects very little spam! I forwarded several emails marked as spam bij other mail providers en it pass through with scores om 0.9 and 1.2.

Is there an auto-update (or any update) for spamassassin spam rules?

<edit>
There are additional rulesets and even auto-update scripts available, for starters from the spamassassin website:

http://wiki.apache.org/spamassassin/CustomRulesets

Also elsewhere online :-) My bad, look before you cry out...
 
Last edited:
If you've found some rulesets that actually find spam in reasonable enough quantities to be worth running SpamAssassin, please post which ones.

I've stopped running SpamAssassin because it was finding so little spam, and I've added lots of custom rulesets.

Though I admit it's been a while, and I haven't updated SA to 3.x, I'm willing to do so if someone can tell me it's working for them.

So I look forward to your post.

Thanks.

Jeff
 
My spamassassin catches around 95% of actual spam it isnt 100% effective I have had 0 good emails marked as spam with the following local.cf.


rewrite_header Subject *****SPAM*****
report_safe 1
lock_method flock
required_hits 5.0
use_bayes 1
bayes_auto_learn 1
skip_rbl_checks 1
use_dcc 1
dns_available yes
ok_locales en
dcc_timeout 10

## Optional Score Increases
score DCC_CHECK 4.000
#score SPF_FAIL '10.000'
#score SPF_HELO_FAIL '10.000'
#score RAZOR2_CHECK '2.500'
score BAYES_99 4.300
score BAYES_90 3.500
score BAYES_80 3.000

now in 3.1.0 there is many functions disabled by default and modules need to be loaded so also in v310.pre

loadplugin Mail::SpamAssassin::Plugin::DCC
loadplugin Mail::SpamAssassin::Plugin::AWL
loadplugin Mail::SpamAssassin::Plugin::AutoLearnThreshold
loadplugin Mail::SpamAssassin::Plugin::WhiteListSubject
loadplugin Mail::SpamAssassin::Plugin::MIMEHeader
loadplugin Mail::SpamAssassin::Plugin::ReplaceTags

and in init.pre

loadplugin Mail::SpamAssassin::Plugin::RelayCountry
loadplugin Mail::SpamAssassin::Plugin::URIDNSBL
loadplugin Mail::SpamAssassin::Plugin::Hashcash

The above do things like enable DCC lookups, enable the auto white lists, enable header regex checking, mime checking, check against country relaying, do dnsbl lookups for url's contained in emails.

optionally in init.pre you can use
loadplugin Mail::SpamAssassin::Plugin::SPF

But be wary of this since many isp's have not yet adapted to spf and you may get many false positives.
 
i upgraded to SA 3.1.0
but when i turn on SA in DA, i get this as user_prefs
Code: 
required_score 5.0
rewrite_header subject *****SPAM*****


report_safe     1

while my user_prefs in DA dir is like this:
Code: 
|?RW_HEADER_SUB=rewrite_header subject `subject_tag`|
|*if subject_tag=""|
|?RW_HEADER_SUB=|
|*endif|

|*if VERSION3="yes"|
required_score |required_hits|
|RW_HEADER_SUB|
|*else|

required_hits   |required_hits|
rewrite_subject |rewrite_subject|
subject_tag     |subject_tag|

|*endif|

report_safe     |report_safe|

|blacklist_from|
|whitelist_from|

is this correct?
 
Jan 29 04:39:57 mars spamd[23758]: Can't locate Net/CIDR/Lite.pm in @INC (@INC contains: ../lib /usr/lib/perl5/site_perl/5.8.6 /usr/local/lib/perl5/site_perl/5.8.6/mach /usr/local/lib/perl5/site_perl/5.8.6 /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/5.8.6/BSDPAN /usr/local/lib/perl5/5.8.6/mach /usr/local/lib/perl5/5.8.6) at /usr/local/lib/perl5/site_perl/5.8.6/Mail/SPF/Query.pm line 53, <GEN17> line 67.
Jan 29 04:39:57 mars spamd[23758]: Can't locate Net/CIDR/Lite.pm in @INC (@INC contains: ../lib /usr/lib/perl5/site_perl/5.8.6 /usr/local/lib/perl5/site_perl/5.8.6/mach /usr/local/lib/perl5/site_perl/5.8.6 /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/5.8.6/BSDPAN /usr/local/lib/perl5/5.8.6/mach /usr/local/lib/perl5/5.8.6) at /usr/local/lib/perl5/site_perl/5.8.6/Mail/SPF/Query.pm line 53, <GEN17> line 67.
Jan 29 04:39:57 mars spamd[23758]: BEGIN failed--compilation aborted at /usr/local/lib/perl5/site_perl/5.8.6/Mail/SPF/Query.pm line 53, <GEN17> line 67.
Jan 29 04:39:57 mars spamd[23758]: Can't locate Net/CIDR/Lite.pm in @INC (@INC contains: ../lib /usr/lib/perl5/site_perl/5.8.6 /usr/local/lib/perl5/site_perl/5.8.6/mach /usr/local/lib/perl5/site_perl/5.8.6 /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/5.8.6/BSDPAN /usr/local/lib/perl5/5.8.6/mach /usr/local/lib/perl5/5.8.6) at /usr/local/lib/perl5/site_perl/5.8.6/Mail/SPF/Query.pm line 53, <GEN17> line 67.
Jan 29 04:39:57 mars spamd[23758]: BEGIN failed--compilation aborted at /usr/local/lib/perl5/site_perl/5.8.6/Mail/SPF/Query.pm line 53, <GEN17> line 67.
Jan 29 04:39:57 mars spamd[23758]: Compilation failed in require at /usr/lib/perl5/site_perl/5.8.6/Mail/SpamAssassin/Plugin/SPF.pm line 272, <GEN17> line 67.
Jan 29 04:40:02 mars spamd[23758]: spamd: identified spam (11.4/10.0) for thaipowerh:1036 in 5.2 seconds, 1740 bytes.
Jan 29 04:40:02 mars spamd[23758]: spamd: result: Y 11 - HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_XBL,URIBL_JP_SURBL,URIBL_SC_SURBL scantime=5.2,size=1740,user=thaipowerh,uid=1036,required_score=10.0,rhost=localhost.thaipowerhost.com,raddr=127.0.0.1,rport=53346,mid=<000001c62453$4dc242a0$9293a8c0@argosy>,autolearn=no
 
Still got the error with SA 3.1.4. Any help?

Code: 
Aug 24 00:01:41 host2 spamd[89345]: config: failed to parse line, skipping: rewrite_subject 1
Aug 24 00:01:41 host2 spamd[89345]: config: failed to parse line, skipping: subject_tag *****SPAM*****
Aug 24 00:02:20 host2 spamd[89345]: config: failed to parse line, skipping: rewrite_subject 1
Aug 24 00:02:20 host2 spamd[89345]: config: failed to parse line, skipping: subject_tag *****SPAM*****


local.cf
Code: 
rewrite_header Subject *****SPAM*****
report_safe 1
lock_method flock
required_score 5.0
use_bayes 1
bayes_auto_learn 1
bayes_ignore_header X-Bogosity
bayes_ignore_header X-Spam-Flag
bayes_ignore_header X-Spam-Status

user_prefs
Code: 
|?RW_HEADER_SUB=rewrite_header subject `subject_tag`|
|*if subject_tag=""|
|?RW_HEADER_SUB=|
|*endif|

|*if VERSION3="yes"|
required_score |required_hits|
|RW_HEADER_SUB|
|*else|

required_hits   |required_hits|
rewrite_subject |rewrite_subject|
subject_tag     |subject_tag|

|*endif|

report_safe     |report_safe|

|blacklist_from|
|whitelist_from|
 
dan35 said:
Still got the error with SA 3.1.4. Any help?
Click to expand...

I have some error

SpamAssassin-3.1.7_1 new installation
DA v1.28.1

Nov 23 17:28:02 cobra spamd[40930]: config: failed to parse line, skipping: rewrite_subject 1
Nov 23 17:28:02 cobra spamd[40930]: config: failed to parse line, skipping: subject_tag *****SPAM*****

Unfortunately, i can't found the solution on this forum and site.
How i can correct this error?
 
You must log in or register to reply here.
Back
Top