spamd spamming logs?
Greetings;
Fairly new, 2 weeks approx stretch amd64 install
Using fetchmail, feeding procmail which has some spam checking in it
My syslog is being spammed for every incoming mail with a paragraph of"
May 19 07:56:05 coyote spamc[3500]: connect to spamd on 127.0.0.1 failed,
retrying (#1 of 3): Connection refused
May 19 07:56:06 coyote spamc[3500]: connect to spamd on 127.0.0.1 failed,
retrying (#2 of 3): Connection refused
May 19 07:56:07 coyote spamc[3500]: connect to spamd on 127.0.0.1 failed,
retrying (#3 of 3): Connection refused
May 19 07:56:07 coyote spamc[3500]: connection attempt to spamd aborted
after 3 retries
Does anyone have a clue what to check? I do have some odd entries in the
key dept at /var/lib/spamassassin/sa-update-keys, but I just scanned a
search for keys in synaptic without finding any handy suspects.
An ls -lR of that /var.lib/spamassassin/sa0update-keys:
oot@coyote:spamassassin$ cd sa-update-keys/
root@coyote:sa-update-keys$ ls -l
total 16
drwx------ 2 debian-spamd debian-spamd 4096 May 4 16:32
private-keys-v1.d
-rw-r--r-- 1 debian-spamd debian-spamd 2953 May 4 16:32 pubring.kbx
-rw------- 1 debian-spamd debian-spamd 32 May 4 16:32 pubring.kbx~
srwx------ 1 debian-spamd debian-spamd 0 May 4 16:32 S.gpg-agent
srwx------ 1 debian-spamd debian-spamd 0 May 4 16:32
S.gpg-agent.browser
srwx------ 1 debian-spamd debian-spamd 0 May 4 16:32
S.gpg-agent.extra
srwx------ 1 debian-spamd debian-spamd 0 May 4 16:32 S.gpg-agent.ssh
-rw------- 1 debian-spamd debian-spamd 1200 May 4 16:32 trustdb.gpg
What does that 1st column s indicate? Humm, chattr says its been securely
zeroed, but that the name has not been deleted so its now a zero length
file. For a new install, thats odd. And it appears spamassassin had not
been started, starting it changed the syslog to:
May 19 08:17:26 coyote systemd[1]: Started Perl-based spam filter using
text analysis.
May 19 08:18:41 coyote spamd[4225]: spamd: connection from 127.0.0.1
[127.0.0.1]:59326 to port 783, fd 5
May 19 08:18:41 coyote spamd[4225]: spamd: setuid to gene succeeded
May 19 08:18:41 coyote spamd[4225]: spamd: processing message
<[🔎] 878sv2ljw3.fsf@lenovo> aka <k_gHvyRJekP.A.NeC.lkU4cB@bendel> for
gene:1000
May 19 08:18:41 coyote spamd[4225]: dns: new_dns_packet: domain is utf8
flagged: a.ns.planet-service.fr
May 19 08:18:41 coyote spamd[4225]: dns: new_dns_packet: domain is utf8
flagged: b.ns.planet-service.fr
May 19 08:18:41 coyote spamd[4225]: dns: new_dns_packet: domain is utf8
flagged: ans1.cw.net
May 19 08:18:41 coyote spamd[4225]: dns: new_dns_packet: domain is utf8
flagged: ans2.cw.net
May 19 08:18:41 coyote spamd[4225]: spamd: clean message (0.2/5.0) for
gene:1000 in 0.3 seconds, 7339 bytes.
May 19 08:18:41 coyote spamd[4225]: spamd: result: . 0 -
DKIM_ADSP_CUSTOM_MED,FORGED_GMAIL_RCVD,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI
scantime=0.3,size=7339,user=gene,uid=1000,required_score=5.0,rhost=127.0.0.1,raddr=127.0.0.1,rport=59326,mid=<[🔎] 878sv2ljw3.fsf@lenovo>,rmid=<k_gHvyRJekP.A.NeC.lkU4cB@bendel>,autolearn=no
autolearn_force=no
May 19 08:18:41 coyote spamd[4222]: prefork: child states: II
So what utility in stretch will properly edit the various run levels to
make sure spamassassin is started?
Thanks.
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
Reply to: