Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. SpamAssassin>
  3. users
Linting of local.cf
general at nativemethods
Apr 14, 2022, 5:42 PM
Post #1 of 12 (930 views)
Permalink
Hello,

I use SpamAssassin 3.4.2 with Perl 5.26.1 on Ubuntu 18.04 LTS (from a
package).

The other day I was updating the local.cf file to add an address that I
wanted to block (in this case I will use a fictional e-mail address of
user@example.com).

I entered a new line in local.cf like this:

blacklist_fro user@example.com

... and restarted the service. The service restarted and there were no
errors emitted. However, as you can see in the line above, the keyword
is actually missing an "m". The line should have started with:

blacklist_from

Because I did not see any warnings or errors on restart, I was wondering:

** Does SpamAssassin lint the local.cf file on re-load ?

** If it does, I am assuming that an incorrect keyword is ignored (in
this case, SpamAssassin ignores the mistake and therefore would not
block e-mail from user@example.com). Is there a way to manually lint
local.cf to catch mistakes that I have made with keywords ?

Thanks,

- J
Re: Linting of local.cf [ In reply to ]
me at junc
Apr 14, 2022, 6:09 PM
Post #2 of 12 (930 views)
Permalink
On 2022-04-15 02:42, J Doe wrote:

> Because I did not see any warnings or errors on restart, I was
> wondering:
>
> ** Does SpamAssassin lint the local.cf file on re-load ?

it does just not load lines with are lint fails, it runs without this
line then
Re: Linting of local.cf [ In reply to ]
general at nativemethods
Apr 14, 2022, 6:13 PM
Post #3 of 12 (930 views)
Permalink
On 2022-04-14 21:09, Benny Pedersen wrote:

> On 2022-04-15 02:42, J Doe wrote:
>
>> Because I did not see any warnings or errors on restart, I was wondering:
>>
>> ** Does SpamAssassin lint the local.cf file on re-load ?
>
> it does just not load lines with are lint fails, it runs without this
> line then

Hi Benny,

Ok, I was thinking that's what would happen.

Is there a tool I can use to do a manual lint of the local.cf file ?

Thanks,

- J
Re: Linting of local.cf [ In reply to ]
me at junc
Apr 14, 2022, 6:25 PM
Post #4 of 12 (930 views)
Permalink
On 2022-04-15 03:13, J Doe wrote:

> Is there a tool I can use to do a manual lint of the local.cf file ?

only spamassassin --lint

it does not lint local.cf only :=)
Re: Linting of local.cf [ In reply to ]
lwilton at earthlink
Apr 14, 2022, 6:45 PM
Post #5 of 12 (930 views)
Permalink
> Is there a tool I can use to do a manual lint of the local.cf file ?

At command prompt:
spamassassin --lint


Loren
Re: Linting of local.cf [ In reply to ]
general at nativemethods
Apr 14, 2022, 6:52 PM
Post #6 of 12 (930 views)
Permalink
On 2022-04-14 21:45, Loren Wilton wrote:
>> Is there a tool I can use to do a manual lint of the local.cf file ?
>
> At command prompt:    spamassassin --lint
>
>
>        Loren
>

Hi Benny and Loren,

Thanks for you replies. I just tried that and it successfully found
another mistake I had made in local.cf

$ spamassassin --lint
...
warn: config: failed to parse line, skipping, in
"/etc/spamassassin/local.cf": blakclist_from user@example.com

Out of curiosity - why doesn't SpamAssassin lint automatically when it
reloads local.cf ?

Thanks again,

- J
Re: Linting of local.cf [ In reply to ]
me at junc
Apr 15, 2022, 6:21 AM
Post #7 of 12 (930 views)
Permalink
On 2022-04-15 03:52, J Doe wrote:

> Out of curiosity - why doesn't SpamAssassin lint automatically when it
> reloads local.cf ?

i ask in reverse, do you want spamd to be down on lint fails ?

we have not seen default rules never have zerro lint fails from
upstream, so apache.org is doing well :=)

i have answered what spamd does if lint fails imho, it continue with
remaining rules that is not lint failing, so lint errors is not yet
hardfailing, should this be changed ?
RE: Linting of local.cf [ In reply to ]
steven at manross
Apr 15, 2022, 12:14 PM
Post #8 of 12 (929 views)
Permalink
> we have not seen default rules never have zerro lint fails from
> upstream, so apache.org is doing well :=)

P.S. I am a typo king and love the above typo for "zerro" (and possible never = ever) while talking about lint errors (because I would definitely make that kind of mistake and have) but half of me thinks both of these were on purpose for the purpose of the lint fail thread... So, way to go Benny! ????

Enjoy your day.

I love SA!!! Thank You everyone for your posts, help, and contributions to the community!

Long time lurker... sometimes poster,
Steven
Re: Linting of local.cf [ In reply to ]
general at nativemethods
Apr 15, 2022, 3:35 PM
Post #9 of 12 (928 views)
Permalink
On 2022-04-15 09:21, Benny Pedersen wrote:

> On 2022-04-15 03:52, J Doe wrote:
>
>> Out of curiosity - why doesn't SpamAssassin lint automatically when it
>> reloads local.cf ?
>
> i ask in reverse, do you want spamd to be down on lint fails ?
>
> we have not seen default rules never have zerro lint fails from
> upstream, so apache.org is doing well :=)
>
> i have answered what spamd does if lint fails imho, it continue with
> remaining rules that is not lint failing, so lint errors is not yet
> hardfailing, should this be changed ?

Hi Benny and Reindl,

That's an interesting point. I guess the use case I was thinking of is
if I added an address or domain for a particularly egregious spammer,
but made a typo in the SA syntax, I would want to know about it on load
so that it didn't continue to slip through.

On the other hand, as Reindl notes, I can adjust the startup script
myself or have a wrapper for it.

Thanks for your replies!

- J
Re: Linting of local.cf [ In reply to ]
me at junc
Apr 15, 2022, 8:30 PM
Post #10 of 12 (928 views)
Permalink
On 2022-04-16 00:35, J Doe wrote:

> That's an interesting point. I guess the use case I was thinking of
> is if I added an address or domain for a particularly egregious
> spammer, but made a typo in the SA syntax, I would want to know about
> it on load so that it didn't continue to slip through.
>
> On the other hand, as Reindl notes, I can adjust the startup script
> myself or have a wrapper for it.

such as sa-compile ? :)

fun part here is this hardfails on lint errors, but spamd just continue
?

how to fix this in future would be to let the lint testing be done AFTER
sa-update pr channel, but BEFORE installing new rules, that way if lint
fails, keep old rules working

sorry i am not a pmc member on apache.org
Re: Linting of local.cf [ In reply to ]
martin at gregorie
Apr 16, 2022, 4:21 AM
Post #11 of 12 (928 views)
Permalink
On Sat, 2022-04-16 at 05:30 +0200, Benny Pedersen wrote:
> On 2022-04-16 00:35, J Doe wrote:
>
> > That's an interesting point.  I guess the use case I was thinking of
> > is if I added an address or domain for a particularly egregious
> > spammer, but made a typo in the SA syntax, I would want to know
> > about it on load so that it didn't continue to slip through.
> >
> > On the other hand, as Reindl notes, I can adjust the startup script
> > myself or have a wrapper for it.
>
Consider doing something similar to what I do: 

- I don't test SA-issued rules updates because they've been verified
before being issued and I've never found errors in them.

- I have a second 'development' SA install thats on a different computer
to my main MTA and associated SA. This computer also holds the master
copy of my local rules and a collection of spam that is used as test
data for these rules. Whenever local rules are added or modified they
are first checked to be error free and then run against the relevant
test data to see if they do what they're supposed to do. If, and only
if, they pass both lint and functional checks, my local rule set is
uploaded to my live SA installation. These various operations are
carried out by bash scripts. Additionally, I have a script that can
run my local rule set against my entire library of test messages.

Martin
Re: Linting of local.cf [ In reply to ]
hege at hege
Apr 16, 2022, 4:36 AM
Post #12 of 12 (928 views)
Permalink
On Sat, Apr 16, 2022 at 12:21:55PM +0100, Martin Gregorie wrote:
>
> - I don't test SA-issued rules updates because they've been verified
> before being issued and I've never found errors in them.

There is no need to manually test sa-updated rules, since it automatically
lints them. And hopefully the cron output ends up to the admin..

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal