Tuesday, October 30, 2018

Re: spamd does not update /var/db/spamd

On 10/30/18 4:44 PM, Chris Narkiewicz wrote:
> Database file has correct perms:
>
> # ls- l /var/db/spamd
> -rw-r--r--  1 _spamd  _spamd  65536 Oct 30 05:30 /var/db/spamd
>
> # spamdb /var/db/spamd
> <empty output>

I think what you are seeing is that spamdb doesn't expect the database
filename as a command line argument.

Try running spamdb with no arguments, that should produce a dump of
database content to standard output, something along the lines of

[Tue Oct 30 17:52:27] peter@skapet:~$ doas spamdb | head
SPAMTRAP|"._-c2b82d2"@bsdly.com
SPAMTRAP|"<-tovah@bsdly.net>"
SPAMTRAP|0adm@dataped.no
SPAMTRAP|1dd5645@bsdly.net
SPAMTRAP|257aa878f@bsdly.net
SPAMTRAP|31a38cad5@bsdly.net
SPAMTRAP|5cfbccfa@bsdly.net
SPAMTRAP|62ea02634@bsdly.net
SPAMTRAP|817ac16b@bsdly.net
SPAMTRAP|aatami@bsdly.net

and you can of course look for GREY entries only, such as

[Tue Oct 30 17:54:19] peter@skapet:~/$ doas spamdb | grep GREY | head
GREY|198.210.40.39|4c8w39.spinnbitez.biz|<bounce@blasterbitez.info>|<cinelerra@skolelinux.no>|1540899509|1540900120|1540928309|2|0
GREY|78.142.63.211|fresh.vivawebhost.com|<sales@giftmania.com>|<adm@dataped.no>|1540905382|1540934182|1540934182|2|0
GREY|193.92.125.157|newsletter9.email-business.net|<newsletter@e-seminars.net>|<bsdly@bsdly.net>|1540891280|1540920080|1540920080|2|0
GREY|43.243.166.69|mail3069.app1.reasonables2.com|<sent37011@spread18.com>|<sekretariat@nuug.no>|1540893857|1540894233|1540922657|4|0
GREY|105.159.253.224|[105.159.253.225]|<htg@dataped.no>|<htg@dataped.no>|1540902518|1540931318|1540931318|1|0
GREY|66.211.185.136|mxphxpool1033.ebay.com|<ebay@ebay.com>|<aksel@foley.no>|1540898855|1540907901|1540927655|2|0
GREY|77.241.66.209|mapmyinvestments.com|<brynhild@mapmyinvestments.com>|<majordomo@nuug.no>|1540890070|1540918870|1540918870|1|0
GREY|216.105.168.252|mail.dechaise.info|<toprated_fall_wines-cd=skolelinux.org@dechaise.info>|<cd@skolelinux.org>|1540905637|1540905959|1540934437|2|0
GREY|194.135.153.127|[194.135.153.127]|<elizabeth@dataped.no>|<elizabeth@dataped.no>|1540901213|1540930013|1540930013|2|0
GREY|201.148.104.36|raven10436.ninjahosting.cl|<>|<tqqvjjbqj@bsdly.com>|1540916570|1540945370|1540945370|2|0

See if that doesn't turn up the entries you were looking for.

- Peter

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

No comments:

Post a Comment