spamc no longer working?

[GarvinH]

Hi!

I've migrated a Plesk 8.6 installation to a Plesk 10.4 (recent patchlevel) version. Everything basically works fine.

The server is a Debian 6.0 (Hetzner) 64bit default system, very little customization or additional packages; pretty much a out-of-the box Plesk, using qmail, courier and spamassassin.

E-Mails are working, we can receive and send emails. Mails are put through spamassassin according to the Mail-headers, so the basic setup is working.

HOWEVER: In my mail.err I find a lot of those:

Apr  3 18:47:58 ctu qmail-local-handlers[21589]: mailbox: /var/qmail/mailnames/faktor-e.de/frings
Apr  3 18:47:59 ctu spamc[21596]: connect to spamd on 127.0.0.1 failed, retrying (#1 of 3): Connection refused
Apr  3 18:48:00 ctu spamc[21596]: connect to spamd on 127.0.0.1 failed, retrying (#2 of 3): Connection refused
Apr  3 18:48:01 ctu spamc[21596]: connect to spamd on 127.0.0.1 failed, retrying (#3 of 3): Connection refused
Apr  3 18:48:02 ctu spamc[21596]: connection attempt to spamd aborted after 3 retries

This happens for every incoming email, no matter if an migrated domain or a freshly created one.

A "ps ax | grep -i spam" yields:

19701 ?        S      0:03 spamd child
21728 pts/0    S+     0:00 grep -i spam
25872 ?        Ss     0:01 /usr/sbin/spamd --username=popuser --daemonize --nouser-config --helper-home-dir=/var/qmail --max-children 5 --pidfile=/var/run/spamd/spamd_full.pid --socketpath=/tmp/spamd_full.sock
25873 ?        S      0:01 spamd child

I've re-started /etc/init.d/spamassassin as well as /opt/psa/admin/bin/spammsg a couple of time. No dice.

So; what is this "spamc" all about, why can't it connect to the obviously running instance? How can I debug if spamd is not listening on 127.0.0.1?

Or is spamd deprecated and no longer properly works? I'm asking because we get a lot of spam emails, so I need some sort of working setup. Any ideas/recommendations?

 

[IgorG]

Make sure that port of spamd is not firewalled.

 

[GarvinH]

Found the issue!

Thanks for the reply. This lead me to find the bug.

Plesk starts spamd with the option "--socketpath=/tmp/spamd_full.sock". "spamc" (the client to spamd) however is called with no arguments, and then by default tries to connect by TCP/IP port instead by socket.

So I need a way to either configure Plesks spammng to NOT use "--socketpath", or to configure plesk's call to "spamc" to include the parameter "-U /tmp/spamd_full.sock".

I did a full search in the entire plesk directory, and did not find an occurence of the string "socketpath"; spammng itself is a binary file, as well is the qmail "spam" handler file.

How can I get in touch with the parallels developers to fix this or to find how to patch it up?

Regards,
Garvin

 

[IgorG]

Just fill this template http://forum.parallels.com/showthread.php?t=106113 with all necessary details and I will forward it to developers for investigation.

 

[GarvinH]

Hi!

OK:

---------------------------------------------------------------
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

10.4.4 Update #24, last updated at April 3, 2012 06:48 AM
Linux 2.6.32-5-amd64
Debian 6.0

PROBLEM DESCRIPTION

/opt/psa/admin/spammng starts spamd with "--socketpath" option.
The qmail "spam" handler calls spamc without the option. So spamd runs on socket, but spamc tries to connect to TCP.

This means, spamc/spamd does not work.

STEPS TO REPRODUCE

Send an email with enabled spamassassin in a default plesk environment, watch the mail.err file contain error messages like this:

Apr 4 10:22:28 ctu spamc[721]: connect to spamd on 127.0.0.1 failed, retrying (#1 of 3): Connection refused
Apr 4 10:22:29 ctu spamc[721]: connect to spamd on 127.0.0.1 failed, retrying (#2 of 3): Connection refused
Apr 4 10:22:30 ctu spamc[721]: connect to spamd on 127.0.0.1 failed, retrying (#3 of 3): Connection refused
Apr 4 10:22:31 ctu spamc[721]: connection attempt to spamd aborted after 3 retries

ACTUAL RESULT

Spamc and spamd do not communicate.

EXPECTED RESULT

Spamc and spamd can communicate.

ANY ADDITIONAL INFORMATION

Please read the thread http://forum.parallels.com/showthread.php?t=258555 for a full description.

--------------------------------------------------------------

 

[IgorG]

Thank you. I have forwarded your report to developers and I will update thread with results when I receive them.

 

[gorblubberbak]

any news yet?

Any news yet on this issue?

It is pretty severe for anyone who wants to put spamc to use.

I hooked together a spamc/spamd construction which
allows outgoing mail by MTA Qmail, to be
scanned through spamassassin, alerted by inotify.

It works excellent on a non-Plesk machine, but due to
the problem described above, it doesn't work on Plesk 11.

Please provide a fix soon!

mistige

NB code:

(install inotify-tools first):
#!/bin/sh

LOG=/var/log/iwatch.log
WATCHED_DIR="/var/qmail/queue/mess"
WORKDIR=/var/log/iwatch

if [ ! -e $WORKDIR ] ; then
echo "Creating working dir $WORKDIR .."
mkdir -p $WORKDIR
fi

echo "Watching directory: $WATCHED_DIR for new files"
inotifywait -m -q -e create -r "$WATCHED_DIR" --format "%w%f" |
while read file ; do
echo "$(date): ik zie [$file] " >> $LOG
fname=`basename $file`

# writing in the watched-dir causes looping, so cp file in workdir for processing by spamc:
cp -f $file ${WORKDIR}/$fname
#production#: cat ${WORKDIR}/$fname | /usr/bin/spamc -c -F /usr/share/spamassassin/local.cf > $file
#debug#: cat ${WORKDIR}/$fname | /usr/bin/spamc -c -F /usr/share/spamassassin/local.cf > ${WORKDIR}/$fname.after.spamc ; cp -f ${WORKDIR}/$fname.after.spamc $file
cat ${WORKDIR}/$fname | /usr/bin/spamc -c -F /usr/share/spamassassin/local.cf > ${WORKDIR}/$fname.after.spamc ; cp -f ${WORKDIR}/$fname.after.spamc $file
done

# thanks to source : http://askubuntu.com/questions/102813/inotify-not-fast-enough

 

[GarvinH]

A workaround

Sadly nobody ever came back to me. But sadly, this has been my experience with parallels in other products as well, so it must be systematic.

Whatever, I have worked around this issue. I renamed /usr/bin/spamc to /usr/bin/spamc_orig, then created a new file /usr/bin/spamc_patched, and copied /usr/bin/spamc to /usr/bin/spamc_patched. This is so that whenever Parallels would updated the spamc binary, it will not overwrite my custom version but I'll still have that.

spamc_patched is a simple bash script (set it's chmod to be executable) with this content:

#!/bin/bash
echo spamc -U /tmp/spamd_full.sock "$@" >> /var/log/spamc.log 2>&1
spamc_orig -U /tmp/spamd_full.sock "$@"

The first line is just to have a logfile for possible problems. The actual call then forwards everyting to spamc_orig, but makes sure that the socket is utilized.

This has been working for me in the past few months, hope it helps.

Garvin.

 

[gorblubberbak]

brilliant

Garvin,

brilliant, I'll test your setup as soon as I can!

Thanks,

mistige/gorblubberbak

 

[gorblubberbak]

Garvin,

it works indeed, but only with the vanilla spamassassin binary,
(/etc/init.d/psa-spamassassin stop ; /etc/init.d/spamassassin start).
I suppose people cant set their incoming spam threshold anymore,
but the outgoing spam issue is now more important.

Thanks again,

mistige.