Richard Bos | 2 Jan 11:59 2010
Picon

spamassassin year 2010 bug

Is this of any relevance to kolab's spamassassin:
"  The Apache SpamAssassin spam filter has been shipping with a rule which 
defined any year past 2009 as "grossly in the future" and adding 3.2 to the 
email's spam score."

http://www.h-online.com/open/news/item/SpamAssassin-s-new-year-hangover-894279.html
http://it.slashdot.org/article.pl?sid=10/01/02/0027207

--

-- 
Richard
John McMonagle | 2 Jan 14:48 2010

Re: spamassassin year 2010 bug

On Saturday 02 January 2010 04:59:57 am Richard Bos wrote:
> Is this of any relevance to kolab's spamassassin:
> "  The Apache SpamAssassin spam filter has been shipping with a rule which
> defined any year past 2009 as "grossly in the future" and adding 3.2 to the
> email's spam score."
>
> http://www.h-online.com/open/news/item/SpamAssassin-s-new-year-hangover-894
>279.html http://it.slashdot.org/article.pl?sid=10/01/02/0027207

Yes it does affect kolab :(
I edited the rule on our server.
I did this change 
http://svn.apache.org/viewvc/spamassassin/trunk/rulesrc/sandbox/emailed/00_FVGT_File001.cf?r1=794319&r2=796216&diff_format=h

Noticed mention of using sa-update to update rules.
if I run sa-update get the following:
error: GPG validation failed!
The update downloaded successfully, but the GPG signature verification
failed.
channel: GPG validation failed, channel failed

Does anyone know how to set it up in kolab?

John
kiser Caesar | 2 Jan 16:54 2010
Picon

Kolab server and tikiwiki

Hello,


I want to know if somebody had already tried to configure tikiwiki to bind with the openldap server of  kolab ?
I try to follow the steps found on the tikiwiki website but without succes..

somebody can help me ?

On another topic, I made the integration of GLPI with succes.


Best regards,



Vous êtes étudiants ? Bénéficiez de Windows 7 à 35? !  Découvrez notre offre !
_______________________________________________
Kolab-users mailing list
Kolab-users <at> kolab.org
https://kolab.org/mailman/listinfo/kolab-users
Thomas Arendsen Hein | 2 Jan 22:42 2010
Picon

Re: spamassassin year 2010 bug

* Richard Bos <ml <at> radoeka.nl> [20100102 11:00]:
> Is this of any relevance to kolab's spamassassin:
> "  The Apache SpamAssassin spam filter has been shipping with a rule which 
> defined any year past 2009 as "grossly in the future" and adding 3.2 to the 
> email's spam score."
> 
> http://www.h-online.com/open/news/item/SpamAssassin-s-new-year-hangover-894279.html
> http://it.slashdot.org/article.pl?sid=10/01/02/0027207

To fix this with a recent Kolab server, add the following line to
/kolab/etc/kolab/templates/local.cf.template:

score FH_DATE_PAST_20XX 0.0

After that run as root: /kolab/sbin/kolabconf

Older versions of Kolab Server don't have local.cf.template, you
will have to edit /kolab/etc/spamassassin/local.cf and after that
restart amavisd with: /kolab/etc/rc.d/rc.amavisd restart
(I only tested it on a 2.2.3 server)

See http://wiki.apache.org/spamassassin/Rules/FH_DATE_PAST_20XX for
details.

Regards,
Thomas Arendsen Hein

--

-- 
thomas <at> intevation.de - http://intevation.de/~thomas/ - OpenPGP key: 0x5816791A
Intevation GmbH, Neuer Graben 17, 49074 Osnabrueck - AG Osnabrueck, HR B 18998
Geschaeftsfuehrer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
_______________________________________________
Kolab-users mailing list
Kolab-users <at> kolab.org
https://kolab.org/mailman/listinfo/kolab-users
Albert Cervera i Areny | 2 Jan 22:57 2010

Re: spamassassin year 2010 bug

A Dissabte, 2 de gener de 2010, Thomas Arendsen Hein va escriure:
> * Richard Bos <ml <at> radoeka.nl> [20100102 11:00]:
> > Is this of any relevance to kolab's spamassassin:
> > "  The Apache SpamAssassin spam filter has been shipping with a rule
> > which defined any year past 2009 as "grossly in the future" and adding
> > 3.2 to the email's spam score."
> >
> > http://www.h-online.com/open/news/item/SpamAssassin-s-new-year-hangover-8
> >94279.html http://it.slashdot.org/article.pl?sid=10/01/02/0027207
> 
> To fix this with a recent Kolab server, add the following line to
> /kolab/etc/kolab/templates/local.cf.template:
> 
> score FH_DATE_PAST_20XX 0.0
> 
> After that run as root: /kolab/sbin/kolabconf
> 
> Older versions of Kolab Server don't have local.cf.template, you
> will have to edit /kolab/etc/spamassassin/local.cf and after that
> restart amavisd with: /kolab/etc/rc.d/rc.amavisd restart
> (I only tested it on a 2.2.3 server)

That's just what I did with a couple of servers (2.2.3 and 2.2.2) and worked 
ok too.

> 
> See http://wiki.apache.org/spamassassin/Rules/FH_DATE_PAST_20XX for
> details.
> 
> Regards,
> Thomas Arendsen Hein
> 

--

-- 
Albert Cervera i Areny
http://www.NaN-tic.com
Mòbil: +34 669 40 40 18

_______________________________________________
Kolab-users mailing list
Kolab-users <at> kolab.org
https://kolab.org/mailman/listinfo/kolab-users
Chris Hastie | 3 Jan 00:14 2010
Picon

Re: spamassassin year 2010 bug

On 02/01/10 13:48, John McMonagle wrote:
> Noticed mention of using sa-update to update rules.
> if I run sa-update get the following:
> error: GPG validation failed!
> The update downloaded successfully, but the GPG signature verification
> failed.
> channel: GPG validation failed, channel failed
>
> Does anyone know how to set it up in kolab?
>
>   

On  my system, which has gpg available (but not in /kolab) this worked:

    wget http://spamassassin.apache.org/updates/*GPG*.KEY
    /kolab/bin/sa-update --import *GPG*.KEY

If you don't have gpg available on the machine install it as normal for
your host OS. Or if you're feeling lucky try overriding gpg signature
checks with

/kolab/bin/sa-update --nogpg
Chris Hastie | 3 Jan 23:57 2010
Picon

Re: spamassassin year 2010 bug

On 02/01/10 23:14, Chris Hastie wrote:
>
> On  my system, which has gpg available (but not in /kolab) this worked:
>
>     wget http://spamassassin.apache.org/updates/*GPG*.KEY
>     /kolab/bin/sa-update --import *GPG*.KEY
>
>   

Whoops. Don't know how those asterisks got in there. That should of
course have been

    wget http://spamassassin.apache.org/updates/GPG.KEY
    /kolab/bin/sa-update --import GPG.KEY
John McMonagle | 4 Jan 03:46 2010

Re: spamassassin year 2010 bug

On Sunday 03 January 2010 04:57:05 pm Chris Hastie wrote:
>   /kolab/bin/sa-update --import GPG.KEY

That worked.
Thanks

John
Sascha Wilde | 4 Jan 13:22 2010
Picon

Security Issue 26 for Kolab Server (SpamAssassin)

Kolab Security Issue 26 20100104
================================

Package:              Kolab Server, SpamAssassin
Vulnerability:        mail lossage
Kolab Specific:       no
Dependent Packages:   none

Summary
~~~~~~~

The Apache SpamAssassin spam filter shipping with Kolab Server
includes an rule named FH_DATE_PAST_20XX which triggers on most mail
with a Date header that includes the year 2010 or later.

This adds 3.2 to the spam score of nearly every mail send past 2009.

Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of SpamAssassin 3.2.0 to 3.2.5.
Kolab Server 2.2.3 and previous releases are affected.

Fix
~~~

Add the following line to
/kolab/etc/kolab/templates/local.cf.template:

score FH_DATE_PAST_20XX 0.0

or update your kolabd package:

OpenPKG packages for Kolab Server 2.2.3 are available from
http://files.kolab.org/server/security-updates/20100104/
or from the mirrors listed on http://kolab.org/mirrors.html

A binary RPM for Kolab Server 2.2.3 (ix86 Debian GNU/Linux Lenny)
is available as kolabd-2.2.3-20100104.ix86-debian5.0-kolab.rpm

A binary RPM for Kolab Server 2.2.3 (ix86 Debian GNU/Linux Etch)
is available as kolabd-2.2.3-20100104.ix86-debian4.0-kolab.rpm

After that run as root: /kolab/sbin/kolabconf

Older versions of Kolab Server don't have local.cf.template, you
will have to edit /kolab/etc/spamassassin/local.cf and after that
restart amavisd with: /kolab/etc/rc.d/rc.amavisd restart

You can check the integrity of the downloaded files with:

$ gpg --keyserver keys.gnupg.net --recv-key 4BB86568
$ gpg --verify SHA1SUMS.sig
$ sha1sum -c SHA1SUMS

The source package can be compiled and installed on your Kolab Server with:

# su - kolab
$ openpkg rpm --rebuild ...path/to.../kolabd-2.2.3-20100104.src.rpm
$ openpkg rpm -Uvh /kolab/RPM/PKG/kolabd-2.2.3-20100104.<ARCH>-<OS>-kolab.rpm	
$ exit
# /kolab/sbin/kolabconf

To install a binary package, just skip the --rebuild step.

Details
~~~~~~~

http://wiki.apache.org/spamassassin/Rules/FH_DATE_PAST_20XX
	Description of the problematic rule including note on the
	misbehavior of older versions.

https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6269
	Bug report in the official upstream tracker.

Timeline
~~~~~~~~
    20100101 Upstream Bug Report
    20100102 Discussion and hotfix on kolab-users <at> kolab.org
    20100104 Updated kolabd package available and Kolab Server
             security advisory published.
--

-- 
Sascha Wilde                                          OpenPGP key: 4BB86568
http://www.intevation.de/~wilde/                  http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998
Geschäftsführer:   Frank Koormann,  Bernhard Reiter,  Dr. Jan-Oliver Wagner
_______________________________________________
Kolab-users mailing list
Kolab-users <at> kolab.org
https://kolab.org/mailman/listinfo/kolab-users
YANQ IT Support | 5 Jan 22:58 2010
Picon

Re: Creating users resource folders without Kontact - is it possible?

Hi There,

A little while ago I asked if it was possible to create users resource 
folders (esp for contacts and calendars) without using Kontact.

This is for a server (running Debian squeeze) which I have inherited. 
I've discovered that the kolab server was originally installed using the 
'native' debian packages (i.e. apt-get, not openpkg). This is why the 
web-client isn't creating the folders for me - it's just a normal 
installation of horde, not the one that comes with kolab (openpkg version).

So, two questions:

1. Has anyone had any experience installing the OpenPkg version Kolab 
over the top of the experimental Debian packages? It seems like it might 
be a very tricky exercise and I'm not sure I have the time, resources or 
enough knowledge about kolab to try it.

2. Can I write, or is there already a script, that will create the 
resource folders for users for me?

I'm guessing it's possible because Bernhard Reiter wrote:
> You could use a script to create the needed folders and set the annotations
> of course, but if you are using a defect version of Horde, this will not help.

All of my users access their mail and calendars using thunderbird / 
lightning both in the office and on their laptops (outside the office). 
So fixing the web-client isn't that important at the moment.

Cheers,

David

-- 
David Powell
Technical Officer
Youth Affairs Network of Queensland
Tel: (07) 3844 7713
Web: http://www.yanq.org.au

NOTICE:This communication and all attachments contains information which 
is confidential and the copyright of Youth Affairs Network Qld (YANQ)or 
a third party. If you are not the intended recipient of this 
communication please delete and destroy all copies and telephone/email 
(details above) YANQ. If you are the intended recipient of this 
communication you should not copy, disclose or distribute this 
communication without the authority of YANQ. Any views expressed in this 
communication are those of the individual sender, except where the 
sender specifically states them to be the views of YANQ.  Except as 
required at law, YANQ does not represent, warrant and/or guarantee that 
the integrity of this communication has been maintained or that the 
communication is free of errors, virus, interception or interference.

Gmane