#951375 spamassassin: zoom: able to use 390/391 'body_0' compiled rules (99.744%)

Package:
spamassassin
Source:
spamassassin
Submitter:
Francesco Potortì
Date:
2021-04-15 17:21:08 UTC
Severity:
minor
Tags:
#951375#5
Date:
2020-02-15 14:59:52 UTC
From:
To:
In syslog I get this every time that spamd is restarted.  All messages
are alright but the one about zoom, which points to some problem that I
don't know how to diagnose:

spamd[4192219]: spamd: server hit by SIGHUP, restarting
spamd[4192219]: spamd: child [447100] killed successfully: interrupted, signal 2 (0002)
spamd[4192219]: spamd: child [447102] killed successfully: interrupted, signal 2 (0002)
spamd[4192219]: spamd: child [447101] killed successfully: interrupted, signal 2 (0002)
spamd[4192219]: spamd: child [447099] killed successfully: interrupted, signal 2 (0002)
spamd[4192219]: spamd: server socket closed, type IO::Socket::UNIX
spamd: spamd: restarting using '/usr/sbin/spamd -d --pidfile=/run/spamd.pid --socketpath /var/run/spamassassin --max-children 15 --min-spare=2 --max-spare=4 --helper-home-dir --user-config --allow-tell'
spamd[4192219]: logger: removing stderr method
spamd[470213]: zoom: able to use 371/372 'body_0' compiled rules (99.731%)
spamd[470213]: spamd: server started on UNIX domain socket /var/run/spamassassin (running version 3.4.4)
spamd[470213]: spamd: server pid: 470213
spamd[470213]: spamd: server successfully spawned child process, pid 470216
spamd[470213]: spamd: server successfully spawned child process, pid 470217
spamd[470213]: spamd: server successfully spawned child process, pid 470218
spamd[470213]: spamd: server successfully spawned child process, pid 470219
spamd[470213]: prefork: child states: IIIS
spamd[470213]: prefork: child states: IIII
spamd[470216]: spamd: got connection over /var/run/spamassassin
spamd[470216]: spamd: setuid to pot succeeded

#951375#10
Date:
2020-02-16 06:22:02 UTC
From:
To:
spamassassin with '-D' enabled, we see some more details:

Feb 16 06:16:10.258 [4799] dbg: zoom: loading compiled ruleset from /var/lib/spamassassin/compiled/5.030/3.004004
Feb 16 06:16:10.259 [4799] dbg: zoom: using compiled ruleset in /var/lib/spamassassin/compiled/5.030/3.004004/Mail/SpamAssassin/CompiledRegexps/body_0.pm for Mail::SpamAssassin::CompiledRegexps::body_0
Feb 16 06:16:10.260 [4799] dbg: zoom: skipping rule GB_WP_FILELINK, code differs in compiled ruleset '[hash]file_links\["C\:\\w+\.txt' '[hash]file_links\["C\:\\\w+\.txt'
Feb 16 06:16:10.261 [4799] dbg: zoom: able to use 371/372 'body_0' compiled rules (99.731%)

So the problem appears related to the GB_WP_FILELINK rule.  That rule
looks like:

body     GB_WP_FILELINK  /\#file_links\["C\:\\\w+\.txt/
describe GB_WP_FILELINK  try to abuse file_links uris in Wordpress emails
#score    GB_WP_FILELINK  2.0 # limit
tflags   GB_WP_FILELINK  publish

noah