Rollback Debian Upgrade

A single Debian upgrade (apt-get upgrade) can be rolled back with the following command. The upgrade is identified by its date and time, which has to be looked up from /var/log/apt/history.log first.

grep -A 2 'Start-Date: 2016-06-26  17:38:49' /var/log/apt/history.log | tail -1 | sed -r -e "s/Upgrade: //" -e "s/([^:]+):amd64 \(([^,]+), [^,]+\),?/\1=\2/g" | xargs apt-get install

Interoperating Exim with Rspamd

Recently I have been implementing Rspamd for providing some automatic filtering for the emails hosted on my server, which are presently delivered by Exim to the Dovecot LDA.

For integrating Exim with Rspamd, I followed the Rspamd manual, but thing weren’t exactly working as expected.

I was frequently getting error messages such as:

Feb  7 11:10:44 stanke rspamd[2939]: (normal) <3a1c27>; task; accept_socket: accepted connection from 127.0.0.1 port 51289
Feb  7 11:10:44 stanke rspamd[2939]: (normal) <3a1c27>; task; rspamd_worker_error_handler: abnormally closing connection from: 127.0.0.1, error: IO timeout

with Exim at the same time reporting

2016-02-07 11:10:44 1aSMIm-0005QH-3P spam acl condition: Broken pipe on spamd socket
2016-02-07 11:10:44 1aSMIm-0005QH-3P H=mail1.mcsignup.com [205.201.139.33]:49767 Warning: ACL "warn" statement skipped: condition test deferred

In the majority of cases however the scan succeeded, so that a general misconfiguration could be ruled out. For some reason the socket connection between Exim and Rspamd seemed to break in some cases. I tried playing with the spamd_address options of exim, in particular with tmo and retry (see the Exim documentation on content scanning at ACL time), but to no avail.

What seems to have fixed the problem however was to define two entries for spam servers that Exim can connect to, despite the fact that they both refer to the same Rspamd instance. Exim seems to simply switch to the next (in fact same) server when seeing a „broken pipe“ and the reconnect seems to suffice to iron things out. Here is the relevant snippet to be inserted in /etc/exim4/conf.d/main/02_exim4-config_options:

spamd_address = 127.0.0.1 11333 tmo=1m retry=10s variant=rspamd : \
                127.0.0.1 11333 tmo=1m retry=10s variant=rspamd

After my spam filter has been inactive for…

After my spam filter has been inactive for more than two weeks, I finally had the pleasure to investigate what went wrong during the upgrade of my system to Debian Wheezy. Back then I took the conservative approach and kept my old configs when in doubt, especially when they were personalized to my tastes. Unfortunately DSPAM wasn’t so nice as to pass Exim any meaningful error message.

Long story short, the DSPAM package changed the location of its storage drivers. Inserting „x86_64-linux-gnu“ in the StorageDriver entry in dspam.conf solved the problem. Wouldn’t this be the first thing to look for when reading „transport returned 1 from command: /usr/bin/dspam“ in the mainlog?!

Android Z-Push

For weeks I had the intention to use my Android phone with Zarafa and Z-Push. However, my phone always reported that protocol version provided by the server would not be supported. I had a day off today and dug into the code (first Z-Push, then CyanogenMod 10) to track down the problem. It seemed like there would be a problem with the OPTIONS request in ActiveSync and the headers sent by Z-Push. I ended up using Fiddler to inspect the HTTPS traffic, in particular the headers and it turned out that Z-Push did not send the headers to identify the ActiveSync protocol. But the PHP-code (already messed with debugging output of my own) did send the headers.

Surprisingly, a minimal PHP script that did nothing by sending headers also worked. After a while it seems like the PHP output buffering (ob_start) dropped the headers, but then ob_clean or _flush at before and/or after the header call didn’t change anything.

Staring at the Fiddler traffic of the working testing code brought the saving idea: I had mod_pagespeed enabled (which I noticed, because it also added a header of its own). Turning it off made everything work!

Conclusion: Z-Push is incompatible with mod_pagespeed!