Spamihilator

[aionel_net]

Hi. I've been using Spami for the last 5 years without any problems, and I'm very happy with it.

Recently I've switched my hardware, and with it I upgraded OS to Windows 7 (have been using XP on the old hardware). Default setup of Spami, nothing unusual about the other software I'm using too. Didn't change anything in the configuration yet. But Spami keeps crashing, the Configuration, Mail statistics dialogs etc. are working fine. But every time either Recycle Bin or Training Area window is closed there's a crash. Either a silent one - window is closing, tray icon is no responsive and it disapears after few seconds; or interactive one - there is a crash dialog shown. Same goes for using the button to switch to the other dialog while one of them is opened. Every time crash dump is created. I also did configure everything I wanted, and installed every plugin I needed but the result is still the same.

I even sent the dump twice with a steps to reproduce to errorreportATspamihilatorDOTcom - this should help tracing the bug, but I didn't get any response, nor bounce yet (it was sent one and two months ago).

I'm getting lots of spam daily and my server queue has reached around 16.000 right now, and I don't want to risk loosing them after downloading. But downloading them all and manually sorting would be even a greater pain. So I keeping them hoping, that this will be finally fixed someday - but I didn't get any help anywhere .

[Chactory]

Hallo aionel_net!

Sorry, but I was just too tired and too busy to read and answer your posting. I'm going to think over it and respond to you after having a good night's rest.

Gruß, Chactory

[aionel_net]

Update: I also did try using (in addition to the latest one) version 0.9.9.52 and 0.9.9.44 and the effect is still the same. I was using version 44 under XP without any problems, so I belive it is something with the OS configuration rather than the program itself.

This idea is also confirmed by using virtual machine with fresh installation of the same version of OS as mine (Windows 7 Pro). It is totally default configured OS installation used for my software development testing. As expected each of the tested version is working good there. So there must be some unusual set of software or system settings on my main PC then.

I belive that the crash dump does contain stack contents, so it should allow to trace exactly which procedure is causing the crash, and to think of a possible solution. I have attached it here. Maybe the last mails I was sending to Michel were simply filtered, and he didn't get a chance to get a copy of. While this could be an interesting case for him.

[Chactory]

Hallo aionel_net!

Please give further information, e.g. is it Win 7 64 bit or 32 bit?

Gruß, Chactory

[aionel_net]

It's Windows 7 Professional 32-bit, activated OEM version. Using default Polish regional settings. UAC and DEP is on.

As for any unusual software running in the background, based on the Process Explorer, 4 of them are injecting their own DLLs into Spamihilator main process: Window Blinds 7.2 (actually I'm using classical Windows theme, but WB must be running in the background to allow using of Skin Studio), Kat Mouse 1.04, Actual Window Manager 6.3 and Norton Internet Security 17.8.

I doubt any of them is causing this, since around 200 other programs doesn't have a problem with them, but you never know.

[Chactory]

Hi Aionel!

Thank you very much for your contribution. I don't know why Michel Krämer, the program author of Spamihilator, didn't respond to your dump reports. In the last two weeks, he wasn't around, so I think that he's taking his holidays. And of course, he's working a lot in his occupation held, so there's not left so much time for Spamihilator, as it was when he went to the college.

When you collect so many mails on the server, as you wrote, the cooperation of Spamihilator and the mail client may be overwhelmed by the sheer mass of mails.

As for any unusual software running in the background, based on the Process Explorer, 4 of them are injecting their own DLLs into Spamihilator main process: Window Blinds 7.2 (actually I'm using classical Windows theme, but WB must be running in the background to allow using of Skin Studio), Kat Mouse 1.04, Actual Window Manager 6.3 and Norton Internet Security 17.8.
I doubt any of them is causing this, since around 200 other programs doesn't have a problem with them, but you never know.

I'm not a programmer, so could you explain your findings to me? How can those programs inject DLLs into the main process of Spamihilator, and to what purpose?

Sometimes, in fact some security suites could cause incompatibilities with Spamihilator. Does it make sense to you to test in your virtual machine, if Spamihilator works with Symantec without crashes?

Thanks,
Chactory

[aionel_net]

So that would be one quite long holidays that he is taking, since I sent the first crash log two months ago. I don't blame him since this is a free software and he is not obligated to watch for it. But actually I wouldn't mind optionally * POLICY VIOLATION ! * for it, if there would be a real support provided as with other software. I know it's basically software targeted at advanced users, but hey, there are always few thinks that only the developer can fix.

Back to the topic. Injecting DLLs means, that a software was forced by other program to load it. This is quite easy to spot, since the only normal DLLs Spami is using for its threads is msvcr90.dll and mscowrks.dl (since it's written in C), dccfilter.dll (it seems to be loaded even when not scanning any mails) and ntdll.dll (system stuff). Every other DLL is suspcious, and based on their names I've located them, checked their version, comment etc. Kat Mouse is used for every application to replace their native mouse scroll handling, Window Blinds is for skinning, Norton Internet Security is for protection (probably part of their "sonar" technology) and Actual Window Manager monitors windows and adjusts their size, position, monitor placement etc.

I almost knew it was one of them and I installed them one by one on the virtual machine. It seems that Actual Window Manager has a conflict with Spamhilator. It does few things with Spami windows such as addings titlebar button for moving to the other monitor. It seems that Spami is the only software that doesn't like it for some reason. I've added Recycle Bin and Training Area windows to AWM exclusion list and it's working great.

Maybe it would be nice to add it to FAQ too. I also did write AWM developers, and there will be an exclusion for Spami windows by default, until Michel traces why does it happens. I have to admit that it was all inspred by Mark Russinovich (sysinternals.com) "the case of..." computer detective blog series, and I'm proud of it .

Ok. So, once it stopped crashing I did install and configure all of the plugins I wanted to have again. It took some more testing, since not all of them are UAC compatible, and because of that I had few more crashes or they were loosing settings after Spami restart. So I had to change their INI/LOG file access rights to allow writing to them by normal users, even when they are located in a protected folder. Few more tweaks and it seems no more crashes and every plugin settings is saved and changable via settings dialog.

Now, I've got another problem. I configured everything including copying of learning filter memory, and my spam catching rate should be near 99 % again. So I stared my e-mail client, and Spami started downloading mails. Since I've been checking them everyday via webmail, I know that almost all of them are spam (well, maybe there are near 50 non-spams of all 15.000 mails). But the progress window states it detected very few of them. That's strange. So I did cancel the download progress. If I would allow it to continue I would get around 14.000 spam mails directed to my e-mail client, and it's hard to tell if it's not a problem for it, plus I would need to filter them manually. Of course after that I would check Training Area and knew which filter and why marked all those mails as non-spam. But it would be way to late. I was also looking for filters.log file, but it seems it's written after downloading all mails...

[Chactory]

Hello Aionel,

thank you for your answer!

Yes, Michel should have responded to your dump records earlier. But he is in fact working on Spamihilator! You can track Michel's progress by watching the todo list. The lines marked green are already programmed in the beta version 0.9.9.57. Unfortunately, the "great times" for spamfilter programs seem to be over, because many mail providers and many security software developers have included this function, even though they do not all work very well. That's why the Spamihilator project has melted to a one man project. Michel's actual business is graphical information processing, and I guess that he has only a limited part of his free time left for the extensive developement of Spamihilator.

Thank you for explaining the DLL point.

And for working out the Actual Window Manager problem. I remember similar problems with a Windows theme ...

Maybe it would be nice to add it to FAQ too.

Ok, perhaps in a section "conflicts with other software".

I have to admit that it was all inspred by Mark Russinovich (sysinternals.com) "the case of..." computer detective blog series, and I'm proud of it .

Cool!

copying of learning filter memory

- Do you remember the filters sieving most spam-mails in your previous Spamihilator installation?
- Perhaps you could receive mails with an other mail account and then analyse how your new Spamihilator installation works. Do you have Bob Loeffler's Statistics Plugin installed?
- Is your filter sequence the same as before?
- Did you copy the files of the very same Spamihilator version?
- Perhaps the Link Filter's memory is missing now.
- The DCC Filter's threashold should be set higher than 1000.
- Did your Blocked Sender's list catch many spam-mails?
- And, of course, didn't you write your own mail address into the Friends List?

Chactory

[michel]

Hi!

Sorry for not responding. I'm usually collecting crash reports until I have a bunch of them before I start to analyze. That gives me the possibility to find similarities between crashes and to find the problem more easily.

You should definitely try the latest beta version. It is already very stable and a lot of bugs have been fixed compared to the current official version. Maybe your bug has also been fixed already:
viewtopic.php?f=58&t=8427

Bye,
Michel

[Chactory]

Hi!

Just some minutes before, Michel has published the next beta version:
0.9.9.58.

Regards, Chactory

[anbuva]

Hallo Chactory!



Gruß
anbuva