Re: can spamd be told what domains are local for "spamc -u"?
Hi Jason, I have actually removed SA completely from qmail scanner and placed it into a later step of the delivery chain. One of the reasons was the fact that any email address may in deed go to two recipients with different spam preferences. I am aware that I am scanning these messages twice, but I can use stock versions of the software - otherwise I would have to undo changes added by SA, and add them back in according to the other's preferences BTW: have you ever thought about qmail-scanner exiting with different codes (so qmail could send different 5xx messages at the end of the data phase) for policy and virus trapped mails Wolfgang Hamann >> I'm the author of the Qmail content filter Qmail-Scanner, and currently >> it calls spamc as "spamc -u [EMAIL PROTECTED]" so as to help out the sites >> doing per-user SA configs. >> >> I've assumed that anyone wanting to do this would be using SQL backends >> (so requiring them to refer to local accounts as "[EMAIL PROTECTED]" is >> fine) - but apparently I presumed too much! Some are just interested in >> standard old /home/$USER/.spamassassin/ style lookups. Now calling >> "spamc -u [EMAIL PROTECTED]" doesn't work for them as there is no local >> username called "[EMAIL PROTECTED]". >> >> So I could add yet another feature to Qmail-Scanner where it will strip >> back to the username - or SpamAssassin could. >> >> I don't mind either way - it's just that I wonder if this is also an >> issue for other SA-integrated MTAs (milter, postfix), so thought I'd >> post it out for comment? Maybe others can suggest another way of doing >> it? [Let's not dwell on the fact that spamd may have to run as root for >> this mode to work...] >> >> Thanks >> >> -- >> Cheers >> >> Jason Haar >> Information Security Manager, Trimble Navigation Ltd. >> Phone: +64 3 9635 377 Fax: +64 3 9635 417 >> PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 >> >>
Re: can spamd be told what domains are local for "spamc -u"?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jason Haar writes:
> I'm the author of the Qmail content filter Qmail-Scanner, and currently
> it calls spamc as "spamc -u [EMAIL PROTECTED]" so as to help out the sites
> doing per-user SA configs.
>
> I've assumed that anyone wanting to do this would be using SQL backends
> (so requiring them to refer to local accounts as "[EMAIL PROTECTED]" is
> fine) - but apparently I presumed too much! Some are just interested in
> standard old /home/$USER/.spamassassin/ style lookups. Now calling
> "spamc -u [EMAIL PROTECTED]" doesn't work for them as there is no local
> username called "[EMAIL PROTECTED]".
>
> So I could add yet another feature to Qmail-Scanner where it will strip
> back to the username - or SpamAssassin could.
>
> I don't mind either way - it's just that I wonder if this is also an
> issue for other SA-integrated MTAs (milter, postfix), so thought I'd
> post it out for comment? Maybe others can suggest another way of doing
> it? [Let's not dwell on the fact that spamd may have to run as root for
> this mode to work...]
Hi Jason!
There's a general problem, though -- which is that SpamAssassin doesn't
have the information to deal with just one of those cases. Take a look.
So there's two items of data:
- RCPT TO address ("[EMAIL PROTECTED]")
- username ("user")
Now, we could add code to SpamAssassin to assume that "[EMAIL PROTECTED]"
translates to the username "user", but in reality *it may not* -- the MTA
configuration could have an alias that translates it to username "jm"
instead of "user".
So in that case, it makes more sense to wait for the MTA to translate it,
and let the MTA pass on the 'real', fully-alias-resolved username instead.
- --j.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFBtlTfMJF5cimLx9ARAlGhAKCykTUGmqJ/Fxey0++0AwCiOyjmoQCguoeK
7sGO4hPDb4QTNTVf+B5Nmw8=
=GmI5
-END PGP SIGNATURE-
