I'm learning only today of the proposed dependancy on apache2-suexec. I think it's a bad idea: the dspam web frontend runs just fine with other web servers, and it is very unusual to have a packaged cgi-bin script depend on any particular web server.
I have been running dspam's web frontend with several alternative web servers such as thttpd or mathopd. The only requirements seem to be that the server must support some form of HTTP authorization (basic authorization is just fine though) and that the user id can be set to dspam (mathopd lets me do that for just dspam's cgi scripts, thttpd had to be configured with an instance running on a separate port with dspam's UID). Maybe you could suggest or even recommend apache2-suexec, and possibly conflict on the versions that were limited to UID >= 1000 ? -- Michel "Walken" Lespinasse A program is never fully debugged until the last user dies. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]