Re: [SAtalk] My rules don't work.

Wed, 06 Aug 2003 16:28:30 -0700 

On Mon, Aug 04, 2003 at 11:27:43PM -0700, Patrick Morris wrote:
> You can't define rules in user prefs unless you also define the 
> allow_user_rules variable.  See the Mail::SpamAssassin::Conf man page 
> for reasons why this my not be a good idea.

HHmm... that's inconvenient.  This is what the man-page has to say:

     allow_user_rules { 0 | 1 }         (default: 0)
         This setting allows users to create rules (and only
         rules) in their `user_prefs' files for use with `spamd'.
         It defaults to off, because this could be a severe
         security hole. It may be possible for users to gain root
         level access if `spamd' is run as root. It is NOT a good
         idea, unless you have some other way of ensuring that
         users' tests are safe. Don't use this unless you are
         certain you know what you are doing. Furthermore, this
         option causes spamassassin to recompile all the tests
         each time it processes a message for a user with a rule
         in his/her `user_prefs' file, which could have a
         significant effect on server load. It is not
         recommended.


So does that mean I'm stuck and there's nothing I can do to configure SA?
If it's a security hole, I have no expectation that I will be allowed to 
do make my own rules.  So what am I supposed to do?


-- 
Daniel Carrera | PGP: 6643 8C8B 3522 66CB D16C D779 2FDD 7DAC 9AF7 7A88
Math PhD. UMD  | http://www.math.umd.edu/~dcarrera/pgp.html

* * * * *  Weekly Smile * * * * * * * * * * * * * * * * * * * * * * * *
  Sign in a hotel in Athens:
  Visitors are expected to complain at the office between the hours
  of 9 and 11 A.M. daily.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to