HI Sam, As I told you I never thought about unsetting anything, only about setting something just the same way as you set RC now...
I haven't checked the code but the crucial question is (and you can probably answer instantly): Do you set RC, start qmail-smtpd and then filter or block or Do you filter/block, set RC and then start qmail-smtpd? If it's the first one, then env vars are indeed no solution to this problem. If the later, it works. Regards Bgs On 11/26/2010 07:48 PM, Sam Clippinger wrote: > That sounds like a great idea, but unfortunately it just can't be done. > Environment variables can't be changed once the program is running. > That's why spamdyke can't turn RELAYCLIENT on/off as appropriate -- it > can't turn any other environment variables on/off either. qmail-smtpd > is started by spamdyke at the very beginning, so its environment is set > at that time and can't be altered based on authentication or anything else. > > Communicating with qmail-scanner using environment variables is just the > wrong answer. I think the right answer is for qmail-scanner to only > scan certain recipient addresses (based on a list, regexs or something > similar). Since modifying qmail-scanner this way is probably not > something you're interested in undertaking, would it be possible to get > your authenticated users to deliver their email on a different port > (like 587)? Then you could use a different configuration on that port > to skip the SA scanning for those users. > > -- Sam Clippinger > > On 11/26/10 3:32 AM, Bgs wrote: >> No, you misunderstood. I'm not asking about removing RC anytime later. I >> want to disable SA for authenticated users only. >> The problem is that both of you (spamdyke/spamassassin) have you own >> logic that works well alone, but do not work well together. >> The solution could be some way of communication between the two that can >> override the default behaviours. This is why I thought about adding >> another env var (the main way of communication) that could relay the >> information. >> >> So: >> >> Spamdyke sets RC for all mail it thinks by its rules, that must be >> handled and overrides qmail. >> qmail-scanner only filters mail that's not local and RC is not set. >> This way I'm forced to override qmail-scanner by setting QS_SPAMASSASSIN >> from my smtp.conf and by this scanning authenticated mail as well. >> >> A possible solution is to add a logic to spamdyke which is able to set a >> new env var and also add a logic to qmail-scanner takes it into >> consideration when scanning mail. This needs only minor changes in both >> software and enables them to peacefully coexist. >> >> The logic I was thinking of: >> >> - spamdyke acts as normal with average config >> - Add and env var SCAN_SPAM which can be set to 'on' or 'off' >> - qmail-scanner acts as normal without the env var (or wrongly set) >> - qmail-scanner overrides spam scanning rules if the env var tells it >> explicitly to set it on/off >> >> - Add a rule to spamdyke's config: external-spam-scan-on-auth which >> takes on or off as arguments and sets the env var to that. >> >> The same could be used for other spam scan disable/enable scenarios not >> just authentication and as a plain env var, other downstream scanning >> modules can utilize it, not just qmail-scanner. >> >> What to you think Sam? >> >> Regards >> Bgs >> >> >> On 11/25/2010 06:10 PM, Sam Clippinger wrote: >> >>> I'm not sure this can be resolved. Environment variables can't be >>> altered once the qmail-smtpd process has been started: >>> http://www.spamdyke.org/documentation/FAQ.html#SUGGESTION7 >>> >>> spamdyke always sets the RELAYCLIENT variable because it needs to >>> override qmail's filters when a client meets spamdyke's criteria for >>> relaying. Specifically, if a client authenticates or matches a >>> whitelist, spamdyke needs to prevent qmail from blocking the message >>> later. I suppose I could change spamdyke to not set the RELAYCLIENT >>> variable if authentication is turned off and no whitelists are >>> enabled... but the method to trigger/stop the variable would be so >>> complex I think it would cause more confusion than it's worth. >>> >>> What does the rest of your spamdyke configuration look like? Could you >>> use it with no whitelists, no configuration directories and "smtp-auth" >>> set to "none" or "observe"? >>> >>> -- Sam Clippinger >>> >>> On 11/23/10 3:01 PM, Bgs wrote: >>> >>>> Trying again, it didn't show up on the list... >>>> >>>> -------- Original Message -------- >>>> Subject: RELAYCLIENT setting when spamdyke is authenticating >>>> Date: Sun, 21 Nov 2010 14:52:14 +0100 >>>> From: Bgs<b...@bgs.hu> >>>> To: spamdyke users<spamdyke-users@spamdyke.org> >>>> >>>> >>>> >>>> >>>> Hi, >>>> >>>> I might be the one misinterpreting the docs, but something is strange >>>> for me. >>>> >>>> The setup: >>>> >>>> spamdyke with auth/access file + qmail-scanner with spamassassin >>>> >>>> In my access file I have localhost with RELAYCLIENT and no >>>> qmail-scanner, all other without RELAYCLIENT and qmail-scanner. >>>> >>>> I have relay-level set to 'normal' which according to the docs, does >>>> the following: >>>> >>>> |normal|: Prevent relaying unless the sender authenticates, the access >>>> file allows relaying or an environment variable allows relaying. >>>> Requires |local-domains-entry| or |local-domains-file| and |access-file|. >>>> >>>> >>>> So I was expecting the following: >>>> >>>> - Normal mail arrives for relay -> denied (does this) >>>> - Normal mail arrives for domain in rcpthost -> do NOT set >>>> relayclient, pass to q-s and further to qmail-smtpd which will handle >>>> it (it doesn't do this) >>>> - Authenticated user sends mail -> spamdyke sets RELAYCLIENT, q-s >>>> skips checks, qmail-smtpd processes mail >>>> >>>> The second buffles me: >>>> >>>> - access file does not set RELAYCLIENT >>>> - there is no environment variable passed to spamdyke >>>> - the user does not authenticate >>>> >>>> Apparently spamdyke also sets RELAYCLIENT when the domain is in >>>> rcpthosts. This means that spamdyke disables spam filtering. If I >>>> override qmail-scanner (with explicit QS_SPAMASSASSIN environment >>>> variable) to check all mail, authenticated users get filtered as well >>>> which leads to loads of complaints. >>>> >>>> Am I getting something wrong or is this a bug? >>>> >>>> Regards >>>> Bgs >>>> >>>> >>>> _______________________________________________ >>>> spamdyke-users mailing list >>>> spamdyke-users@spamdyke.org >>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>> >>>> >>> _______________________________________________ >>> spamdyke-users mailing list >>> spamdyke-users@spamdyke.org >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>> >>> >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
