I've been testing spamdyke's auth capabilities a little, anticipating using it to enforce encrypted passwords (when that feature comes available). While doing so, I came across what I think is a bug.
When the access-file parameter is specified: access-file=/etc/tcprules.d/tcp.smtp then my spamassassin doesn't scan. I believe this is because spamdyke is setting the RELAYCLIENT variable, which is what qmail's smtp-auth also does, causing spamassassin scanning to be bypassed. Here is the tail end of my tcp.smtp file (there are more addresses listed above): 192.223.243.129-140:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/qmail-queue",NOP0FCHECK="1" :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/simscan",DKSIGN="/var/qmail/control/domainkeys/%/private",NOP0FCHECK="1" BL, it appears that RELAYCLIENT is always being set when the access-file parameter is given. I believe it should only be set when a matching line in the tcp.smtp file contains the RELAYCLIENT variable (or when the client has authenticated). If this cannot be done in spamdyke, perhaps there's another way for simscan to control when spamassassin is invoked. I'd rather not go there though, as I'm anticipating using amavisd-new at some point. Thanks for your great work, Sam. -- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
