On Thu, 2009-06-04 at 11:29 -0400, Steeve McCauley wrote:
> I just spent the better part of the last month trying to figure
> out why my baysian filtering was not working on a new mail server
> setup. [...]
> Today on a whim I decided to add -u <username> to the spamc
> command line in my procmail filter and bayes started working.
> I discovered in the syslog the following difference before and
> after the change,
>
> Thu Jun 4 07:40:03 2009 [29789] info: spamd: setuid to openpkg-r succeeded
> Thu Jun 4 08:15:02 2009 [29789] info: spamd: setuid to steeve succeeded
>
> so it's now obvious that it was running as user openpkg-r, rather
> than my user own user name, which is the user under which spamd is
I believe this is wrong. spamd appears to be running as root. Otherwise,
it would not have setuid'ed to the user in the first place.
> running. Now the man page states that it is using the Effective UID
> of the caller, which I had assumed was my user name.
> spamc -h is a little less ambiguous,
>
> -u, --username username
> User for spamd to process this message under.
> [default: current user]
>
> The mystery for me is why spamd was doing setuid to it's own uid rather
> than my uid, unless I forced it with the -u switch. I know that procmail
> is not running as user openpkg-r which just adds to the mystery.
My guess is, this assumption is wrong. :) At least at the point in the
procmail recipe where spamc is being called, procmail appears to run as
the openpkg-r user.
spamc tells the user it is running as by default.
> Any ideas?
Just to verify, try adding something like this to your procmailrc, right
before the recipe that filters through spamc. Then check the log. (Note,
linebreak intended.)
LOG = "Hello, I am ${LOGNAME}.
"
If the spamc filter is part of the system-wide procmailrc, the fix
probably is to have DROPPRIVS before the filter, so it will be run on
behalf of the recipient. See man procmailrc. You shouldn't need the -u
switch after that.
guenther
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
