On 16 Jun 2016, at 13:46, Sebastian Arcus wrote:
I have a particular server running spamd
Which must run on a particular platform. Since SpamAssassin and Exim can
run on a decade's worth of versions of at least 9 different OSs and one
of those (Linux) has about a half-dozen distinctly different families of
distributions that have become quite divergent, it would help to
identify your OS and version (or if Linux, which distro & its version)
when seeking help from people who don't keep track of what sorts of
systems you run. This helps constrain the scope of sane guessing...
(However, the ability to run arbitrary programs as 'root' implies a
POSIX-y platform with a true-root security model, so I'll assume this
isn't some Windows-Frankenstein abomination or El Capitan)
which uses bayes every time I test it by hand, but apparently never
when it goes through exim/spamd.
I run everything (both the spamd daemon and the manual tests) as user
spamd. I checked the permissions on the bayes database. I use a global
bayes database in /var/spool/spamd/bayes/.
Provide `ls -la /var/spool/spamd/bayes/`, please. Or if the problem that
reveals is obvious, just fix it and you're welcome. :)
I ran "spamassassin -D --lint" - and I get no failures - both as root
and as the user spamd.
And when you run spamassassin as root, you risk having root steal the
Bayes and AWL DBs. Presumably this is why some misguided articles online
documenting SA setup for system-wide use recommend deeply wrong things
like 'chmod -R 777' on your database directory. Don't do that. Ever. On
any directory. Use an ad hoc group, BSD directory setgid semantics or
fileflags, ACLs, a script that runs from cron every minute, or whatever
else can work on your platform to assure that spamd can always read and
write to everything in that directory, but DO NOT 777 it.
In spite of all of the above, it looks pretty clear that bayes is only
used when I run an email manually through spamassassin, but not when
it goes from exim through spamd.
Is spamd configured to do any logging? By default on POSIX platforms it
logs under the mail facility and if it can't open the BayesDB it will
log that fact. If it does so but there's no ownership/permission problem
it could also be due to SELinux, running spamd in a chroot jail (bad
idea,) or maybe AppArmor (about which I know nothing other than that
it's an alternative to SELinux.) These are solvable problems.
