[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: running spamass-milter as non-root and rejecting spam
From: |
Cassandra L Brockett |
Subject: |
RE: running spamass-milter as non-root and rejecting spam |
Date: |
Wed, 18 May 2005 15:52:00 -0700 |
> -----Original Message-----
> From: address@hidden
> [mailto:address@hidden
] On Behalf Of Saurabh Barve
> Sent: Wednesday, May 18, 2005 12:53 PM
> To: address@hidden
> Subject: running spamass-milter as non-root and rejecting spam
>
> Hi,
>
> 1) I was running SpamAssassin as root, but I kept getting an
> error that
> said that it isn't a good idea to run SA as root. So, I created an
> unprivileged user `spamd` that had no login shell, and a home
> directory
> as /home/spamd. I then passed the following options to spamd when
> starting it up: -d -c -m5 --username spamd -H /home/spamd. SA
> now runs
> under user spamd. However, I get an error message that says
> that spamd
> cannot write to user preferences in /root/.spamassassin. I
> posted this
> question on the SA-list, and somebody told me that to get it to
> recognize the home directory for user prefs as /home/spamd, I need to
> run spamass-milter as a non-root user. How do I do that?
> There seems to
> be no option to run spamass-milter as an unprivileged user. `man
> spamass-milter` has one option for 'username', but it is not
> related to
> running the milter program as non-root. Since my unprivileged
> user does
> not have a shell, I cannot 'su' to that user to start spamass-milter.
I don't know who said you need to switch spamass-milter over, as that's
actually rather strange.
Here I have spamassassin set to run as root (without any errors as I run
per-user config on sql, but this should not be a big deal), and I have
told spamassassin that it's "homedir" folder is a different folder.
This means that spamass-milter runs as root (which being a milter it
does like to have higher-access levels that most programs, at least I
would suspect this), and spamassasin just dumps the data into the
correct location. Spamass-milter has no say in the home directory
details of spamassassin aside from how spamd responds when it gets
called.
In my case the option to spamassassin is
"--helper-home-dir=/var/local/spamd", you would use whatever directory
you wished. It's a spamassassin thing, not a milter thing with the
preferences data.
> 2) I have the following options set up for spamass-milter: -r 10 -B
> address@hidden Thus, I am trying to reject any e-mail that gets a
> score of
> 10 or more. All other e-mails that get tagged as spam, I want
> to be sent
> to address@hidden My score setting for spam recognition is set at 5. So,
> anything that is between 5 and 10 should be sent to address@hidden, and
> anything above 10 should be rejected outright[at least that's my
> understanding of it]. However, what I'm seeing is that
> messages with a
> score over 10 are attempted to be sent to address@hidden, and then are
> getting blocked as well. This is resulting in a mailer-daemon message
> being generated. The reason for the mailer-daemon is that the
> message is
> bouncing too many times between localhost and the mail server. My
> localhost is my mail server. How do I get around this?
I am not sure what is happening there, as I don't use mail redirection
for tagged spam... I do seem to recall a previous person with the same
situation however - have you checked back through the list archive? I'm
sure someone else here can help on this one though...
Regards,
Cassandra Brockett