[SA-exim] User prefs

Derrick 'dman' Hudson dman at dman.ddts.net
Mon, 1 Jul 2002 18:07:59 -0500

Previous message: [SA-exim] User prefs
Next message: [SA-exim] User prefs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------------------- multipart/signed attachment
On Mon, Jul 01, 2002 at 03:27:53PM -0700, Mikel Tidwell wrote:
| Hello,
|=20
| I used the local_scan patch for exim 4.05, and so far, I'm really happy
| with it.  However, I've run into a snag when it comes to my users having
| their own user prefs.  This could be a SA generic question, but I thought
| I'd try those who use exim exclusively first.
|=20
| As far as I can tell, the user_prefs in my .spamassassin dir is complete
| ignored.  I have required_hits to 7.60 (instead of system set 7.50) for
| testing, as well as a few whitelists... but I get nothing to show it's ev=
er
| reading my prefs.

That's right.  When you scan the message during the SMTP session,
who's user settings should SA use?  For example, suppose the client
side of the SMTP session looked like this :

MAIL FROM:<dman@dman.ddts.net>
RCPT TO:<dragon@dreamhaven.net>
RCPT TO:<postmaster@dreamhaven.net>
DATA
<blah blah>
=2E
QUIT


The local_scan is run only once, for both the users 'dragon' and
'postmaster'.

If you want to use user preferences, then I recommend doing the
scanning later in the delivery process, as documented here :
    http://dman.ddts.net/~dman/config_docs/

| I've talked to other exim users, and they gave me the following setting:

This is a mish-mash of 2 separate (and incompatable) designs for
integrating SA _without_ using the local_scan patch.  The old version
that used some variant of
    command =3D "spamc | exim -oMr spam-scanned"
is susceptible to malicious shell metacharacters embedded in an
address.  Also, if the recipient user isn't passed back to exim
properly it can turn your site into an open relay.  (the problem
occurs if only the local_part is specified on the command line, and
that (invalid) local part looks like "foo@bar.com")  Additionally,
spamc does not implement the "bsmtp" protocol, so you should not set
'use_bsmtp' when using that design.

Instead, I recommend using the version that uses BSMTP, has exim as
the command and spamc as the transport filter.  That version is what
is currently documented at the above mentioned web site.

However, I do not recommend using both sa-exim and that technique at
the same time.  Sending each message through SA at least 2 times isn't
going to improve anything, especially if you reject some message at
SMTP-time that a user's prefs would have kept.  It's a tradeoff there.

HTH,
-D

--=20

If your company is not involved in something called "ISO 9000" you
probably have no idea what it is.  If your company _is_ involved in ISO
9000 then you definitely have no idea what it is.
                                (Scott Adams - The Dilbert principle)
=20
http://dman.ddts.net/~dman/


---------------------- multipart/signed attachment
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
Url : http://lists.merlins.org/archives/sa-exim/attachments/29a60bab/attachment.bin

---------------------- multipart/signed attachment--

Previous message: [SA-exim] User prefs
Next message: [SA-exim] User prefs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]