[SA-exim] User prefs

Mikel Tidwell dragon at dreamhaven.net
Mon, 1 Jul 2002 16:09:52 -0700 (PDT)


On Mon, 1 Jul 2002, Derrick 'dman' Hudson wrote:

-> On Mon, Jul 01, 2002 at 03:27:53PM -0700, Mikel Tidwell wrote:
-> | Hello,
-> |
-> | I used the local_scan patch for exim 4.05, and so far, I'm really happy
-> | with it.  However, I've run into a snag when it comes to my users having
-> | their own user prefs.  This could be a SA generic question, but I thought
-> | I'd try those who use exim exclusively first.
-> |
-> | As far as I can tell, the user_prefs in my .spamassassin dir is complete
-> | ignored.  I have required_hits to 7.60 (instead of system set 7.50) for
-> | testing, as well as a few whitelists... but I get nothing to show it's ever
-> | reading my prefs.
->
-> That's right.  When you scan the message during the SMTP session,
-> who's user settings should SA use?  For example, suppose the client
-> side of the SMTP session looked like this :
->
-> MAIL FROM:<dman@dman.ddts.net>
-> RCPT TO:<dragon@dreamhaven.net>
-> RCPT TO:<postmaster@dreamhaven.net>
-> DATA
-> <blah blah>
-> .
-> QUIT
->
->
-> The local_scan is run only once, for both the users 'dragon' and
-> 'postmaster'.
->
-> If you want to use user preferences, then I recommend doing the
-> scanning later in the delivery process, as documented here :
->     http://dman.ddts.net/~dman/config_docs/
->
-> | I've talked to other exim users, and they gave me the following setting:
->
-> This is a mish-mash of 2 separate (and incompatable) designs for
-> integrating SA _without_ using the local_scan patch.  The old version
-> that used some variant of
->     command = "spamc | exim -oMr spam-scanned"
-> is susceptible to malicious shell metacharacters embedded in an
-> address.  Also, if the recipient user isn't passed back to exim
-> properly it can turn your site into an open relay.  (the problem
-> occurs if only the local_part is specified on the command line, and
-> that (invalid) local part looks like "foo@bar.com")  Additionally,
-> spamc does not implement the "bsmtp" protocol, so you should not set
-> 'use_bsmtp' when using that design.
->
-> Instead, I recommend using the version that uses BSMTP, has exim as
-> the command and spamc as the transport filter.  That version is what
-> is currently documented at the above mentioned web site.

So, either I can use sa-exim, which doesn't allow me to set up user prefs,
or I can use the site mentioned (specifically the page
http://dman.ddts.net/~dman/config_docs/exim4_spamassassin.html), which also
tells me I can't use user configurations? :(

-> However, I do not recommend using both sa-exim and that technique at
-> the same time.  Sending each message through SA at least 2 times isn't
-> going to improve anything, especially if you reject some message at
-> SMTP-time that a user's prefs would have kept.  It's a tradeoff there.

Am I missing an option that does let me use user_prefs?  I can completely
understand that my exim is mostly jumbled by now ;> I worked on it late at
night one night, until about 4 or 5 am... I didn't think it was actually
being scanned twice, because the mainlog of exim only shows one score per
email.  Perhaps I don't understand what exactly using sa-exim means.  I
thought the local_scan patch was it, but looking over my notes, I don't
think I ever got it working without the patch.

Can I bounce messages if I don't use local_scan?  That's a really nice
feature... but if it's bouncing vs user white/blacklists, I'll choose the
latter.  I don't want to keep people's lists for them.