Re: small spamassassin configuration question

To: Hubert Chan <hubert@uhoreg.ca>
Cc: debian-user@lists.debian.org
Subject: Re: small spamassassin configuration question
From: Sandip P Deshmukh <deshmukh@escortsmumbai.com>
Date: Mon, 24 Feb 2003 12:11:12 +0530
Message-id: <[🔎] 20030224064112.GF292@deshmukh.work>
In-reply-to: <[🔎] 87lm06dzux.fsf@labatt.uhoreg.ca>
References: <[🔎] 20030224043341.GA1373@deshmukh.work> <[🔎] 87lm06dzux.fsf@labatt.uhoreg.ca>

On Mon, Feb 24, 2003 at 12:14:30AM -0500, Hubert Chan wrote:
> >>>>> "Sandip" == Sandip P Deshmukh <deshmukh@escortsmumbai.com> writes:
> 
> Sandip> hello all could someone tell me whats the location of systemwide
> Sandip> configuration file for spamassassin (spamd)?
> 
> Sandip> per user configuration file is ~/.spamassassin/user-prefs. but
> Sandip> unless i allow per user preferences in the systemwide
> Sandip> configuration file, the per user confguration does not come into
> Sandip> effect.
> 
> Are you looking for /etc/default/spamassassin?  (Which lets you pass
> command line options to spamd.)  Or /etc/spamassassin?

well, i had done /etc/default/spamassassin earlier. to limit no of child
processes -m option. here i was looking at /etc/spamassassin

> AFAICT, spamd should use per-user configuration files by default.  At
> least it does for me.

ah yes. but i read in one of the man pages, i dont remember which, that
doing so is a big security hole. so, i was thinking of only having
system-wide perference file. currently i have
/etc/spamassassin/user_prefs. am not too sure if that is the systemwide
file. and here is what man Mail::SpamAssassin::Conf has to say:

       Mail::SpamAssassin::Conf - SpamAssassin configuration file

       These settings differ from the ones above, in that they
       are considered 'privileged'.  Only users running "spamas
       sassin" from their procmailrc's or forward files, or
       sysadmins editing a file in "/etc/spamassassin", can use
       them.   "spamd" users cannot use them in their
       "user_prefs" files, for security and efficiency reasons,
       unless allow_user_rules is enabled (and then, they may
       only add rules from below).

       allow_user_rules { 0 | 1 }         (default: 0)
           This setting allows users to create rules (and only
           rules) in their "user_prefs" files for use with
           "spamd". It defaults to off, because this could be a
           severe security hole. It may be possible for users to
           gain root level access if "spamd" is run as root. It
           is NOT a good idea, unless you have some other way of
           ensuring that users' tests are safe. Don't use this
           unless you are certain you know what you are doing.

what is this referring to??

-- 
regards,
sandip p deshmukh
------***--------
The majority of husbands remind me of an orangutang trying to play the violin.
		-- Honor'e DeBalzac

Reply to:

References:
- small spamassassin configuration question
  - From: Sandip P Deshmukh <deshmukh@escortsmumbai.com>
- Re: small spamassassin configuration question
  - From: Hubert Chan <hubert@uhoreg.ca>

Prev by Date: Re: command-line biff?
Next by Date: Re: conflict when adding eth2 (diff, gateway)
Previous by thread: Re: small spamassassin configuration question
Next by thread: Re: small spamassassin configuration question
Index(es):
- Date
- Thread