Re: spamassassin bayes rules

Tue, 06 Jan 2015 16:43:48 -0800 

Filip Havlíček wrote:


Anybody can help with this? I still cannot find some helpful
information, thanks.



Dne 10.12.2014 v 14:52 Christian Grunfeld napsal(a):

when you run bayes in SQL and does sa-learn --username it will not try 
to setuid to that user (in a real system user scenario it will fail 
for non existent users). Instead it uses that username to save and 
recall data from database. Due to forged addresses your system treat 
any originating address as yours and then try to interact with the DB.


**-u* /username/, *--username*=/username/*
    If specified this username will override the username taken from
    the runtime environment. You can use this option to specify users
    in a virtual user configuration.     NOTE: This option will not
    change to the given /username/, it will
    only attempt to act on behalf of that user. Because of this you
    will need to have proper permissions to be able to change files
    owned by /username/. In the case of SQL this generally is not a
    problem.

A lot of time ago I came with the same problem to Marc Martinec and he
implemented some sort of checks of addreses to see if they are local
to you or not....but I dont remeber



This last statement probably refers to a 2007 thread regarding per-user 
bayes

in amavisd-new. It is probably unrelated to the issue here.



2014-12-10 10:22 GMT-03:00 Filip Havlíček <filip.havli...@pro-com.cz>:
    I have configured spamasssin with bayes user rules with this
    configuration:
    http://pastebin.com/KWW78DJx

    I would like to ask you, if everything is correct, because I found

    in table bayes_vars lot of (thousands) unknown email addresses 
like:

    a...@hotmail.com <mailto:a...@hotmail.com>
    ablewi...@hotmail.com <mailto:ablewi...@hotmail.com>
    abl...@hotmail.com <mailto:abl...@hotmail.com>

    My table bayes_token is also 350MB large!



That pastebin document is no longer there, so I'm only guessing.

If you are calling SpamAssassin via spamc/spamd combo, the recipient
usernames you specify with the option -u in spamc are what ends up
in an SQL field bayes_vars.username . Make sure you only allow
legitimate usernames or email addresses of you existing users there.
How you accomplish that depends on how spamc/spamd is integrated
with your mailer.

  Mark






















					Reply via email to