Matthias Leisi writes:
> > - fixing the distribution process to work without rules in the dist
> > tarball (since we'll be moving to a model where with distribute
> > without rules and they're downloaded by the admin on install).
>
> The longer I think about it, the less convinced I am that it is a good idea.
>
> In environments requiring strict change control or that are otherwise
> paranoid in terms of security, (direct) online updates are usually not
> desired (or not possible, because eg the firewall concept forbids
> mailservers from doing HTTP requests).
>
> Thus actually *requiring* online update would make deployment in such
> environments more complex (it would eg require repackaging *with* the
> rules prior to deployment).
>
> The same environments would also be rather reluctant to allow direct
> online updates without at least some form of sanity check (maybe not only
> lint, but also some messages being checked).
>
> Although I'd like to see some clearer structure in how rules and rules
> updates (of different sources) are handled, I suggest that some basic
> ruleset ("rules du jour at the day of packing a release" or something
> similar) be included with the tarball.
hi Matthias --
if you check the bug (can't recall the number right now), there's plans to
make a tarball available of _just_ the rules, alongside the distro at
release time. That way, that kind of users can dl the tarball and
install it using "sa-update --install SpamAssassin-rules-349584.tgz" (or
whatever).
Does that work?
--j.
