--- Tony Earnshaw <[EMAIL PROTECTED]> wrote: > "Well", he proffered cautiously, "my sites don't have this problem and > they're using a shared group and retraining dspam as the owner of said > shared group, so no message is ever retrained as the original recipient > and dspam works flawlessly".
Hrmm, so I'm confused, you mean all your users share the same training data? How do you deliver to dspam in this case? --user nobody? Do you use postfix, btw? Mind pasting your relevant MTA config lines? > For the record, my dspam 3.8.0 (watch out, bits of this won't work for > 3.6) configure on FC6 is: > > configure \ > --prefix=/ \ > --sysconfdir=/etc \ > --localstatedir=/var \ > --enable-shared \ > --with-storage-driver=mysql_drv,pgsql_drv,sqlite3_drv,hash_drv > \ > --with-mysql-includes=/usr/include/mysql \ > --with-mysql-libraries=/usr/lib/mysql \ > --with-pgsql-includes=/usr/include/pgsql \ > --with-pgsql-libraries=/usr/lib \ > --with-sqlite3-includes=/usr/include \ > --with-sqlite3-libraries=/usr/lib \ > --enable-virtual-users \ > --enable-homedir \ > --with-dspam-owner=nobody \ > --with-dspam-group=mail \ > --enable-debug \ > --enable-daemon \ > --enable-preferences-extension How is DSPAM 3.8.0? Any major issues? I was a bit leary trying a .0 release. > OT interesting that you're one of the few implementing selinux, having > discovered Hitachi's seedit > (http://seedit.sourceforge.net/documentation.html) I'm making a renewed > effort at it, since it's very necessary for high security. How are you > making out? I use CentOS5's semanage, audit2allow -M and module based policies (see the RHEL5 manuals for more info). It's not too bad to tune stuff to work, especially if you tune with setenforce 0. I keep all my daemon's policy tweaks in separate directories and add to them as needed. However, it does limit you from doing stuff like executing shell scripts and such from programs (I have a similar problem with dovecot and script execution). Obviously allowing shell execution out of the question since shell spawning is typically the first thing an exploit will do... __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
