I am going to try and stop top posting -- my replies are embedded below. On Mon, 2006-18-12 at 18:29 +0100, Joachim Schipper wrote: > On Sun, Dec 17, 2006 at 09:18:45PM -0600, Vijay Sankar wrote: > > Yes, /var/dspam/data was already there after I installed the package (I > > am not using -current, just OpenBSD 4.0 from the CD and packages from > > mirror.arcticnet.ca. > > > In case there is a better way than doing chmod 2771, please do let me > > know. Here is the output from ls -laR /var/dspam. The reason > > why /var/spam/data/vsankar and /var/dspam/system.log has 2777 is because > > I couldn't get the system statistics and quarantine information from the > > dspam.cgi program without opening that up. > > Having permissions 2771 on /var/dspam/<something> is fine; I was > referring to having 2755 on /usr/bin/dspam, as you posted before > (http://marc.theaimsgroup.com/?l=openbsd-misc&m=116632875008340&w=2). > However, this seems to be by design; while I'd still argue it is a bad > idea, I thought you had tried to do that just to get stuff working, and > that's not a very good idea. > > (In other words, time for me to do some actual research before replying. > Sorry!)
Thanks very much for that clarification. I am still trying to reduce the permissions and tried making /var/dspam and subdirectories 755 as you suggested but it did not work. Without at least 775 on /var/dspam/data, the stats file and log file don't get updated. So I am going back to 2771 for the data directories. > > > Also, there is still one final problem. If user vsankar (unprivileged > > account) uses the dspam.cgi program and decides to reclassify a message > > already classified as spam by dspam, I get the following error > > in /var/log/maillog > > > > Dec 17 09:38:37 mx1 dspam[8781]: Delivery agent returned exit code > > 1: /usr/libexec/mail.local -d vsankar > > Dec 17 09:38:38 mx1 mail.local: may only be run by the superuser > > Ah, sendmail. I'm afraid I can't help you there; I've been using postfix > for as long as I know what a MTA is. > > You could try using something like plain sendmail, or procmail, or > maildrop, although I don't know what would be considered the proper way > to do this. I tried procmail but that introduces other problems as far as dpsam.cgi is concerned. So I went back to mail.local as the LDA. > > > For now, I am thinking of avoiding using the dspam.cgi altogether and > > just moving the vsankar.mbox quarantine file into /home/vsankar/mail and > > accessing it through my webmail client if I ever want to reclassify > > email. But it would be nice to be able to do a "Deliver Checked" from > > the dspam.cgi interface. > > I'll admit to being out of my depth here; I've looked at the dspam > documentation, but I've never actually installed it, and my e-mail > architecture is quite a little different from yours anyway (for one, > dspam should reinject mail into postfix... so I never get to mess with > local delivery agents, and it's far more likely I can get away with > non-suid dspam). > > > mx1# ls -laR /var/dspam > > total 104 > > 4 drwxrws--x 3 _dspam _dspam 512 Dec 16 19:18 . > > 4 drwxr-xr-x 27 root wheel 512 Dec 16 14:33 .. > > 4 drwxrws--x 7 _dspam _dspam 512 Dec 16 16:49 data > > 88 -rwxrwxrwx 1 _dspam _dspam 43199 Dec 17 20:45 system.log > > > > /var/dspam/data: > > total 28 > > 4 drwxrws--x 7 _dspam _dspam 512 Dec 16 16:49 . > > 4 drwxrws--x 3 _dspam _dspam 512 Dec 16 19:18 .. > > 4 drwxrws--x 2 _dspam _dspam 512 Dec 16 16:06 root > > 4 drwxrwsrwx 2 _dspam _dspam 512 Dec 17 09:55 vsankar > > > > /var/dspam/data/root: > > total 60 > > 4 drwxrws--x 2 _dspam _dspam 512 Dec 16 16:06 . > > 4 drwxrws--x 7 _dspam _dspam 512 Dec 16 16:49 .. > > 36 -rwxrws--x 1 _dspam _dspam 17276 Dec 17 01:30 root.log > > 12 -rwxrws--x 1 _dspam _dspam 4130 Dec 16 16:22 root.mbox > > 4 -rwxrws--x 1 _dspam _dspam 13 Dec 17 01:30 root.stats > > Why the 'x' permission? I am really not sure. If I don't do a chmod -R 2771 on /var/dspam a variety of things break. I tried 660 and got the permissions problem when retraining, with 770 dspam.cgi did not provide stats and history information, with 771 email doesn't get quarantined in vsankar.mbox. chmod -R 2771 solves all these problems, possibly by introducing new problems that I am not aware of :( Anyways, can't figure out why x is needed. I even tried mounting /var/dspam with no nosuid in /etc/fstab. It did not make a difference. > > > /var/dspam/data/vsankar: > > total 208 > > 4 drwxrwsrwx 2 _dspam _dspam 512 Dec 17 09:55 . > > 4 drwxrws--x 7 _dspam _dspam 512 Dec 16 16:49 .. > > 24 -rwxrwxrwx 1 _dspam _dspam 11881 Dec 17 20:45 vsankar.log > > 160 -rwxrwxrwx 1 _dspam _dspam 81766 Dec 17 20:45 vsankar.mbox > > 4 -rw-r--r-- 1 www _dspam 5 Dec 17 09:54 vsankar.mbox.size > > 0 -rw-rw---- 1 www _dspam 0 Dec 17 09:54 vsankar.mbox.stamp > > 4 -rw-r--r-- 1 www _dspam 228 Dec 17 09:38 vsankar.retrain.log > > 4 -rw-r--r-- 1 www _dspam 10 Dec 17 09:38 vsankar.rstats > > 4 -rwxrwxrwx 1 _dspam _dspam 14 Dec 17 20:45 vsankar.stats > > Again, no need for execute permission. > > > Also, just as an FYI, this is what I get with dspam_stats > > > > vsankar: > > TP True Positives: 47 > > TN True Negatives: 2 > > FP False Positives: 5 > > FN False Negatives: 16 > > SC Spam Corpusfed: 0 > > NC Nonspam Corpusfed: 0 > > TL Training Left: 2493 > > SHR Spam Hit Rate 74.60% > > HSR Ham Strike Rate: 71.43% > > OCA Overall Accuracy: 70.00% > > > > The 5 false positives were due to me not feeding dspam any notspam > > messages. What happened was I forwarded (as root) the "Welcome to > > OpenBSD 4.0" message to vsankar five times and they all got classified > > as spam. After retraining, I am able to send that message through from > > root to vsankar. Since this is a test machine (MX preference 30 compared > > to 10 on the real mail servers) I only get spam on this machine, so I > > still have some ways to go to understand how this all works in a > > real-life scenario. > > You will probably want to feed it quite a bit of spam and ham, but I > assume you're aware of that. > > Joachim > -- Vijay Sankar, M.Eng., P.Eng. ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: 204 885 9535, E-Mail: [EMAIL PROTECTED]