[Dspam-devel] Why no overflow in dspam.c:503

2013-01-23 Thread Thomas Preud'homme
Greetings everybody, I was suggested to incorporate commit [1] in the Debian dspam package. However, I was rightfully asked wether this is overflow-safe since strcpy is used. I suppose one of the _getline function is used to ensure CTX->username always ends with a '\0' and contains at max 1024

Re: [Dspam-devel] More patches for dspam.cgi: delivery of false positives from quarantine

2013-01-23 Thread Jani Partanen
I would like to toss in this mess again my idea what I already mention few years ago here, but don't remember end result. Would it be time to add support for db quarantine? Dspam already use database, so it should not be so hard to store quarantine messages into database. It would make Dspam mu

Re: [Dspam-devel] More patches for dspam.cgi: delivery of false positives from quarantine

2013-01-23 Thread Paul Cockings
I've had discussions about using IMAP for storage, but no developer resources seem keen to make it happen. Jani Partanen wrote: >I would like to toss in this mess again my idea what I already mention >few years ago here, but don't remember end result. > >Would it be time to add support for

Re: [Dspam-devel] More patches for dspam.cgi: delivery of false positives from quarantine

2013-01-23 Thread Tod A. Sandman
On 8.1.2013 4:33, Troy Ayers wrote: > Could I trouble you for a sanitized version of your > /usr/site/dspam_train/bin/dspam_fp script? My system is ... I am so sorry. I missed your original email a couple weeks ago. I will attach the script we use. The bad news is that the script relies on a

Re: [Dspam-devel] More patches for dspam.cgi: delivery of false positives from quarantine

2013-01-23 Thread Benny Pedersen
Jani Partanen skrev den 23-01-2013 19:28: > I would like to toss in this mess again my idea what I already > mention > few years ago here, but don't remember end result. +1 > Would it be time to add support for db quarantine? so its time to consider when mysql/postgresql/sqlite3 can handle it ?