hi guys/list,
newbie here.. very newbie im trying to install spamassassi for the first time
when i do the spam test from the local machine:
spamassassin -tD < sample-spam.txt - ok spamassassin -tD < sample-spam.txt - ok even mail -s "Test" [EMAIL PROTECTED] < sample-spam.txt - ok
but when i tried sending the gtube from a remote/differect pc the mail gets delivered and was not blocked!
MTA is postfix this is version 3.0.1 in fedora core 1
iam following the directions here: http://www.geocities.com/scottlhenderson/spamfilter.html
You forgot to mention one VERY important fact.. you're using amavisd-new.
You'll want to check your Amavis config closely, and check the headers of those messages to make sure amavis scanned them. SA configuration won't matter, as amavis does it's own markup.
As for the directions, I'd consider them dangerous. I spotted at least one security hole. (I'll send Scott Henderson a separate note).
Do NOT give amavis ownership of /usr/share/spamassassin. Leave that ROOT owned. SA does not need to write files here, just read. Chowning the files gives amavis unnecessary privleges to the files in the directory..
By chowning /usr/share/spamassassin you've created a potential privilege escalation hole where a user exploiting amavis can modify the standard rules to contain dangerous regexes and use those to gain execution as another user, including root, should root run SpamAssassin manually at the command line.
