On Sun, Dec 17, 2006 at 09:18:45PM -0600, Vijay Sankar wrote:
> Yes, /var/dspam/data was already there after I installed the package (I
> am not using -current, just OpenBSD 4.0 from the CD and packages from
> mirror.arcticnet.ca.

> In case there is a better way than doing chmod 2771, please do let me
> know. Here is the output from ls -laR /var/dspam. The reason
> why /var/spam/data/vsankar and /var/dspam/system.log has 2777 is because
> I couldn't get the system statistics and quarantine information from the
> dspam.cgi program without opening that up.

Having permissions 2771 on /var/dspam/<something> is fine; I was
referring to having 2755 on /usr/bin/dspam, as you posted before
(http://marc.theaimsgroup.com/?l=openbsd-misc&m=116632875008340&w=2).
However, this seems to be by design; while I'd still argue it is a bad
idea, I thought you had tried to do that just to get stuff working, and
that's not a very good idea.

(In other words, time for me to do some actual research before replying.
Sorry!)

> Also, there is still one final problem. If user vsankar (unprivileged
> account) uses the dspam.cgi program and decides to reclassify a message
> already classified as spam by dspam, I get the following error
> in /var/log/maillog
> 
> Dec 17 09:38:37 mx1 dspam[8781]: Delivery agent returned exit code
> 1: /usr/libexec/mail.local -d vsankar
> Dec 17 09:38:38 mx1 mail.local: may only be run by the superuser

Ah, sendmail. I'm afraid I can't help you there; I've been using postfix
for as long as I know what a MTA is.

You could try using something like plain sendmail, or procmail, or
maildrop, although I don't know what would be considered the proper way
to do this.

> For now, I am thinking of avoiding using the dspam.cgi altogether and
> just moving the vsankar.mbox quarantine file into /home/vsankar/mail and
> accessing it through my webmail client if I ever want to reclassify
> email. But it would be nice to be able to do a "Deliver Checked" from
> the dspam.cgi interface.

I'll admit to being out of my depth here; I've looked at the dspam
documentation, but I've never actually installed it, and my e-mail
architecture is quite a little different from yours anyway (for one,
dspam should reinject mail into postfix... so I never get to mess with
local delivery agents, and it's far more likely I can get away with
non-suid dspam).

> mx1# ls -laR /var/dspam
> total 104
>  4 drwxrws--x   3 _dspam  _dspam    512 Dec 16 19:18 .
>  4 drwxr-xr-x  27 root    wheel     512 Dec 16 14:33 ..
>  4 drwxrws--x   7 _dspam  _dspam    512 Dec 16 16:49 data
> 88 -rwxrwxrwx   1 _dspam  _dspam  43199 Dec 17 20:45 system.log
> 
> /var/dspam/data:
> total 28
> 4 drwxrws--x  7 _dspam  _dspam  512 Dec 16 16:49 .
> 4 drwxrws--x  3 _dspam  _dspam  512 Dec 16 19:18 ..
> 4 drwxrws--x  2 _dspam  _dspam  512 Dec 16 16:06 root
> 4 drwxrwsrwx  2 _dspam  _dspam  512 Dec 17 09:55 vsankar
> 
> /var/dspam/data/root:
> total 60
>  4 drwxrws--x  2 _dspam  _dspam    512 Dec 16 16:06 .
>  4 drwxrws--x  7 _dspam  _dspam    512 Dec 16 16:49 ..
> 36 -rwxrws--x  1 _dspam  _dspam  17276 Dec 17 01:30 root.log
> 12 -rwxrws--x  1 _dspam  _dspam   4130 Dec 16 16:22 root.mbox
>  4 -rwxrws--x  1 _dspam  _dspam     13 Dec 17 01:30 root.stats

Why the 'x' permission?

> /var/dspam/data/vsankar:
> total 208
>   4 drwxrwsrwx  2 _dspam  _dspam    512 Dec 17 09:55 .
>   4 drwxrws--x  7 _dspam  _dspam    512 Dec 16 16:49 ..
>  24 -rwxrwxrwx  1 _dspam  _dspam  11881 Dec 17 20:45 vsankar.log
> 160 -rwxrwxrwx  1 _dspam  _dspam  81766 Dec 17 20:45 vsankar.mbox
>   4 -rw-r--r--  1 www     _dspam      5 Dec 17 09:54 vsankar.mbox.size
>   0 -rw-rw----  1 www     _dspam      0 Dec 17 09:54 vsankar.mbox.stamp
>   4 -rw-r--r--  1 www     _dspam    228 Dec 17 09:38 vsankar.retrain.log
>   4 -rw-r--r--  1 www     _dspam     10 Dec 17 09:38 vsankar.rstats
>   4 -rwxrwxrwx  1 _dspam  _dspam     14 Dec 17 20:45 vsankar.stats

Again, no need for execute permission. 

> Also, just as an FYI, this is what I get with dspam_stats
> 
> vsankar:
>                 TP True Positives:             47
>                 TN True Negatives:              2
>                 FP False Positives:             5
>                 FN False Negatives:            16
>                 SC Spam Corpusfed:              0
>                 NC Nonspam Corpusfed:           0
>                 TL Training Left:            2493
>                 SHR Spam Hit Rate          74.60%
>                 HSR Ham Strike Rate:       71.43%
>                 OCA Overall Accuracy:      70.00%
> 
> The 5 false positives were due to me not feeding dspam any notspam
> messages. What happened was I forwarded (as root) the "Welcome to
> OpenBSD 4.0" message to vsankar five times and they all got classified
> as spam. After retraining, I am able to send that message through from
> root to vsankar. Since this is a test machine (MX preference 30 compared
> to 10 on the real mail servers) I only get spam on this machine, so I
> still have some ways to go to understand how this all works in a
> real-life scenario.

You will probably want to feed it quite a bit of spam and ham, but I
assume you're aware of that.

                Joachim

Reply via email to