Hello. I'm plugging along on content filtering for Postfix.
I decided to have PostFix use 'spampd', the Spamassassin Proxy Daemon, instead of 'spamd', and to set up ClamAV as a SpamAssassin plugin. I read that it's pretty easy to open up some nasty holes in your security if you get users & permissions wrong. I'm not sure what the right mix is to avoid that. If PostFix is running as user 'postfix', what user & group should spamd & clamd be set to run as? It looks like my options are any of 'root', 'nobody', 'postfix', or something unique to both Daemons like 'spam' and 'clam'. I'm able to get mail moving around using different combinations, but really can't figure out what the safest combination is. Any pointers to share? Jeremy Alsten
