> It depends on your setup. If each user is invoking spamassassin > directly form procmailrc, then it's no problem. If spamd is running > as root (or some other user), then there can be security concerns, > especially since some of the rules require an eval.
aha, that makes sense, then... Ever thought of some way to allow users to specify just a basic regex for filtering? (ie. no eval) then again, it's not really a big deal.. I'm just curious. Also, if you guys ever need any help, I'd love to lend a hand. I've been curious about writing a spam reporting system, and it might make a great plugin for spamassassin (then again, I've had nothing but trouble when trying to analyze message headers to figure out how to detect forged headers, etc. so it'd be nice to have a community around and just be a contributor)... -Chris _______________________________________________________________ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
