>From: "Steve Thomas" <[EMAIL PROTECTED]> >To: "Don Lindbergh" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> >Sent: Wednesday, October 02, 2002 1:48 PM >Subject: RE: [SAtalk] Whitelisting with an alias >
> As root, type: > > ln -s /path/to/spamassassin /etc/smrsh/spamassassin > > What's happening is the SendMail Restricted SHell (smrsh) isn't allowing the > alias to execute. From the smrsh man page: > > It sharply limits the commands that can be run > using the ``|program'' syntax of sendmail in > order to improve the over all security of your > system. Briefly, even if a ``bad guy'' can get > sendmail to run a program without going through > an alias or forward file, smrsh limits the set > of programs that he or she can execute. > > Which basically means that if there's no symbolic link in the smrsh > (/etc/smrsh by default on RH systems), sendmail isn't allowed to execute it. > > BTW, you don't need to create a real user with the same name as the alias. > > St- Again, thanks for your help. Getting closer. After doing the above (and deleting the actual user account on the machine) I was still getting bounced mail sent to the alias, now with a new error message. Cannot create tmp lockfile /var/spool/mail/.spamassassin/auto-whitelist.lock : No such file or directory 554 5.3.0 Internal error The only way I could get this to go away was to create the directory as root and give it full permissions via chmod 777. chmod 666 didn't seem to work. I figure this is probably the wrong approach though. What should I do here? So, I can manually create the directory and give it the permissions (apparently) needed to allow the auto-whitelist.lock file to be created (and mail sent to the alias then doesn't bounce), however then spamassassin creates/updates an auto-whitelist.db and user_prefs in that directory (/var/spool/mail/.spamassassin/). It seems this won't help me as I call spamassassin from my $USER_HOME/.procmail file and thus an auto-whitelist.db and user_prefs file in that directory are used for incoming mail. I put the below lines in my $USER_HOME/.spamassassin/.spamassassin.cf file in an effort to force the use of the directory I want, however spamassassin as invoked by mail sent to the alias seemed to pay no attention to these instructions and continued to insist on using /var/spool/mail/.spamassassin to write user_prefs and auto-whitelist.db auto_whitelist_path /home/don/auto-whitelist auto_whitelist_file_mode 0666 I tried putting these in my $USER_HOME/.spamassassin/user_prefs files as well and got the same results. I might be missing something in the spamassassin docs, but it's not clear to me whether the auto_whitelist_path and file_mode instructions go in the .spamassassin.cf file or the user_prefs file. Which is it? If I change the line in my /etc/aliases file to the below, user_prefs is no longer created in the /var/spool/mail/.spamassassin directory, but auto-whitelist.db still gets put there whitelist: |"/usr/bin/spamassassin -C /home/don/.spamassassin/.spamassassin.cf -p /home/don/.spamassassin/user_prefs -W" What am I missing? I'm wondering about the -M flag. What exactly is the 'factory' referred to here (-M, --whitelist-factory Select whitelist factory) is this /usr/share/spamassassin/60_whitelist.cf? $USER_HOME/.spamassassin/auto-whitelist.db? I started looking at configuring spamassassin to just use the auto-whitelist.db file in /var/spool/mail/.spamassassin where the alias call seems to always want to put it, however I ran into the same issues trying to add/remove addresses from auto-whitelist.db manually. As root, if I execute the below command, auto-whitelist.db gets created in /root/.spamassassin even though both /etc/mail/spamassassin local.cf and user_prefs have the auto_whitelist_path set to /var/spool/mail/.spamassassin spamassassin -p /etc/mail/spamassassin/user_prefs -C /etc/mail/spamassassin/local.cf -W < delete.eml I'm also not clear on what the difference is between local.cf and .spamassassin.cf What is the correct way to set up whitelisting with an alias? thanks for any help, --Don ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
