I've asked about this before, but could never get a straight answer, so
I figured I'd try again...

my problem:

I use courier and maildrop, and have virtual users.  The virtual users
are all owned by the same user/group, which obviously has a different
homedir than the virtual users.  I also have real users.

the history:

spamc works fine with the real users.  With the virtual users, spamc
executes, figures out that they're owned by "apache" and passes that
info to spamd, which looks up the homedir and sees "/var/www" (not that
it matters, but that is NOT owned by apache on my system), which is
nowhere NEAR the homedir for the virtual users, let alone the specific
virtual user that invoked spamc.

the solution?

Though there are ways of dealing with this - setting up a mysql database
for the virtual users (I've heard of this but haven't looked into it)
seems to be the "best" current way of doing this, though it seems
redundant to set up 2 sets of user definitions) - maildrop already knows
the homedir of the virtual user and is more than happy to provide it in
the $HOME environment variable (which I could also pass in via the
command line call to spamc).  Using a global settings folder for all of
the virtual users is unacceptable, especially as bayes filtration is
being added...

I was told by some coder that this would add unnecessary overhead to
spamc to have it extract this parameter, but I can't see how it would
add a significant amount (esp. since you can already pass in a different
username).  Some simple checks in spamd to make sure that the spamc user
owns the passed-in homedir should get over any security issues.  Anyway,
even if this adds overhead to spamc that most people don't want, I
offered to write a separate version of spamc, but never got any reply
about whether or not the necessary changes would be accepted for spamd. 
I don't want to end up maintaining a separate 99%-similar fork of
spamassassin, so this makes a big difference.

Anyway, I'd really like to be able to use spamd with my virtual users
because it's so much more efficient than the spamassassin script (which
can handle a homedir parameter just fine)

-Chris



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to