[EMAIL PROTECTED] wrote: > Hello, > > I have spamd setup and its working perfectly except for processing custom > subject rules in user_prefs files. The subject rules for the default rule > set are processed and applied as expected all the time.
Rules are by default not allowed in user_prefs files when using spamd. Hence, they won't work. Set the site-wide option of allow_user_rules to change this, but be warned it poses a security risk. A malicious user could possibly craft a malicious regex containing a shell execution escape sequence and gain the privilege level of the user spamd is scanning mail as. While no exploits are known to me, this is one of the better spots for malicious local users to try to exploit spamd.
