Hi, Thanks for the reply. I want users to have the option to have their own spamassassin configuration. Is it best just to start spamd without -u? I've got over 100 virtual servers, I don't want to setup folders and permissions for each user. What's the easiest and safest way? How would you do it?
Thanks Magnus Holmgren wrote: > > On Sunday 19 November 2006 18:04, CosmicPerl wrote: >> Hi, >> I installed the latest SpamAssassin on my server. At first all my tests >> looked good, apart from load. So I setup spamc and spamd and everything >> seemed great, for a short while at least. >> >> A day later my mqueue had about 1500 messages in it, most with the error >> "local mailer (/usr/bin/procmail) exited with EX_TEMPFAIL". This seems to >> be coming up if the mailbox is full or the email is to an address that >> doesn't exist. >> >> It seemed that about every hour or so Sendmail was trying to flush out >> these messages, causing 1000's of processes to be started and making the >> server freeze up. Despite my Sendmail config having >> define(`confMAX_DAEMON_CHILDREN', `12')dnl >> >> In my procmailrc file I have:- >> DROPPRIVS=yes >> >> :0fw: spamassassin.lock >> * < 256000 >> | spamc >> >> The SpamAssassin daemon was started with >> /usr/bin/spamd -d -u nobody >> >> At some point all mail stopped coming in. When I looked at the maillog >> file >> it had lots of lines like:- >> mkdir /root/.spamassassin: Permission denied >> Which I guess was causing the problem. This wasn't a problem before so >> I'm >> not sure why it happened. Any clues? > > I guess you might get some problem if you run spamd with -u nobody but > without --nouser-config (either spamd will try to access the users' home > directories as nobody, or it will try to access the home directory of > nobody - I'm not sure, but in either case it will work badly. If you want > per-user preferences together with -u you must either > use -x --virtual-config-dir, make all users' .spamassassin directories > readable (and writable, if you want bayes and/or AWL) by the spamd user > (should be a special user - the "nobody" user isn't supposed to have any > particular access to any files), or use a database. > > See README.spamd for security considerations if you have any untrusted > users > with shell access. > > -- > Magnus Holmgren [EMAIL PROTECTED] > (No Cc of list mail needed, thanks) > > > -- View this message in context: http://www.nabble.com/Problems-running-Spam-Assassin-tf2664618.html#a7572889 Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
