sa-exim wrote: > I have Suse 10.1 exim, spamassassin 3.1.7 with bayes first the > spamassassin does it's job very well but spam does get through once in > awhile so I move all spam to a junk folder then upload this file to > the server, then I run sa_learn on the junk file and it loads the > tokens and such just fine. Now the problem is i installed this setup > with the suse add ons and it created the user nobody for SA. > Spamassassin uses this created user nobody but the sa_learn uses the > /root/spamassassin folder to update the rules. Then I have to copy > these file to the nobody folder. Then everything works great until the > spammers next wave. I have checked the bogofilter.cf and I have all > the commands pointing to the nobody folder but still can't sa_learn to > the nobody folder. > here are the permissions/r/w on the nobody folder > By default, sa-learn will write to the home directory of the user that executes it. Spamd, when scanning mail, will do the same for the user that executed spamd.
*EXCEPT ROOT*. In that case, it defaults back to nobody for security. > > Can anyone point me in the right direction to correct this >From the looks of it, you're trying to do everything as root. I would suggest creating a separate account named "spamd", "spamfilter" or whatever you like. Then do the following to get SA to always use it: 1) su to this user before running sa-learn. 2) pass this username with the -u parameter to either spamd's startup, or every call to spamc. I'd also suggest removing nobody's write privleges to his home directory, that's a minor security hazard. In an ideal world, nobody shouldn't be able to write to anything, this way attackers that exploit a daemon running as nobody have no place to write to for storing scripts to attack the rest of the system. While this is a modest security gain, every little bit helps.
