You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Matt Kettler <mk...@evi-inc.com> on 2006/01/31 19:48:50 UTC

Re: Spamd/spamassassin not catching custom subject rules.

spongebob@navinet.com wrote:
> Hello,
> 
> I have spamd setup and its working perfectly except for processing custom
> subject rules in user_prefs files. The subject rules for the default rule
> set are processed and applied as expected all the time.

Rules are by default not allowed in user_prefs files when using spamd. Hence,
they won't work.

Set the site-wide option of allow_user_rules to change this, but be warned it
poses a security risk.

A malicious user could possibly craft a malicious regex containing a shell
execution escape sequence and gain the privilege level of the user spamd is
scanning mail as. While no exploits are known to me, this is one of the better
spots for malicious local users to try to exploit spamd.

Re: Spamd/spamassassin not catching custom subject rules.

Posted by sp...@navinet.com.

> spongebob@navinet.com wrote:
>> Hello,
>>
>> I have spamd setup and its working perfectly except for processing
>> custom
>> subject rules in user_prefs files. The subject rules for the default
>> rule
>> set are processed and applied as expected all the time.
>
> Rules are by default not allowed in user_prefs files when using spamd.
> Hence,
> they won't work.
>
> Set the site-wide option of allow_user_rules to change this, but be warned
> it
> poses a security risk.
>
> A malicious user could possibly craft a malicious regex containing a shell
> execution escape sequence and gain the privilege level of the user spamd
> is
> scanning mail as. While no exploits are known to me, this is one of the
> better
> spots for malicious local users to try to exploit spamd.
>

I don't see this option anywhere for spamd. I run it as

/usr/local/sbin/spamd -d --virtual-config-dir=/data/mail11/%d/%l -c -x -r
/var/run/spamd.pid -s /data/log/spamd.log

so there is no configuration file.

The problem is that the rules actually ARE being processed however its
just random. If i send the same message 100 times 80 of them will get
tagged with custom rules in user_prefs file the other 20 will only be
tagged with rules from the default rule set. Its really random as to when
it chooses to process some or all of the rules in user_prefs.