You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by du...@apache.org on 2005/08/22 06:44:06 UTC

svn commit: r234434 - in /spamassassin/trunk: spamc/spamc.pod spamd/spamd.raw t/spamc_optC.t t/spamc_optL.t

Author: duncf
Date: Sun Aug 21 21:44:01 2005
New Revision: 234434

URL: http://svn.apache.org/viewcvs?rev=234434&view=rev
Log:
Bug 4546: disable TELL commands by default, add command line option
--allow-tell or -l to enable.

Modified:
    spamassassin/trunk/spamc/spamc.pod
    spamassassin/trunk/spamd/spamd.raw
    spamassassin/trunk/t/spamc_optC.t
    spamassassin/trunk/t/spamc_optL.t

Modified: spamassassin/trunk/spamc/spamc.pod
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/spamc/spamc.pod?rev=234434&r1=234433&r2=234434&view=diff
==============================================================================
--- spamassassin/trunk/spamc/spamc.pod (original)
+++ spamassassin/trunk/spamc/spamc.pod Sun Aug 21 21:44:01 2005
@@ -112,10 +112,16 @@
 ham or forget.  The exitcode for spamc will be set to 5 if the message
 was learned, or 6 if it was already learned.
 
+Note that the C<spamd> must run with the C<--allow-tell> option for
+this to work.
+
 =item B<-C> I<report type>
 
 Report or revoke a message to one of the configured collaborative filtering
 databases.  The C<report type> can be either report or revoke.
+
+Note that the C<spamd> must run with the C<--allow-tell> option for
+this to work.
 
 =item B<-p> I<port>
 

Modified: spamassassin/trunk/spamd/spamd.raw
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/spamd/spamd.raw?rev=234434&r1=234433&r2=234434&view=diff
==============================================================================
--- spamassassin/trunk/spamd/spamd.raw (original)
+++ spamassassin/trunk/spamd/spamd.raw Sun Aug 21 21:44:01 2005
@@ -154,6 +154,7 @@
 # Parse the command line
 Getopt::Long::Configure("bundling");
 GetOptions(
+  'allow-tell'               => \$opt{'tell'},
   'allowed-ips|A=s'          => \@{ $opt{'allowed-ip'} },
   'auth-ident'               => \$opt{'auth-ident'},
   'configpath|C=s'           => \$opt{'configpath'},
@@ -169,6 +170,7 @@
   'listen-ip|ip-address|i:s' => \$opt{'listen-ip'},
   'local!'                   => \$opt{'local'},
   'L'                        => \$opt{'local'},
+  'l'                        => \$opt{'tell'},
   'round-robin!'             => \$opt{'round-robin'},
   'min-children=i'           => \$opt{'min-children'},
   'max-children|m=i'         => \$opt{'max-children'},
@@ -1390,6 +1392,11 @@
 
   $expected_length = $hdrs->{expected_length};
 
+  if (!$opt{tell}) {
+    service_unavailable_error("TELL commands have not been enabled.");
+    return 0;
+  }
+
   if ($hdrs->{set_local} && $hdrs->{remove_local}) {
     protocol_error("Unable to set local and remove local in the same operation.");
     return 0;
@@ -2164,6 +2171,7 @@
 
 Options:
 
+ -l, --allow-tell                   Allow learning/reporting
  -c, --create-prefs                 Create user preferences files
  -C path, --configpath=path         Path for default config files
  --siteconfigpath=path              Path for site configs
@@ -2239,6 +2247,21 @@
 adding I<no> (B<--nouser-config>), however, this is usually unnecessary.
 
 =over 4
+
+=item B<-l>, B<--allow-tell>
+
+Allow learning and forgetting (to a local Bayes database), reporting
+and revoking (to a remote database) by spamd. The client issues a TELL
+command to tell what type of message is being processed and whether
+local (learn/forget) or remote (report/revoke) databases should be
+updated.
+
+Note that spamd always trusts the username passed in (unless
+B<--auth-ident> is used) so clients could maliciously learn messages
+for other users. (This is not ususally a concern with an SQL Bayes
+store as users will typically have read-write access directly to the
+database, and can also use C<sa-learn> with the B<-u> option to
+achieve the same result.)
 
 =item B<-c>, B<--create-prefs>
 

Modified: spamassassin/trunk/t/spamc_optC.t
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/t/spamc_optC.t?rev=234434&r1=234433&r2=234434&view=diff
==============================================================================
--- spamassassin/trunk/t/spamc_optC.t (original)
+++ spamassassin/trunk/t/spamc_optC.t Sun Aug 21 21:44:01 2005
@@ -13,7 +13,7 @@
 	loadplugin reporterplugin ../../data/reporterplugin.pm
 ");
 
-start_spamd("-L");
+start_spamd("-L --allow-tell");
 
 %patterns = ( 'Message successfully reported/revoked' => 'reported spam' );
 

Modified: spamassassin/trunk/t/spamc_optL.t
URL: http://svn.apache.org/viewcvs/spamassassin/trunk/t/spamc_optL.t?rev=234434&r1=234433&r2=234434&view=diff
==============================================================================
--- spamassassin/trunk/t/spamc_optL.t (original)
+++ spamassassin/trunk/t/spamc_optL.t Sun Aug 21 21:44:01 2005
@@ -14,7 +14,7 @@
         bayes_store_module Mail::SpamAssassin::BayesStore::SDBM
 ");
 
-start_spamd("-L");
+start_spamd("-L --allow-tell");
 
 %patterns = ( 'Message successfully un/learned' => 'learned spam' );
 ok (spamcrun ("-L spam < data/spam/001", \&patterns_run_cb));