You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Gomes, Rich" <Ri...@wearguard-crest.com> on 2007/09/25 19:25:45 UTC

SA config questions.

Hello, I am new to SA and to this list so handle with care : )

I am building a new Sendmail server to replace our internal gateway. In addition to providing internal application delivery, I want this box to be the second hop in from the internet. As such, I want to have an additional layer of both AV and anti-spam running on the box. ClamAV is working like a champ but I have found SA to be more of a challenge. I have SA running as a milter (Spam Assassin 3.1.7-4 along with Spamass-milter 0.3.1-1 on RHEL5) but I am struggling with a few configurations. I am hoping you all can help!

1 - First, I want a simple way to run SA as a non-root user (on a RH box). I receive a ton of these errors in my maillog (currently set to level 12):

Sep 25 12:42:18 newserver spamd[707]: spamd: connection from localhost.localdomain [127.0.0.1] at port 46005 
Sep 25 12:42:18 newserver spamd[707]: spamd: setuid to root succeeded 
Sep 25 12:42:18 newserver spamd[707]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody at /usr/bin/spamd line 1147, <GEN529> line 4. 
Sep 25 12:42:18 newserver spamd[707]: spamd: processing message <20...@smtp.example.com> for root:99 
Sep 25 12:42:21 newserver spamd[707]: mkdir /root/.spamassassin: Permission denied at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin.pm line 1530 
Sep 25 12:42:21 newserver spamd[707]: locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/auto-whitelist.lock.newserver.wearguard-crest.com.707 for /root/.spamassassin/auto-whitelist.lock: Permission denied 
Sep 25 12:42:21 newserver spamd[707]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/auto-whitelist.lock.newserver.example.com.707 for /root/.spamassassin/auto-whitelist.lock: Permission denied 
Sep 25 12:42:21 newserver spamd[707]: spamd: clean message (0.6/5.0) for root:99 in 3.3 seconds, 2213 bytes. 
Sep 25 12:42:21 newserver spamd[707]: spamd: result: . 0 - NO_REAL_NAME scantime=3.3,size=2213,user=root,uid=99,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=46005,mid=<20...@smtp.example.com>,autolearn=no 



2 - How do I get SA to use a "global" ruleset since this will just be a gateway and will have no local users on it? 



Thanks in advance!

Rich