You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Filip Havlíček <fi...@pro-com.cz> on 2015/01/05 19:45:25 UTC
Re: spamassassin bayes rules
Anybody can help with this? I still cannot find some helpful
information, thanks.
Dne 10.12.2014 v 14:52 Christian Grunfeld napsal(a):
> when you run bayes in SQL and does sa-learn --username it will not try
> to setuid to that user (in a real system user scenario it will fail
> for non existent users). Instead it uses that username to save and
> recall data from database. Due to forged addresses your system treat
> any originating address as yours and then try to interact with the DB.
>
> **-u* /username/, *--username*=/username/*
> If specified this username will override the username taken from
> the runtime environment. You can use this option to specify users
> in a virtual user configuration.
>
> NOTE: This option will not change to the given /username/, it will
> only attempt to act on behalf of that user. Because of this you
> will need to have proper permissions to be able to change files
> owned by /username/. In the case of SQL this generally is not a
> problem.
>
>
> A lot of time ago I came with the same problem to Marc Martinec and he
> implemented some sort of checks of addreses to see if they are local
> to you or not....but I dont remeber
>
> Cheers
>
> 2014-12-10 10:22 GMT-03:00 Filip Havlíček <filip.havlicek@pro-com.cz
> <ma...@pro-com.cz>>:
>
> Hi,
>
> I have configured spamasssin with bayes user rules with this
> configuration:
> http://pastebin.com/KWW78DJx
>
> I would like to ask you, if everything is correct, because I found
> in table bayes_vars lot of (thousands) unknown email addresses like:
> abko@hotmail.com <ma...@hotmail.com>
> ablewis60@hotmail.com <ma...@hotmail.com>
> abluxq@hotmail.com <ma...@hotmail.com>
>
> My table bayes_token is also 350MB large!
>
> Thanks for your help.
>
>
Re: spamassassin bayes rules
Posted by Mark Martinec <Ma...@ijs.si>.
Filip Havlíček wrote:
> Anybody can help with this? I still cannot find some helpful
> information, thanks.
> Dne 10.12.2014 v 14:52 Christian Grunfeld napsal(a):
>> when you run bayes in SQL and does sa-learn --username it will not try
>> to setuid to that user (in a real system user scenario it will fail
>> for non existent users). Instead it uses that username to save and
>> recall data from database. Due to forged addresses your system treat
>> any originating address as yours and then try to interact with the DB.
>>
>> **-u* /username/, *--username*=/username/*
>> If specified this username will override the username taken from
>> the runtime environment. You can use this option to specify users
>> in a virtual user configuration. NOTE: This option will not
>> change to the given /username/, it will
>> only attempt to act on behalf of that user. Because of this you
>> will need to have proper permissions to be able to change files
>> owned by /username/. In the case of SQL this generally is not a
>> problem.
>>
>> A lot of time ago I came with the same problem to Marc Martinec and he
>> implemented some sort of checks of addreses to see if they are local
>> to you or not....but I dont remeber
This last statement probably refers to a 2007 thread regarding per-user
bayes
in amavisd-new. It is probably unrelated to the issue here.
>> 2014-12-10 10:22 GMT-03:00 Filip Havlíček <fi...@pro-com.cz>:
>> I have configured spamasssin with bayes user rules with this
>> configuration:
>> http://pastebin.com/KWW78DJx
>>
>> I would like to ask you, if everything is correct, because I found
>> in table bayes_vars lot of (thousands) unknown email addresses
>> like:
>> abko@hotmail.com <ma...@hotmail.com>
>> ablewis60@hotmail.com <ma...@hotmail.com>
>> abluxq@hotmail.com <ma...@hotmail.com>
>>
>> My table bayes_token is also 350MB large!
That pastebin document is no longer there, so I'm only guessing.
If you are calling SpamAssassin via spamc/spamd combo, the recipient
usernames you specify with the option -u in spamc are what ends up
in an SQL field bayes_vars.username . Make sure you only allow
legitimate usernames or email addresses of you existing users there.
How you accomplish that depends on how spamc/spamd is integrated
with your mailer.
Mark