| 1 |
fire-eyes wrote: |
| 2 |
> On Saturday 19 August 2006 19:58, Jeroen Geilman wrote: |
| 3 |
> |
| 4 |
>> They're not funky errors; spamd is simply telling you that it cannot |
| 5 |
>> create a ~/.spamassassin directory for user "nobody" - which is not |
| 6 |
>> surprising, since nobody doesn't *have* a homedirectory. |
| 7 |
>> |
| 8 |
>> This is a known limitation when running spamd from within exim's acls - |
| 9 |
>> it can only run as one user, since there is currently no way for exim to |
| 10 |
>> pass the username to spamd. |
| 11 |
>> There are two solutions - either run spamd as one dedicated user who |
| 12 |
>> does have a homedirectory, say "spamd", or use the old procmail |
| 13 |
>> forwarding method which can and does work per-user. |
| 14 |
>> |
| 15 |
>> The reason Exim can't do per-user spamchecking has to do with the way it |
| 16 |
>> processes messages - when the spamd ACL is evaluated, it doesn't yet |
| 17 |
>> know the final destination. |
| 18 |
>> |
| 19 |
>> I found this out after some heavy Googling and detailed perusing of the |
| 20 |
>> Exim manual - which is very good by the way, *if* you can grasp its syntax. |
| 21 |
>> |
| 22 |
>> I finally opted to just run as "nobody" and forget the per-user Bayes |
| 23 |
>> database - resulting in a significant amount of spam... |
| 24 |
>> |
| 25 |
>> I'm currently moving back to postfix, which has worked for me in the past. |
| 26 |
>> |
| 27 |
> |
| 28 |
> Thanks for the reply, I appreciate it. |
| 29 |
> |
| 30 |
> Okay, this now makes sense to me. nobody on my system has / as the home |
| 31 |
> directory (wtf?), and of course it doesn't have perms there. so ~/ becomes // |
| 32 |
> in the logs. Okay makes sense so far. |
| 33 |
> |
| 34 |
> What I did was make a dedicated user for spamd to drop down to. I informed |
| 35 |
> gentoo of this by editing the appropriate options in /etc/conf.d/spamd , and |
| 36 |
> also changing the location of the pidfile there to the home directory of the |
| 37 |
> new user. I then set this users shell to bash (though I don't think I should |
| 38 |
> need one?) |
| 39 |
> |
| 40 |
> Starting spamd looks normal. ps auwxxx | grep spam shows three processes: One |
| 41 |
> root spamd and two children running as the user I specified. |
| 42 |
> |
| 43 |
> When exim sends mail at it, I get the exact same errors; As if it is for some |
| 44 |
> reason using the root spamd. Doesn't really make sense to me. |
| 45 |
> |
| 46 |
> None of it makes sense to me, as i've run exim + spamd in the past on other |
| 47 |
> servers out of the box; No mucking of usernames etc was ever needed. |
| 48 |
> |
| 49 |
> Also, I am not trying to get per-user spam stuff to work, only run spamd as a |
| 50 |
> non-priv user, and have exim talk to the daemon via localhost:873. |
| 51 |
> |
| 52 |
> I feel like I am missing something here, any idea what it is? |
| 53 |
> |
| 54 |
What user does spamd run under ? |
| 55 |
It *should* run under root - not sure what you mean by "root spamd", |
| 56 |
there's just a parent and some child processes. |
| 57 |
|
| 58 |
The relevant part of my config is: |
| 59 |
|
| 60 |
spamd_address = 127.0.0.1 783 |
| 61 |
|
| 62 |
acl_check_content: |
| 63 |
|
| 64 |
accept hosts = +relay_from_hosts |
| 65 |
|
| 66 |
deny message = This message scored $spam_score points. Removed with |
| 67 |
pleasure. |
| 68 |
spam = nobody:true |
| 69 |
condition = ${if >{$spam_score_int}{100}{1}{0}} |
| 70 |
|
| 71 |
accept message = Content scanned by ClamAV and Spamassassin. |
| 72 |
spam = nobody:true |
| 73 |
|
| 74 |
|
| 75 |
-- |
| 76 |
gentoo-server@g.o mailing list |
Archives