Justin Willmert wrote:
I am hoping somebody can help me solve a problem I am having with
procmail and spamassassin (specifically spamd). When spamassassin has
marked a message as spam, it gets sorted to a Junk folder, but the
problem is that it is owned by root:mail when it should be owned by
the user. When this happens, dovecot will not serve the email to the
user. I sort other emails into folders with simple matching rules and
those work fine. Spamassassin is the only rule that is piped out to a
program.
Here is the relevant portion my procmailrc file:
DROPPRIV=yes # Make this run as a normal user. If
you need
# root privileges for something, do
it before
# this line.
# Send mail through spamassassin
:0fw
| spamc -u $LOGNAME
# Now that we've tagged the spam, put in the appropriate folder
:0
* ^X-Spam-Status: Yes
.Junk/
I've tried taking the -u $LOGNAME portion out too and that doesn't
work. Following is a maillog sample.
Jan 29 17:47:11 netserv sendmail[19847]: k0TNlAig019847: Milter add:
header: X-Virus-Scanned: ClamAV 0.88/1257/Sun Jan 29 09:15:47 2006
on mydomain.com
Jan 29 17:47:11 netserv sendmail[19847]: k0TNlAig019847: Milter add:
header: X-Virus-Status: Clean
Jan 29 17:47:11 netserv spamd[19654]: connection from mydomain.com
[127.0.0.1] at port 57905
Jan 29 17:47:11 netserv spamd[19654]: handle_user: unable to find
user 'justin'!
Jan 29 17:47:11 netserv spamd[19654]: Still running as root: user
not specified with -u, not found, or set to root. Fall back to
nobody.
Jan 29 17:47:11 netserv spamd[19654]: processing message
<BAY107-F2792E57045186E9EED3A038A160@xxxxxxx> for justin:99.
Jan 29 17:47:11 netserv spamd[19654]: cannot write to
/etc/mail/bayes/bayes_journal, Bayes db update ignored: Permission
denied
Jan 29 17:47:13 netserv spamd[19654]: clean message (1.7/5.0) for
justin:99 in 1.5 seconds, 1076 bytes.
Jan 29 17:47:13 netserv spamd[19654]: result: . 1 -
BAYES_50,DNS_FROM_RFC_POST,MSGID_FROM_MTA_HEADER
scantime=1.5,size=1076,mid=<BAY107-F2792E57045186E9EED3A038A160@xxxxxxx>,bayes=0.499999999735837,autolearn=no
Jan 29 17:47:13 netserv sendmail[19849]: k0TNlAig019847:
to=<justin@xxxxxxxxxxxx>, delay=00:00:02, xdelay=00:00:02,
mailer=local, pri=30995, dsn=2.0.0, stat=Sent
As you can see, I've also got a problem with not being able to access
the bayes_journal. I've put it in it's own directory and made them
owned by nobody:staff and still nothing. Anyway, here is my local.cf
file:
# These values can be overridden by editing
~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# How many hits before a message is considered spam. The lower the
number, the
# more sensitive it is.
required_hits 5
# Encapsulate spam in an attachment (0=No, 1=Yes in message/rfc822,
# 2=Yes in text/plain)
report_safe 0
# Text to prepend to subject of spam
rewrite_header Subject [SPAM]
# Enable the Bayes System
use_bayes 1
# Enable Bayes auto-learning
bayes_auto_learn 1
# Mail using languages used in these country codes will not be
marked as being
# possibly spam in a foreign language.
ok_languages en
I'd be happy to send along any other information you need. Thanks for
help in advance.
Justin Willmert
I'm cc-ing this to the fedora-selinux-list. I think some of the problems
may be applicable there.
OK, after some more testing, when I disable SELinux, many of the errors
go away. First of all, I get rid of the error message saying user can
not be found and with it the 'still running as root' error. Second, it
is able to access the bayes_journal file (as long as normal unix
permissions are right, which I've figured out). So I guess the problem
is an SELinux issue which I can't solve. I'd attach some avc error
messages, but I can't seem to find any. I've looked in maillog, secure,
and messages, but nothing.