[patch] security(8) and spamd blacklist

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[patch] security(8) and spamd blacklist

Fritjof Bornebusch
Hi,

security(8) iterates over /var/mail and check is the files belong to the
owner of the same name. So far so good, but spamd.conf.5 says:

override:\
         :white:\
         :method=file:\
         :file=/var/mail/override.txt:

myblack:\
        :black:\
        :msg=/var/mail/myblackmsg.txt:\
        :method=file:\
        :file=/var/mail/myblack.txt:

so the user *black.txt* and/or *override.txt* are assumed to exist
by security(8). As it says:

Checking mailbox ownership.
user myblack.txt mailbox is owned by _spamd

The following diff documents this in the manpage of spamd.conf(5) by
changing the path to /var/mail/_spamd/.

I thought about changing security(8) to fix this, but _spamd is the name
of the user, so it does whats it's supposed to do.

Comments? Because the notification above is very annoying.

--f.

Index: spamd.conf.5
===================================================================
RCS file: /cvs/src/share/man/man5/spamd.conf.5,v
retrieving revision 1.19
diff -u -p -r1.19 spamd.conf.5
--- spamd.conf.5 16 Mar 2017 15:09:32 -0000 1.19
+++ spamd.conf.5 29 Jun 2017 19:30:27 -0000
@@ -65,13 +65,13 @@ nixspam:\e
 override:\e
  :white:\e
  :method=file:\e
- :file=/var/mail/override.txt:
+ :file=/var/mail/_spamd/override.txt:
 
 myblack:\e
  :black:\e
- :msg=/var/mail/myblackmsg.txt:\e
+ :msg=/var/mail/_spamd/myblackmsg.txt:\e
  :method=file:\e
- :file=/var/mail/myblack.txt:
+ :file=/var/mail/_spamd/myblack.txt:
 .Ed
 .Pp
 The default configuration file must include the entry

Reply | Threaded
Open this post in threaded view
|

Re: [patch] security(8) and spamd blacklist

Stuart Henderson
On 2017/06/29 21:37, Fritjof Bornebusch wrote:

> Hi,
>
> security(8) iterates over /var/mail and check is the files belong to the
> owner of the same name. So far so good, but spamd.conf.5 says:
>
> override:\
>          :white:\
>          :method=file:\
>          :file=/var/mail/override.txt:
>
> myblack:\
>         :black:\
>         :msg=/var/mail/myblackmsg.txt:\
>         :method=file:\
>         :file=/var/mail/myblack.txt:
>
> so the user *black.txt* and/or *override.txt* are assumed to exist
> by security(8). As it says:
>
> Checking mailbox ownership.
> user myblack.txt mailbox is owned by _spamd
>
> The following diff documents this in the manpage of spamd.conf(5) by
> changing the path to /var/mail/_spamd/.
>
> I thought about changing security(8) to fix this, but _spamd is the name
> of the user, so it does whats it's supposed to do.

Wouldn't something like /etc/mail be better for these examples?

It seems contradictory to hier(7) to have anything other than user mailboxes
in /var/mail (even if it's just an example in the manual).

Reply | Threaded
Open this post in threaded view
|

Re: [patch] security(8) and spamd blacklist

Fritjof Bornebusch
On Thu, Jun 29, 2017 at 10:06:56PM +0100, Stuart Henderson wrote:

> On 2017/06/29 21:37, Fritjof Bornebusch wrote:
> > Hi,
> >
> > security(8) iterates over /var/mail and check is the files belong to the
> > owner of the same name. So far so good, but spamd.conf.5 says:
> >
> > override:\
> >          :white:\
> >          :method=file:\
> >          :file=/var/mail/override.txt:
> >
> > myblack:\
> >         :black:\
> >         :msg=/var/mail/myblackmsg.txt:\
> >         :method=file:\
> >         :file=/var/mail/myblack.txt:
> >
> > so the user *black.txt* and/or *override.txt* are assumed to exist
> > by security(8). As it says:
> >
> > Checking mailbox ownership.
> > user myblack.txt mailbox is owned by _spamd
> >
> > The following diff documents this in the manpage of spamd.conf(5) by
> > changing the path to /var/mail/_spamd/.
> >
> > I thought about changing security(8) to fix this, but _spamd is the name
> > of the user, so it does whats it's supposed to do.
>
> Wouldn't something like /etc/mail be better for these examples?
>
> It seems contradictory to hier(7) to have anything other than user mailboxes
> in /var/mail (even if it's just an example in the manual).
>

Good point.


Index: spamd.conf.5
===================================================================
RCS file: /cvs/src/share/man/man5/spamd.conf.5,v
retrieving revision 1.19
diff -u -p -r1.19 spamd.conf.5
--- spamd.conf.5 16 Mar 2017 15:09:32 -0000 1.19
+++ spamd.conf.5 29 Jun 2017 21:24:02 -0000
@@ -65,13 +65,13 @@ nixspam:\e
 override:\e
  :white:\e
  :method=file:\e
- :file=/var/mail/override.txt:
+ :file=/etc/mail/override.txt:
 
 myblack:\e
  :black:\e
- :msg=/var/mail/myblackmsg.txt:\e
+ :msg=/etc/mail/myblackmsg.txt:\e
  :method=file:\e
- :file=/var/mail/myblack.txt:
+ :file=/etc/mail/myblack.txt:
 .Ed
 .Pp
 The default configuration file must include the entry