Well maybe progress but things are still wrong.

James Lay wrote:
>
> On 8/17/07 11:53 AM, "Robert Moskowitz" wrote:
>
>
>> More questions...
>>
>> James Lay wrote:
>>
>>> On 8/17/07 11:24 AM, "Robert Moskowitz" wrote:
>>>
>>>
>>>
>>>> thanks for the quick reply.
>>>>
>>>> James Lay wrote:
>>>>
>>>>
>>>>> On 8/17/07 10:58 AM, "Robert Moskowitz" wrote:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>> I left off below that I am using
>>>>>> spam-milter 0.3.1-1
>>>>>>
>>>>>> ================================================== =================
>>>>>>
>>>>>> I am new to this. I have been running my mail server in various flavors
>>>>>> for 10+ years. Always trying to do better....
>>>>>>
>>>>>> PLATFORM:
>>>>>>
>>>>>> Centos 5.0
>>>>>> 1Ghz processor 512Mb memory
>>>>>>
>>>>>> Mail server: Scalix 11.1
>>>>>> MTA: Sendmail ver. 8.13.8
>>>>>> Spamassassin: 3.1.9
>>>>>> Webmin: 1.360
>>>>>>
>>>>>> I followed the Scalix WiKi spamassassin install instructions:
>>>>>> http://www.scalix.com/wiki/index.php...s/SpamAssassin
>>>>>>
>>>>>> I am using Thunderbird 1.5.0.12, sending mail has a significant delay.
>>>>>> The meter just sits there near the beginning for quite some time.
>>>>>> Often, the sending times out.
>>>>>>
>>>>>> I read through much of the spamassassin WiKi. Nothing on performance
>>>>>> seems to apply. When I go into the /var/log/maillog, I catch soom real
>>>>>> problems.
>>>>>>
>>>>>> I enabled DNS checking (dns_available yes) and restarted spamassassin
>>>>>> via webmin and caught the following in the maillog:
>>>>>>
>>>>>> Aug 17 12:13:28 z9m9z spamd[1381]: spamd: connection from
>>>>>> localhost.localdomain [127.0.0.1] at port 48800
>>>>>> Aug 17 12:13:28 z9m9z spamd[1381]: spamd: setuid to root succeeded
>>>>>> Aug 17 12:13:28 z9m9z spamd[1381]: spamd: still running as root: user
>>>>>> not specified with -u, not found, or set to root, falling back to nobody
>>>>>> at /usr/bin/spamd line 1161, line 4.
>>>>>>
>>>>>>
>>>>>>
>>>>> Robert,
>>>>>
>>>>> What's your startup line to start spamd look like? If you're starting it
>>>>> like:
>>>>>
>>>>> Spamd -u spamduser
>>>>>
>>>>>
>>>>>
>>>> from file: /etc/rc.d/init.d/spamassassin:
>>>>
>>>> # Set default spamd configuration.
>>>> SPAMDOPTIONS="-d -c -m5 -H"
>>>> SPAMD_PID=/var/run/spamd.pid
>>>>
>>>> and as you can see below, the actual command that got run was:
>>>>
>>>> /usr/bin/spamd -d -c -m5 -H -r /var/run/spamd.pid
>>>>
>>>> So no -u at all!
>>>>
>>>>
>>>>> Is that user in your /etc/passwd file?
>>>>>
>>>>>
>>>>>
>>>> No spamduser.
>>>>
>>>> What files would I expect to see owned by spamduser. Oh, wait. If the
>>>> user's not there, there better not be any files owned by it....
>>>>
>>>>
>>> Doh!
>>>
>>> It's running as root then
>>>

>> Gee, I thought that was clear from the maillog lines and running
>> processes...
>>
>> But then it has those processes running as 'nobody' as well..
>>
>>> ...no goodness there.
>>>

>> Why not? Security (it should be running chrooted then?)? other reasons?
>>
>>> I created a user and group
>>> called spamfilter, then su'd to root, then su'd to spamfilter and ran my
>>> bayes and pyzor setups as spamfilter.
>>>

>> This makes no sense to me. You created the user spamfilter. You logged
>> in as spamfilter, su'd to root and su'd to spamfiltre? What does that
>> accomplish? Or are you logged in as James and trying to be spamfilter?
>> If so does not: login spamfilter do the same thing? (I did a fair bit of
>> unix back in '93, then nothing for over 10 years...).
>>
>>

>
> When you su to root, then su to spamfilter, you in effect are now logged in
> as that user. Because spamd will drop privileges to spamfilter, you should
> setup pyzor and razor and run test like spamassassin -D --lint as the user
> it will be running as.
>

I just created the spamfilter userid and group. I did not install pyzor
or razor yet. What are they and why do I want to install them?

I ran the spamassassin -D --lint

I had a bit of a problem adding the -u spamfilter, so I asked on the
Centos list where I was suppose to do this and was told it goes in
/etc/sysconfig/spamassassin. That worked but I am still getting the
errors. Even after a system reboot.

Oh and nothing in the /home/spamfilter/.spamassassin

2264 root 15:48 /usr/bin/spamd -u spamfilter -d -c -m5 -H -r
/var/run/spamd.pid
2301 spamfilter 15:48 spamd child
2302 spamfilter 15:48 spamd child

Aug 17 16:00:31 z9m9z sendmail[3913]: l7HK0VeM003913:
from=<1-809368-htt-consult.com?dm@mx121.susanshopping.com>, size=6708,
class=0, nrcpts=1,
msgid=<1-809368-6vhNLrr-70zbBFrP70h@mx121.susanshopping.com>,
proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Aug 17 16:00:31 z9m9z spamd[2301]: spamd: connection from
localhost.localdomain [127.0.0.1] at port 36972
Aug 17 16:00:31 z9m9z spamd[2301]: spamd: creating default_prefs:
/root/.spamassassin/user_prefs
Aug 17 16:00:31 z9m9z spamd[2301]: mkdir /root/.spamassassin: Permission
denied at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin.pm line 1536
Aug 17 16:00:31 z9m9z spamd[2301]: config: cannot write to
/root/.spamassassin/user_prefs: Permission denied
Aug 17 16:00:31 z9m9z spamd[2301]: spamd: failed to create readable
default_prefs: /root/.spamassassin/user_prefs
Aug 17 16:00:31 z9m9z spamd[2301]: mkdir /root/.spamassassin: Permission
denied at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin.pm line 1536
Aug 17 16:00:31 z9m9z spamd[2301]: spamd: processing message
<1-809368-6vhNLrr-70zbBFrP70h@mx121.susanshopping.com> for root:502
Aug 17 16:00:33 z9m9z spamd[2301]: mkdir /root/.spamassassin: Permission
denied at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin.pm line 1536
Aug 17 16:00:33 z9m9z spamd[2301]: locker: safe_lock: cannot create tmp
lockfile
/root/.spamassassin/auto-whitelist.lock.z9m9z.htt-consult.com.2301 for
/root/.spamassassin/auto-whitelist.lock: Permission denied
Aug 17 16:00:33 z9m9z spamd[2301]: auto-whitelist: open of
auto-whitelist file failed: locker: safe_lock: cannot create tmp
lockfile
/root/.spamassassin/auto-whitelist.lock.z9m9z.htt-consult.com.2301 for
/root/.spamassassin/auto-whitelist.lock: Permission denied
Aug 17 16:00:33 z9m9z spamd[2301]: spamd: identified spam (8.5/5.0) for
root:502 in 2.6 seconds, 7247 bytes.