On Thu, 6 Nov 2008, Joe Dragotta wrote:

> Greetings, My apologies re: HTML encoding. I've set Thunderbird to send
> this message plain-text-only; hopefully that will work.

Top posting is also discouraged.

> I don't wish to become involved in a long debate, and get off topic, but
> how are methods of invoking SA are not SA business? To me that seems
> like an integral part of using SA. SA doesn't do much if it isn't
> invoked.

Take your question and anywhere you mention SA substitute the name of
another program. If the question is still reasonable and sensible, then
the question isn't really about the program procmail is calling, it's
about procmail.

>>>> Being fairly new to Spamassassin administration, I have a fairly
>>>> basic question about host resource usage.
>>>> I would presume that if the global procmailrc file, in /etc/,
>>>> forwards mail to Spamassassin, and the users have individual
>>>> .procmailrc files, in their home directories, which also forward mail
>>>> to Spamassassin, any mail destined for such a user would be filtered
>>>> twice.
>>>> Is that a correct assumption?

To answer your question: yes. Procmail will pass a message through SA
twice in that scenario. How would the program being called as a filter
have any control over that?

To answer what I believe you're really asking, SA does nothing to attempt
to detect whether a message has already been scanned and scored, as
whatever test it used to detect that scanning would be subject to spoofing
by spammers who wished to forge a low score on the message.

Basically if you're running SA at the global level you should tell your
users to not run SA themselves.

John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
Perfect Security and Absolute Safety are unattainable; beware
those who would try to sell them to you, regardless of the cost,
for they are trying to sell you your own slavery.
5 days until Veterans Day