bogofilter -u let's spam come through
Adrian Urquhart
adrian at devnet-uk.net
Sat Feb 21 03:43:25 CET 2004
On Fri, 20 Feb 2004, David Relson wrote:
> On Fri, 20 Feb 2004 17:29:40 -0800
> Greg McCann wrote:
>
> > On 2/20/2004 at 7:16 PM David Relson <relson at osagesoftware.com> wrote:
> >
> > >I'm with Tom - lock it down.
> > >
> > >My 5 user domain shares a wordlist that's permitted 640, which works
> > >fine with "-u".
> >
> > Hi David,
> >
> > Would you please explain how you get that to work correctly? When I
> > set up bogofilter on my system, I found (if I recall correctly) that
> > sendmail was running processes called from ~/.procmailrc with the
> > permissions of the user receiving the mail. Since bogofilter -u was,
> > in effect, being run by all users I thought I had to chmod 666 the
> > wordlists. In fact, I couldn't get it to work until I did.
> >
> >
> > Greg McCann
>
> Greg,
>
> I wish I could explain it, but I can't -- someone else is going to have
> to answer it for you.
>
> I'm using postfix and procmail (cause that's what Mandrake defaults to)
> and it's working just fine for me.
>
> The permissions are:
>
> drwxr-xr-x 2 root root 4096 Jan 26 08:00
> /var/lib/bogofilter
> -rw-r----- 1 relson relson 71651328 Feb 20 19:06
> /var/lib/bogofilter/wordlist.db
>
>
> Whether this is a sendmail/procmail difference or something else, I
> can't say.
>
> David
>
Just to add my twopennyworth - we use qmail on FreeBSD, where all users
are POP3 or IMAP. All incoming mail uses a single account, and each user
has their own wordlist. This has permissions set to 600. Training is
done by assigning the user a user-ham@ and user-spam@ address which
delivers the message to bogofilter in -n or -s mode. Again, the single
user account is used for this.
We had originally tried global filtering but there was quite a large
number of false positives, although this may well have been because our
wordlist wasn't large enough for the user base (3600+ on multiple
domains). However, users weren't willing (or able) to submit mails for
training and this was also the reason we decided not to use the -u
switch. Now, filtering is available to those who ask for it, and by
implication they're probably more willing to feed and take care of their
wordlist. I've found that a personal list of 3.5MB can produce excellent
results, with no false positives so far.
At least with my own wordlist I'm at a stage where I'm now going to
employ SoS (Shoot on Sight) mode for spams, with a very high degree of
confidence.
-Adrian
More information about the Bogofilter
mailing list