bogofilter -u let's spam come through
Tom Allison
tallison at tacocat.net
Sat Feb 21 14:39:12 CET 2004
David Relson wrote:
> On Fri, 20 Feb 2004 17:29:40 -0800
> Greg McCann wrote:
>
>
>>On 2/20/2004 at 7:16 PM David Relson <relson at osagesoftware.com> wrote:
>>
>>
>>>I'm with Tom - lock it down.
>>>
>>>My 5 user domain shares a wordlist that's permitted 640, which works
>>>fine with "-u".
>>
>>Hi David,
>>
>>Would you please explain how you get that to work correctly? When I
>>set up bogofilter on my system, I found (if I recall correctly) that
>>sendmail was running processes called from ~/.procmailrc with the
>>permissions of the user receiving the mail. Since bogofilter -u was,
>>in effect, being run by all users I thought I had to chmod 666 the
>>wordlists. In fact, I couldn't get it to work until I did.
>>
I'll take a stab at it, but my first guess woudl be something like this:
If David Relson has a permissions of 640, then only one person will be
able to update the list and everyone in his (assumption) users group can
read it. This would work fine if he had a really good bogofilter
wordlist and didn't want anyone else just updating it casually. For
example, he may control all the updates while his users/family reap the
benefits of his labor.
However, if you are planning on having several users doing both updates
(-u) and reads from the database then you have to do two things:
set the permissions to 660.
make sure all your users are in the same group as the bogofilter
wordlist so they can act on it.
More information about the Bogofilter
mailing list