Bug#293207: bogofilter: Any fix found?

Dann Daggett dann at exposim.com
Mon Mar 7 20:59:24 CET 2005 

>Matthias Andree wrote
>> Since I have different wordlists for each user, the process runs as 
>> each user, and therefore it doesn't have permission to access the 
>> files. So I think I need a way to tell whatever process is creating 
>> the log files (be it bogofilter, DB, or logrotate)

>The process is bogofilter or bogoutil. Check who calls your processes.

Thank you Matthias.

I assume that it is Sendmail that calls my .procmailrc file in /home/dann.
-rw-------    1 dann     root          400 Mar  4 18:14 .procmailrc

The content of /home/dann/.procmailrc is:
--------------------------------------------------------------------
SHELL=/bin/sh
PMDIR=$HOME/Procmail
MAILDIR=$HOME/Procmail       # Make sure this directory exists!
INCLUDERC=$HOME/.dmdbogo_procmailrc
--------------------------------------------------------------------

So that in turn calls /home/dann/.dmdbogo_procmailrc
-rw-------    1 dann     dann         1197 Mar  2 12:17 .dmdbogo_procmailrc

The content of /home/dann/.dmdbogo_procmailrc is:
--------------------------------------------------------------------
# This is the procmailrc file that is used to hook up our bogofilter
# spam filtering functions, including whitelist support.

# Send the header through the dmd_whitelist first.
:0hWc
| dmd_whitelist
# save the exit code for testing.
excode = $?

# If exit code = 0, then the sender is not on the whitelist, so
# proceed with the bogofilter checks.
:0
* excode ?? ^^0^^
{
  # Call bogofilter, passing it the email, but cloning the email too
  # since bogofilter sucks up the email data. We'll test the return
  # code to see what it determined.
  :0 Wc
  | bogofilter

  # If the -u option is used on the previous bogofilter command, make
  # sure the bfmode var is set to "Updating". If -u is not set, then
  # bfmode should be set to "Training"
  bfmode = "Training"

  # save the bogofilter exit code for testing.
  bfexit = $?

  # test bfexit
  :0
  * bfexit ?? ^^0^^
  {
    :0fw:dmdbogo.lock
    | dmd_bogo Yes $bfmode
  }

  # test bfexit
  :0
  * bfexit ?? ^^1^^
  {
    :0fw:dmdbogo.lock
    | dmd_bogo No $bfmode
  }

  # test bfexit
  :0
  * bfexit ?? ^^2^^
  {
    :0fw:dmdbogo.lock
    | dmd_bogo Unsure $bfmode
  }

  # test bfexit
  :0
  * bfexit ?? ^^3^^
  { EXITCODE=75 HOST }
}
--------------------------------------------------------------------

The dmd_whitelist program parses the mail header and looks up various data
from my postgresql database to see if the mail is from someone on my
whitelist or not.

If not on the whitelist, the dmd_bogo program is called, which among other
things writes a copy of the email to the /home/dann/Procmail directory (this
is used for training later). But the relevant part of this is the fact that
all files that get created in /home/dann/Procmail are owned by the current
user "dann"

	/home/dann/Procmail
	-rw-r-----    1 dann     dann         1761 Mar  3 06:16 96
	-rw-r-----    1 dann     dann         1165 Mar  3 06:18 97

showing that the processes, including bogofilter, are being run as the local
user, and not root.

So everything works fine, until the current log.000000000 file reaches 1MB,
and a new one gets created. But because this new log file gets created as
owned by root, and not dann, the next email that comes in fails to properly
execute bogofilter. That continously errors until I manually chown
log.00000000 to dann, and then it works ok until the next successive log
file gets created.

So the issue is, even though Sendmail calls .procmailrc as user "dann",
somehow bogofilter doesn't use that user info whenever it automatically
creates a new log file. Of course, it may be the DB engine that is creating
the logfile and not bogofilter, but it must be bogofilter's use of the DB
that initiates that.

I assume the programmers of bogofilter would know this actually works?

For now, I am stuck with manually chowning the new log file when I see that
my email is coming in without any bogofilter headers. Perhaps I'll set up a
cron job to do this every few minutes until this issue is resolved.

Finally, recent activity of this list that's been discussing the database
transactions vs. non-transactions have led me to question if these log files
are part of that transaction system, and if I disable transactions would
these log files no longer get created, thereby working around my problem
until a better solution is found?

Thanks for all the help! I do appreciate it.
Dann

_______________________________________________
Bogofilter mailing list
Bogofilter at bogofilter.org
http://www.bogofilter.org/mailman/listinfo/bogofilter

More information about the Bogofilter mailing list