[TriLUG] procmail with postfix/ spamassassin

Tanner Lovelace lovelace at wayfarer.org
Wed Jan 14 09:22:43 EST 2004 

Michael Hrivnak wrote:
> Dear all,
> 
> I could use some assistance with my mail server (Mandrake 9.2).  I've got 
> postfix running such that it executes a script which processes an email 
> through spamassassin and then returns it to postfix for delivery.  The 
> problem though is that it seems to run as user "spamfilter", which I suspect 
> is why my personal .procmailrc file isn't having any effect.  I don't fully 
> understand which programs run as which users in this whole process, which is 
> why I would like some guidance.
> 
> This setup has worked beautifully until I tried to make my personal 
> .procmailrc.  Procmail doesn't seem to notice it at all.  Is procmail running 
> as user spamfilter?  Of course, only my username and group "mail" have access 
> to my spool file.  Here are my config files and the spam script (extension 
> changed for convenience).  Note that the stuff I added is at the bottom of 
> the .cf files.  Also note that I am fooling around with SASL, but it's still 
> broken.  Comments on that are welcome as well!
> 
> http://hrivnak.org/mailconfig/
> 
> In case my recipes are buggy, the intent is to move all mail from trilug to 
> the folder "trilug", all spam with a score of 10+ to "myspam", and all other 
> suspected spam to "spam".
> 
> Just for fun, I threw in "processlist.txt" which is the result of "ps -Af".
> 
> All comments are welcome.  I'm interested in learning why $HOME/.procmailrc is 
> ignored, and I'd be happy to take advice on any other issues you might spot.

My guess is that it's something to do with the fact that your spam filter
is running postfix again from the filter itself.  Personally, I'd disable
the filter, and run spamassassin through the systemwide /etc/procmailrc
(that is, in fact, what I do on my Mandrake mail server).  This is my
/etc/procmailrc file that does that:

--- cut here ---
# We shouldn't be running as a privileged user, but just in case,
# make sure we drop any privileges we have
DROPPRIVS=1

# Let's run SpamAssassin (http://spamassassin.taint.org/) site-wide.
:0fw
| spamc -f

--- cut here ---

Note, also, that if you want spamassassin to use user configuration files
you should add --user-config to the spamd command line.  This is what
I've got in my /etc/sysconfig/spamassassin file (which adds command line
options):

--- cut here ---
SPAMDOPTIONS="-d -c -a -m5 -H --user-config"
--- cut here ---

This setup works very well for me.  Since procmail handles local
delivery (it's the MDA), user ~/.procmailrc files work fine.  User
configuration in ~/.spamassassin works well, and all local mail
is run through spamassassin.

Is there a reason you'd prefer using the filter over something like
this?

Cheers,
Tanner
-- 
Tanner Lovelace | lovelace(at)wayfarer.org | http://wtl.wayfarer.org/
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
GPG Fingerprint = A66C 8660 924F 5F8C 71DA  BDD0 CE09 4F8E DE76 39D4
GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
Have we sent the "Don't shoot, we're pathetic" transmission yet?
                                 Commander John Crichton (Farscape)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 222 bytes
Desc: OpenPGP digital signature
URL: <http://www.trilug.org/pipermail/trilug/attachments/20040114/670da41e/attachment.pgp>

More information about the TriLUG mailing list