Re: [Exim] Localuser Permissions on Director Lookup?

Top Page
Delete this message
Reply to this message
Author: Jeffrey Goldberg
Date:  
To: Ephraim Silverberg
CC: Exim Mailing List
Subject: Re: [Exim] Localuser Permissions on Director Lookup?
On Wed, 13 Sep 2000, Ephraim Silverberg wrote:

> I'm trying to get Exim to do a lookup using the localuser's permissions
> on the director level (it does set the permissions to the user at the
> transport level). Here's the director:


I've cut snipped from it, substantially for quoting.

> spam_email:
> driver = localuser

    [...]

>   condition = "${if [...]
>                            { ! exists {${home}/.nospam} }                      \
>                            { eq {spam} {${lookup {$sender_address} lsearch*    \
>                                          {${home}/.nospam} {nospam} {spam}}} } \

[...]

> The problem is that ${home}/.nospam has 0600 permissions and setting
> 'user = ${local_part}' also only affects the transport level.


My instinct is to push to actual file scanning of $HOME/nospam out of exim
altogether. Run a cron job every couple of hours which collects that info
and creates a nice cdb, dbm or whatever file, and have exim do a simple
lookup. This will speed up deliveries. The only problem is that changes
to .nospam will not take effect immediately. But it has several
advantages: Faster delivery and more flexible parsing (and future
extensions of) the .nospam file are two advantages that come immeidately
to mind.

> Note that 'root' on the fileserver does not have root permissions on
> ${home} so that's not the solution either.


The cron script will have to be run some place by some user that can
read those files, of course. But it can suid all it wants, I suppose.

I realize that this isn't the type of solution you were looking for, and
probably have some reason for not going that way.

-j

--
Jeffrey Goldberg
I have recently moved, see http://www.goldmark.org/jeff/contact.html
Relativism is the triumph of authority over truth, convention over justice