Hello everyone,
I'm in process of writing an (OSS / Python) mail filter that would connect to SA and statistical filter (statistical filter like DSPAM would clean mail first since it has greater accuracy for spam words detection; SA would clean second in line as it has great features like detection of spamvertised URLs that most often get through statistical filters) to make spam filtering more effective.
For this purpose, I really, really need to run at least one Exim transport as root, because I need to chown and chmod IMAP quarantine folders after those folders are created and my filter subscribed a user to relevant quarantine folder (well you can't count on every user subscribing to normally undisplayed IMAP folder in webmail, it's the software that has to do this).
For this purpose I have this transport:
mailfilter:
driver = pipe
command = /etc/domeny/mailfilter -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}} -d $domain -l \"$local_part\" -i $sender_host_address -e /home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs -s $message_size -a $sender_address -m $message_id -c $rcpt_count -t $received_protocol -h "$acl_m_subject" -p $pipe_addresses
current_directory = "/tmp"
home_directory = "/tmp"
log_output
message_prefix =
message_suffix =
return_fail_output
no_return_path_add
user = root
group = mail
Later the "mailfilter" program reinjects the message traditional way (exim -oMr protocol..), largely because there is no clean/safe way for now to modify the message body during ACL scanning.
However, after I try to deliver smth into quarantine using this router and transport:
quarantine_director:
driver = accept
condition = ${if eq{$received_protocol}{quarantine}{1}{0} }
domains = lsearch;/etc/virtual/domainowners
group = mail
retry_use_local_part
transport = quarantine_delivery
quarantine_delivery:
driver = appendfile
create_directory
delivery_date_add
directory_mode = 770
envelope_to_add
directory = /home/${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}/imap/${domain}/${local_part}/Maildir/.quarantine
maildir_format
group = mail
mode = 660
return_path_add
user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}"
quota = ${if exists{/etc/virtual/${domain}/quota}{${lookup{$local_part}lsearch*{/etc/virtual/${domain}/quota}{$value}{0}}}{0}}
..delivery fails with this message:
2007-11-01 19:26:55 1Inei2-0003NO-4S == tda7@??? R=quarantine_director T=quarantine_delivery defer (13): Permission denied: failed to open tmp/1193941615.H533832P14301.da7.domeny.com (10 tries)
Delivery has been attempted by "mailfilter" using args like following:
/usr/sbin/exim -oMr quarantine -f tda1@??? -bm tda7@???
So, questions:
1. What's wrong with this delivery? I mean, there obviously is a permission issue with this tmp/... temporary mail file, but I have no idea where it's located / how to fix this. And what has caused this?! After all, "mailfilter" reinjected this
I have to run "mailfilter" transport as root, but this screws up delivery later and I don't know how to fix this.
2. Should I design it for delivery of quarantined mail by my program or configure Exim do it? Which is better?
3. Does Exim run as root while processing ACL or av_scanner=cmdline: conditions?
Opinions? Or, better yet, experiences and good arguments?
P.S. UNIX security model sucks. :-( They really should have implemented ACLs instead of root / user model.
--
Marcin Krol
