Author: jm
Date: Wed Aug 24 20:40:26 2005
New Revision: 239986
URL: http://svn.apache.org/viewcvs?rev=239986&view=rev
Log:
bug 4546: add --allow-tell/-l spamd option, so that spamd users cannot use the new learn functionality, without the sysadmin accepting the risks of spoofing first
Modified:
spamassassin/branches/3.1/spamc/spamc.pod
spamassassin/branches/3.1/spamd/spamd.raw
spamassassin/branches/3.1/t/spamc_optC.t
spamassassin/branches/3.1/t/spamc_optL.t
Modified: spamassassin/branches/3.1/spamc/spamc.pod
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/spamc/spamc.pod?rev=239986&r1=239985&r2=239986&view=diff
==============================================================================
--- spamassassin/branches/3.1/spamc/spamc.pod (original)
+++ spamassassin/branches/3.1/spamc/spamc.pod Wed Aug 24 20:40:26 2005
@@ -112,10 +112,16 @@
ham or forget. The exitcode for spamc will be set to 5 if the message
was learned, or 6 if it was already learned.
+Note that the C<spamd> must run with the C<--allow-tell> option for
+this to work.
+
=item B<-C> I<report type>
Report or revoke a message to one of the configured collaborative filtering
databases. The C<report type> can be either report or revoke.
+
+Note that the C<spamd> must run with the C<--allow-tell> option for
+this to work.
=item B<-p> I<port>
Modified: spamassassin/branches/3.1/spamd/spamd.raw
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/spamd/spamd.raw?rev=239986&r1=239985&r2=239986&view=diff
==============================================================================
--- spamassassin/branches/3.1/spamd/spamd.raw (original)
+++ spamassassin/branches/3.1/spamd/spamd.raw Wed Aug 24 20:40:26 2005
@@ -154,6 +154,7 @@
# Parse the command line
Getopt::Long::Configure("bundling");
GetOptions(
+ 'allow-tell' => \$opt{'tell'},
'allowed-ips|A=s' => \@{ $opt{'allowed-ip'} },
'auth-ident' => \$opt{'auth-ident'},
'configpath|C=s' => \$opt{'configpath'},
@@ -168,6 +169,7 @@
'ldap-config!' => \$opt{'ldap-config'},
'listen-ip|ip-address|i:s' => \$opt{'listen-ip'},
'local!' => \$opt{'local'},
+ 'l' => \$opt{'tell'},
'L' => \$opt{'local'},
'round-robin!' => \$opt{'round-robin'},
'min-children=i' => \$opt{'min-children'},
@@ -1390,6 +1392,11 @@
$expected_length = $hdrs->{expected_length};
+ if (!$opt{tell}) {
+ service_unavailable_error("TELL commands have not been enabled.");
+ return 0;
+ }
+
if ($hdrs->{set_local} && $hdrs->{remove_local}) {
protocol_error("Unable to set local and remove local in the same operation.");
return 0;
@@ -2164,6 +2171,7 @@
Options:
+ -l, --allow-tell Allow learning/reporting
-c, --create-prefs Create user preferences files
-C path, --configpath=path Path for default config files
--siteconfigpath=path Path for site configs
@@ -2239,6 +2247,21 @@
adding I<no> (B<--nouser-config>), however, this is usually unnecessary.
=over 4
+
+=item B<-l>, B<--allow-tell>
+
+Allow learning and forgetting (to a local Bayes database), reporting
+and revoking (to a remote database) by spamd. The client issues a TELL
+command to tell what type of message is being processed and whether
+local (learn/forget) or remote (report/revoke) databases should be
+updated.
+
+Note that spamd always trusts the username passed in (unless
+B<--auth-ident> is used) so clients could maliciously learn messages
+for other users. (This is not ususally a concern with an SQL Bayes
+store as users will typically have read-write access directly to the
+database, and can also use C<sa-learn> with the B<-u> option to
+achieve the same result.)
=item B<-c>, B<--create-prefs>
Modified: spamassassin/branches/3.1/t/spamc_optC.t
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/t/spamc_optC.t?rev=239986&r1=239985&r2=239986&view=diff
==============================================================================
--- spamassassin/branches/3.1/t/spamc_optC.t (original)
+++ spamassassin/branches/3.1/t/spamc_optC.t Wed Aug 24 20:40:26 2005
@@ -13,7 +13,7 @@
loadplugin reporterplugin ../../data/reporterplugin.pm
");
-start_spamd("-L");
+start_spamd("-L --allow-tell");
%patterns = ( 'Message successfully reported/revoked' => 'reported spam' );
Modified: spamassassin/branches/3.1/t/spamc_optL.t
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/t/spamc_optL.t?rev=239986&r1=239985&r2=239986&view=diff
==============================================================================
--- spamassassin/branches/3.1/t/spamc_optL.t (original)
+++ spamassassin/branches/3.1/t/spamc_optL.t Wed Aug 24 20:40:26 2005
@@ -14,7 +14,7 @@
bayes_store_module Mail::SpamAssassin::BayesStore::SDBM
");
-start_spamd("-L");
+start_spamd("-L --allow-tell");
%patterns = ( 'Message successfully un/learned' => 'learned spam' );
ok (spamcrun ("-L spam < data/spam/001", \&patterns_run_cb));
Date: Wed Aug 24 20:40:26 2005
New Revision: 239986
URL: http://svn.apache.org/viewcvs?rev=239986&view=rev
Log:
bug 4546: add --allow-tell/-l spamd option, so that spamd users cannot use the new learn functionality, without the sysadmin accepting the risks of spoofing first
Modified:
spamassassin/branches/3.1/spamc/spamc.pod
spamassassin/branches/3.1/spamd/spamd.raw
spamassassin/branches/3.1/t/spamc_optC.t
spamassassin/branches/3.1/t/spamc_optL.t
Modified: spamassassin/branches/3.1/spamc/spamc.pod
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/spamc/spamc.pod?rev=239986&r1=239985&r2=239986&view=diff
==============================================================================
--- spamassassin/branches/3.1/spamc/spamc.pod (original)
+++ spamassassin/branches/3.1/spamc/spamc.pod Wed Aug 24 20:40:26 2005
@@ -112,10 +112,16 @@
ham or forget. The exitcode for spamc will be set to 5 if the message
was learned, or 6 if it was already learned.
+Note that the C<spamd> must run with the C<--allow-tell> option for
+this to work.
+
=item B<-C> I<report type>
Report or revoke a message to one of the configured collaborative filtering
databases. The C<report type> can be either report or revoke.
+
+Note that the C<spamd> must run with the C<--allow-tell> option for
+this to work.
=item B<-p> I<port>
Modified: spamassassin/branches/3.1/spamd/spamd.raw
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/spamd/spamd.raw?rev=239986&r1=239985&r2=239986&view=diff
==============================================================================
--- spamassassin/branches/3.1/spamd/spamd.raw (original)
+++ spamassassin/branches/3.1/spamd/spamd.raw Wed Aug 24 20:40:26 2005
@@ -154,6 +154,7 @@
# Parse the command line
Getopt::Long::Configure("bundling");
GetOptions(
+ 'allow-tell' => \$opt{'tell'},
'allowed-ips|A=s' => \@{ $opt{'allowed-ip'} },
'auth-ident' => \$opt{'auth-ident'},
'configpath|C=s' => \$opt{'configpath'},
@@ -168,6 +169,7 @@
'ldap-config!' => \$opt{'ldap-config'},
'listen-ip|ip-address|i:s' => \$opt{'listen-ip'},
'local!' => \$opt{'local'},
+ 'l' => \$opt{'tell'},
'L' => \$opt{'local'},
'round-robin!' => \$opt{'round-robin'},
'min-children=i' => \$opt{'min-children'},
@@ -1390,6 +1392,11 @@
$expected_length = $hdrs->{expected_length};
+ if (!$opt{tell}) {
+ service_unavailable_error("TELL commands have not been enabled.");
+ return 0;
+ }
+
if ($hdrs->{set_local} && $hdrs->{remove_local}) {
protocol_error("Unable to set local and remove local in the same operation.");
return 0;
@@ -2164,6 +2171,7 @@
Options:
+ -l, --allow-tell Allow learning/reporting
-c, --create-prefs Create user preferences files
-C path, --configpath=path Path for default config files
--siteconfigpath=path Path for site configs
@@ -2239,6 +2247,21 @@
adding I<no> (B<--nouser-config>), however, this is usually unnecessary.
=over 4
+
+=item B<-l>, B<--allow-tell>
+
+Allow learning and forgetting (to a local Bayes database), reporting
+and revoking (to a remote database) by spamd. The client issues a TELL
+command to tell what type of message is being processed and whether
+local (learn/forget) or remote (report/revoke) databases should be
+updated.
+
+Note that spamd always trusts the username passed in (unless
+B<--auth-ident> is used) so clients could maliciously learn messages
+for other users. (This is not ususally a concern with an SQL Bayes
+store as users will typically have read-write access directly to the
+database, and can also use C<sa-learn> with the B<-u> option to
+achieve the same result.)
=item B<-c>, B<--create-prefs>
Modified: spamassassin/branches/3.1/t/spamc_optC.t
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/t/spamc_optC.t?rev=239986&r1=239985&r2=239986&view=diff
==============================================================================
--- spamassassin/branches/3.1/t/spamc_optC.t (original)
+++ spamassassin/branches/3.1/t/spamc_optC.t Wed Aug 24 20:40:26 2005
@@ -13,7 +13,7 @@
loadplugin reporterplugin ../../data/reporterplugin.pm
");
-start_spamd("-L");
+start_spamd("-L --allow-tell");
%patterns = ( 'Message successfully reported/revoked' => 'reported spam' );
Modified: spamassassin/branches/3.1/t/spamc_optL.t
URL: http://svn.apache.org/viewcvs/spamassassin/branches/3.1/t/spamc_optL.t?rev=239986&r1=239985&r2=239986&view=diff
==============================================================================
--- spamassassin/branches/3.1/t/spamc_optL.t (original)
+++ spamassassin/branches/3.1/t/spamc_optL.t Wed Aug 24 20:40:26 2005
@@ -14,7 +14,7 @@
bayes_store_module Mail::SpamAssassin::BayesStore::SDBM
");
-start_spamd("-L");
+start_spamd("-L --allow-tell");
%patterns = ( 'Message successfully un/learned' => 'learned spam' );
ok (spamcrun ("-L spam < data/spam/001", \&patterns_run_cb));