I have encountered a problem with the spamassassin configuration on iworx.
First, the spamd bayes database is stored in /tmp. By definition, this is a temporary directory, and in some cases is a ramdisk (which would cause loss of spamd’s homedir on reboot). Additionally, this means that ALL domains using spamassassin will use a global bayes database. This is a terrible idea in a webhosting environment, since CustomerA has different criteria on what constitutes spam than CustomerB.
It appears that the developers either overlooked the following option, or noted its warning that it’s incompatible with SQL implementations, and settled for a global database.
(source: spamd(1) manpage)
SPAMD(1) User Contributed Perl Documentation SPAMD(1)
[…]
–virtual-config-dir=dir Enable pattern based Virtual configs
(needs -x)
[…]
–virtual-config-dir=pattern
This option specifies where per-user preferences can be found for
virtual users, for the -x switch. The pattern is used as a base
pattern for the directory name. Any of the following escapes can
be used:
%u -- replaced with the full name of the current user, as sent by
spamc.
%l -- replaced with the ’local part’ of the current username. In
other words, if the username is an email address, this is the part
before the "@" sign.
%d -- replaced with the ’domain’ of the current username. In other words, if the username is an email address, this is the part after
the "@" sign.
%% -- replaced with a single percent sign (%).
So for example, if "/vhome/users/%u/spamassassin" is specified, and
spamc sends a virtual username of "jm@example.com", the directory
"/vhome/users/jm@example.com/spamassassin" will be used.
The set of characters allowed in the virtual username for this path
are restricted to:
A-Z a-z 0-9 - + _ . , @ =
All others will be replaced by underscores ("_").
This path must be a writable directory. It will be created if it
does not already exist. If a file called user_prefs exists in this
directory (note: not in a ".spamassassin" subdirectory!), it will
be loaded as the user’s preferences. The auto-whitelist and/or
Bayes databases for that user will be stored in this directory.
Note that this requires that -x is used, and cannot be combined
with SQL- or LDAP-based configuration.
The documentation recommends per-user databases:
(from Mail::SpamAssassin::CoUser)Contributed Perl DocumenMail::SpamAssassin::Conf(3))
By default, each user has their own, in their “~/.spamassassin”
directory with mode 0700/0600, but for system-wide SpamAssassin
use, you may want to reduce disk space usage by sharing this across
all users. (However it should be noted that Bayesian filtering
appears to be more effective with an individual database per user.)
Additionally, there appears to be no way to “move” the user-added configuration options. Since SA options are read “down” and will clobber, the order is important.
Finally, how is someone supposed to “tell” SA when it’s made a mistake? Will use of SA require use of Horde so that server-side folders can be seen? How can users send the sa-learn command? Does use of SA require IMAP?