1 Add option -g group to have the milter create a group-writeable socket
2 for communication with the MTA and set the GID of the socket to the
3 specified group. This makes it possible to use the milter via a
4 unix-domain socket with Postfix as the MTA (Postfix doesn't run as
5 root and would otherwise be unable to use the socket).
7 http://bugzilla.redhat.com/452248
9 diff -up spamass-milter-0.3.1/spamass-milter.cpp.group spamass-milter-0.3.1/spamass-milter.cpp
10 --- spamass-milter-0.3.1/spamass-milter.cpp.group 2010-03-24 13:30:19.030834527 +0000
11 +++ spamass-milter-0.3.1/spamass-milter.cpp 2010-03-24 13:40:54.712898107 +0000
21 @@ -180,8 +182,9 @@ int
22 main(int argc, char* argv[])
25 - const char *args = "fd:mMp:P:r:u:D:i:Ib:B:e:x";
26 + const char *args = "fd:mMp:P:r:u:D:i:Ib:B:e:xg:";
30 char *pidfilename = NULL;
32 @@ -228,6 +231,9 @@ main(int argc, char* argv[])
34 sock = strdup(optarg);
37 + group = strdup(optarg);
40 pidfilename = strdup(optarg);
42 @@ -287,6 +293,7 @@ main(int argc, char* argv[])
43 cout << " [-P pidfile] [-r nn] [-u defaultuser] [-x]" << endl;
44 cout << " [-- spamc args ]" << endl;
45 cout << " -p socket: path to create socket" << endl;
46 + cout << " -g group: socket group (perms to 660 as well)" << endl;
47 cout << " -b bucket: redirect spam to this mail address. The orignal" << endl;
48 cout << " recipient(s) will not receive anything." << endl;
49 cout << " -B bucket: add this mail address as a BCC recipient of spam." << endl;
50 @@ -354,6 +361,30 @@ main(int argc, char* argv[])
52 debug(D_MISC, "smfi_register succeeded");
59 + (void) smfi_opensocket(0);
60 + gr = getgrnam(group);
64 + rc = chown(sock, (uid_t)-1, gr->gr_gid);
67 + (void) chmod(sock, 0660);
69 + perror("group option, chown");
73 + perror("group option, getgrnam");
78 debug(D_ALWAYS, "spamass-milter %s starting", PACKAGE_VERSION);
80 debug(D_ALWAYS, "spamass-milter %s exiting", PACKAGE_VERSION);
81 diff -up spamass-milter-0.3.1/spamass-milter.1.in.group spamass-milter-0.3.1/spamass-milter.1.in
82 --- spamass-milter-0.3.1/spamass-milter.1.in.group 2010-03-24 13:30:19.026834927 +0000
83 +++ spamass-milter-0.3.1/spamass-milter.1.in 2010-03-24 13:30:19.033834685 +0000
86 .Op Fl e Ar defaultdomain
92 @@ -108,6 +109,12 @@ flag.
95 to fork into the background.
97 +Makes the socket for communication with the MTA group-writable (mode 0750)
98 +and sets the socket's group to
100 +This option is intended for use with MTA's like Postfix that do not run as
101 +root, and is incompatible with Sendmail usage.
103 Ignores messages if the originating IP is in the network(s) listed.
104 The message will be passed through without calling SpamAssassin at all.