Hello,
I have bayes learning scripts installed and running as crontab, as per wiki. They're working properly, judging by the output of "sa-learn --dump magic".
However, I have noticed this in a typical spam message log:
<code>
Jan 22 10:35:43 email sendmail[17849]: m0MFZgJs017849: from=<chakkala@3g-italy.com>, size=2384, class=0, nrcpts=1, msgid=<000601c85d0c$029c87cc$3552c9a8@odvjuo>, proto=ESMTP, relay=root@localhost
Jan 22 10:35:43 email sendmail[17850]: m0MFZhdv017850: from=<chakkala@3g-italy.com>, size=2583, class=0, nrcpts=1, msgid=<000601c85d0c$029c87cc$3552c9a8@odvjuo>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Jan 22 10:35:43 email spamd[13831]: connection from localhost.localdomain [127.0.0.1] at port 44660
Jan 22 10:35:43 email spamd[13831]: info: setuid to root succeeded
Jan 22 10:35:43 email spamd[13831]: Still running as root: user not specified with -u, not found, or set to root. Fall back to nobody.
Jan 22 10:35:43 email spamd[13831]: processing message <000601c85d0c$029c87cc$3552c9a8@odvjuo> for root:99.
Jan 22 10:35:43 email spamd[13831]: bayes expire_old_tokens: lock: 13831 cannot create tmp lockfile /root/.spamassassin/bayes.lock.email.portfolioaid.com.13831 for /root/.spamassassin/bayes.lock: Permission denied
Jan 22 10:35:43 email spamd[13831]: cannot write to /root/.spamassassin/bayes_journal, Bayes db update ignored: Permission denied
Jan 22 10:35:46 email spamd[13831]: identified spam (6.3/5.0) for root:99 in 3.2 seconds, 2946 bytes.
Jan 22 10:35:46 email spamd[13831]: result: Y 6 - ALL_TRUSTED,BAYES_99,DRUGS_ERECTILE,HTML_FONT_BIG,HTML_MESSAGE,HTML_NONELEMENT_00_10,URIBL_SC_SURBL,URIBL_WS_SURBL scantime=3.2,size=2946,mid=<000601c85d0c$029c87cc$3552c9a8@odvjuo>,bayes=1,autolearn=no
Jan 22 10:35:46 email sendmail[17850]: m0MFZhdv017850: Milter add: header: X-Spam-Flag: YES
</code>
What this tells me is that, although spamd/spamc start as user "root" (and show as "root" in my "ps wx" output), they fall back to user "nobody" - and this one has no permissions to write to the "/root/.spamassassin/" directory.
By the way, /root/.spamassassin/ contains these three files:
-rw-r--r-- 1 root root 1.2K Nov 13 2006 user_prefs
-rw------- 1 root root 5.2M Jan 20 11:47 bayes_toks
-rw------- 1 root root 644K Jan 20 11:47 bayes_seen
And they appear to be updated relatively often (toks/seen).
Here are the questions:
1) does "expire_old_tokens" matter for performance?
2) is there some better way to test if the bayesian learning is working, other than "sa-learn --dump magic" command?
3) If this is the issue of permissions, can I try to recreate the three files from /root/.spammassassin/ (perhaps in /etc/mail/spamassassin/.spamassassin)?
4) If I can re-create, how do I change the preferences to point to the new path?
5) In order to keep bayes_toks and bayes_seen humming happily, could I just copy the ones from root's .spamassassin and change ownership to nobody?
Thanks a lot.