Per user SA-Bayes tokens in SQL

Rob Sterenborg (lists) lists at sterenborg.info
Mon Sep 3 15:18:24 CEST 2012


On Mon, 2012-08-20 at 16:49 +0200, Nick Rosier wrote:
> Hi,
> 
> is there a way to configure per-user Bayes tokens for SA?
> 
> In my bayes config I've removed the bayes_sql_override_username. Initial 
> training when mail is scanned by Amavis/SpamAssassin still seems to 
> store the tokens as the amavis-user rather than the recipient.
> Re-training is done with a custom script that configures the user 
> (sa-learn -u). Is it possible to configure Amavis so it passes the 
> recipient to SpamAssassin so it can store per-user Bayes information?

I'm by no means an expert on the subject, and I only recently worked out
the below. I may have something wrong, but.. "hope this helps".


I setup Amavisd to use SQL for config:
(Sorry, you'll have to watch line wrapping!)

@lookup_sql_dsn	=
( ['DBI:mysql:database={amavis_db_name};host={mysql_ip};port=3306',
'{amavis_mysql_user', '{amavis_mysql_pass}'] );

@storage_sql_dsn = @lookup_sql_dsn;

- In the policy table, the last field is called "sa_username". This is
the user that SA will be run as and will be used in the SA per-user SQL
config.
- Don't use the sa_userconf field. Leave it empty, set it to NULL,
whatever.
- In the users table you can put username (email address, email domain)
together with a policy_id (and priority), so that the correct policy is
used when an email is received.



For SA, I used in /etc/mail/spamassassin/{sql_filename}.conf:

bayes_store_module Mail::SpamAssassin::BayesStore::MySQL
bayes_sql_dsn
DBI:mysql:{sa_db_name}:{mysql_ip};mysql_client_found_rows=0
bayes_sql_username {sa_mysql_user}
bayes_sql_password {sa_myqsl_pass}

When SA is called, it will create the user it is called with in the
bayes_vars table if it doesn't exist. The user's id will be used in the
bayes_token and bayes_seen tables when tokens or msgid's are added. This
all works automagically AFAICS.

If you want to manually expire tokens, you have to call "sa-learn
--force-expire" with -u {username} to specify the user you want to
expire tokens for.


I think this is as complete as I can be.


--
Rob




More information about the amavis-users mailing list