postfix, spamassassin, dovecot and sieve?

Dear Lazyweb, how do I use both SpamAssassin and Sieve at the same time? Is the way this works that Postfix writes /var/mail/jwz via procmail, and then dovecot reads from there and moves the messages to ~/mail/ via sieve? I can't even tell.

Postfix has:

mailbox_command = /usr/bin/procmail
/etc/procmailrc is: DROPPRIVS=yes
:0fw | /usr/bin/spamc -u $LOGNAME -x -s 100000000

/var/mail/jwz gets X-Spam-Status headers written into it. So far so good.

/etc/dovecot/dovecot.conf (for dovecot 2.0) has:

protocol lda { ... mail_plugins = sieve ... }

Dovecot is managing to read messages out of /var/mail/jwz and deliver them to me over IMAP, with SA headers intact. But it's not running sieve, possibly not even running its own lda, and everything I have googled so far is a twisty maze of illiterate wikis that may or may not be written for versions of the software that is 5+ years out of date. I thought maybe the answer was to add

| /usr/libexec/dovecot/deliver -d $LOGNAME

to the end of procmailrc, but that let me to discover that:

% cat testmsg | /usr/libexec/dovecot/deliver -d jwz
Exit 75
lda: Error: dlopen(/usr/lib64/dovecot/lda/ failed: /usr/lib64/dovecot/lda/ undefined symbol: tried_default_save
lda: Fatal: Couldn't load required plugins

So I guess I have the wrong version of the sieve plugin? I have: dovecot-2.0-0.18_114_rc3.el5 and dovecot-sieve-0.1.17-5.el5 on CentOS release 5.4 (Final)

Update: Ok, I seem to have figured it out. First, "dovecot-pigeonhole" is the oh-so-obviously-named package in which the proper version of sieve resides. Second, it looks like I don't actually need to let procmail darken my doorstep at all, as I can just do this in postfix's

mailbox_command = /usr/bin/spamc -x -s 100000000 -e /usr/libexec/dovecot/deliver

Also, log_path and info_log_path have to be blank (meaning "use syslog") in the lda section of dovecot.conf, otherwise lda/sieve can't write to dovecot's log files. Hopefully this isn't doing something stupid like allowing sieve to write arbitrary files as root. With the quality of the related documentation, who can tell. But the logfile thing suggests not, I guess.

Update 2: Oh, well here's a problem: that bounces mail if spamd is down. Which it is, briefly, every night when it is restarted with -HUP after running "sa-update". Dammit. Any suggestions?

Update 3: Add "|| exit 75" to mailbox_command to have Postfix queue-and-retry on failure.

Tags: , , , ,

Students Aren't Allowed To Touch Real Rocks

How the Consumer Product Safety Commission drives parents--and everyone else--crazy.

American Educational Products had their shipment all ready: A school's worth of small bags, each one filled with an igneous, sedimentary and metamorphic rock. Then the school canceled its order. Says Warring, "They apparently decided rocks could be harmful to children."

The children will study a poster of rocks instead.

And so it goes in the unbrave new world, where nothing is safe enough. It's a world brought to us by the once sane, now danger-hallucinating Consumer Product Safety Commission.


DNA Lounge: Wherein our store gets fancier.

I made some changes to the DNA Lounge store today.

We often get email from people who don't understand how will-call tickets work. Questions like, "I bought this ticket with my mom's credit card, how do I get in?", or "My friend paid for our tickets but now he's not going, what do I do?", or "Dear Beloved in Christ, I am the widow of the Minister of Finance of Malaysia." We get these questions despite the fact that no less than three separate times during the checkout process it tells you that to pick up will-call tickets, you just need to know two things: the name on the credit card used; and the confirmation code.

People don't read. We know this.

So I figured, well, if there was something on the screen that looked like a ticket, maybe these non-reading people would make the intuitive leap from there to, "I should print this out and take it with me."

So that's what it does now. It looks like this:

Technically that thing on the screen isn't really a ticket, it's just a pretty piece of paper that has the correct purchaser name and confirmation code on it, and when you hand that to the folks at the front door, they will give you your actual tickets, which are the little raffle-spool-looking ones.

I had to upgrade the store server to a faster machine to do this, because apparently using ImageMagick to do such simple font scaling and placement takes a ridiculous amount of CPU.

Also, the confirmation email you get when you place an order is HTML now, because it is the Twenty-First Century.

Please let me know if anything appears to be broken.

By the way, in anticipation of those of you who are about to ask, "Why don't you mail tickets?", the answer is that it's a really expensive hassle at every step of the way: the printer, the thermal media, and the person to stuff envelopes in a timely fashion. It's just not worth the effort. It wouldn't speed up entry, anyway: ID-check is always the bottleneck, not will-call.


Keith Haring's TRON

Tags: , , ,

Panopticon Barbie

The new All-Seeing-Eye Barbie records 30 minutes of video.

"Because the doll can be posed, she doubles as a pretty good tripod."

This is so much better than the eye in the Six Million Dollar Man doll was.


Tags: ,

Foxtail Somersault

Tags: , ,


Tags: , ,

DNA Lounge: Wherein the New York Times is dumb, and the NASCARization of the web continues.

You may notice that I've sprinkled a bunch of Facebook "Like" buttons all over the web site. You'll see one in the title box of this blog entry, on the flyer pages, and next to each calendar event. I guess it's a low-key way to tell your friends what events you're attending without making the commitment of actually posting about it, or something. It's kind of ugly and cluttered, but all the cool kids are doing it.

There's also a thing on the ticket checkout page that exhorts you to post about your planned attendance to Facebook and Twitter. I've seen a few people using that so far, so I guess that's working.

Meanwhile, here's a really dumb War on Fun article in the New York Times:

Patrolling Near Clubs Carries High Cost

But the police argue that closing clubs will not stem the violence, or the department's mounting costs. Kitt Crenshaw, a police commander who oversees the North Beach patrols, said the burden should be shifted to club owners.

So which is it? If the closing the clubs won't stem the violence, doesn't that imply that the clubs are not the cause? And if they are not the cause, why do you want them to pay for the excessive, commerce-destroying (and, apparently, ineffective) police presence in North Beach?

Mr. Crenshaw plans to propose regulations, based on practices in other cities, that would require clubs handling crowds of 100 or more people to enlist their state-certified security guards in unprecedented police-led training, install video cameras, improve outdoor lighting and install identification card readers that would allow the police and club owners to track patrons.

He said he would also like to see certain clubs pay a fee for police services.

So which is it? Are these "based on practices in other cities" or are they "unprecedented"? I think you do not know what that word means.

Forcing clubs to further invade their patrons' privacy by scanning their IDs on the way in will do nothing. If you've been following the press about the recent shootings, the common thread is that these people were not customers of the clubs! This was gang violence happening on public streets.

Then the article wraps up with the harrowing tale of a guy who was sitting on the sidewalk, and may have made a gang sign. Then the police told him that they were considering the possiblity of telling him to move along. Wow.

Isn't "sitting" illegal now, anyway?


Weasel Words: Now Automated!

"Prevent flame wars and litigation with ToneCheck™"

A newsflash has this moment arrived from the Malabar front. The action we are now reporting may well bring the flame war within measurable distance of its end.


Tags: , , ,

"Side effects may include sparkle babies."

Previously, previously.

Scene missing! A video in this post has disappeared. If you know of an accessible version of this video (search), please mail me so that I can update this post.
Tags: , , , ,
Current Music: as noted

  • Previously