[BlueOnyx:20669] Re: AV-SPAM 6.3.0 released

Michael Stauber mstauber at blueonyx.it
Fri Feb 17 16:13:21 -05 2017 

Hi Michael,

> Since you have put in this work I have a feature request. It is not urgent
> at all but it would be really nice to allow Site Admins  to be able to add
> global rules. That way if a vsite has 60 users they do not need to whitelist
> an address for each user. 

Let me think about that for a bit and I'll see if and how I can do this
without causing problems.

As things are a siteAdmin doesn't have the ACL privileges to modify the
Namespace 'AVSPAM_Settings' of the 'System' Object. A change of the
global rules requires that SpamAssassin is restarted. The restart is
done via a trigger in 'AVSPAM_Settings'. Personal rules don't require a
restart of anything, as SpamAssassin pulls them in on the fly.

Now if we give a siteAdmin the privilege to add and edit custom global
rules, then he can't restart SpamAssassin to put these rules into
effect. Granting him that right is a privilege escalation for restarting
a crucial service that affects everyone. This needs to be considered
with care. A siteAdmin could force a quick succession of service
restarts that throw a wrench into email delivery for everyone.

Also: We might not want that a siteAdmin deletes or modifies global
rules that you set up yourself. The way I store the rules currently
makes all global rules deletable and editable for anyone who gets past
the ACLS's. That's because all the rules are treated equally and I make
no privilege distinction between which user created which global rule.

The rules aren't even in CODB, as I parse a SpamAssassin config file on
the fly for them.

Now I could let global siteAdmin rules go into a queue and a cronjob
appends them to the existing global rules. That way a siteAdmin won't
even be able to touch your existing rules and we have the cronjob doing
the service restart, so a siteAdmin can't force a mass of service
restarts in short order. Likewise: This would prevent siteAdmin's from
messing with your existing rules, as he cannot delete or change them.

Yeah, this might work. I'll think a bit more about it and will see what
I can do.

-- 
With best regards

Michael Stauber

More information about the Blueonyx mailing list