Philip Newton (pne) wrote,
Philip Newton

  • Mood:
I tried to replace my mail filtering script by one using a newer version of Mail::Audit as well as using Mail::SpamAssassin, both of which modules my web host kindly installed for me.

However, at first some test spams I forwarded didn't get sent back to me, which is not good. Also, I couldn't add the Received: header at the front since the position parameter isn't passed on to Mail::Header. (Nor would I have been able to extract any Received: header but the first.)

What is even worse, however, is that I got an error message after every single email due to the script's failing with "Insecure dependency in unlink during global destruction"; apparently, the basic MIME stuff uses a temporary directory which it tries to clean up at the end, but it derives the name from unsafe information. Since my script is run setuid and also runs with -T (which is the default under setuid anyway), unlink() refuses to delete those files and the script fails. That's bad because everyone who sends me email will get such a failure report sent back to them, even if the mail was delivered successfully. And it's ugly.

So I've reverted back to the previous version for now (which I, fortunately, saved).

Edit: The message doesn't appear when I pass nomime => 1 to the constructor (which I found as a workaround for something else in the SpamAssassin FAQ). But I still don't quite trust the script as some of the spam I sent myself as a test didn't get to me. I'm not sure whether it's the fault of the script, the mailer on that system, GMX, somewhere in between, or what, but I don't want to run the rist of losing mail. I'll have to test some more, maybe next Sunday.
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment