ending the spam.assassin.prefs.conf madness.
Matt Kettler
mkettler at EVI-INC.COM
Mon Nov 21 21:39:18 GMT 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Julian Field wrote:
>> Julian.. Here's another point to consider... Why should MailScanner's
>> installation be modifying the site options AT ALL?
>>
>>
> To make it easier/automatic for 90-something % of user
Julian, the SA defaults already do that.
I'm all for changes that actually help, but by-and-large you're just
force-choosing a different set of defaults for them, which aren't necessarily
better or more accurate.
Many of the options in spam.assassin.prefs.conf aren't about making SA work
better with MailScanner, they're about your personal preferences.
Case in point: dns_available yes
Here you've disabled SA's inherent DNS test, without reason to believe DNS is
actually working.
Case in point: bayes_file_mode 0770.
Why? You've weakened security for no express purpose I can see. This might make
sense with bayes_path, but without it I see no purpose. (And I definitely view
forcing bayes_path as "user unfriendly" since it breaks sa-learn. Glad to see
that's been commented out)
Case in point: ok_locales en
Now you've forced users to start spam scoring non-English mail, without any
reason to believe the end-user is even primarily English. I know *I* receive
many valid non-English mails at this site. I have users who regularly exchange
email in at least 3 different non-English languages. And from the looks of it,
MailScanner has a lot of German users...
Case in point: lock_method flock
Most users might not be on NFS, but the default of nfssafe will work for any
filesystem type, albeit with more overhead. Is tweaking speed with the possible
expense of causing bayes corruption making things easier for the naive user?
Admittedly the naive user shouldn't have NFS, but the naive user also shouldn't
be administering a mailserver. Who knows what the previous, more competent,
admin set up for them.
There are some options here which ARE about making SA work better with
MailScanner, but they are a minority.
i.e: envelope_sender_header, bayes_ignore_header.
> Which is true in virtually all novice-user cases.
> Users like you can easily undo anything I've done that you don't like. I'm trying to make it easier for the vast bulk of MailScanner users who don't know much about Unix and like having everything done for them. How many MailScanner admins don't even know what NFS is? I suspect the answer is at least "most".
True, but why force-choose the less-safe option for them? SA already defaults to
the safest option. It does so for a reason. It makes it work for more users "out
of the box" with fewer problems.
> Matt Kettler wrote:
>>
>> IMHO, you're doing a bit too much for the user, and running into
>> problems you
>> shouldn't be having in the first place.
>>
>>
> In my book, doing too much for user is pretty much impossible. Anything
> else, and you are expecting too much from the user. Assume they don't
> know how to use a keyboard and you won't go far wrong.
Ouch.. since when did you start working for Microsoft? :)
Seriously though, it is VERY easy to do too much for the user. There are
definitely some cases where doing things for the user is just leading them into
deep water without them knowing about it.
Case in point, IE's "show friendly URLs", which simplifies information presented
to the user, at the expense of making phishing impossible for the user to detect
because only the hostname is shown.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list