Spamassassin 2.6x per-user configuration

[ProfiTiger]

Help needed: Spamassassin 2.6x per-user configuration

Does anybody know, if the file user_prefs (configuration-file for Spamassassin, located in /var/qmail/mailnames/domainname/mailboxname) is generated via script on mailbox-creation or is copied from somewhere? The default user_prefs has only 4 lines (without razor, pyzor, dcc, autolearn...). It would be very usefull for me to know this, so I could save much time, because now I have to copy the file I configured in each new mailbox via ssh. I have some scripts which act on domain-creation (for awstats p.e.), but I did not find a handler or a variable from which I can get the mailboxname like it is stored in qmail/mailnames for copying user_prefs-file via script on mailbox creation.

 

[mian]

watch out with awstats 6 has a hole that allows people to execute remote commands, had someone use it to wget a backdoor and execute it on 6.1 but the firewall stopped them getting to it luckily.

Warning, a security hole exists in old AWStats versions (from 5.0 to 6.3) when AWStats is used as a CGI: A remote user can execute arbitrary commands on your server using permissions of your web server user (in most cases user "nobody" or "wwwroot").
If you use AWStats with a recent version or if AWStats is not available as a CGI, you are safe. If not, it is highly recommanded to upgrade to 6.4 version, or higher, that fix all known security holes.

 

[ProfiTiger]

tnx, did update (see signature) ;-)