efa-project.org

Is version 4 going to be built without 'release mail' link and 'report as spam' signature'?
Or is this still in development?

I noticed the release-msg and lean-msg scripts were gone.

Release mail link and report as spam are gone (deprecated in v3, gone in v4)

Reasons:

Breaks DKIM signatures
Release mail link had a serious side effect and was deprecated in v3 -- The MailWatch Reports auto release is superior and has no side effects.
Report as spam was also removed as part of this. Use MailWatch instead to feed bayes.

Was the release mail side effect that sendmail -t?
Would it be possible to alter the token system to allow for the recipient only to release to him/herself?

So essentially all of my email users have to get familiar with mailwatch and have an account on mailwatch to report as spam now?

Yeah, the sendmail -t was a big problem.

It might be possible. I would have to do some more research. As they are in v3, though, the CGI scripts won't do.

Would you allow a page to be created that required a messageID and recipient email verification process that would release the quarantined mail without a login requirement?
For example, the message could stay the same about 'so and so tried to send you an email and it is not going to be delivered, etc' but at the bottom of the message put a link to a page to enter the message id and your email address and if that's a match in the DB then it releases it only to you.

I know the functions already exist to send mail to specific people. And I'm trying to keep it simple for our users to not have to bother me and wait. But also not have to navigate thru any menus.

As far as I can tell, the quarantine_release() function releases the email to all of the original recipients as well.
So it doesn't seem that it is better than the cgi stuff from that perspective.

FYI I was successful in altering the auto_release.php, CustomActions.pm, and recipient.spam.report.txt to allow people to receive their quarantined spam using the same functions that already exist and without using the old cgi-bin stuff.
Are you interested in making something like this optional in v4? or really wanting to leave it out altogether?

Yes, please feel free to share. I can add it in as an option.

The last bit, I'm having trouble with:
I think I remember reading that eFa wants to integrate with SELinux and there is one part that doesn't work with SELinux on.
Maybe someone can help me. But I need the CustomActions.pm file to access the eFa password file to store the tokens. Works just fine with 'setenforce 0'
but I know that won't work for this project and I'm lost when it comes to SELinux. I may be able to figure it out but if someone knows how to accomplish this let me know. Thanks.