Nice easy Spamassassin question

From: Frank Leonhardt <freebsd-doc_at_fjl.co.uk>
Date: Mon, 15 Sep 2025 20:53:03 UTC 
Apparently someone's decided to drop sendmail from the base system in 
15. True or otherwise, I'm planning ahead.

So I'm setting up the sendmail external package in a jail, configured 
thus (apart from it having a proper IPv4 address)

mail { ip4.addr = 1.2.3.4;  allow.raw_sockets = 1; enforce_statfs=1 ; 
allow.mount ; allow.mount.fdescfs ; allow.mount.linsysfs ; 
allow.mount.linprocfs ; allow.mount.tmpfs ; allow.mount.devfs ; }

I don't know if all these options are needed. There's mount.devfs and 
mount.procfs for good measure.

I've installed the sendmail PACKAGE instead of the base system. It's 
compiled with SASL support anyway, which is better because you kinda 
need that!

But spamassassin is causing me trouble.

<hostname>.cf has the correct(?) runes:

Xspamassassin, S=local:/var/run/spamass-milter.sock, 
F=T,T=C:15m;S:4m;R:4m;E:10m

But you'll be please to know it's not the mc or cf file, or even 
sendmail, that's the the real problem. I've isolated it outside of that 
nightmare.

The socket exists while it's running:

srw-r--r--  1 root wheel 0 Sep 15 19:12 /var/run/spamass-milter.sock

And the service IS running.

root@mail:/ # service sa-spamd status
spamd is running as pid 9934.
root@mail:/ # service spamass-milter status
spamass_milter is running as pid 13169.

But for whatever reason, sendmail can't connect to it using spamc. 
Possibly because it's owned by root - but isn't it always on FreeBSD? 
Anyway, it tries to pass it to the public IP address, which spamc 
rejects as unauthorised in the log files. Well and good but I want it to 
go through a local socket like normal. But that won't even won't even 
work if I test it outside sendmail.

I try the SA test message, guaranteed to upset it (at least at one time):

echo "<GTUBE pattern>" | spamc -R -U /var/run/spamass-milter.sock

The I get back 0/0 - which indicates to me that spamc couldn't connect.

If I try it to spamassassin -t I get the appropriately processed message.

So what's going on? I'm thinking it's something to do with sockets and 
jails but I'm running out of ideas.

Does anyone know how to run spamassassin in a jail successfully with the 
milter? Probably just a nice simple option I've missed :-)

Never mind sendmail - I'll deal with that later if I need. This is 
isolated to "echo <stuff> | spamc -R" not working.

Thanks, Frank.