mail/dspam: implement privilege separation (resolves bug running with suexec)

- Runs as dspam:dspam instead of root:mail. The dspam UID/GID were created
  in r168311 when the UIDs/GIDs files were added but the port had always
  used root:mail. This had prevented running the dspam webUI under Apache
  with suexec due to a minimal requirement of UID/GID of 100. The original
  unsecure behavior is available with the SETUID option.
- Default run directory is now /var/run/dspam. This follows the default
  upstream behavior and removes the patch to dspam.c as a result. Use
  RUN_DIR and correct the dspam.conf.sample file accordingly.
- Default daemon/client communication port is now 2424.
- Regen patches while here (portlint)

UPDATING: Document privilege separated dspam

PR:		115957
Reported by:	tedm@ipinc.net, support@ipinc.net
Submitted by:	Danny Warren <danny@dannywarren.com> (maintainer)

1 files changed, 10 insertions, 0 deletions

diff --git a/UPDATING b/UPDATING
index 4518fc356e1d..c38f41400253 100644
--- a/UPDATING
+++ b/UPDATING
@@ -5,6 +5,16 @@ they are unavoidable.
 You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
+20160501:
+  AFFECTS: Users of mail/dspam
+  AUTHOR: junovitch@FreeBSD.org
+
+  dspam has been modified to no longer run as root:mail by default.
+  Existing configuration must be adjusted to reflect using a non-privileged
+  port and the /var/run/dspam directory for PID and socket files.  If you
+  need dspam to run as root for your mail setup, you can use the SETUID
+  config option to enable the old insecure behavior.
+  
 20160424:
   AFFECTS: Users of net-mgmt/icinga2
   AUTHOR: lme@FreeBSD.org