Strange Message

Julian Field jkf at ecs.soton.ac.uk
Wed Jun 19 19:15:51 IST 2002 

At 17:56 19/06/2002, you wrote:
>RH 7.2
>Sendmail 8.11.6
>latest RPM fresh install of mailscanner and all perl updates
>
>When I do a chkconfig --list | grep sendmail
>It shows 0 - 5 runlevels as off

Correct. You don't want sendmail to be run from the sendmail
/etc/rc.d/init.d/sendmail script, which is what
         chkconfig --list | grep sendmail
will show you.

>ps -A | more shows sendmail and mailscanner running

Good. There should be 2 sendmail processes running, one with something like
"-q15m" on its command-line, and another accepting connections on port 25.
And 1 MailScanner process running.

>maillog is not being written to and there is no sign of a .maillog.swp either

There shouldn't be a .maillog.swp file as you don't really want to edit
your logs with vi, which is what that usually implies.

As your maillog isn't being written to by MailScanner, check that there is
a line in your /etc/syslog.conf file that says
mail.debug                      /var/log/maillog
If there isn't one, then add it and then run the command
         /etc/rc.d/init.d/syslog restart
If you still can't get anything from MailScanner into your maillog, then
you will need to edit /etc/rc.d/init.d/syslog a little bit. There is a line
that sets the value of "SYSLOGD_OPTIONS", and this should say
         SYSLOGD_OPTIONS="-r -m 0"
(the new bit is the "-r"). If you make that change, you will need to
         /etc/rc.d/init.d/syslog restart
again so that it makes use of the change.

>chkconfig mailscanner on (or off) shows nothing.. I just get the command
>prompt

It doesn't print anything, but it has the effect of telling Linux whether
to start MailScanner (or not) the next time the computer boots Linux. If
you have done this a few times, then you need to ensure it is set to start
on boot. So do
         chkconfig mailscanner on
and then do
         chkconfig --list | grep mail
and you should see that sendmail is switched off at all run levels, and
mailscanner is switched on at levels 3,4,5. The startup script
corresponding to this is /etc/rc.d/init.d/mailscanner, which actually not
only starts MailScanner, but also starts the 2 sendmail processes it needs.
This is why sendmail is apparently off and mailscanner is on.

>doing tests im lucky to say mail is being sent.. but have no idea if
>mailscanner is scanning due to the fact that the maillog is not being
>written to .. strange?
>my mail log is is in its default location too... /var/log/maillog  so I am
>worried.
>I am sorry if this seems to be a newbie question, cuz I am :)
>should I execute these commands in this order?
>chkconfig --add mailscanner
> >/etc/rc.d/init.d/sendmail stop
> >chkconfig sendmail off
> >chkconfig --level 2345 sendmail off
> >rm -f /etc/rc.d/rc2.d/S30sendmail

You can do that if your like, it won't do any harm. But if you do a
         chkconfig --list | grep mail
first you will probably find you don't need to do them as sendmail will be
off and mailscanner will be on.

>  I have not done this yet..
>I guess you could tell im abit scared to do this during a busy time at our
>company, but need to get mailscanner working properly at this very
>moment.. ahhh!

A good way to test MailScanner is to send some mail through it containing
the "eicar" test virus. This is a totally harmless file which you can
download from www.eicar.org but which will be detected as a virus by all
the virus scanners. Remember, if sending it from the same machine as the
one running MailScanner, that you need to send the mail in via the SMTP
port (25) and you don't just call sendmail directly. So probably best for
your testing to send the mail from another PC so you can be sure it is
talking to the MailScanner server by SMTP.

Hopefully that's enough to get you going. And I hope a few people find this
info useful in future via the mailing list archives...

Jules.
>-----Original Message-----
>From: Julian Field [mailto:jkf at ECS.SOTON.AC.UK]
>Sent: Tuesday, June 18, 2002 11:18 PM
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: Re: Strange Message
>
>At 22:56 18/06/2002, you wrote:
> >-----Original Message-----
> >From: Matthew_doherty at DATAWATCH.COM
> >
> > > Does this mean we have to remove sendmail from RedHats boot up
> services ?
> >
> >Yep, like I said 2 responses ago :-)
> >on RH, use chkconfig
> >
> > > Or does the rpm automatically do that during the install?
> >
> >nope, it doesn't.
>
>Oh, yes it does. (Cue Punch & Judy jokes... oh, no it doesn't... oh, yes it
>does... :-)
>
> From the "%post" script in the RPM spec From the "%post" script in the
> RPM spec <a href=":
> >chkconfig --add mailscanner
> >/etc/rc.d/init.d/sendmail stop
> >chkconfig sendmail off
> >chkconfig --level 2345 sendmail off
> >rm -f /etc/rc.d/rc2.d/S30sendmail
>
>--
>Julian Field Teaching Systems Manager
>jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
>Tel. 023 8059 2817 University of Southampton
>Southampton SO17 1BJ

--
Julian Field                Teaching Systems Manager
jkf at ecs.soton.ac.uk         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ

More information about the MailScanner mailing list