Thank you, but no go still :(

Matt Doherty Matthew_doherty at DATAWATCH.COM
Wed Jun 19 20:01:44 IST 2002 

Thank you for the info.
There was a line in the /etc/syslog.conf file ">mail.none /var/log/maillog
<" I changed it to ">mail.debug /var/log/maillog <" (none to debug)
restarted syslog and still no go.
Upon reading your next option I also noticed there was a missing "-r" switch
in the line from /etc/rc.d/init.d/syslog .. I did a restart and
unfortunately no go.. I restarted mailscanner.. then a tail -f
/var/log/maillog and no action..:( at that point I can send mail still but
all of a sudden I cant receive any new ones..so I tried sending mail from a
remote domain over and over and got no erros on the sendees side but on my
receiving end (with mailscanner) I received no new mail.. being in a panic
..lol.. I did a mailscanner stop and then a sendmail start and immediatly
received all mail from 10 minutes ago from the remote domain.. These test
emails have no attachments and have as little as one word of text in both
subject and body..permissions for any files including the maillog have not
been altered since the beginning of mailscanner install...from yesterdays
fresh new install of mailscanner the only thing new today was the new
version you put out on the ftp site..mailscanner-3.20-6.i386.rpm -U option
was used.. that i did... (not saying this problem wasn't an issue yesturday,
,it was).. I have found something in Google about a statement in a
procmail.rc file? I did a locate for it and its not on my RH7.2 system at
least. apparently someone had a issue with maillog not being written to and
a line in that file was the fix..oh well, I hope to get this thing working
.. I like it.. As with some unix programs i have to put up a small
fight..but its worth it to keep windows and gates away from my world..:)
Thank You Much for speedy reply!! however I am still stuck.:(
I did check all files and reread the mailscanner.conf file.. no changes to
the conf file were needed.. It kept my previous settings.. sophos etc..
  -----Original Message-----
  From: Julian Field [mailto:jkf at ECS.SOTON.AC.UK]
  Sent: Wednesday, June 19, 2002 3:19 PM
  To: MAILSCANNER at JISCMAIL.AC.UK
  Subject: Re: Strange Message


  At 17:56 19/06/2002, you wrote:
  >RH 7.2
  >Sendmail 8.11.6
  >latest RPM fresh install of mailscanner and all perl updates
  >
  >When I do a chkconfig --list | grep sendmail
  >It shows 0 - 5 runlevels as off

  Correct. You don't want sendmail to be run from the sendmail
  /etc/rc.d/init.d/sendmail script, which is what
  chkconfig --list | grep sendmail
  will show you.

  >ps -A | more shows sendmail and mailscanner running

  Good. There should be 2 sendmail processes running, one with something
like
  "-q15m" on its command-line, and another accepting connections on port 25.
  And 1 MailScanner process running.

  >maillog is not being written to and there is no sign of a .maillog.swp
either

  There shouldn't be a .maillog.swp file as you don't really want to edit
  your logs with vi, which is what that usually implies.

  As your maillog isn't being written to by MailScanner, check that there is
  a line in your /etc/syslog.conf file that says
  mail.debug /var/log/maillog
  If there isn't one, then add it and then run the command
  /etc/rc.d/init.d/syslog restart
  If you still can't get anything from MailScanner into your maillog, then
  you will need to edit /etc/rc.d/init.d/syslog a little bit. There is a
line
  that sets the value of "SYSLOGD_OPTIONS", and this should say
  SYSLOGD_OPTIONS="-r -m 0"
  (the new bit is the "-r"). If you make that change, you will need to
  /etc/rc.d/init.d/syslog restart
  again so that it makes use of the change.

  >chkconfig mailscanner on (or off) shows nothing.. I just get the command
  >prompt

  It doesn't print anything, but it has the effect of telling Linux whether
  to start MailScanner (or not) the next time the computer boots Linux. If
  you have done this a few times, then you need to ensure it is set to start
  on boot. So do
  chkconfig mailscanner on
  and then do
  chkconfig --list | grep mail
  and you should see that sendmail is switched off at all run levels, and
  mailscanner is switched on at levels 3,4,5. The startup script
  corresponding to this is /etc/rc.d/init.d/mailscanner, which actually not
  only starts MailScanner, but also starts the 2 sendmail processes it
needs.
  This is why sendmail is apparently off and mailscanner is on.

  >doing tests im lucky to say mail is being sent.. but have no idea if
  >mailscanner is scanning due to the fact that the maillog is not being
  >written to .. strange?
  >my mail log is is in its default location too... /var/log/maillog so I am
  >worried.
  >I am sorry if this seems to be a newbie question, cuz I am :)
  >should I execute these commands in this order?
  >chkconfig --add mailscanner
  > >/etc/rc.d/init.d/sendmail stop
  > >chkconfig sendmail off
  > >chkconfig --level 2345 sendmail off
  > >rm -f /etc/rc.d/rc2.d/S30sendmail

  You can do that if your like, it won't do any harm. But if you do a
  chkconfig --list | grep mail
  first you will probably find you don't need to do them as sendmail will be
  off and mailscanner will be on.

  > I have not done this yet..
  >I guess you could tell im abit scared to do this during a busy time at
our
  >company, but need to get mailscanner working properly at this very
  >moment.. ahhh!

  A good way to test MailScanner is to send some mail through it containing
  the "eicar" test virus. This is a totally harmless file which you can
  download from www.eicar.org but which will be detected as a virus by all
  the virus scanners. Remember, if sending it from the same machine as the
  one running MailScanner, that you need to send the mail in via the SMTP
  port (25) and you don't just call sendmail directly. So probably best for
  your testing to send the mail from another PC so you can be sure it is
  talking to the MailScanner server by SMTP.

  Hopefully that's enough to get you going. And I hope a few people find
this
  info useful in future via the mailing list archives...

  Jules.
  >-----Original Message-----
  >From: Julian Field [mailto:jkf at ECS.SOTON.AC.UK]
  >Sent: Tuesday, June 18, 2002 11:18 PM
  >To: MAILSCANNER at JISCMAIL.AC.UK
  >Subject: Re: Strange Message
  >
  >At 22:56 18/06/2002, you wrote:
  > >-----Original Message-----
  > >From: Matthew_doherty at DATAWATCH.COM
  > >
  > > > Does this mean we have to remove sendmail from RedHats boot up
  > services ?
  > >
  > >Yep, like I said 2 responses ago :-)
  > >on RH, use chkconfig
  > >
  > > > Or does the rpm automatically do that during the install?
  > >
  > >nope, it doesn't.
  >
  >Oh, yes it does. (Cue Punch & Judy jokes... oh, no it doesn't... oh, yes
it
  >does... :-)
  >
  > From the "%post" script in the RPM spec From the "%post" script in the
  > RPM spec <a href=":
  > >chkconfig --add mailscanner
  > >/etc/rc.d/init.d/sendmail stop
  > >chkconfig sendmail off
  > >chkconfig --level 2345 sendmail off
  > >rm -f /etc/rc.d/rc2.d/S30sendmail
  >
  >--
  >Julian Field Teaching Systems Manager
  >jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
  >Tel. 023 8059 2817 University of Southampton
  >Southampton SO17 1BJ

  --
  Julian Field Teaching Systems Manager
  jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
  Tel. 023 8059 2817 University of Southampton
  Southampton SO17 1BJ

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20020619/b0067fc3/attachment.html

More information about the MailScanner mailing list