MS4.x config/runtime issues

David Lee t.d.lee at DURHAM.AC.UK
Fri Nov 8 10:08:23 GMT 2002

On Thu, 7 Nov 2002, Julian Field wrote:

> At 17:18 07/11/2002, you wrote:
> >1. bin/MailScanner/ :  MS gave a message:
> >      Your vendor has not defined the Sys::Syslog macro _PATH_LOG at [...]
> >    By commenting out the line:
> >      eval { Sys::Syslog::setlogsock('unix'); }; # Doesn't need syslogd -r
> >    this then worked, apparently with no ill effect.
> >    Seems to be  sort of Perl/Solaris interaction (Perl 5.6.0; Solaris 8).
> >    Does the MS code need to be more tolerant, and/or autoconf'd?
> The failure message doesn't actually cause any harm. Basically it tries to
> use a domain socket instead of a UDP socket, so you don't have to open up
> your syslogd to accept UDP logging requests from other machines (which
> might be used as a DoS attack on your server by forcing gigabytes of syslog
> traffic).

Thanks, Julian.  Overall: Good News, No News (yet) and Bad News.

So, in reverse order...

> Please can you try the attached patch to to see if it removes the
> error message on your system.

The patch doesn't seem to remove the message; the versions seem
indistinguishable in behaviour.

Note also that both versions have a further problem.  This only comes to
light after five of the previous messages had been issued.  (Because of
that previous behaviour, my trials had never got as far as revealing the
further problem.)  After about five of the:
   Your vendor has not defined the Sys::Syslog macro _PATH_LOG at [...]
it then gives:
   We haven't got any child processes, which isn't right!, No child processes at /opt/MailScanner/bin/mailscanner line 191.
   We have just tried to reap a process which wasn't one of ours!, No child processes at /opt/MailScanner/bin/mailscanner line 194.

Basically MS doesn't ever really get started: the messages just sit in the
inbound queue.

> >2. lib/mcafee-wrapper:  has pathname "/usr/local/uvscan/uvscan" hardcoded.
> >    At our site the pathname is different.  OK, I can tweak things to make
> >    it work.  But in v3 this had been configurable in etc/mailscanner.conf
> >    and v4.x seems to have gone backwards: no longer configurable.
> You just edit the wrapper. The setting in mailscanner.conf in V3 set the
> location of the wrapper, not the location of uvscan itself. So this isn't
> actually any different. If you moved uvscan to somewhere else, you would
> have edited the wrapper to point to the correct location. In V4 you can
> find the wrapper script more easily as they are all in the same place.

OK, I'll look deeper, and get back to you if I still think there might be
an issue.

> >3. With v3, I had had the default (and sensible!):
> >       Outgoing Queue Dir = /var/spool/mqueue
> >
> >    To ensure co-residency on the same physical partition of the other
> >    directories, they had been subdirectories of this:
> >       Incoming Queue Dir = /var/spool/mqueue/
> >       Incoming Work Dir = /var/spool/mqueue/incoming
> >       Quarantine Dir = /var/spool/mqueue/quarantine
> >    Solid and safe.
> >[...]
> >    Is there any reason why v4.x forbids such subdirectory use?
> >[...]
> >    Does MailScanner really require this restriction?  Can it be removed?
> I thought it was a good idea at the time, but setups such as yours hadn't
> occurred to me. On reflection it may be better to remove the check. I will
> still look for a q1 or qf directory though, in an attempt to find split
> queue directories which sendmail will use if it finds them. So you can get
> it going now, the minimal patch to is attached to this message.
> There is actually just 1 extra line of code.

Good News:  That seems fine.  Many thanks.


:  David Lee                                I.T. Service          :
:  Systems Programmer                       Computer Centre       :
:                                           University of Durham  :
:            South Road            :
:                                           Durham                :
:  Phone: +44 191 374 2882                  U.K.                  :

More information about the MailScanner mailing list