mailscanner-newbie: mails are created funny

Marc Mc Guinness security at MCGUINNESS.DE
Sat Oct 19 08:59:07 IST 2002 

Hello,

Am Freitag, 18. Oktober 2002 18:58 schrieben Sie:
> At 17:21 18/10/2002, you wrote:
> >Hello,
> >
> >I've installed mailscanner 3.13.2-4 on Debian Woody 3.0 with
> >sendmail 8.12.6-6. My virusengine is f-secure (fsav).
> >
> >I've got some problems getting it properly to work. First of all
> >f-secure didn't want to start an told me something about
> > problems with the code status. So I changed
> > /usr/share/mailscanner/sweep.pl at the section "f-secure" from
> > $S_Beta to $S_Supported. After that the mailscanner started.
>
> Why didn't you just read the web page the error message referred
> you to, and did what it told you to? You don't go editing the
> code, that's what the mailscanner.conf file is for.

I've read that page, but for some reason I didn't see any hints for
my problem. Probably my english is not good enough...

By the way: Is it possible to access these error page later on
without having the error message (and the link) in front of me? I
couldn't find a link on the mailscanner homepage.

> >Now I've got the output directory at /var/mail (owner root,
> > group mail).
>
> Why /var/mail and not /var/spool/mqueue like the docs tell you
> to? /var/mail is where your user mailboxes probably are, and the
> last thing you want is MailScanner putting its output in there.

Whooops. Sh**.

> >  I created the input directory /var/spool/mqueue.in and
> >sendmail put its mails in there with the rights -rw-r-----
> > (owner: root, group: smmsp). So I changed the mailscanner user
> > to smmsp and the group also to smmsp.
>
> No, just leave it commented the user and group commented out. It
> says this in the comments for these 2 items:
> # User to run as (not normally used for sendmail)
> # Group to run as (not normally used for sendmail)
>
> As you are using sendmail, they aren't supposed to be used.

Ok.

> >But now the created output mails (To: ddorf) in /var/mail/ have
> > the rights and the funny filenames (created by sendmail in
> >/var/spool/mqueue.in):
>
> That's because you told MailScanner to put its output in the
> middle of your mailboxes. It is sendmail's job to deliver mail
> from a queue into your mailboxes, and it is very good at it.
> MailScanner does not get involved with mail delivery at all.

I understand.

> >-rw-rw----1 ddorf       mail          0 Oct 18 15:31     ddorf
> >-rw-r----- 1 root         smmsp   701 Oct 18 04:45
> > dfg9I2jQE8005980 -rw-r----- 1 root         smmsp   365 Oct 18
> > 16:08 dfg9IE024T012385 -rw-r----- 1 root        smmsp  3980 Oct
> > 18 16:02 dfg9IE224T012785 -rw------- 1 smmsp    smmsp   1025
> > Oct 18 05:00 qfg9I2jQE8005980 -rw------- 1 smmsp    smmsp
> > 929 Oct 18 16:08 qfg9IE024T012385 -rw------- 1 smmsp    smmsp
> >  922 Oct 18 16:04 qfg9IE224T012785
> >
> >So the mails for user ddorf aren't associated to him and when I
> > try to get the mails via pop3 none are downloaded.
> >
> >The mailscanner works fine, but I can't pop the mails anymore
> > after adding the 2 startup lines to
> > /usr/share/sendmail/sendmail Probably I have to change
> > something within sendmail to tell it how to create received
> > emails. But I don't know what.
>
> (Apologies if I sound a bit abrupt, I've been trying to get V4
> out the door all afternoon and autoconf is behaving like a
> worthless piece of rubbish :-(

No problem. Thank you for your help!

Best regards,

Marc Mc Guinness

More information about the MailScanner mailing list