MailScanner issue with postfix

Sylvain MEDEOT symedeot at YAHOO.FR
Mon Jun 23 10:37:59 IST 2003 

Many thanks for you help..

After some more testings, here is the current situation...

My /etc/postfix.in/main.cf is like that :

defer_transport  = smtp local virtual relay
defer_transports = smtp local virtual relay
queue_directory = /var/spool/postfix.in
queue_run_delay = 60
default_destination_recipient_limit = 100
initial_destination_concurrency = 10
minimal_backoff_time = 60
maximal_backoff_time = 400
empty_address_recipient = si04
default_process_limit = 100
error_notice_recipient = root
transport_maps = hash:/etc/postfix/transport
message_size_limit = 90240000
bounce_size_limit = 100000
recipient_canonical_maps = hash:/etc/postfix/canonical_sender

In the manual, it is mentionned to add defer_transports = ... I already had
a line defer_transport (no s) so I put both...

My /etc/postfix.in/master.cf is like that :

smtp      inet  n   -   n   -   -   smtpd
pickup    fifo  n   n   n   60  1   pickup
cleanup   unix  -   -   n   -   0   cleanup
qmgr      fifo  n   -   n   300 1   qmgr
rewrite   unix  -   -   n   -   -   trivial-rewrite
bounce    unix  -   -   n   -   0   bounce
defer     unix  -   -   n   -   0   bounce
smtp      unix  -   -   n   -   -   smtp
showq     unix  n   -   n   -   -   showq
error     unix  -   -   n   -   -   error
local     unix  -   n   n   -   -   local
cyrus     unix  -   n   n   -   -   pipe
    flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
uucp      unix  -   n   n   -   -   pipe
    flags=F user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail    unix  -       n       n       -       -       pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
    flags=F. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient


When I send messages, they are accepted :

[root at intranet postfix.in]# du -ks /var/spool/postfix.in/deferred
368     /var/spool/postfix.in/deferred


but nothing is delivered...

[root at intranet postfix.in]# du -ks /var/spool/postfix/incoming
4       /var/spool/postfix/incoming

nothing in the logs...

Jun 23 11:19:58 intranet MailScanner[1934]: Using locktype = flock
Jun 23 11:20:08 intranet MailScanner[1942]: MailScanner E-Mail Virus
Scanner ver
sion 4.21-9 starting...
Jun 23 11:20:08 intranet MailScanner[1942]: Using locktype = flock
Jun 23 11:20:18 intranet MailScanner[1950]: MailScanner E-Mail Virus
Scanner ver
sion 4.21-9 starting...
Jun 23 11:20:18 intranet MailScanner[1950]: Using locktype = flock
Jun 23 11:20:28 intranet MailScanner[1965]: MailScanner E-Mail Virus
Scanner ver
sion 4.21-9 starting...
Jun 23 11:20:29 intranet MailScanner[1965]: Using locktype = flock

My /etc/postfix/main.cf is :
queue_directory = /var/spool/postfix

and my /etc/postfix/master.cf

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#       (yes)   (yes)   (yes)   (never) (50)
# ==========================================================================
#smtp     inet  n   -   n   -   -   smtpd
pickup    fifo  n   n   n   60  1   pickup
cleanup   unix  -   -   n   -   0   cleanup
qmgr      fifo  n   -   n   300 1   qmgr
rewrite   unix  -   -   n   -   -   trivial-rewrite
bounce    unix  -   -   n   -   0   bounce
defer     unix  -   -   n   -   0   bounce
#smtp     unix  -   -   n   -   -   smtp
showq     unix  n   -   n   -   -   showq
error     unix  -   -   n   -   -   error
local     unix  -   n   n   -   -   local
cyrus     unix  -   n   n   -   -   pipe
    flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
uucp      unix  -   n   n   -   -   pipe
    flags=F user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail    unix  -       n       n       -       -       pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
#bsmtp     unix  -       n       n       -       -       pipe
    flags=F. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient

Then, finally my /etc/MailScanner/MailScanner.conf

Max Children = 5
Run As User = postfix
Run As Group = postfix
Incoming Queue Dir = /var/spool/postfix.in/deferred
Outgoing Queue Dir = /var/spool/postfix/incoming
Incoming Work Dir = /var/spool/MailScanner/incoming
Quarantine Dir = /var/spool/MailScanner/quarantine
PID file = /var/run/MailScanner.pid
MTA = postfix
Sendmail = /usr/sbin/sendmail

Well, I m'in trouble... Why MailScanner don't take messages
from /var/spool/postfix.in/deferred ?

Any idea ?













On Sat, 21 Jun 2003 08:38:58 +0100, Julian Field
<mailscanner at ECS.SOTON.AC.UK> wrote:

>At 06:16 21/06/2003, you wrote:
>>Hi,
>>
>>Well, that may be the problem. How can I check that ? Anyway, if the
>>messages are not put in the outgoing queue, can they be delivered anyway ?
>
>Do a
>         du -ks /var/spool/postfix.in/deferred
>and
>         du -ks /var/spool/postfix/incoming
>and see where all the files are.
>
>>By looking into /var/spool/postfix and /var/spool/postfix.in, I've also
>>seen that I have in both a subdirectory (postfix-postfix.in)/deferred and
>>(postfix-postfix.in)/defer... Is it normal ? If I delete them, they are
>>created again when postfix starts...
>
>Yes, "defer" is different from "deferred".
>
>>I tried to replace in MailScanner.conf the line
>>Incoming Queue Dir = /var/spool/postfix.in/deferred
>>
>>by
>>
>>Incoming Queue Dir = /var/spool/postfix.in/defer
>
>I guarantee that won't work, that's why the install instructions tell you
>to use "deferred".
>
>>I think is it picking up the messages and then putting them in the
>>outgoing queue since
>
>since?
>
>
>>Sylvain MEDEOT
>>Ville de Pontoise
>>
>>On Fri, 20 Jun 2003 17:20:16 +0100, Julian Field
>><mailscanner at ECS.SOTON.AC.UK> wrote:
>>
>> >But is it actually picking up the messages and then putting them in the
>> >outgoing queue?
>> >Or is it leaving them in the incoming queue
>> >(/var/spool/postfix.in/deferred) and never collecting them?
>> >
>> >At 17:09 20/06/2003, you wrote:
>> >>Hi,
>> >>
>> >>I am setting up MailScanner on a Mandrake 7.2 mail server with
Postfix. I
>> >>followed step by step the installation procedure
>> >>(/etc/postfix, /etc/postfix.in, modifications of main.cf and
master.cf).
>> >>
>> >>This is not the first mail server I am protecting with MailScanner...
But
>> >>this is the oldest one since I had no problems with newest releases of
>> >>Mandrake...
>> >>
>> >>This server is running postfix-19991231_pl08-5mdk. After the
installation
>> >>of MailScanner (everything fine) with McAfee, I can send and receive
mails
>> >>as usually... But, the mails are never scanned...
>> >>
>> >>Nothing special in the logs :
>> >>Jun 20 17:51:19 intranet MailScanner[1182]: MailScanner E-Mail Virus
>> >>Scanner version 4.21-9 starting...
>> >>Jun 20 17:51:19 intranet MailScanner[1182]: Using locktype = flock
>> >>
>> >>If I try manually to run /var/lib/MailScanner/mcafee-wrapper
eicar.com, it
>> >>works... But the mails are never scanned !
>> >>
>> >>In fact, I am sure that this script is never called by MailScanner
since I
>> >>replaced it with a different one to trace what was really happening...
>> >>
>> >>Of course, /etc/MailScanner/MailScanner.conf includes the following
>>lines :
>> >>
>> >>Virus Scanning = yes
>> >>Virus Scanners = mcafee
>> >>
>> >>and /usr/lib/MailScanner/mcafee-wrapper is pointing to
>> >>
>> >>PackageDir=/usr/local/uvscan
>> >>prog=uvscan # `basename $0`
>> >>datDIR=$PackageDir
>> >>
>> >>ls /usr/local/uvscan -l gives the following :
>> >>
>> >>drwxr-xr-x    2 postfix  root         4096 jun 20 09:54 4272/
>> >>lrwxrwxrwx    1 postfix  root           14 jun 20 09:54 clean.dat ->
>> >>4272/clean.dat
>> >>-r--r--r--    1 postfix  root        10469 jun 20 09:17 contact.txt
>> >>-r--r--r--    1 postfix  root       466306 jun 20 09:17 e4240upg.pdf
>> >>lrwxrwxrwx    1 postfix  root           17 jun 20 09:54 internet.dat ->
>> >>4272/internet.dat
>> >>lrwxrwxrwx    1 postfix  root           15 jun 20 09:17 liblnxfv.so -
>> >> > ./liblnxfv.so.4*
>> >>-r-xr-xr-x    1 postfix  root      2593332 jun 20 09:17 liblnxfv.so.4*
>> >>-r--r--r--    1 postfix  root         1056 jun 20 09:17 license.dat
>> >>-r--r--r--    1 postfix  root         1705 jun 20 09:17 license.txt
>> >>-r--r--r--    1 postfix  root        37721 jun 20 09:17 messages.dat
>> >>lrwxrwxrwx    1 postfix  root           14 jun 20 09:54 names.dat ->
>> >>4272/names.dat
>> >>-r--r--r--    1 postfix  root        16222 jun 20 09:17 readme.txt
>> >>lrwxrwxrwx    1 postfix  root           13 jun 20 09:54 scan.dat ->
>> >>4272/scan.dat
>> >>-r--r--r--    1 postfix  root         5546 jun 20 09:17 signlic.txt
>> >>-r-xr-xr-x    1 postfix  root         6342 jun 20 09:18 uninstall-
uvscan*
>> >>-r-xr-xr-x    1 postfix  root       126711 jun 20 09:17 uvscan*
>> >>-r--r--r--    1 postfix  root        13385 jun 20 09:18 uvscan.1
>> >>
>> >>Any idea ?
>> >>
>> >>Many thanks in advance,
>> >>
>> >>Sylvain MEDEOT
>> >>Ville de Pontoise - France
>> >
>> >--
>> >Julian Field
>> >www.MailScanner.info
>> >MailScanner thanks transtec Computers for their support
>
>--
>Julian Field
>www.MailScanner.info
>Professional Support Services at www.MailScanner.biz
>MailScanner thanks transtec Computers for their support

More information about the MailScanner mailing list