sendmail changing messages after MailScanner finishes...

[John Goggan]

Julian Field wrote:
>
> Are the files in /var/spool/mqueue set to rw-rw----? If not, then
> what?

Sendmail picks up the messages from port 25 and puts them in mqueue.in.  In
there, they are rw-------.  MailScanner then picks them up from mqueue.in,
scans them (with SpamAssassin also -- so every message gets tagged even if
clean with at least the SpamAssassin tag), and then puts them back in mqueue.
When it puts them there, they are rw-rw-rw-.

> Are *all* the files in /var/spool/mqueue 666? Or are ones that were
> infected 600?

Well, all my files get touched because I am having MailScanner (with
SpamAssassin) add the X-MailScanner and X-MailScanner-SpamCheck tags.  But,
that being said, ALL of the qf files are 666 -- and the df files are 600.

> What are the permissions on all the files in /var/spool/mqueue.in?

They are all 600 all the time.

> As you see from below, MailScanner sets its own umask to give 600
> files, specifically to stop problems like this.

Indeed.  I'm not quite sure why this is happening.  And, unfortunately, I
don't know if it was happening before I upgraded sendmail.  I also upgraded
SpamAssassin to 2.50 (from 2.33, I believe) during this timeperiod.  So, I'm
not sure if sendmail didn't care with the old version -- or if something in
the way the new SpamAssassin scans is changing something.  I didn't change the
MailScanner configuration at all -- so I assume it is invoking the newer
version of SA in the same way.

A little later this afternoon, I will have some time and will try rolling back
my sendmail to 8.11.x -- just to see if it is the new sendmail ignoring a
"problem" with permissions that has always been there for me -- or if it also
does the same thing and rejects them (in which case it is more likely related
to my upgraded of SA)...

 - John...