sendmail changing messages after MailScanner finishes...

[Julian Field]

At 15:37 07/03/2003, you wrote:
>Julian Field wrote:
> >
> > Are the files in /var/spool/mqueue set to rw-rw----? If not, then
> > what?
>
>Sendmail picks up the messages from port 25 and puts them in mqueue.in.  In
>there, they are rw-------.  MailScanner then picks them up from mqueue.in,
>scans them (with SpamAssassin also -- so every message gets tagged even if
>clean with at least the SpamAssassin tag), and then puts them back in mqueue.
>When it puts them there, they are rw-rw-rw-.
>
> > Are *all* the files in /var/spool/mqueue 666? Or are ones that were
> > infected 600?
>
>Well, all my files get touched because I am having MailScanner (with
>SpamAssassin) add the X-MailScanner and X-MailScanner-SpamCheck tags.  But,
>that being said, ALL of the qf files are 666 -- and the df files are 600.
>
> > What are the permissions on all the files in /var/spool/mqueue.in?
>
>They are all 600 all the time.
>
> > As you see from below, MailScanner sets its own umask to give 600
> > files, specifically to stop problems like this.

Try applying this patch to SMDiskStore.pm. It sets the umask again just
before writing the files.

--- SMDiskStore.pm.old  Fri Mar  7 16:14:58 2003
+++ SMDiskStore.pm      Fri Mar  7 16:17:05 2003
@@ -232,6 +232,7 @@
    $hfile = $Outq . '/' . $this->{hname};
    #print STDERR "tfile = $tfile and hfile = $hfile\n";

+  umask 0077; # Add this to try to stop 0666 qf files
    $Tf = new FileHandle;
    MailScanner::Lock::openlock($Tf, ">$tfile", "w")
      or MailScanner::Log::DieLog("Cannot create + lock clean tempfile %s, %s",
@@ -300,6 +301,7 @@

    #print STDERR "Writing MIME body of \"$id\" to $dfile\n";

+  umask 0077; # Add this to try to stop 0666 df files
    $Df = new FileHandle;
    MailScanner::Lock::openlock($Df, ">$dfile", "w")
      or MailScanner::Log::DieLog("Cannot create + lock clean body %s, %s",

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support