Mailscanner quarantine permissions for Mailwatc h

Julian Field mailscanner at ecs.soton.ac.uk
Mon Apr 5 17:55:18 IST 2004


I would appreciate it a few other people could check the patch to ensure it
doesn't cause any problems elsewhere.

At 17:01 05/04/2004, you wrote:
>I do not need to change the group of the work dir for my setup.  But you are
>correct - for the patch to be complete, it should do the same thing for the
>incoming work group as well.
>
>I honestly don't fully understand what the perl code is doing, which is why
>I wanted you to take a look.  Doing some debugging, I ran the "id" command
>from within MailScanner.  I found that if I specified an exim user and
>group, those were the only ones that would show up if I ran "id" from within
>Quarantine.pm where it sees if it can successfully change the group and user
>of the quarantine files.  I so I tried different things not completely
>understanding what it is doing, but got it so that the "id" command would
>start showing the group that I specified for quarantine files in
>MailScanner.conf.  And then MailScanner was able to change the group of
>those files.
>
>I was hoping someone else would be able to see if the code is correct, or if
>it may have some unintentional side effects.  To make the patch complete, we
>probably need to do the same thing for the incoming work group.  Would you
>like me to try to work a patch up that does both?
>
>Jason
>
>-----Original Message-----
>From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
>Sent: Monday, April 05, 2004 11:41 AM
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: Re: [MAILSCANNER] Mailscanner quarantine permissions for Mailwatc h
>
>
>Why does your patch only read quarantinegroup? Surely it should handle the
>work dir group as well.
>Just trying to confirm that it does what you intended, and does the whole
>job.
>
>At 16:34 05/04/2004, you wrote:
> >Try this patch - I sent it to this list recently.  But I don't know if it
> >will be accepted or not.
> >
> >Julian, can you take a look and see if this will cause problems for people
> >running MailScanner as root?  It seems to fix this issue for me running
> >exim, and I know of another user who runs postfix and it also fixed the
> >issue for him.  I had the exim user in the apache group, but MailScanner
> >would not change the group unless I had this patch in there too.
> >
> >Jason
> >
> >-----Original Message-----
> >From: Samuel Luxford-Watts [mailto:slwatts at WINCKWORTHS.CO.UK]
> >Sent: Monday, April 05, 2004 11:27 AM
> >To: MAILSCANNER at JISCMAIL.AC.UK
> >Subject: [MAILSCANNER] Mailscanner quarantine permissions for Mailwatch
> >
> >Hi All,
> >
> >I think this is more a mailscanner issue than mailwatch hence the posting
> >here. I am having trouble getting mailscanner to save files in
> >/var/spool/MailScanner/quarantine with the correct user:group. In
> >/etc/MailScanner/MailScanner.conf I have set:
> >
> >Quarantine User = postfix
> >Quarantine Group = www
> >Quarantine Permissions = 0660
> >Incoming Work User = postfix
> >Incoming Work Group = www
> >Incoming Work Permissions = 0600
> >Run As User = postfix
> >Run As Group = postfix
> >
> >However when I run MailScanner it always saves files into the quarantine
> >dir owed by postfix:postfix. I am running Mailscanner V 4.28.6, Suse 8.1
> >and Postfix.
> >
> >In MailScanner.conf it does say that it may not be able to chown to
> >another user if it is not run as root. Are there any problems running
> >MailScanner as root? I generally do not like running services as root and
> >if I can chown a file quite happily using the postfix user why cant
> >Mailscanner?
> >
> >Am I missing something obvious?
> >
> >Sam
> >
> >
> >Winckworth Sherwood Solicitors and Parliamentary Agents
> >DX 148400 WESTMINSTER 5 : 35 Great Peter Street, London SW1P 3LR Telephone
> >020 7593 5000 Fax 020 7593 5099
> >
> >Confidentiality
> >This email message and any attachments are confidential; they may be
> >subject to legal professional privilege and are intended for the named
> >recipient only. If you are not the named recipient, please return the
> >message and enclosures immediately and delete them from your system.
> >
> >Caution
> >Before advice received only by email (whether by attachment or otherwise)
> >may be relied on, the authenticity of the communication must be verified
> >by means independent of email.
> >
> >Regulation
> >The firm is regulated by the Law Society.
> >
> >Partners
> >A list of partners is available for inspection at each office of the firm
> >and on the firm's website at
> ><http://www.winckworths.co.uk>www.winckworths.co.uk
> >
>
>--
>Julian Field
>www.MailScanner.info
>MailScanner thanks transtec Computers for their support
>
>PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654



More information about the MailScanner mailing list