Mailscanner quarantine permissions for Mailwatc h

Mon Apr 5 18:44:52 IST 2004

I will try the patch out tomorrow.

Thanks,

Sam

-----Original Message-----
From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
Sent: 05 April 2004 17:55
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Mailscanner quarantine permissions for Mailwatc h

I would appreciate it a few other people could check the patch to ensure it
doesn't cause any problems elsewhere.

At 17:01 05/04/2004, you wrote:
>I do not need to change the group of the work dir for my setup.  But
>you are correct - for the patch to be complete, it should do the same
>thing for the incoming work group as well.
>
>I honestly don't fully understand what the perl code is doing, which is
>why I wanted you to take a look.  Doing some debugging, I ran the "id"
>command from within MailScanner.  I found that if I specified an exim
>user and group, those were the only ones that would show up if I ran
>"id" from within Quarantine.pm where it sees if it can successfully
>change the group and user of the quarantine files.  I so I tried
>different things not completely understanding what it is doing, but got
>it so that the "id" command would start showing the group that I
>specified for quarantine files in MailScanner.conf.  And then
>MailScanner was able to change the group of those files.
>
>I was hoping someone else would be able to see if the code is correct,
>or if it may have some unintentional side effects.  To make the patch
>complete, we probably need to do the same thing for the incoming work
>group.  Would you like me to try to work a patch up that does both?
>
>Jason
>
>-----Original Message-----
>From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK]
>Sent: Monday, April 05, 2004 11:41 AM
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: Re: [MAILSCANNER] Mailscanner quarantine permissions for
>Mailwatc h
>
>
>Why does your patch only read quarantinegroup? Surely it should handle
>the work dir group as well. Just trying to confirm that it does what
>you intended, and does the whole job.
>
>At 16:34 05/04/2004, you wrote:
> >Try this patch - I sent it to this list recently.  But I don't know
> >if it will be accepted or not.
> >
> >Julian, can you take a look and see if this will cause problems for
> >people running MailScanner as root?  It seems to fix this issue for
> >me running exim, and I know of another user who runs postfix and it
> >also fixed the issue for him.  I had the exim user in the apache
> >group, but MailScanner would not change the group unless I had this
> >patch in there too.
> >
> >Jason
> >
> >-----Original Message-----
> >From: Samuel Luxford-Watts [mailto:slwatts at WINCKWORTHS.CO.UK]
> >Sent: Monday, April 05, 2004 11:27 AM
> >To: MAILSCANNER at JISCMAIL.AC.UK
> >Subject: [MAILSCANNER] Mailscanner quarantine permissions for
> >Mailwatch
> >
> >Hi All,
> >
> >I think this is more a mailscanner issue than mailwatch hence the
> >posting here. I am having trouble getting mailscanner to save files
> >in /var/spool/MailScanner/quarantine with the correct user:group. In
> >/etc/MailScanner/MailScanner.conf I have set:
> >
> >Quarantine User = postfix
> >Quarantine Group = www
> >Quarantine Permissions = 0660
> >Incoming Work User = postfix
> >Incoming Work Group = www
> >Incoming Work Permissions = 0600
> >Run As User = postfix
> >Run As Group = postfix
> >
> >However when I run MailScanner it always saves files into the
> >quarantine dir owed by postfix:postfix. I am running Mailscanner V
> >4.28.6, Suse 8.1 and Postfix.
> >
> >In MailScanner.conf it does say that it may not be able to chown to
> >another user if it is not run as root. Are there any problems running
> >MailScanner as root? I generally do not like running services as root
> >and if I can chown a file quite happily using the postfix user why
> >cant Mailscanner?
> >
> >Am I missing something obvious?
> >
> >Sam
> >
> >
> >Winckworth Sherwood Solicitors and Parliamentary Agents
> >DX 148400 WESTMINSTER 5 : 35 Great Peter Street, London SW1P 3LR
> >Telephone 020 7593 5000 Fax 020 7593 5099
> >
> >Confidentiality
> >This email message and any attachments are confidential; they may be
> >subject to legal professional privilege and are intended for the
> >named recipient only. If you are not the named recipient, please
> >return the message and enclosures immediately and delete them from
> >your system.
> >
> >Caution
> >Before advice received only by email (whether by attachment or
> >otherwise) may be relied on, the authenticity of the communication
> >must be verified by means independent of email.
> >
> >Regulation
> >The firm is regulated by the Law Society.
> >
> >Partners
> >A list of partners is available for inspection at each office of the
> >firm and on the firm's website at
> ><http://www.winckworths.co.uk>www.winckworths.co.uk
> >
>
>--
>Julian Field
>www.MailScanner.info
>MailScanner thanks transtec Computers for their support
>
>PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz MailScanner thanks
transtec Computers for their support PGP footprint: EE81 D763 3DB0 0BFD E1DC
7222 11F6 5947 1415 B654

--------------
Winckworth Sherwood Solicitors and Parliamentary Agents
DX 148400 WESTMINSTER 5 : 35 Great Peter Street, London SW1P 3LR
Telephone 020 7593 5000 Fax 020 7593 5099

-Confidentiality-
This email message and any attachments are confidential; they may be subject to legal professional privilege and are intended for the named recipient only. If you are not the named recipient, please return the message and enclosures immediately and delete them from your system.

-Caution-
Before advice received only by email (whether by attachment or otherwise) may be relied on, the authenticity of the communication must be verified by means independent of email.

-Regulation-
The firm is regulated by the Law Society.

-Partners-
A list of partners is available for inspection at each office of the firm and on the firm's website at http://www.winckworths.co.uk