eTrust Wrapper + Postfix + Mailscanner
Howard Yuan
Howard.Yuan at VALENCE.COM
Mon Apr 5 23:53:54 IST 2004
yep, more posts on this. ^__^
Okay, here's what I've got so far. Using the original eTrust Wrapper
and what have you, I couldn't get eTrust working. I got MailScanner
working with PostFix by setting the "Run as User" and "Run as Group" in
the MailScanner.conf to "Postfix." However, eTrust wasn't scanning. I
messed around with little bit, posted questions, did some research, what
have you. Found a FAQ on Mailscanner.info but it didn't help me. So, I
was messing around again and I changed the "Run as User" and "Run as
Group" to "Root" instead of "Postfix." Now, eTrust is scanning the email
messages for viruses and are actually finding them now. As we all know
already, eTrust requires you to call the command-line scanner as "root"
in order to be able to scan. So, I got it to scan. Now one problem.
Postfix is no longer sending mail outbound. I get the following error
message in /var/log/mail.log file:
postfix/master[1774]: warning: process /usr/lib/postfix/qmgr pid 2350
exit status 1
postfix/master[1774]: warning: /usr/lib/postfix/qmgr: bad command
startup -- throttling
postfix/qmgr[2355]: fatal: qmgr_move: update active/8/839D22E3FA time
stamps: Operation not permitted
So...I'm guessing it has something to do with the "postfix" user/group
object or what have you. I'm not sure if its a right issu, as the
/usr/lib/postfix is owned by the root user object and when I checked,
the user/group does have the EXEC right.
So, I guess my main questions is, "Exactly what is 'Run as User' and
'Run as Group' do? What are they for?"
Also, anybody know how I can get around this? Perhaps, get Postfix
working using the Root user object? Is it bad to be running as Root? I'm
guessing it could be potentially bad as if a hacker got in, it'd have
root access to everything and be able to do some pretty nifty stuff.
Just trying to figure this eTrust stuff out, any suggestions, advice,
tips, or whatever is definitely appreciated. Thanx in advance and sorry
for the long post.
Howard
More information about the MailScanner
mailing list