eTrust Wrapper + Postfix + Mailscanner

Julian Field mailscanner at ecs.soton.ac.uk
Wed Apr 7 15:05:40 IST 2004 

At 23:53 05/04/2004, you wrote:
>yep, more posts on this. ^__^
>
>Okay, here's what I've got so far. Using the original eTrust Wrapper
>and what have you, I couldn't get eTrust working. I got MailScanner
>working with PostFix by setting the "Run as User" and "Run as Group" in
>the MailScanner.conf to "Postfix." However, eTrust wasn't scanning. I
>messed around with little bit, posted questions, did some research, what
>have you. Found a FAQ on Mailscanner.info but it didn't help me. So, I
>was messing around again and I changed the "Run as User" and "Run as
>Group" to "Root" instead of "Postfix." Now, eTrust is scanning the email
>messages for viruses and are actually finding them now. As we all know
>already, eTrust requires you to call the command-line scanner as "root"
>in order to be able to scan. So, I got it to scan. Now one problem.
>Postfix is no longer sending mail outbound. I get the following error
>message in /var/log/mail.log file:
>
>postfix/master[1774]: warning: process /usr/lib/postfix/qmgr pid 2350
>exit status 1
>postfix/master[1774]: warning: /usr/lib/postfix/qmgr: bad command
>startup -- throttling
>postfix/qmgr[2355]: fatal: qmgr_move: update active/8/839D22E3FA time
>stamps: Operation not permitted
>
>So...I'm guessing it has something to do with the "postfix" user/group
>object or what have you. I'm not sure if its a right issu, as the
>/usr/lib/postfix is owned by the root user object and when I checked,
>the user/group does have the EXEC right.
>
>So, I guess my main questions is, "Exactly what is 'Run as User' and
>'Run as Group' do? What are they for?"
>
>Also, anybody know how I can get around this? Perhaps, get Postfix
>working using the Root user object? Is it bad to be running as Root? I'm
>guessing it could be potentially bad as if a hacker got in, it'd have
>root access to everything and be able to do some pretty nifty stuff.
>Just trying to figure this eTrust stuff out, any suggestions, advice,
>tips, or whatever is definitely appreciated. Thanx in advance and sorry
>for the long post.

Before you start running it as postfix, remove any eTrust lock files from
/tmp, and make sure the postfix user can read and write to the
/var/spool/MailScanner/incoming and quarantine directories.
--
Julian Field
www.MailScanner.info
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

More information about the MailScanner mailing list