Reloading MS service via email?

Wed Mar 24 09:00:27 GMT 2004

The problem with doping it automatically when a mail is received is that it doesn't scale well and it becomes very easy to DOS your  server.  Sending a mail causing a HUP a couple of times a minute would pretty quickly stop any mail from getting processed at all.   Much better to just do it periodically, even maybe craft an auto-reply to the message that says 'your request has been processed, changes will be effective from <time>'

However, if you do use sudo its worth noting that sudo can be configured to restrict the exact commandline not just the program name, so you could give the mail user only permission to run 'pkill -HUP MailScanner' for example.

Depending on how many settings you need to access a better solution may be to use a custom config function to look up the blacklist values in a database, and just have your scripts update the database.  This would probably scale better, and avoids the DOS risk.

-----Original Message-----
From: Max Kipness [mailto:mkipness at GENIANT.COM]
Sent: 23 March 2004 22:15
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Reloading MS service via email?

I dont' like this method because if a user is looking to whitelist someone quick, they need to wait for an hour. If I was going to go this route, I would create a script that reloads MS every 5 minutes, but only after it reads the white and blacklist and verifies that there are additions to the files.

Max

  _____  

From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Alex Neuman
Sent: Tuesday, March 23, 2004 4:10 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Reloading MS service via email?

Even better idea... thanks!

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Derek Winkler
Sent: Tuesday, March 23, 2004 4:36 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Reloading MS service via email?

I just lowered my MailScanner restarts to an hour and took users it can take an hour or two to take effect.

See Restart Every in config file.

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On Behalf Of Alex Neuman
Sent: Tuesday, March 23, 2004 4:35 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Reloading MS service via email?

You could always set up a cronjob to killall -HUP MailScanner every other hour, for example. Settings would be reloaded, wouldn't they?

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Max Kipness
Sent: Tuesday, March 23, 2004 3:11 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Reloading MS service via email?

I've got my scripts pretty much ironed out so that a user can simply forward a spam message to an email address, have the spam email added to the blacklist and then sent a confirmation. What I'd like to also do is have the script reload the MailScanner service. Since this is being done via the user 'mail', can anyone give me some tips on the best way to accomplish this. So far I'm thinking of using SUDO to allow 'mail' to run 'kill' and /etc/init.d/MailScanner? Is there a better and/or more secure way?

Thanks,
Max

BMRB International 
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_________________________________________________________________
This message (and any attachment) is intended only for the 
recipient and may contain confidential and/or privileged 
material.  If you have received this in error, please contact the 
sender and delete this message immediately.  Disclosure, copying 
or other action taken in respect of this email or in 
reliance on it is prohibited.  BMRB International Limited 
accepts no liability in relation to any personal emails, or 
content of any email which does not directly relate to our 
business.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20040324/58d888c1/attachment.html