Mail disaster - semi-new system

G. Armour Van Horn vanhorn at whidbey.com
Mon May 15 22:24:03 IST 2006 

I've been pulling my hair out for a couple of days, and decided that 
tracking down "the usual suspect" either isn't sufficient here, or I've 
been pulling out brains along with the hair.

Because one of my servers was compromised I had to rebuild it. I copied 
most of /usr /etc/ and /home to a second disk and installed Fedora Core 
5 on the primary disk. I got BIND and Apache running before I even 
started on mail, which in this case is 8.13.5.

With the firewall still turned on so no mail traffic was getting to the 
box, I downloaded and installed the current f-prot (manual rpm install) 
and clamav (yum install) RPMs, then downloaded MailScanner 4.53.8.

I had brought over most of my old MailScanner configuration files prior 
to installing MailScanner, but I went through most of MailScanner.conf 
to make sure things made sense, then started it up and disabled the 
firewall.

I had to edit the Sendmail config that keeps you from receiving mail 
from outside, of course.

At this point, no mail is coming in to the local mail spool. The files 
that are sitting there from last week have been carefully set to the 
correct ownership (username:mail) but nothing is being added to them. 
Mail to users who don't currently have files in /var/spool/mail do not 
result in new files being created.

the maillog is getting lots of entries like this one:
May 15 14:16:22 verbose sendmail[9479]: k4FLCHkZ009386: 
to=<r_james at in-tel-a-choice.com>, delay=00:04:04, xdelay=00:00:00, 
mailer=local, pri=216546, dsn=4.0.0, stat=Deferred: local mailer 
(/usr/bin/procmail) exited with EX_TEMPFAIL

The error appears to be the same whether the user is one of those that 
has a file in /var/spool/mail or not.

Procmail is running, apparently, and is version 3.22. I can find no 
trace of a procmail log, nor have I been able to learn how to enable 
procmail logging. (Everything I come up with talks about how to control 
a user's personal procmail log, not a global/system one.)

At one point I was getting errors from clamav that there was no user 
clamav (the installer had ignored that and proceeded as root). I finally 
removed clamav from the MailScanner.conf list of virus scanners. At 
least that eliminated those log entries.

The natives are getting restless, and I'm frustrated beyond measure. I'm 
sure there's some obvious step I've ommitted and am hoping that one of 
you can tell me just how stupid I am - preferrably while telling me what 
the ommitted step should have been!

Van

-- 
----------------------------------------------------------
Sign up now for Quotes of the Day, a handful of quotations
on a theme delivered every morning.
Enlightenment! Daily, for free! 
mailto:twisted at whidbey.com?subject=Subscribe_QOTD

For photography, web design, hosting, and maintenance, 
visit Van's home page: http://www.domainvanhorn.com/van/
-----------------------------------------------------------

More information about the MailScanner mailing list