Mail disaster - semi-new system

[Mike Kercher]

Could this be an SELinux issue?  Anyone?
 
Mike
 


________________________________

	From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of G.
Armour Van Horn
	Sent: Monday, May 15, 2006 5:09 PM
	To: MailScanner discussion
	Subject: Re: Mail disaster - semi-new system
	
	
	Mike Kercher wrote: 

		mailscanner-bounces at lists.mailscanner.info <> scribbled
on :
		
		  

			I've been pulling my hair out for a couple of
days, and
			decided that tracking down "the usual suspect"
either isn't
			sufficient here, or I've been pulling out brains
along with the hair.
			
			Because one of my servers was compromised I had
to rebuild
			it. I copied most of /usr /etc/ and /home to a
second disk
			and installed Fedora Core
			5 on the primary disk. I got BIND and Apache
running before I
			even started on mail, which in this case is
8.13.5.
			
			With the firewall still turned on so no mail
traffic was
			getting to the box, I downloaded and installed
the current
			f-prot (manual rpm install) and clamav (yum
install) RPMs,
			then downloaded MailScanner 4.53.8.
			
			I had brought over most of my old MailScanner
configuration
			files prior to installing MailScanner, but I
went through
			most of MailScanner.conf to make sure things
made sense, then
			started it up and disabled the firewall.
			
			I had to edit the Sendmail config that keeps you
from
			receiving mail from outside, of course.
			
			At this point, no mail is coming in to the local
mail spool.
			The files that are sitting there from last week
have been
			carefully set to the correct ownership
(username:mail) but
			nothing is being added to them.
			Mail to users who don't currently have files in
			/var/spool/mail do not result in new files being
created.
			
			the maillog is getting lots of entries like this
one:
			May 15 14:16:22 verbose sendmail[9479]:
k4FLCHkZ009386:
			to=<r_james at in-tel-a-choice.com>
<mailto:r_james at in-tel-a-choice.com> , delay=00:04:04,
			xdelay=00:00:00, mailer=local, pri=216546,
dsn=4.0.0,
			stat=Deferred: local mailer
			(/usr/bin/procmail) exited with EX_TEMPFAIL
			
			The error appears to be the same whether the
user is one of
			those that has a file in /var/spool/mail or not.
			
			Procmail is running, apparently, and is version
3.22. I can
			find no trace of a procmail log, nor have I been
able to
			learn how to enable procmail logging.
(Everything I come up
			with talks about how to control a user's
personal procmail
			log, not a global/system one.)
			
			At one point I was getting errors from clamav
that there was
			no user clamav (the installer had ignored that
and proceeded
			as root). I finally removed clamav from the
MailScanner.conf
			list of virus scanners. At least that eliminated
those log entries.
			
			The natives are getting restless, and I'm
frustrated beyond
			measure. I'm sure there's some obvious step I've
ommitted and
			am hoping that one of you can tell me just how
stupid I am -
			preferrably while telling me what the ommitted
step should have been!
			
			Van
			    

		
		Also, give me the output of:
		
		grep procmail /etc/mail/sendmail.mc
		
		Mike
		  

	[root at verbose mail]# grep procmail /etc/mail/sendmail.mc
	define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
	FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
	MAILER(procmail)dnl
	
	
	
	
	-- 
	----------------------------------------------------------
	Sign up now for Quotes of the Day, a handful of quotations
	on a theme delivered every morning.
	Enlightenment! Daily, for free! 
	mailto:twisted at whidbey.com?subject=Subscribe_QOTD
	
	For photography, web design, hosting, and maintenance, 
	visit Van's home page: http://www.domainvanhorn.com/van/
	-----------------------------------------------------------