Mail disaster - semi-new system
G. Armour Van Horn
vanhorn at whidbey.com
Tue May 16 05:16:32 IST 2006
Bingo! Set SELinux to disabled, restarted, and eventually the machine
restarted and processed all the backed up mail in thirty seconds.
(Eventually because the machine was unable to run X due to an install
error and I hadn't changed the default runlevel to 3, so I had to drive
fifteen miles to get to the console and get it running again.)
Perhaps in a year or so I'll dig into SELinux enough to try again, for
now I'm comfortable with the current security level. The firewall allows
exactly what I want to come through (though obviously that includes
things that could be used to attack the machine - as long as I'm not on
the same local network I have to allow enough access for myself to
administer the thing), and everything is now completely up to date.
Thanks a lot for your astute observation. I wish I'd asked a day earlier!
Van
Mike Kercher wrote:
>Could this be an SELinux issue? Anyone?
>
>Mike
>
>
>
>________________________________
>
> From: mailscanner-bounces at lists.mailscanner.info
>[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of G.
>Armour Van Horn
> Sent: Monday, May 15, 2006 5:09 PM
> To: MailScanner discussion
> Subject: Re: Mail disaster - semi-new system
>
>
> Mike Kercher wrote:
>
> mailscanner-bounces at lists.mailscanner.info <> scribbled
>on :
>
>
>
> I've been pulling my hair out for a couple of
>days, and
> decided that tracking down "the usual suspect"
>either isn't
> sufficient here, or I've been pulling out brains
>along with the hair.
>
> Because one of my servers was compromised I had
>to rebuild
> it. I copied most of /usr /etc/ and /home to a
>second disk
> and installed Fedora Core
> 5 on the primary disk. I got BIND and Apache
>running before I
> even started on mail, which in this case is
>8.13.5.
>
> With the firewall still turned on so no mail
>traffic was
> getting to the box, I downloaded and installed
>the current
> f-prot (manual rpm install) and clamav (yum
>install) RPMs,
> then downloaded MailScanner 4.53.8.
>
> I had brought over most of my old MailScanner
>configuration
> files prior to installing MailScanner, but I
>went through
> most of MailScanner.conf to make sure things
>made sense, then
> started it up and disabled the firewall.
>
> I had to edit the Sendmail config that keeps you
>from
> receiving mail from outside, of course.
>
> At this point, no mail is coming in to the local
>mail spool.
> The files that are sitting there from last week
>have been
> carefully set to the correct ownership
>(username:mail) but
> nothing is being added to them.
> Mail to users who don't currently have files in
> /var/spool/mail do not result in new files being
>created.
>
> the maillog is getting lots of entries like this
>one:
> May 15 14:16:22 verbose sendmail[9479]:
>k4FLCHkZ009386:
> to=<r_james at in-tel-a-choice.com>
><mailto:r_james at in-tel-a-choice.com> , delay=00:04:04,
> xdelay=00:00:00, mailer=local, pri=216546,
>dsn=4.0.0,
> stat=Deferred: local mailer
> (/usr/bin/procmail) exited with EX_TEMPFAIL
>
> The error appears to be the same whether the
>user is one of
> those that has a file in /var/spool/mail or not.
>
> Procmail is running, apparently, and is version
>3.22. I can
> find no trace of a procmail log, nor have I been
>able to
> learn how to enable procmail logging.
>(Everything I come up
> with talks about how to control a user's
>personal procmail
> log, not a global/system one.)
>
> At one point I was getting errors from clamav
>that there was
> no user clamav (the installer had ignored that
>and proceeded
> as root). I finally removed clamav from the
>MailScanner.conf
> list of virus scanners. At least that eliminated
>those log entries.
>
> The natives are getting restless, and I'm
>frustrated beyond
> measure. I'm sure there's some obvious step I've
>ommitted and
> am hoping that one of you can tell me just how
>stupid I am -
> preferrably while telling me what the ommitted
>step should have been!
>
> Van
>
>
>
> Also, give me the output of:
>
> grep procmail /etc/mail/sendmail.mc
>
> Mike
>
>
> [root at verbose mail]# grep procmail /etc/mail/sendmail.mc
> define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
> FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
> MAILER(procmail)dnl
>
>
>
>
> --
> ----------------------------------------------------------
> Sign up now for Quotes of the Day, a handful of quotations
> on a theme delivered every morning.
> Enlightenment! Daily, for free!
> mailto:twisted at whidbey.com?subject=Subscribe_QOTD
>
> For photography, web design, hosting, and maintenance,
> visit Van's home page: http://www.domainvanhorn.com/van/
> -----------------------------------------------------------
>
>
>
--
----------------------------------------------------------
Sign up now for Quotes of the Day, a handful of quotations
on a theme delivered every morning.
Enlightenment! Daily, for free!
mailto:twisted at whidbey.com?subject=Subscribe_QOTD
For photography, web design, hosting, and maintenance,
visit Van's home page: http://www.domainvanhorn.com/van/
-----------------------------------------------------------
More information about the MailScanner
mailing list