Clamd and problems with some TNEF attachments.

Scott Silva ssilva at sgvwater.com
Thu Mar 13 16:25:26 GMT 2008 

on 3-12-2008 5:23 PM Jim Barber spake the following:
> Hi.
> 
> I've hi-jacked a thread?
> Sorry, I don't know what you mean?
> I checked the mailing lists for a similar problem before I posted and 
> saw no related topic.
> 
> Sorry for the delay in responding.
> I suspect I'm way out of sync with you guys regarding time zones hence 
> why I haven't responded to your question yet Julian.
> I sent this off towards the end of work yesterday and I'm back in now 
> this morning.
> 
> Anyway, I'll try to explain as much as I can about the permissions side 
> of things and see if you spot any problems.
> 
> I'm using the exim4 (v4.69-2) package in Debian.
> The configuration has been modified to have an incoming and outgoing 
> queue so that MailScanner can intercept the emails.
> Exim4 runs under a user name called "Debian-exim" who is a member of a 
> groups that is also called "Debian-exim".
> 
> The clamd process runs under a user called "clamav" who is also a member 
> of the "clamav" group.
> I've also added this user to the "Debian-exim" group:
> 
>     $ groups clamav
>     clamav : clamav Debian-exim
> 
> The permissions on the /var/spool/MailScanner/incoming/ directory is as 
> follows:
> 
>     drwxr-x---  4 Debian-exim Debian-exim  100 2008-03-13 09:13 
> /var/spool/MailScanner/incoming/
> 
> Under here a directory is created with the PID of MailScanner, and at 
> the moment it looks as follows:
> 
>     drwxr-x--- 2 Debian-exim Debian-exim     40 2008-03-13 09:13 21152/
> 
> If I do a 'ls -lR' on this directory and catch a message in transit I 
> see permissions like so:
> 
>     # ls -lR 21152/
>     21152/:
>     total 80
>     drwxr-x--- 2 Debian-exim Debian-exim    80 2008-03-13 09:14 
> 1JZb5m-0001MG-06/
>     -rw-r----- 1 Debian-exim Debian-exim   870 2008-03-13 09:14 
> 1JZb5m-0001MG-06.header
>     -rw-rw---- 1 Debian-exim Debian-exim 65713 2008-03-13 09:14 
> 1JZb5m-0001MG-06.message
> 
>     21152/1JZb5m-0001MG-06:
>     total 64
>     -rw-r----- 1 Debian-exim Debian-exim  7061 2008-03-13 09:14 
> msg-21152-127.txt
>     -rw-r----- 1 Debian-exim Debian-exim 53896 2008-03-13 09:14 
> msg-21152-128.html
> 
> Here are the settings that I think may be relevant from the 
> MailScanner.conf file:
> 
>     Run As User = Debian-exim
>     Run As Group = Debian-exim
>     Incoming Queue Dir = /var/spool/exim4_incoming/input
>     Outgoing Queue Dir = /var/spool/exim4/input
>     Incoming Work Dir = /var/spool/MailScanner/incoming
>     MTA = exim
>     Sendmail = /usr/sbin/exim4 -DOUTGOING
>     Sendmail2 = /usr/sbin/exim4 -DOUTGOING
>     Incoming Work User =
>     Incoming Work Group =
>     Incoming Work Permissions = 0640
Try 0770 here for a test so the group can have a little more room in working 
with the files
> 
> As far as I can tell this should be okay since the clamav user is part 
> of the Debian-exim group?
> It seems to be scanning everything else okay?
> 
> Thanks.

-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20080313/70b99c42/signature.bin

More information about the MailScanner mailing list