getting Mailscanner to work with Mailwatch/Postfix

[John Baker]

Hi all,

I've been trying to get Mailscanner set up to work so that postfix and 
Mailwatch will cooperate and ran into a confusing permission issue.

You'd think this one would have been addressed here before but I could 
not find an answer in the archives.

I seemed as thought the logical way to work around Mailwatch's desire to 
write to the quarantine as root was to join the postfix user to apache 
www-data group and give that group ownership of the quarantine.

So I did that and went with the recommended 0660 permissions. But 
Mailscanner started throwing "cannot write to directory 
/var/spool/MailScanner/quarantine"

I switched everything in the configuration back but found that the 
errors were still being thrown. I had noticed while setting up that the 
default permission for the que was 755 and had changed it to the fit the 
0660 permissions in the mailscanner.con file. I finally added +x and 
then it seemed to work. So it appears as though despite the numbers in 
permissions in the mailscanner.conf file it need +x on the owner, and 
then presumably group if not the same as owner. Why does it need execute 
permission? Or I'm I missing something else?

Does anybody have a successful and secure mailscanner/postfix/mailwatch 
recipe they can share?

Thanks
-- 
John Baker
Network Systems Administrator
Marlboro College
Phone: 451-7551 off campus; 551 on campus