getting Mailscanner to work with Mailwatch/Postfix

John Baker johnnyb at marlboro.edu
Mon Mar 17 17:10:27 GMT 2008


I did indeed forget that you need to execute bit on for a process to 
create a directory. Hey, its been a while since Unix 101. :)

But the source of confusion here for me as much as the Mailwatch wiki 
,which I did take the directions from, is that the default 
Mailscanner.conf file has Quarantine Permissions = 0600 leading one to 
believe that the execute bit is not necessary. This is in the 
Mailscanner book as well.

What is the function of this line in the file? It seems to be ignored by 
   the actual process.

Glenn Steen wrote:
> On 17/03/2008, Julian Field <MailScanner at ecs.soton.ac.uk> wrote:
>> If someone can fix this one for John, please can you put it in the Wiki
>>  if it isn't already there?
>>  Thanks folks!
>>  Jules.
> 
> AFAICS there is no need for this to be in the Wiki, since it seems to
> me that John has done a few "faux pas"...:-):
> -For a process to be able to create a directory you need hold the
> execute bit for the directory in which the new directory is created.
> Unix 101.
> - John might have mistakenly changed the _owner_ of the top quarantine
> directory to root. This is wrong for most postfix installations.
> 
> Leads me to thing He's been following some other docs than the ones
> already in the MS wiki.
> If one is to change any Wiki information I'd hazard it'd be best to
> change the MW one.
> Cheers
> -- Glenn
> 
>>  John Baker wrote:
>>  > Hi all,
>>  >
>>  > I've been trying to get Mailscanner set up to work so that postfix and
>>  > Mailwatch will cooperate and ran into a confusing permission issue.
>>  >
>>  > You'd think this one would have been addressed here before but I could
>>  > not find an answer in the archives.
>>  >
>>  > I seemed as thought the logical way to work around Mailwatch's desire
>>  > to write to the quarantine as root was to join the postfix user to
>>  > apache www-data group and give that group ownership of the quarantine.
>>  >
>>  > So I did that and went with the recommended 0660 permissions. But
>>  > Mailscanner started throwing "cannot write to directory
>>  > /var/spool/MailScanner/quarantine"
>>  >
>>  > I switched everything in the configuration back but found that the
>>  > errors were still being thrown. I had noticed while setting up that
>>  > the default permission for the que was 755 and had changed it to the
>>  > fit the 0660 permissions in the mailscanner.con file. I finally added
>>  > +x and then it seemed to work. So it appears as though despite the
>>  > numbers in permissions in the mailscanner.conf file it need +x on the
>>  > owner, and then presumably group if not the same as owner. Why does it
>>  > need execute permission? Or I'm I missing something else?
>>  >
>>  > Does anybody have a successful and secure
>>  > mailscanner/postfix/mailwatch recipe they can share?
>>  >
>>  > Thanks
>>
>>
>> Jules
>>
>>  --
>>  Julian Field MEng CITP CEng
>>  www.MailScanner.info
>>  Buy the MailScanner book at www.MailScanner.info/store
>>
>>  Need help customising MailScanner?
>>  Contact me!
>>  Need help fixing or optimising your systems?
>>  Contact me!
>>  Need help getting you started solving new requirements from your boss?
>>  Contact me!
>>
>>  PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>>
>>
>>
>>  --
>>  This message has been scanned for viruses and
>>  dangerous content by MailScanner, and is
>>  believed to be clean.
>>
>>
>>  --
>>  MailScanner mailing list
>>  mailscanner at lists.mailscanner.info
>>  http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>>  Before posting, read http://wiki.mailscanner.info/posting
>>
>>  Support MailScanner development - buy the book off the website!
>>
> 
> 


-- 
John Baker
Network Systems Administrator
Marlboro College
Phone: 451-7551 off campus; 551 on campus


More information about the MailScanner mailing list