getting Mailscanner to work with Mailwatch/Postfix

Glenn Steen glenn.steen at gmail.com
Mon Mar 17 21:22:11 GMT 2008 

On 17/03/2008, John Baker <johnnyb at marlboro.edu> wrote:
> I did indeed forget that you need to execute bit on for a process to
>  create a directory. Hey, its been a while since Unix 101. :)
:-)

>
>  But the source of confusion here for me as much as the Mailwatch wiki
>  ,which I did take the directions from, is that the default
>  Mailscanner.conf file has Quarantine Permissions = 0600 leading one to
>  believe that the execute bit is not necessary. This is in the
>  Mailscanner book as well.
But the line is correct for the files created.... IIRC (been a while
since I looked) any needed execute bits are added as needed for
created directories... I might be wrong, but I don't think so:-)

>  What is the function of this line in the file? It seems to be ignored by
>    the actual process.
Definitely not ignored, no.

Anyway, AFAIU you have all your problems resolved now, right?
All chugging along nicely...?

Cheers
-- Glenn
>
>  Glenn Steen wrote:
>  > On 17/03/2008, Julian Field <MailScanner at ecs.soton.ac.uk> wrote:
>  >> If someone can fix this one for John, please can you put it in the Wiki
>  >>  if it isn't already there?
>  >>  Thanks folks!
>  >>  Jules.
>  >
>  > AFAICS there is no need for this to be in the Wiki, since it seems to
>  > me that John has done a few "faux pas"...:-):
>  > -For a process to be able to create a directory you need hold the
>  > execute bit for the directory in which the new directory is created.
>  > Unix 101.
>  > - John might have mistakenly changed the _owner_ of the top quarantine
>  > directory to root. This is wrong for most postfix installations.
>  >
>  > Leads me to thing He's been following some other docs than the ones
>  > already in the MS wiki.
>  > If one is to change any Wiki information I'd hazard it'd be best to
>  > change the MW one.
>  > Cheers
>  > -- Glenn
>  >
>  >>  John Baker wrote:
>  >>  > Hi all,
>  >>  >
>  >>  > I've been trying to get Mailscanner set up to work so that postfix and
>  >>  > Mailwatch will cooperate and ran into a confusing permission issue.
>  >>  >
>  >>  > You'd think this one would have been addressed here before but I could
>  >>  > not find an answer in the archives.
>  >>  >
>  >>  > I seemed as thought the logical way to work around Mailwatch's desire
>  >>  > to write to the quarantine as root was to join the postfix user to
>  >>  > apache www-data group and give that group ownership of the quarantine.
>  >>  >
>  >>  > So I did that and went with the recommended 0660 permissions. But
>  >>  > Mailscanner started throwing "cannot write to directory
>  >>  > /var/spool/MailScanner/quarantine"
>  >>  >
>  >>  > I switched everything in the configuration back but found that the
>  >>  > errors were still being thrown. I had noticed while setting up that
>  >>  > the default permission for the que was 755 and had changed it to the
>  >>  > fit the 0660 permissions in the mailscanner.con file. I finally added
>  >>  > +x and then it seemed to work. So it appears as though despite the
>  >>  > numbers in permissions in the mailscanner.conf file it need +x on the
>  >>  > owner, and then presumably group if not the same as owner. Why does it
>  >>  > need execute permission? Or I'm I missing something else?
>  >>  >
>  >>  > Does anybody have a successful and secure
>  >>  > mailscanner/postfix/mailwatch recipe they can share?
>  >>  >
>  >>  > Thanks
>  >>
>  >>
>  >> Jules
>  >>
>  >>  --
>  >>  Julian Field MEng CITP CEng
>  >>  www.MailScanner.info
>  >>  Buy the MailScanner book at www.MailScanner.info/store
>  >>
>  >>  Need help customising MailScanner?
>  >>  Contact me!
>  >>  Need help fixing or optimising your systems?
>  >>  Contact me!
>  >>  Need help getting you started solving new requirements from your boss?
>  >>  Contact me!
>  >>
>  >>  PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>  >>
>  >>
>  >>
>  >>  --
>  >>  This message has been scanned for viruses and
>  >>  dangerous content by MailScanner, and is
>  >>  believed to be clean.
>  >>
>  >>
>  >>  --
>  >>  MailScanner mailing list
>  >>  mailscanner at lists.mailscanner.info
>  >>  http://lists.mailscanner.info/mailman/listinfo/mailscanner
>  >>
>  >>  Before posting, read http://wiki.mailscanner.info/posting
>  >>
>  >>  Support MailScanner development - buy the book off the website!
>  >>
>  >
>  >
>
>
>  --
>
> John Baker
>  Network Systems Administrator
>  Marlboro College
>  Phone: 451-7551 off campus; 551 on campus
>  --
>
> MailScanner mailing list
>  mailscanner at lists.mailscanner.info
>  http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>  Before posting, read http://wiki.mailscanner.info/posting
>
>  Support MailScanner development - buy the book off the website!
>


-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se

More information about the MailScanner mailing list