quarantine release might lose mail?
glenn.steen at gmail.com
Tue Dec 15 10:08:50 GMT 2009
2009/12/15 Frank Cusack <fcusack at fcusack.com>:
> Aren't queue files named after the inode?
> If that's right, then the method in the above web page would seem to
> be wrong. First of all, the queue file in the quarantine is a copy of
> the original queue file, so the filename is "wrong". This doesn't matter
> and does not lead to a problem for mailscanner purposes though, AFAICT.
> But the method of release involves copying the file to the incoming
> directory. This part is wrong, since the file is named incorrectly and
> postfix might reuse that filename. postfix won't itself put a file in
> the incoming queue dir (unless you can somehow bypass the header_check,
> not sure if that can happen for locally generated mail), but because
> the inode can be reused, 2+ queue files can be in the quarantine with
> the same name. You could release all of them together and lose mail.
Highly theoretical risk, Highly unlikely to be a problem. What is your
rate of release?;-)
> I would think that you need to install the queue file using mktemp,
> then change the filename and lastly change the file mode.
Perhaps, to be truly kosher, but in reality... this is not a big problem.
And if you elect to use MailWatch, which demand that the you
quarantine the RFC822 encoded message file (iow not the queue file),
the problem goes away entirely...
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner