quarantine release might lose mail?

Glenn Steen glenn.steen at gmail.com
Tue Dec 15 10:08:50 GMT 2009

2009/12/15 Frank Cusack <fcusack at fcusack.com>:
> <http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:postfix:how_to:release_quarantined_mail>
> Aren't queue files named after the inode?
> If that's right, then the method in the above web page would seem to
> be wrong.  First of all, the queue file in the quarantine is a copy of
> the original queue file, so the filename is "wrong".  This doesn't matter
> and does not lead to a problem for mailscanner purposes though, AFAICT.
> But the method of release involves copying the file to the incoming
> directory.  This part is wrong, since the file is named incorrectly and
> postfix might reuse that filename.  postfix won't itself put a file in
> the incoming queue dir (unless you can somehow bypass the header_check,
> not sure if that can happen for locally generated mail), but because
> the inode can be reused, 2+ queue files can be in the quarantine with
> the same name.  You could release all of them together and lose mail.
Highly theoretical risk, Highly unlikely to be a problem. What is your
rate of release?;-)

> I would think that you need to install the queue file using mktemp,
> then change the filename and lastly change the file mode.
Perhaps, to be truly kosher, but in reality... this is not a big problem.
And if you elect to use MailWatch, which demand that the you
quarantine the RFC822 encoded message file (iow not the queue file),
the problem goes away entirely...

> -frank

-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se

More information about the MailScanner mailing list