Bunch of issues with installing MailScanner on Ubuntu LTS 10.04
Martijn
mailinglist at mindconnect.nl
Thu Aug 4 12:18:15 IST 2011
Hi guys,
I'm designing and testing a new mail system for our company. While
researching I came across MailScanner and I liked the way of thinking
with putting mail in the hold queue for processing instead of running an
extra SMTP-service like amavisd seems to need.
But while testing I have come across a quite a few things that don't
seem to work out using the providing documentation. Perhaps anyone could
help solving these, in my particular situation, or upstream where it
applies. I have numbered the issues for easier reference.
There are a few sections where I may sound a bit frustrated. It's not
personal and I respect what everyone is trying to do with MailScanner.
With the trouble I'm experiencing currently, it's a bit hard for me to
imagine this software is ready for production. I'm seeing messages all
over the web that the software is ready, so I hope I actually did
something stupid and MailScanner is not to 'blame'.
Little bit of intro:
MailScanner is basically the last thing we're adding to our setup. We
already have a well running system that consists of (currently) Ubuntu
LTS 10.04.2, equipped with Postfix 2.7.0 for SMTP and Dovecot 1.2.9 for
POP3, IMAP (The Dovecot LDA is used). All mail users are virtual.
I'm completely new to MailScanner and I'm going through the
documentation, eventually ending up at
http://www.mailscanner.info/install_guides.html and more specifically
http://www.mailscanner.info/ubuntu.html
Issue 1:
I see no date or version numbers mentioned there, except for the
8.04-part. I would really highly recommend this for all documentation
and blogposts to prevent someone from staring at old docs for hours. Of
course everyone has the intention of keeping docs up to date, but we all
know there are times when it just doesn't happen.
What I basically do reading documentation like this is: see if I
understand what I'm doing and if that's the case then copy paste the
commands, perhaps edit them if my system is different and then run them.
In this case it's all pretty basic and I'm not aware of anything I need
to edit for it to work, so I just start copy-pasting them.
Issue 2:
When installing the MailScanner Dependencies I notice that the
documented command doesn't work for me. Unfortunately I don't have any
notes for that part but I remember something about package names not
matching, or needing to install the packages in a specific order instead
of all at once.
Problem solved, so I continue with the installation getting the latest
.deb from the suggested
http://debian.intergenia.de/debian/pool/main/m/mailscanner/ :
That's mailscanner_4.79.11-2.2_all.deb.
dpkg -i seems to run well, as well as the steps described under
Configuring MailScanner and ClamAV, until the point I can start mailscanner:
Issue 3:
Could not read directory /var/spool/MailScanner/incoming at
/usr/share/MailScanner//MailScanner/Config.pm line 2786
Error in configuration file line 184, directory
/var/spool/MailScanner/incoming for incomingworkdir does not exist (or
is not readable) at /usr/share/MailScanner//MailScanner/Config.pm line 3146
Could not read directory /var/spool/MailScanner/quarantine at
/usr/share/MailScanner//MailScanner/Config.pm line 2786
Error in configuration file line 188, directory
/var/spool/MailScanner/quarantine for quarantinedir does not exist (or
is not readable) at /usr/share/MailScanner//MailScanner/Config.pm line 3146
So I check:
root at insular:/var/spool/MailScanner# ls -la
total 24
drwxr-x--- 6 mail mail 4096 2011-08-04 10:46 .
drwxr-xr-x 8 root root 4096 2011-08-04 10:40 ..
drwxr-x--- 2 mail mail 4096 2010-12-09 20:36 archive
drwxr-x--- 3 mail mail 4096 2011-08-04 10:54 incoming
drwxr-x--- 2 mail mail 4096 2010-12-09 20:36 quarantine
drwxr-xr-x 2 postfix root 4096 2011-08-04 10:46 spamassassin
root at insular:/var/spool/MailScanner#
Everything is there (I noticed the wrong permissions later, I'll get to
that in a minute). Thinking that MailScanner failed to start because of
these errors, I try to start again. /etc/init.d/mailscanner start
returns no output, so I think the directories where created
automatically after the first error and now everything runs well.
In practice however, MailScanner started the first time dispite the
errors. No idea what happened when I started it a second time. This may
very well confuse a lot of people.
I stop the service, check to see if no MailScanner processes are running
and start fixing the permission problems.
Issue 4:
Alright so there's a problem with incomingworkdir and quarentinedir.
Both exist, I notice they're owned by mail:mail but MailScanner runs as
the postfix user so that probably is the problem. Although mail:mail is
the Ubuntu default I don't see any ownership changes documented in the
Ubuntu guide. I find an extra doc about Postfix and start going over all
the checks: http://www.mailscanner.info/postfix.html
Most of the points here are done while going through the Ubuntu steps.
The doc does confirm that the directories need to be owned by
postfix:postfix. I correct the problem and start the service: same error
about directories not existing or not being readable.
I check the permissions again, and they seem good:
root at insular:/var/spool/MailScanner# ls -la
total 24
drwxr-x--- 6 mail mail 4096 2011-08-04 10:46 .
drwxr-xr-x 8 root root 4096 2011-08-04 10:40 ..
drwxr-x--- 2 mail mail 4096 2010-12-09 20:36 archive
drwxr-x--- 3 postfix postfix 4096 2011-08-04 10:54 incoming
drwxr-x--- 2 postfix postfix 4096 2010-12-09 20:36 quarantine
drwxr-xr-x 2 postfix root 4096 2011-08-04 10:46 spamassassin
root at insular:/var/spool/MailScanner#
So I'm double checking values in the configuration, and they check out
with what is documented. Now I'm a bit confused and I start checking
general configuration with --lint.
Issue 5:
Running mailscanner --lint gives me some hints:
"The "envelope_sender_header" in your spam.assassin.prefs.conf is not
correct"
Ok, corrected that.
Plus, a range of errors because of trouble with the permissions, like:
Could not create SpamAssassin temporary directory
/var/spool/MailScanner/incoming/SpamAssassin-Temp, Permission denied at
/usr/share/MailScanner//MailScanner/SA.pm line 80.
But no real configuration problems seem to surface.
Issue 6:
After running mailscanner --lint, permissions on the directories in
/var/spool/MailScanner have changed:
root at insular:/var/spool/MailScanner# ls -la
total 24
drwxr-x--- 6 mail mail 4096 2011-08-04 10:46 .
drwxr-xr-x 8 root root 4096 2011-08-04 10:40 ..
drwxr-x--- 2 mail mail 4096 2010-12-09 20:36 archive
drwxr-x--- 5 postfix clamav 4096 2011-08-04 12:46 incoming
drwxr-x--- 2 postfix postfix 4096 2010-12-09 20:36 quarantine
drwxr-xr-x 2 postfix root 4096 2011-08-04 10:46 spamassassin
root at insular:/var/spool/MailScanner#
Incoming is now suddenly owned by postfix:clamav. Clamav does happen to
be the only scanner I have installed. If I just start MailScanner
service normally, the permissions change doesn't happen. So I reverse
the change to make sure I'm testing consistently.
What else can I test? check_mailscanner:
root at insular:/var/spool/MailScanner# check_mailscanner
check_mailscanner: command not found
root at insular:/var/spool/MailScanner# check_MailScanner
check_MailScanner: command not found
root at insular:/var/spool/MailScanner#
Seems that I'm missing that script.
Issue 7:
In an earlier try (I'm collecting info on these issues on my second try)
I ended up with a MailScanner that seemed to start without issues, but
no mail came through and I discovered something is wrong in mail.log.
MailScanner seems to be starting every few seconds. If I start
MailScanner on my second try, the same thing happens:
[...]
Aug 4 12:45:26 insular MailScanner[12221]: Using SpamAssassin results cache
Aug 4 12:45:26 insular MailScanner[12221]: Could not create
SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db
Aug 4 12:45:26 insular MailScanner[12221]: Enabling SpamAssassin
auto-whitelist functionality...
Aug 4 12:46:03 insular MailScanner[12256]: MailScanner E-Mail Virus
Scanner version 4.79.11 starting...
Aug 4 12:46:04 insular MailScanner[12256]: Reading configuration file
/etc/MailScanner/MailScanner.conf
Aug 4 12:46:04 insular MailScanner[12256]: Configuration: Failed to
find any configuration files like /etc/MailScanner/conf.d/*, skipping them.
Aug 4 12:46:04 insular MailScanner[12256]: Read 858 hostnames from the
phishing whitelist
Aug 4 12:46:04 insular MailScanner[12256]: Read 5497 hostnames from the
phishing blacklists
Aug 4 12:46:04 insular MailScanner[12256]: Using SpamAssassin results cache
Aug 4 12:46:04 insular MailScanner[12256]: Could not create
SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db
Aug 4 12:46:04 insular MailScanner[12256]: Enabling SpamAssassin
auto-whitelist functionality...
Aug 4 12:46:06 insular MailScanner[12256]: I have found clamav scanners
installed, and will use them all by default.
Aug 4 12:46:06 insular MailScanner[12256]: Could not create Processing
Attempts Database "/var/spool/MailScanner/incoming/Processing.db"
Aug 4 12:46:06 insular MailScanner[12256]: Incoming Work Dir does not exist
Aug 4 12:46:08 insular MailScanner[12303]: MailScanner E-Mail Virus
Scanner version 4.79.11 starting...
Aug 4 12:46:08 insular MailScanner[12303]: Reading configuration file
/etc/MailScanner/MailScanner.conf
Aug 4 12:46:09 insular MailScanner[12303]: Configuration: Failed to
find any configuration files like /etc/MailScanner/conf.d/*, skipping them.
Aug 4 12:46:09 insular MailScanner[12303]: Read 858 hostnames from the
phishing whitelist
Aug 4 12:46:09 insular MailScanner[12303]: Read 5497 hostnames from the
phishing blacklists
Aug 4 12:46:09 insular MailScanner[12303]: Using SpamAssassin results cache
Aug 4 12:46:09 insular MailScanner[12303]: Could not create
SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db
Aug 4 12:46:09 insular MailScanner[12303]: Enabling SpamAssassin
auto-whitelist functionality...
Aug 4 12:46:28 insular MailScanner[12314]: MailScanner E-Mail Virus
Scanner version 4.79.11 starting...
[...]
When looking at the process list, the pattern is this:
root at insular:/var/log# ps aux | grep MailScanner
postfix 12553 0.0 1.9 26548 20184 ? SNs 13:03 0:00
MailScanner: starting children
postfix 12554 74.0 4.8 54996 49740 ? RN 13:03 0:01
MailScanner: starting children
root 12579 0.0 0.0 3324 796 pts/5 S+ 13:03 0:00 grep
--color=auto MailScanner
root at insular:/var/log# ps aux | grep MailScanner
postfix 12553 0.0 1.9 26548 20184 ? SNs 13:03 0:00
MailScanner: starting children
postfix 12554 55.0 0.0 0 0 ? ZN 13:03 0:01
[MailScanner] <defunct>
root 12602 0.0 0.0 3324 796 pts/5 S+ 13:03 0:00 grep
--color=auto MailScanner
root at insular:/var/log# ps aux | grep MailScanner
postfix 12553 0.3 1.9 26548 20488 ? SNs 13:03 0:00
MailScanner: starting child
postfix 12603 86.0 3.6 42708 37376 ? RN 13:03 0:00
MailScanner: starting child
root 12605 0.0 0.0 3324 796 pts/5 S+ 13:03 0:00 grep
--color=auto MailScanner
root at insular:/var/log#
Starting children, <defunct>, starting children, etc.
I've been Googling *a lot* of error strings and problems that I came
across but I never really ended up with answers so this mailing list is
my last resort. Went through a good few months of the mailing list by
hand and didn't really find anything that really is the same as what I'm
experiencing.
I really would like to stick with MailScanner because I think there's an
advantage in a system that works more transparent then linking a bunch
of SMTP services together.
Issue 8:
Visiting http://www.mailscanner.info/docs.html as suggested in the
e-mails I get from the mailing list, links "The MailScanner Book" and
"Installation Guides" give me a 404.
That rounds up all the issues I can remember and reproduce right now.
Hope that anyone can help me.
Thanks in advance,
- Martijn
More information about the MailScanner
mailing list