Bunch of issues with installing MailScanner on Ubuntu LTS 10.04
Craig White
craigwhite at azapple.com
Thu Aug 4 12:43:18 IST 2011
On Thu, 2011-08-04 at 13:18 +0200, Martijn wrote:
> Hi guys,
>
> I'm designing and testing a new mail system for our company. While
> researching I came across MailScanner and I liked the way of thinking
> with putting mail in the hold queue for processing instead of running an
> extra SMTP-service like amavisd seems to need.
>
> But while testing I have come across a quite a few things that don't
> seem to work out using the providing documentation. Perhaps anyone could
> help solving these, in my particular situation, or upstream where it
> applies. I have numbered the issues for easier reference.
>
> There are a few sections where I may sound a bit frustrated. It's not
> personal and I respect what everyone is trying to do with MailScanner.
> With the trouble I'm experiencing currently, it's a bit hard for me to
> imagine this software is ready for production. I'm seeing messages all
> over the web that the software is ready, so I hope I actually did
> something stupid and MailScanner is not to 'blame'.
>
> Little bit of intro:
> MailScanner is basically the last thing we're adding to our setup. We
> already have a well running system that consists of (currently) Ubuntu
> LTS 10.04.2, equipped with Postfix 2.7.0 for SMTP and Dovecot 1.2.9 for
> POP3, IMAP (The Dovecot LDA is used). All mail users are virtual.
>
> I'm completely new to MailScanner and I'm going through the
> documentation, eventually ending up at
> http://www.mailscanner.info/install_guides.html and more specifically
> http://www.mailscanner.info/ubuntu.html
>
> Issue 1:
> I see no date or version numbers mentioned there, except for the
> 8.04-part. I would really highly recommend this for all documentation
> and blogposts to prevent someone from staring at old docs for hours. Of
> course everyone has the intention of keeping docs up to date, but we all
> know there are times when it just doesn't happen.
>
> What I basically do reading documentation like this is: see if I
> understand what I'm doing and if that's the case then copy paste the
> commands, perhaps edit them if my system is different and then run them.
> In this case it's all pretty basic and I'm not aware of anything I need
> to edit for it to work, so I just start copy-pasting them.
>
> Issue 2:
> When installing the MailScanner Dependencies I notice that the
> documented command doesn't work for me. Unfortunately I don't have any
> notes for that part but I remember something about package names not
> matching, or needing to install the packages in a specific order instead
> of all at once.
>
> Problem solved, so I continue with the installation getting the latest
> .deb from the suggested
> http://debian.intergenia.de/debian/pool/main/m/mailscanner/ :
> That's mailscanner_4.79.11-2.2_all.deb.
>
> dpkg -i seems to run well, as well as the steps described under
> Configuring MailScanner and ClamAV, until the point I can start mailscanner:
>
> Issue 3:
> Could not read directory /var/spool/MailScanner/incoming at
> /usr/share/MailScanner//MailScanner/Config.pm line 2786
> Error in configuration file line 184, directory
> /var/spool/MailScanner/incoming for incomingworkdir does not exist (or
> is not readable) at /usr/share/MailScanner//MailScanner/Config.pm line 3146
> Could not read directory /var/spool/MailScanner/quarantine at
> /usr/share/MailScanner//MailScanner/Config.pm line 2786
> Error in configuration file line 188, directory
> /var/spool/MailScanner/quarantine for quarantinedir does not exist (or
> is not readable) at /usr/share/MailScanner//MailScanner/Config.pm line 3146
>
> So I check:
> root at insular:/var/spool/MailScanner# ls -la
> total 24
> drwxr-x--- 6 mail mail 4096 2011-08-04 10:46 .
> drwxr-xr-x 8 root root 4096 2011-08-04 10:40 ..
> drwxr-x--- 2 mail mail 4096 2010-12-09 20:36 archive
> drwxr-x--- 3 mail mail 4096 2011-08-04 10:54 incoming
> drwxr-x--- 2 mail mail 4096 2010-12-09 20:36 quarantine
> drwxr-xr-x 2 postfix root 4096 2011-08-04 10:46 spamassassin
> root at insular:/var/spool/MailScanner#
>
> Everything is there (I noticed the wrong permissions later, I'll get to
> that in a minute). Thinking that MailScanner failed to start because of
> these errors, I try to start again. /etc/init.d/mailscanner start
> returns no output, so I think the directories where created
> automatically after the first error and now everything runs well.
>
> In practice however, MailScanner started the first time dispite the
> errors. No idea what happened when I started it a second time. This may
> very well confuse a lot of people.
> I stop the service, check to see if no MailScanner processes are running
> and start fixing the permission problems.
>
> Issue 4:
> Alright so there's a problem with incomingworkdir and quarentinedir.
> Both exist, I notice they're owned by mail:mail but MailScanner runs as
> the postfix user so that probably is the problem. Although mail:mail is
> the Ubuntu default I don't see any ownership changes documented in the
> Ubuntu guide. I find an extra doc about Postfix and start going over all
> the checks: http://www.mailscanner.info/postfix.html
>
> Most of the points here are done while going through the Ubuntu steps.
> The doc does confirm that the directories need to be owned by
> postfix:postfix. I correct the problem and start the service: same error
> about directories not existing or not being readable.
>
> I check the permissions again, and they seem good:
> root at insular:/var/spool/MailScanner# ls -la
> total 24
> drwxr-x--- 6 mail mail 4096 2011-08-04 10:46 .
> drwxr-xr-x 8 root root 4096 2011-08-04 10:40 ..
> drwxr-x--- 2 mail mail 4096 2010-12-09 20:36 archive
> drwxr-x--- 3 postfix postfix 4096 2011-08-04 10:54 incoming
> drwxr-x--- 2 postfix postfix 4096 2010-12-09 20:36 quarantine
> drwxr-xr-x 2 postfix root 4096 2011-08-04 10:46 spamassassin
> root at insular:/var/spool/MailScanner#
>
> So I'm double checking values in the configuration, and they check out
> with what is documented. Now I'm a bit confused and I start checking
> general configuration with --lint.
>
> Issue 5:
> Running mailscanner --lint gives me some hints:
> "The "envelope_sender_header" in your spam.assassin.prefs.conf is not
> correct"
> Ok, corrected that.
>
> Plus, a range of errors because of trouble with the permissions, like:
> Could not create SpamAssassin temporary directory
> /var/spool/MailScanner/incoming/SpamAssassin-Temp, Permission denied at
> /usr/share/MailScanner//MailScanner/SA.pm line 80.
>
> But no real configuration problems seem to surface.
>
> Issue 6:
> After running mailscanner --lint, permissions on the directories in
> /var/spool/MailScanner have changed:
> root at insular:/var/spool/MailScanner# ls -la
> total 24
> drwxr-x--- 6 mail mail 4096 2011-08-04 10:46 .
> drwxr-xr-x 8 root root 4096 2011-08-04 10:40 ..
> drwxr-x--- 2 mail mail 4096 2010-12-09 20:36 archive
> drwxr-x--- 5 postfix clamav 4096 2011-08-04 12:46 incoming
> drwxr-x--- 2 postfix postfix 4096 2010-12-09 20:36 quarantine
> drwxr-xr-x 2 postfix root 4096 2011-08-04 10:46 spamassassin
> root at insular:/var/spool/MailScanner#
>
> Incoming is now suddenly owned by postfix:clamav. Clamav does happen to
> be the only scanner I have installed. If I just start MailScanner
> service normally, the permissions change doesn't happen. So I reverse
> the change to make sure I'm testing consistently.
>
> What else can I test? check_mailscanner:
> root at insular:/var/spool/MailScanner# check_mailscanner
> check_mailscanner: command not found
> root at insular:/var/spool/MailScanner# check_MailScanner
> check_MailScanner: command not found
> root at insular:/var/spool/MailScanner#
>
> Seems that I'm missing that script.
>
> Issue 7:
> In an earlier try (I'm collecting info on these issues on my second try)
> I ended up with a MailScanner that seemed to start without issues, but
> no mail came through and I discovered something is wrong in mail.log.
> MailScanner seems to be starting every few seconds. If I start
> MailScanner on my second try, the same thing happens:
>
> [...]
> Aug 4 12:45:26 insular MailScanner[12221]: Using SpamAssassin results cache
> Aug 4 12:45:26 insular MailScanner[12221]: Could not create
> SpamAssassin cache database
> /var/spool/MailScanner/incoming/SpamAssassin.cache.db
> Aug 4 12:45:26 insular MailScanner[12221]: Enabling SpamAssassin
> auto-whitelist functionality...
> Aug 4 12:46:03 insular MailScanner[12256]: MailScanner E-Mail Virus
> Scanner version 4.79.11 starting...
> Aug 4 12:46:04 insular MailScanner[12256]: Reading configuration file
> /etc/MailScanner/MailScanner.conf
> Aug 4 12:46:04 insular MailScanner[12256]: Configuration: Failed to
> find any configuration files like /etc/MailScanner/conf.d/*, skipping them.
> Aug 4 12:46:04 insular MailScanner[12256]: Read 858 hostnames from the
> phishing whitelist
> Aug 4 12:46:04 insular MailScanner[12256]: Read 5497 hostnames from the
> phishing blacklists
> Aug 4 12:46:04 insular MailScanner[12256]: Using SpamAssassin results cache
> Aug 4 12:46:04 insular MailScanner[12256]: Could not create
> SpamAssassin cache database
> /var/spool/MailScanner/incoming/SpamAssassin.cache.db
> Aug 4 12:46:04 insular MailScanner[12256]: Enabling SpamAssassin
> auto-whitelist functionality...
> Aug 4 12:46:06 insular MailScanner[12256]: I have found clamav scanners
> installed, and will use them all by default.
> Aug 4 12:46:06 insular MailScanner[12256]: Could not create Processing
> Attempts Database "/var/spool/MailScanner/incoming/Processing.db"
> Aug 4 12:46:06 insular MailScanner[12256]: Incoming Work Dir does not exist
> Aug 4 12:46:08 insular MailScanner[12303]: MailScanner E-Mail Virus
> Scanner version 4.79.11 starting...
> Aug 4 12:46:08 insular MailScanner[12303]: Reading configuration file
> /etc/MailScanner/MailScanner.conf
> Aug 4 12:46:09 insular MailScanner[12303]: Configuration: Failed to
> find any configuration files like /etc/MailScanner/conf.d/*, skipping them.
> Aug 4 12:46:09 insular MailScanner[12303]: Read 858 hostnames from the
> phishing whitelist
> Aug 4 12:46:09 insular MailScanner[12303]: Read 5497 hostnames from the
> phishing blacklists
> Aug 4 12:46:09 insular MailScanner[12303]: Using SpamAssassin results cache
> Aug 4 12:46:09 insular MailScanner[12303]: Could not create
> SpamAssassin cache database
> /var/spool/MailScanner/incoming/SpamAssassin.cache.db
> Aug 4 12:46:09 insular MailScanner[12303]: Enabling SpamAssassin
> auto-whitelist functionality...
> Aug 4 12:46:28 insular MailScanner[12314]: MailScanner E-Mail Virus
> Scanner version 4.79.11 starting...
> [...]
>
> When looking at the process list, the pattern is this:
> root at insular:/var/log# ps aux | grep MailScanner
> postfix 12553 0.0 1.9 26548 20184 ? SNs 13:03 0:00
> MailScanner: starting children
> postfix 12554 74.0 4.8 54996 49740 ? RN 13:03 0:01
> MailScanner: starting children
> root 12579 0.0 0.0 3324 796 pts/5 S+ 13:03 0:00 grep
> --color=auto MailScanner
> root at insular:/var/log# ps aux | grep MailScanner
> postfix 12553 0.0 1.9 26548 20184 ? SNs 13:03 0:00
> MailScanner: starting children
> postfix 12554 55.0 0.0 0 0 ? ZN 13:03 0:01
> [MailScanner] <defunct>
> root 12602 0.0 0.0 3324 796 pts/5 S+ 13:03 0:00 grep
> --color=auto MailScanner
> root at insular:/var/log# ps aux | grep MailScanner
> postfix 12553 0.3 1.9 26548 20488 ? SNs 13:03 0:00
> MailScanner: starting child
> postfix 12603 86.0 3.6 42708 37376 ? RN 13:03 0:00
> MailScanner: starting child
> root 12605 0.0 0.0 3324 796 pts/5 S+ 13:03 0:00 grep
> --color=auto MailScanner
> root at insular:/var/log#
>
> Starting children, <defunct>, starting children, etc.
>
> I've been Googling *a lot* of error strings and problems that I came
> across but I never really ended up with answers so this mailing list is
> my last resort. Went through a good few months of the mailing list by
> hand and didn't really find anything that really is the same as what I'm
> experiencing.
>
> I really would like to stick with MailScanner because I think there's an
> advantage in a system that works more transparent then linking a bunch
> of SMTP services together.
>
> Issue 8:
> Visiting http://www.mailscanner.info/docs.html as suggested in the
> e-mails I get from the mailing list, links "The MailScanner Book" and
> "Installation Guides" give me a 404.
>
> That rounds up all the issues I can remember and reproduce right now.
>
> Hope that anyone can help me.
----
maybe someone else will take this up with you and give you more specific
things but I installed MailScanner on my 10.04 LTS a few weeks ago and
it was rather painful. The MailScanner program and this list misses
Julian very much.
In short, the ubuntu/debian package is extremely old (4.79) and I ended
up using the latest beta which solves all sorts of problems with
tainting and perl 5.10.x
Thus I had to do a few things by hand.
I modified the /etc/init.d/mailscanner script a little.
This may help assure your mind...
# ls -l /var/spool/MailScanner/
total 12
drwxr-x--- 72 postfix clamav 4096 2011-08-04 04:38 incoming
drwxr-x--- 6 postfix postfix 4096 2011-08-04 04:02 quarantine
drwxr-xr-x 2 postfix postfix 4096 2011-07-27 22:19 spamassassin
If you build from source, then it's likely to end up in /opt and then
you will have to adjust things like the /etc/init.d/mailscanner script
and the cron scripts to point to the installation.
I also had to write another script to kill off older MailScanner
processes that didn't seem to get killed off each cycle (I think it is
by default 20 minutes).
I can provide the /etc/init.d/mailscanner script and the extra script if
you decide to go with the latest beta tarball (and I would definitely
recommend that).
Craig
More information about the MailScanner
mailing list