weird mailscanner clamd error

Rick Cooper rcooper at dwford.com
Thu Jan 6 20:30:16 GMT 2011


Naz Snidanko wrote:
> No they all run as separate user. Clamd runs as clamav and MailScanner
> runs as postfix. Unfortunately, I cannot change clamd user since we
> use it for something else that doesn't have permissions for postfix.
> 
> Thanks,
> 

Look at my last post and apply that and see if that doesn't fix your issue.
If I had to guess Julian put that in there when he was fleshing out the code
and forgot to fix it. Because of the way the code is written all the
extracted files with have 0600 permissions and since your clamd user does
not have user (I assume it does have group) access this is the reason you
are getting that error. When using clamscan it will be running as the
MailScanner user and will have user level access. The unrar is a similar
situation the files are extracted via SafePipe without forcing permissions
so they should end up with your default permissions and the clamd user can
read them. 

Switch the code lines (as in my last post) and you should extract the zip
files with the same permissions as the others and, if your clamd has the
correct group perms your error should go away

I don't know when this was introduced I am using 4.67.6 (don't ask) and
those couple of lines do not exist. I wouldn't have noticed it anyway
because I run clamd as root and use a local socket.

Rick


> Naz Snidanko
> Desktop & Network Support
> Harper Power Products Inc.
> (p) 416 201- 7506
>  nsnidanko at harperpowerproducts.com
> 
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Rick
> Cooper
> Sent: January 6, 2011 11:13 AM
> To: 'MailScanner discussion'
> Subject: RE: weird mailscanner clamd error
> 
> Naz Snidanko wrote:
>> I just checked:
>> 
>> /opt/MailScanner-4.82.3-1/lib/MailScanner/MessageBatch.pm
>> 
>> I am using 4.82.3-1 and this modification is there. It does not solve
>> the problem. I haven't tried running clamd under root since it would
>> violate our security principles.
>> 
>> Are you guys sure it is not a problem with clamd itself? Clamav
>> doesn't get this error. 
>> 
> 
> Is clamd running as the same user as the mailscanner user? In other
> words if
> your mailscanner user was postfix is the clamd.conf User parameter set
> to
> postfix as well (clamd would have to be started as root to drop privs)
> 
> I suspect this would be the issue for Curu as the permissions he
> listed are
> readable by group www-data for the zip file but only readable by user
> postfix for the unzipped files. Clearly there is something amiss with
> the
> extracted permissions as one would think they would be the same as the
> original zip file.
> 
> 
> 
> 
>> Regards,
>> 
>> Naz Snidanko
>> Desktop & Network Support
>> Harper Power Products Inc.
>> (p) 416 201- 7506
>>  nsnidanko at harperpowerproducts.com
>> 
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info
>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of
>> Iulian L Dragomir Sent: January 6, 2011 6:05 AM
>> To: MailScanner discussion
>> Subject: Re: weird mailscanner clamd error
>> 
>> On Thu, Jan 6, 2011 at 12:24 PM, Randal, Phil
>> <prandal at herefordshire.gov.uk> wrote:
>>> The only workaround I've found is to run clamd as root.
>>> 
>>> 
>>> 
>>> I've seen the same issue with MailScanner / sendmail on CentOS.
>> 
>> If it is the same problem then try this:
>> 
>> 
> http://lists.mailscanner.info/pipermail/mailscanner/2010-April/095611.ht
>> ml
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>> 
>> Before posting, read http://wiki.mailscanner.info/posting
>> 
>> Support MailScanner development - buy the book off the website! --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>> 
>> Before posting, read http://wiki.mailscanner.info/posting
>> 
>> Support MailScanner development - buy the book off the website!
> 
> 
> 
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> 
> 
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website!
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website!



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the MailScanner mailing list