MailScanner hanging process, cannot write to quarantine and not processing incoming mails

Kocisky kocisky at autistici.org
Mon Oct 31 17:03:20 GMT 2011


from the strace (below below) it seems that the process cannot create the
folder:

[root at mail init.d]# ls -l /var/spool/MailScanner/quarantine/20111031
ls: cannot access /var/spool/MailScanner/quarantine/20111031: No such file
or directory

it should be a simple permission issue because selinux doesnt give any
audit.log and "setenforce 0" didn't change the situation.

permission of MailScanner.conf:

Run As User = postfix
Run As Group = postfix

i'm definitively missing something !!!

below some permissions where it seems to hang:

[root at mail init.d]# ls -la /var/spool/MailScanner/quarantine/
total 96
drwxr-xr-x.  24 root    apache  4096 Oct 22 09:00 .
drwxr-xr-x.   5 root    root    4096 Oct 22 09:00 ..
drwx------.   3 postfix apache  4096 Oct  3 13:06 20111003
drwxrwx---.   7 postfix apache  4096 Oct  4 13:51 20111004
drwxrwx---.   6 postfix apache  4096 Oct  5 13:19 20111005
drwxrwx---.   5 postfix apache  4096 Oct  6 20:51 20111006
drwxrwx---.  15 postfix apache  4096 Oct  7 07:56 20111007
drwxrwx---.   3 postfix apache  4096 Oct  8 00:19 20111008
drwxrwx---.   3 postfix apache  4096 Oct  9 00:05 20111009
drwxrwx---.   3 postfix apache  4096 Oct 10 00:16 20111010
drwxrwx---.  20 postfix apache  4096 Oct 12 22:32 20111012
drwxrwx---.  37 postfix postfix 4096 Oct 13 16:29 20111013
drwxrwx---.  15 postfix celeryd 4096 Oct 14 13:30 20111014
drwxrwx---.   6 postfix celeryd 4096 Oct 17 22:17 20111017
drwxrwx---.  20 postfix celeryd 4096 Oct 18 20:42 20111018
drwxrwx---.   3 postfix celeryd 4096 Oct 19 04:38 20111019
drwxrwx---.  54 postfix celeryd 4096 Oct 20 21:31 20111020
drwxrwx---.  11 postfix celeryd 4096 Oct 21 10:08 20111021
drwxrwx---.   5 postfix celeryd 4096 Oct 24 15:48 20111024
drwxrwx---. 142 postfix postfix 4096 Oct 25 23:32 20111025
drwxrwx---. 118 postfix postfix 4096 Oct 26 18:12 20111026
drwxrwx---.  15 postfix apache  4096 Oct 27 21:14 20111027
drwxrwx---.   5 postfix apache  4096 Oct 28 06:27 20111028
drwxr-x---.   3 postfix apache  4096 Oct 31 12:08 phishingupdate
[root at mail init.d]# ls -la /var/spool/MailScanner/quarantine/20111031
ls: cannot access /var/spool/MailScanner/quarantine/20111031: No such file
or directory
[root at mail init.d]# ls -la /var/spool/MailScanner/
total 32
drwxr-xr-x.  5 root    root   4096 Oct 22 09:00 .
drwxr-xr-x. 14 root    root   4096 Oct 28 11:27 ..
drwxr-xr-x.  9 postfix clam   4096 Oct 31 12:41 incoming
drwxr-xr-x. 24 root    apache 4096 Oct 22 09:00 quarantine
drwxr-x---.  2 postfix clam   4096 Oct  3 12:21 spamassassin


below the strace output:


unlink("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal") = 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=1073741824, len=2})
= 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
gettimeofday({1320079287, 180287}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
gettimeofday({1320079287, 180496}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
select(8, [7], NULL, [7], {0, 0})       = 0 (Timeout)
write(7, "<22>Oct 31 12:41:27 MailScanner["..., 94) = 94
gettimeofday({1320079287, 181930}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
gettimeofday({1320079287, 182134}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
select(8, [7], NULL, [7], {0, 0})       = 0 (Timeout)
write(7, "<22>Oct 31 12:41:27 MailScanner["..., 432) = 432
gettimeofday({1320079287, 183021}, NULL) = 0
gettimeofday({1320079287, 183150}, NULL) = 0
lseek(26, 0, SEEK_SET)                  = 0
lseek(26, 0, SEEK_CUR)                  = 0
read(26, "CO           7091             69"..., 4096) = 4096
lseek(26, 81, SEEK_SET)                 = 81
lseek(26, 0, SEEK_CUR)                  = 81
lseek(26, 691, SEEK_SET)                = 691
lseek(26, 0, SEEK_CUR)                  = 691
read(26, "NJReceived: from mysubdomain.trac"..., 4096) = 4096
lseek(26, 2049, SEEK_SET)               = 2049
lseek(26, 0, SEEK_CUR)                  = 2049
lseek(26, 2049, SEEK_SET)               = 2049
lseek(26, 0, SEEK_CUR)                  = 2049
read(26, "N\0N,This is a multi-part message"..., 4096) = 4096
read(26, "realize friend letter be able.N "..., 4096) = 1641
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
access("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal",
F_OK) = -1 ENOENT (No such file or directory)
fstat(6, {st_mode=S_IFREG|0750, st_size=4264960, ...}) = 0
lseek(6, 24, SEEK_SET)                  = 24
read(6, "\0\2F\230\0\0\0\0\0\0\16\310\0\0\17\356", 16) = 16
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
access("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal",
F_OK) = -1 ENOENT (No such file or directory)
fstat(6, {st_mode=S_IFREG|0750, st_size=4264960, ...}) = 0
lseek(6, 24, SEEK_SET)                  = 24
read(6, "\0\2F\230\0\0\0\0\0\0\16\310\0\0\17\356", 16) = 16
fcntl(6, F_SETLK, {type=F_WRLCK, whence=SEEK_SET, start=1073741825, len=1})
= 0
open("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal",
O_RDWR|O_CREAT, 0644) = 38
open("/var/spool/MailScanner/incoming", O_RDONLY) = 39
fcntl(39, F_GETFD)                      = 0
fcntl(39, F_SETFD, FD_CLOEXEC)          = 0
fcntl(38, F_GETFD)                      = 0
fcntl(38, F_SETFD, FD_CLOEXEC)          = 0
lseek(38, 0, SEEK_SET)                  = 0
write(38,
"\0\0\0\0\0\0\0\0\0\0\0\0\7\20\240\225\0\0\20E\0\0\2\0\0\0\4\0\0\0\0\0"...,
512) = 512
gettimeofday({1320079287, 191900}, NULL) = 0
lseek(38, 512, SEEK_SET)                = 512
write(38, "\0\0\0\4", 4)                = 4
lseek(38, 516, SEEK_SET)                = 516
write(38,
"\n\2\362\0A\0\302\0\0\302\0\314\0\326\0\340\0\352\0\364\0\376\1\10\1\22\1\34\1&\0010"...,
1024) = 1024
lseek(38, 1540, SEEK_SET)               = 1540
write(38, "\7\20\240\261", 4)           = 4
lseek(38, 1544, SEEK_SET)               = 1544
write(38, "\0\0\v\33", 4)               = 4
lseek(38, 1548, SEEK_SET)               = 1548
write(38, "\r\0\0\0\2\0E\0\3\221\0E23.AFFF7\0   Wed Oct "..., 1024) = 1024
lseek(38, 2572, SEEK_SET)               = 2572
write(38, "\7\20\242\352", 4)           = 4
lseek(38, 2576, SEEK_SET)               = 2576
write(38, "\0\0\0\1", 4)                = 4
lseek(38, 2580, SEEK_SET)               = 2580
write(38, "SQLite format 3\0\4\0\1\1\0@  \0\2F\230\0\0\0\0"..., 1024) = 1024
lseek(38, 3604, SEEK_SET)               = 3604
write(38, "\7\20\241\25", 4)            = 4
lseek(38, 4096, SEEK_SET)               = 4096
read(38, "", 8)                         = 0
fdatasync(38)                           = 0
close(39)                               = 0
lseek(38, 0, SEEK_SET)                  = 0
write(38, "\331\325\5\371 \241c\327\0\0\0\3", 12) = 12
fdatasync(38)                           = 0
fcntl(6, F_SETLK, {type=F_WRLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
fcntl(6, F_SETLK, {type=F_WRLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
lseek(6, 0, SEEK_SET)                   = 0
write(6, "SQLite format 3\0\4\0\1\1\0@  \0\2F\231\0\0\0\0"..., 1024) = 1024
lseek(6, 3072, SEEK_SET)                = 3072
write(6,
"\n\2\350\0A\0\302\0\0\302\0\314\0\326\0\340\0\352\0\364\0\376\1\10\1\22\1\34\1&\0010"...,
1024) = 1024
lseek(6, 2910208, SEEK_SET)             = 2910208
write(6, "\r\0\0\0\2\0E\0\3\221\0E23.AFFF7\0   Wed Oct "..., 1024) = 1024
fdatasync(6)                            = 0
close(38)                               = 0
unlink("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal") = 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=1073741824, len=2})
= 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
gettimeofday({1320079287, 246889}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
gettimeofday({1320079287, 247091}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
select(8, [7], NULL, [7], {0, 0})       = 0 (Timeout)
write(7, "<22>Oct 31 12:41:27 MailScanner["..., 94) = 94
gettimeofday({1320079287, 248624}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
gettimeofday({1320079287, 248827}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
select(8, [7], NULL, [7], {0, 0})       = 0 (Timeout)
write(7, "<22>Oct 31 12:41:27 MailScanner["..., 343) = 343
gettimeofday({1320079287, 249686}, NULL) = 0
gettimeofday({1320079287, 249820}, NULL) = 0
lseek(12, 0, SEEK_SET)                  = 0
lseek(12, 0, SEEK_CUR)                  = 0
read(12, "CO          42635             68"..., 4096) = 4096
lseek(12, 81, SEEK_SET)                 = 81
lseek(12, 0, SEEK_CUR)                  = 81
lseek(12, 689, SEEK_SET)                = 689
lseek(12, 0, SEEK_CUR)                  = 689
read(12, "NJReceived: from mysubdomain.trac"..., 4096) = 4096
lseek(12, 3328, SEEK_SET)               = 3328
lseek(12, 0, SEEK_CUR)                  = 3328
lseek(12, 3328, SEEK_SET)               = 3328
lseek(12, 0, SEEK_CUR)                  = 3328
read(12, "N\6<html>N\6<head>N\24<title>Sears</"..., 4096) = 4096
read(12, "amai=2Enet/f/248/47562/14d/ig=2E"..., 4096) = 4096
read(12, "b9VSRRYSUWV1b9X8w9GVbwzfTRSSSRUR"..., 4096) = 4096
read(12, "NLYSUWzf1vSvWf2aRRVXLX=22 rilt=3"..., 4096) = 4096
read(12, "klhuLjXpKVSYSARUSRVhilXlPiLXJhKL"..., 4096) = 4096
read(12, "trong>Even more offers from Sear"..., 4096) = 4096
read(12, "2011_Oc=NLtober_Week4/20111030_S"..., 4096) = 4096
read(12, "e</a></td>NE          <td width="..., 4096) = 4096
read(12, "sys4=2Enet/servlet/cc6?kLHjkQDRY"..., 4096) = 4096
read(12, "                <td valign=3D=22"..., 4096) = 3136
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
access("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal",
F_OK) = -1 ENOENT (No such file or directory)
fstat(6, {st_mode=S_IFREG|0750, st_size=4264960, ...}) = 0
lseek(6, 24, SEEK_SET)                  = 24
read(6, "\0\2F\231\0\0\0\0\0\0\16\310\0\0\17\356", 16) = 16
lseek(6, 3857408, SEEK_SET)             = 3857408
read(6,
"\0\0\0\0.l\326\373_\266_\327G\311\7Pm+E\311\317\367\275\344\233\340\371\250\27\33i\v"...,
1024) = 1024
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
access("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal",
F_OK) = -1 ENOENT (No such file or directory)
fstat(6, {st_mode=S_IFREG|0750, st_size=4264960, ...}) = 0
lseek(6, 24, SEEK_SET)                  = 24
read(6, "\0\2F\231\0\0\0\0\0\0\16\310\0\0\17\356", 16) = 16
fcntl(6, F_SETLK, {type=F_WRLCK, whence=SEEK_SET, start=1073741825, len=1})
= 0
open("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal",
O_RDWR|O_CREAT, 0644) = 38
open("/var/spool/MailScanner/incoming", O_RDONLY) = 39
fcntl(39, F_GETFD)                      = 0
fcntl(39, F_SETFD, FD_CLOEXEC)          = 0
fcntl(38, F_GETFD)                      = 0
fcntl(38, F_SETFD, FD_CLOEXEC)          = 0
lseek(38, 0, SEEK_SET)                  = 0
write(38,
"\0\0\0\0\0\0\0\0\0\0\0\0\274\244\2267\0\0\20E\0\0\2\0\0\0\4\0\0\0\0\0"...,
512) = 512
gettimeofday({1320079287, 269307}, NULL) = 0
lseek(38, 512, SEEK_SET)                = 512
write(38, "\0\0\0\4", 4)                = 4
lseek(38, 516, SEEK_SET)                = 516
write(38,
"\n\2\350\0A\0\302\0\0\302\0\314\0\326\0\340\0\352\0\364\0\376\1\10\1\22\1\34\1&\0010"...,
1024) = 1024
lseek(38, 1540, SEEK_SET)               = 1540
write(38, "\274\244\226S", 4)           = 4
lseek(38, 1544, SEEK_SET)               = 1544
write(38, "\0\0\0\1", 4)                = 4
lseek(38, 1548, SEEK_SET)               = 1548
write(38, "SQLite format 3\0\4\0\1\1\0@  \0\2F\231\0\0\0\0"..., 1024) = 1024
lseek(38, 2572, SEEK_SET)               = 2572
write(38, "\274\244\226\267", 4)        = 4
lseek(38, 2576, SEEK_SET)               = 2576
write(38, "\0\0\16\310", 4)             = 4
lseek(38, 2580, SEEK_SET)               = 2580
write(38,
"\0\0\16N\0\0\0]\0\0\16>\0\0\7\317\0\0\16a\0\0\6\366\0\0\6\335\0\0\16\262"...,
1024) = 1024
lseek(38, 3604, SEEK_SET)               = 3604
write(38, "\274\244\226\244", 4)        = 4
lseek(38, 3608, SEEK_SET)               = 3608
write(38, "\0\0\16>", 4)                = 4
lseek(38, 3612, SEEK_SET)               = 3612
write(38,
"\0\0\0\0\233\306\0\367\310\355z\367\344\332f\v;;\f\315\223\215\20\5\217\326\266\320\214c\263z"...,
1024) = 1024
lseek(38, 4636, SEEK_SET)               = 4636
write(38, "\274\244\227F", 4)           = 4
lseek(38, 4640, SEEK_SET)               = 4640
write(38, "\0\0\t\334", 4)              = 4
lseek(38, 4644, SEEK_SET)               = 4644
write(38,
"\r\0\0\0\2\0\210\0\3\221\0\210d\303\265\3322(yy=J\276C\313`\217W\33Ik\220"...,
1024) = 1024
lseek(38, 5668, SEEK_SET)               = 5668
write(38, "\274\244\230\350", 4)        = 4
lseek(38, 6144, SEEK_SET)               = 6144
read(38, "", 8)                         = 0
fdatasync(38)                           = 0
close(39)                               = 0
lseek(38, 0, SEEK_SET)                  = 0
write(38, "\331\325\5\371 \241c\327\0\0\0\5", 12) = 12
fdatasync(38)                           = 0
fcntl(6, F_SETLK, {type=F_WRLCK, whence=SEEK_SET, start=1073741824, len=1})
= 0
fcntl(6, F_SETLK, {type=F_WRLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
lseek(6, 0, SEEK_SET)                   = 0
write(6, "SQLite format 3\0\4\0\1\1\0@  \0\2F\232\0\0\0\0"..., 1024) = 1024
lseek(6, 3072, SEEK_SET)                = 3072
write(6,
"\n\2\336\0A\0\302\0\0\302\0\314\0\326\0\340\0\352\0\364\0\376\1\10\1\22\1\34\1&\0010"...,
1024) = 1024
lseek(6, 2583552, SEEK_SET)             = 2583552
write(6,
"\r\0\0\0\2\0\210\0\3\221\0\210d\303\265\3322(yy=J\276C\313`\217W\33Ik\220"...,
1024) = 1024
lseek(6, 3732480, SEEK_SET)             = 3732480
write(6,
"\0\0\0\0.l\326\373_\266_\327G\311\7Pm+E\311\317\367\275\344\233\340\371\250\27\33i\v"...,
1024) = 1024
lseek(6, 3873792, SEEK_SET)             = 3873792
write(6,
"\0\0\16N\0\0\0]\0\0\n\n\0\0\7\317\0\0\16a\0\0\6\366\0\0\6\335\0\0\16\262"...,
1024) = 1024
fdatasync(6)                            = 0
close(38)                               = 0
unlink("/var/spool/MailScanner/incoming/SpamAssassin.cache.db-journal") = 0
fcntl(6, F_SETLK, {type=F_RDLCK, whence=SEEK_SET, start=1073741826,
len=510}) = 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=1073741824, len=2})
= 0
fcntl(6, F_SETLK, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
gettimeofday({1320079287, 337396}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
gettimeofday({1320079287, 337599}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
select(8, [7], NULL, [7], {0, 0})       = 0 (Timeout)
write(7, "<22>Oct 31 12:41:27 MailScanner["..., 94) = 94
gettimeofday({1320079287, 339319}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
gettimeofday({1320079287, 339522}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
select(8, [7], NULL, [7], {0, 0})       = 0 (Timeout)
write(7, "<21>Oct 31 12:41:27 MailScanner["..., 77) = 77
gettimeofday({1320079287, 340458}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
gettimeofday({1320079287, 340662}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
select(8, [7], NULL, [7], {0, 0})       = 0 (Timeout)
write(7, "<21>Oct 31 12:41:27 MailScanner["..., 99) = 99
umask(07)                               = 077
stat("/var/spool/MailScanner/quarantine", {st_mode=S_IFDIR|0755,
st_size=4096, ...}) = 0
stat("/var/spool/MailScanner/quarantine/20111031", 0x129c130) = -1 ENOENT
(No such file or directory)
mkdir("/var/spool/MailScanner/quarantine/20111031", 0777) = -1 EACCES
(Permission denied)
chown("/var/spool/MailScanner/quarantine/20111031", 89, 48) = -1 ENOENT (No
such file or directory)
stat("/var/spool/MailScanner/quarantine/20111031/spam", 0x129c130) = -1
ENOENT (No such file or directory)
mkdir("/var/spool/MailScanner/quarantine/20111031/spam", 0777) = -1 ENOENT
(No such file or directory)
chown("/var/spool/MailScanner/quarantine/20111031/spam", 89, 48) = -1
ENOENT (No such file or directory)
umask(0117)                             = 07
open("/var/spool/MailScanner/quarantine/20111031/spam/BBA2A2024A1.AB0F1",
O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1 ENOENT (No such file or directory)
gettimeofday({1320079287, 342597}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
gettimeofday({1320079287, 342797}, NULL) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
select(8, [7], NULL, [7], {0, 0})       = 0 (Timeout)
write(7, "<20>Oct 31 12:41:27 MailScanner["..., 145) = 145
lseek(32, 7335, SEEK_SET)               = 7335
lseek(32, 0, SEEK_CUR)                  = 7335
lseek(32, 0, SEEK_SET)                  = 0
lseek(32, 0, SEEK_CUR)                  = 0
read(32, "CO           6642             69"..., 4096) = 4096
lseek(32, 81, SEEK_SET)                 = 81
lseek(32, 0, SEEK_CUR)                  = 81
lseek(32, 691, SEEK_SET)                = 691
lseek(32, 0, SEEK_CUR)                  = 691
read(32, "NJReceived: from mysubdomain.trac"..., 4096) = 4096
write(2, "Can't call method \"print\" on an "..., 111Can't call method
"print" on an undefined value at
/usr/share/MailScanner/MailScanner/PFDiskStore.pm line 755.
) = 111
lseek(8, 3860, SEEK_SET)                = 3860
lseek(8, 0, SEEK_CUR)                   = 3860
lseek(9, 8388, SEEK_SET)                = 8388
lseek(9, 0, SEEK_CUR)                   = 8388
lseek(10, 21849, SEEK_SET)              = 21849
lseek(10, 0, SEEK_CUR)                  = 21849
lseek(11, 5590, SEEK_SET)               = 5590
lseek(11, 0, SEEK_CUR)                  = 5590
lseek(12, 43326, SEEK_SET)              = 43326
lseek(12, 0, SEEK_CUR)                  = 43326
lseek(13, 10434, SEEK_SET)              = 10434
lseek(13, 0, SEEK_CUR)                  = 10434
lseek(14, 10074, SEEK_SET)              = 10074
lseek(14, 0, SEEK_CUR)                  = 10074
lseek(15, 21625, SEEK_SET)              = 21625
lseek(15, 0, SEEK_CUR)                  = 21625
lseek(16, 9794, SEEK_SET)               = 9794
lseek(16, 0, SEEK_CUR)                  = 9794
lseek(17, 13493, SEEK_SET)              = 13493
lseek(17, 0, SEEK_CUR)                  = 13493
lseek(18, 905, SEEK_SET)                = 905
lseek(18, 0, SEEK_CUR)                  = 905
lseek(19, 3604, SEEK_SET)               = 3604
lseek(19, 0, SEEK_CUR)                  = 3604
lseek(20, 15318, SEEK_SET)              = 15318
lseek(20, 0, SEEK_CUR)                  = 15318
lseek(21, 27935, SEEK_SET)              = 27935
lseek(21, 0, SEEK_CUR)                  = 27935
lseek(22, 5884, SEEK_SET)               = 5884
lseek(22, 0, SEEK_CUR)                  = 5884
lseek(23, 6165, SEEK_SET)               = 6165
lseek(23, 0, SEEK_CUR)                  = 6165
lseek(24, 54958, SEEK_SET)              = 54958
lseek(24, 0, SEEK_CUR)                  = 54958
lseek(25, 7347, SEEK_SET)               = 7347
lseek(25, 0, SEEK_CUR)                  = 7347
lseek(26, 7784, SEEK_SET)               = 7784
lseek(26, 0, SEEK_CUR)                  = 7784
lseek(27, 11887, SEEK_SET)              = 11887
lseek(27, 0, SEEK_CUR)                  = 11887
lseek(28, 10515, SEEK_SET)              = 10515
lseek(28, 0, SEEK_CUR)                  = 10515
lseek(29, 3475, SEEK_SET)               = 3475
lseek(29, 0, SEEK_CUR)                  = 3475
lseek(31, 6376, SEEK_SET)               = 6376
lseek(31, 0, SEEK_CUR)                  = 6376
lseek(32, 767, SEEK_SET)                = 767
lseek(32, 0, SEEK_CUR)                  = 767
lseek(33, 18203, SEEK_SET)              = 18203
lseek(33, 0, SEEK_CUR)                  = 18203
lseek(34, 12058, SEEK_SET)              = 12058
lseek(34, 0, SEEK_CUR)                  = 12058
lseek(35, 3818, SEEK_SET)               = 3818
lseek(35, 0, SEEK_CUR)                  = 3818
lseek(36, 6967, SEEK_SET)               = 6967
lseek(36, 0, SEEK_CUR)                  = 6967
lseek(37, 8868, SEEK_SET)               = 8868
lseek(37, 0, SEEK_CUR)                  = 8868
close(37)                               = 0
close(35)                               = 0
close(36)                               = 0
close(34)                               = 0
close(32)                               = 0
close(33)                               = 0
close(31)                               = 0
close(29)                               = 0
close(30)                               = 0
close(28)                               = 0
close(27)                               = 0
close(25)                               = 0
close(26)                               = 0
close(24)                               = 0
close(22)                               = 0
close(23)                               = 0
close(21)                               = 0
close(19)                               = 0
close(20)                               = 0
close(18)                               = 0
close(16)                               = 0
close(17)                               = 0
close(15)                               = 0
close(14)                               = 0
close(13)                               = 0
close(12)                               = 0
close(10)                               = 0
close(11)                               = 0
close(9)                                = 0
close(8)                                = 0
stat("/usr/lib64/perl5/auto/DBI/DESTROY.al", 0x129c130) = -1 ENOENT (No
such file or directory)
stat("/usr/sbin/auto/DBI/DESTROY.al", 0x7ffffabb86f0) = -1 ENOENT (No such
file or directory)
stat("/usr/sbin/MailScanner/auto/DBI/DESTROY.al", 0x7ffffabb86f0) = -1
ENOTDIR (Not a directory)
stat("/usr/share/MailScanner/auto/DBI/DESTROY.al", 0x7ffffabb86f0) = -1
ENOENT (No such file or directory)
stat("/usr/local/lib64/perl5/auto/DBI/DESTROY.al", 0x7ffffabb86f0) = -1
ENOENT (No such file or directory)
stat("/usr/local/share/perl5/auto/DBI/DESTROY.al", 0x7ffffabb86f0) = -1
ENOENT (No such file or directory)
stat("/usr/lib64/perl5/vendor_perl/auto/DBI/DESTROY.al", 0x7ffffabb86f0) =
-1 ENOENT (No such file or directory)
stat("/usr/share/perl5/vendor_perl/auto/DBI/DESTROY.al", 0x7ffffabb86f0) =
-1 ENOENT (No such file or directory)
stat("/usr/lib64/perl5/auto/DBI/DESTROY.al", 0x7ffffabb86f0) = -1 ENOENT
(No such file or directory)
stat("/usr/share/perl5/auto/DBI/DESTROY.al", 0x7ffffabb86f0) = -1 ENOENT
(No such file or directory)
stat("/usr/share/MailScanner/auto/DBI/DESTROY.al", 0x7ffffabb86f0) = -1
ENOENT (No such file or directory)
close(4)                                = 0
close(5)                                = 0
close(7)                                = 0
exit_group(255)

On 31 October 2011 12:37, Kocisky <kocisky at autistici.org> wrote:

> Hi all,
>
> i've just installed Centos 6 and my system is up to date. I've tried to
> google a bit but didn't find any solutions:
>
> LOGS:
>
> ################################################
>
> mailq with more than 2000 emails and messages are not delivered;
>
> ################################################
>
> [root at mail init.d]# ps aux | grep MailScanner
> postfix   4074  0.0  2.2 302708 89248 ?        S    Oct28   0:05
> MailScanner: compressing attachments
> postfix   4081  0.0  2.2 302708 89148 ?        S    Oct28   0:05
> MailScanner: compressing attachments
> postfix   4086  0.0  2.2 302840 89284 ?        S    Oct28   0:04
> MailScanner: compressing attachments
> root      8844  0.0  0.0 103156   812 pts/2    S+   11:31   0:00 grep
> MailScanner
>
> ################################################
>
> /var/log/maillog :
>
> Oct 31 11:50:27 mail MailScanner[9227]: writing to
> /var/spool/MailScanner/quarantine/20111031/spam/BBA2A2024A1.AB0F1: No such
> file or directory
>
> ################################################
>
> [root at mail init.d]# MailScanner --debug
>
> Configuration: Failed to find any configuration files like
> /etc/MailScanner/conf.d/*, skipping them. at
> /usr/share/MailScanner/MailScanner/Config.pm line 2044
>
> In Debugging mode, not forking...
> Trying to setlogsock(unix)
> Building a message batch to scan...
> Have a batch of 30 messages.
> Can't call method "print" on an undefined value at
> /usr/share/MailScanner/MailScanner/PFDiskStore.pm line 755.
>
> ################################################
>
> VERSIONS:
>
> MailScanner --lint
> Trying to setlogsock(unix)
>
> Reading configuration file /etc/MailScanner/MailScanner.conf
> Configuration: Failed to find any configuration files like
> /etc/MailScanner/conf.d/*, skipping them. at
> /usr/share/MailScanner/MailScanner/Config.pm line 2044
> Read 869 hostnames from the phishing whitelist
> Read 4051 hostnames from the phishing blacklists
> Config: calling custom init function SQLBlacklist
> Starting up SQL Blacklist
> Read 0 blacklist entries
> Config: calling custom init function MailWatchLogging
> Started SQL Logging child
> Config: calling custom init function SQLWhitelist
> Starting up SQL Whitelist
> Read 0 whitelist entries
>
> Checking version numbers...
> Version number in MailScanner.conf (4.84.3) is correct.
>
> Unrar is not installed, it should be in /usr/bin/unrar.
> This is required for RAR archives to be read to check
> filenames and filetypes. Virus scanning is not affected.
>
>
> Your envelope_sender_header in spam.assassin.prefs.conf is correct.
> MailScanner setting GID to  (89)
> MailScanner setting UID to  (89)
>
> Checking for SpamAssassin errors (if you use it)...
> Using SpamAssassin results cache
> Connected to SpamAssassin cache database
> SpamAssassin reported no errors.
> Connected to Processing Attempts Database
> Created Processing Attempts Database successfully
> There are 248 messages in the Processing Attempts Database
> lock.pl sees Config  LockType =  posix
> lock.pl sees have_module =  0
> Using locktype = posix
> MailScanner.conf says "Virus Scanners = clamd"
> Debug Mode Is On
> Use Threads : NO
> Socket    : /var/run/clamav/clamd.sock
> IP        : Using Sockets
> Lock File : NOT USED
> Time Out  : 300
> Scan Dir  : /var/spool/MailScanner/incoming/9341/ISITINSTALLED
> Clamd : Sending PING
> Clamd : GOT 'PONG'
> ClamD is running
>
> Found these virus scanners installed: clamd
> ===========================================================================
> Created attachment dirs for 1 messages
> Filename Checks: Windows/DOS Executable (1 eicar.com)
> Completed checking by /usr/bin/file
> Other Checks: Found 1 problems
>
> ###################################
>
> is the above "Configuration: Failed to find any configuration files like
> /etc/MailScanner/conf.d/*, skipping them. at
> /usr/share/MailScanner/MailScanner/Config.pm line 2044" an issue? am i
> really missing something?
>
> ###################################
>
> MailScanner -v
> Running on
> Linux mail.ny03.mydomain.org 2.6.32-71.29.1.el6.centos.plus.x86_64 #1 SMP
> Sun Jun 26 16:27:27 BST 2011 x86_64 x86_64 x86_64 GNU/Linux
> This is CentOS Linux release 6.0 (Final)
> This is Perl version 5.010001 (5.10.1)
>
> This is MailScanner version 4.84.3
> Module versions are:
> 1.00 AnyDBM_File
> 1.30 Archive::Zip
> 0.23 bignum
> 1.11 Carp
> 2.02 Compress::Zlib
> 1.119 Convert::BinHex
> 0.17 Convert::TNEF
> 2.124 Data::Dumper
> 2.27 Date::Parse
> 1.03 DirHandle
> 1.06 Fcntl
> 2.77 File::Basename
> 2.14 File::Copy
> 2.02 FileHandle
> 2.08 File::Path
> 0.22 File::Temp
> 0.92 Filesys::Df
> 3.64 HTML::Entities
> 3.64 HTML::Parser
> 3.57 HTML::TokeParser
> 1.25 IO
> 1.14 IO::File
> 1.13 IO::Pipe
> 2.04 Mail::Header
> 1.89 Math::BigInt
> 0.22 Math::BigRat
> 3.08 MIME::Base64
> 5.427 MIME::Decoder
> 5.427 MIME::Decoder::UU
> 5.427 MIME::Head
> 5.427 MIME::Parser
> 3.08 MIME::QuotedPrint
> 5.427 MIME::Tools
> 0.14 Net::CIDR
> 1.25 Net::IP
> 0.19 OLE::Storage_Lite
> 1.04 Pod::Escapes
> 3.13 Pod::Simple
> 1.17 POSIX
> 1.21 Scalar::Util
> 1.82 Socket
> 2.20 Storable
> 1.4 Sys::Hostname::Long
> 0.27 Sys::Syslog
> 1.40 Test::Pod
> 0.92 Test::Simple
> 1.9721 Time::HiRes
> 1.02 Time::localtime
>
> Optional module versions are:
> 1.58 Archive::Tar
> 0.23 bignum
> missing Business::ISBN
> missing Business::ISBN::Data
> missing Data::Dump
> 1.82 DB_File
> 1.27 DBD::SQLite
> 1.609 DBI
> 1.16 Digest
> 1.01 Digest::HMAC
> 2.39 Digest::MD5
> 2.12 Digest::SHA1
> 1.01 Encode::Detect
> missing Error
> 0.27 ExtUtils::CBuilder
> 2.2203 ExtUtils::ParseXS
> 2.38 Getopt::Long
> missing Inline
> missing IO::String
> 1.09 IO::Zlib
> missing IP::Country
> missing Mail::ClamAV
> 3.003001 Mail::SpamAssassin
> missing Mail::SPF
> missing Mail::SPF::Query
> 0.35 Module::Build
> missing Net::CIDR::Lite
> 0.65 Net::DNS
> missing Net::DNS::Resolver::Programmable
> missing Net::LDAP
>  4.027 NetAddr::IP
> missing Parse::RecDescent
> missing SAVI
> 3.17 Test::Harness
> missing Test::Manifest
> 2.0.0 Text::Balanced
> 1.40 URI
> 0.77 version
> missing YAML
> Virus and Content Scanning: Starting
> Commencing scanning by clamd...
> Debug Mode Is On
> Use Threads : NO
> Socket    : /var/run/clamav/clamd.sock
> IP        : Using Sockets
> Lock File : NOT USED
> Time Out  : 300
> Scan Dir  : /var/spool/MailScanner/incoming/9341
> Clamd : Sending PING
> Clamd : GOT 'PONG'
> ClamD is running
>
> SENT : CONTSCAN /var/spool/MailScanner/incoming/9341
> Clamd::INFECTED::Eicar-Test-Signature :: ./1/
> Clamd::INFECTED:: Eicar-Test-Signature :: ./1/eicar.com
> Completed scanning by clamd
> Virus Scanning: Clamd found 2 infections
> Infected message 1 came from 10.1.1.1
> Virus Scanning: Found 2 viruses
> ===========================================================================
> Virus Scanner test reports:
> Clamd said "eicar.com was infected: Eicar-Test-Signature"
>
> If any of your virus scanners (clamd)
> are not listed there, you should check that they are installed correctly
> and that MailScanner is finding them correctly via its virus.scanners.conf.
> Config: calling custom end function SQLBlacklist
> Closing down by-domain spam blacklist
> Config: calling custom end function MailWatchLogging
> Config: calling custom end function SQLWhitelist
> Closing down by-domain spam whitelist
>
> ########################################
>
> I've tried also to disable selinux:
>
> [root at mail init.d]# setenforce 0
> [root at mail init.d]#
> [root at mail init.d]# MailScanner -debug
>
> Configuration: Failed to find any configuration files like
> /etc/MailScanner/conf.d/*, skipping them. at
> /usr/share/MailScanner/MailScanner/Config.pm line 2044
>
> In Debugging mode, not forking...
> Trying to setlogsock(unix)
> Building a message batch to scan...
> Have a batch of 30 messages.
> Can't call method "print" on an undefined value at
> /usr/share/MailScanner/MailScanner/PFDiskStore.pm line 755.
> [root at mail init.d]#
> [root at mail init.d]#
> [root at mail init.d]#
>
> [root at mail init.d]# postconf -d | grep mail_version
> mail_version = 2.6.6
>
> any ideas ? thanks you !!
>
>
> milter_macro_v = $mail_name $mail_version
> [root at mail init.d]#
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20111031/c39d666d/attachment-0001.html


More information about the MailScanner mailing list