Betr.: Owner/group/perms on /var/spool/MailScanner keep clamav from scanning

Martijn mailinglist at
Wed Nov 21 00:09:33 GMT 2012

Hi Arjan,

On 20-11-2012 13:27, Arjan Melein wrote:
> I have the incoming work group set to 'postfix' and unless you are using clamd instead of clamscan the AV will be launched as the same user MailScanner runs as which is 'postfix'.
> If you are running with clamd i'd suggest trying to run it as postfix as an easy fix, or add the clam user to the postfix group.
> If you're using clamscan change the work group to postfix.
> I actually have the permissions set to 0660, forgot if this is to fix AV problems or something to do with MailWatch.. its been a while since I installed our running machine.

I understand how running clamav as postfix would make the error 
disappear, but that kind of fix implies a lot more than just that. I 
wouldn't recommend doing it that way.

ClamAV has a history with vulnerabilities, for example the recent - it's not impossible a (future) 
vulnerability may somehow lead to someone accessing files that 
previously could only be read by postfix itself, instead of postfix and 

I'm using clamd by the way - it's how the recent Baruwa package 
installed it.

- Martijn

More information about the MailScanner mailing list