quarantine error

Ismail Ozatay ismailozatay at gmail.com
Mon Jun 17 16:53:39 IST 2013 

Hi everyone,

I have installed MailScanner version 4.84.6-1 on Centos 6.4 x64 box with
Clam-0.96.5-SA-3.3.1 package and configured them with postfix. Everything
is working except quarantine. When i blacklist someone, it holds the mail
but does not put into quarantine folder. If it is not blacklisted,
mailscanner sends it to the exchange without any problem. How can i handle
this problem? Here you may see an example;

[root at avgw postfix]# cat /etc/postfix/header_checks
/^Received:/ HOLD

MailScanner.conf
----------------
MTA = postfix
Quarantine Dir = /var/spool/MailScanner/quarantine
Incoming Queue Dir = /var/spool/postfix/hold
Run As User = postfix
Run As Group = postfix
Outgoing Queue Dir = /var/spool/postfix/incoming
Quarantine Whole Message = yes
Quarantine Whole Messages As Queue Files = no

Now i am trying to send an email from blacklisted sender to the receiver;

Jun 17 18:18:03 avgw postfix/cleanup[6166]: D41361DF1E4: hold: header
Received: from mail.xxx.com (mail.xxx.com [81.213.x.x])??by
avgw.yyy.com(Postfix) with SMTP id D41361DF1E4??for <
ysimsek at yyy.com>; Mon, 17 Jun 2013 18:17:44 +0300 (EEST) from
mail.xxx.com[81.213.x.x];
from=<ismail at xxx.com> to=<ysimsek at yyy.com> proto=SMTP helo=<mail.xxx.com>
Jun 17 18:18:03 avgw postfix/cleanup[6166]: D41361DF1E4: message-id=<>
Jun 17 18:18:04 avgw MailScanner[6085]: New Batch: Scanning 1 messages, 892
bytes
Jun 17 18:18:04 avgw MailScanner[6085]: Virus and Content Scanning: Starting
Jun 17 18:18:04 avgw MailScanner[6085]: Virus Scanning completed at 21519
bytes per second
Jun 17 18:18:04 avgw MailScanner[6085]: Spam Checks: Starting
Jun 17 18:18:04 avgw MailScanner[6085]: Message D41361DF1E4.A7BA5 from
81.213.x.x (ismail at xxx.com) to yyy.com is spam (blacklisted)
Jun 17 18:18:04 avgw MailScanner[6085]: Spam Checks: Found 1 spam messages
Jun 17 18:18:04 avgw MailScanner[6085]: Non-delivery of spam: message
D41361DF1E4.A7BA5 from ismail at xxx.com to xxx at yyy.com with subject
Jun 17 18:18:04 avgw MailScanner[6085]: Spam Actions: message
D41361DF1E4.A7BA5 actions are store
Jun 17 18:18:04 avgw MailScanner[6170]: MailScanner E-Mail Virus Scanner
version 4.84.6 starting...
Jun 17 18:18:04 avgw MailScanner[6170]: Reading configuration file
/etc/MailScanner/MailScanner.conf
Jun 17 18:18:04 avgw MailScanner[6170]: Reading configuration file
/etc/MailScanner/conf.d/README
Jun 17 18:18:04 avgw MailScanner[6170]: Read 872 hostnames from the
phishing whitelist
Jun 17 18:18:04 avgw MailScanner[6170]: Read 3966 hostnames from the
phishing blacklists
Jun 17 18:18:04 avgw MailScanner[6170]: Config: calling custom init
function MailWatchLogging
Jun 17 18:18:04 avgw MailScanner[6170]: Started SQL Logging child
Jun 17 18:18:04 avgw MailScanner[6170]: Enabling SpamAssassin
auto-whitelist functionality...
Jun 17 18:18:05 avgw MailScanner[6170]: Connected to Processing Attempts
Database
Jun 17 18:18:05 avgw MailScanner[6170]: Found 5 messages in the Processing
Attempts Database
Jun 17 18:18:05 avgw MailScanner[6170]: Using locktype = flock

[root at avgw postfix]# ll /var/spool/postfix/hold/
total 4
-rwx------ 1 postfix postfix 892 Jun 17 18:18 D41361DF1E4

As you can see, the holded mail waits there. These are the permissions;

[root at avgw postfix]# ll /var/spool/postfix
total 56
drwx------.  2 postfix root     4096 Jun 17 18:17 active
drwx------.  2 postfix root     4096 Jun 16 03:05 bounce
drwx------.  2 postfix root     4096 Dec  3  2011 corrupt
drwx------. 15 postfix root     4096 Jun 17 11:01 defer
drwx------. 15 postfix root     4096 Jun 17 11:01 deferred
drwx------.  2 postfix root     4096 Dec  3  2011 flush
drwxrwsr-x.  2 postfix postfix  4096 Jun 17 18:18 hold
drwxrwsr-x.  2 postfix postfix  4096 Jun 17 18:18 incoming
drwx-wx---.  2 postfix postdrop 4096 Jun 17 18:01 maildrop
drwxr-xr-x.  2 root    root     4096 Jun 16 03:37 pid
drwx------.  2 postfix root     4096 Jun 17 18:15 private
drwx--x---.  2 postfix postdrop 4096 Jun 17 18:15 public
drwx------.  2 postfix root     4096 Dec  3  2011 saved
drwx------.  2 postfix root     4096 Dec  3  2011 trace

[root at avgw postfix]# ll /var/spool/MailScanner/
total 4
drwxrwxrwt 9 postfix root    200 Jun 17 18:25 incoming
drwxrwx--- 5 postfix apache 4096 Jun 17 16:43 quarantine

[root at avgw ~]# MailScanner -V
Running on
Linux avgw.eser.com 2.6.32-358.11.1.el6.x86_64 #1 SMP Wed Jun 12 03:34:52
UTC 2013 x86_64 x86_64 x86_64 GNU/Linux
This is CentOS release 6.4 (Final)
This is Perl version 5.010001 (5.10.1)

This is MailScanner version 4.84.6
Module versions are:
1.00    AnyDBM_File
1.30    Archive::Zip
0.23    bignum
1.11    Carp
2.02    Compress::Zlib
1.119   Convert::BinHex
0.17    Convert::TNEF
2.124   Data::Dumper
2.27    Date::Parse
1.03    DirHandle
1.06    Fcntl
2.77    File::Basename
2.14    File::Copy
2.02    FileHandle
2.08    File::Path
0.22    File::Temp
0.92    Filesys::Df
3.64    HTML::Entities
3.64    HTML::Parser
3.57    HTML::TokeParser
1.25    IO
1.14    IO::File
1.13    IO::Pipe
2.04    Mail::Header
1.89    Math::BigInt
0.22    Math::BigRat
3.08    MIME::Base64
5.427   MIME::Decoder
5.427   MIME::Decoder::UU
5.427   MIME::Head
5.427   MIME::Parser
3.08    MIME::QuotedPrint
5.427   MIME::Tools
0.14    Net::CIDR
1.25    Net::IP
0.19    OLE::Storage_Lite
1.04    Pod::Escapes
3.13    Pod::Simple
1.17    POSIX
1.21    Scalar::Util
1.82    Socket
2.20    Storable
1.4     Sys::Hostname::Long
0.27    Sys::Syslog
1.40    Test::Pod
0.92    Test::Simple
1.9721  Time::HiRes
1.02    Time::localtime

Optional module versions are:
1.29    Archive::Tar
0.23    bignum
1.82    Business::ISBN
1.10    Business::ISBN::Data
1.08    Data::Dump
1.82    DB_File
1.27    DBD::SQLite
1.609   DBI
1.16    Digest
1.01    Digest::HMAC
2.39    Digest::MD5
2.12    Digest::SHA1
missing Encode::Detect
0.17015 Error
0.18    ExtUtils::CBuilder
2.2203  ExtUtils::ParseXS
2.38    Getopt::Long
0.44    Inline
1.08    IO::String
1.04    IO::Zlib
2.21    IP::Country
0.29    Mail::ClamAV
3.003001        Mail::SpamAssassin
missing Mail::SPF
missing Mail::SPF::Query
missing Module::Build
0.20    Net::CIDR::Lite
0.65    Net::DNS
missing Net::DNS::Resolver::Programmable
missing Net::LDAP
 4.004  NetAddr::IP
1.94    Parse::RecDescent
missing SAVI
3.17    Test::Harness
0.95    Test::Manifest
2.0.0   Text::Balanced
1.40    URI
0.77    version
0.62    YAML
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130617/712d73a1/attachment.html

More information about the MailScanner mailing list