storing messages - found permission pb... not enought...

Alessandro Dentella sandro at e-den.it
Fri May 24 16:16:51 IST 2013 

On Thu, May 23, 2013 at 03:01:59PM +0200, Glenn Steen wrote:
> On 23 May 2013 12:40, Alessandro Dentella <sandro at e-den.it> wrote:
> >> ... If you do a "MailScanner --lint", that should point you in the
> >> right direction.
> >
> > True... I run it and it finds:
> >
> > Could not open file >/var/spool/MailScanner/incoming/28403/1.header: Permission denied
> > Cannot create + lock headers file /var/spool/MailScanner/incoming/28403/1.header, Permission denied at /usr/share/MailScanner/MailScanner/Message.pm line 523
> >
> > In fact postfix does not have permission to write there. I fixed it and it
> > turns out as a stupid conf problem (Quarantine User = user)
> >
> > Now MailScanner --lint doesn't show any other problem, but still messages
> > doesn't get into quarantine...
> >
> > Any thoughts?
> >
> Ok, so now we don't have any syntax errors, That's good:-).
> Next over to semantics... Best is to do a debug run (this is described
> in the MAQ/wiki)... Simple steps:
> stop mailscanner via the init script ("service MailScanner stop", or
> "/etc/init.d/MailScanner stop")
> 
> Start postfix/you MTA ... In the default MailScanner init script
> there's provision for this:
> service MailScanner startin
> or
> /etc/init.d/MailScanner startin
> 
> start the debug run via "MailScanner --debug". This will start
> MailScanner without forking any children and without closing
> stdin/stderr... And it will wait for exactly 1 message (or rather ...
> one batch), process it and then exit... whilst spewing a bit of debug
> info onto the screen.
> Best is to run that as the postfix user (even though it should work
> perfectly well from root... you could do two runs, one from root, one
> from postfix.. The process should change user to whatever you have the
> "Run User" set to... ie postfix:-).
> After a bit of chatter, it'll hang, waiting for a messagebatch...
> Which you need provide via normal SMTP methods.
> 
> We'll see what that gives you.

Runnng as root:

root at smtp:~# MailScanner --debug


In Debugging mode, not forking...
Trying to setlogsock(unix)
Building a message batch to scan...
Have a batch of 2 messages.
Insecure dependency in open while running with -T switch at /usr/lib/perl/5.10/IO/File.pm line 63, <$fh> line 4.
Insecure dependency in open while running with -T switch at /usr/lib/perl/5.10/IO/File.pm line 63.
Insecure dependency in open while running with -T switch at /usr/lib/perl/5.10/IO/File.pm line 63.
Insecure dependency in open while running with -T switch at /usr/lib/perl/5.10/IO/File.pm line 63.
Insecure dependency in open while running with -T switch at /usr/lib/perl/5.10/IO/File.pm line 63.
Insecure dependency in open while running with -T switch at /usr/lib/perl/5.10/IO/File.pm line 63.
Insecure dependency in unlink while running with -T switch at /usr/share/MailScanner/MailScanner/MessageBatch.pm line 630.
Insecure dependency in unlink while running with -T switch at /usr/share/MailScanner/MailScanner/MessageBatch.pm line 630.
Insecure dependency in unlink while running with -T switch at /usr/share/MailScanner/MailScanner/MessageBatch.pm line 630.
Insecure dependency in unlink while running with -T switch at /usr/share/MailScanner/MailScanner/MessageBatch.pm line 630.
Stopping now as you are debugging me.


Googling for this message, I understand is related to the perl code not to
system setup, correct?
So I don't see any interesting message...

line 630 is: 
  unlink @{$message->{spamarchive}}; # Wipe the spamarchive files
line 63 is:
  return open($fh, IO::Handle::_open_mode_string($mode), $file);

If I run as postfix user, it complains it cannot setgid:

postfix at smtp:~$ /usr/sbin/MailScanner --debug
Can't set GID 33 at /usr/sbin/MailScanner line 1541.

once more I'm you you hands...

sandro
*;-)

PS: I'm using perl 5.10.1-27
    ii  perl  5.10.1-17squeeze6

More information about the MailScanner mailing list