Postfix and MailScanner

Mark Sapiro mark at
Sat May 16 17:27:46 UTC 2015

On 05/16/2015 09:57 AM, Kevin Miller wrote:
> On another note, what do the ownership and permissions look like on /var/spool/postfix.
> By default they were root:root on my box and I had to change the owner to postfix:postfix...

# ll -d /var/spool/postfix
drwxr-xr-x 22 postfix postfix 4096 May  4 18:50 /var/spool/postfix/

I don't remember changing them, but I could have.

The one I know I change is
# ll -d /var/spool/MailScanner/spamassassin
drwxrwsr-x 2 postfix postfix 4096 May 15 12:51

note the SETGID bit. This directory contains the bayes_* files and
sometimes other spamassassin processes running as root will update those
files and change ownership. Without SETGID on the directory, files like
/var/spool/MailScanner/spamassassin/bayes_journal become root:root. With
SETGID on the directory and 'bayes_file_mode 0770' in
/etc/MailScanner/spam.assassin.prefs.conf, they remain group postfix and
writable by MailScanner.

Mark Sapiro <mark at>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the MailScanner mailing list