clamdscan

[Paul Scott]

I am trying to bring up MailScanner on a CentOS 6 machine with Sendmail, and the instructions on the mailscanner website are confusing, as this is what is written:

<START>
Change Commands That Start Sendmail

Currently, your copy of sendmail will be started by a script such as /etc/init.d/mail or /etc/rc.d/init.d/sendmail. Somewhere in this script will be the command to start sendmail itself. This should look like this:

sendmail -bd -q15m

You should change this to the following two lines:

sendmail -bd -OPrivacyOptions=noetrn -ODeliveryMode=queueonly -OQueueDirectory=/var/spool/mqueue.in
sendmail -q15m

This first starts the copy of sendmail that provides SMTP service, building the work queue for MailScanner. It then starts the copy of sendmail that delivers the output from MailScanner.

You also might need to change the commands used to shut down sendmail as it now needs to find 2 copies and kill them both. However, this is not critical and the system will work without it.
<END>

However, the contents of the /etc/init.d/sendmail file are MUCH more complex, as follows:

start() {
    # Start daemons.
    ret=0
    updateconf
    echo -n $"Starting $prog: "
    daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) \
        $([ -n "$QUEUE" ] && echo -q$QUEUE) $SENDMAIL_OPTARG
    RETVAL=$?
    echo
    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sendmail
    let ret+=$RETVAL

    if [ ! -f /var/run/sm-client.pid ]; then
        echo -n $"Starting sm-client: "
        touch /var/run/sm-client.pid
        chown smmsp:smmsp /var/run/sm-client.pid
        if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
            /sbin/restorecon /var/run/sm-client.pid
        fi
        daemon --check sm-client /usr/sbin/sendmail -L sm-msp-queue -Ac \
            -q$SMQUEUE $SENDMAIL_OPTARG
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sm-client
        let ret+=$RETVAL
    fi

    [ $ret -eq 0 ] && return 0 || return 1
}

So my question is, how do I modify this startup script so that the mqueue.in is used, along with the other required parameters as described on the website?

Please let me know.  Thank you very much!

Paul Scott
Engineer, Eden USA, Incorporated 
866.501.3336 | 951.505.6967 | sales at edenusa.com 
https://www.edenusa.com 





-----Original Message-----
From: MailScanner <mailscanner-bounces+sales=edenusa.com at lists.mailscanner.info> On Behalf Of Mark Sapiro
Sent: Tuesday, December 24, 2019 12:42 PM
To: mailscanner at lists.mailscanner.info
Subject: Re: clamdscan

On 12/24/19 10:42 AM, gmarr at jen.bz wrote:
> 
> But when I lint somehow MS does not use the batch file?!

That's because it talks directly to clamd via the socket and doesn't use
clamdscan at all.

You need to set everything up so it can work. In
<http://lists.mailscanner.info/pipermail/mailscanner/2019-December/106099.html>
I said

> I use
> 
> Incoming Work User = postfix
> Incoming Work Group = clamav
> chmod 2770 /var/spool/MailScanner/
> chown postfix:clamav /var/spool/MailScanner/

Actually that was a mistake. It should have said

chmod 2770 /var/spool/MailScanner/incoming
chown postfix:clamav /var/spool/MailScanner/incoming

if in fact you did the original chmod and chown above, you should
reverse that with

chmod 755 /var/spool/MailScanner/
chown postfix:postfix /var/spool/MailScanner/

in addition, I also have the default

Incoming Work Permissions = 0660

and in /etc/clamav/clamd.conf I have

User clamav

which I think is default.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan


-- 
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner