MailScanner: Suspected QP DOS
Chaminda Indrajith
indrajith at sltidc.lk
Wed Nov 25 16:21:31 UTC 2020
Thanks Shawn, for the reply.
This happened after the upgrade from 5.0.3 to the latest. OS is CentOS 7.
So, the directory permission remains unchanged. SELINUX is in permissive
mode. MailScanner runs as user postfix. By the way, Is there a way of
disabling QP DOC Checking? For your information, here it shows the
permissions of /var/spool/MailScanner
[root at dot ~]# cd /var/spool/MailScanner/
[root at dot MailScanner]# ls -la
total 4
drwxr-xr-x. 9 root root 122 Nov 24 14:40 .
drwxr-xr-x. 17 root root 215 Apr 11 2018 ..
drwxrwxr-x. 2 root mtagroup 6 Nov 4 22:21 archive
drwxrwx---. 9 postfix mtagroup 220 Nov 25 21:41 incoming
drwxrwxr-x. 2 postfix mtagroup 6 Nov 4 22:21 milterin
drwxrwxr-x. 2 postfix mtagroup 6 Nov 4 22:21 milterout
drwxrwxr-x. 26 postfix apache 4096 Nov 25 00:00 quarantine
drwxrwx---. 5 postfix mtagroup 107 Nov 24 14:33 ramdisk_store
drwxrwsr-x. 2 postfix apache 58 Sep 30 08:15 spamassassin
[root at dot MailScanner]# cd incoming
[root at dot incoming]# ls -la
total 308
drwxrwx---. 9 postfix mtagroup 220 Nov 25 21:45 .
drwxr-xr-x. 9 root root 122 Nov 24 14:40 ..
drwxrwx---. 2 postfix mtagroup 40 Nov 25 21:44 3063
drwxrwx---. 2 postfix mtagroup 40 Nov 25 21:44 3225
drwxrwx---. 2 postfix mtagroup 40 Nov 25 21:42 3325
drwxrwx---. 4 postfix mtagroup 160 Nov 25 21:45 3489
drwxrwx---. 2 postfix mtagroup 40 Nov 25 21:41 3526
drwxr-xr-x. 2 root postfix 200 Nov 25 18:31 Locks
-rw-------. 1 postfix postfix 4096 Nov 25 21:45 Processing.db
-rw-------. 1 postfix postfix 310272 Nov 25 21:45 SpamAssassin.cache.db
drwxr-xr-x. 2 postfix root 100 Nov 25 21:45 SpamAssassin-Temp
[root at dot incoming]# cd ../quarantine/
[root at dot quarantine]# ls -la
total 8
drwxrwxr-x. 26 postfix apache 4096 Nov 25 00:00 .
drwxr-xr-x. 9 root root 122 Nov 24 14:40 ..
drwxrwx---. 4 postfix apache 31 Nov 2 23:13 20201102
drwxrwx---. 12 postfix apache 215 Nov 3 15:05 20201103
drwxrwx---. 6 postfix apache 77 Nov 4 08:00 20201104
drwxrwx---. 10 postfix apache 169 Nov 5 20:31 20201105
drwxrwx---. 14 postfix apache 261 Nov 6 18:00 20201106
drwxrwx---. 5 postfix apache 54 Nov 7 01:27 20201107
drwxrwx---. 6 postfix apache 77 Nov 8 10:45 20201108
drwxrwx---. 8 postfix apache 123 Nov 9 15:37 20201109
[root at dot quarantine]# groups postfix
postfix : postfix mail mtagroup
[root at dot quarantine]# groups clamav
groups: clamav: no such user
[root at dot quarantine]# groups clamscan
clamscan : clamscan virusgroup mtagroup
Regards
Chaminda Indrajith
From: MailScanner
<mailscanner-bounces+indrajith=sltidc.lk at lists.mailscanner.info> On Behalf
Of Shawn Iverson via MailScanner
Sent: Wednesday, November 25, 2020 9:24 PM
To: mailscanner at lists.mailscanner.info
Cc: Shawn Iverson <shawniverson at summitgrid.com>
Subject: Re: MailScanner: Suspected QP DOS
"could not read file" seems to indicate some form of permissions or access
control problem. Have you double checked permissions on key folders such as
those within /var/spool/MailScanner?
On 11/25/20 3:11 AM, Chaminda Indrajith wrote:
Hi,
After upgraded to the latest MailScanner (5.3.4), some of the read receipts
are blocked by MailScanner.
It shows the below message in the MailWatch. Let me know how to allow these
read receipts.
MailScanner: Suspected QP DOS
checks failed
could not read file
Thanks
Chaminda Indrajith
--
<http://mailserver.summitgrid.org/logo_text_sig.png>
Shawn Iverson
shawniverson at summitgrid.com <mailto:shawniverson at summitgrid.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20201125/88110a03/attachment.html>
More information about the MailScanner
mailing list