<div dir="ltr"><div style>As for Selinux, I wouldn't know without looking at the logs. I would of course try putting it in permissive mode and testing. If it does turn out to be Selinux, you can build your own policies from the logs.</div>
<div><br></div>From what I understand, the newer versions of Perl think some of the stuff MailScanner does is unsafe and therefore does not allow it. Hence adding the -U flag. Same program (MailScanner) as before, just a different version of Perl that will not let it do things it did in previous versions.<div>
<br></div><div style>I could of course be totally wrong. </div><div style><br></div><div style><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, May 17, 2013 at 9:08 PM, Robert Lopez <span dir="ltr"><<a href="mailto:rlopezcnm@gmail.com" target="_blank">rlopezcnm@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On Fri, May 17, 2013 at 10:52 AM, Jerry Benton<br>
<<a href="mailto:jerry.benton@mailborder.com">jerry.benton@mailborder.com</a>> wrote:<br>
> Robert,<br>
><br>
> There are three primary things I check for when dealing with this problem:<br>
><br>
> 1. Selinux. You know the drill for this one.<br>
> 2. MailScanner Run As and directory ownership and permissions.<br>
> 3. Making sure you add the -U option to MailScanner for the newer versions<br>
> of perl.<br>
><br>
> sed -i 's:#!/usr/bin/perl -I:#!/usr/bin/perl -U -I:g' /usr/sbin/MailScanner<br>
><br>
><br>
> Jerry Benton<br>
<br>
</div>Jerry,<br>
<br>
I really believe selinux not an issue in this case.<br>
<br>
/etc/MailScanner/MailScanner.conf: Run As User =<br>
/etc/MailScanner/MailScanner.conf:Run As Group =<br>
/etc/MailScanner/conf.d/CNM-MailScanner.conf:Run As User = postfix<br>
/etc/MailScanner/conf.d/CNM-MailScanner.conf:Run As Group = postfix<br>
<br>
I have seen you advise the -U many times in this discussion group.<br>
I have always been hesitant to allow unsafe operations, favouring<br>
fixing them if possible.<br>
<br>
I do see something is changing group of /var/spool/MailScanner/incoming to:<br>
drwxrwxr-x 9 postfix clamav 4096 May 17 12:50 /var/spool/MailScanner/incoming/<br>
<br>
I have tried to change it to postfix postfix but it changes back to as above.<br>
(To change I stop postfix, MailScanner, and clamd; make changes; start all)<br>
<br>
Worse, I think, is I see this:<br>
drwxr-x--- 2 postfix clamav 4096 May 17 12:45<br>
/var/spool/MailScanner/incoming/17603/<br>
drwxr-x--- 2 postfix clamav 4096 May 17 12:47<br>
/var/spool/MailScanner/incoming/17637/<br>
drwxr-x--- 2 postfix clamav 4096 May 17 12:50<br>
/var/spool/MailScanner/incoming/17661/<br>
...<br>
<br>
Are you aware of any unsafe perl code that is involved in this<br>
situation that if allowed to run would fix this problem?<br>
<br>
Kind Regards<br>
<div class="HOEnZb"><div class="h5"><br>
--<br>
Robert Lopez<br>
Unix Systems Administrator<br>
Central New Mexico Community College (CNM)<br>
525 Buena Vista SE<br>
Albuquerque, New Mexico 87106<br>
--<br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</a><br>
<a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner" target="_blank">http://lists.mailscanner.info/mailman/listinfo/mailscanner</a><br>
<br>
Before posting, read <a href="http://wiki.mailscanner.info/posting" target="_blank">http://wiki.mailscanner.info/posting</a><br>
<br>
Support MailScanner development - buy the book off the website!<br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div dir="ltr"><div><div><br>--<br></div>Jerry Benton<br></div>Mailborder Systems<br><a href="http://www.mailborder.com" target="_blank">www.mailborder.com</a><br>
</div>
</div>