Auteur: Bill Hacker Date: À: exim-users Sujet: Re: [exim] Exim and spamd
George wrote:
> Hello list,
>
> I'm using SA 3.10 wih Exim 4.60 on Darwin and I'm getting the following
> in Exim panic log:
>
> 2005-12-08 07:18:50 IR6QJD-00008X-PB spam acl condition: Resource
> temporarily unavailable on spamd socket
>
> I get this message 40 to 50 times per day on a low volume server. (maybe
> 1000/day volume)
>
[1]
> The corresponding reference in my mail log that is used by imap pop and
> spamd shows the following:
>
> Dec 8 07:18:50 dnsbureau spamd[281]: spamd: bad protocol: header error:
> (Content-Length mismatch: Expected 9274 bytes, got 8123 bytes) at
> /usr/bin/spamd line 1674, <GEN16> line 161.\n
>
[2]
> The particular email did not have an attachment, so that could not be a
> real issue. I'm using Unix sockets as it seems more stable to me than an
> IP. Also, it does happen also sometimes, when no other processes are
> running.
>
> This problem started with 4.52, and on to 4.54 and 4.60 but it wasn't
> present with 4.51.
>
> I'm just trying to figure out if this is an Exim of spamd issue. If you
> have some info, I'll appreciate it.
[3]
>
> George
>
>
[1] Perhaps implied, but not clearly stated: Does spamd succeed in
utilizing the socket at other times?
- Presuming Exim and spamd are running as different users, are they at
least in the same group?
- do both, probably by group perms, have r/w access rights to the socket?
- might either be leaving the socket set with ownership and/or perm
settings that block the other?
i.e. -
- might you be invoking spamd more than once against the same message?
- are you calling spamd during a connection, afterwards, or both?
- does Exim always run as the same UID:GID, or does it adopt the UID:GID
of, for example, an
authenticated MUA user,
- if so, is that done before or after the point at which you invoke spamd?
[2] AFAIK, a symptom of Apple taking a Microdaft approach (RFC-iggerant).
Essentially identical messages seen here (FreeBSD 4.X, Exim 4.54) but
exclusively and only on messages originating from Apple's advert
broadcasts. Until they were block-listed, anyway. Should be unrelated to
the more general socket issue.
[3] Presuming your perms are OK, *and* that you destroy the socket as
part of/before trying to use it after an abnormal shutdown, suspect this
is neither an Exim or spamd variation, but rather an OS X issue.
- helpful to know at what point(s) you are calling spamd, and what
UID:GID socket ownership & perms are active at various points in time.