*trim*
>If the socket is *really* created as root:wheel that could create a problem.
>
>But the ...-u amavisd ... indicates it is being created wuth
>EUID:EGID of amavisd:<some non-wheel group>
amavisd:amavisd (it has it's own group)
>
>Try an ls -lF on /temp/spamd/*. to confirm.
/tmp/spamd is the socket file...
srw-rw-rw- 1 root wheel 0 Dec 9 12:50 /tmp/spamd=
>
>>>
>>>- might either be leaving the socket set with ownership and/or
>>>perm settings that block the other?
>>
>>
>>No. Upon the next call it works.
>
>That is exactly why I am suspicious that there is a point during which
>the socket is being accessed and locked by some process with higher
>priv levels, then released again.
I've captured two messages in debug on spamd upon a fresh start of
which the first one immediately showed up in the exim panic log and
second was processed with no problem. So I guess it's the message
that triggers something.
2005-12-09 13:42:12 IR92YC-0007MF-2Z spam acl condition: Resource
temporarily unavailable on spamd socket
Here is the detail log for the 2 messages: captainnet.net/spamd_details.txt
*trim*
>>I looked in crash logs, reporters, system logs not a trace other
>>than in the panic log and mail log.
>>
>
>Usually shows up in /var/log/exim/paniclog, /var/log/maillog,
>/var/log/messages and/or /var/log/console.log
I couldn't find anything else that would point to the problem.
*trim*
>>During data acl
>>
>> warn message = X-Spam-Status: $spam_report\n\
>> X-New-Subject: [***SPAM***] $h_subject:
>> condition = ${if <{$message_size}{80k}{1}{0}}
>> spam = $acl_m0:true
>>
>
>Where you have 'acl_m0:true', many Exim examples have 'nobody:true',
>and I use 'spamd:true'
acl_m0:true compares user name in mysql which is the users full email
address, however, I run SA only on a "per domain" basis, so
"spamd:true" would only allow me system wide settings. That works out
fine, as there is no message rejection. SA tags are used to filter
the messages.
>
>Logs will show spamd made the run as user {number} for whomever that user is.
>
>That is where I would look - see if acl_m0 "sometimes" furnishes a
>non-existent system user, or one that has no rights to the socket.
>
>Adding:
>
>logwrite = spamd invoked by users $acl_m0
It shows up in mail.log anyway, but I'll do some tests later on to compare.
George
>
>- to that acl will log it in mainlog (at least).
>
>*trimmed*
>
>HTH
>
>Bill Hacker
>
>--
>## List details at http://www.exim.org/mailman/listinfo/exim-users
>## Exim details at http://www.exim.org/
>## Please use the Wiki with this list - http://www.exim.org/eximwiki/
