Re: [exim] SPAMASSASSIN UNIX socket

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] SPAMASSASSIN UNIX socket
majid alavizadeh wrote:
> Hi Nigel!
>
> I change "nobody" to "spamd" user and after try again this error appears:
>
> accept: condition test failed
> processing "warn"
> check add_header = X-Spam-Score: $spam_score ($spam_bar)\n
>                  = X-Spam-Score: 1.4 (+)

>
> warn: condition test succeeded
> processing "drop"
> check condition = ${if >{$spam_score_int}{60} {1}}
>                 =
> drop: condition test failed
> end of ACL "acl_check_data": implicit DENY
>>> Headers added by DATA ACL:
>   X-Spam-Score: 1.4 (+)
> unspool_mbox(): unlinking
> '/var/spool/exim/scan/1NDESu-0004b3-OP/1NDESu-0004b3-OP.eml'
> 550 Administrative prohibition
> LOG: MAIN REJECT
>   H=localhost (mylocaldomain) [127.0.0.1] F=<sender@somedomain>
> rejected after DATA

>


Among other considerations, both the exim daemon 'children' (EG: no longer
running as 'root', but as some other euid:egid).. AND the spam daemon (AND
perhaps a ClamAV daemon)

... need r/w privileges to the socket (or IP stack) AND the spool files.

Likewise to their respective logs, PID files, et al.

Not to forget the mailstore files (the exim daemon + the POP/IMAP daemon, but
ordinarily not the Spam or AV daemons).

'ls -l <each of the above dirtrees>' and the issue may become obvious.

- Check UID and GID in /etc/master.passwd and /etc/group (or equivalent..)

Consider making the above players members of the same group or groups, adjusting
ownerships accordingly.

Watch out that these are not in conflict with, for example, a vestigial sendmail
binary invoked by cron that might change said ownerships, 'crippling' exim once
a day... (edit /etc/mail/mailer.conf to redirect such invocations to Exim..)

;-)

HTH,

Bill