majid alavizadeh wrote:
> Hi Nigel!
>
> I change "nobody" to "spamd" user and after try again this error appears:
>
> accept: condition test failed
> processing "warn"
> check add_header = X-Spam-Score: $spam_score ($spam_bar)\n
> = X-Spam-Score: 1.4 (+)
>
> warn: condition test succeeded
> processing "drop"
> check condition = ${if >{$spam_score_int}{60} {1}}
> =
> drop: condition test failed
> end of ACL "acl_check_data": implicit DENY
>>> Headers added by DATA ACL:
> X-Spam-Score: 1.4 (+)
> unspool_mbox(): unlinking
> '/var/spool/exim/scan/1NDESu-0004b3-OP/1NDESu-0004b3-OP.eml'
> 550 Administrative prohibition
> LOG: MAIN REJECT
> H=localhost (mylocaldomain) [127.0.0.1] F=<sender@somedomain>
> rejected after DATA
>
Among other considerations, both the exim daemon 'children' (EG: no longer
running as 'root', but as some other euid:egid).. AND the spam daemon (AND
perhaps a ClamAV daemon)
... need r/w privileges to the socket (or IP stack) AND the spool files.
Likewise to their respective logs, PID files, et al.
Not to forget the mailstore files (the exim daemon + the POP/IMAP daemon, but
ordinarily not the Spam or AV daemons).
'ls -l <each of the above dirtrees>' and the issue may become obvious.
- Check UID and GID in /etc/master.passwd and /etc/group (or equivalent..)
Consider making the above players members of the same group or groups, adjusting
ownerships accordingly.
Watch out that these are not in conflict with, for example, a vestigial sendmail
binary invoked by cron that might change said ownerships, 'crippling' exim once
a day... (edit /etc/mail/mailer.conf to redirect such invocations to Exim..)
;-)
HTH,
Bill
