Loading ...
Sorry, an error occurred while loading the content.

295610Re: need to purge clamav from postfix configuration

Expand Messages
  • David Benfell
    Sep 21, 2013
    • 0 Attachment
      -----BEGIN PGP SIGNED MESSAGE-----
      Hash: SHA1

      On 09/21/2013 09:39 AM, DTNX Postmaster wrote:

      >
      > While the desire to have it 'just work' is recognizable, you cannot
      > expect it to always do so if you copy bits and pieces from here to
      > there without understanding what they actually do. Especially if
      > you have copied an older configuration from a different distro that
      > may have its own quirks.

      Then we are very close to the point where I'll just have to turn
      everything over to Google Apps. Because I am *never* going to
      understand postfix configuration. This isn't even something that's
      within a fuzzy or distant view, let alone just outside my grasp. It's
      all complete magic to me.
      >
      > We use Postfix on Debian in its 'stock' Debian chroot setup, with
      > clamav-milter as the bridge between Postfix and clamd. This
      > requires no configuration in 'master.cf' and only two lines in
      > 'main.cf';
      >
      > smtpd_milters = unix:/clamav/clamav-milter.ctl
      > milter_default_action = accept
      >
      > Permissions is where it gets tricky, because the socket needs to be
      > writable by both processes. As our own ClamAV setup is up for
      > review anyway, I don't mind writing up a bit of a how-to for it
      > that you can use to reimplement virus scanning with ClamAV, if you
      > are still interested in doing so?

      At least within postfix, there is a very nice command to just fix the
      permissions. (Did Wietse get tired of seeing that particular problem?)
      I have no idea what they should be for clamd.ctl because, as near as I
      can tell, it isn't a permanent file, so I can't even see it in the
      emergency backup I did from a rescue system after the Arch upgrade
      hosed my server (which is remote, by the way).

      At this point, my first priority has to be just getting mail back up.
      I've had a lot of these domains for a decade or more. I get a lot of
      spam, hence the postscreen stuff, but I also get a lot of mail. Then,
      maybe, I can think about reimplementing clamav.

      - --
      David Benfell
      see https://parts-unknown.org/node/2 if you don't understand the
      attachment
      -----BEGIN PGP SIGNATURE-----
      Version: GnuPG v2.0.21 (GNU/Linux)
      Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

      iQIcBAEBAgAGBQJSPfOpAAoJEKrN0Ha7pkCOupQQAJQWxZFBxViEmK9M2AJ2b5Ps
      S/R/Q2ZiAzFZtXn+N0NxGBWH4bHlEM/UZ5BzRz/RVcdhyvJ+1BzZ88xGWEzteQH8
      l0EjFx5QQEODdZ6JPGS17pS+zMtHzivrfq0l4Z9Oem3aYuoW+x0qmRBCqLMIztc5
      MSJe/OOZKeZT7rA6zrLI5OaqtYU3w92UpKvFE9FTs1jXDyNgeSRFA94/V7c96+s+
      0/pHu9NlIaF+zw5ljC1aVz7oZ20p+Pe8RUNOEt5OcmivaFMPvs+qVGcFe/CYBug0
      lzGHD6IAAJbIqDPpF/mAr6oIfpvM2KeHImBeWDbETHj2eGQziiS58K1oXDOPEY8E
      7XmcB/HQDalUtBYOsTSBJI5l7x44zWuxm9Ra39L+Daq81z8z4eoMvmmH34kGib7h
      hKo9iSDV5VCFVUbw3cQYq1JQAVuWrz+2kNBLb+VTy+rmaZgkTlsS+wj6j2s/56dh
      X16ze0giKBytOppip5zz885omLWyCgkvnBUWoCZVtoS+WGNHkumKEqp3FkvkEQ4n
      A3VT2gecKh+qGngrCO3j+l6V12YqXYalf3PkPMtZ/hLYo9yC/fWbSBsSdNK6yX65
      qK/g852qsOlyQ9OP5/DY0S2pMrkiSgjc3JssRpz4b3erb0ZKiVmNC9B4HaicY83a
      fcfNCRNFPrcdaZdEu5QP
      =33ef
      -----END PGP SIGNATURE-----
    • Show all 14 messages in this topic