Loading ...
Sorry, an error occurred while loading the content.

295610Re: need to purge clamav from postfix configuration

Expand Messages
  • David Benfell
    Sep 21, 2013
    • 0 Attachment
      Hash: SHA1

      On 09/21/2013 09:39 AM, DTNX Postmaster wrote:

      > While the desire to have it 'just work' is recognizable, you cannot
      > expect it to always do so if you copy bits and pieces from here to
      > there without understanding what they actually do. Especially if
      > you have copied an older configuration from a different distro that
      > may have its own quirks.

      Then we are very close to the point where I'll just have to turn
      everything over to Google Apps. Because I am *never* going to
      understand postfix configuration. This isn't even something that's
      within a fuzzy or distant view, let alone just outside my grasp. It's
      all complete magic to me.
      > We use Postfix on Debian in its 'stock' Debian chroot setup, with
      > clamav-milter as the bridge between Postfix and clamd. This
      > requires no configuration in 'master.cf' and only two lines in
      > 'main.cf';
      > smtpd_milters = unix:/clamav/clamav-milter.ctl
      > milter_default_action = accept
      > Permissions is where it gets tricky, because the socket needs to be
      > writable by both processes. As our own ClamAV setup is up for
      > review anyway, I don't mind writing up a bit of a how-to for it
      > that you can use to reimplement virus scanning with ClamAV, if you
      > are still interested in doing so?

      At least within postfix, there is a very nice command to just fix the
      permissions. (Did Wietse get tired of seeing that particular problem?)
      I have no idea what they should be for clamd.ctl because, as near as I
      can tell, it isn't a permanent file, so I can't even see it in the
      emergency backup I did from a rescue system after the Arch upgrade
      hosed my server (which is remote, by the way).

      At this point, my first priority has to be just getting mail back up.
      I've had a lot of these domains for a decade or more. I get a lot of
      spam, hence the postscreen stuff, but I also get a lot of mail. Then,
      maybe, I can think about reimplementing clamav.

      - --
      David Benfell
      see https://parts-unknown.org/node/2 if you don't understand the
      -----BEGIN PGP SIGNATURE-----
      Version: GnuPG v2.0.21 (GNU/Linux)
      Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

      -----END PGP SIGNATURE-----
    • Show all 14 messages in this topic