Loading ...
Sorry, an error occurred while loading the content.

Milter socket can only be inside /var/spool/postfix ?

Expand Messages
  • Ram
    I have a custom milter in C ( for email archiving ) which works fine on my servers with postfix 2.8+. ( RHEL 5.5 ) When I tried to install the milter on a
    Message 1 of 2 , Jun 25, 2012
    • 0 Attachment
      I have a custom milter in C ( for email archiving ) which works fine on
      my servers with postfix 2.8+. ( RHEL 5.5 )

      When I tried to install the milter on a ubuntu box with postfix 2.7 ,
      unless I create the socket inside spool directory for eg.
      /var/spool/postfix/$path/milter.sock
      Postfix does not seem to find the milter.

      Why so ? I cant see any chroot jail configured on the server. Is chroot
      on by default ?


      This is the postconf -n output
      selinux is not enabled


      alias_database = hash:/etc/aliases
      alias_maps = hash:/etc/aliases
      append_dot_mydomain = no
      biff = no
      config_directory = /etc/postfix
      inet_interfaces = all
      mailbox_command = procmail -a "$EXTENSION"
      mailbox_size_limit = 0
      milter_protocol = 2
      mynetworks = 192.168.0.0/16, 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
      readme_directory = no
      recipient_delimiter = +
      relayhost = 192.168.2.105
      smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
      smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
      smtpd_milters = unix:/opt/ema/sockets/milter.sock
      smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
      smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
      smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
      smtpd_use_tls = yes
    • Brian Evans - Postfix List
      ... Chroot is not enabled by default in the standard Postfix distribution. Some helpful maintainers of Linux distributions DO enable chroot by default. $
      Message 2 of 2 , Jun 26, 2012
      • 0 Attachment
        On 6/26/2012 2:46 AM, Ram wrote:
        > I have a custom milter in C ( for email archiving ) which works fine
        > on my servers with postfix 2.8+. ( RHEL 5.5 )
        >
        > When I tried to install the milter on a ubuntu box with postfix 2.7 ,
        > unless I create the socket inside spool directory for eg.
        > /var/spool/postfix/$path/milter.sock
        > Postfix does not seem to find the milter.
        >
        > Why so ? I cant see any chroot jail configured on the server. Is
        > chroot on by default ?
        >

        Chroot is not enabled by default in the standard Postfix distribution.
        Some "helpful" maintainers of Linux distributions DO enable chroot by
        default.

        $ egrep "^[^\#].*smtpd" /etc/postfix/master.cf
        smtpd pass - - n - - smtpd
        submission inet n - n - - smtpd

        The fifth column should say "n" if chroot is disabled.

        Also, check the permissions of /opt, /opt/ema, AND /opt/ema/sockets to
        make sure the postfix user has access.

        Brian

        >
        > This is the postconf -n output
        > selinux is not enabled
        >
        >
        > alias_database = hash:/etc/aliases
        > alias_maps = hash:/etc/aliases
        > append_dot_mydomain = no
        > biff = no
        > config_directory = /etc/postfix
        > inet_interfaces = all
        > mailbox_command = procmail -a "$EXTENSION"
        > mailbox_size_limit = 0
        > milter_protocol = 2
        > mynetworks = 192.168.0.0/16, 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
        > readme_directory = no
        > recipient_delimiter = +
        > relayhost = 192.168.2.105
        > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
        > smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
        > smtpd_milters = unix:/opt/ema/sockets/milter.sock
        > smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
        > smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
        > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
        > smtpd_use_tls = yes
        >
      Your message has been successfully submitted and would be delivered to recipients shortly.