 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
4 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] signal 0x06| From | Sent On | Attachments |
|---|---|---|
| Kyle Johnson | Jan 23, 2006 8:09 am | |
| Rolan Yang | Jan 23, 2006 8:48 am | |
| Kyle Johnson | Jan 23, 2006 9:05 am | |
| Kyle Johnson | Jan 23, 2006 9:34 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: [maildropl] signal 0x06 | Actions... |
|---|---|---|
| From: | Kyle Johnson (kjoh...@fixertec.net) | |
| Date: | Jan 23, 2006 9:34:39 am | |
| List: | net.sourceforge.lists.courier-maildrop | |
If I change the permissions to world writeable, I get: dspam@mail:/usr/local/bin> echo test | maildrop -V 10 -d kjoh...@fixertec.net maildrop: authlib: groupid=1010 maildrop: authlib: userid=2008 maildrop: authlib: logname=kjoh...@fixertec.net, home=/usr/local/virtual/fixertec.net/kjohnson/, mail=/usr/local/virtual/fixertec.net/kjohnson/ maildrop: Changing to /usr/local/virtual/fixertec.net/kjohnson/ maildrop: Invalid home directory permissions - world writable.
However, doing chmod a+s to the maildrop file, things work correctly: dspam@mail:/usr/local/virtual/fixertec.net> echo test | maildrop -V 10 -d kjoh...@fixertec.net maildrop: authlib: groupid=1010 maildrop: authlib: userid=2008 maildrop: authlib: logname=kjoh...@fixertec.net, home=/usr/local/virtual/fixertec.net/kjohnson/, mail=/usr/local/virtual/fixertec.net/kjohnson/ maildrop: Changing to /usr/local/virtual/fixertec.net/kjohnson/ Message start at 0 bytes, envelope sender=kjoh...@fixertec.net maildrop: Attempting .mailfilter *maildrop: Delivery complete. !!!!!!!!!!!!!!
*So now my question is: What does making maildrop suid root actually do? I'm trying to keep things with security in mind.
Thanks for the help!
Kyle Johnson
Rolan Yang wrote:
the permissions on kjohnson do not appear to be 777. Try "chmod a+rxw /usr/ocal/virtual/fixertec.net/kjohnson -R" so that it changes the kjohnson dir and also everything within it (such as the "new" and "cur" subdirectory).
To make maildrop suid root, do a "chmod a+s /usr/bin/maildrop" or wherever your maildrop executable is located.
~Rolan
Kyle Johnson wrote:
I have changed the permissions on the maildir to 777, for testing, with no luck. I also tried 733, and others, with no luck. The maildir permissions are: mail:/usr/local/virtual/fixertec.net # ls -l drwx-wx--- 6 postfix vmail 144 Jan 23 09:58 . drwx-wx--- 17 2008 vmail 600 Jan 23 12:05 kjohnson
dspam is a member of group vmail. I also tried recompiling dspam to run as postfix, which did not solve the problem either. You also recommended "changing the execute permissions on maildrop suid root", but I have no idea what that means... I'm new!
Any more ideas? Thanks,
Kyle Johnson <http://www.fixertec.net/>
Rolan Yang wrote:
Maildrop, running as the "dspam user", likely does not have permission to write to the maildir. The permissions on your maildir are probably writable by the user or a generic "postfix" user. Try either running dspam as "postfix" or changing the execute permissions on maildrop suid root. If you want to test this out before making any changes, "chmod a+w -R" one of your users' maildirs, then try sending them an email. If it goes through without error, the permissions are your problem.
~Rolan
Kyle Johnson wrote:
Hi everyone. This problem is pulling my hair out, and I've run out of ideas. I run a postfix mail server. For normal mail, the flow is as follows: internet -> postfix -> virtual_transport -> dspam -> maildrop -> maildir This is okay, and it works great.
The problem is this: When dspam catches a spam, it quarantines it. You can log into the WebUI and deliver a quarantined message, which delivers via maildrop, with a command similar to: /cat file | maildrop -d us...@domain.tld /This fails with the error:/ maildrop: signal 0x06/
dspam runs as user:group dspam:dspam. From the webui, I am using suexec, which runs as dspam:dspam.
maildrop seems to run as whatever user is calling it, so in either case, it is dspam which maildrop is running as.
If I: /su dspam cat file | maildrop -d us...@domain.tld/ I still get the same error (maildrop: signal 0x06)
What I do not understand is why things work when in the postfix-flow, but not when being called from the webui or manually from the command line.
Any ideas?
Thank you!
--
Kyle Johnson <http://www.fixertec.net/>
------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________ Courier-maildrop mailing list Cour...@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/courier-maildrop