Re: Setting up mail server(s) ?

["razi garbie" <r.garbie () gmail com>]

Thanks for the advice, i run it as 'nobody'. However the messages
disapeared once i updated clamav.
I think that the errormessages in the logs were due to my outdated
version of clamav, since the freshclam logs where whining about it.
"Ignoring mirror 85.30.129.18 (too often connections with outdated version)"

So advice to anyone that suffers similar problems: Go to the official
website and download the latest stable version :)

// Thanks for all the advice and help, RG

2008/4/28 Janio Carlos M. Vieira <janio () staff neoline com br>:
> Hi,
>
> There is in the file qmail-scanner-queue.pl a variable called "my $DEBUG=".
> The default value is zero. If you change it for "1", all the scan proccess
> will be logget in a file (normally /var/spool/qmailscan/qmail-queue.log).
> You don't need restart qmail. Only change this value and look the file.
>
> I had this message sometimes...  Perhaps it can be a permission problem. I
> don't run clamav as a root. Look in the file "/usr/local/etc/clamd.conf". It
> has a default configuration "User clamav". If yours has it, your clamav is
> started as root but a suid process happens. In this case, you need put the
> clamav user in the group qscand and vice-versa (edit /etc/group). You need
> change the permissions of qmail-scanner-queue.pl to group have full
> permissions on qmail-scanner directory.
>
> Look the mine:
>
> (...)
> umask(0007);
> (...)
>   mkdir("$scandir/tmp",0770) || &error_condition("cannot create $scandir/tmp
> - $!");
> (...)
> mkdir("$ENV{'TMPDIR'}",0770)||&error_condition("$ENV{'TMPDIR'} exists - try
> again later...");
> (...)
>       mkdir("$scandir/$archivedir",0770) || &error_condition("cannot create
> $scandir/$archivedir - $!");
>       mkdir("$scandir/$archivedir/new",0770) || &error_condition("cannot
> create $scandir/$archivedir/new - $!");
>       mkdir("$scandir/$archivedir/cur",0770) || &error_condition("cannot
> create $scandir/$archivedir/cur - $!");
>       mkdir("$scandir/$archivedir/tmp",0770) || &error_condition("cannot
> create $scandir/$archivedir/tmp - $!");
> (...)
>
> In the /etc/group:
>
> qscand:x:513:clamav
> clamav:x:514:qscand
>
>
> In the file clamd.conf, you need set the configuration
> "AllowSupplementaryGroups" to "1".
>
> Ah... In the last time of this message, the newer clamav was not using the
> parameter "--max-space" anymore. If you are using it, remove from the line
> "my $clamdscan_options" of qmail-scanner-queue.pl.
>
> Anyway, see the debug reports. Don't forget to set "my $DEBUG=" to zero when
> finished. It increases the server's load and the log file increases very
> fast.
>
> Good luck!
>
>
> Janio Carlos
>
>
> ----- Original Message -----
> From: "razi garbie" <r.garbie () gmail com>
> To: <security-basics () securityfocus com>
> Sent: Thursday, April 24, 2008 3:49 AM
> Subject: Re: Setting up mail server(s) ?
>
>
>
> > Thanks for all the responses.
> >
> > I went with qmail+clamav and spamassassin, it seems to be working fine
> > for the moment, i do however get some strange log activity sometimes:
> >
> > clamdscan: corrupt or unknown clamd scanner error or memory/resourc
> > e/perms problem - exit status 512/2
> >
> > I've been googlin a bit and havent found a "real" solution to the problem.
> > Someone suggested running clamd as root, is that really a good idea?
> > Another suggested to remove clamd_scanner from the scanner_array in
> > qmail-scanner-queue.pl.
> >
> > The box has 1GB RAM an, so i assume its not a memory problem (checked
> > ramusage while that error popped up in the logs)
> >
> > resource/perms problem, how can i check which resources it needs
> > and/or which permissions are needed?
> >
> > // Thanks in advance



-- 
Razi G.