[Mimedefang] A small MIMEDefang/clamav "gotcha"

[Jeffrey Goldberg]

Under some atypical (but not particularly peculiar set-ups) it is possible
to make a serious blunder with MIMEDefang and clamav.

The MIMEDefang documentation does (correctly) warn to run clamd as the
defang user.  (And clamd makes that very easy by setting the user its to
be run as in its configuration file).

I did that all fine.

My problem was that instead of running freshclam as a daemon, I wanted to
economize on daemons and ran it from cron.  And there I did it as the user
clamav.  Because this isn't started by root, freshclam can't switch to the
defang user in its config and so cannot write to the clamd.sock owned by
defang.

If freshclam is run as the defang user, then one needs to make the virus
database files and directory writable by defang.  (And be sure to specify
--daemon-notify in the crontab file.)

Anyway, that is a sad lesson I learned.  People using the recommend
way of using freshclam as a root started daemon are far less likely to
stumble across this.

Anyway for those others who've reported some oddities with clamd and
MIMEDefang, I hope that my story will be useful.

-j

-- 
Jeffrey Goldberg                            http://www.goldmark.org/jeff/
 Relativism is the triumph of authority over truth, convention over justice
 Hate spam?  Boycott MCI! http://www.goldmark.org/jeff/anti-spam/mci/