[Mimedefang] Quarantine management - anyone else working on this?

Peter A. Cole peteracole at bigpond.com
Mon Apr 5 08:00:36 EDT 2004 

On Mon, 05 Apr 2004 10:53:32 +0100
Paul Murphy <pmurphy at ionixpharma.com> wrote:

> Peter,
> 
> Yes, that's why I have a completely separate quarantine folder, plus on a busy
> server where you are quarantining a lot of large messages, in theory the
> quarantine could fill the disk and kill the mail system.
>  
> Odd - this should work if the web user is in the www-data group.  The best way
> to resolve this sort of thing is to use "su" from root to become the web user,
> and try to browse the qdir folders.  When you have the permissions set
> correctly, the script will work.
> 
> Given that the main quarantine list is OK, the folders must already be
> accessible, as the main list opens the sender, recipient and headers files from
> each folder, as well as the entity header files and the message files which say
> why it was quarantined.  
> 
> Best Wishes,
> 
> Paul.

Thanks for your reply Paul, much appreciated.

You hit the nail right on the head with su'ing as www-data. Believe it or not, I never realised you could su as a system user like that! Every day I learn how much I don't know about Linux...

I su'd as www-data and get permission denied just trying to get into any of the qdir directories within /var/spool/MIMEDefang, so this explains the problem.

Rather than try to fix this in its current location and risk screwing up anything, I'll now look into moving my quarantine directory to another location.

I did consider this when I initially looked at your scripts, but thought it should be possible right where they are, but I was wrong (again).

I believe the reason I initially got any results at all from quarantine.pl was that I think I looked at that while I was unknowingly receiving unsafe socket errors by making the /var/spool/MIMEDefang directory world writeable. I think it was only after I fixed this that I actually tried entering into the qdir's themselves, and therefore got the error.

Thanks again for that, and hopefully the only response you'll hear next is it's all working in a new directory  :-)

Pete

More information about the MIMEDefang mailing list