mimedefang errors (was Re: [Mimedefang] spamassassin error messages)

Craig Green cgreen at sentex.net
Fri May 13 12:09:06 EDT 2005 

Lisa Casey wrote:

>> Yes, but what's causing the error state?  Grep for the queue IDs to 
>> see the rest of the log lines associated with those emails.  E.g., 
>> using an ID above:
>>
>> grep j4CGvC6p068449 /var/log/maillog
>
>
> I checked on this just now. When I first start mimedefang (and I do 
> start it before I start Sendmail) I get errors like these in maillog:
>
>
> # grep j4DE0G9C062329 maillog | more
> May 13 10:00:16 radius sm-mta[62329]: j4DE0G9C062329: Milter 
> (mimedefang): local
> socket name /var/spool/MIMEDefang/mimedefang.sock unsafe
> May 13 10:00:16 radius sm-mta[62329]: j4DE0G9C062329: Milter 
> (mimedefang): to er
> ror state 


[munch]

Thought so--it's a socket problem.

> As far as the unsafe socket goes, here is my permissions on the path 
> to the socket (/var/spool/MIMEDefang/)
>
> drwxr-xr-x  18 root  wheel      512 Apr 27 14:49 var
> drwxr-xr-x  13 root    wheel    512 May  3 17:56 spool
> drwx------  2 defang  defang    512 May 13 10:12 MIMEDefang
> # cd MIMEDefang
> # ls -l
> total 4
> -rw-r-----  1 defang  defang  6 May 13 10:12 mimedefang-multiplexor.pid
> srw-------  1 defang  defang  0 May 13 10:12 mimedefang-multiplexor.sock
> -rw-r-----  1 defang  defang  6 May 13 10:12 mimedefang.pid
> srwxr-x---  1 defang  defang  0 May 13 10:12 mimedefang.sock


What did you do to make MD run as 'defang'?  It should be running as the 
Sendmail user (usually 'mailnull') since Sendmail doesn't run as root.  
Otherwise, Sendmail won't be able to write to MD's socket.

cgreen:pumice1:/etc/mail# grep mailnull /etc/passwd
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin

cgreen:pumice1:/etc/mail# grep -i defaultuser /etc/mail/sendmail.cf
#O DefaultUser=mailnull

cgreen:pumice1:/etc/mail# grep -i user /usr/local/etc/rc.d/mimedefang.sh
# Run the multiplexor and filters as this user, not root.  RECOMMENDED
MX_USER=mailnull


I'd suggest you review MD's startup script in /usr/local/etc/rc.d, 
change the MX_USER setting, stop MD, chown MD's directories in 
/var/spool to mailnull and then start up MD.

I suspect, however, that since the port nicely sets everything up to run 
as 'mailnull' for you, including making and chowning the /var/spool MD 
directories to mailnull, either you didn't use the port or you worked 
very hard at modifying the default port install to look like Linux or 
something.  If the former, use the port.  If the latter, you'll need to 
undo your changes.

>
> What else can I look at (or show to the list)? I did find something 
> yesterday that started a debug log of some sort in /var/log, the file 
> is called mdefang-event-debug.log. Nothing in that log seems to jump 
> out at me as being descriptive of a problem, but if it might be 
> helpful I could post it. As an attachment? Are attachments allowed on 
> this list?
>
> Thanks, I really need  to solve this. Mimedefang was a simple install 
> on my old Redhat box but it's giving me a heck of a time on this 
> FreeBSD box.


Setting up MD on FreeBSD is so simple, I usually feel spoiled.  :-)

Install:

1) update ports (see the Handbook, but essentially 'cvsup 
/path/to/ports-supfile')
2) cd /usr/ports/mail/mimedefang
3) make install

Config Sendmail:

4) copy/paste the 2 .mc file lines that the post-install messages 
helpfully gives you into the /etc/mail/<HOSTNAME>.mc file
5) rebuild the .cf file.  Easiest is with 'cd /etc/mail; make cf; make 
install'

Config MD startup:

6) review the MD startup file in /usr/local/etc/rc.d.  The port will 
have already set MX_USER.  You may need to copy mimedefang.sh-dist to 
mimedefang.sh.

Modify filter:

7) modify the filter in /usr/local/etc/mimedefang/mimedefang-filter as 
you like

Start everything up:

8) start up MD with '/usr/local/etc/rc.d/mimedefang.sh start'.  Review 
the maillog for errors.
9) restart Sendmail.  Easiest is with 'cd /etc/mail; make restart-mta'.  
Review maillog for errors.

Done:

10) enjoy filtered mail goodness.


Of course anything is "simple" if you already know how to do it.  ;-)


Craig.
------

>
> Lisa

More information about the MIMEDefang mailing list