[Mimedefang] Postfix and Mimedefang

Stefan Schoeman stefan at internext.co.za
Wed Apr 4 19:04:18 EDT 2012 

What worked for me under Ubuntu 10.04 was to let Mimedefang run as the 
postfix user (change MX_USER=postfix in /etc/default/mimedefang or 
/etc/init.d/mimedefang) and to change ownership on /var/spool/MIMEDefang 
to postfix.defang and mode 750. I read somewhere that you should also 
not run postfix in a chroot jail, i.e edit /etc/postfix/master.cf and 
somewhere near the top, make it look as follows: (note the n in the 
chroot column)

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd


My main.cf then just contained the extra:

smtpd_milters = unix:/var/spool/MIMEDefang/mimedefang.sock

although I guess adding the

milter_default_action = tempfail
milter_protocol = 6

Would be even better (I've never checked what happens if I make a typo 
in /etc/mail/mimedefang)

Hope that helps ?

Stefan





On 2012/04/04 9:01 PM, Kris Deugau wrote:
> Roman Pretory wrote:
>> only put following lines in main.cf don't work.
>>
>> smtpd_milters = inet:10025 at localhost
>> milter_default_action = tempfail
>> milter_protocol = 6
>> milter_mail_macros = {auth_author} {auth_type} {auth_authen}
>>
>> there is to change to socket also im mimedefang anywere
>
> You're already pretty much done on the Postfix side.
>
>> just work with the centos 6 rpm for postfix 2.6.6 or is there anything
>> to patch?
>> is the defang user a problem to change to postfix or ok.
>
> You should be able to run MD as defang under most configurations - 
> there are really only a couple of rare cases where it *won't* work.
>
> For CentOS, you should be able to then edit /etc/sysconfig/mimedefang 
> (assuming you installed it from a .rpm as well) to set the appropriate 
> options to get it to listen on a TCP socket instead of UNIX socket. 
> Look for a (probably commented) line that sets the SOCKET variable, 
> and put inet:<port>@<ip> for the value.
>
> <ip> should probably be 127.0.0.1 unless you want to run a cluster of 
> mail systems against a set of load-balanced MD servers. <port> can be 
> any handy unused port.
>
> -kgd
> _______________________________________________
> NOTE: If there is a disclaimer or other legal boilerplate in the above
> message, it is NULL AND VOID.  You may ignore it.
>
> Visit http://www.mimedefang.org and http://www.roaringpenguin.com
> MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

More information about the MIMEDefang mailing list