[Mimedefang] Using clamdscan --fdpass

Daniel O'Connor doconnor at gsoft.com.au
Mon Jul 22 18:47:14 EDT 2013

On 23/07/2013, at 3:33, Matt Garretson <mattg at assembly.state.ny.us> wrote:
> On 7/19/2013 10:00 PM, Daniel O'Connor wrote:
>> I have modified MIMEDefang to use clamdscan --fdpass for Virus:CLAMD
>> because clamd runs as a different user to MIMEDefang (clamav vs
>> mailnull).
> Alternatively, you could simply put the clamav user into the mimedefang
> group.  Then, make sure that group is on your MD spool dir with
> read+execute perms.   E.g. on my system:
> # id clamav
> uid=496(clamav) gid=495(clamav) groups=495(clamav),496(defang)
> # id defang
> uid=497(defang) gid=496(defang) groups=496(defang)
> # ls -ld /var/spool/MIMEDefang
> drwxr-x--- 63 defang defang 1340 2013-07-22 13:58 /var/spool/MIMEDefang/
> NB: You may have to redo the chmod on the MD spool dir every time you
> install/upgrade MD, as the installer sometimes seems to reset the perms.

I'm aware of that possibility, it doesn't seem very elegant to do so though.

FD pass seems like a nice neat way of bypassing the problem without having to juggle any permissions.

Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
  -- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C

More information about the MIMEDefang mailing list