[Mimedefang] REVISED: postfix/mimedefang socket

Fri Sep 22 13:47:38 EDT 2017

Sorry if this has been asked/answered before.  I've searched and searched and found no consistent, complete answers.

What are the steps to configure MIMEDefang and Postix to share a socket?

Here's what I tried:

Option 1:  Use inet socket
------------------------------------------------
/etc/default/mimedefang:
    SOCKET=inet:8899 at localhost

/etc/postfix/main.cf
    smtpd_milters = inet:localhost:8899

This works for Ubuntu 14.04/MIMEDefang 2.73.
But it fails with Ubuntu 16.04/MIMEDefang 2.78.  If Postfix is already running, and MIMEDefang is restarted, I get the following in /var/log/mail.err:

     mimedefang[27605]: MIMEDefang-2.78: Unable to bind to port inet:8899 at localhost: Address already in use
     mimedefang[27605]: MIMEDefang-2.78: Unable to create listening socket on conn inet:8899 at localhost

Option 2:  Use unix socket in MIMEDefang directory
--------------------------------------------------
/etc/default/mimedefang:
    <leave default SOCKET line (/var/spool/MIMEDefang/mimedefang.sock)>
    MD_ALLOW_GROUP_ACCESS=yes

add user "postfix" to group "defang"
    usermod -a -G defang postfix

/etc/postfix/main.cf:
    smtpd_milters=unix:/var/spool/MIMEDefang/mimedefang.sock

This fails, presumably because Postfix is chroot'ed and can't access anything outside it's chroot directory (/var/spool/postfix).  In /var/log/mail.err:

    postfix/smtpd[31110]: warning: connect to Milter service unix:/var/spool/MIMEDefang/mimedefang.sock: No such file or directory

Option 3:  Use unix socket in Postfix chroot jail
-------------------------------------------------
I suppose I could configure /etc/default/mimedefang:SOCKET to point to a file in /var/spool/postfix/private, where the other sockets are located. But that directory is owned by postfix, group=root, permissions 0700.  So I don't know how mimedefang could write to it.

So, I'm stuck.

Any help would be appreciated.
Michael