[Mimedefang] REVISED: postfix/mimedefang socket

Bill Cole mdlist-20140424 at billmail.scconsult.com
Sat Sep 23 16:09:26 EDT 2017


On 22 Sep 2017, at 13:47, Michael Fox wrote:

> Sorry if this has been asked/answered before.  I've searched and 
> searched and found no consistent, complete answers.
>
> What are the steps to configure MIMEDefang and Postix to share a 
> socket?

The workable solutions depend on your OS (and with Linux, your 
distribution,) your filesystem, and whether you chroot the Postfix smtpd 
program.

> Here's what I tried:
>
> Option 1:  Use inet socket
> ------------------------------------------------
> /etc/default/mimedefang:
>     SOCKET=inet:8899 at localhost
>
> /etc/postfix/main.cf
>     smtpd_milters = inet:localhost:8899
>
> This works for Ubuntu 14.04/MIMEDefang 2.73.
> But it fails with Ubuntu 16.04/MIMEDefang 2.78.  If Postfix is already 
> running, and MIMEDefang is restarted, I get the following in 
> /var/log/mail.err:
>
>      mimedefang[27605]: MIMEDefang-2.78: Unable to bind to port 
> inet:8899 at localhost: Address already in use
>      mimedefang[27605]: MIMEDefang-2.78: Unable to create listening 
> socket on conn inet:8899 at localhost

That's odd. Given your other options, I'd try to figure out what exactly 
is going on here and fix it. I.e. what process actually has taken that 
port.

As for using a unix socket, you don't need to create the socket inside 
the chroot if it's on the same filesystem as /var/spool/MIMEDefang/ , 
you can just hardlink the existing socket.

Also, you may not need to add the postfix user to the defang group, if 
you have a filesystem that supports BSD default group semantics for 
setgid directories, e.g.:

    chgrp postfix /var/spool/MIMEDefang/
    chmod g+ws /var/spool/MIMEDefang/

With the setgid bit set on a directory, newly created files (or sockets) 
take their group from the parent directory rather than the creating 
process.



More information about the MIMEDefang mailing list