Bug#263379: exim4: permissions on scan directory prevent email scanning

David Clymer David Clymer <david@zettazebra.com>, 263379@bugs.debian.org
Tue, 03 Aug 2004 22:11:53 -0400 

Package: exim4
Version: 4.34-4
Severity: important

following an upgrade of exim4 and from clamav 0.70 to 0.74, clamav
rejects all mail due to the fact that it can no longer access the files
it is attempting to scan. My assumption is that this may have been
caused by a change of permissions or ownership on the /var/spool/exim4/scan
directory, or the ownership/permissions of the files that exim puts there to be
scanned.

exerpt from /var/log/exim4/paniclog:

2004-08-03 21:29:16 1BsAah-0004Cp-Ug malware acl condition: clamd:
ClamAV returned /var/spool/exim4/scan/1BsAah-0004Cp-Ug: Access denied.
ERROR
2004-08-03 21:29:17 1BsAaj-0004Ct-J2 malware acl condition: clamd:
ClamAV returned /var/spool/exim4/scan/1BsAaj-0004Ct-J2: Access denied.
ERROR
2004-08-03 21:29:18 1BsAaj-0004Cv-U2 malware acl condition: clamd:
ClamAV returned /var/spool/exim4/scan/1BsAaj-0004Cv-U2: Access denied.
ERROR
2004-08-03 21:29:19 1BsAal-0004D1-81 malware acl condition: clamd:
ClamAV returned /var/spool/exim4/scan/1BsAal-0004D1-81: Access denied.
ERROR

/var/spool/exim4/

total 1085
drwxr-x---  2 Debian-exim Debian-exim   1024 Jan 12  2004 db
-r--------  1 Debian-exim Debian-exim    356 Jan 18  2004 gnutls-params
drwxr-x---  2 Debian-exim Debian-exim 732160 Aug  3 22:08 input
drwxr-x---  2 Debian-exim Debian-exim 368640 Aug  3 22:02 msglog
drwxr-x---  2 Debian-exim Debian-exim   1024 Aug  3 22:08 scan

-davidc


-- Package-specific info:
Exim version 4.34 #1 built 27-Jul-2004 18:08:18
Copyright (c) University of Cambridge 2004
Berkeley DB: Sleepycat Software: Berkeley DB 3.2.9: (May 26, 2004)
Support for: iconv() IPv6 PAM Perl GnuTLS
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Contains exiscan-acl patch revision 21 (c) Tom Kistner [http://duncanthrax.net/exiscan/]
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'

dc_eximconfig_configtype='internet'
dc_other_hostnames=''
dc_local_interfaces='127.0.0.1 : 64.62.190.237'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''

CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
mailname:zettazebra.com

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.26-linode27
Locale: LANG=C, LC_CTYPE=C

Versions of packages exim4 depends on:
ii  exim4-base                    4.34-4     EXperimental Internal Mailer -- a 
ii  exim4-daemon-heavy            4.34-4     Exim (v4) with extended features, 

-- no debconf information