Bug#263379: marked as done (exim4: permissions on scan directory prevent email scanning)
Debian Bug Tracking System
owner@bugs.debian.org
Wed, 04 Aug 2004 00:03:07 -0700
Your message dated Wed, 4 Aug 2004 09:00:13 +0200
with message-id <20040804070013.GC2291@downhill.at.eu.org>
and subject line Bug#263379: exim4: permissions on scan directory prevent email scanning
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 4 Aug 2004 02:11:58 +0000
>From david@zettazebra.com Tue Aug 03 19:11:58 2004
Return-path: <david@zettazebra.com>
Received: from li3-237.members.linode.com (zettazebra.com) [64.62.190.237]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BsBG2-0007yY-00; Tue, 03 Aug 2004 19:11:58 -0700
Received: from david by zettazebra.com with local (Exim 4.34)
id 1BsBFx-0004UC-7k; Tue, 03 Aug 2004 22:11:53 -0400
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: David Clymer <david@zettazebra.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: exim4: permissions on scan directory prevent email scanning
X-Mailer: reportbug 2.63
Date: Tue, 03 Aug 2004 22:11:53 -0400
Message-Id: <E1BsBFx-0004UC-7k@zettazebra.com>
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: david@zettazebra.com
X-SA-Exim-Scanned: No (on zettazebra.com); SAEximRunCond expanded to false
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: exim4
Version: 4.34-4
Severity: important
following an upgrade of exim4 and from clamav 0.70 to 0.74, clamav
rejects all mail due to the fact that it can no longer access the files
it is attempting to scan. My assumption is that this may have been
caused by a change of permissions or ownership on the /var/spool/exim4/scan
directory, or the ownership/permissions of the files that exim puts there to be
scanned.
exerpt from /var/log/exim4/paniclog:
2004-08-03 21:29:16 1BsAah-0004Cp-Ug malware acl condition: clamd:
ClamAV returned /var/spool/exim4/scan/1BsAah-0004Cp-Ug: Access denied.
ERROR
2004-08-03 21:29:17 1BsAaj-0004Ct-J2 malware acl condition: clamd:
ClamAV returned /var/spool/exim4/scan/1BsAaj-0004Ct-J2: Access denied.
ERROR
2004-08-03 21:29:18 1BsAaj-0004Cv-U2 malware acl condition: clamd:
ClamAV returned /var/spool/exim4/scan/1BsAaj-0004Cv-U2: Access denied.
ERROR
2004-08-03 21:29:19 1BsAal-0004D1-81 malware acl condition: clamd:
ClamAV returned /var/spool/exim4/scan/1BsAal-0004D1-81: Access denied.
ERROR
/var/spool/exim4/
total 1085
drwxr-x--- 2 Debian-exim Debian-exim 1024 Jan 12 2004 db
-r-------- 1 Debian-exim Debian-exim 356 Jan 18 2004 gnutls-params
drwxr-x--- 2 Debian-exim Debian-exim 732160 Aug 3 22:08 input
drwxr-x--- 2 Debian-exim Debian-exim 368640 Aug 3 22:02 msglog
drwxr-x--- 2 Debian-exim Debian-exim 1024 Aug 3 22:08 scan
-davidc
-- Package-specific info:
Exim version 4.34 #1 built 27-Jul-2004 18:08:18
Copyright (c) University of Cambridge 2004
Berkeley DB: Sleepycat Software: Berkeley DB 3.2.9: (May 26, 2004)
Support for: iconv() IPv6 PAM Perl GnuTLS
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Contains exiscan-acl patch revision 21 (c) Tom Kistner [http://duncanthrax.net/exiscan/]
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
dc_eximconfig_configtype='internet'
dc_other_hostnames=''
dc_local_interfaces='127.0.0.1 : 64.62.190.237'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
mailname:zettazebra.com
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.26-linode27
Locale: LANG=C, LC_CTYPE=C
Versions of packages exim4 depends on:
ii exim4-base 4.34-4 EXperimental Internal Mailer -- a
ii exim4-daemon-heavy 4.34-4 Exim (v4) with extended features,
-- no debconf information
---------------------------------------
Received: (at 263379-done) by bugs.debian.org; 4 Aug 2004 07:00:17 +0000
>From ametzler@downhill.at.eu.org Wed Aug 04 00:00:16 2004
Return-path: <ametzler@downhill.at.eu.org>
Received: from server.logic.univie.ac.at [131.130.190.41] ([7t3I0Th3oLB8+hUIDAZCe2QxzIZTYpz5])
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BsFl2-0005Ck-00; Wed, 04 Aug 2004 00:00:16 -0700
Received: from m-134-246.adsl.univie.ac.at ([131.130.134.246])
by server.logic.univie.ac.at with asmtp (Exim 4.34)
id 1BsFkz-0006LO-MP
for 263379-done@bugs.debian.org; Wed, 04 Aug 2004 09:00:15 +0200
Received: from ametzler by downhill.univie.ac.at with local (Exim 4.34)
id 1BsFkz-0001SP-Pl
for 263379-done@bugs.debian.org; Wed, 04 Aug 2004 09:00:13 +0200
Date: Wed, 4 Aug 2004 09:00:13 +0200
From: Andreas Metzler <ametzler@downhill.at.eu.org>
To: 263379-done@bugs.debian.org
Subject: Re: Bug#263379: exim4: permissions on scan directory prevent email scanning
Message-ID: <20040804070013.GC2291@downhill.at.eu.org>
References: <E1BsBFx-0004UC-7k@zettazebra.com> <20040804043949.GA24910@torres.ka0.zugschlus.de> <1091594048.1121.37.camel@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1091594048.1121.37.camel@localhost>
X-GPG-Fingerprint: BCF7 1345 BE42 B5B8 1A57 EE09 1D33 9C65 8B8D 7663
User-Agent: Mutt/1.5.6+20040722i
Delivered-To: 263379-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
On 2004-08-04 David Clymer <david@zettazebra.com> wrote:
> On Wed, 2004-08-04 at 00:39, Marc Haber wrote:
[...]
> > > following an upgrade of exim4 and from clamav 0.70 to 0.74,
> > > clamav rejects all mail due to the fact that it can no longer
> > > access the files it is attempting to scan. My assumption is that
> > > this may have been caused by a change of permissions or
> > > ownership on the /var/spool/exim4/scan directory, or the
> > > ownership/permissions of the files that exim puts there to be
> > > scanned.
> > There is no /var/spool/exim4/scan directory in the distribution.
exiscan generates it automatically if it s used.
[...]
> Aha! The problem is with clamav, or more accurately, caused by a change
> in the clamav package
> (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=250335). The scan
> directory must get added by one of the clamav packages.
> My bad. I just assumed it was an exim4 directory, which is why I
> reported it as an exim4 bug.
> Bug closed/retracted/whatever.
Thanks for the diagnosis. Closing.
cu andreas