[Mimedefang] REVISED: postfix/mimedefang socket

Fri, 22 Sep 2017 10:57:44 -0700 

Sorry if this has been asked/answered before.  I've searched and searched and 
found no consistent, complete answers.

What are the steps to configure MIMEDefang and Postix to share a socket?

Here's what I tried:

Option 1:  Use inet socket
------------------------------------------------
/etc/default/mimedefang:
    SOCKET=inet:8899@localhost

/etc/postfix/main.cf
    smtpd_milters = inet:localhost:8899

This works for Ubuntu 14.04/MIMEDefang 2.73.
But it fails with Ubuntu 16.04/MIMEDefang 2.78.  If Postfix is already running, 
and MIMEDefang is restarted, I get the following in /var/log/mail.err:

     mimedefang[27605]: MIMEDefang-2.78: Unable to bind to port 
inet:8899@localhost: Address already in use
     mimedefang[27605]: MIMEDefang-2.78: Unable to create listening socket on 
conn inet:8899@localhost


Option 2:  Use unix socket in MIMEDefang directory
--------------------------------------------------
/etc/default/mimedefang:
    <leave default SOCKET line (/var/spool/MIMEDefang/mimedefang.sock)>
    MD_ALLOW_GROUP_ACCESS=yes

add user "postfix" to group "defang"
    usermod -a -G defang postfix

/etc/postfix/main.cf:
    smtpd_milters=unix:/var/spool/MIMEDefang/mimedefang.sock

This fails, presumably because Postfix is chroot'ed and can't access anything 
outside it's chroot directory (/var/spool/postfix).  In /var/log/mail.err:

    postfix/smtpd[31110]: warning: connect to Milter service 
unix:/var/spool/MIMEDefang/mimedefang.sock: No such file or directory


Option 3:  Use unix socket in Postfix chroot jail
-------------------------------------------------
I suppose I could configure /etc/default/mimedefang:SOCKET to point to a file 
in /var/spool/postfix/private, where the other sockets are located. But that 
directory is owned by postfix, group=root, permissions 0700.  So I don't know 
how mimedefang could write to it.


So, I'm stuck.

Any help would be appreciated.
Michael




_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Reply via email to