On 09/22/2017 12:47 PM, Michael Fox wrote:
> Option 3: Use unix socket in Postfix chroot jail
This looks to be what I do. I'm running Postfix and MIMEDefang on
Ubuntu, both from packages. Postfix runs as the postfix user, and
there's a defang group. I run Postfix in a chroot.
These appear to be the relevant parts of my install script:
adduser --quiet postfix defang
install -d -o defang -g defang -m 750 \
/var/spool/postfix/var/spool/MIMEDefang
chown -R defang:defang \
/var/lib/MIMEDefang \
/var/spool/MIMEDefang \
/var/spool/postfix/var/spool/MIMEDefang
sed -i 's|^\(#
\)\?\(SOCKET\)=.*|\2=/var/spool/postfix/var/spool/MIMEDefang/mimedefang.sock|' \
/etc/default/mimedefang
I believe we have some sort of trouble if one of the daemons is
restarted, but not the other, or if it's done in the wrong order or
something. I don't have a lot of specifics off the top of my head. In
practice, we hardly ever restart one or the other. It's usually either
stopping both (and starting MIMEDefang first, to give slaves a chance to
spin up), or rebooting the server.
I hope this helps. If you have specific questions, I'll try to dig into
my config if I can. I'm currently out of the office, though.
--
Richard
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
