Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] Configuring milter-greylist on Fedora 9

2009-02-12 by Martin X. Moleski, SJ

manu@... wrote:

> I had a quick look at it. It seems there are a few problems in the
> fedora package, but appart from the mode 755 stuff for the dump file,
> are there fixes to be committed upstream?

I'm not qualified to say.

I think what I was doing wrong was not getting things
lined up right (not your fault or Fedora's).

user="grmilter" -- Fedora RPM
user="smmsp" -- in the .tgz
user="mail" -- what I stumbled toward

I really wasn't paying enough attention after ANY of my
installations to make sure that everything was consistent.
There were some numeric owners and groups.  400-something?
I didn't stop to ask who they were or where they came from.
(My bad.)

At any rate, here are the things that need to line up
right:

* user defined in /etc/init.d/milter-greylist
* user defined in /etc/mail/greylist.conf
* owner/group and proper permissions for:

/etc/mail/greylist.conf
/etc/init.d/milter-greylist
/usr/local/bin/milter-greylist
/var/milter-greylist
/var/milter-greylist/greylist.db
/var/milter-greylist/milter-greylist.pid
/var/milter-greylist/milter-greylist.sock

I never had any trouble with this:
/var/lock/subsys/milter-greylist

It's about the only system file I didn't stumble over. :o(

I haven't had time to double back and see who owns what
and what the permissions are that I ended up with that
got the system working for me.

Sometime in the middle of all this, I was getting error
messages from sendmail about unsafe directories.  I found
a magic bullet on the internet:

chmod go-w / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue /private

Apart from the fact that there is no /private on my system,
it worked like a charm.

I was going to mess around and see whether I could come up with
something comparable to that that would just guarantee all
was well.

I think I switched to "mail" as user because I got some error about
not being able to write to /var/spool/mqueue (I think).  Stuff
started falling into place then.  But it doesn't make good sense
to me.  Seems that smmsp should have worked.  I'm sure I broke
something before it had a chance to do so.

				Marty

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.