Milter-greylist

Vladimir Vassiliev wrote:
 > IMHO, the problem is that sendmail don't know about its supplementary groups so its view of permissions is far from truth.
 > 
 > Here the best working setup I could to achive:
 > 
 > drwxr-x---  2 greylist sendmail 4096 ??? 13 14:41 /var/milter-greylist
 > 
 > -rw-------  1 greylist greylist 13110069 ??? 13 14:04 greylist.db
 > srwxrwxrwx  1 greylist greylist        0 ??? 13 14:41 milter-greylist.sock

Another possibility is to run milter-greylist as root, then
you can have this:

drwx------   2 root  wheel   512 Feb 13 12:50 /var/milter-greylist
-rw-------   1 root  wheel  8331 Feb 13 12:50 greylist.db
srwx------   1 root  wheel     0 Nov  4 04:43 milter-greylist.sock

Of course, if you run milter-greylist as root, it is strongly
recommended to put it into a jail (like those supported on
FreeBSD) or similarly restricted environment, or use MAC
(mandatory access control) with appropriate policy if your
OS supports it.  (I do not recommend to use ordinary chroot
environment because it is too weak.)

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Gesch\ufffdftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht M\ufffdn-
chen, HRB 125758,  Gesch\ufffdftsf\ufffdhrer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

It's trivial to make fun of Microsoft products,
but it takes a real man to make them work,
and a God to make them do anything useful.