Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

amavisd-new, redhat linux 9, sendmail and AVG virus scanner

Posted on 2004-03-27
10
Medium Priority
?
1,005 Views
Last Modified: 2007-12-19
I have installed the AVG virus scanner daemon on Redhat Linux 9, hooked up Dazuko, and also (I think) configured amavisd-new so that it uses the AVG scanner (when I run the amavisd-new daemon in debug mode it apparently starts up fine and conencts it to the avg scanner).

However, I'm now having trouble hooking amavisd-new up to sendmail. amavisd. I added the following lines to sendmail.mc and regenerated sendmail.cf

dnl
dnl Change Mlocal to use AMaViS-Perl
define(`AMAVIS_LOCAL_MAILER_ARGS', `-d $u')
define(`LOCAL_MAILER_ARGS',`amavis $f $u' LOCAL_MAILER_PATH AMAVIS_LOCAL_MAILER_ARGS)dnl
define(`LOCAL_MAILER_PATH', `/usr/sbin/amavis')dnl
dnl please set the path to your procmail accordingly!
dnl the following works only with sendmail 8.10.x or above
MODIFY_MAILER_FLAGS(`LOCAL', `-m-f-r')dnl

I then restarted sendmail, and sent myself a test message. This got bounced with an error 255. The error log shows the following

Mar 27 10:59:36 garcia sendmail[4995]: starting daemon (8.12.8): SMTP+queueing@01:00:00
Mar 27 10:59:36 garcia sm-msp-queue[5004]: starting daemon (8.12.8): queueing@01:00:00
Mar 27 11:00:43 garcia sendmail[5017]: i2RB0fDD005017: from=<drjohnbrooke@hotmail.com>, size=830, class=0, nrcpts=1, msgid=<Sea2-F41iCMI2q5Knp50002bd4e@hotmail.com>, proto=ESMTP, daemon=MTA, relay=sea2-f41.sea2.hotmail.com [207.68.165.41]
Mar 27 11:00:43 garcia amavisd[5019]: starting.  amavis 0.3.12 Tue Jan 27 18:30:14 GMT 2004
Mar 27 11:00:44 garcia amavisd[5022]: mail forwarding failed, retry: Insecure dependency in exec while running with -T switch at /usr/sbin/amavis line 581, <GEN0> line 26. (message-id=<Sea2-F41iCMI2q5Knp50002bd4e@hotmail.com>)
Mar 27 11:00:44 garcia amavisd[5022]: do_exit:481 - ending execution with 75
Mar 27 11:00:44 garcia amavisd[5019]: do_exit:594 - ending execution with 255
Mar 27 11:00:44 garcia sendmail[5018]: i2RB0fDD005017: to=<drjohn@contingent-solutions.com>, delay=00:00:02, xdelay=00:00:01, mailer=local, pri=31044, dsn=5.3.0, stat=unknown mailer error 255
Mar 27 11:00:44 garcia sendmail[5018]: i2RB0fDD005017: i2RB0iDD005018: DSN: unknown mailer error 255
Mar 27 11:00:45 garcia sendmail[5018]: i2RB0iDD005018: to=<drjohnbrooke@hotmail.com>, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=32068, relay=mx4.hotmail.com. [65.54.167.230], dsn=2.0.0, stat=Sent ( <200403271100.i2RB0iDD005018@localhost.localdomain> Queued mail for delivery)

So what am I doing wrong here?

John
0
Comment
Question by:JohnBrookeContingent
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
10 Comments
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10694222
It looks like Amavis has a problem with the Perl -T flag ('tainted') - or the other way around. I found one report (even though for RH 8) that describes this symptom: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=107532
- unfortunately without a solution.

You could try to upgrade to a newer version of Amavis.
You could also try to remove the -T from the first line of the /usr/sbin/amavis script - BUT THIS MAY OPEN YOUR SYSTEM TO SECURITY PROBLEMS.
0
 

Author Comment

by:JohnBrookeContingent
ID: 10694267
I'm using amavisd-new-200030616 - is there something newer than this?

I went back to the README files for amavisd-new and the configuration change they recommend is to put in

MODIFY_MAILER_FLAGS(`LOCAL',`-r')dnl
define(`LOCAL_MAILER_ARGS',`amavis $f $u --' LOCAL_MAILER_PATH `-d $u')dnl
define(`LOCAL_MAILER_PATH',`/usr/local/sbin/amavis')dnl

However, this still doesn't work. The message doesn't get bounced this time, it gets deferred....

Mar 27 12:15:14 garcia sendmail[5614]: i2RCFDR8005614: from=<drjohnbrooke@hotmail.com>, size=819, class=0, nrcpts=1, msgid=<Sea2-F20AODDD3OaiPZ0002c108@hotmail.com>, proto=ESMTP, daemon=MTA, relay=sea2-f20.sea2.hotmail.com [207.68.165.20]
Mar 27 12:15:14 garcia amavisd[5616]: starting.  amavis 0.3.12 Tue Jan 27 18:30:14 GMT 2004
Mar 27 12:15:15 garcia amavisd[5619]: mail forwarding failed, retry: Insecure dependency in exec while running with -T switch at /usr/local/sbin/amavis line 581, <GEN0> line 25. (message-id=<Sea2-F20AODDD3OaiPZ0002c108@hotmail.com>)
Mar 27 12:15:15 garcia amavisd[5619]: do_exit:481 - ending execution with 75
Mar 27 12:15:15 garcia amavisd[5616]: do_exit:594 - ending execution with 75
Mar 27 12:15:15 garcia sendmail[5615]: i2RCFDR8005614: to=<drjohn@contingent-solutions.com>, delay=00:00:02, xdelay=00:00:01, mailer=local, pri=31033, dsn=4.0.0, stat=Deferred: local mailer (/usr/local/sbin/amavis) exited with EX_TEMPFAIL

The problem still seems to be the -T switch.

What exactly is the security issue? I don't want to open security holes, I'm trying to close them!!

0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10694361
The -T switch makes Perl scripts more secure. You can find more about this in this FAQ: http://gunther.web66.com/FAQS/taintmode.html

0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10694368
What exactly is line 581 in the amavis script? Which version of Perl are you running?
0
 

Author Comment

by:JohnBrookeContingent
ID: 10697789
The section of the amavis script in question is

        # sending mail, sendmail version
        # For sendmail, we call the "real" local delivery agent
                                                                               
        open(MAIL, "|-") || exec($LDA, @LDAARGS);
        while (<$fh>) {
                next if ($seen_xheader == 0 && m/^$X_HEADER_TAG:/o);
                if ($seen_xheader == 0 && m/\A\r?\n\Z/) {
                        print MAIL "$X_HEADER_TAG: $X_HEADER_LINE\n";
                        $seen_xheader = 1;
                }
                print MAIL $_;
        }
                                                                               
        close(MAIL);

Line 581 is the "open (MAIL, "|-") || exec($LDA, @LDAARGS);"

I seem to be running Perl v5.8.0.
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10697996
I'm also using Perl v5.8.0, my Amavis version is 0.3.12pre8 (Mar 17 2003), and it does not have this line (and I also don't have this problem). Maybe the solution is not to install a newer version, but an older version of Amavis.
0
 

Author Comment

by:JohnBrookeContingent
ID: 10702196
Well, I tried running the Amavis script without the -T switch on Perl, and it didn't fall over but any messages went into some sort of black hole somewhere and never re-emerged. I'll investigate going backwards to an older version of Amavis, though at the moment I can't find the particular version you're running.
0
 

Author Comment

by:JohnBrookeContingent
ID: 11332521
In the end I switched from Sendmail to Postfix - it was a lot easier to configure amavisd to work with it....
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 12096526
PAQed, with points refunded (125)

modulo
Community Support Moderator
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Fine Tune your automatic Updates for Ubuntu / Debian
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question