# Mimedefang sendmail and sock unsafe



## qsecofr (Apr 26, 2010)

Hi,
After updating perl, mimedefang is logging errors to maillog.

```
Milter (mimedefang): local socket name /var/spool/MIMEDefang/mimedefang.sock unsafe
Milter (mimedefang): to error state
Milter: initialization failed, temp failing commands
```

I've got mailnull:wheel as owner:group.  permissions on the directories are rwxrwxr-x.

I vaguely remember encountering this error before.  And googling sugested this error was permissions related.  Everything in /var/db/clamav is owned by clamav or mailnull, and has read permissions.  Everything in /var/db/spamassassin has read permissions for the 3.003000 version.

This time around googling is turning up suggestions about permissions again.  But i haven't had luck with the right combination yet.  Anyone else run into this error?

TIA


----------



## qsecofr (Apr 27, 2010)

*Additional info*

I wanted to post some additional info now that I'm able to copy/paste and make things easier on myself..

permissions:

```
14# ls -la /var/spool/MIMEDefang
total 18
drwxrwxr-x   7 mailnull  clamav  512 Apr 26 17:05 .
drwxr-xr-x  13 root      wheel   512 Apr 25 20:28 ..
drwxrwxr-x   2 mailnull  clamav  512 Apr 26 06:44 .spamassassin
drwxrwxr-x   2 mailnull  clamav  512 Oct 26 21:06 mdefang-n9R45qmm072643
drwxrwxr-x   2 mailnull  clamav  512 Oct 26 21:18 mdefang-n9R4I4cI098231
drwxrwxr-x   2 mailnull  clamav  512 Nov  6 19:11 mdefang-nA73BqYs000218
drwxrwxr-x   2 mailnull  clamav  512 Nov  6 19:13 mdefang-nA73DIYA000223
-rw-r-----   1 mailnull  clamav    6 Apr 26 17:05 mimedefang-multiplexor.pid
srw-rwx---   1 mailnull  clamav    0 Apr 26 17:05 mimedefang-multiplexor.sock
-rw-r-----   1 mailnull  clamav    6 Apr 26 17:05 mimedefang.pid
srwxrwx---   1 mailnull  clamav    0 Apr 26 17:05 mimedefang.sock
```


```
ls -la /var/spool/MIMEDefang/.spamassassin
total 7412
drwxrwxr-x  2 mailnull  clamav      512 Apr 26 06:44 .
drwxrwxr-x  7 mailnull  clamav      512 Apr 26 17:05 ..
-rw-rw----  1 mailnull  clamav   331776 Jan  7 13:12 auto-whitelist
-rw-rw----  1 mailnull  clamav    15096 Mar 28 03:42 bayes_journal
-rw-rw----  1 mailnull  clamav  4890624 Apr 26 06:44 bayes_seen
-rw-rw----  1 mailnull  clamav  5337088 Apr 26 06:44 bayes_toks
```


```
17# ls -la /var/db/clamav
total 58678
drwxrwxr-x  10 clamav    mailnull      1024 Apr 26 09:32 .
drwxr-xr-x  19 root      wheel         1024 Apr 26 09:32 ..
-rw-r-----   1 mailnull  mailnull     12766 Apr 24 04:08 bytecode.cvd
drwxrwxr-x   2 clamav    mailnull       512 Jun 28  2008 clamav
drwxrwx---   2 clamav    mailnull       512 Aug  6  2007 clamav-1303ee91461e135835f5fa2a43efc95e
drwxrwx---   2 clamav    mailnull       512 Aug 22  2007 clamav-415de4393ba715832b0ce3715324755d
drwxrwx---   2 clamav    mailnull       512 Aug 22  2007 clamav-731ab223928eb286e2e4863e76c14dde
drwxrwx---   2 clamav    mailnull       512 Aug 23  2007 clamav-aed080ae1da80e0be68ed2e132b1efb6
drwxrwx---   2 clamav    mailnull       512 Aug 23  2007 clamav-d97a733648e38439216ea040b147431b
drwxrwx---   2 clamav    mailnull       512 Aug 24  2007 clamav-e25799eb72b8d87edcd959cd29f10199
drwxrwx---   2 clamav    mailnull       512 Aug 24  2007 clamav-f88093de70c190fa219fe684e4911713
-rw-r--r--   1 mailnull  mailnull   3301888 Apr 26 09:32 daily.cld
-rw-rw-r--   1 clamav    mailnull  56671744 Feb 15 16:33 main.cld
-rw-rw----   1 clamav    mailnull      2860 Apr 26 09:32 mirrors.dat
```

Jobs:

```
ps -aux | grep mail
mailnull    1491  0.0  6.7 143880 139572  ??  Is    9:32AM   0:05.13 /usr/local/sbin/clamd
mailnull    1506  0.0  0.3 14300  6052  ??  Is    9:32AM   0:00.09 /usr/local/bin/freshclam --user mailnull --checks=1 --daemon-notify=/usr/local/etc/clamd
root        1511  0.0  0.2  5880  3484  ??  Ss    9:32AM   0:00.50 sendmail: accepting connections (sendmail)
smmsp       1515  0.0  0.2  5880  3256  ??  Is    9:32AM   0:00.01 sendmail: Queue runner@00:30:00 for /var/spool/clientmqueue (sendmail)
mailnull   67364  0.0  0.1  6912  2984  ??  I     5:05PM   0:00.00 [mimedefang-multiple]
mailnull   67366  0.0  1.0 22808 20904  ??  I     5:05PM   0:00.91 /usr/local/bin/perl /usr/local/bin/mimedefang.pl -server
mailnull   67380  0.0  0.1  3392  1400  ??  I     5:05PM   0:00.01 /usr/local/bin/mimedefang -P /var/spool/MIMEDefang/mimedefang.pid -R -1 -m /var/spool/MI
mailnull   67385  0.0  1.0 22808 20904  ??  I     5:05PM   0:00.90 /usr/local/bin/perl /usr/local/bin/mimedefang.pl -server
```

Config:
from /etc/mail/host.mc

```
MAIL_FILTER(`mimedefang', `S=local:/var/spool/MIMEDefang/mimedefang.sock, F=T, T=C:15m;S:4m;R:4m;E:10m')dnl
define(`confINPUT_MAIL_FILTERS', `mimedefang')dnl
```

from maillog:

```
Apr 26 18:53:39 motive sendmail[70809]: o3R1rd38070809: Milter (mimedefang): local socket name /var/spool/MIMEDefang/mimedefang.sock unsafe
Apr 26 18:53:39 motive sendmail[70809]: o3R1rd38070809: Milter (mimedefang): to error state
Apr 26 18:53:39 motive sendmail[70809]: o3R1rd38070809: Milter: initialization failed, temp failing commands
Apr 26 18:54:00 motive sendmail[70813]: o3R1s03V070813: Milter (mimedefang): local socket name /var/spool/MIMEDefang/mimedefang.sock unsafe
Apr 26 18:54:00 motive sendmail[70813]: o3R1s03V070813: Milter (mimedefang): to error state
Apr 26 18:54:00 motive sendmail[70813]: o3R1s03V070813: Milter: initialization failed, temp failing commands
```

I still don't know if its an ownership or permission issue.  I've changed a few things to give mailnull:clamav enough privilege.  No dice yet.  It doesn't seem to be an object existence issue.  I've run sa-update.  Trying to think of all the things that needed to be done after upgrading perl.  Is it possible to increase the log level for more descriptive/detailed logging?


----------

