Matt wrote: >> The question is, why is spamd in use? Typically SpamAssassin is called >> by amavisd-new and therefore only your vscan user would use >> /var/amavis/.razor/razor-agent.conf.
> Maybe the spamd user isn't in use. I know it exists in /etc/passwd (was > created by the port), but I just assumed that the following log messages > were coming from the spamd process which was being run as the spamd > user.... But the spamd daemon should not be running on a system where amavisd-new calls spamassassin. In a typical amavisd-new environment there is no reason to start spamd. The error is caused by a process that should not be running. > Sep 9 18:56:23 relay3 spamd[491]: razor2 check skipped: No such file or > directory Can't read conf file: /var/amavis/.razor/razor-agent.conf > Sep 9 18:57:58 relay3 spamd[490]: razor2 check skipped: No such file or > directory Can't read conf file: /var/amavis/.razor/razor-agent.conf > Sep 9 19:03:02 relay3 spamd[553]: razor2 check skipped: No such file or > directory Can't read conf file: /var/amavis/.razor/razor-agent.conf > Otherwise, why wouldn't it be able to access the file? Below is proof > that something is up.... > relay1# sudo -H -u vscan head -1 /var/amavis/.razor/razor-agent.conf > # > relay1# sudo -H -u spamd head -1 /var/amavis/.razor/razor-agent.conf > head: /var/amavis/.razor/razor-agent.conf: Permission denied This is a good thing. Users other than the amavisd-new user (and root) should not have access to files in the /var/amavis directory. The /var/amavis directory is 0750, so others cannot read. You don't want to open up permissions on the whole tree. The /var/amavis and /var/amavis/.razor directories would have to be something like 0755 to allow access. Don't do that. > The vscan user can access the file fine, while the spamd user can't.... > Is something up with the port thats calling spamd as the spamd user? Possibly the only thing wrong with the port is it is starting the spamd daemon. If I am not mistaken, you are running FreeBSD, so I think you would take a look in /etc/rc.conf to see if it is enabled. > -Matt So, you could add the spamd user to the amavis group, but like I said, most likely the spamd daemon should not even be running, so there really is no reason to. You are chasing a problem that can be solved by simply not running spamd. The other option, as I stated, is to remove: razor_config /var/amavis/.razor/razor-agent.conf from local.cf, then give the spamd user its own set of razor files. If it is indeed 'spamd' who is the user running the spamd daemon, you could either copy the .razor directory and files to spamd's home directory, then chown them to the spamd user, or create a new set of razor files: sudo -H -u spamd razor-admin -create sudo -H -u spamd razor-admin -register then edit spamd's .razor/razor-agent.conf file and set: debuglevel = 0 Gary V ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
