ceilingcat wrote:
clamsmtp doesn't have permision to open the socket. do
ls -ld /var/run/clamav/
ls -l /var/run/clamav/clamd.ctl
and see what user/group is clamsmtp running under.
I have read that the socket can take some time to establish. Could that be
a problem?
no, the messzage clearsly says it's permission problem.
Btw, why clamsmtp? which MTA do you use?
ls -ld /var/run/clamav/ ----> drwxr-xr-x 2 clamav clamav 60 2009-07-14 12:01
/var/run/clamav/
ls -l /var/run/clamav/clamd.ctl ---> -rw-r--r-- 1 clamav clamav 0
2009-07-14 11:52 /var/run/clamav/clamd.ctl
Only the clamav user is allowed to read and write to the clamd.ctl file.
This means that if the clamsmtp daemon doesn't run as the clamav user,
it won't be able to communicate with clamd. I believe you have two options:
Run clamsmtpd as the clamav user. You should be able to do this by
editing /etc/clamsmtpd.conf to have the following two lines and starting
the clamsmtpd service as root.
# User to switch to
User: clamav
You may also be able to make the clamd.ctl socket have more permissive
permissions. I'm not sure exactly how to do this or what the
AllowSupplementaryGroups option for /etc/clamd.conf does :-).
I am using Postfix as the MTA. As for using clamsmtp, why not, if it
intercepts viruses for me?
People are implicitly suggesting that you use a milter which is becoming
the standard replacement for filtering proxies. I think that you have a
better chance of not losing an email if you use a clamav's milter, which
postfix can communicate with.
btw .. i successfully installed clamsmtp on a virtual linux machine and I
thought it would be just as easy to install on my desktop box!
--
binki
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
