• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

SpamAssassin and /tmp noexec

C

cmaxwell

Regular Pleskian
Hi all,

Can someone please help me out with a problem related to the spamd and having /tmp mounted as noexec (for security).

We recently tried this out on a server and found the spamd would error with the following:

Jul 27 17:54:59 test_server spamc[10417]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: Permission denied

Short of setting /tmp back to having exec permissions, what else could we do to get around the problem?

Thanks!

- Chris
 
You changed the ownerships in the /tmp directory. On the socket you must have popuser:root.
 
Thanks for your reply.

It was actually the wrong spamassassin running - for whatever reason the service "spamassassin" instead of "psa-spamassassin" was running, so we stopped the wrong one and started up psa-spamassassin and everything started working again.

I have read elsewhere that this problem was probably linked to an update, though we didn't install an update on the same date as the problem started happening.

All working now, thanks.

- Chris
 
which one?

does anybody know if you have to run

1. spamassassin
2. psa-spamassassin
3. both

for proper anti-spam functionality?

Thanks.
 
psa-spamassassin is for controlling spam assassin through the CP and is not necessary for spamassassin to function properly.

I run both psa-spamassassin and spamassassin with qmail-scanner from ART's repos. This seems to work best. You can run one or the other or both. I'm setup this way so my EU's can control the spamassassin settings in their CP's if they want.

ART also has intergragted spamassassin into his squirrelmail repo which has bayes functionality setup which is a way around using psa-spamasassin like I am.

I setup psa-spamassassin to flag anything with a score of 5, I'm running maps with these domains:

sbl-xbl.spamhaus.org;sc.surbl.org;ws.surbl.org;ob.surbl.org;
ab.surbl.org;multi.surbl.org;black.uribl.com;
cbl.abuseat.org;chinanet.blackholes.us;korea.blackholes.us;
relays.ordb.org;dnsbl.njabl.org;list.dsbl.org;blackholes.easynet.nl;
Blackholes.mail-abuse.org
 
Thanks

Thanks, Galactic Zero, that makes things more clear for me.
 
You must log in or register to reply here.

Similar threads

D
Question Sendmail behaviour change after 18.0.55 Update 1
Replies
0
Views
1K
davidweb
D
Winnstorm
Issue BAYES Filter error
Replies
0
Views
2K
Winnstorm
Winnstorm
T
Issue SpamAssassin is not scanning server-wide
Replies
2
Views
2K
japjay
J
T
Issue After moving subscription, users receive message "Your subscription was removed", Cannot create new webspace.
Replies
2
Views
2K
thespark
T
I
Question Problems with Email certificate renewal - seems linked to changes in SNI support
Replies
0
Views
3K
iainh
I
Back
Top