• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

SpamAssassin and /tmp noexec

C

cmaxwell

Regular Pleskian
Hi all,

Can someone please help me out with a problem related to the spamd and having /tmp mounted as noexec (for security).

We recently tried this out on a server and found the spamd would error with the following:

Jul 27 17:54:59 test_server spamc[10417]: connect(AF_UNIX) to spamd /tmp/spamd_full.sock failed: Permission denied

Short of setting /tmp back to having exec permissions, what else could we do to get around the problem?

Thanks!

- Chris
 
You changed the ownerships in the /tmp directory. On the socket you must have popuser:root.
 
Thanks for your reply.

It was actually the wrong spamassassin running - for whatever reason the service "spamassassin" instead of "psa-spamassassin" was running, so we stopped the wrong one and started up psa-spamassassin and everything started working again.

I have read elsewhere that this problem was probably linked to an update, though we didn't install an update on the same date as the problem started happening.

All working now, thanks.

- Chris
 
which one?

does anybody know if you have to run

1. spamassassin
2. psa-spamassassin
3. both

for proper anti-spam functionality?

Thanks.
 
psa-spamassassin is for controlling spam assassin through the CP and is not necessary for spamassassin to function properly.

I run both psa-spamassassin and spamassassin with qmail-scanner from ART's repos. This seems to work best. You can run one or the other or both. I'm setup this way so my EU's can control the spamassassin settings in their CP's if they want.

ART also has intergragted spamassassin into his squirrelmail repo which has bayes functionality setup which is a way around using psa-spamasassin like I am.

I setup psa-spamassassin to flag anything with a score of 5, I'm running maps with these domains:

sbl-xbl.spamhaus.org;sc.surbl.org;ws.surbl.org;ob.surbl.org;
ab.surbl.org;multi.surbl.org;black.uribl.com;
cbl.abuseat.org;chinanet.blackholes.us;korea.blackholes.us;
relays.ordb.org;dnsbl.njabl.org;list.dsbl.org;blackholes.easynet.nl;
Blackholes.mail-abuse.org
 
Thanks

Thanks, Galactic Zero, that makes things more clear for me.
 
You must log in or register to reply here.

Similar threads

D
Question Sendmail behaviour change after 18.0.55 Update 1
Replies
0
Views
821
davidweb
D
T
Issue After moving subscription, users receive message "Your subscription was removed", Cannot create new webspace.
Replies
2
Views
1K
thespark
T
F
Issue Pretty bad problem: Server starts successfully and starts all services but stops them again.
Replies
1
Views
2K
Fuchur
F
Christoph Farnleitner
File owner in subscription is unequal to sys user (actual file owner-name is set to a FTP-user name)
Replies
2
Views
2K
Christoph Farnleitner
Christoph Farnleitner
T
Internal error: filemng failed, permission denied
Replies
1
Views
2K
IgorG
IgorG
Back
Top