Am 21.11.2021 um 22:36 schrieb Jay Hart:
[ ... ]
[root@dream spamassassin]# postconf -n |grep milter milter_default_action = accept milter_protocol = 6 non_smtpd_milters = $smtpd_milters smtpd_milters = unix:/run/spamass-milter/spamass-milter.sock
Ok. I expect you have specified the spamass-milter by purpose.
[root@dream spamassassin]# ls -al /var/run/spamass-milter/spamass-milter.sock srwxr-xr-x. 1 sa-milt sa-milt 0 Nov 20 23:28 /var/run/spamass-milter/spamass-milter.sock
Two things:
- should the 'smtpd_milters' path be /var/run... vice unix:/run...
You know that there are unix sockets and tcp sockets? "unix:/path" just declares a unix type socket within the main.cf.
- I just noticed I have two spamass-milter sockets running:
[root@dream spamass-milter]# ls -al /var/run/spamass-milter/spamass-milter.sock srwxr-xr-x. 1 sa-milt sa-milt 0 Nov 20 23:28 /var/run/spamass-milter/spamass-milter.sock
[root@dream spamass-milter]# ls -al /run/spamass-milter/spamass-milter.sock srwxr-xr-x. 1 sa-milt sa-milt 0 Nov 20 23:28 /run/spamass-milter/spamass-milter.sock
It shouldn't be new to you that /var/run is a symlink to /run. So you don't have to distinguish sockets.
You haven't checked the whole path permissions up to the socket.
namei -lv /run/spamass-milter/spamass-milter.sock
Postfix must be able to reach the unix socket file. One way to achieve that is putting the postfix user in the sa-milt group. Or configure the spamass milter to provide a tcp socket and attach to that one within Postfix. Thus you would not have to care for path and file permissions.
[root@dream share]# ss -l |grep spam u_str LISTEN 0 128 /run/spamass-milter/spamass-milter.sock 185043
[root@dream share]# ss -pl |grep spam u_str LISTEN 0 128 /run/spamass-milter/spamass-milter.sock 185043 * 0 users:(("spamass-milter",pid=16657,fd=4)) u_dgr UNCONN 0 0 * 198745 * 14567 users:(("spamd child",pid=17925,fd=4),("spamd child",pid=17924,fd=4),("spamd",pid=17891,fd=4)) u_dgr UNCONN 0 0 * 185042 * 14567 users:(("spamass-milter",pid=16657,fd=3)) tcp LISTEN 0 128 127.0.0.1:783 0.0.0.0:* users:(("spamd child",pid=17925,fd=6),("spamd child",pid=17924,fd=6),("spamd",pid=17891,fd=6)) tcp LISTEN 0 128 [::1]:783 [::]:* users:(("spamd child",pid=17925,fd=5),("spamd child",pid=17924,fd=5),("spamd",pid=17891,fd=5))
Been hunting around in the configs trying to determine why I got two processes running...Still looking into this.
Thanks,
Jay
Alexander