[Pkg-clamav-commits] [SCM] Debian repository for ClamAV branch, debian/unstable, updated. debian/0.95+dfsg-1-6646-g8c06025

Stephen Gran steve at lobefin.net
Thu Mar 17 08:28:59 UTC 2011 

The following commit has been merged in the debian/unstable branch:
commit 3694eb9dbc702155ddcb8151b7b1baa2adef8551
Author: Stephen Gran <steve at lobefin.net>
Date:   Thu Mar 17 08:27:06 2011 +0000

    update notes about configuring milter
    
    Signed-off-by: Stephen Gran <steve at lobefin.net>

diff --git a/debian/README.Debian b/debian/README.Debian
index 6319463..fe79ef7 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -133,25 +133,11 @@ CLAMAV-DAEMON
 
    POSTFIX
 
-   Recent versions of postfix have support for milters.  This allows clamav-milter to
-   be used reasonably well with postfix, although the problem of group permissions on
-   the actual socket is a problem.  See /usr/share/doc/clamav-milter/INSTALL.gz for some
-   details.  A solution for the frequent "I have to change the init script to make sure
-   postfix can communicate with the socket" problem is making the directory for the socket
-   setgid.  So:
-   uncomment "USE_POSTFIX=yes" in /etc/default/clamav-milter and choose the appropriate
-   socket option.
-   mkdir -p /var/spool/postfix/clamav/
-   chown clamav:postfix /var/spool/postfix/clamav/
-   chmod g+s /var/spool/postfix/clamav/
-   ls -l /var/spool/postfix/clamav/
-   srwxrwxr-x 1 clamav postfix 0 2006-12-15 03:37 clamav-milter
-
-   Another option is to use a TCP socket for milter <-> postfix communication.  For this
-   option, you can use the syntax:
-   SOCKET=inet:12000 at 127.0.0.1 (port at host, in case it's not clear)
-   in /etc/default/clamav-milter.  This has the disadvantage that you lose filesystem
-   permission-based protections on the socket, so use with some caution.
+   Recent versions of postfix have support for milters.  This allows
+   clamav-milter to be used reasonably well with postfix, although the
+   problem of group permissions on the actual socket can be a problem.
+   See /usr/share/doc/clamav-milter/INSTALL.gz for some details as well
+   as the end of the CLAMAV-MILTER section below.
 
    Other MTA's I am not as familiar with, but the same principles apply -
    clamav needs read and write access to the diretory where messages are
@@ -263,8 +249,8 @@ CLAMAV-MILTER
   I suggest putting SpamAssassin first since you're more likely to get spam
   than a virus/worm sent to you.
 
-  Add to /etc/default/clamav-milter
-     OPTIONS="--max-children=2"
-  or if clamd is on a different machine
-     OPTIONS="--max-children=2 --server=192.168.1.9"
+  As of 0.96, clamav-milter will take care of making the socket
+  writable for a group.  This is done by setting MilterSocketGroup and
+  MilterSocketMode to useful values in your /etc/clamav/clamav-milter.conf
+  (for instance, "postfix" and "0664", respectively).
 

-- 
Debian repository for ClamAV

More information about the Pkg-clamav-commits mailing list