All pastes #3623877 Raw Edit

Someone

public unlisted text v1 · immutable
#3623877 ·published 2016-06-11 22:45 UTC
rendered paste body
System: CentOS 7
Selinux: permissive (temporarily)
Problem: permission denied on socket

[jarif@www ~]$ cat /etc/sysconfig/spamass-milter 
### Override for your different local config if necessary
SOCKET=/var/spool/postfix/spamass-milter/spamass-milter.sock
#SOCKET_OPTIONS="-g postfix"
#SOCKET=127.0.0.1:7358
#SOCKET="inet:3381@localhost"

### You may add configuration parameters here, see spamass-milter(1)
###
### Note that the -x option for expanding aliases and virtusertable entries
### only works if spamass-milter is run as root; you will need to use
### spamass-milter-root.service instead of spamass-milter.service if you
### wish to do this but otherwise it's best to run as the unprivileged user
### sa-milt by using the normal spamass-milter.service
EXTRA_FLAGS="-m -r 15 -B spam@fredriksson.dy.fi -I -- -x -t 1200 -d localhost -p 10783 -u spam --connect-retries=3"

[jarif@www ~]$ grep spama /etc/postfix/main.cf 
#smtpd_milters = inet:[127.0.0.1]:7357,unix:spamass-milter/spamass-milter.sock
smtpd_milters = unix:/var/spool/postfix/spamass-milter/spamass-milter.sock


[jarif@www ~]$ ls -lah /var/spool/postfix/spamass-milter/
total 8.0K
drwxr-xr-x.  2 sa-milt postfix 4.0K Jun 12 00:04 .
drwxr-xr-x. 19 root    root    4.0K Jun 10 15:55 ..
srwxr-xr-x.  1 sa-milt postfix    0 Jun 12 00:04 spamass-milter.sock

[jarif@www ~]$ grep sa-milt /etc/group
sa-milt:x:985:postfix

==> /var/log/maillog <==
Jun 12 00:41:28 www postfix/smtpd[3651]: connect from cust-vm-hz-01.bitwell.biz[78.46.194.239]
Jun 12 00:41:28 www postfix/smtpd[3651]: warning: connect to Milter service unix:/var/spool/postfix/spamass-milter/spamass-milter.sock: Permission denied
Jun 12 00:41:28 www postfix/smtpd[3651]: NOQUEUE: milter-reject: CONNECT from cust-vm-hz-01.bitwell.biz[78.46.194.239]: 451 4.7.1 Service unavailable - try again later; proto=SMTP
Jun 12 00:41:28 www postfix/smtpd[3651]: NOQUEUE: milter-reject: EHLO from cust-vm-hz-01.bitwell.biz[78.46.194.239]: 451 4.7.1 Service unavailable - try again later; proto=SMTP helo=<cust-vm-hz-01.bitwell.biz>
Jun 12 00:41:28 www postfix/smtpd[3651]: NOQUEUE: milter-reject: MAIL from cust-vm-hz-01.bitwell.biz[78.46.194.239]: 451 4.7.1 Service unavailable - try again later; from=<logcheck@cust-vm-hz-01.bitwell.biz> proto=ESMTP helo=<cust-vm-hz-01.bitwell.biz>
Jun 12 00:41:28 www postfix/smtpd[3651]: disconnect from cust-vm-hz-01.bitwell.biz[78.46.194.239]