postfix, procmail and SELinux - No Go

Paul Howarth paul at city-fan.org
Fri Jun 2 13:58:50 UTC 2006 

Marc Schwartz (via MN) wrote:
> On Wed, 2006-05-31 at 15:15 +0100, Paul Howarth wrote:
>> Paul Howarth wrote:
>>> On Tue, 2006-05-30 at 14:47 -0500, Marc Schwartz (via MN) wrote:
>>>> For reference, here is my ~/.procmailrc:
>>>>
>>>> # Scan for viruses using ClamAV + clamassassin
>>>> :0 fw
>>>> | /usr/local/bin/clamassassin
>>>>
>>>> # Scan with SpamAssasin (+ razor, pyzor and dcc)
>>>> :0 fw
>>>> | /usr/bin/spamc -s 256000
> 
> Paul,
> 
> First, before I forget, I resolved the Evolution crash issue. While I
> still contend that the crashes did not occur whilst I had SELinux fully
> disabled, the cause appears to be the presence of bad UTF-8 characters
> in the Evo contact list.
> 
> A search finally led me to this bug report in RH's Bugzilla:
> 
>   https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189955
> 
> with a working fix noted in the linked GNOME bug report on the same
> issue. So at least directly, this has nothing to do with SELinux...  :-)

Good. I don't suppose during your investigations you spotted an 
evolution bug regarding pasting text into the middle of a paragraph 
sometimes causing evolution's memory usage to spiral out of control, so 
the process has to be killed? That one hits me a few times a week and is 
very annoying. Off topic though.

>> Could you also try adding a recipe for forwarding mail somewhere off 
>> your system? I suspect that may also fail with postfix as your MTA, and 
>> we might as well fix that whilst we're here.
>>
>> Something like this ought to do:
>>
>> # Test forwarding
>> :0
>> * Subject: forwarding test
>> ! myaccount at hotmail.com
> 
> OK.  Did this. The message was of course bounced back by Postfix.

What did postfix say was the reason for the bounce? If you were in 
permissive mode, it would suggest that your local config is broken, 
since this should work.

> I am
> not entirely clear what you need here in terms of feedback. I did not
> see anything obvious in the audit.log using grep with 'postfix' or
> 'procmail', as pretty much all of the returned lines involved
> "comm='clamscan'" entries.

See if you can get it working in permissive mode, then we'll look at any 
AVCs that crop up.

Paul.

More information about the fedora-selinux-list mailing list