search

vstakhov / rmilter

Another sendmail milter for different mail checks.
86 stars 18 forks source link

rmilter socket cannot be used on Ubuntu/Debian #39

Open antwan opened 8 years ago

antwan commented 8 years ago

Hey,

I installed rmilter to use it with postfix + rspamd. I never managed to make it work, the socket created cannot be listened/written by postfix, or any other program.

$ ls -la /var/run/rmilter/rmilter.sock
srwxrwx--- 1 _rmilter adm 0 Sep 23 17:42 /var/run/rmilter/rmilter.sock

Postfix mail.log Sep 23 17:29:15 new postfix/smtpd[6361]: warning: connect to Milter service unix:/run/rmilter/rmilter.sock: No such file or directory

Direct IO with shell

$ cat /var/run/rmilter/rmilter.sock
cat: /var/run/rmilter/rmilter.sock: No such device or address

$ echo "test" > /var/run/rmilter/rmilter.sock
bash: /var/run/rmilter/rmilter.sock: No such device or address

I tried with the latest rmilter version from this morning (1.6.5) as well as the previous one. Environment : Ubuntu trusty x64 with very latest updates.

Can you provide notes/fix/documentation on how to proceed ? Thanks for your awesome job !

Side notes :

  1. The configuration does not have any impact on the socket file name, and it is not possible to bind on a port instead (inet:port:ip).
  2. The socket permissions as they are currently set seem to be incompatible with users other than _rmilter (but ATM even with root it doesn't work anyway).

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

fatalbanana commented 8 years ago

See @patrakov's notes here https://github.com/vstakhov/rspamd/issues/295

You could use socat to test connectivity to UNIX sockets.

On Trusty you can set listen address in /etc/rmilter.conf.sysvinit. On Debian 8 rmilter uses systemd socket activation and listening address must be configured in the systemd socket file.

ortolot commented 8 years ago

Antwan86, you should know that Postfix's smtpd is chrooted, and the socket it is looking for does not exist in its chroot! You should configure rmilter to listen to a socket inside Postfix's chroot, or let smtpd run unchrooted.

vstakhov commented 8 years ago

I'm pretty sure that we just need to stop proposing unix sockets and switch to tcp sockets by default. That's how it is done in rpm based builds.

ortolot commented 8 years ago

Vsevolod Stakhov, 2015-09-24 05:35-0700:

I'm pretty sure that we just need to stop proposing unix sockets and switch to tcp sockets by default. That's how it is done in rpm based builds.

That would be a pity. Unix socket are easier to identify (I can easily determine what is /var/run/opendkim/opendkim.sock in my Postfix configuration, but for localhost:4212 I would have to use netstat) and to secure (no access but from localhost, by nature, and using Unix permissions).

Personally, when searching for something to filter my email, I start by only considering milters (and consider non-milters only if there exist no milter that would do the job), and, when I found a milter, if it does not support Unix sockets, search for an alternative that would…

What could be useful however, is to add a warning for Postfix users, perhaps a comment in the configuration for instance, indicating that their smtpd may be chrooted, and that if it is, the socket should be put inside that chroot.

vstakhov commented 8 years ago

That's not about milter. That's about punny model of libmilter work, when you have absolutely no control of who creates a socket, with what permissions and who is responsible for recycling. That's one of the reasons why I'm going to replace libmilter some day: https://github.com/vstakhov/librmilter

antwan commented 8 years ago

It's working when setting the socket location to /var/spool/postfix/run/rmilter/rmilter.sock. I'm leaving this issue open because:

  1. The file needs to be chmod'ed go+rw so postfix user can use it (this is the smtpd user).
  2. Maybe the project needs some documentation, ubuntu trusty is far from being an anecdotical audience, and it's quite impossible to use rspamd/rmilter on this OS without looking into issues/code for now... :/
skibbipl commented 8 years ago

Are there any security implications by setting SocketGroup=postfix in rmilter.socket?

vstakhov commented 8 years ago

I don't think so. It would be still more secure than TCP socket (if you are not using some non-generic security policies).

antwan commented 8 years ago

Update on this : rmilter socket can be accessed by postfix for incoming emails, as smtpd is chrooted and looks into the right folder, but that's not the case for outgoing emails (smtpd is not chrooted when authenticated via SASL and looks into the real /run/rmilter...)

Any configuration workaround for this ? Maybe create a socket in both folders, or link them ?

vstakhov commented 8 years ago

TCP sockets.

julienschmidt commented 7 years ago

It also works when the postfix user is added to the _rmilter group:

adduser postfix _rmilter

In /etc/rmilter.conf.local: bind_socket = unix:/var/spool/postfix/var/run/rmilter/rmilter.sock; (don't forget to create that dir and chown it to _rmilter:_rmilter)

Then use in /etc/postfix/main.cf: smtpd_milters = unix:/var/run/rmilter/rmilter.sock