Port to use in MTA when communicating with mail filter ?
Daniel J Walsh
dwalsh at redhat.com
Thu Oct 27 21:37:09 UTC 2005
Nicolas Mailhot wrote:
> Hi,
>
> I'm using postfix with the amavid-new spam/virus mail filter. In this
> type of configuration the MTA sends every processed mail to the filter
> daemon on one port, and receives the result of the filtering on another.
> The online documentation is not too clear, but the commonly used ports
> seem to be on the 10024-10026 range. In my setup the MTA listens on port
> 10026 and the filter on port 10025.
>
>
Looks like these ports are used by amavisd
portcon tcp 10024 system_u:object_r:amavisd_recv_port_t
portcon tcp 10025 system_u:object_r:amavisd_send_port_t
And reading policy states that postfix can listen on the send port.
Are you seeing any avc messages?
> Unfortunately that means the selinux policy in Raw Hide blocks postfix
> startup:
> Oct 23 11:56:21 rousalka postfix/master[2076]: fatal: bind 127.0.0.1
> port 10026: Permission denied
>
> Therefore, I'd like to know:
> 1. if a port has already been allocated in the Fedora Devel targeted
> policy for MTA <- filter communication
> 2. if yes which one is it so I make my installation conformant
> 3. if not would it be possible to add it? I'm ready to poll the
> postfix/amavisd-new lists to find out what the canonical port to use
> would be.
>
> Regards,
>
>
> ------------------------------------------------------------------------
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
More information about the selinux
mailing list