Temp files cleanup?

Noel Jones njones at megan.vbhcs.org
Sun Nov 25 00:49:26 CET 2012


On 11/24/2012 4:55 PM, Glenn Park wrote:
> Hello,
> 
> Testing a new system (Debian-installed amavis), I see that files in
> /var/lib/amavis/tmp are left hanging around.  Presumably a cron job
> was installed with amavis that cleans these out, BUT is there a reason
> amavis doesn't delete the unpackaged messages when it's done with
> them?

The email.txt and parts directory are intentionally left intact so
the filesystem doesn't waste the time to recreate them for each
message.

The parts directory will normally be empty when amavisd is idle, but
will have leftover files if there is a problem.  These files are not
cleaned automatically, as they may need to be examined for problem
solving.

These files and directories are security sensitive *must not* be
world-readable since mail in transit is processed here.


> I ask because I see that the entire email content is left in that
> directory, which in some environments is considered insecure
> (especially if, as in our case, we have that directory in /dev/shm
> which has world read permissions).

Don't do that.  The amavisd tmp directory must be readable *only* by
amavisd and any optional virus scanner.  Please refer to the
installation notes for further instructions.




  -- Noel Jones


More information about the amavis-users mailing list