From owner-freebsd-questions@FreeBSD.ORG Mon Apr 7 19:43:37 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 235C837B401 for ; Mon, 7 Apr 2003 19:43:37 -0700 (PDT) Received: from mail.skiltech.com (bunning.skiltech.com [216.235.79.240]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2E96143F75 for ; Mon, 7 Apr 2003 19:43:36 -0700 (PDT) (envelope-from minter@lunenburg.org) Received: from localhost (localhost [127.0.0.1]) by mail.skiltech.com (Postfix) with ESMTP id 85283579E1 for ; Mon, 7 Apr 2003 22:43:35 -0400 (EDT) Received: from lunenburg.org (rdu57-90-057.nc.rr.com [66.57.90.57]) (using TLSv1 with cipher DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by mail.skiltech.com (Postfix) with ESMTP id D0185579DE for ; Mon, 7 Apr 2003 22:43:34 -0400 (EDT) Date: Mon, 7 Apr 2003 22:43:35 -0400 Mime-Version: 1.0 (Apple Message framework v551) Content-Type: text/plain; charset=US-ASCII; format=flowed From: H.Wade Minter To: freebsd-questions@freebsd.org Content-Transfer-Encoding: 7bit Message-Id: X-Mailer: Apple Mail (2.551) X-Virus-Scanned: by AMaViS snapshot-20020531 Subject: Upgraded amavisd, mail failing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Apr 2003 02:43:37 -0000 I ran a portupgrade on my postfix-based mail system tonight, and it upgraded p5-Mail-SpamAssassin and amavisd-new. So far so good. I restarted the daemons, restarted the queue, and all of the incoming mail started getting held with the following error: Apr 7 22:37:12 mail postfix/lmtp[62440]: D8C44280: to=, relay=127.0.0.1[127.0.0.1], delay=1566, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=62383-01-3, decoding FAILED: Insecure $ENV{PATH} while running with -T switch at /usr/local/sbin/amavisd line 3082. (in reply to end of DATA command)) Line 3082 from amavisd is: # call 'file' utility for each part, # and associate (save) full and short types with each part # sub determine_file_types($$$) { my($partslist,$tempdir,$file_generator_object) = @_; for my $part (@$partslist) { my($filename) = "$tempdir/parts/$part"; ==> my($filetype) = qx($file -b $filename 2>/dev/null); my($ret) = retcode($?); $ret==0 or die "'file' utility ($file) failed, status=$ret"; chomp($filetype); section_time('get-file-type'); local($_) = $filetype; my($ty); # try to classify some common types and give them short type name Line 5140 in amavisd has: # Set path, home and term explictly. Don't trust environment ==> $ENV{PATH} = $path if $path ne ''; $ENV{HOME} = $helpers_home if $helpers_home ne ''; $ENV{TERM} = 'dumb'; And amavisd.conf has: $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; This is a stock install from ports, nothing funny going on. Does anyone have any ideas on what might be broken? --Wade