Hello all, 

I m new to this ML, I m running qmailscanner on a NetBSD with Qmail. I don't know if someone as already write something about qmailscanner without setuid perl. If this as been already write, sorry for this already well known post.

I give you my method to install qmailscanner without setuid perl.

	1 - Install sudo
	2 - Add the following line (/usr/pkg/etc/sudoers) :

		qmaild  ALL= (qscand) NOPASSWD: /qmail/bin/qmail-scanner-queue.pl *

	This line enable you as user qmaild to launch /qmail/bin/qmail-scanner-queue.pl as user qscand whitout any password

	3 - in /etc/tcp.smtp add this line :

		:allow,QMAILQUEUE="/usr/local/bin/qscan.sh"

	instead of :
		
		:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"

	4 - write the shell code /usr/local/bin/qscan.sh

		#!/bin/sh
		exec /usr/pkg/bin/sudo -u qscand /var/qmail/bin/qmail-scanner-queue.pl $*

	(Note that without the "exec" it's can't work)

	5 - remove setuid from /var/qmail/bin/qmail-scanner-queue.pl

		That's it.

-- 
In girum imus nocte et consumimur igni