Mailscanner + spamassassin + clamav package

Ivart

Marcelloc, same issue from Zlyzwy, any solution?

Thanks.

expert_az

Hi Marcelloc,

any success running mailscanner on amd64 2.1 platform?

I wrote it before but any answer?

marcelloc

I'll check it.

Sorry for the late response.

expert_az

log was like this

Sep 26 12:43:56 mailscanner: Process did not exit cleanly, returned 2 with signal 0
Sep 26 12:44:01 mailscanner: Process did not exit cleanly, returned 2 with signal 0

marcelloc

I've pushed some fixes to the package.

I'm Still testing/checking clamav startup.

I've not bumped version yet, so just reinstall the package in 15 minutes.

expert_az

marcelloc it seems ok now,I tested it on my test PF 2.1 amd64

some new restart logs:

Nov 12 09:52:18 MailScanner[54679]: Using locktype = flock
Nov 12 09:52:18 MailScanner[54679]: Found 0 messages in the Processing Attempts Database
Nov 12 09:52:18 MailScanner[54679]: Connected to Processing Attempts Database
Nov 12 09:52:18 MailScanner[54679]: I have found clamd scanners installed, and will use them all by default.
Nov 12 09:52:13 MailScanner[39454]: Using locktype = flock
Nov 12 09:52:13 MailScanner[39454]: Found 0 messages in the Processing Attempts Database
Nov 12 09:52:13 MailScanner[39454]: Connected to Processing Attempts Database
Nov 12 09:52:13 MailScanner[39454]: I have found clamd scanners installed, and will use them all by default.
Nov 12 09:52:08 MailScanner[29067]: Using locktype = flock
Nov 12 09:52:08 MailScanner[29067]: Found 0 messages in the Processing Attempts Database
Nov 12 09:52:08 MailScanner[29067]: Connected to Processing Attempts Database
Nov 12 09:52:08 MailScanner[29067]: I have found clamd scanners installed, and will use them all by default.
Nov 12 09:51:10 MailScanner[75549]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:51:10 MailScanner[75549]: Connected to SpamAssassin cache database
Nov 12 09:51:10 MailScanner[75549]: Using SpamAssassin results cache
Nov 12 09:51:09 MailScanner[75549]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:51:09 MailScanner[75549]: Read 869 hostnames from the phishing whitelist
Nov 12 09:51:09 MailScanner[75549]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:51:09 MailScanner[75549]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:51:09 MailScanner[75549]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:51:04 MailScanner[63466]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:51:04 MailScanner[63466]: Connected to SpamAssassin cache database
Nov 12 09:51:04 MailScanner[63466]: Using SpamAssassin results cache
Nov 12 09:51:04 MailScanner[63466]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:51:04 MailScanner[63466]: Read 869 hostnames from the phishing whitelist
Nov 12 09:51:04 MailScanner[63466]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:51:04 MailScanner[63466]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:51:04 MailScanner[63466]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:50:59 MailScanner[54679]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:50:59 MailScanner[54679]: Connected to SpamAssassin cache database
Nov 12 09:50:59 MailScanner[54679]: Using SpamAssassin results cache
Nov 12 09:50:59 MailScanner[54679]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:50:59 MailScanner[54679]: Read 869 hostnames from the phishing whitelist
Nov 12 09:50:59 MailScanner[54679]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:50:59 MailScanner[54679]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:50:59 MailScanner[54679]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:50:54 MailScanner[39454]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:50:54 MailScanner[39454]: Connected to SpamAssassin cache database
Nov 12 09:50:54 MailScanner[39454]: Using SpamAssassin results cache
Nov 12 09:50:54 MailScanner[39454]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:50:54 MailScanner[39454]: Read 869 hostnames from the phishing whitelist
Nov 12 09:50:54 MailScanner[39454]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:50:54 MailScanner[39454]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:50:54 MailScanner[39454]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:50:49 MailScanner[29067]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:50:49 MailScanner[29067]: Connected to SpamAssassin cache database
Nov 12 09:50:49 MailScanner[29067]: Using SpamAssassin results cache
Nov 12 09:50:49 MailScanner[29067]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:50:49 MailScanner[29067]: Read 869 hostnames from the phishing whitelist
Nov 12 09:50:49 MailScanner[29067]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:50:49 MailScanner[29067]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:50:49 MailScanner[29067]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:50:45 MailScanner[79786]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 MailScanner[10068]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 MailScanner[94107]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 MailScanner[9153]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 MailScanner[86355]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 php: /pkg_edit.php: Restarting MailScanner
Nov 12 09:50:33 php: /pkg_edit.php: Restarting clamav-clamd daemon
Nov 12 09:50:33 check_reload_status: Syncing firewall

marcelloc

Great! :)

Guest

Thanks marcelloc,
Can you write a mini how-to for mailscanner package?

Ivart

Thanks marcelloc, service status is ok but the clamd error is the same:


Nov 14 11:56:24 treknetgw MailScanner[73800]: Virus and Content Scanning: Starting
Nov 14 11:56:24 treknetgw MailScanner[73800]: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./lstat() failed: Permission denied. ERROR :: /var/spool/MailScanner/incoming/73800
Nov 14 11:56:24 treknetgw MailScanner[73800]: Virus Scanning: Clamd found 1 infections
Nov 14 11:56:24 treknetgw MailScanner[73800]: Virus Scanning: Found 1 viruses

marcelloc

@Ivart:

but the clamd error is the same:

Still checking it…

marcelloc

@Amirkabir:

Can you write a mini how-to for mailscanner package?

Configure package from left to right. All default options are in (yes/no)

Guest

Do i need to install postfix?

Ivart

Yes. Install Postfix and then MailScanner, enable MailScanner in Antispam section of Postfix, Third part Antispam Settings.

m.mascheroni

I have 2 question about this package.

First of all i have installed it on a PFsense 2.1 appliance and it works perfectly, the mails flow without problem to a frakking Exchange 2007 Server.

My questions are:

how can modify the mail subject adding [SPAM] if the mail get > 5 spam points?
how can i setup a whitelist and blacklist based on mail address, maybe with wildcards for example *@contoso.com ?

expert_az

hello marcelloc,I installed PF2.1 amd64 on new box with postfix and mailscanner.

everything running well,but i'm getting some warning messages from postfix and maillscanner,is it normal?

mailscanner warning:

Nov 18 16:16:33 mx01 MailScanner[94836]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 18 16:16:33 mx01 MailScanner[94836]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 18 16:16:33 mx01 MailScanner[94836]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 18 16:16:33 mx01 MailScanner[94836]: Read 869 hostnames from the phishing whitelist
Nov 18 16:16:33 mx01 MailScanner[94836]: Read 5426 hostnames from the phishing blacklists
Nov 18 16:16:33 mx01 MailScanner[94836]: User's home directory /home/postfix does not exist
Nov 18 16:16:33 mx01 MailScanner[94836]: User's home directory /home/postfix is not writable
Nov 18 16:16:33 mx01 MailScanner[94836]: You need to set the "SpamAssassin User State Dir" to a directory that the "Run As User" can write to
Nov 18 16:16:33 mx01 MailScanner[94836]: Using SpamAssassin results cache
Nov 18 16:16:33 mx01 MailScanner[94836]: Connected to SpamAssassin cache database
Nov 18 16:16:33 mx01 MailScanner[94836]: Enabling SpamAssassin auto-whitelist functionality…
Nov 18 16:18:48 mx01 MailScanner[94836]: I have found clamd scanners installed, and will use them all by default.
Nov 18 16:18:48 mx01 MailScanner[94836]: Connected to Processing Attempts Database
Nov 18 16:18:48 mx01 MailScanner[94836]: Found 0 messages in the Processing Attempts Database
Nov 18 16:18:48 mx01 MailScanner[94836]: Using locktype = flock

postfix warning:

Nov 16 14:02:39 php: rc.start_packages: Postfix setup completed
Nov 16 14:02:39 php: rc.start_packages: Reloading/starting postfix
Nov 16 14:02:37 php: rc.start_packages: Writing rc_file
Nov 16 14:02:35 php: rc.start_packages: Writing out configuration
Nov 16 14:02:35 php: rc.start_packages: The command '/usr/local/sbin/postfix reload' returned exit code '1', the output was ''
Nov 16 14:02:35 postfix/postfix-script[94694]: fatal: the Postfix mail system is not running
Nov 16 14:02:35 syslogd: kernel boot file is /boot/kernel/kernel
Nov 16 14:02:35 syslogd: exiting on signal 15
Nov 16 14:02:33 php: rc.start_packages: sync_package_postfix called with via_rpc=no
Nov 16 14:02:33 php: rc.start_packages: Postfix setup completed
Nov 16 14:02:33 postfix/postfix-script[69449]: fatal: the Postfix mail system is not running
Nov 16 14:02:33 php: rc.start_packages: Reloading/starting postfix
Nov 16 14:02:31 php: rc.start_packages: Writing rc_file
Nov 16 14:02:31 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/transport' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:30 php: rc.start_packages: Starting MailScanner
Nov 16 14:02:29 php: rc.start_packages: Starting clamav-clamd daemon
Nov 16 14:02:29 postfix/postmap[38866]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:27 php: rc.start_packages: Writing out configuration
Nov 16 14:02:27 php: rc.start_packages: The command '/usr/local/sbin/postfix reload' returned exit code '1', the output was ''
Nov 16 14:02:25 postfix[38215]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:25 postfix[38032]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:24 php: rc.start_packages: Postfix setup completed
Nov 16 14:02:23 postfix/postmap[23753]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:23 syslogd: kernel boot file is /boot/kernel/kernel
Nov 16 14:02:23 syslogd: exiting on signal 15
Nov 16 14:02:23 check_reload_status: Syncing firewall
Nov 16 14:02:23 postfix[20523]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:23 php: rc.start_packages: sync_package_postfix called with via_rpc=no
Nov 16 14:02:23 php: rc.start_packages: Postfix setup completed
Nov 16 14:02:23 postfix[19402]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:23 php: rc.start_packages: Reloading/starting postfix
Nov 16 14:02:21 postfix[98592]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:21 php: rc.start_packages: Reloading/starting postfix
Nov 16 14:02:21 php: rc.start_packages: Writing rc_file
Nov 16 14:02:21 postfix/sendmail[97436]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:21 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/sender_access' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:19 php: rc.start_packages: Writing rc_file
Nov 16 14:02:19 postfix/sendmail[85730]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:19 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/sender_access' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:19 postfix/postmap[85628]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:19 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/transport' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:18 postfix/postmap[72952]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:17 postfix/postmap[72943]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:15 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/transport' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:15 php: rc.start_packages: Writing out configuration
Nov 16 14:02:15 php: rc.start_packages: The command '/usr/local/sbin/postfix reload' returned exit code '1', the output was ''
Nov 16 14:02:14 postfix/postmap[45331]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:13 postfix[45533]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:11 php: rc.start_packages: Writing out configuration
Nov 16 14:02:11 php: rc.start_packages: The command '/usr/local/sbin/postfix reload' returned exit code '1', the output was ''

marcelloc

@expert_az:

is it normal?

Does your postfix log errors stopped on Nov 16 or still alerting?

I'll check mailscanner user errors.

m.mascheroni

@m.mascheroni:

I have 2 question about this package.

First of all i have installed it on a PFsense 2.1 appliance and it works perfectly, the mails flow without problem to a frakking Exchange 2007 Server.

My questions are:

how can modify the mail subject adding [SPAM] if the mail get > 5 spam points?

how can i setup a whitelist and blacklist based on mail address, maybe with wildcards for example *@contoso.com ?

Any idea how to do this?
Plus i would like to know if is there a method, a service or even a specific log file to check mailscanner activity.

marcelloc

@m.mascheroni:

Any idea how to do this?

IIRC, just select send action on antispam tab.

@m.mascheroni:

Plus i would like to know if is there a method, a service or even a specific log file to check mailscanner activity.

it's on postfix log(/var/log/maillog).

m.mascheroni

Well, probably mailscanner was not active, i believe that change in Postfix Forwarder settings "Message Hold mode" from auto to manual acl and setting headers with /^from:/ HOLD did the trick.

Now all spam emails are tagged with [SPAM?] prefix or [Disarmed] prefix. Now it's perfect.

From previous posts on this thread i've found out that is better to set the log to /var/log/maillog, now it's easier to check postfix and mailscanner activity with a simple tail command.

Thank you for your time and for your precious work.

I still need to figure out how to setup a local whitelist.

marcelloc

@m.mascheroni:

I still need to figure out how to setup a local whitelist.

On postifix acls and/or on mailscanner spam.assassin.prefs.conf gui field