Mailscanner UNOFFICIAL package for pfSense 2.3.x
-
ClamAV – multiple vulnerabilities
https://forum.pfsense.org/index.php?topic=143316.0
-
Any plans to update Mailscanner for pfSense 2.4.x?
-
2.4.2-RELEASE-p1 (amd64)
built on Tue Dec 12 13:45:26 CST 2017
FreeBSD 11.1-RELEASE-p6[2.4.2-RELEASE][admin@pfSense.corp]/root: sh ./install_mailscanner_23.sh
fetch: /ConfigDefs.pl.patch: No such file or directory
Hmm… I can't seem to find a patch in there anywhere.
fetch: /Message.pm.patch: No such file or directory
Hmm... I can't seem to find a patch in there anywhere.
fetch: /SweepContent.pm.patch: No such file or directory
Hmm... I can't seem to find a patch in there anywhere.Any plans to update Mailscanner for pfSense 2.4.x?
You can try this script, it should work with pfSense 2.4 and Mailscanner v5
#!/bin/sh # * # * install_mailscanner_24.sh # * # * part of unofficial packages for pfSense(R) software # * Copyright (c) 2011-2017 Marcello Coutinho # * All rights reserved. # * # * Licensed under the Apache License, Version 2.0 (the "License"); # * you may not use this file except in compliance with the License. # * You may obtain a copy of the License at # * # * http://www.apache.org/licenses/LICENSE-2.0 # * # * Unless required by applicable law or agreed to in writing, software # * distributed under the License is distributed on an "AS IS" BASIS, # * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # * See the License for the specific language governing permissions and # * limitations under the License. ASSUME_ALWAYS_YES=YES export ASSUME_ALWAYS_YES if [ "$(cat /etc/version | cut -c 1-3)" == "2.4" ]; then prefix=https://raw.githubusercontent.com/marcelloc/Unofficial-pfSense-packages/master/pkg-mailscanner/files check_service_file=check_mailscanner_service.php fetch -q -o /root/$check_service_file $prefix/$check_service_file # /usr/local files for file in www/mailscanner_about.php pkg/mailscanner.conf.template pkg/mailscanner.xml pkg/mailscanner_antispam.xml \ pkg/mailscanner_attachments.xml pkg/mailscanner_report.xml pkg/mailscanner.inc pkg/mailscanner_alerts.xml \ pkg/mailscanner_antivirus.xml pkg/mailscanner_content.xml pkg/mailscanner_sync.xml \ www/shortcuts/pkg_mailscanner.inc bin/sa-updater-custom-channels.sh bin/sa-wrapper.pl do echo "fetching /usr/local/$file from github" fetch -q -o /usr/local/$file $prefix/usr/local/$file done # Enable freebsd Repo repo_dir=/root/repo.bkp mkdir -p $repo_dir rm -f $repo_dir/*conf cp /usr/local/etc/pkg/repos/*conf $repo_dir sed -i "" -E "s/(FreeBSD.*enabled:) no/\1 yes/" /usr/local/etc/pkg/repos/*conf #fix permission chmod +x /usr/local/bin/sa-updater-custom-channels.sh chmod +x /usr/local/bin/sa-wrapper.pl # Install mailscanner package # pkg lock pkg pkg update pkg install mailscanner bash dcc-dccd spamassassin p7zip rsync # restore repository configuration state cp $repo_dir/*conf /usr/local/etc/pkg/repos/. #install services and menus php /root/check_mailscanner_service.php #install spamassassin-extremeshok_fromreplyto plugin_dir=/usr/local/etc/mail/spamassassin plugin_file=extremeshok_fromreplyto.zip if [ ! -d $plugin_dir/plugins ];then mkdir -p $plugin_dir/plugins fi cd root fetch -o $plugin_file https://github.com/extremeshok/spamassassin-extremeshok_fromreplyto/archive/master.zip unzip -o $plugin_file cp spamassassin-extremeshok_fromreplyto-master/plugins/*pm $plugin_dir/plugins/ cp spamassassin-extremeshok_fromreplyto-master/01_extremeshok_fromreplyto.cf $plugin_dir #install shorturl mailscanner plugin plugin_file=DecodeShortURLs.zip fetch -o $plugin_file https://github.com/smfreegard/DecodeShortURLs/archive/master.zip unzip -o $plugin_file cp DecodeShortURLs-master/*pm $plugin_dir cp DecodeShortURLs-master/*cf $plugin_dir # Obsolete with MailScanner v5 #install 7z and pdf patch #plugin_file=pdfid.zip #fetch -o $plugin_file http://didierstevens.com/files/software/pdfid_v0_2_1.zip #unzip -o $plugin_file #cp p*py /usr/local/bin/ #chmod +x /usr/local/bin/p*py ##fix python path #sed -i '.bak' "s@/usr/bin/env python@/usr/local/bin/python2@" /usr/local/bin/p*.py #install unofficial sigs for improving malware protection plugin_file=clamav-unofficial-sigs.zip fetch -o $plugin_file https://github.com/extremeshok/clamav-unofficial-sigs/archive/master.zip unzip -o $plugin_file script_file=/usr/local/sbin/clamav-unofficial-sigs.sh plugin_dir=clamav-unofficial-sigs cp ${plugin_dir}-master/clamav-unofficial-sigs.sh $script_file chmod +x $script_file sed -i '.bak' "s@!/bin/bash@!/usr/local/bin/bash@" $script_file for c_dir in /etc/$plugin_dir/ /var/log/$plugin_dir/ do if [ ! -d $c_dir ];then mkdir $c_dir fi done cp ${plugin_dir}-master/config/* /etc/$plugin_dir cp /etc/$plugin_dir/os.pfsense.conf /etc/$plugin_dir/os.conf sed -i '.bak' 's@clam_user=.*@clam_user="postfix"@' /etc/$plugin_dir/os.conf sed -i '.bak' 's@#user_configuration.*@user_configuration_complete="yes"@' /etc/$plugin_dir/user.conf # update spamassassin database rehash /usr/local/bin/sa-update -D fi # Obsolete with MailScanner v5 #for PatchFile in ConfigDefs.pl.patch Message.pm.patch SweepContent.pm.patch # do # fetch -o - -q $prefix/$PatchFile | patch -N -b -p0 # done
C&P this code in to a file called install_mailscanner_24.sh move it to /root
sh ./install_mailscanner_24.sh cd /root fetch https://raw.githubusercontent.com/marcelloc/Unofficial-pfSense-packages/master/pkg-mailscanner/files/install_cpan_modules_23.sh sh ./install_cpan_modules_23.sh
I have it working with pfSense 2.3.5p1 and Mailscanner v5, so I don't see any reason why it shouldn't work.
Regards
-
FYI MailScanner now has Milter support
https://github.com/MailScanner/v5/blob/master/doc/MailScanner%20Milter%20Guide.pdf
-
Hi, i have postfix and mailscanner running on pfsense 2.4.4-p1, i got the following warnings:
MailScanner[64731]: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./lstat() failed: Permission denied. ERROR :: /var/spool/MailScanner/incoming/64731
Permissions looks fine, i did chown -R postfix:postfix /var/spool/MailScanner/incoming/, also chmod -R 6666 to the same folder.
Runas user on MailScanner.conf and clamd.conf is postfix.
Also mailscanner logs display syntax errors:
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Syntax error(s) in configuration file:
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "deliversuspiciouspdf" at line 93
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "pdfidcommand" at line 84
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "pdfidtimeout" at line 87
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Unrecognised keyword "scanpdf" at line 90
Mar 6 16:09:51 pfsense2 MailScanner[56749]: Warning: syntax errors in /usr/local/etc/MailScanner/MailScanner.conf.Please Help.
-
Try
chown -R postfix:clamav /var/spool/MailScanner/
and
chmod -R 0770 /var/spool/MailScanner/
-
Thanks Bismarck, i just did it but i got the same errors.
-
Here is what i got grom "MailScanner --lint"
-
Only difference I see is "GID/UID" and "Virus Scanner = clamd"
? http://lists.mailscanner.info/pipermail/mailscanner/2018-March/105077.html
Here are all files I have running with pfSense 2.4.4-p2 and Postfix/MailScanner
https://github.com/spec1re/stuff/raw/spec1re-patch-1/Unofficial-pfSense-packages-master.rar
unpack it, execute
- ./install_mailscanner_24.sh
- ./install_cpan_modules_24.sh
and manually copy the other files, overwriting existing ones.
-
-
i must be doing something wrong, i did a clean install pfsense 2.4.4-p1, install unofficial repo, enable FreeBSD in all repos, ran script install_postfix_24.sh, fixed postwhite error fetching the postwhite.conf file from stevejenkins and changing paths in the file, installed mailscanner and cpan from your packet, override every files as suggested and i got the same error.
Postfix and MailScanner are running but got the same errors.
-
the MailScanner.conf errors are just cosmetic, to get rid of them just edit
/usr/local/pkg/mailscanner.conf.template
and comment out line 82 till 98, restart mailscanner via the web interface and they should go away.
For the clamd error, you need to check the permissions defined in the configs of mailscanner and clamd eg. add postfix to the clamav group and viceversa.
-
Thanks Bismarck, that fix the errors. at first i added clamav as group for Incoming Work Dir Settings only in MailScanner.conf, but adding clamav as a group in system settings was the trick.
-
Nice to hear, and now you can start tuning SA / ClamAV rules and signatures. ;)
-
Using pfSense 2.4.4-p3
When trying to install these ,i always end up with errorpHP errors
PHP ERROR: Type: 64, File: /root/check_mailscanner_service.php, Line: 6, Message: require_once(): Failed opening required 'xmlrpc.inc' (include_path='.:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form:/usr/local/share/pear:/usr/local/share/openssl_x509_crl/') @ 2019-12-07 06:41:21 -