Mailscanner + spamassassin + clamav package
-
Just a question, did you checked VirusScanning(yes) and Virus scanner =clamd on mailscanner antivirus tab?
I've checked the code and it looks for user clamav on clamd.conf file
#check virus_scanner options $libexec_dir="/usr/local/libexec/MailScanner/"; if ($virus_scanning == "yes"){ if ($antivirus['virus_scanner'] =="none"){ unlink_if_exists($libexec_dir.'clamav-autoupdate'); unlink_if_exists($libexec_dir.'clamav-wrapper'); } else{ . . . #clamd conf file $cconf="/usr/local/etc/clamd.conf"; if (file_exists($conf)){ $cconf_file=file_get_contents($cconf); if (preg_match('/User clamav/',$cconf_file)){ $cconf_file=preg_replace("/User clamav/","User postfix",$cconf_file); file_put_contents($cconf, $cconf_file, LOCK_EX); } } -
Just a question, did you checked VirusScanning(yes) and Virus scanner =clamd on mailscanner antivirus tab?
I've checked the code and it looks for user clamav on clamd.conf file
#check virus_scanner options $libexec_dir="/usr/local/libexec/MailScanner/"; if ($virus_scanning == "yes"){ if ($antivirus['virus_scanner'] =="none"){ unlink_if_exists($libexec_dir.'clamav-autoupdate'); unlink_if_exists($libexec_dir.'clamav-wrapper'); } else{ . . . #clamd conf file $cconf="/usr/local/etc/clamd.conf"; if (file_exists($conf)){ $cconf_file=file_get_contents($cconf); if (preg_match('/User clamav/',$cconf_file)){ $cconf_file=preg_replace("/User clamav/","User postfix",$cconf_file); file_put_contents($cconf, $cconf_file, LOCK_EX); } }All my boxes had virus scanner = auto. Maybe that is why I always have to configure it manually?
Maybe you should default it in your package to clamd instead of auto?
-
Just a question, did you checked VirusScanning(yes) and Virus scanner =clamd on mailscanner antivirus tab?
I've checked the code and it looks for user clamav on clamd.conf file
I just checked an it was set to:
VirusScanning(yes)Do not even know how to change this or turn on any options that have (no)Guess i have to modify some config files or something. Google will answer me i hope. ;DAha ()=default and if it is selected it is on right?Virus scanner was set to auto
So what is recommended i do?
Change user back to clamav and set it to use clameav?
And should i be able to see in the logs that any emails is scanned and passes the scan?
Reason for asking is that i can not see anything like that in the log files in regards to avscan of emails..
This is what i see in the log for an incoming email:2012-07-24 18:35:09 Mail.Info LANIP Jul 24 18:37:22 postfix/postscreen[881]: CONNECT from [69.64.6.29]:34011
2012-07-24 18:35:09 Mail.Info LANIP Jul 24 18:37:22 postfix/postscreen[881]: PASS OLD [69.64.6.29]:34011
2012-07-24 18:35:09 Local0.Info LANIP Jul 24 18:37:22 pf: 00:06:56.261267 rule 27/0(match): pass in on de0: (tos 0x0, ttl 52, id 47253, offset 0, flags [DF], proto TCP (6), length 64)
2012-07-24 18:35:09 Local0.Info LANIP Jul 24 18:37:22 pf: 69.64.6.29.34011 > WANIPONMailscanner: Flags [ S ], cksum 0xb9e2 (correct), seq 994851350, win 16384, options [mss 1460,nop,nop,sackOK,nop,wscale 0,nop,nop,TS val 150586674 ecr 0], length 0
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/smtpd[1239]: connect from mail.pfsense.org[69.64.6.29]
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/smtpd[1239]: A4B6911D1B: client=mail.pfsense.org[69.64.6.29]
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/cleanup[1882]: A4B6911D1B: message-id=3408b51f40ccd43c38e94056c4fe832e-m276917@pfsense.org
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/smtpd[1239]: disconnect from mail.pfsense.org[69.64.6.29]
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/qmgr[31335]: A4B6911D1B: from=cmb@pfsense.org, size=2295, nrcpt=1 (queue active)
2012-07-24 18:35:11 Mail.Info LANIP Jul 24 18:37:24 postfix/smtp[2195]: A4B6911D1B: to=my@email.com, relay=MAILserverIP[MAILserverIP]:25, delay=0.79, delays=0.33/0.01/0.02/0.43, dsn=2.6.0, status=sent (250 2.6.0 3408b51f40ccd43c38e94056c4fe832e-m276917@pfsense.org [InternalId=284] Queued mail for delivery)
2012-07-24 18:35:11 Mail.Info LANIP Jul 24 18:37:24 postfix/qmgr[31335]: A4B6911D1B: removed/my@email.com/cmb@pfsense.orgAgain sorry for noob questions.
-
Maybe you should default it in your package to clamd instead of auto?
The php code checks for virus_scanning == "yes" and 'virus_scanner' != none
so auto or clamd will result on the same config check.
-
Just a question, did you checked VirusScanning(yes) and Virus scanner =clamd on mailscanner antivirus tab?
I've checked the code and it looks for user clamav on clamd.conf file
I just checked an it was set to:
VirusScanning(yes)Do not even know how to change this or turn on any options that have (no)Guess i have to modify some config files or something. Google will answer me i hope. ;DAha ()=default and if it is selected it is on right?Virus scanner was set to auto
So what is recommended i do?
Change user back to clamav and set it to use clameav?
And should i be able to see in the logs that any emails is scanned and passes the scan?
Reason for asking is that i can not see anything like that in the log files in regards to avscan of emails..
This is what i see in the log for an incoming email:2012-07-24 18:35:09 Mail.Info LANIP Jul 24 18:37:22 postfix/postscreen[881]: CONNECT from [69.64.6.29]:34011
2012-07-24 18:35:09 Mail.Info LANIP Jul 24 18:37:22 postfix/postscreen[881]: PASS OLD [69.64.6.29]:34011
2012-07-24 18:35:09 Local0.Info LANIP Jul 24 18:37:22 pf: 00:06:56.261267 rule 27/0(match): pass in on de0: (tos 0x0, ttl 52, id 47253, offset 0, flags [DF], proto TCP (6), length 64)
2012-07-24 18:35:09 Local0.Info LANIP Jul 24 18:37:22 pf: 69.64.6.29.34011 > WANIPONMailscanner: Flags [ S ], cksum 0xb9e2 (correct), seq 994851350, win 16384, options [mss 1460,nop,nop,sackOK,nop,wscale 0,nop,nop,TS val 150586674 ecr 0], length 0
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/smtpd[1239]: connect from mail.pfsense.org[69.64.6.29]
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/smtpd[1239]: A4B6911D1B: client=mail.pfsense.org[69.64.6.29]
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/cleanup[1882]: A4B6911D1B: message-id=3408b51f40ccd43c38e94056c4fe832e-m276917@pfsense.org
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/smtpd[1239]: disconnect from mail.pfsense.org[69.64.6.29]
2012-07-24 18:35:10 Mail.Info LANIP Jul 24 18:37:23 postfix/qmgr[31335]: A4B6911D1B: from=cmb@pfsense.org, size=2295, nrcpt=1 (queue active)
2012-07-24 18:35:11 Mail.Info LANIP Jul 24 18:37:24 postfix/smtp[2195]: A4B6911D1B: to=my@email.com, relay=MAILserverIP[MAILserverIP]:25, delay=0.79, delays=0.33/0.01/0.02/0.43, dsn=2.6.0, status=sent (250 2.6.0 3408b51f40ccd43c38e94056c4fe832e-m276917@pfsense.org [InternalId=284] Queued mail for delivery)
2012-07-24 18:35:11 Mail.Info LANIP Jul 24 18:37:24 postfix/qmgr[31335]: A4B6911D1B: removed/my@email.com/cmb@pfsense.orgAgain sorry for noob questions.
Leave the user as postfix or it will not work.
in /var/log/maillog you should see something like this on accepted mail.
Jul 24 17:41:23 6460_a_51st MailScanner[4124]: New Batch: Scanning 1 messages, 50753 bytes
Jul 24 17:41:23 6460_a_51st MailScanner[4124]: Virus and Content Scanning: Starting
Jul 24 17:41:24 6460_a_51st MailScanner[4124]: Spam Checks: Starting
Jul 24 17:41:24 6460_a_51st MailScanner[4124]: Expired 1 records from the SpamAssassin cache
Jul 24 17:41:38 6460_a_51st MailScanner[4124]: Requeue: 746EA78C4A.A7765 to 41CC478C8AFirst though you need to configure postfix to hold the mail in the que so it can be scanned with something like this.
in the gui for postfix
click the access lists tab
and put something like this "/^from:/ HOLD"You also need to configure the recipients tab as well as the antispam tab
If you look to the botom of the antispam page:
Check use third party anti spam
I use message hold mode "manual mode using acls"
mailscanner+spam assassin + clamav -
Thanks to both of you, marcelloc and mschiek01.
The help from both of you should be enough now to get me going. ;D -
Thanks to both of you, marcelloc and mschiek01.
The help from both of you should be enough now to get me going. ;DThe package works great once you get it set up.
Marcelloc helped me a lot. Just trying to return the favor.
Just any FYI. If you are going to use active directory to extract your valid recipients. You need to make sure you install p5-perl-ldap.
-
The package works great once you get it set up.
Marcelloc helped me a lot. Just trying to return the favor.
Just any FYI. If you are going to use active directory to extract your valid recipients. You need to make sure you install p5-perl-ldap.
Your help is highly appreciated, and if i can help any1 i will do the same. ITs what it is all about. Love sharing knowledge.
Thanks for heads up on the ldap. This will be something i will be using on a late time when i have get enough know how on this packages. -
Cannot lock /var/spool/MailScanner/incoming/Locks/clamavBusy.lock, No such file or directory
chown -R postfix /var/spool/MailScanner/incoming/Locks.Hi marcelloc
Just to let you know that i also did get this error too and had to run the chown command to fix it.
-
Just to let you know that i also did get this error too and had to run the chown command to fix it.
ok, I'll check it.
-
Marcelloc-
I see this error in the log when ever Mailscanner starts:
Jul 31 07:58:13 MailScanner[30780]: MailScanner E-Mail Virus Scanner version 4.83.5 starting…
Jul 31 07:58:13 MailScanner[30780]: Reading configuration file /usr/local/etc/MailScanner/MailScanner.conf
Jul 31 07:58:13 MailScanner[30780]: Reading configuration file /usr/local/etc/MailScanner/conf.d/README
Jul 31 07:58:14 MailScanner[30780]: Read 867 hostnames from the phishing whitelist
Jul 31 07:58:14 MailScanner[30780]: Read 5737 hostnames from the phishing blacklists
Jul 31 07:58:14 MailScanner[30780]: User's home directory /var/spool/postfix is not writable
Jul 31 07:58:14 MailScanner[30780]: You need to set the "SpamAssassin User State Dir" to a directory that the "Run As User" can write to
Jul 31 07:58:14 MailScanner[30780]: Using SpamAssassin results cache
Jul 31 07:58:14 MailScanner[30780]: Connected to SpamAssassin cache database
Jul 31 07:58:15 MailScanner[30780]: Enabling SpamAssassin auto-whitelist functionality…I took a look at the mailscanner.conf and it appears the directories are created with 0600 with a user postfix?
-
I took a look at the mailscanner.conf and it appears the directories are created with 0600 with a user postfix?
Yes, maiscanner runs with postfix user.
chown ('/var/spool/postfix','postfix'); -
Just to let you know that i also did get this error too and had to run the chown command to fix it.
I'm not getting this error but I've included this folder check on mailscanner.inc file.
-
Hi All,
I have the following packages installed.
Asterisk
mailreport
mailscanner-dev
postfix forwarder
squid3Mailscanner refuses to load with the following.
mailscanner
Can't load '/usr/local/lib/perl5/site_perl/5.12.4/mach/auto/Filesys/Df/Df.so' for module Filesys::Df: /usr/local/lib/perl5/site_perl/5.12.4/mach/auto/Filesys/Df/Df.so: Undefined symbol "PL_stack_max" at /usr/local/lib/perl5/5.12.4/mach/DynaLoader.pm line 200.
at /usr/local/sbin/mailscanner line 91
Compilation failed in require at /usr/local/sbin/mailscanner line 91.
BEGIN failed–compilation aborted at /usr/local/sbin/mailscanner line 91.Please advise.
-
check if you have multiple perl version on your pfsense.
type pkg_info | grep -i perl on console/ssh
-
check if you have multiple perl version on your pfsense.
type pkg_info | grep -i perl on console/ssh
Thanks for the response. Below is the outbound of your command.
p5-Archive-Zip-1.30_1 Perl module to create, manipulate, read, and write Zip arch p5-Convert-BinHex-1.119 Perl module to extract data from Macintosh BinHex files p5-Convert-TNEF-0.17 Perl module to read TNEF files p5-Crypt-OpenSSL-RSA-0.28 Perl5 module to RSA encode and decode strings using OpenSSL p5-Crypt-OpenSSL-Random-0.04 Perl5 interface to the OpenSSL pseudo-random number generat p5-DBI-1.616_1 The perl5 Database Interface. Required for DBD::* modules p5-Digest-HMAC-1.03 Perl5 interface to HMAC Message-Digest Algorithms p5-Digest-SHA1-2.13 Perl interface to the SHA-1 Algorithm p5-Error-0.17016 Perl module to provide Error/exception support for perl: Er p5-Filesys-Df-0.92 Perl extension for filesystem space p5-HTML-Parser-3.69 Perl5 module for parsing HTML documents p5-IO-Compress-2.045 Perl5 compression modules (bzip2, deflate, gzip, zlib, zip) p5-IO-Socket-INET6-2.69 Perl module with object interface to AF_INET6 domain socket p5-IO-Socket-SSL-1.53 Perl5 interface to SSL sockets p5-IO-stringy-2.110 Perl5 module for using IO handles with non-file objects p5-Inline-0.49 Write Perl subroutines in other programming languages p5-MIME-Tools-5.502,2 A set of perl5 modules for MIME p5-Mail-ClamAV-0.29_1 Perl extension for the clamav virus scanner p5-Mail-DKIM-0.39 Perl5 module to process and/or create DKIM email p5-Mail-Tools-2.08 Perl5 modules for dealing with Internet e-mail messages p5-Net-CIDR-0.14 Perl module to manipulate IPv4/IPv6 netblocks in CIDR notat p5-Net-DNS-0.67 Perl5 interface to the DNS resolver, and dynamic updates p5-Net-SSLeay-1.42 Perl5 interface to SSL p5-NetAddr-IP-4.058 Perl module for working with IP addresses and blocks thereo p5-OLE-Storage_Lite-0.19 Perl module for OLE document interface p5-Parse-RecDescent-1.965.001 A recursive descent parsing framework for Perl p5-Sys-SigAction-0.15 Perl extension for Consistent Signal Handling p5-TimeDate-1.20,1 Perl5 module containing a better/faster date parser for abs p5-URI-1.59 Perl5 interface to Uniform Resource Identifier (URI) refere p5-libwww-6.02_1 Perl5 library for WWW access p5-version-0.95 Perl extension for Version Objects pcre-8.21 Perl Compatible Regular Expressions library pcre-8.21_1 Perl Compatible Regular Expressions library perl-5.12.4_3 Practical Extraction and Report Language perl-threaded-5.12.4_4 Practical Extraction and Report LanguageI did a fresh install of pfsense today and installed packages in the following order. It looks like squid3 broke mailscanner for I was able to run mailscanner from command line until i installed squid.
Working Install
mailscanner-dev
Asterisk
postfix
squid3 – breaks it. -
perhaps it's the perl-threaded-5.12.4_4 Practical Extraction and Report Languag package.
-
bump.
any idea's?
-
bump.
any idea's?
try to leave only one perl version(using pkg_delete -f) and reinstall mailscanner
-
bump.
any idea's?
try to leave only one perl version(using pkg_delete -f) and reinstall mailscanner
I did the following.
Installed squid3
pkg_info | grep -i perl
pkg_delete -f perl-5.12.4_3
pkg_delete -f perl-threaded-5.12.4_4
rm -rf /usr/local/lib/perl5/5.12.4Reinstalled mail scanner
works. Thanks!
