Mailscanner + spamassassin + clamav package
-
Hi Marcelloc,
I upgrade my pf from 2.03 to 2.1 release version, it seems postfix and mailscanner is not working properly. I can still receive email but I believe mailscanner is not working in background. There is no log in "search mail" option.
# postfix check /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix /usr/pbi/postfix-i386/sbin/postconf: warning: /usr/pbi/postfix-i386/etc/postfix/master.cf: unused parameter: user=postfix postfix/postfix-script: warning: not owned by root: /var/spool/postfix# MailScanner --lint Trying to setlogsock(unix) Reading configuration file /usr/pbi/mailscanner-i386/etc/MailScanner/MailScanner.conf Reading configuration file /usr/local/etc/MailScanner/conf.d/README Read 865 hostnames from the phishing whitelist Read 5278 hostnames from the phishing blacklists Checking version numbers... Version installed (4.84.5) does not match version stated in MailScanner.conf file (4.83.5), you may want to run upgrade_MailScanner_conf to ensure your MailScanner.conf file contains all the latest settings. Your envelope_sender_header in spam.assassin.prefs.conf is correct. MailScanner setting GID to (125) MailScanner setting UID to (125) Checking for SpamAssassin errors (if you use it)... Using SpamAssassin results cache Connected to SpamAssassin cache database SpamAssassin reported no errors. I have found scanners installed, and will use them all by default. You appear to have no virus scanners installed at all! This is not good. If you have installed any, then check your virus.scanners.conf file to make sure the locations of your scanners are correct at /usr/pbi/mailscanner-i386/lib/MailScanner/MailScanner/SweepViruses.pm line 518 Connected to Processing Attempts Database Created Processing Attempts Database successfully There is 1 message in the Processing Attempts Database Using locktype = posix MailScanner.conf says "Virus Scanners = auto" Found these virus scanners installed: =========================================================================== Cannot chdir to /var/spool/MailScanner/incoming/87670, Permission denied at /usr/pbi/mailscanner-i386/lib/MailScanner/MailScanner/WorkArea.pm line 235Thanks
Zlyzwy -
Marcelloc, same issue from Zlyzwy, any solution?
Thanks.
-
Hi Marcelloc,
any success running mailscanner on amd64 2.1 platform?
I wrote it before but any answer?
-
I'll check it.
Sorry for the late response.
-
log was like this
Sep 26 12:43:56 mailscanner: Process did not exit cleanly, returned 2 with signal 0
Sep 26 12:44:01 mailscanner: Process did not exit cleanly, returned 2 with signal 0 -
I've pushed some fixes to the package.
I'm Still testing/checking clamav startup.
I've not bumped version yet, so just reinstall the package in 15 minutes.
-
marcelloc it seems ok now,I tested it on my test PF 2.1 amd64
some new restart logs:
Nov 12 09:52:18 MailScanner[54679]: Using locktype = flock
Nov 12 09:52:18 MailScanner[54679]: Found 0 messages in the Processing Attempts Database
Nov 12 09:52:18 MailScanner[54679]: Connected to Processing Attempts Database
Nov 12 09:52:18 MailScanner[54679]: I have found clamd scanners installed, and will use them all by default.
Nov 12 09:52:13 MailScanner[39454]: Using locktype = flock
Nov 12 09:52:13 MailScanner[39454]: Found 0 messages in the Processing Attempts Database
Nov 12 09:52:13 MailScanner[39454]: Connected to Processing Attempts Database
Nov 12 09:52:13 MailScanner[39454]: I have found clamd scanners installed, and will use them all by default.
Nov 12 09:52:08 MailScanner[29067]: Using locktype = flock
Nov 12 09:52:08 MailScanner[29067]: Found 0 messages in the Processing Attempts Database
Nov 12 09:52:08 MailScanner[29067]: Connected to Processing Attempts Database
Nov 12 09:52:08 MailScanner[29067]: I have found clamd scanners installed, and will use them all by default.
Nov 12 09:51:10 MailScanner[75549]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:51:10 MailScanner[75549]: Connected to SpamAssassin cache database
Nov 12 09:51:10 MailScanner[75549]: Using SpamAssassin results cache
Nov 12 09:51:09 MailScanner[75549]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:51:09 MailScanner[75549]: Read 869 hostnames from the phishing whitelist
Nov 12 09:51:09 MailScanner[75549]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:51:09 MailScanner[75549]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:51:09 MailScanner[75549]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:51:04 MailScanner[63466]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:51:04 MailScanner[63466]: Connected to SpamAssassin cache database
Nov 12 09:51:04 MailScanner[63466]: Using SpamAssassin results cache
Nov 12 09:51:04 MailScanner[63466]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:51:04 MailScanner[63466]: Read 869 hostnames from the phishing whitelist
Nov 12 09:51:04 MailScanner[63466]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:51:04 MailScanner[63466]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:51:04 MailScanner[63466]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:50:59 MailScanner[54679]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:50:59 MailScanner[54679]: Connected to SpamAssassin cache database
Nov 12 09:50:59 MailScanner[54679]: Using SpamAssassin results cache
Nov 12 09:50:59 MailScanner[54679]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:50:59 MailScanner[54679]: Read 869 hostnames from the phishing whitelist
Nov 12 09:50:59 MailScanner[54679]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:50:59 MailScanner[54679]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:50:59 MailScanner[54679]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:50:54 MailScanner[39454]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:50:54 MailScanner[39454]: Connected to SpamAssassin cache database
Nov 12 09:50:54 MailScanner[39454]: Using SpamAssassin results cache
Nov 12 09:50:54 MailScanner[39454]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:50:54 MailScanner[39454]: Read 869 hostnames from the phishing whitelist
Nov 12 09:50:54 MailScanner[39454]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:50:54 MailScanner[39454]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:50:54 MailScanner[39454]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:50:49 MailScanner[29067]: Enabling SpamAssassin auto-whitelist functionality…
Nov 12 09:50:49 MailScanner[29067]: Connected to SpamAssassin cache database
Nov 12 09:50:49 MailScanner[29067]: Using SpamAssassin results cache
Nov 12 09:50:49 MailScanner[29067]: Read 5426 hostnames from the phishing blacklists
Nov 12 09:50:49 MailScanner[29067]: Read 869 hostnames from the phishing whitelist
Nov 12 09:50:49 MailScanner[29067]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 12 09:50:49 MailScanner[29067]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 12 09:50:49 MailScanner[29067]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 12 09:50:45 MailScanner[79786]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 MailScanner[10068]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 MailScanner[94107]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 MailScanner[9153]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 MailScanner[86355]: MailScanner child caught a SIGHUP
Nov 12 09:50:45 php: /pkg_edit.php: Restarting MailScanner
Nov 12 09:50:33 php: /pkg_edit.php: Restarting clamav-clamd daemon
Nov 12 09:50:33 check_reload_status: Syncing firewall -
Great! :)
-
Thanks marcelloc,
Can you write a mini how-to for mailscanner package? -
Thanks marcelloc, service status is ok but the clamd error is the same:
Nov 14 11:56:24 treknetgw MailScanner[73800]: Virus and Content Scanning: Starting Nov 14 11:56:24 treknetgw MailScanner[73800]: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./lstat() failed: Permission denied. ERROR :: /var/spool/MailScanner/incoming/73800 Nov 14 11:56:24 treknetgw MailScanner[73800]: Virus Scanning: Clamd found 1 infections Nov 14 11:56:24 treknetgw MailScanner[73800]: Virus Scanning: Found 1 viruses -
-
@Amirkabir:
Can you write a mini how-to for mailscanner package?
Configure package from left to right. All default options are in (yes/no)
-
Do i need to install postfix?
-
Yes. Install Postfix and then MailScanner, enable MailScanner in Antispam section of Postfix, Third part Antispam Settings.
-
I have 2 question about this package.
First of all i have installed it on a PFsense 2.1 appliance and it works perfectly, the mails flow without problem to a frakking Exchange 2007 Server.
My questions are:
-
how can modify the mail subject adding [SPAM] if the mail get > 5 spam points?
-
how can i setup a whitelist and blacklist based on mail address, maybe with wildcards for example *@contoso.com ?
-
-
hello marcelloc,I installed PF2.1 amd64 on new box with postfix and mailscanner.
everything running well,but i'm getting some warning messages from postfix and maillscanner,is it normal?
mailscanner warning:
Nov 18 16:16:33 mx01 MailScanner[94836]: MailScanner E-Mail Virus Scanner version 4.84.5 starting…
Nov 18 16:16:33 mx01 MailScanner[94836]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/MailScanner.conf
Nov 18 16:16:33 mx01 MailScanner[94836]: Reading configuration file /usr/pbi/mailscanner-amd64/etc/MailScanner/conf.d/README
Nov 18 16:16:33 mx01 MailScanner[94836]: Read 869 hostnames from the phishing whitelist
Nov 18 16:16:33 mx01 MailScanner[94836]: Read 5426 hostnames from the phishing blacklists
Nov 18 16:16:33 mx01 MailScanner[94836]: User's home directory /home/postfix does not exist
Nov 18 16:16:33 mx01 MailScanner[94836]: User's home directory /home/postfix is not writable
Nov 18 16:16:33 mx01 MailScanner[94836]: You need to set the "SpamAssassin User State Dir" to a directory that the "Run As User" can write to
Nov 18 16:16:33 mx01 MailScanner[94836]: Using SpamAssassin results cache
Nov 18 16:16:33 mx01 MailScanner[94836]: Connected to SpamAssassin cache database
Nov 18 16:16:33 mx01 MailScanner[94836]: Enabling SpamAssassin auto-whitelist functionality…
Nov 18 16:18:48 mx01 MailScanner[94836]: I have found clamd scanners installed, and will use them all by default.
Nov 18 16:18:48 mx01 MailScanner[94836]: Connected to Processing Attempts Database
Nov 18 16:18:48 mx01 MailScanner[94836]: Found 0 messages in the Processing Attempts Database
Nov 18 16:18:48 mx01 MailScanner[94836]: Using locktype = flockpostfix warning:
Nov 16 14:02:39 php: rc.start_packages: Postfix setup completed
Nov 16 14:02:39 php: rc.start_packages: Reloading/starting postfix
Nov 16 14:02:37 php: rc.start_packages: Writing rc_file
Nov 16 14:02:35 php: rc.start_packages: Writing out configuration
Nov 16 14:02:35 php: rc.start_packages: The command '/usr/local/sbin/postfix reload' returned exit code '1', the output was ''
Nov 16 14:02:35 postfix/postfix-script[94694]: fatal: the Postfix mail system is not running
Nov 16 14:02:35 syslogd: kernel boot file is /boot/kernel/kernel
Nov 16 14:02:35 syslogd: exiting on signal 15
Nov 16 14:02:33 php: rc.start_packages: sync_package_postfix called with via_rpc=no
Nov 16 14:02:33 php: rc.start_packages: Postfix setup completed
Nov 16 14:02:33 postfix/postfix-script[69449]: fatal: the Postfix mail system is not running
Nov 16 14:02:33 php: rc.start_packages: Reloading/starting postfix
Nov 16 14:02:31 php: rc.start_packages: Writing rc_file
Nov 16 14:02:31 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/transport' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:30 php: rc.start_packages: Starting MailScanner
Nov 16 14:02:29 php: rc.start_packages: Starting clamav-clamd daemon
Nov 16 14:02:29 postfix/postmap[38866]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:27 php: rc.start_packages: Writing out configuration
Nov 16 14:02:27 php: rc.start_packages: The command '/usr/local/sbin/postfix reload' returned exit code '1', the output was ''
Nov 16 14:02:25 postfix[38215]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:25 postfix[38032]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:24 php: rc.start_packages: Postfix setup completed
Nov 16 14:02:23 postfix/postmap[23753]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:23 syslogd: kernel boot file is /boot/kernel/kernel
Nov 16 14:02:23 syslogd: exiting on signal 15
Nov 16 14:02:23 check_reload_status: Syncing firewall
Nov 16 14:02:23 postfix[20523]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:23 php: rc.start_packages: sync_package_postfix called with via_rpc=no
Nov 16 14:02:23 php: rc.start_packages: Postfix setup completed
Nov 16 14:02:23 postfix[19402]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:23 php: rc.start_packages: Reloading/starting postfix
Nov 16 14:02:21 postfix[98592]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:21 php: rc.start_packages: Reloading/starting postfix
Nov 16 14:02:21 php: rc.start_packages: Writing rc_file
Nov 16 14:02:21 postfix/sendmail[97436]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:21 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/sender_access' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:19 php: rc.start_packages: Writing rc_file
Nov 16 14:02:19 postfix/sendmail[85730]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:19 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/sender_access' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:19 postfix/postmap[85628]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:19 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/transport' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:18 postfix/postmap[72952]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:17 postfix/postmap[72943]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:15 php: rc.start_packages: The command '/usr/pbi/postfix-amd64/sbin/postmap /usr/pbi/postfix-amd64/etc/postfix/transport' returned exit code '1', the output was 'postmap: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix'
Nov 16 14:02:15 php: rc.start_packages: Writing out configuration
Nov 16 14:02:15 php: rc.start_packages: The command '/usr/local/sbin/postfix reload' returned exit code '1', the output was ''
Nov 16 14:02:14 postfix/postmap[45331]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:13 postfix[45533]: fatal: file /usr/pbi/postfix-amd64/etc/postfix/main.cf: parameter mail_owner: unknown user name value: postfix
Nov 16 14:02:11 php: rc.start_packages: Writing out configuration
Nov 16 14:02:11 php: rc.start_packages: The command '/usr/local/sbin/postfix reload' returned exit code '1', the output was '' -
is it normal?
Does your postfix log errors stopped on Nov 16 or still alerting?
I'll check mailscanner user errors.
-
I have 2 question about this package.
First of all i have installed it on a PFsense 2.1 appliance and it works perfectly, the mails flow without problem to a frakking Exchange 2007 Server.
My questions are:
-
how can modify the mail subject adding [SPAM] if the mail get > 5 spam points?
-
how can i setup a whitelist and blacklist based on mail address, maybe with wildcards for example *@contoso.com ?
Any idea how to do this?
Plus i would like to know if is there a method, a service or even a specific log file to check mailscanner activity. -
-
Any idea how to do this?
IIRC, just select send action on antispam tab.
Plus i would like to know if is there a method, a service or even a specific log file to check mailscanner activity.
it's on postfix log(/var/log/maillog).
-
Well, probably mailscanner was not active, i believe that change in Postfix Forwarder settings "Message Hold mode" from auto to manual acl and setting headers with /^from:/ HOLD did the trick.
Now all spam emails are tagged with [SPAM?] prefix or [Disarmed] prefix. Now it's perfect.
From previous posts on this thread i've found out that is better to set the log to /var/log/maillog, now it's easier to check postfix and mailscanner activity with a simple tail command.
Thank you for your time and for your precious work.
I still need to figure out how to setup a local whitelist.
