Mailscanner + spamassassin + clamav package
-
serialdie, when I try do insert new user with name "clamav" pfSens reply The following input errors were detected: That username is reserved by the system.
-
I can´t change config file MailScanner.conf in /usr/pbi/mailscanner-i386/etc/MailScanner, I´m trying to change user to root and disable "Sign clean messages", but after postfix restart or pfSense reboot settings still unchanged.
Run As User = postfix > root
Run As Group = postfix > root
Sign Clean Messages = yes > noI trying to fix clamd permission issue as marcelloc replied in previous post: https://forum.pfsense.org/index.php/topic,43687.msg380590.html#msg380590
-
Ok I found a post telling to change MailScanner.conf.template in /usr/local/pkg in order to change main MailScanner.conf, so MailScanner is running with user and group "root" but the error persists whith clamd:
Clamd::ERROR:: UNKNOWN CLAMD RETURN ./lstat() failed: Permission denied. ERROR :: /var/spool/MailScanner/incoming/95705
I don´t know what to do to fix because antivirus isn´t working.
-
After 2.1.3 upgrade I needed to add:
ln -fs /usr/pbi/postfix-i386/sbin/sendmail /usb/sbin/sendmail
Giaco
-
Is it possible to disable the Mailscanner inline sig from the web gui ?
At the moment I erased the content of the two files: inline.sig.txt and inline.sig.html.
But I have to do at each update.Giaco
-
Giaco, if you want to remove inline signature
Install Filer package to keep files after updates, load in Filer file /usr/local/pkg/mailscanner.conf.template and edit these lines, save and after that restart MailScannerSign Messages Already Processed = no Sign Clean Messages = no -
I use it with Message Hold mode= manual using acls
and I put /^from:/ HOLD on header acls
What are the differences between:
/^Received:/ HOLD or /^From:/ HOLD
on postfix header_check ?
Giacomo
-
I use splunk to analyze logs, but I would like to use also the sqlite search system integrated with postfix pkg.
Is there the way to use both /var/log/maillog and system logs as logging destinations ?Giacomo
-
root@:~# /usr/local/bin/sa-update -D –no-gpg
dbg: logger: adding facilities: all
dbg: logger: logging level is DBG
dbg: generic: SpamAssassin version 3.4.0
dbg: generic: Perl 5.016003, PREFIX=/usr/pbi/mailscanner-amd64, DEF_RULES_DIR=/usr/pbi/mailscanner-amd64/share/spamassassin, LOCAL_RULES_DIR=/usr/pbi/mailscanner-amd64/etc/mail/spamassassin, LOCAL_STATE_DIR=/var/db/spamassassin
dbg: config: timing enabled
dbg: config: score set 0 chosen.
dbg: generic: sa-update version svn1475932
dbg: generic: using update directory: /var/db/spamassassin/3.004000
dbg: diag: perl platform: 5.016003 freebsd
dbg: diag: […] module installed: Digest::SHA, version 5.71
dbg: diag: […] module installed: HTML::Parser, version 3.71
dbg: diag: […] module installed: Net::DNS, version 0.74
dbg: diag: […] module installed: NetAddr::IP, version 4.069
dbg: diag: […] module installed: Time::HiRes, version 1.9726
dbg: diag: […] module installed: Archive::Tar, version 1.82
dbg: diag: […] module installed: IO::Zlib, version 1.10
dbg: diag: […] module not installed: Digest::SHA1 ('require' failed)
dbg: diag: […] module installed: MIME::Base64, version 3.13
dbg: diag: […] module installed: DB_File, version 1.826
dbg: diag: […] module installed: Net::SMTP, version 2.31
dbg: diag: […] module installed: Mail::SPF, version v2.009
dbg: diag: […] module not installed: Geo::IP ('require' failed)
dbg: diag: […] module not installed: Razor2::Client::Agent ('require' failed)
dbg: diag: […] module installed: IO::Socket::IP, version 0.29
dbg: diag: […] module installed: IO::Socket::INET6, version 2.69
dbg: diag: […] module installed: IO::Socket::SSL, version 1.981
dbg: diag: […] module installed: Compress::Zlib, version 2.048
dbg: diag: […] module not installed: Mail::DKIM ('require' failed)
dbg: diag: […] module installed: DBI, version 1.631
dbg: diag: […] module installed: Getopt::Long, version 2.38
dbg: diag: […] module not installed: LWP::UserAgent ('require' failed)
dbg: diag: […] module installed: HTTP::Date, version 6.02
dbg: diag: […] module installed: Encode::Detect, version 1.01
dbg: diag: […] module not installed: Net::Patricia ('require' failed)
dbg: channel: attempting channel updates.spamassassin.org
dbg: channel: using existing directory /var/db/spamassassin/3.004000/updates_spamassassin_org
dbg: channel: channel cf file /var/db/spamassassin/3.004000/updates_spamassassin_org.cf
dbg: channel: channel pre file /var/db/spamassassin/3.004000/updates_spamassassin_org.pre
dbg: channel: metadata version = 1588424, from file /var/db/spamassassin/3.004000/updates_spamassassin_org.cf
dbg: dns: 0.4.3.updates.spamassassin.org => 1588424, parsed as 1588424
dbg: channel: current version is 1588424, new version is 1588424, skipping channel
dbg: diag: updates complete, exiting with code 1
root@:~#How to fix this?
I've tried to install the missing modules manually in:
/usr/pbi/mailscanner-amd64/lib/perl5
and
/usr/local/lib/perl5
but nothing changed?
2.1.3-RELEASE (amd64)
built on Thu May 01 15:52:13 EDT 2014
FreeBSD 8.3-RELEASE-p16mailscanner 4.84.6 pkg v.0.2.5
-
Can we please have a change log for the new 0.2.6 version? Thanks.
Unrar virus scanning is broken, I've fixed it by installing the pkg's via
pkg_add -r unrar
even unrar already exists in /usr/pbi/mailscanner-amd64/bin?
-
Installed on my pfSense Postfix Forwarder + Mailscanner. It all started, in the logs there are no errors, the mail goes through Postfix Forwarder (seen in the logs), but the feeling that the mail is not processed in Mailscanner. Because attaches are not cut, no entries in the logs. Where could be the problem? In the Third part Antispam Settings checkbox enabled, the package is selected.
-
Hi guys,
Guess this could be more of a mental healthcheck :)
In my MailScanner.conf file I have the follolwing entries:
Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf
Phishing Bad Sites File = %etc-dir%/phishing.bad.sites.conf
Country Sub-Domains List = %etc-dir%/country.domains.confI have noticed that the content of these never update, the file timestamp never chanegs as well.
Should these file update? I cannot see an option within MailScanner to updates (or schedule) and nothing in Cron is jumping out at me?
To be honest I am not even sure what other .conf or clamav files should update? (EDIT- ahh just realised clamav is installed with postfix. Still not finding info on the other.conf files though)
Am I missing something here?
Thanks in advance for you help.
Cheers
-
MailScanner uses spamassassin, so you need to check
**/var/db/spamassassin/3.004000 >
/var/db/spamassassin/3.004000/updates_spamassassin_org**
for updates. Execute
/usr/local/bin/sa-update -v –no-gpg
and look if anything is changing in the above shown paths.
-
Anyone has installed the MAilscanner 4.84.6 pkg v.0.2.10, because I did it and then probe again in a fresh installation of pfsense 2.1.5 but the service doesn't start.
Also when I change the configuration from the gui it didn't update de mailscanner.conf file.
Thanks. -
seba1234
I just recently updated my pfSense from 2.1 to 2.1.5 and found that my Mailscanner (4.84.6 pkg v.0.2.10) service would not start. In order for Mailscanner to start properly on my system, I had to fix the file directory pointer in /usr/local/pkg/mailscanner.inc on line 37
current line is if ($pf_version != "2.1")
new line to if ($pf_version != "2.1.5")
This was the simplest way for me to fix the MailScanner configuration for 2.1.5. I'm sure there is a more proper way to fix this issue and I welcome insight, but as I said, it was the simplest path for me.
-
I had to reinstall my pfsense today. Restored my packages from a backup file and mailscanner failed to load.
Using the fix from EHN_Helpdesk worked for me.
Cheers
PS: Thanks very much EHN_Helpdesk for the fix. I would have never ever worked that out for myself.
-
Thanks Bismark
Well now that I have my mailscanner running I can see that spamassassin data is changing inside /var/db/spamassassin/3.004000 when I run the update command (with no errors).
I am still seeing that these files are still not updating:
Phishing Safe Sites File = /usr/pbi/mailscanner-i386/etc/MailScanner/phishing.safe.sites.conf
Phishing Bad Sites File = /usr/pbi/mailscanner-i386/etc/MailScanner/phishing.bad.sites.conf
Country Sub-Domains List = /usr/pbi/mailscanner-i386/etc/MailScanner/country.domains.confPhishing Bad Sites for example is still stating:
This file was generated at Mon Mar 5 14:20:01 GMT 2012
I can see form here a newer version:
http://www.mailscanner.eu/phishing.bad.sites.conf.master
Do I need to add another command into cron to get these updated, or?
Cheers all again for your great support.
-
I am still seeing that these files are still not updating:
Phishing Safe Sites File = /usr/pbi/mailscanner-i386/etc/MailScanner/phishing.safe.sites.conf
Phishing Bad Sites File = /usr/pbi/mailscanner-i386/etc/MailScanner/phishing.bad.sites.conf
Country Sub-Domains List = /usr/pbi/mailscanner-i386/etc/MailScanner/country.domains.confPhishing Bad Sites for example is still stating:
This file was generated at Mon Mar 5 14:20:01 GMT 2012
I can see form here a newer version:
http://www.mailscanner.eu/phishing.bad.sites.conf.master
Do I need to add another command into cron to get these updated, or?
Cheers all again for your great support.
/usr/local/libexec/MailScanner/update_bad_phishing_sites.cron
Looks like this update script is broken, the only way to update is manually via the pfsense webgui. But anyway thats just a very small anti-phishing mechanism of mailscanner, the real power comes with spamassassin.
Subscribe few SA channels and keep them updated via shell script/cron.
-
Disable pyzor checks and see if spamassassin starts working.
Hi Marcello
I found that the problem is bayes
If I disable 'use bayes (YES)' spamassassin starts!
I've tried sa-learn –sync, but it didn't fixedhere the spamassassin -D --lint output
http://nopaste.info/2ebbbaca23.html
Giacomo
After latest upgrades (pfsense 2.1.5 and mailscanner 4.84.6 pkg v.0.2.10) I am able to use Spamassassin and Bayes.
But while mails are coming from the console I see :ps aux | grep Z
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
postfix 77416 24.1 0.0 0 0 ?? ZN 10:51AM 0:03.18 <defunct>postfix 17024 0.0 0.0 0 0 ?? Z 10:47AM 0:05.15 <defunct>postfix 29545 0.0 0.0 0 0 ?? Z 10:35AM 0:04.16 <defunct>postfix 29839 0.0 0.0 0 0 ?? Z 10:35AM 0:04.66 <defunct>postfix 31218 0.0 0.0 0 0 ?? Z 10:35AM 0:05.43 <defunct>from logs I can see only:
"Process did not exit cleanly, returned 0 with signal 11"some hint to debug this ?
thanksGiacomo</defunct></defunct></defunct></defunct></defunct>
-
Thank you EHN_Helpdesk, I appied your solution and it works.
