Mailscanner + spamassassin + clamav package
-
Hi all,
version 0.2.1 of mailscanner is out.I too am having problems with the current version ( 4.83.5 pkg v0.2), the GUI does not reflect the newer version you have released, where might i install this from using pkg?
thanks,
greg -
There is a post from Jimp saying that there is problem on replication to production server.
The solution is just wait. :(
-
standing by..
thanks!
g -
Its up again, try to upgrade the package and feedback ;)
-
Try to load the package and all I get is
Checking for package installation…
Downloading http://e-sac.siteseguro.ws/pfsense/8/All/MailScanner-4.83.5.tbz ... could not download from there or http://ftp2.FreeBSD.org/pub/FreeBSD/ports/i386/packages-8.1-release/All/MailScanner-4.83.5.tbz.
of MailScanner-4.83.5 failed!Regards
Andrew
-
Try to load the package and all I get is
Checking for package installation…
Downloading http://e-sac.siteseguro.ws/pfsense/8/All/MailScanner-4.83.5.tbz ... could not download from there or http://ftp2.FreeBSD.org/pub/FreeBSD/ports/i386/packages-8.1-release/All/MailScanner-4.83.5.tbz.
of MailScanner-4.83.5 failed!Regards
Andrew
Hi Andrew,
Can you try to browse this folder http://e-sac.siteseguro.ws/pfsense/8/All/
I just reinstalled the package to test and it worked.
-
NO - tried IE & firefox
Andrew
-
I'll check with my host provider and feedback
-
Unable to resolve e-sac.siteseguro.ws on a dns lookup.
Regards
Andrew
-
Unable to resolve e-sac.siteseguro.ws on a dns lookup.
I've tried access this url from many random web proxies and all listed site content.
can you try changing you dns server to 8.8.8.8 (google)?
-
I got the page to view
-
We run pfblocker on the firewall - disabled it and the page appears - I wonder which list your site is on?
Regards
Andrew
-
Spoke too soon - yes I can see the page - but still unable to install the package - exact same fail message "unable to download"
Andrew
-
Tried to download the package manually - Clamd rejected access to the page?
Andrew
-
We run pfblocker on the firewall - disabled it and the page appears - I wonder which list your site is on?
The host is in Brazil, maybe you applied deny both on top spammers list.
-
Tring to put an exception for your site above the pfblock list - otherwise I might have to be less harsh on what is blocked!
The package now seems to be installed OK - time to start tuning!
Andrew
-
I might have to be less harsh on what is blocked!
There are good guys on Brazil too ;)
You can change pfBlocker top spammers action to alias online and then block access only to port 25.
-
After a bit of playing it appears that everything is working - I say appears because whilst known good messages get passed and deliberate bad messages do not appear, I seem unable to get any report/log/message about what mailscanner is actually doing. What is it rejecting beyond my known, deliberately introduced spam. Looked at a few guides to mailscanner and finished up confused.
Is there a simple(!) "how to get activity reports out of mailscanner"
Thanks
Andrew
-
It's quite simple
If you have selected on general tab
-
log destination = /var/log/maillog
-
update frequency = every Xminutes
Simple go to diagnostics -> search mail
Select:
-
log type = QUEUE
-
iCTRL+CLICK Status info on Message fields
-
select sqlite file(s) to search
-
and press search
-
-
Thanks, but what I was after is why things are rejected and potentially review rejected/quarantined items for subsequent approval (or have I missed something in my setup?)
Andrew
-
On this current version, you are able only to see amount of messages on quarantine.
status -> postfix queue
the mailscanner package use native sqlite2 databases while mailscanner use sqlite3 to store quarantine data.
There is a way to enable sqlite3 on mailscanner, but I'll need to rewrite a lot to update it to sqlite3 only.
Maybe next version I include a tab for quarantine.
Today I use only reject, attach or subject action for spam on my system.
If you really need this, you can make a donation to mailscanner package so I can write it for you.
-
Just found the following in the log
php: : The command '/usr/local/dcc/dcc_conf stop' returned exit code '126', the output was '/usr/local/dcc/dcc_conf: Permission denied'
Also seem to be having some problems with what should be spam identified by rules in postfix is actually being passed - maybe best in the morning rather than late on a sunday night!
Andrew
-
Did you:
Inlcude /^Subject:/ WARN line in Acl Headers after all your Subject rules.
enabled thirdpart antispam, selected message hold mode and software?
enabled all default options(yes) on mailscanner gui?Can you see mailscanner action with a tail -f /var/log/maillog | grep -i mailscanner
-
Had the WARN line as the first line in the ACL header - trying as last line
Mailscanner enables, queue set to auto and mailscanner+ spam+ virus selected.
Exactly which option in mailscanner gui are you referring to?
One discovery - it looks like most of the problems are related to mail retrieved from a pop3 mailbox by fetchmail.
Andrew
-
One discovery - it looks like most of the problems are related to mail retrieved from a pop3 mailbox by fetchmail.
Mailscanner works together with postfix, how fetchmail forward these messages to postfix daemon?
-
Fetchmail is running on another box (Ubuntu) and forwards to the pfsense box running the scanner.
Just had a complete freeze of the scanner and had to rebuild from scratch - the install hung at
PCRE-8.21-1.TBZ (Extracting) after I hit enter it continued.
-
Not sure that my theory of using another machine to run fetchmail is going to work. It appears that the SMTP traffic (going direct to pfsense scanner) is being processed correctly, but POP3 traffic collected by the other machine using fetchmail and then forwarded to the scanner is not being scanned for spam - my guess is that because it is on the same network it assumes it is whitelisted? Or am I more confused than usual?
Andrew
-
On this current version, you are able only to see amount of messages on quarantine.
status -> postfix queue
the mailscanner package use native sqlite2 databases while mailscanner use sqlite3 to store quarantine data.
There is a way to enable sqlite3 on mailscanner, but I'll need to rewrite a lot to update it to sqlite3 only.
Maybe next version I include a tab for quarantine.
Today I use only reject, attach or subject action for spam on my system.
If you really need this, you can make a donation to mailscanner package so I can write it for you.
I would be interested in a quarantine tab with a release and whitelist function for valid messages that get caught in the filter.
please PM me with what you feel an appropriate donation would beUPDATE: After speaking to Marcello over PM, he has agreed to work on adding a quarantine tab to the mailscanner. I have made a donation to this effort and encourage anyone else that is interested to please donate as well. I feel a the addition of the quarantine / white list function adds a lot of value and functionality. Right now I have many clients using hosted solutions for spam filtering but would much prefer to have the it on my pfsense installations
-
Hi Marcello
Do you have any updates on SASL authentication and if/when it may be included in this great package?
I would love to migrate our existing SMTP solution over to this but the lack of authentication is the only thing stopping me.
Cheers,
James
-
Hi Marcello
Do you have any updates on SASL authentication and if/when it may be included in this great package?
I would love to migrate our existing SMTP solution over to this but the lack of authentication is the only thing stopping me.
Cheers,
James
smtp auth is from postfix package, I've posted an answer there :)
http://forum.pfsense.org/index.php/topic,40622.msg243900.html#msg243900
-
hi all
I am trying the mailscanner-dev pkg and I am receiving this on the logs:
Mar 7 15:42:43 firewalla MailScanner[14828]: MailScanner E-Mail Virus Scanner version 4.83.5 starting…
Mar 7 15:42:43 firewalla MailScanner[14828]: Reading configuration file /usr/local/etc/MailScanner/MailScanner.conf
Mar 7 15:42:43 firewalla MailScanner[14828]: Reading configuration file /usr/local/etc/MailScanner/conf.d/README
Mar 7 15:42:43 firewalla MailScanner[14828]: Could not read file /usr/local/share/MailScanner/reports//inline.spam.warning.txt
Mar 7 15:42:43 firewalla MailScanner[14828]: Error in line 393, file "/usr/local/share/MailScanner/reports//inline.spam.warning.txt" for inlinespamwarning does not exist (or can not be read)
Mar 7 15:42:43 firewalla MailScanner[14828]: Could not read file /usr/local/share/MailScanner/reports//languages.conf
Mar 7 15:42:43 firewalla MailScanner[14828]: Error in line 187, file "/usr/local/share/MailScanner/reports//languages.conf" for languagestrings does not exist (or can not be read)
Mar 7 15:42:43 firewalla MailScanner[14828]: Syntax error in line 143, value "" for allowiframetags is not one of allowed values "yes","disarm","no"
Mar 7 15:42:43 firewalla MailScanner[14828]: Syntax error in line 144, value "" for allowformtags is not one of allowed values "yes","disarm","no"
Mar 7 15:42:43 firewalla MailScanner[14828]: Syntax error in line 150, value "" for allowobjecttags is not one of allowed values "yes","disarm","no"
Mar 7 15:42:43 firewalla MailScanner[14828]: Syntax error in line 145, value "" for allowscripttags is not one of allowed values "yes","disarm","no"
Mar 7 15:42:43 firewalla MailScanner[14828]: Syntax error in line 146, value "" for allowwebbugtags is not one of allowed values "yes","disarm","no"
Mar 7 15:42:43 firewalla MailScanner[14828]: Connected to Processing Attempts Database
Mar 7 15:42:43 firewalla MailScanner[14828]: Found 0 messages in the Processing Attempts Database
Mar 7 15:42:43 firewalla postfix/postscreen[54168]: DNSBL rank 3 for [177.103.221.63]:2184
Mar 7 15:42:43 firewalla MailScanner[14828]: Using locktype = flockGiacomo
-
I tools like you need to select another language report.
reports//languages.conf
should be
reports/some_language/languages.conf
-
thanks now it works!
compliments for the great job!!!!(I needed to set 'no' and again 'disarm' "Removing/Logging dangerous or potentially offensive content" directives to make it works).
Giacomo
-
I tried to re-install the system (I am using I386) from scratch, and I wrote some notes that may be of help:
sa-spamd and clamd start
manually added:
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"
spamd_enable="YES"
to /etc/rc.conf/localDeliver from postfix to mailscanner, manually added:
header_checks = regexp:/usr/local/etc/postfix/header_checks to /usr/local/etc/postfix/main.cf
created the /usr/local/etc/postfix/header_checks with '/^Received:/ HOLD' inside
restarted with postfix reload
I didn't find the options that make this work from the web configurator <– help please! :)Cannot lock /var/spool/MailScanner/incoming/Locks/clamavBusy.lock, No such file or directory
chown -R postfix /var/spool/MailScanner/incoming/Locks.This is a very usefull pkg, thanks to Marcello for the great work!
Giacomo
-
I use all these options with no file hacking.
Did you installed postfix pfsense package to work with mailscanner?
-
I use all these options with no file hacking.
Did you installed postfix pfsense package to work with mailscanner?
Installed first postfix forward and then mailscanner-dev
Giacomo
-
header checks are on services -> postfix forwarder -> access lists
-
Hello all
I have installed Posfix Forwarder and the mailscanner + spamassassin + clamav package. Postfix is working wonderfully but I think I must have somthing wrong in my configuration with mailscanner. In Postfix I have the 3rd party option enabled / The mode is set to auto. I have the mailscanner package enabled as well as the CLAMAV and spam assassin options enabled. But when I run the GFI Security Test EVERYTHING get through.When I look at the process list for mailscanner I see
55735 ?? S 0:05.39 MailScanner: waiting for messages (perl5.12.4)
56936 ?? S 0:04.45 MailScanner: waiting for messages (perl5.12.4)
59478 ?? S 0:04.08 MailScanner: waiting for messages (perl5.12.4)
60031 ?? S 0:04.05 MailScanner: waiting for messages (perl5.12.4)when I run tail -f /var/log/maillog |grep -i mailscanner
I get nothing?
if I restart mailscanner I get this
Mar 9 11:06:58 mailgateway MailScanner[55777]: Using locktype = flock
Mar 9 11:07:02 mailgateway MailScanner[57182]: MailScanner E-Mail Virus Scanner version 4.83.5 starting…
Mar 9 11:07:02 mailgateway MailScanner[57182]: Reading configuration file /usr/ local/etc/MailScanner/MailScanner.conf
Mar 9 11:07:02 mailgateway MailScanner[57182]: Reading configuration file /usr/ local/etc/MailScanner/conf.d/README
Mar 9 11:07:07 mailgateway MailScanner[56126]: Connected to Processing Attempts Database
Mar 9 11:07:07 mailgateway MailScanner[56126]: Found 0 messages in the Processi ng Attempts Database
Mar 9 11:07:07 mailgateway MailScanner[56126]: Using locktype = flock
Mar 9 11:07:07 mailgateway MailScanner[58764]: MailScanner E-Mail Virus Scanner version 4.83.5 starting…
Mar 9 11:07:07 mailgateway MailScanner[58764]: Reading configuration file /usr/ local/etc/MailScanner/MailScanner.conf
Mar 9 11:07:07 mailgateway MailScanner[58764]: Reading configuration file /usr/ local/etc/MailScanner/conf.d/README
Mar 9 11:07:08 mailgateway MailScanner[57182]: Connected to Processing Attempts Database
Mar 9 11:07:08 mailgateway MailScanner[57182]: Found 0 messages in the Processi ng Attempts Database
Mar 9 11:07:08 mailgateway MailScanner[57182]: Using locktype = flock
Mar 9 11:07:16 mailgateway MailScanner[58764]: Connected to Processing Attempts Database
Mar 9 11:07:16 mailgateway MailScanner[58764]: Found 0 messages in the Processing Attempts Database
Mar 9 11:07:16 mailgateway MailScanner[58764]: Using locktype = flockany help is apperciated
-
check if you can find /^from:/ HOLD on view configuration -> header check
If not, change mailscanner Message Hold mode on antispam tab to manual and include the above line on access lists -> header
-
check if you can find /^from:/ HOLD on view configuration -> header check
If not, change mailscanner Message Hold mode on antispam tab to manual and include the above line on access lists -> header
That worked
thank you marcello
