Search found 27 matches

by cphillips
03 Dec 2020 11:23
Forum: Discussion
Topic: Nothing showing up in /var/log/maillog but EFA working
Replies: 3
Views: 2975

Re: Nothing showing up in /var/log/maillog but EFA working

I had exactly the same issue, I am so used to looking at /var/log/maillog to see what is going on.

I followed the link you posted webguyz and now logging is enabled!

This was on a brand new CentOS 8 build.

:)
by cphillips
25 Jul 2019 12:36
Forum: How-to
Topic: eFa server failing PCI Compliance scan
Replies: 7
Views: 17300

Re: eFa server failing PCI Compliance scan

Just to update this..

I had to disable TLS 1.0 and then prove that Postfix was 3.3.0 which then resulted in a PCI DSS pass!

Also had to setup a proper SSL certificate as the self generated one was failing.

Got there in the end.
by cphillips
15 Jul 2019 13:52
Forum: How-to
Topic: eFa server failing PCI Compliance scan
Replies: 7
Views: 17300

Re: eFa server failing PCI Compliance scan

Even the most recent vulnerability, CVE-2017-10140, has been fixed. v4 is running postfix version 3.3.0. http://www.postfix.org/announcements/postfix-3.2.2.html Thanks, I've raised a ticket with the scanning company for them to investigate as it does indeed look like false positives. I'll report ba...
by cphillips
14 Jul 2019 08:38
Forum: How-to
Topic: eFa server failing PCI Compliance scan
Replies: 7
Views: 17300

Re: eFa server failing PCI Compliance scan

Ok, I've now built an eFa 4.0 VM and still having the same issue, I also had security warning, TLS 1.0 enabled etc. I've sorted those out but still need to remedy the following: CVE Score Vector CVE-2009-2939 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C CVE-2008-4977 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C CVE-2011-0411 6...
by cphillips
10 Jul 2019 09:20
Forum: How-to
Topic: eFa server failing PCI Compliance scan
Replies: 7
Views: 17300

eFa server failing PCI Compliance scan

Hi, I run an eFa 3.0.2.6 server and it is scanned quarterly for compliance as we take credit card payments. The latest scan has failed with the following: Banner Based Vulnerabilities for Postfix smtpd CVEs: CVE-2009-2939 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C CVE-2008-4977 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C CV...
by cphillips
15 Jan 2018 20:48
Forum: How-to
Topic: 3.0.26 Quarantine reports failure
Replies: 1
Views: 2126

3.0.26 Quarantine reports failure

All, I've built a new EFA box and it's not sending out the quarantine reports at all, I'm seeing the following when running the cron job (/etc/cron.daily/mailwatch -> /usr/local/bin/mailwatch/tools/Cron_jobs/mailwatch_quarantine_report.php Warning: count(): Parameter must be an array or an object th...
by cphillips
23 Jan 2017 21:58
Forum: Discussion
Topic: PCI Compliance Scan results
Replies: 5
Views: 5285

Re: PCI Compliance Scan results

thewomble - thanks for the links, I'll take a read when I get a moment. I've also noticed that the mail server I am delivering messages too is rejecting them (it's an Exchange 2010 server) if I disable TLS 1.0. After some reading, it seems you can install support for later versions of TLS on Exchang...
by cphillips
23 Jan 2017 15:24
Forum: Discussion
Topic: PCI Compliance Scan results
Replies: 5
Views: 5285

Re: PCI Compliance Scan results

Thanks Shawn, I'll add that and see if it helps. I'm also after disabling TLS v1.0 and RC4. I did disable TLS v1.0 and some mails stopped coming through as it failed on a TLS handshake. RC4 I have added as: smtpd_tls_exclude_ciphers = RC4, aNULL smtp_tls_exclude_ciphers = RC4, aNULL to my main.cf.
by cphillips
23 Jan 2017 09:50
Forum: Discussion
Topic: PCI Compliance Scan results
Replies: 5
Views: 5285

PCI Compliance Scan results

All, One of the EFA servers I look after is for a company that has to have a PCI Compliance scan. I've had the results back and it's failing on the following against the EFA server: The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites . It is, therefore,...
by cphillips
13 Jan 2017 15:20
Forum: 3.x Bugs
Topic: Recent Messages
Replies: 11
Views: 7625

Re: Recent Messages

MCP now working too (was in 3.0.1.6) :dance: :D
by cphillips
09 Jan 2017 10:52
Forum: How-to
Topic: Block offensive emails in quarantine reports?
Replies: 2
Views: 2664

Re: Block offensive emails in quarantine reports?

You can set up custom SpamAssassin rules that classify these as high spam, and then filter the high spam out of the reports. If you need greater granularity, you can use MCP (which is a second instance of SpamAssassin that works the same way, just shows up as MCP in the GUI). Thanks Shawn, Are you ...
by cphillips
05 Jan 2017 14:08
Forum: How-to
Topic: Block offensive emails in quarantine reports?
Replies: 2
Views: 2664

Block offensive emails in quarantine reports?

All, My users are receiving their daily email quarantine reports fine. However, one user in particular is receiving emails offering sexual services, etc with unpleasant naming in the subject. Is there a way I can filter these out so they don't appear in the quarantine report? It's not too nice, espe...
by cphillips
16 Dec 2016 11:28
Forum: How-to
Topic: Increase frequency of quarantine reports
Replies: 3
Views: 3159

Re: Increase frequency of quarantine reports

In my case, I wish the quarantine report to be sent every 4 hours, I use crontab --------------------- 2 1,5,9,13,17,21 * * * /usr/local/bin/mailwatch/tools/Cron_jobs/quarantine_report.php >> /dev/null 2>&1 -------------------- And of course, every content of the quarantine report shows only th...
by cphillips
11 Dec 2016 21:57
Forum: How-to
Topic: Increase frequency of quarantine reports
Replies: 3
Views: 3159

Re: Increase frequency of quarantine reports

Anyone able to assist with this? I've taken a look in Webmin and can't locate the job but can see the job in cron.daily: [root@mail cron.daily]# cat mailwatch #!/bin/bash /usr/local/bin/mailwatch/tools/Cron_jobs/db_clean.php >> /dev/null 2>&1 /usr/local/bin/mailwatch/tools/Cron_jobs/quarantine_m...
by cphillips
11 Dec 2016 21:51
Forum: Discussion
Topic: Mysql root password
Replies: 4
Views: 6893

Re: Mysql root password

I've worked this out now!
by cphillips
08 Dec 2016 21:48
Forum: Discussion
Topic: Mysql root password
Replies: 4
Views: 6893

Re: Mysql root password

Can someone tell me where the password is now located for the SQL database? Is it still in /etc/EFA-Config - I have a password/string in there which I have tried with various user accounts but none work!

Any help appreciated.

I'm on 3.0.1.5.
by cphillips
08 Dec 2016 15:53
Forum: How-to
Topic: Increase frequency of quarantine reports
Replies: 3
Views: 3159

Increase frequency of quarantine reports

All,

At present, my users are receiving their quarantine reports at around 4am everyday. Is there a way to add an additional report that is sent out around 2pm so that they can release mails that may be being held back from the morning?
by cphillips
08 Dec 2016 15:27
Forum: Discussion
Topic: MailWatch web interface issue
Replies: 2
Views: 2547

Re: MailWatch web interface issue

Just to update this. I am pretty certain that the issue was caused by inadequate hardware resources. I was running it on an old Xeon server with 4Gb RAM and it would grind to a halt every hour or so. This was a physical install not a VM. I've now made use of a newer machine with more RAM and a bette...
by cphillips
01 Dec 2016 13:58
Forum: How-to
Topic: How I did setup let's encrypt on my EFA
Replies: 15
Views: 68349

Re: How I did setup let's encrypt on my EFA

DaN wrote:And the certificat is only used for web server?
Correct.
by cphillips
01 Dec 2016 13:55
Forum: Discussion
Topic: MailWatch web interface issue
Replies: 2
Views: 2547

MailWatch web interface issue

All, I have a weird issue with the web interface for MailWatch. It randomly drops out and won't allow users to connect to view their quarantined emails etc. I've tried restarting the mailscanner service but this hasn't made any difference. The EFA system is still receiving email messages as normal. ...
by cphillips
29 Nov 2016 22:54
Forum: How-to
Topic: EFA Mailserver stopped working!
Replies: 3
Views: 3108

Re: EFA Mailserver stopped working!

On your exchange do you have configure a connector to receive mail from efa server? Hi wilbourne, Yes, on the Exchange box you need to tell it to allow email to be received from the IP address of the EFA mail server/appliance. Once that's configured mail should start flowing to your Exchange server...
by cphillips
28 Nov 2016 12:40
Forum: How-to
Topic: How I did setup let's encrypt on my EFA
Replies: 15
Views: 68349

Re: How I did setup let's encrypt on my EFA

DaN wrote:It's just for the web server, right? (Port 443 has to be reachable from internet)
DaN

Correct - port 443 needs to be accessible. I turned on https support in the options, then followed ressels guide and it went through fine.

Thanks for the info ressel! :D

Colin
by cphillips
28 Nov 2016 12:10
Forum: How-to
Topic: EFA Mailserver stopped working!
Replies: 3
Views: 3108

Re: EFA Mailserver stopped working!

I've got it up and working again.

I installed Webmin, flushed the queue to get rid of the stuck message. I also restarted the MailScanner service. Doing these tasks seem to have brought it back to life!

Regards
Colin
by cphillips
28 Nov 2016 10:55
Forum: How-to
Topic: EFA Mailserver stopped working!
Replies: 3
Views: 3108

EFA Mailserver stopped working!

All, I've built a physical EFA Mailserver for a client. It was working great and I could access the MailScanner web interface just fine. I could see messages flowing into it and being passed to the Exchange Server. All of a sudden I now can't login to the MailScanner interface (via the web) and it i...
by cphillips
13 Nov 2016 19:34
Forum: Discussion
Topic: Build from scratch issue
Replies: 3
Views: 3041

Re: Build from scratch issue

Just to update this - installing from CD-ROM fixed the issue.. I now have a built mail gateway, updated to 3.0.1.5.

Regards
Colin