Search found 41 matches

by thewomble
25 Jan 2019 16:53
Forum: 3.x Bugs
Topic: Overzealous double extension filter
Replies: 2
Views: 177

Re: Overzealous double extension filter

I agree with henk, anything here with a double extension should beblocked, and is blocked here.

When I first "turned it on" I got some pain, now I cannot rememeber the last time anybody complained about it.
by thewomble
25 Jan 2019 16:48
Forum: 3.x How-to
Topic: Custom bad sites Phishtank.com
Replies: 12
Views: 532

Re: Custom bad sites Phishtank.com

Alleyviper ok I have downloaded and it works, thanks. But how does EFA use this data? I went to www.phishtank.com and took the url at the top of the list added it into phishing.bad.sites.custom saved it reloaded MailScanner sent myself an email externally with the phishing url Could not see how it u...
by thewomble
14 Jan 2019 20:33
Forum: 3.x Bugs
Topic: Sophos AV does no more work !
Replies: 22
Views: 1061

Re: Sophos AV does no more work !

I just done a mailscanner lint test and I got email notification, thinking about I not seem a Sophos notification in a while apart from EICAR test just done. A threat was detected during an on-demand scan. Details follow: 2 files scanned. Number of infections detected: 1 Number of infected files det...
by thewomble
09 Nov 2018 15:02
Forum: 3.x How-to
Topic: SSL on 3.0.2.5 - how to?
Replies: 5
Views: 396

Re: SSL on 3.0.2.5 - how to?

If you are using the same certificate for both TLS (mail) and HTTPS (web)

You have to make sure you have the appropiate lines in main.cf for the mail

and httpd.conf / or / ssl.conf for apache

I use a Digicert wildcard to do the same.
by thewomble
06 Nov 2018 14:37
Forum: 3.x How-to
Topic: SSL on 3.0.2.5 - how to?
Replies: 5
Views: 396

Re: SSL on 3.0.2.5 - how to?

Is Apache running?

service httpd start

or service httpd restart

does that throw any errors?
by thewomble
26 Oct 2018 11:54
Forum: 3.x How-to
Topic: Block Office documents with Macro's and notify recipient, rulebased
Replies: 8
Views: 1969

Re: Block Office documents with Macro's and notify recipient, rulebased

I agree with above user education is key. They are the best spam dectector you have got with the correct training/education.

The spammers/malware vendors will spoof/rewrite the headers so you may end up hurting your users more with legitimate macro enabled documents depending on what you do.
by thewomble
29 Sep 2018 20:14
Forum: 3.x How-to
Topic: Internet <-> Encryption Gateway <-> EFA <-> Exchange -> How to set up? [FIXED]
Replies: 2
Views: 342

Re: Internet <-> Encryption Gateway <-> EFA <-> Exchange -> How to set up?

What is the purpose of the Encryption Gatway? To send mail out encrypted using PKI (like PGP), or send a web messenger link if PKI is not avilable and decrypt the replies? I would recommend the inbound mail flow Internet >>> EFA >>> Encryption GW >> Exchange, EFA is be better placed the protect you ...
by thewomble
27 Sep 2018 10:53
Forum: Discussion
Topic: multiple domain
Replies: 3
Views: 392

Re: multiple domain

in etc/postfix/main.cf add you domains to line

relay_domains = domain1.com, domain2.com, domain3.com

in etc/postfix/transport

domain1.com smtp:[x.x.x.x]
domain2.com smtp:[x.x.x.x]
domain3.com smtp:[x.x.x.x]

where x.x.x.x is your exchnage server

remember to do "postmap /etc/postfix/transport"
by thewomble
25 Sep 2018 21:34
Forum: Discussion
Topic: multiple domain
Replies: 3
Views: 392

Re: multiple domain

The short answer is yes, it supports as many domains as you want to front. EFA is mailgateway, it not a mail server for accounts, I use it to front an Microsoft exchange environment, so you would also a server behind for IMAP and POP accounts and webmail , eg https://www.dovecot.org/ However see htt...
by thewomble
15 Jun 2018 19:43
Forum: Discussion
Topic: TLS error
Replies: 7
Views: 1098

Re: TLS error

If you have a need/requirement enforce TLS inbound from certain domains. This is an HOW TO: create a file /etc/postfix/tls_server_policy_sender sender-must-be-tls.com reject_plaintext_session In main.cf add check_sender_access hash:/etc/postfix/tls_server_policy_sender, under smtpd_sender_restrictio...
by thewomble
15 May 2018 20:29
Forum: Discussion
Topic: ARC - Authenticated Received Chain
Replies: 2
Views: 747

Re: ARC - Authenticated Received Chain

Currently having a play with this. Compile the OpenARC package: cd git clone https://github.com/trusteddomainproject/OpenARC cd OpenARC autoreconf -fvi ./configure make make install ldconfig And check if the libs are found with: Verify that the package can be run: openarc -V openarc: OpenARC Filter ...
by thewomble
03 Jan 2018 16:02
Forum: 3.x How-to
Topic: Multiple destination server
Replies: 2
Views: 793

Re: Multiple destination server

example.com :[gateway.example.com]

where gateway.example.com would two A records 1.1.1.1 and 1.1.1.2 it would round rob, so send to both.

or use load balancer for sending to 1.1.1.1 and 1.1.1.2 if the first is not available, do not think this logic is available in postfix.
by thewomble
09 Oct 2017 17:04
Forum: 3.x Feature Requests
Topic: View mail Log
Replies: 5
Views: 2504

Re: View mail Log

I have been using tail -f /var/log/maillog to view the maillog log in realtime via SSH I have just installed log.io which allows you view whatever log you want using a browser, plus it allows you to filter in real time. I followed https://www.tecmint.com/linux-server-log-monitoring-with-log-io/ Word...
by thewomble
09 Oct 2017 15:21
Forum: 3.x How-to
Topic: HOWTO - Mailq monitor alerting
Replies: 1
Views: 544

HOWTO - Mailq monitor alerting

I have had an issue where the mail queue grew, which a reboot of EFA fixed, not sure why. However I wanted to create a monitor when send an email alert once this got over a certain threshold, so I created a script as below and saved it to /usr/local/bin/mailqcheck.sh Simply change alertemail variabl...
by thewomble
14 Sep 2017 22:06
Forum: 3.x How-to
Topic: Configuring EFA
Replies: 7
Views: 1243

Re: Configuring EFA

I use WINSCP to make changes to the files, using the built in editor.

Tera Term Pro (SSH) for console access.
by thewomble
24 Aug 2017 15:59
Forum: Discussion
Topic: EFA vs DKIM signing plug in module
Replies: 3
Views: 931

Re: EFA vs DKIM signing plug in module

DKIM can be found here

viewtopic.php?t=1006



While you are at it implement DMARC see viewtopic.php?f=14&t=2616
by thewomble
24 Aug 2017 15:54
Forum: Discussion
Topic: SPF not working
Replies: 12
Views: 4112

Re: SPF not working

Check your SPF record is correct

https://vamsoft.com/support/tools/spf-syntax-validator

Have you an example of the one of the domains?
by thewomble
21 Aug 2017 19:12
Forum: Discussion
Topic: Pyzor Questions
Replies: 25
Views: 3646

Re: Pyzor Questions

Wow this as been busy while I been away on leave.

I notice pyzor.nova53.net is listed, is this a look source to add to the setup?

Is the pyzor.scrolloutf1 worth adding for those that have tested it?
by thewomble
21 Aug 2017 18:28
Forum: 3.x How-to
Topic: Implementing DMARC : How to
Replies: 1
Views: 1795

Implementing DMARC : How to

I was asked to get DMARC working on top of the EFA box. So I read the forum post here which discussed does EFA support SPF/DKIM/DMARC https://forum.efa-project.org/viewtopic.php?f=5&t=2239&p=8518&hilit=DMARC#p8518 DKIM can be found here https://forum.efa-project.org/viewtopic.php?t=1006 This assumes...
by thewomble
26 Jul 2017 12:16
Forum: Discussion
Topic: Pyzor Questions
Replies: 25
Views: 3646

Re: Pyzor Questions

With regards to version 1.0 it was more a question of any dependances that anybody was aware of. I have going to download and have a play and report back once was working. Pyzor is working, Pyzor ping works. Tried /var/spool/postfix/.pyzor also tried /var/spool/MailScanner/spammassassin but Pyzor pi...
by thewomble
25 Jul 2017 13:17
Forum: Discussion
Topic: Pyzor Questions
Replies: 25
Views: 3646

Pyzor Questions

I noticed that the Pyzor on the latest EFA is version 0.7, while version 1.0 is available.

Do you know of a reason to not move to 1.0?

Also where are of the configuration files, I was looking add "pyzor.scrolloutf1.com:24441" as another server to the default.
by thewomble
25 Jul 2017 12:22
Forum: 3.x How-to
Topic: Multiple Domains, Mailservers, different user verification, Cluster
Replies: 2
Views: 1111

Re: Multiple Domains, Mailservers, different user verification, Cluster

RavioliKing If I am reading you correct you want to create a list of valid recipients email addresses and reject unknown ones, and these list will come from multiple servers, is this multiple AD's? I have two different AD domains, I extract all valid emails addresses from the two AD, merge the files...
by thewomble
13 Jun 2017 21:57
Forum: 3.x How-to
Topic: DHL Spam
Replies: 3
Views: 1609

Re: DHL Spam

if your code works, go with I am not an expert on SA coding. I was suggesting an alternative to the problem, since I added "reject_non_fqdn_sender" I very rarely get DHL spam anymore. I also force inbound TLS for common delivery company like dhl.com get rid the spoofed, zombie PCs tend not to do TLS...