Search found 43 matches

by thewomble
30 Apr 2019 13:39
Forum: Discussion
Topic: messages with KAM_DRIVENUM 5.0 qurantined
Replies: 3
Views: 281

Re: messages with KAM_DRIVENUM 5.0 qurantined

Add below into local.cf

Code: Select all

score KAM_DRIVENUM 0.0
score KAM_COUK 0.0
This will score the objects with 0
by thewomble
30 Apr 2019 13:27
Forum: 3.x Feature Requests
Topic: Option to Disable KAM
Replies: 1
Views: 344

Re: Option to Disable KAM

in your local.cf set your own scores for the values that are giving you issues.

score KAM_LAZY_DOMAIN_SECURITY 0.00

If the rule triggers it will use the value in local.cf, so set the values as you see fit.
by thewomble
25 Jan 2019 16:53
Forum: 3.x Bugs
Topic: Overzealous double extension filter
Replies: 2
Views: 203

Re: Overzealous double extension filter

I agree with henk, anything here with a double extension should beblocked, and is blocked here.

When I first "turned it on" I got some pain, now I cannot rememeber the last time anybody complained about it.
by thewomble
25 Jan 2019 16:48
Forum: 3.x How-to
Topic: Custom bad sites Phishtank.com
Replies: 12
Views: 655

Re: Custom bad sites Phishtank.com

Alleyviper ok I have downloaded and it works, thanks. But how does EFA use this data? I went to www.phishtank.com and took the url at the top of the list added it into phishing.bad.sites.custom saved it reloaded MailScanner sent myself an email externally with the phishing url Could not see how it u...
by thewomble
14 Jan 2019 20:33
Forum: 3.x Bugs
Topic: Sophos AV does no more work !
Replies: 22
Views: 1221

Re: Sophos AV does no more work !

I just done a mailscanner lint test and I got email notification, thinking about I not seem a Sophos notification in a while apart from EICAR test just done. A threat was detected during an on-demand scan. Details follow: 2 files scanned. Number of infections detected: 1 Number of infected files det...
by thewomble
09 Nov 2018 15:02
Forum: 3.x How-to
Topic: SSL on 3.0.2.5 - how to?
Replies: 5
Views: 438

Re: SSL on 3.0.2.5 - how to?

If you are using the same certificate for both TLS (mail) and HTTPS (web)

You have to make sure you have the appropiate lines in main.cf for the mail

and httpd.conf / or / ssl.conf for apache

I use a Digicert wildcard to do the same.
by thewomble
06 Nov 2018 14:37
Forum: 3.x How-to
Topic: SSL on 3.0.2.5 - how to?
Replies: 5
Views: 438

Re: SSL on 3.0.2.5 - how to?

Is Apache running?

service httpd start

or service httpd restart

does that throw any errors?
by thewomble
26 Oct 2018 11:54
Forum: 3.x How-to
Topic: Block Office documents with Macro's and notify recipient, rulebased
Replies: 8
Views: 2050

Re: Block Office documents with Macro's and notify recipient, rulebased

I agree with above user education is key. They are the best spam dectector you have got with the correct training/education.

The spammers/malware vendors will spoof/rewrite the headers so you may end up hurting your users more with legitimate macro enabled documents depending on what you do.
by thewomble
29 Sep 2018 20:14
Forum: 3.x How-to
Topic: Internet <-> Encryption Gateway <-> EFA <-> Exchange -> How to set up? [FIXED]
Replies: 2
Views: 361

Re: Internet <-> Encryption Gateway <-> EFA <-> Exchange -> How to set up?

What is the purpose of the Encryption Gatway? To send mail out encrypted using PKI (like PGP), or send a web messenger link if PKI is not avilable and decrypt the replies? I would recommend the inbound mail flow Internet >>> EFA >>> Encryption GW >> Exchange, EFA is be better placed the protect you ...
by thewomble
27 Sep 2018 10:53
Forum: Discussion
Topic: multiple domain
Replies: 3
Views: 414

Re: multiple domain

in etc/postfix/main.cf add you domains to line

relay_domains = domain1.com, domain2.com, domain3.com

in etc/postfix/transport

domain1.com smtp:[x.x.x.x]
domain2.com smtp:[x.x.x.x]
domain3.com smtp:[x.x.x.x]

where x.x.x.x is your exchnage server

remember to do "postmap /etc/postfix/transport"
by thewomble
25 Sep 2018 21:34
Forum: Discussion
Topic: multiple domain
Replies: 3
Views: 414

Re: multiple domain

The short answer is yes, it supports as many domains as you want to front. EFA is mailgateway, it not a mail server for accounts, I use it to front an Microsoft exchange environment, so you would also a server behind for IMAP and POP accounts and webmail , eg https://www.dovecot.org/ However see htt...
by thewomble
15 Jun 2018 19:43
Forum: Discussion
Topic: TLS error
Replies: 7
Views: 1164

Re: TLS error

If you have a need/requirement enforce TLS inbound from certain domains. This is an HOW TO: create a file /etc/postfix/tls_server_policy_sender sender-must-be-tls.com reject_plaintext_session In main.cf add check_sender_access hash:/etc/postfix/tls_server_policy_sender, under smtpd_sender_restrictio...
by thewomble
15 May 2018 20:29
Forum: Discussion
Topic: ARC - Authenticated Received Chain
Replies: 2
Views: 779

Re: ARC - Authenticated Received Chain

Currently having a play with this. Compile the OpenARC package: cd git clone https://github.com/trusteddomainproject/OpenARC cd OpenARC autoreconf -fvi ./configure make make install ldconfig And check if the libs are found with: Verify that the package can be run: openarc -V openarc: OpenARC Filter ...
by thewomble
03 Jan 2018 16:02
Forum: 3.x How-to
Topic: Multiple destination server
Replies: 2
Views: 818

Re: Multiple destination server

example.com :[gateway.example.com]

where gateway.example.com would two A records 1.1.1.1 and 1.1.1.2 it would round rob, so send to both.

or use load balancer for sending to 1.1.1.1 and 1.1.1.2 if the first is not available, do not think this logic is available in postfix.
by thewomble
09 Oct 2017 17:04
Forum: 3.x Feature Requests
Topic: View mail Log
Replies: 5
Views: 2572

Re: View mail Log

I have been using tail -f /var/log/maillog to view the maillog log in realtime via SSH I have just installed log.io which allows you view whatever log you want using a browser, plus it allows you to filter in real time. I followed https://www.tecmint.com/linux-server-log-monitoring-with-log-io/ Word...
by thewomble
09 Oct 2017 15:21
Forum: 3.x How-to
Topic: HOWTO - Mailq monitor alerting
Replies: 1
Views: 561

HOWTO - Mailq monitor alerting

I have had an issue where the mail queue grew, which a reboot of EFA fixed, not sure why. However I wanted to create a monitor when send an email alert once this got over a certain threshold, so I created a script as below and saved it to /usr/local/bin/mailqcheck.sh Simply change alertemail variabl...
by thewomble
14 Sep 2017 22:06
Forum: 3.x How-to
Topic: Configuring EFA
Replies: 7
Views: 1301

Re: Configuring EFA

I use WINSCP to make changes to the files, using the built in editor.

Tera Term Pro (SSH) for console access.
by thewomble
24 Aug 2017 15:59
Forum: Discussion
Topic: EFA vs DKIM signing plug in module
Replies: 3
Views: 950

Re: EFA vs DKIM signing plug in module

DKIM can be found here

viewtopic.php?t=1006



While you are at it implement DMARC see viewtopic.php?f=14&t=2616
by thewomble
24 Aug 2017 15:54
Forum: Discussion
Topic: SPF not working
Replies: 12
Views: 4264

Re: SPF not working

Check your SPF record is correct

https://vamsoft.com/support/tools/spf-syntax-validator

Have you an example of the one of the domains?
by thewomble
21 Aug 2017 19:12
Forum: Discussion
Topic: Pyzor Questions
Replies: 25
Views: 3746

Re: Pyzor Questions

Wow this as been busy while I been away on leave.

I notice pyzor.nova53.net is listed, is this a look source to add to the setup?

Is the pyzor.scrolloutf1 worth adding for those that have tested it?
by thewomble
21 Aug 2017 18:28
Forum: 3.x How-to
Topic: Implementing DMARC : How to
Replies: 1
Views: 1875

Implementing DMARC : How to

I was asked to get DMARC working on top of the EFA box. So I read the forum post here which discussed does EFA support SPF/DKIM/DMARC https://forum.efa-project.org/viewtopic.php?f=5&t=2239&p=8518&hilit=DMARC#p8518 DKIM can be found here https://forum.efa-project.org/viewtopic.php?t=1006 This assumes...
by thewomble
26 Jul 2017 12:16
Forum: Discussion
Topic: Pyzor Questions
Replies: 25
Views: 3746

Re: Pyzor Questions

With regards to version 1.0 it was more a question of any dependances that anybody was aware of. I have going to download and have a play and report back once was working. Pyzor is working, Pyzor ping works. Tried /var/spool/postfix/.pyzor also tried /var/spool/MailScanner/spammassassin but Pyzor pi...
by thewomble
25 Jul 2017 13:17
Forum: Discussion
Topic: Pyzor Questions
Replies: 25
Views: 3746

Pyzor Questions

I noticed that the Pyzor on the latest EFA is version 0.7, while version 1.0 is available.

Do you know of a reason to not move to 1.0?

Also where are of the configuration files, I was looking add "pyzor.scrolloutf1.com:24441" as another server to the default.