efa-project.org

Your method above is blocking at smtp level, although it is not recommended because eFa has a spamassassin (please read from the page you provided).


Yes, you're right. However, I am asking myself what would fit better for my setup. Deny to enter my eFa appliance and to kept processing and ...

I have tried to change my setup (eFav5) towards DQS Service according this guide:
https://docs.spamhaus.com/datasets/docs/source/40-real-world-usage/MTAs/020-Postfix.html

However, the blocklist-tester shows no filtering results, i.e. the test e-mails are coming in... :?:

Has anybody a hint for ...

I have tested an older snapshot of this install, before I had played arround with all these SElinux errors. It seems to be that my changes to overcome these problems have affected also the greylisting path.

With the older snapshot and all corrections made with SELinux the problem does not exist ...

In www-error.log:

[03-Jul-2024 14:50:00 Europe/Berlin] PHP Warning: Directory /var/www/html/mailscanner/lib/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serial izer not writable, please chmod to 777 in /var/www/html/mailscanner/lib/htmlpurifier/HTMLPurifier.standalone.php on line 15816

The permissions are set correct. Any other Idea?

Wit hmy new eFa v5 box had had until yesterday a working grylisting tab in mailwatch. Now I am getting

Any idea how to find the root cause? SELinux have been set to permissive in order exclude this function a root cause.

When trying to update the GeoIP database via Mailwatch GUI I get on my new eFa-5.0.0-8 an error:
read or write error on DIR /var/www/html/mailscanner/temp/

drwxrwxr-x. 2 root root 53 8. Jul 08:13 temp

After changing it to

drwxrwxr-x. 2 root apache 53 8. Jul 08:13 temp

it was working as ...

I could confirm that the problem has not shown up again after applying the update.sh.

Next weekend I will change the mail flow from our eFa v4 box to the new setup as a final test.

Update 08.07.2024:

eFa v5.0.0.8 is now in production and is running fine as expected since yesterday.

BR Andreas

We have been also hit with this problem for the first time in June o nour Efa v4 box.
opendmarc[2430]: 4W0s5802MNzCVjQy: ignoring invalid ARC-Authentication-Results header "i=1;#012#011mailrelay.teuto.net;#012 #011none"


Fortunately the related e-mail comes from one single IP/domain address, so I ...

We have been also hit with this problem for the first time in June o nour Efa v4 box.

Fortunately the related e-mail comes from one single IP/domain address, so I put it in /etc/opendmarc/ignore.hosts.

Interestingly the domain is also related to a German based company. (teuto.net)

I have seen a ...

I will report asap, as I am at Lanzarote island without access to my computer.

Yes, I am on the latest available version. I have started with the beta, I think it was 5.0.04 or 5.0.05. Then switched to the release repo.

In maillog I could see:

Mail watch: SQLSpamsettings:: unable to initialise database connection: Access denied for user 'mailwatch'@'localhost' (using password:YES)

In Mailwatch webgui I do not see messages which has sent under the quarantine day even that they were sent and visible at the related ...

Your problem is likely SELinux, since you changed the path of the quarantine directory. If you look in /var/log/audit/audit.log you'll likely see a lot of denied operations.


Thank you for this hint, I have corrected the SELinux security context as it was not like on my eFav4 box used in ...

Hi Shawn,

the problem is now gone :-)

Another question for guidance. I wanted to move the quarantine folder to a separate disk on my VM. This resultet in this message:
MailScanner[4657]: writing to /MailScanner-quarantine/20240508/nonspam/4VZGJK1Hyyz2bVWF: No such file or directory

Seems to be ...

Is this problem solved with the the recent update?


The relay information in mailwatch is again missing as reported here:

viewtopic.php?t=5052

After reboot I found this message at Cli:

systemd-sysv-generator[595]: SysV service '/etc/rc.d/init.d/adcc' lacks a native systemd unit file. Automatically generating a unit file for compatibility. Please update package to include a native systemd unit file, in order to make it more safe and ...

Today installed on Rocky Linux 9 server. Sofar no problem detected.

I will copy step by step my individual settings from my eFav4 production box.

Should I test something specific?

Due to some difficulties with my current used eFa box I had to recover corrupt databases.
(What has happend is not clear to me as my VM was always properly shutdown (?), but it was claimed in the log that some logs were in the future...)

That said Iam now looking closer into this part of eFa and ...

...
Modern mail servers prefer encrypted connections. Old mail servers are happy to use unencrypted.

Many ISPs block port 25 traffic, but allow 587. A mail server should allow both.


I would disagree here again. Port 25 could not be blocked in any case as all standard mailservers will contact ...

Port 587 is necessary for anonymous encryption between mailservers. Port 25 traffic is usually unencrypted. It is good to have port 587 for mailservers that want to encrypt the connection, otherwise 3rd parties can read the email traffic as it travel between mailservers.
[/quote]

This is not ...

Our eFa box sends all ougoing traffic not directly to the reciepent mta. We use a relay server were we authenticate over port 587.

I'm thinking like conventional mail server, Postfix SMTP server uses Dovecot SASL, and this Dovecot SASL Authentication to authenticate/validate POP/IMAP clients.

CMIIW is that because the op open port dovecot to the outside on his Efa Box, that is why he saw authentication failure report ...

What changes did you make to your postfix-sasl jail configuration?


In my eFa.local jail:


[DEFAULT]
blocklist_de_apikey = after registered at blocklist.de available and after you have registered your server!
destemail = myemail@domain.com = recipient to receive local notification of service ...

dovecot is just acting as the authenticator.


That was my point were I was struggeling a bit. As I use the eFa box only as the external gateway it was not clear to me why dovecot with POP3 and IMAP capability is here involved.

Now I know it :-)

And yes, the solution is fail2ban which I am ...