Search found 19 matches

by r31griffo
17 May 2017 02:52
Forum: 3.x Bugs
Topic: New build 3.0.2.2, endless loop releasing from quarantine
Replies: 5
Views: 1450

Re: New build 3.0.2.2, endless loop releasing from quarantine

Did this happen upon initial delivery, or did it start after releasing it from quarantine (as the title suggests)? G'day Shawn, I'm sorry for the delayed reply, I usually check in more frequently. I noticed the original quarantined message in the recent messages list in the webinterface, about 20 m...
by r31griffo
12 May 2017 01:09
Forum: 3.x Bugs
Topic: Running into Kernel Problems with 3.0.2.2 Update on Xen 4
Replies: 2
Views: 1019

Re: Running into Kernel Problems with 3.0.2.2 Update on Xen 4

It's not a fix as such...but I don't suppose you're able to run it as HVM?
by r31griffo
11 May 2017 10:33
Forum: 3.x Bugs
Topic: New build 3.0.2.2, endless loop releasing from quarantine
Replies: 5
Views: 1450

Re: New build 3.0.2.2, endless loop releasing from quarantine

I realised that the message ID kept changing when I deleted the 2 stuck in the queue, something was happening but I'm not sure what. I stopped Postfix, deleted again and now they appear to be gone. I've restarted the server to be sure, I'm pretty sure they're gone. So the immediate issue is resolved...
by r31griffo
11 May 2017 10:24
Forum: 3.x Bugs
Topic: New build 3.0.2.2, endless loop releasing from quarantine
Replies: 5
Views: 1450

Re: New build 3.0.2.2, endless loop releasing from quarantine

Thanks for the tip regarding the message queue. I logged in using root's password and went to the area you suggested and can see 2 emails (the same newsletter). I've tied selecting both and deleting and also flushing queue but don't appear to work. Spam Actions = store custom(spam) High Scoring Spam...
by r31griffo
11 May 2017 07:58
Forum: 3.x Bugs
Topic: New build 3.0.2.2, endless loop releasing from quarantine
Replies: 5
Views: 1450

New build 3.0.2.2, endless loop releasing from quarantine

Hi everyone, I've had to turn off my newly built eFa :( One of our users received a newsletter which had a large number of recipients in the TO: field, she released the email and I noticed the recent messages list was populated with this email over and over again. Each time the subject was prepended...
by r31griffo
10 May 2017 13:56
Forum: Discussion
Topic: Ditch mod_security?
Replies: 8
Views: 2002

Re: Ditch mod_security?

@ovizii I'd imagine the reason for Apache may be through inheritance from the original project... There's an eFa v4 thread around here...it'd be a good idea to through it in there. From my perspective, I'm more experienced and would be much happier with that platform too...I'd also like Debian or Ub...
by r31griffo
10 May 2017 08:02
Forum: Discussion
Topic: email reports are not being send
Replies: 9
Views: 1739

Re: email reports are not being send

A little more info on this...I've managed to manually send the report by running: /usr/local/bin/mailwatch/tools/Cron_jobs/mailwatch_quarantine_report.php I suspect the cronjob will kick in from now on. The problem appeared to be at line: 4326 of /var/www/html/mailscanner/functions.php The sender ad...
by r31griffo
10 May 2017 06:30
Forum: Discussion
Topic: email reports are not being send
Replies: 9
Views: 1739

Re: email reports are not being send

Same error here (new install). When I run it manually, I get the following error (there's a little more detail when the user has spam): === Generating report for stest@mydomain.com type=U ==== Recipient e-mail address is stest@mydomain.com ==== Building list for stest@mydomain.com ==== Found 4 quara...
by r31griffo
10 May 2017 01:46
Forum: Discussion
Topic: Ditch mod_security?
Replies: 8
Views: 2002

Re: Ditch mod_security?

YES PLEASE
I can't seem to cast a vote so +1 on yes.

I've been putting up with the errors and refreshing pages to make them appear, if there's a quick way to disable this on my current appliance could someone either describe it here or link me to it?
by r31griffo
10 May 2017 01:27
Forum: Discussion
Topic: Train Bayes with an email archive
Replies: 3
Views: 1503

Train Bayes with an email archive

G'day everyone, I've recently implemented eFa (3.0.2.2) for filtering emails inbound to my Exchange 2013 server (receives 50~75 emails a day). We don't necessarily receive a lot of spam but after a couple of cryptolocker style attachments were executed in recent times :roll: I've taken upon myself t...
by r31griffo
09 May 2017 05:50
Forum: 3.x How-to
Topic: How to integrate E.F.A with Active Directory on 3.0.0.9
Replies: 39
Views: 18221

Re: How to integrate E.F.A with Active Directory on 3.0.0.9

Very nice script! I'd like to request a couple of feature changes though (if possible), I'd have a go myself but I'm totally lost with Python. I have a few distribution lists that would be nice to automatically import, I tried modifying the filter to include all members of a group but the script err...
by r31griffo
09 May 2017 03:39
Forum: 3.x How-to
Topic: How to integrate E.F.A with Active Directory on 3.0.0.9
Replies: 39
Views: 18221

Re: How to integrate E.F.A with Active Directory on 3.0.0.9

That'll teach me for not fully reading the thread...the prerequisites were on the first page but there was a missing step with installing them. It would seem that pip3.4 isn't included with the Python34 package...just to flesh it out a bit for those like me: yum install python34 yum install python34...
by r31griffo
09 May 2017 03:23
Forum: 3.x How-to
Topic: How to integrate E.F.A with Active Directory on 3.0.0.9
Replies: 39
Views: 18221

Re: How to integrate E.F.A with Active Directory on 3.0.0.9

I'd like to give the script a go but I'm a bit of a noob when it comes to Python and Centos' package manager... About the closest I came was copying the script to my VM and installing python 3.4, but when I ran it I received the following error: ImportError: No module named 'ldap3' I've rolled back ...
by r31griffo
10 Apr 2017 11:20
Forum: 3.x Bugs
Topic: 3.0.1.9 permission issues
Replies: 35
Views: 7268

Re: 3.0.1.9 permission issues

Thanks shawniverson.
Is there a thread related to the reports problem?...It's not the "Directory Transversal" thing is it?
by r31griffo
10 Apr 2017 01:37
Forum: 3.x Bugs
Topic: 3.0.1.9 permission issues
Replies: 35
Views: 7268

Re: 3.0.1.9 permission issues

Hi Shawniverson, I've been tinkering with 3.0.1.9 and it looks great, but I'm considering waiting until 3.0.2.0 is released before putting this into production. If you were to estimate (I won't hold you to it), could you indicate when this might be released? This is just so I can make an informed de...
by r31griffo
03 Apr 2017 05:02
Forum: Discussion
Topic: Forbidden error on fresh install
Replies: 5
Views: 1414

Re: Forbidden error on fresh install

Hi everyone, The "Directory Traversal" problem I'm experiencing appears to be caused by an if statement in msrule.php. There's a variable defined that checks for the MailScanner conf directory (/etc/MailScanner) and if the file isn't inside that directory path the result is to display "Directory tra...
by r31griffo
31 Mar 2017 14:56
Forum: Discussion
Topic: Forbidden error on fresh install
Replies: 5
Views: 1414

Re: Forbidden error on fresh install

I've come past another issue while looking around the interface. Tools and Links > MailScanner Configuration > view_any_rule_file and I would get the same forbidden error and logs showed more modsecurity errors...added the ID's to the file which now looks like: SecRuleRemoveById 960017 SecRuleRemove...
by r31griffo
31 Mar 2017 12:06
Forum: Discussion
Topic: Forbidden error on fresh install
Replies: 5
Views: 1414

Re: Forbidden error on fresh install

Hi Henk, Thanks for the quick response, I've done a few tests and it looks like it's working now. I first tried adding "SecRuleRemoveById 981173" in both sections prior to </IfModule> but this didn't seem to have an effect. I re-read the thread you suggested and added the following to each section o...
by r31griffo
31 Mar 2017 08:42
Forum: Discussion
Topic: Forbidden error on fresh install
Replies: 5
Views: 1414

Forbidden error on fresh install

G'day everyone, After looking around for a suitable filter to put in front of our Exchange server I've settled on EFA. I've attempted using both a clean Centos6 build and install and also importing the vmware image into our Xenserver but have had similar problems with each. I can log in to the web i...