Search found 27 matches

by DavidRa
09 Jul 2019 00:56
Forum: 4.x Bugs
Topic: Something updated 8-Jul 8am GMT+10, now it's broken
Replies: 3
Views: 2423

Re: Something updated 8-Jul 8am GMT+10, now it's broken

Ah. Is that with yum update or something else? Assuming that fixes it (sounds like it will) is that something that the final v4 release can "work around" - e.g. with a custom yum repo somewhere which only publishes upstream stuff once any extra bits are written/updated?
by DavidRa
08 Jul 2019 10:38
Forum: 4.x Bugs
Topic: Something updated 8-Jul 8am GMT+10, now it's broken
Replies: 3
Views: 2423

Something updated 8-Jul 8am GMT+10, now it's broken

1) I downloaded the official latest CentOS 7 ISO long ago from centos.org and its integrity is still in question 2) I created a virtual machine on Hyper-V 2025 with between 2 and 32 CPUs, 8GB, synthetic 10Mbps NIC and ISA MFM controller ;) 3) I have DHCP available on my instance's network and the in...
by DavidRa
21 May 2019 01:43
Forum: 4.x Bugs
Topic: Whitelisting ... doesn't seem to do anything
Replies: 3
Views: 723

Re: Whitelisting ... doesn't seem to do anything

Do you mean I can enter "@example.org" on the whitelist (not the blacklist - we're trying to allow, not block!) and it will match all senders from that domain? Or do you mean default@example.org?
by DavidRa
20 May 2019 08:11
Forum: 4.x Bugs
Topic: Whitelisting ... doesn't seem to do anything
Replies: 3
Views: 723

Whitelisting ... doesn't seem to do anything

1) I downloaded the official latest CentOS 7 ISO on 18 Apr from centos.org and checked its integrity 2) I created a virtual machine on Hyper-V with 4 CPUS, 8GB, Synthetic NIC, IDE for storage (Generation 1 - BIOS mode) 3) I have DHCP available on my instance's network and the instance can reach the ...
by DavidRa
19 Apr 2019 10:57
Forum: 4.x Bugs
Topic: Mail delayed in Milter Incoming queue
Replies: 3
Views: 936

Re: Mail delayed in Milter Incoming queue

henk wrote:
18 Apr 2019 18:02
Great firewall :whistle:
Yeah it's not great.

I have reviewed both logs, but nothing jumped out at me - and now it appears to be operating normally. So perhaps I was just impatient - I'll keep an eye on it and post logs if there's anything obvious. Thanks though!
by DavidRa
18 Apr 2019 15:45
Forum: 4.x Bugs
Topic: Mail delayed in Milter Incoming queue
Replies: 3
Views: 936

Mail delayed in Milter Incoming queue

Following the requested format here :) 1) I downloaded the official latest CentOS 7 ISO on 18 Apr from centos.org and checked its integrity 2) I created a virtual machine on Hyper-V with 4 CPUS, 8GB, Synthetic NIC, IDE for storage (Generation 1 - BIOS mode) 3) I have DHCP available on my instance's ...
by DavidRa
25 Feb 2018 10:48
Forum: Discussion
Topic: How to remove efa sign
Replies: 3
Views: 2069

Re: How to remove efa sign

Seems the current EFA-Configure has a small problem configuring Spam and Non-spam settings. After the last question is answered, e.g.: [eFa] Non spam signatures DISABLED MailScanner: unrecognized service Worth adding a bug for v4? Appears to be failing to reload MailScanner service, even though it's...
by DavidRa
20 Mar 2016 13:48
Forum: Discussion
Topic: 3.0.0.9 Update
Replies: 3
Views: 1431

3.0.0.9 Update

Nice job guys. Looks like it all worked from 3.0.0.8 perfectly. Unless someone beats me to it, I'll see if I can work up a more detailed "how to replace the certificate" guide - since it identifies as localhost.localdomain, it throws cert errors. Perhaps it would be possible to integrate LetsEncrypt...
by DavidRa
30 Jan 2015 05:29
Forum: 3.x Bugs
Topic: 3005 and 3006 update HYPERV - things not working right
Replies: 3
Views: 1762

Re: 3005 and 3006 update HYPERV - things not working right

I can confirm I'm running production quality on Hyper-V just fine. A couple of things: VHD works fine on Server 2012 and 2012 R2, so you could continue with the VHD (though I concur that VHDX is preferred) If you create a new VM for EFA, it must be a Gen1 VM not Gen2 You need to attach the VHDX (aft...
by DavidRa
16 Sep 2014 06:50
Forum: Discussion
Topic: rejected: Domain not found;
Replies: 3
Views: 2715

Re: rejected: Domain not found;

This can also occur if your DNS does not return MX records for the domain. This might happen if you're running split DNS, and the EFA ends up looking at the internal DNS servers instead of external.
by DavidRa
25 Oct 2013 07:24
Forum: Development
Topic: E.F.A. 2.x Info
Replies: 16
Views: 12880

Re: E.F.A. 2.x Info

It's not actually clear how to help you - while the source is on Github, there's no real "list of little tasks that needs investigating/fixing" or an easy way I can find to help. Suggestions welcome (and might be good to have in general).
by DavidRa
22 Oct 2013 03:37
Forum: Development
Topic: E.F.A. 2.x Info
Replies: 16
Views: 12880

Re: E.F.A. 2.x Info

Can I suggest that we include the Sane Security databases in the default build, with appropriate attribution: http://sanesecurity.com/usage/linux-scripts/ describes scripts to download and install the custom databases to ClamAV. http://sanesecurity.com/usage/signatures/ describes the databases avail...
by DavidRa
22 May 2013 07:39
Forum: Discussion
Topic: Link to mark as spam in missed spam mail
Replies: 3
Views: 2744

Re: Link to mark as spam in missed spam mail

What about a slightly different approach - perhaps the ability to forward the email to a particular address (e.g. "spam@mydomain.com") and have emails to that address be added to the various tools as spam? You could also then create honeypots to help train the anti-spam processes (e.g. your standard...
by DavidRa
06 May 2013 10:40
Forum: Discussion
Topic: Are baruwa reports complete?
Replies: 3
Views: 2435

Re: Are baruwa reports complete?

How intriguing. Perhaps then it's config or status. I imagine it's highly likely to be at least slightly misconfigured. Indeed - I just realised that dccifd has never been able to communicate with the world (port 6277 UDP). Maybe I should go back and check all the config too. Edit: Ah, lots of missi...
by DavidRa
06 May 2013 04:06
Forum: Discussion
Topic: Are baruwa reports complete?
Replies: 3
Views: 2435

Are baruwa reports complete?

I'm not sure if this is expected - but I'm almost certainly seeing incomplete or partial daily spam reports from baruwa. In case it's not clear I mean the reports with subject "Baruwa quarantine report for ..." I'm almost 100% sure I get hundreds or thousands of spams a day (thirty or so mailboxes, ...
by DavidRa
21 Feb 2013 00:52
Forum: Discussion
Topic: Updating / Patching?
Replies: 3
Views: 2679

Re: Updating / Patching?

Seems like a reasonable approach, but it will take some time to get right. In the meantime - any suggestions on things to update and how?
by DavidRa
20 Feb 2013 09:01
Forum: Discussion
Topic: Updating / Patching?
Replies: 3
Views: 2679

Updating / Patching?

Is there any need to update packages or the kernel in the EFA appliance? How do we do it? Background: I've noticed that there's a higher volume of spam getting through the appliance to my server. Plus, there are always bugs and fixes for various bits and pieces (OK less for pieces like Postfix than ...
by DavidRa
25 Jan 2013 00:43
Forum: Bugs
Topic: [0.3] Error training SA from Quarantine after hostname chg
Replies: 7
Views: 4687

Re: [0.3] Error training SA from Quarantine after hostname c

Tried this - and I couldn't get it to work. I assume it should be done after the name change (in EFA-Configure)? Or does it need to be done "in the middle" of the name change? root@ oldname :/home/efaadmin# PASSWD="`cat /etc/baruwa/settings.py | grep "BROKER_PASSWORD =" | sed 's/.*BROKER_PASSWORD = ...
by DavidRa
22 Jan 2013 11:27
Forum: Bugs
Topic: [0.3] Error training SA from Quarantine after hostname chg
Replies: 7
Views: 4687

Re: [0.3] Error training SA from Quarantine

Yeah, that seems to be borne out by the log file (/var/log/rabbitmq@hostname): =INFO REPORT==== 22-Jan-2013::12:06:13 === accepted TCP connection on 0.0.0.0:5672 from 127.0.0.1:38131 =INFO REPORT==== 22-Jan-2013::12:06:13 === starting TCP connection <0.262.0> from 127.0.0.1:38131 =ERROR REPORT==== 2...
by DavidRa
22 Jan 2013 02:42
Forum: How-to
Topic: SPF evaluation tweaks?
Replies: 0
Views: 2566

SPF evaluation tweaks?

I think I need to change the way SPF is evaluated on my EFA appliance. Here's the scenario: Environment has a primary mail delivery location which is EFA - let's call that mail1.contoso.com. I also have a secondary mail delivery location which is a FreeBSD host on a different ISP - let's call that m...
by DavidRa
22 Jan 2013 02:08
Forum: Bugs
Topic: [0.3] Error training SA from Quarantine after hostname chg
Replies: 7
Views: 4687

Re: [0.3] Error training SA from Quarantine

Nope, my log looks nothing like that. From startup through to retries: ---- **** ----- --- * *** * -- [Configuration] -- * - **** --- . broker: amqplib://baruwa@localhost:5672/baruwa - ** ---------- . loader: djcelery.loaders.DjangoLoader - ** ---------- . logfile: /var/log/baruwa/celeryd.log@INFO -...
by DavidRa
21 Jan 2013 05:15
Forum: Bugs
Topic: [0.3] Error training SA from Quarantine after hostname chg
Replies: 7
Views: 4687

[0.3] Error training SA from Quarantine after hostname chg

My EFA still has its training wheels attached; from time to time I get the odd spam through. I've just updated to 0.3, which seemed to go fine, but I cannot train SA any more: http://www.overclockers.com.au/pix/image.php?id=f3z4t&f=1 Click to view full size! Looks like it could be a change from 0.2 ...
by DavidRa
31 Dec 2012 02:11
Forum: Discussion
Topic: EFA as outgoing relay / smarthost
Replies: 10
Views: 8126

Re: EFA as outgoing relay / smarthost

Ok - finally I got it working ;) Since I was using webmail, I was single host but strangely it wasnt accepting and was getting RELAY ACCESS. Then I added entire network and doh it accpeted, could that be bug? Perhaps it is a bug. One way to specify a single host (but make it look like a network) wo...
by DavidRa
30 Dec 2012 23:51
Forum: How-to
Topic: Customising quarantine email URLs
Replies: 3
Views: 4130

Re: Customising quarantine email URLs

OK I checked the emails this morning; not only does the link now point to the hostname desired, the error text that used to accompany the "Release" link has vanished too. Win-win! Old "Release" content: MailScanner has detected a possible fraud attempt from "INTERNAL_IP" claiming to be Release New "...
by DavidRa
30 Dec 2012 12:21
Forum: Discussion
Topic: EFA - Hyper-V
Replies: 15
Views: 9751

Re: EFA - Hyper-V

It appears that if you use the pre-built image, but choose not to keep the same MAC address, Debian assigns a new interface name to the (sole) Ethernet adapter. I haven't tested replacing with the synthetic NIC and keeping the MAC - as it appears the kernel doesn't include the Hyper-V extensions and...