Search found 30 matches

by DavidRa
14 Apr 2020 03:38
Forum: 4.x Bugs
Topic: No email delivered - Sender Domain not found (all DNS broken)
Replies: 11
Views: 5437

Re: No email delivered - Sender Domain not found (all DNS broken)

My quibble with enabling recursion is that it disables all forwarders - and the configuration for recursion is hidden / unavailable. In fact the reason it was disabled in the first place was so that I could properly specify the internal nameservers - rather than reconfiguring the firewall to permit ...
by DavidRa
14 Apr 2020 01:57
Forum: 4.x Bugs
Topic: No email delivered - Sender Domain not found (all DNS broken)
Replies: 11
Views: 5437

No email delivered - Sender Domain not found (all DNS broken)

I'm not sure if this is something new as of a recent update, but just this morning I've woken to EFA not delivering anything from anyone. I'm running the same environment as I built months ago, now updated to 4.0.2. Up until yesterday everything seemed kosher. Today, external emails are rejected wit...
by DavidRa
08 Feb 2020 06:57
Forum: 4.x Bugs
Topic: error installing on centOS 7
Replies: 3
Views: 2182

Re: error installing on centOS 7

I'm getting the same error in /var/log/eFa/build.log using the default build script, looks like a missing / updated / NOT updated public key somewhere: Downloading packages: warning: /var/cache/yum/x86_64/7/eFa4/packages/postfix_eFa-3.3.0-1.eFa.el7.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 10...
by DavidRa
09 Jul 2019 00:56
Forum: 4.x Bugs
Topic: Something updated 8-Jul 8am GMT+10, now it's broken
Replies: 3
Views: 14868

Re: Something updated 8-Jul 8am GMT+10, now it's broken

Ah. Is that with yum update or something else? Assuming that fixes it (sounds like it will) is that something that the final v4 release can "work around" - e.g. with a custom yum repo somewhere which only publishes upstream stuff once any extra bits are written/updated?
by DavidRa
08 Jul 2019 10:38
Forum: 4.x Bugs
Topic: Something updated 8-Jul 8am GMT+10, now it's broken
Replies: 3
Views: 14868

Something updated 8-Jul 8am GMT+10, now it's broken

1) I downloaded the official latest CentOS 7 ISO long ago from centos.org and its integrity is still in question 2) I created a virtual machine on Hyper-V 2025 with between 2 and 32 CPUs, 8GB, synthetic 10Mbps NIC and ISA MFM controller ;) 3) I have DHCP available on my instance's network and the in...
by DavidRa
21 May 2019 01:43
Forum: 4.x Bugs
Topic: Whitelisting ... doesn't seem to do anything
Replies: 3
Views: 3062

Re: Whitelisting ... doesn't seem to do anything

Do you mean I can enter "@example.org" on the whitelist (not the blacklist - we're trying to allow, not block!) and it will match all senders from that domain? Or do you mean default@example.org?
by DavidRa
20 May 2019 08:11
Forum: 4.x Bugs
Topic: Whitelisting ... doesn't seem to do anything
Replies: 3
Views: 3062

Whitelisting ... doesn't seem to do anything

1) I downloaded the official latest CentOS 7 ISO on 18 Apr from centos.org and checked its integrity 2) I created a virtual machine on Hyper-V with 4 CPUS, 8GB, Synthetic NIC, IDE for storage (Generation 1 - BIOS mode) 3) I have DHCP available on my instance's network and the instance can reach the ...
by DavidRa
19 Apr 2019 10:57
Forum: 4.x Bugs
Topic: Mail delayed in Milter Incoming queue
Replies: 3
Views: 3713

Re: Mail delayed in Milter Incoming queue

henk wrote: 18 Apr 2019 18:02Great firewall :whistle:
Yeah it's not great.

I have reviewed both logs, but nothing jumped out at me - and now it appears to be operating normally. So perhaps I was just impatient - I'll keep an eye on it and post logs if there's anything obvious. Thanks though!
by DavidRa
18 Apr 2019 15:45
Forum: 4.x Bugs
Topic: Mail delayed in Milter Incoming queue
Replies: 3
Views: 3713

Mail delayed in Milter Incoming queue

Following the requested format here :) 1) I downloaded the official latest CentOS 7 ISO on 18 Apr from centos.org and checked its integrity 2) I created a virtual machine on Hyper-V with 4 CPUS, 8GB, Synthetic NIC, IDE for storage (Generation 1 - BIOS mode) 3) I have DHCP available on my instance's ...
by DavidRa
25 Feb 2018 10:48
Forum: Discussion
Topic: How to remove efa sign
Replies: 3
Views: 5489

Re: How to remove efa sign

Seems the current EFA-Configure has a small problem configuring Spam and Non-spam settings. After the last question is answered, e.g.: [eFa] Non spam signatures DISABLED MailScanner: unrecognized service Worth adding a bug for v4? Appears to be failing to reload MailScanner service, even though it's...
by DavidRa
20 Mar 2016 13:48
Forum: Discussion
Topic: 3.0.0.9 Update
Replies: 3
Views: 3066

3.0.0.9 Update

Nice job guys. Looks like it all worked from 3.0.0.8 perfectly. Unless someone beats me to it, I'll see if I can work up a more detailed "how to replace the certificate" guide - since it identifies as localhost.localdomain, it throws cert errors. Perhaps it would be possible to integrate L...
by DavidRa
30 Jan 2015 05:29
Forum: 3.x Bugs
Topic: 3005 and 3006 update HYPERV - things not working right
Replies: 3
Views: 4166

Re: 3005 and 3006 update HYPERV - things not working right

I can confirm I'm running production quality on Hyper-V just fine. A couple of things: VHD works fine on Server 2012 and 2012 R2, so you could continue with the VHD (though I concur that VHDX is preferred) If you create a new VM for EFA, it must be a Gen1 VM not Gen2 You need to attach the VHDX (aft...
by DavidRa
16 Sep 2014 06:50
Forum: Discussion
Topic: rejected: Domain not found;
Replies: 3
Views: 5287

Re: rejected: Domain not found;

This can also occur if your DNS does not return MX records for the domain. This might happen if you're running split DNS, and the EFA ends up looking at the internal DNS servers instead of external.
by DavidRa
25 Oct 2013 07:24
Forum: Development
Topic: E.F.A. 2.x Info
Replies: 16
Views: 20160

Re: E.F.A. 2.x Info

It's not actually clear how to help you - while the source is on Github, there's no real "list of little tasks that needs investigating/fixing" or an easy way I can find to help. Suggestions welcome (and might be good to have in general).
by DavidRa
22 Oct 2013 03:37
Forum: Development
Topic: E.F.A. 2.x Info
Replies: 16
Views: 20160

Re: E.F.A. 2.x Info

Can I suggest that we include the Sane Security databases in the default build, with appropriate attribution: http://sanesecurity.com/usage/linux-scripts/ describes scripts to download and install the custom databases to ClamAV. http://sanesecurity.com/usage/signatures/ describes the databases avail...
by DavidRa
22 May 2013 07:39
Forum: Discussion
Topic: Link to mark as spam in missed spam mail
Replies: 3
Views: 4699

Re: Link to mark as spam in missed spam mail

What about a slightly different approach - perhaps the ability to forward the email to a particular address (e.g. "spam@mydomain.com") and have emails to that address be added to the various tools as spam? You could also then create honeypots to help train the anti-spam processes (e.g. you...
by DavidRa
06 May 2013 10:40
Forum: Discussion
Topic: Are baruwa reports complete?
Replies: 3
Views: 4239

Re: Are baruwa reports complete?

How intriguing. Perhaps then it's config or status. I imagine it's highly likely to be at least slightly misconfigured. Indeed - I just realised that dccifd has never been able to communicate with the world (port 6277 UDP). Maybe I should go back and check all the config too. Edit: Ah, lots of missi...
by DavidRa
06 May 2013 04:06
Forum: Discussion
Topic: Are baruwa reports complete?
Replies: 3
Views: 4239

Are baruwa reports complete?

I'm not sure if this is expected - but I'm almost certainly seeing incomplete or partial daily spam reports from baruwa. In case it's not clear I mean the reports with subject "Baruwa quarantine report for ..." I'm almost 100% sure I get hundreds or thousands of spams a day (thirty or so m...
by DavidRa
21 Feb 2013 00:52
Forum: Discussion
Topic: Updating / Patching?
Replies: 3
Views: 4877

Re: Updating / Patching?

Seems like a reasonable approach, but it will take some time to get right. In the meantime - any suggestions on things to update and how?
by DavidRa
20 Feb 2013 09:01
Forum: Discussion
Topic: Updating / Patching?
Replies: 3
Views: 4877

Updating / Patching?

Is there any need to update packages or the kernel in the EFA appliance? How do we do it? Background: I've noticed that there's a higher volume of spam getting through the appliance to my server. Plus, there are always bugs and fixes for various bits and pieces (OK less for pieces like Postfix than ...
by DavidRa
25 Jan 2013 00:43
Forum: Bugs
Topic: [0.3] Error training SA from Quarantine after hostname chg
Replies: 7
Views: 7913

Re: [0.3] Error training SA from Quarantine after hostname c

Tried this - and I couldn't get it to work. I assume it should be done after the name change (in EFA-Configure)? Or does it need to be done "in the middle" of the name change? root@ oldname :/home/efaadmin# PASSWD="`cat /etc/baruwa/settings.py | grep "BROKER_PASSWORD =" | se...
by DavidRa
22 Jan 2013 11:27
Forum: Bugs
Topic: [0.3] Error training SA from Quarantine after hostname chg
Replies: 7
Views: 7913

Re: [0.3] Error training SA from Quarantine

Yeah, that seems to be borne out by the log file (/var/log/rabbitmq@hostname): =INFO REPORT==== 22-Jan-2013::12:06:13 === accepted TCP connection on 0.0.0.0:5672 from 127.0.0.1:38131 =INFO REPORT==== 22-Jan-2013::12:06:13 === starting TCP connection <0.262.0> from 127.0.0.1:38131 =ERROR REPORT==== 2...
by DavidRa
22 Jan 2013 02:42
Forum: How-to
Topic: SPF evaluation tweaks?
Replies: 0
Views: 4651

SPF evaluation tweaks?

I think I need to change the way SPF is evaluated on my EFA appliance. Here's the scenario: Environment has a primary mail delivery location which is EFA - let's call that mail1.contoso.com. I also have a secondary mail delivery location which is a FreeBSD host on a different ISP - let's call that m...
by DavidRa
22 Jan 2013 02:08
Forum: Bugs
Topic: [0.3] Error training SA from Quarantine after hostname chg
Replies: 7
Views: 7913

Re: [0.3] Error training SA from Quarantine

Nope, my log looks nothing like that. From startup through to retries: ---- **** ----- --- * *** * -- [Configuration] -- * - **** --- . broker: amqplib://baruwa@localhost:5672/baruwa - ** ---------- . loader: djcelery.loaders.DjangoLoader - ** ---------- . logfile: /var/log/baruwa/celeryd.log@INFO -...
by DavidRa
21 Jan 2013 05:15
Forum: Bugs
Topic: [0.3] Error training SA from Quarantine after hostname chg
Replies: 7
Views: 7913

[0.3] Error training SA from Quarantine after hostname chg

My EFA still has its training wheels attached; from time to time I get the odd spam through. I've just updated to 0.3, which seemed to go fine, but I cannot train SA any more: http://www.overclockers.com.au/pix/image.php?id=f3z4t&f=1 Click to view full size! Looks like it could be a change from ...