Search found 18 matches

by benscha
08 Aug 2019 11:28
Forum: 3.x Bugs
Topic: Sophos does not Block Malware Detection Mail will be sent
Replies: 2
Views: 2318

Re: Sophos does not Block Malware Detection Mail will be sent

Hi shawniverson

thx for your reply.

the path in /etc/MailScanner/virus.scanners.conf is correct.

should i disable sophos daemon?

thx!
by benscha
07 Aug 2019 15:09
Forum: 3.x Bugs
Topic: Sophos does not Block Malware Detection Mail will be sent
Replies: 2
Views: 2318

Sophos does not Block Malware Detection Mail will be sent

Hi Guys i got the following issue. Sophos is installed on my EFA. Sophos will detect the Malware and a E-Mail will be sent: Subject: [SAV-LINUX] Threat 'Troj/RtfExp-EP' detected on efa.domain.local A threat classified as 'Troj/RtfExp-EP' was detected in the file '/var/spool/MailScanner/incoming/Spam...
by benscha
16 Jul 2019 08:48
Forum: Discussion
Topic: block deny extension in .zip or .rar file
Replies: 12
Views: 2983

Re: block deny extension in .zip or .rar file

Hey Guys i have the same issues here... EFA-3.0.2.6. Maximum Archive Depth = 4 Find Archives By Content = yes in /etc/archive.filetype.rules.conf i have the following line: deny \.exe$ Windows/DOS Executable Executable DOS/Windows programs are dangerous in email Also Sophos will detect the File but ...
by benscha
30 Jun 2019 16:02
Forum: 3.x Feature Requests
Topic: Spam/Phishing in QR Codes
Replies: 0
Views: 2611

Spam/Phishing in QR Codes

Hey Guys Today i found an Article on heise.de about phishing with QR Codes. Does anyone of you Guys already has a solution to solve this challenge, or any idea how to solve this problem by creating a Spamassassing Plugin. My experience is no that deep, to create plugins, but there should be any solu...
by benscha
24 Jun 2019 15:00
Forum: 3.x How-to
Topic: Autolearn Mails that are sent to a spamtrap Address
Replies: 0
Views: 2038

Autolearn Mails that are sent to a spamtrap Address

Hi Guys if anyone has published some spamtrap Mailaddresses here you can find a small script that will autolearn each mail that arrives to this addresses. Before Start: You need to create a file with your spamtrap addresses listed. in my case the file is in "/scripts/spamtrap_addresses" #Read a File...
by benscha
20 Jun 2019 09:40
Forum: 3.x How-to
Topic: Uriskip, software
Replies: 6
Views: 741

Re: Uriskip, software

sorry Nicola

i shame on me... :liar: i found the error. the uriskip.cf file was missing! everything works fine now!

thx a lot! buon estate
by benscha
19 Jun 2019 15:40
Forum: 3.x How-to
Topic: Uriskip, software
Replies: 6
Views: 741

Re: Uriskip, software

actually i did not modified anything expect the VURIFIXED Parameter
by benscha
19 Jun 2019 13:03
Forum: 3.x How-to
Topic: Uriskip, software
Replies: 6
Views: 741

Re: Uriskip, software

Ciao Nicola Unfortunately the script ist not running on my efa box... i'll the the following output ./uriskip.sh: line 10: : command not found ./uriskip.sh: line 42: : command not found ./uriskip.sh: line 43: : command not found ./uriskip.sh: line 47: : command not found ./uriskip.sh: line 48: : com...
by benscha
04 Mar 2019 15:06
Forum: 3.x How-to
Topic: Custom bad sites Phishtank.com
Replies: 12
Views: 1507

Re: Custom bad sites Phishtank.com

Hi Guys i have extended the Script with some Blacklists. www.openphish.com ransomwaretracker.abuse.ch malwaredomains.com #!/bin/bash ############################################################## # www.phishtank.com | Phishing Sites # ############################################################## # ...
by benscha
21 Feb 2019 14:26
Forum: 3.x How-to
Topic: Unable to release some blocked messages
Replies: 26
Views: 10468

Re: Unable to release some blocked messages

Hey Guys i have to heat up this thread. I'd like to release a message from the quarantine and my Exchange 2013 will not receive anything... in /var/log/maillog i can find the following entry everytime i release a message: Feb 21 15:15:35 pcm-efa postfix/sendmail[52011]: fatal: recipient@domain.com(4...
by benscha
04 Dec 2018 14:20
Forum: 3.x How-to
Topic: Ban flooding IPs
Replies: 10
Views: 1466

Re: Ban flooding IPs

install fail2ban and import the sender ip's to it. maybe there is a way to count here is my Code Snippet to import ip's wget -P /tmp/iplist http://api.blocklist.de/getlast.php?time=3600&service=mail mv /tmp/iplist/getlast.php\?time\=3600 /tmp/iplist.txt while read ip do fail2ban-client set postfix-s...
by benscha
20 Mar 2018 10:32
Forum: Discussion
Topic: Learn Spam Mails from untroubled.org
Replies: 4
Views: 1374

Re: Learn Spam Mails from untroubled.org

Hi genotix

nice if someone can use my script. :dance:

my spam-learn script looks similar to yours.

Code: Select all

cd /usr/bin
./sa-learn --spam /home/root/scripts/learn/spam --progress 
rm /home/root/scripts/learn/spam/*
echo '*** fight the spam ***'
by benscha
12 Feb 2018 14:03
Forum: 3.x How-to
Topic: create Postfix IP Blocklists
Replies: 3
Views: 1335

Re: create Postfix IP Blocklists

@pdwalker do you have any numbers of hits from the blocklist?
by benscha
08 Feb 2018 09:12
Forum: 3.x Bugs
Topic: Release Mail from Quarantine
Replies: 1
Views: 1995

Re: Release Mail from Quarantine

Found the Solution

in mailscanner.conf i had to change the following line:

line 1310

Code: Select all

Quarantine Whole Messages As Queue Files = no
now the Mails could be released from Quarantine! :D
by benscha
24 Jan 2018 08:40
Forum: 3.x Bugs
Topic: Release Mail from Quarantine
Replies: 1
Views: 1995

Release Mail from Quarantine

Hi Guys i'm new with efa-project and need release a Mail from the quarantine. the mail will be sent to the user but the mail is in a unreadable format. the Sender of the Mail is "Apache" From: Apache <user.name@domain.com> the Mail in Outlook looks like this C_ 93578 821 1 0 93578 0T 1516729996 3249...
by benscha
23 Jan 2018 12:05
Forum: 3.x How-to
Topic: create Postfix IP Blocklists
Replies: 3
Views: 1335

create Postfix IP Blocklists

Hi Guys i use some additional Blacklists wich i found on https://lists.blocklist.de/lists/ the lists will be updated frequently. like for my other scripts i use the following folder structure home/ ├── root/ ├── scripts ├── learn ├── ham └── spam cd /home/root/scripts #Download Mail Blacklist wget h...
by benscha
23 Jan 2018 10:42
Forum: Discussion
Topic: Learn Spam Mails from untroubled.org
Replies: 4
Views: 1374

Learn Spam Mails from untroubled.org

Hi Guys for a long time i train the Mails from http://untroubled.org/spam/ to my Bayes DB. There are a lot Textmails and Mails with Attachments to train. that i don't need to do this manual i have created some scripts that will be run every night with a cronjob: you need the following folder structu...
by benscha
23 Jan 2018 10:33
Forum: Discussion
Topic: Train Bayes with an email archive
Replies: 3
Views: 1944

Re: Train Bayes with an email archive

hi Guys i'm new with the efa-project. before i used copfilter on a old ipcop system. from there i used the DMZS-sa-learn.pl script from https://www.dmzs.com/tools/files/spam/DMZS-sa-learn.pl to train mails directly from a Mailbox on our Exchangeserver over Imap. i just had to change some path and th...