Search found 108 matches

by smyers119
05 Feb 2021 13:55
Forum: 4.x Bugs
Topic: Spamassasin rule sometimes active when it shouldn't?
Replies: 5
Views: 3121

Re: Spamassasin rule sometimes active when it shouldn't?

Feb 5 10:12:10.286 [81210] warn: config: invalid regexp for __LOCAL_FROM_TLD_1 '/@.{1,}\.com/iU': invalid end delimiter/mods 0.00229 Feb 5 10:12:10.286 [81210] warn: config: invalid regexp for __LOCAL_FROM_TLD_2 '/@.{1,}\.nl/iU': invalid end delimiter/mods 1.0E-5 Feb 5 10:12:10.286 [81210] warn: co...
by smyers119
05 Feb 2021 01:35
Forum: 4.x Bugs
Topic: Spamassasin rule sometimes active when it shouldn't?
Replies: 5
Views: 3121

Re: Spamassasin rule sometimes active when it shouldn't?

Your regular expression is fine, that is weird that it's not working correctly What happens if we change it up a little? # add points if the From address is not a valid host in a listed TLD header __LOCAL_FROM_TLD_1 From =~ /@.{1,}\.com/iU header __LOCAL_FROM_TLD_2 From =~ /@.{1,}\.nl/iU header __LO...
by smyers119
29 Jan 2021 18:09
Forum: 4.x Bugs
Topic: EFA 4 to Outlook 365
Replies: 1
Views: 1616

Re: EFA 4 to Outlook 365

Since it's a singular issue the problem is probably the script and not the efa appliance.
by smyers119
19 Jan 2021 20:23
Forum: 4.x Bugs
Topic: TLS 1.0 1.1 not working on postfix
Replies: 24
Views: 12247

Re: TLS 1.0 1.1 not wirking

[uname@mx01 log]$ sudo grep "TLS connection established" maillog | sed 's/.*: //g' | sort | uniq -c | sort -rn 2773 TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) 254 TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (20...
by smyers119
19 Jan 2021 20:10
Forum: 4.x Bugs
Topic: TLS 1.0 1.1 not working on postfix
Replies: 24
Views: 12247

Re: TLS 1.0 1.1 not wirking

Should be configurable in main.cf. I just checked my config, it is not blocked in my config but I have no TLS 1.1 connections either.
by smyers119
15 Jan 2021 12:45
Forum: Discussion
Topic: No score for MAILSPIKE
Replies: 2
Views: 2217

Re: No score for MAILSPIKE

I updated my local.cf to this score RCVD_IN_MSPIKE_BL 0.001 2.0 0.001 2.0 score RCVD_IN_MSPIKE_L5 0.001 2.0 0.001 2.0 score RCVD_IN_MSPIKE_L4 0.001 1.8 0.001 1.8 score RCVD_IN_MSPIKE_L3 0.001 1.2 0.001 1.2 score RCVD_IN_MSPIKE_L2 0.001 0.6 0.001 0.6 score RCVD_IN_MSPIKE_H2 0.001 -0.5 0.002 -0.5 scor...
by smyers119
10 Jan 2021 18:20
Forum: 4.x Bugs
Topic: ***SOLVED*** Recent Cron Error
Replies: 2
Views: 2432

Re: Recent Cron Error

Just got a chance to look at this, and it appears the hostname package was missing. strange.
by smyers119
08 Jan 2021 20:16
Forum: Discussion
Topic: FQRDNS Bot Spam Killer
Replies: 0
Views: 3219

FQRDNS Bot Spam Killer

Has anyone with EFA tried this yet, if so what did you think, Hoe big of a difference did it make?? The following set of regular expressions attempt to stop bot spam connections by matching the FQrDNS name of the sending IP against known consumerish rDNS patterns or other rDNS patterns likely to be ...
by smyers119
08 Jan 2021 17:37
Forum: 4.x Bugs
Topic: Virus Scanning rule doesnt work
Replies: 4
Views: 2752

Re: Virus Scanning rule doesnt work

Did you restart mailscanner after making the changes?

What happens if you do below?

Code: Select all

From: 10.1.1.0/24 no
FromOrTo: default yes
by smyers119
08 Jan 2021 14:04
Forum: 4.x Bugs
Topic: ***SOLVED*** Recent Cron Error
Replies: 2
Views: 2432

***SOLVED*** Recent Cron Error

I haven't had a chance to look into this yet but it doesn't appear to be effecting anything at the moment.
/etc/cron.hourly/mailscanner:

/usr/sbin/ms-check: line 40: hostname: command not found
by smyers119
21 Dec 2020 13:14
Forum: 4.x Bugs
Topic: Virus Scanning: Denial Of Service attack detected!
Replies: 40
Views: 44224

Re: Virus Scanning: Denial Of Service attack detected!

From the docs: In order to apply filename and filetype checks on the contents of Zip, Rar and UU-encoded archives, they are all unpacked. The Rar archives are unpacked using an external "unrar" program, while Zip and UU-encoded archives are handled internally. Any archive found nested deep...
by smyers119
11 Dec 2020 20:24
Forum: Discussion
Topic: Next Major Release OS Version Survey 2020
Replies: 27
Views: 223496

Re: Next Major Release OS Version Survey 2020

I vote Rocky Linux or Debian

Rocky would be a simple transition, Debian not so much, but I do love Debian.

I don't really consider ubuntu or Devuan viable candidates.
by smyers119
15 Nov 2020 15:31
Forum: 4.x Bugs
Topic: better error detection
Replies: 1
Views: 1478

better error detection

I was spinning up a new instance on a container in my private cloud. Installed efa4 which originally did not complete successfully because i was missing yum-utils. After i installed that everything seemed to go ok. When i went to do a system restore that failed because tar was not installed. The scr...
by smyers119
04 Nov 2020 12:01
Forum: Discussion
Topic: New KAM rule
Replies: 1
Views: 1730

Re: New KAM rule

#Nothing but sig body __KAM_SIGONLY1 /.{0,10}--/i tflags __KAM_SIGONLY1 nosubject meta KAM_SIGONLY (__KAM_SIGONLY1 >= 1) score KAM_SIGONLY 1.5 describe KAM_SIGONLY Messages is (mostly) just a signature #SigOnly spam meta KAM_SIGONLY2 (KAM_SIGONLY + (__KAM_DIDYOUBODY + __KAM_DIDYOUSUBJ >= 1) >= 2) sc...
by smyers119
28 Sep 2020 11:08
Forum: How-to
Topic: Plugins page updated
Replies: 9
Views: 7507

Re: Plugins page updated

HEre's his contact information Nicola Piazzi CED - Sistemi COMET s.p.a. Via Michelino, 105 - 40127 Bologna - Italia Tel. +39 xxx.xxxx.xxx Cell. +39 xxx.xx.xx.xxx Web: www.gruppocomet.it It's probably not a wise idea to post his numbers in a public forum without his approval. I've edited them out. S...
by smyers119
21 Sep 2020 10:54
Forum: How-to
Topic: Plugins page updated
Replies: 9
Views: 7507

Re: Plugins page updated

MXPF can be downloaded here
by smyers119
21 Sep 2020 10:52
Forum: How-to
Topic: Plugins page updated
Replies: 9
Views: 7507

Re: Plugins page updated

HEre's his contact information

Code: Select all

Nicola Piazzi
CED - Sistemi
COMET s.p.a.
Via Michelino, 105 - 40127 Bologna - Italia
Tel.  +39 xxx.xxxx.xxx
Cell. +39 xxx.xx.xx.xxx
Web: www.gruppocomet.it

by smyers119
18 Sep 2020 13:31
Forum: How-to
Topic: efa blocks acknowledgment of reading from the mailjet tool
Replies: 1
Views: 1686

Re: efa blocks acknowledgment of reading from the mailjet tool

Web bug / Web Beacon / Mail bug's (whatever you wqant to call them) are defused in eFa. you will need to make an exception for your mailjet

You'll need to use the "ignored web bug filenames" to bypass this in mailscanner
by smyers119
12 Sep 2020 17:07
Forum: How-to
Topic: Use multiple recipient delimiters
Replies: 6
Views: 3889

Re: Use multiple recipient delimiters

If that is not the problem then post the log, maybe "propagate_unmatched_extensions" is messing you up? (if its even configured) (I don't have eFa in front of me to investigate myself)
by smyers119
12 Sep 2020 16:58
Forum: How-to
Topic: Use multiple recipient delimiters
Replies: 6
Views: 3889

Re: Use multiple recipient delimiters

Did you check what version postfix is running. It only supports multiple delimiters in 2.11 and later
by smyers119
12 Sep 2020 16:50
Forum: How-to
Topic: Use multiple recipient delimiters
Replies: 6
Views: 3889

Re: Use multiple recipient delimiters

Why are you messing with the recipient delimiter at the spam gateway level? That sounds like a job for the Mail Server, the spam gateway should just be passing it on as it is.
by smyers119
10 Sep 2020 14:50
Forum: How-to
Topic: How-to Prevent external sender spoofing to EFA
Replies: 18
Views: 83099

Re: How-to Prevent external sender spoofing to EFA

Clever, clever indeed From: "Antonio Figueira <antonio.figueira@example.org>" <bill@example.com> SpamAssassin has a plugin just for this... https://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Plugin_FromNameSpoof.txt Looks like we better mainline this one into eFa. I just tes...
by smyers119
01 Sep 2020 10:07
Forum: How-to
Topic: Problems signing outbound DKIM - Solved
Replies: 4
Views: 5310

Re: Problems signing outbound DKIM

Try adding the internal IP of the eFa aka 192.168.1.x to TrustedHosts
by smyers119
26 Aug 2020 00:07
Forum: How-to
Topic: whitelist ip range
Replies: 5
Views: 3672

Re: whitelist ip range

148.105.0.0/16 would be it in as 148.105.
Thes other to need to be put in as seperate /24's aka

205.201.128.
205.201.129.
etc
etc