Search found 34 matches

by Aryfir
04 Jan 2025 15:41
Forum: How-to
Topic: How to deletemail queue
Replies: 2
Views: 1348

Re: How to deletemail queue

Try this:

Code: Select all

postsuper -d ALL
by Aryfir
04 Jan 2025 15:38
Forum: Discussion
Topic: EFA's incorrect handling of zen.spamhaus.org
Replies: 4
Views: 5864

Re: EFA's incorrect handling of zen.spamhaus.org

I would like to expand this discussion Based on information from the Spamhaus Project: NOTE: If you use Postfix with Rspamd or SpamAssassin, you should not configure rejections at the SMTP level. Instead, use a milter and let SpamAssassin or Rspamd do the filtering. We recommended this because both ...
by Aryfir
18 Aug 2024 14:48
Forum: Discussion
Topic: Does MailScnner safe sites conf take prededence over bad sites?
Replies: 4
Views: 8493

Re: Does MailScnner safe sites conf take prededence over bad sites?

Hi.. ms-update-phishing works for me to update phishing sites Could you please check file permission on that /etc/MailScanner directory -rw-r--r--. 1 root root 1523182 Aug 18 19:55 phishing.bad.sites.conf -rw-r--r--. 1 root root 1522982 Aug 18 19:55 phishing.bad.sites.conf.master -rw-r--r--. 1 root ...
by Aryfir
14 Jul 2024 05:48
Forum: 5.x Bugs
Topic: Razor/DCC
Replies: 3
Views: 4052

Re: Razor/DCC

eFa doesn't use spamd, disable it and save the resources it is using. MailScanner calls spamassassin directly. The path is wrong because spamd was never intended to be running. Hi Shawn, All this time I thought that spamassassin service should always run on eFa5, and then read your post that ms cal...
by Aryfir
10 Jul 2024 13:41
Forum: 5.x Bugs
Topic: Spamassassin local.cf ignored
Replies: 7
Views: 5392

Re: Spamassassin local.cf ignored

Hi, My local.cf from eFa v4, cek permission first: 1) [root@mx spamassassin]# ls -l local.cf -rw-r--r--. 1 root root 10854 Jun 23 20:40 local.cf 2) [root@mx ~]# spamassassin --lint Need to edit your rules if error appears 3) [root@mx ~]# sa-update [root@mx ~]# sa-compile [root@mx ~]# systemctl resta...
by Aryfir
13 Jun 2024 03:12
Forum: 5.x Bugs
Topic: milter service don't start
Replies: 2
Views: 3194

Re: milter service don't start

It is Rocky Linux 9.4

Yesterday, fresh install with eFa 5.0.0-8 and milter doesn't start on boot

First, i though there was race condition with another service but when i check milter status it is inactive.

TIA,
Aryfir
by Aryfir
12 Jun 2024 03:42
Forum: Discussion
Topic: eFa V5 - Preferred Distro
Replies: 3
Views: 5515

Re: eFa V5 - Preferred Distro

You can use rocky linux 9.4 or almalinux 9.4, the reason I don't use centos stream cause it provides a rolling preview of RHEL updates and features before release and changes much faster will occur (Some says that it is not for production server) Recently, i fresh installed rocky 9.4 with a new eFa ...
by Aryfir
11 Jun 2024 11:51
Forum: 5.x Bugs
Topic: milter service don't start
Replies: 2
Views: 3194

milter service don't start

Hi Shawn, Upgrade from testing to eFa Released 5.0.0-7: sudo rm -f /etc/yum.repos.d/eFa5-test.repo sudo curl -L https://dl.efa-project.org/rpm/eFa5/centos9/eFa5-release.repo -o /etc/yum.repos.d/eFa5-release.repo sudo dnf clean all sudo dnf update There was an update of mailscanner/mailwatch? Can't r...
by Aryfir
18 May 2024 19:52
Forum: Discussion
Topic: GreyListing whitelist
Replies: 13
Views: 12598

Re: GreyListing whitelist

I would like to discuse this also, it might be useful for others if there is one ip address but it is used by many domains for example 22.33.44.55 is using by a.com, b.net, c.org I would put 22.33.44 in: /etc/sqlgrey/clients_ip_whitelist.local This IP will never be greylisted starting from 22.33.44....
by Aryfir
13 May 2024 14:59
Forum: Discussion
Topic: HowTo test EFAv5
Replies: 57
Views: 47248

Re: HowTo test EFAv5

Mine is working, did you enable the quarantine report flag for the users in MailWatch? Screenshot from 2024-05-12 09-36-00.png Sorry Shawn, my bad.... Feels stupid about it Thats the reason also why when i execute /usr/bin/mailwatch/tools/Cron Jobs/mailwatch_quarantine_report.php there is no respon...
by Aryfir
11 May 2024 17:57
Forum: Discussion
Topic: HowTo test EFAv5
Replies: 57
Views: 47248

Re: HowTo test EFAv5

Hi Shawn, I've been testing for the last 3 days, there are a few issues I'd like to report: 1). ClamAV does not update automatically so I have to run freshclam manually 2). Quarantine Report is useful for detecting false positive spam, I have changed the email address in /var/www/html/mailscanner/co...
by Aryfir
07 May 2024 14:30
Forum: Discussion
Topic: HowTo test EFAv5
Replies: 57
Views: 47248

Re: HowTo test EFAv5

Thank you very much for the hints, I am just hesitant, cause the word of dev is little bit scary that means whole package is still under heavy development. If Mr. Shawn Iverson release it under testing then i feel much relieve :D But anyway,........You only live once.... i will try tomorrow TIA, Ary...
by Aryfir
07 May 2024 09:50
Forum: Discussion
Topic: HowTo test EFAv5
Replies: 57
Views: 47248

Re: HowTo test EFAv5

Got a chance to try eFa version 5 on VM Install it using Rocky 9.3 and AlmaLinux 9.4, both of them have similar error: 2024.05.07-16:18:16 - System Updated 2024.05.07-16:18:16 - Installing eFa packages (This can take a while) Last metadata expiration check: 0:00:02 ago on Tue May 7 16:18:14 2024. Er...
by Aryfir
19 Feb 2024 05:47
Forum: How-to
Topic: How to Setup DomainKeys (DKIM) with Postfix on EFA 4
Replies: 3
Views: 39789

Re: How to Setup DomainKeys (DKIM) with Postfix on EFA 4

Hi, How many email domain (mail server) go through EFA? Based on my experience, if you have created and set DKIM, SPF and even DMARC on your Authoritative DNS server, then you don't need to set DKIM on EFA box. Moreover, if you have various email domains that pass through the EFA, then the reputatio...
by Aryfir
16 Nov 2023 02:45
Forum: Discussion
Topic: EFA future Roadmap
Replies: 8
Views: 38915

Re: EFA future Roadmap

When I read a news a few months ago, that Rocky, Oracle and OpenSUSE joined OpenELA to develop Enterprise Linux, I thought that this was the most suitable operating system for EFA. https://openela.org I honestly admit that I choose Debian as the OS for EFA in the future, but considering that Debian ...
by Aryfir
15 Nov 2023 15:55
Forum: How-to
Topic: Attempt to hide real filename extension problem
Replies: 4
Views: 16344

Re: Attempt to hide real filename extension problem

What about using only one line on your filename.rules.conf: allow \.shp\.xml$ - - (the spaces between the fields must be TAB characters and not SPACES) and delete the others (prevents MailScanner from having problems) CMIIW, if your file is on rar, add that line too on archives.filename.rules.conf
by Aryfir
25 Mar 2023 03:58
Forum: How-to
Topic: SORBS
Replies: 3
Views: 2295

Re: SORBS

Hi, Since i dont know how many SORBS score you have and i assume that your matching rule of SORBS is RCVD_IN_SORBS; Put this on your local.cf header GMAIL_TLD From =~ /(gmail.com)/i describe GMAIL_TLD Gmail Trusted score GMAIL_TLD 0.0 meta CUSTOM_GMAIL_WHLST (GMAIL_TLD + RCVD_IN_SORBS) describe CUST...
by Aryfir
07 Oct 2022 13:02
Forum: How-to
Topic: Enable TLS 1.3 on efa
Replies: 6
Views: 3235

Re: Enable TLS 1.3 on efa

Do you mind to tell us how do you setup your EFA Box to your exchange server?

Is that issue of STARTTLS coming from your exchange server or your MUA (user mail client)?

BR
Ary
by Aryfir
20 Aug 2022 18:24
Forum: How-to
Topic: Limit login to localhost
Replies: 21
Views: 39889

Re: Limit login to localhost

Thats answering me, that you open port 587 to the outside and somebody brute force trying to make your EFA Box as SMTP Relay and your secure log is generating error report. Or you open port 587 cause you use authentication level on your mailserver to communicate to your EFA Box for outbound. [snip]...
by Aryfir
19 Aug 2022 05:29
Forum: How-to
Topic: Limit login to localhost
Replies: 21
Views: 39889

Re: Limit login to localhost

Okay clear then, If from beginning i knew that you are using outgoing smarthost in front of your EFA Box, i won't continue to argue on this topic. I know that Postfix do not have authentication framework so it use Dovecot SASL (or Cyrus SASL) but i was kept scratch my head, try to understand what th...
by Aryfir
18 Aug 2022 16:01
Forum: How-to
Topic: Limit login to localhost
Replies: 21
Views: 39889

Re: Limit login to localhost

Ooo Wow, Thats answering me, that you open port 587 to the outside and somebody brute force trying to make your EFA Box as SMTP Relay and your secure log is generating error report. Or you open port 587 cause you use authentication level on your mailserver to communicate to your EFA Box for outbound...
by Aryfir
18 Aug 2022 14:06
Forum: How-to
Topic: Limit login to localhost
Replies: 21
Views: 39889

Re: Limit login to localhost

Thankyou pdwalker, I'm thinking like conventional mail server, Postfix SMTP server uses Dovecot SASL, and this Dovecot SASL Authentication to authenticate/validate POP/IMAP clients. CMIIW is that because the op open port dovecot to the outside on his Efa Box, that is why he saw authentication failur...
by Aryfir
17 Aug 2022 15:52
Forum: How-to
Topic: Limit login to localhost
Replies: 21
Views: 39889

Re: Limit login to localhost

Interesting, and please bear with me guys. I dont understand this "dovecot is just acting as the authenticator" to the EFA Box. In my mind it come across of another concept of how to protect EFA Box or secure sent/received email from sentence above, or there is another concept of that? In ...
by Aryfir
17 Aug 2022 08:27
Forum: How-to
Topic: Limit login to localhost
Replies: 21
Views: 39889

Re: Limit login to localhost

Just want to make clear here, since the op said that he use EFA as a mail gateway. I use efa pure as a mail gateway (with 8 mailserver behind) and open port to the outside world is based on https://wiki.efa-project.org/doku.php?id=firewall_ports, and for 2 years i've never saw log report like that b...
by Aryfir
06 Jun 2022 12:16
Forum: Discussion
Topic: eFa Filter sudden restarts
Replies: 18
Views: 11098

Re: eFa Filter sudden restarts

Thats weird, your unbound cannot probe only to master K.ROOT-SERVERS.NET? What about A,B,C....M.ROOT-SERVERS.NET?

Try to ping K.ROOT-SERVERS.NET on IPv4 193.0.14.129 or IPv6 2001:7fd::1, and see if you can reach that.

And also try to update your unbound root.hints