efa-project.org

Glad that you solve the problem.
Shawn Iverson have posted about this, it's worth to try...

viewtopic.php?t=5360

Please, full backup before doing that.

BR

I think that is not a bug, there is something on your configuration.

There might be some info from gmail bounce error message, a reason why delivery error appears, but be patient it takes time from gmail to give an error message.

Check your firewall, disable first and try again
Then check your ...

Your method above is blocking at smtp level, although it is not recommended because eFa has a spamassassin (please read from the page you provided).

But i assume that you already got registered DQS key, remove the comma at the end of each record (except if you put it all in one line)

BR

CMIIW,

Is it because Linux filename limit is 255 characters?

So, when you limit it with 240 then you have 15 characters left for pathname...

BR

Could it be something on /etc/MailScanner/filename.rules.conf: And change deny to allow?
systemctl restart mailscanner
BR

Try this:

I would like to expand this discussion

Based on information from the Spamhaus Project:
NOTE: If you use Postfix with Rspamd or SpamAssassin, you should not configure rejections at the SMTP level. Instead, use a milter and let SpamAssassin or Rspamd do the filtering. We recommended this because ...

Hi..

ms-update-phishing works for me to update phishing sites

Could you please check file permission on that /etc/MailScanner directory
-rw-r--r--. 1 root root 1523182 Aug 18 19:55 phishing.bad.sites.conf
-rw-r--r--. 1 root root 1522982 Aug 18 19:55 phishing.bad.sites.conf.master
-rw-r--r--. 1 ...

eFa doesn't use spamd, disable it and save the resources it is using. MailScanner calls spamassassin directly. The path is wrong because spamd was never intended to be running.


Hi Shawn,
All this time I thought that spamassassin service should always run on eFa5, and then read your post that ms ...

Hi,

My local.cf from eFa v4, cek permission first:
1)
[root@mx spamassassin]# ls -l local.cf
-rw-r--r--. 1 root root 10854 Jun 23 20:40 local.cf

2)
[root@mx ~]# spamassassin --lint
Need to edit your rules if error appears

3)
[root@mx ~]# sa-update
[root@mx ~]# sa-compile
[root@mx ...

It is Rocky Linux 9.4

Yesterday, fresh install with eFa 5.0.0-8 and milter doesn't start on boot

First, i though there was race condition with another service but when i check milter status it is inactive.

TIA,
Aryfir

You can use rocky linux 9.4 or almalinux 9.4, the reason I don't use centos stream cause it provides a rolling preview of RHEL updates and features before release and changes much faster will occur (Some says that it is not for production server)

Recently, i fresh installed rocky 9.4 with a new eFa ...

Hi Shawn,

Upgrade from testing to eFa Released 5.0.0-7:
sudo rm -f /etc/yum.repos.d/eFa5-test.repo
sudo curl -L https://dl.efa-project.org/rpm/eFa5/centos9/eFa5-release.repo -o /etc/yum.repos.d/eFa5-release.repo
sudo dnf clean all
sudo dnf update

There was an update of mailscanner/mailwatch? Can ...

I would like to discuse this also, it might be useful for others

if there is one ip address but it is used by many domains for example 22.33.44.55 is using by a.com, b.net, c.org
I would put 22.33.44 in: /etc/sqlgrey/clients_ip_whitelist.local
This IP will never be greylisted starting from 22.33 ...

Mine is working, did you enable the quarantine report flag for the users in MailWatch?

Screenshot from 2024-05-12 09-36-00.png


Sorry Shawn, my bad.... Feels stupid about it

Thats the reason also why when i execute /usr/bin/mailwatch/tools/Cron Jobs/mailwatch_quarantine_report.php there is no ...

Hi Shawn,

I've been testing for the last 3 days, there are a few issues I'd like to report:

1). ClamAV does not update automatically so I have to run freshclam manually

2). Quarantine Report is useful for detecting false positive spam, I have changed the email address in /var/www/html/mailscanner ...

Thank you very much for the hints,

I am just hesitant, cause the word of dev is little bit scary that means whole package is still under heavy development.

If Mr. Shawn Iverson release it under testing then i feel much relieve :D

But anyway,........You only live once.... i will try tomorrow

TIA ...

Got a chance to try eFa version 5 on VM

Install it using Rocky 9.3 and AlmaLinux 9.4, both of them have similar error:

2024.05.07-16:18:16 - System Updated
2024.05.07-16:18:16 - Installing eFa packages (This can take a while)
Last metadata expiration check: 0:00:02 ago on Tue May 7 16:18:14 2024 ...

Hi,

How many email domain (mail server) go through EFA?

Based on my experience, if you have created and set DKIM, SPF and even DMARC on your Authoritative DNS server, then you don't need to set DKIM on EFA box.

Moreover, if you have various email domains that pass through the EFA, then the ...

When I read a news a few months ago, that Rocky, Oracle and OpenSUSE joined OpenELA to develop Enterprise Linux, I thought that this was the most suitable operating system for EFA.

https://openela.org

I honestly admit that I choose Debian as the OS for EFA in the future, but considering that ...

What about using only one line on your filename.rules.conf:
allow \.shp\.xml$ - -
(the spaces between the fields must be TAB characters and not SPACES)
and delete the others (prevents MailScanner from having problems)

CMIIW, if your file is on rar, add that line too on archives.filename.rules.conf

Hi,

Since i dont know how many SORBS score you have and i assume that your matching rule of SORBS is RCVD_IN_SORBS;

Put this on your local.cf

header GMAIL_TLD From =~ /(gmail.com)/i
describe GMAIL_TLD Gmail Trusted
score GMAIL_TLD 0.0

meta CUSTOM_GMAIL_WHLST (GMAIL_TLD + RCVD_IN_SORBS ...

Do you mind to tell us how do you setup your EFA Box to your exchange server?

Is that issue of STARTTLS coming from your exchange server or your MUA (user mail client)?

BR
Ary

Thats answering me, that you open port 587 to the outside and somebody brute force trying to make your EFA Box as SMTP Relay and your secure log is generating error report. Or you open port 587 cause you use authentication level on your mailserver to communicate to your EFA Box for outbound ...

Okay clear then,

If from beginning i knew that you are using outgoing smarthost in front of your EFA Box, i won't continue to argue on this topic. I know that Postfix do not have authentication framework so it use Dovecot SASL (or Cyrus SASL) but i was kept scratch my head, try to understand what ...