Search found 2560 matches

by shawniverson
13 Jul 2018 19:24
Forum: Discussion
Topic: Quarantine
Replies: 6
Views: 128

Re: Quarantine

jfdesir wrote:
13 Jul 2018 19:11
A other question on quarantine:

Why a released email from quanrantine is seen coming from the admin email ?
That would be a MailWatch question. I'm guessing it does this to distinguish the mail as one that has been released.
by shawniverson
13 Jul 2018 19:22
Forum: Discussion
Topic: Quarantine
Replies: 6
Views: 128

Re: Quarantine

Code: Select all

sudo /usr/local/sbin/EFA-Configure
9) Spam Settings --> 1) Non-Spam Settings
by shawniverson
13 Jul 2018 18:49
Forum: 3.x How-to
Topic: Release spam without whitelist 127.0.0.1 default
Replies: 2
Views: 46

Re: Release spam without whitelist 127.0.0.1 default

I would probably set up a second lo interface, and have postfix listen on it instead.

Then you could have the whitelist on 127.0.0.1, and have another postfix worker working on 127.0.0.2
by shawniverson
12 Jul 2018 21:16
Forum: Discussion
Topic: Quarantine
Replies: 6
Views: 128

Re: Quarantine

It does all messages by default. You can change that behavior if you don't want it to keep a copy of clean messages.
by shawniverson
12 Jul 2018 21:15
Forum: Introduction
Topic: Hello from Guadeloupe
Replies: 1
Views: 95

Re: Hello from Guadeloupe

:text-welcomewave:
by shawniverson
12 Jul 2018 21:14
Forum: 3.x How-to
Topic: New virus difficoutl to catch
Replies: 3
Views: 58

Re: New virus difficoutl to catch

Are the content similar? You could identify it using a custom signature perhaps?
by shawniverson
12 Jul 2018 08:41
Forum: 3.x Bugs
Topic: message quarantine report - error sending validation failed for EFA
Replies: 3
Views: 139

Re: message quarantine report - error sending validation failed for EFA

Are email addresses defined for your users? The usernames need to be in the form of email addresses.
by shawniverson
12 Jul 2018 08:39
Forum: 3.x Feature Requests
Topic: E.F.A. 4 release date
Replies: 1
Views: 189

Re: E.F.A. 4 release date

A few things still left to do before initial release: Finish eFaInit GUI (complete https://github.com/E-F-A/v4/projects/2 ) Fork clamav-unofficial-sigs and fix some issues here Create a migration tool for eFa3 to allow transfer to eFa4 This will result in a pretty plain eFa4 system. It will be an ea...
by shawniverson
11 Jul 2018 09:56
Forum: 3.x How-to
Topic: New virus difficoutl to catch
Replies: 3
Views: 58

Re: New virus difficoutl to catch

Can you identify the attachment somehow in MailScanner?

SpamAssassin won't remove attachments. I'm not sure there is some way to inform MailScanner to remove the attachment via SA....
by shawniverson
07 Jul 2018 12:08
Forum: 3.x How-to
Topic: mlsend dns spoofing on eFA
Replies: 6
Views: 106

Re: mlsend dns spoofing on eFA

Unless your eFa is compromised (which I doubt), the only time such a domain lookup should occur is when emails are being scanned or relayed. A simple test would be to stop MailScanner and postfix temporarily and see if the lookups stop. If they do, something is being scanned or evaluated that is tri...
by shawniverson
07 Jul 2018 12:04
Forum: 3.x Bugs
Topic: message quarantine report - error sending validation failed for EFA
Replies: 3
Views: 139

Re: message quarantine report - error sending validation failed for EFA

Check your /var/www/html/mailscanner/conf.php file and make sure the email addresses defined there are real email addresses and not the "EFA - Email Filter Appliance <>" string.
by shawniverson
04 Jul 2018 14:43
Forum: 3.x How-to
Topic: mlsend dns spoofing on eFA
Replies: 6
Views: 106

Re: mlsend dns spoofing on eFA

Also, do the contents of any emails received at the time of these logs contain "click.mlsend.com" in them? Also, do you have any deferred queue emails that may contain something interesting? (Want to rule out that you are receiving junk/phishing email that is triggering lookups during scanning and d...
by shawniverson
04 Jul 2018 14:36
Forum: 3.x How-to
Topic: mlsend dns spoofing on eFA
Replies: 6
Views: 106

Re: mlsend dns spoofing on eFA

Ok, what about some other logs? Do you see this same domain anywhere else in the system? i.e. /var/log/maillog?
by shawniverson
02 Jul 2018 20:17
Forum: 3.x How-to
Topic: mlsend dns spoofing on eFA
Replies: 6
Views: 106

Re: mlsend dns spoofing on eFA

Which log are you seeing this, and do you have an example entry? I'm curious what is possibly generating this.
by shawniverson
16 Jun 2018 21:58
Forum: Announcements
Topic: Advisory: eFa-3.0.2.6 and manual patching
Replies: 0
Views: 661

Advisory: eFa-3.0.2.6 and manual patching

To All, Please be advised that I will reject assisting others with any issues that result from manually patching to 3.0.2.6. Not to be confused with yum update, that is okay. :D You have been warned. :ugeek: An issue has been found manually updating MailScanner on eFa 3.0.2.6. You will end up with a...
by shawniverson
05 Jun 2018 19:36
Forum: Discussion
Topic: letsencrypt problem
Replies: 14
Views: 823

Re: letsencrypt problem

Based on that output, besides the script having poor error handling, which I will address in v4, certbot is having trouble validating your site.

Do you have port 80 open so that it can perform the verification?
by shawniverson
03 Jun 2018 08:45
Forum: Discussion
Topic: letsencrypt problem
Replies: 14
Views: 823

Re: letsencrypt problem

Those having trouble, please do the following and report back: sudo mv /var/EFA/lib/EFA-Configure/func_letsencrypt /var/EFA/lib/EFA-Configure/func_letsencrypt.bak sudo wget -O /var/EFA/lib/EFA-Configure/func_letsencrypt https://raw.githubusercontent.com/E-F-A/v3/3.0.2.6/build/EFA/lib-EFA-Configure/f...
by shawniverson
01 Jun 2018 19:42
Forum: 3.x Bugs
Topic: build using kickstarter fails
Replies: 6
Views: 473

Re: build using kickstarter fails

Still down :( I tried to build myself and couldn't myself. If I don't hear back from darky83, I'll update the kickstart script to point to a different CentOS repo.
by shawniverson
01 Jun 2018 19:11
Forum: Discussion
Topic: letsencrypt problem
Replies: 14
Views: 823

Re: letsencrypt problem

Hi,

Let me spin up an instance and see what is going wrong. I'm sure the script has a few issues...
by shawniverson
01 Jun 2018 19:06
Forum: 3.x Bugs
Topic: Apache Wont start after upgrade to 3.0.2.6
Replies: 3
Views: 340

Re: Apache Wont start after upgrade to 3.0.2.6

Just remove the offending line from the file.
by shawniverson
29 May 2018 21:53
Forum: Discussion
Topic: block deny extension in .zip or .rar file
Replies: 11
Views: 463

Re: block deny extension in .zip or .rar file

So far I am unable to reproduce, but I am on a natively built appliance. Which version did you upgrade from, so that I can follow the same path?
by shawniverson
27 May 2018 20:12
Forum: 3.x Bugs
Topic: build using kickstarter fails
Replies: 6
Views: 473

Re: build using kickstarter fails

Looks like the mirror is down at the moment. I'll check it out.