Search found 2593 matches

by shawniverson
19 Sep 2018 19:20
Forum: 3.x How-to
Topic: How to check Message Listing from terminal
Replies: 3
Views: 67

Re: How to check Message Listing from terminal

Try this:

Code: Select all

wget https://raw.githubusercontent.com/mailwatch/MailWatch/1.2/upgrade.php
chmod +x upgrade.php
sudo ./upgrade.php
by shawniverson
19 Sep 2018 09:46
Forum: 3.x How-to
Topic: Releasing blocked files
Replies: 2
Views: 20

Re: Releasing blocked files

Do you have exceptions for localhost as described here?

https://docs.mailwatch.org/using/faq.html

Also, are you using the following in /var/www/html/mailscanner/conf.php to send content as an attachment? (required for attachments)...

Code: Select all

define('QUARANTINE_USE_SENDMAIL', false);
by shawniverson
18 Sep 2018 21:46
Forum: 3.x Bugs
Topic: Database issue not assigning token.
Replies: 3
Views: 124

Re: Database issue not assigning token.

Yeah, that's why that script is deprecated and going away... So there is a token for the email IDs in the SQL maillog table, just not in the report? Just Mondays? Are you on 3.0.2.6? I want to try to reproduce this problem. The token is important to prevent someone from exploiting the message releas...
by shawniverson
15 Sep 2018 19:43
Forum: Discussion
Topic: SPF issue from internal senders
Replies: 3
Views: 108

Re: SPF issue from internal senders

Ah yes, it was opendmarc, :roll: :oops: not SA.
by shawniverson
14 Sep 2018 10:39
Forum: Discussion
Topic: [URGENT] Requeue (process again) all the email blocked in the last 12 hours
Replies: 1
Views: 57

Re: [URGENT] Requeue (process again) all the email blocked in the last 12 hours

Hi, You will need to use a script to accomplish this. The process.. 1) Gather all messages and place in a directory 2) Use a script to iterate through the files, extract the original recipient address, and call /usr/sbin/sendmail to requeue the message. #!/bin/bash pathname='/path/to/files/' for fil...
by shawniverson
09 Sep 2018 21:08
Forum: Discussion
Topic: ESET integration
Replies: 1
Views: 72

Re: ESET integration

A workaround for now would be to edit the esets-wrapper to exec the esets using sudo and to make an entry in the sudoers file based on the command issued in the wrapper. That way MailScanner is not elevated to root.
by shawniverson
09 Sep 2018 20:49
Forum: 3.x How-to
Topic: Howto block from AND to
Replies: 4
Views: 116

Re: Howto block from AND to

You can do this in the MailWatch GUI under black and white lists. Just enter the from and the to and specify blacklist and it will take effect either after restarting MailScanner or the next refresh (typically 15 minutes).
by shawniverson
08 Sep 2018 19:26
Forum: 3.x How-to
Topic: Howto block from AND to
Replies: 4
Views: 116

Re: Howto block from AND to

Just use a blacklist entry. You can specify both from and to.
by shawniverson
08 Sep 2018 19:25
Forum: Discussion
Topic: Quarantine Reports
Replies: 10
Views: 4123

Re: Quarantine Reports

The sql method should still be valid.
by shawniverson
08 Sep 2018 19:25
Forum: Discussion
Topic: Email Loop
Replies: 9
Views: 1622

Re: Email Loop

Did you remove the yara rules previously downloaded from /var/lib/clamav ?
by shawniverson
05 Sep 2018 00:56
Forum: 3.x Bugs
Topic: New Install Issue
Replies: 3
Views: 208

Re: New Install Issue

That is a sign of trouble.
What are you seeing in /var/log/maillog?
by shawniverson
05 Sep 2018 00:54
Forum: 3.x How-to
Topic: Filtering based on both subject and recipient
Replies: 3
Views: 48

Re: Filtering based on both subject and recipient

I'm thinking about this, since it is indirectly relayed, this becomes challenging. It may be possible to create a ruleset in spamassassin that could check the ip addresses and subject, perhaps assigning a high score to emails destined outside the organization, thereby quarantining the emails.
by shawniverson
03 Sep 2018 14:45
Forum: Discussion
Topic: Some clever spoofing
Replies: 7
Views: 198

Re: Some clever spoofing

So, I'm assuming that 'ifoodpacking.com.mx' is not you, so the sender is technically not lying about being you, in the sense that the envelope from is ''ifoodpacking.com.mx' so sender access restrictions are bypassed. What is tripping up postfix and mailscanner, as you point out, is the deliberately...
by shawniverson
03 Sep 2018 11:16
Forum: Discussion
Topic: Some clever spoofing
Replies: 7
Views: 198

Re: Some clever spoofing

I would need to see a sanitized message header and scan report.
by shawniverson
03 Sep 2018 11:15
Forum: 3.x How-to
Topic: Filtering based on both subject and recipient
Replies: 3
Views: 48

Re: Filtering based on both subject and recipient

A simpler solution may be to use whitelists and blacklists. Whitelisting overrides blacklisting, so... If your MFP is relaying via the appliance... From: ip_of_mfp To: default --> blacklist From: ip_of_mfp To: example.org --> whitelist This would block all attempts to send outside the domain of exam...
by shawniverson
02 Sep 2018 15:24
Forum: 3.x Bugs
Topic: Drugs_muscle false positive
Replies: 1
Views: 113

Re: Drugs_muscle false positive

I would open a ticket with SA and override it in local.cf for the time being.

https://wiki.apache.org/spamassassin/WritingRules
by shawniverson
02 Sep 2018 15:23
Forum: 3.x How-to
Topic: How to integrate E.F.A 3.0.2.5 with Active Directory (windows 2012 r2)
Replies: 6
Views: 136

Re: How to integrate E.F.A 3.0.2.5 with Active Directory (windows 2012 r2)

Wait, you need the php7 version of this package...is it installed?

Code: Select all

rpm -qa | grep php-ldap
php-ldap-7.2.8-1.el6.remi.x86_64
by shawniverson
01 Sep 2018 14:32
Forum: 3.x How-to
Topic: How to integrate E.F.A 3.0.2.5 with Active Directory (windows 2012 r2)
Replies: 6
Views: 136

Re: How to integrate E.F.A 3.0.2.5 with Active Directory (windows 2012 r2)

Looks like you are missing php-ldap. try installing it.

Code: Select all

sudo yum install php-ldap
by shawniverson
01 Sep 2018 14:32
Forum: Discussion
Topic: Some clever spoofing
Replies: 7
Views: 198

Re: Some clever spoofing

Are you sure that's originating from the outside?
by shawniverson
27 Aug 2018 21:47
Forum: 3.x Bugs
Topic: Database issue not assigning token.
Replies: 3
Views: 124

Re: Database issue not assigning token.

Never, ever, use -t!

You could be releasing mail to everybody! Not just your own recipients!

Is the token really gone, or are the tokens expiring? Monday seems peculiar....
by shawniverson
19 Aug 2018 22:45
Forum: Announcements
Topic: eFa v4 Story
Replies: 0
Views: 672

eFa v4 Story

Although it may seem very quiet over here at eFa, I have been very busy on something very important for v4. MailScanner In order to ensure a long term viability for eFa, MailScanner, the core piece of software that is integrated into eFa, must be maintained. Without MailScanner, nothing else really ...