Search found 111 matches

by Justin
16 Aug 2021 10:20
Forum: How-to
Topic: How-To comply EFA with TLS Guidelines
Replies: 0
Views: 8422

How-To comply EFA with TLS Guidelines

Updated 17-09-2021

Comply EFA to IT Security Guidelines for Transport Layer Security (TLS) v2.1

This list contains the following in order to comply to the "IT Security Guidelines for Transport Layer Security (TLS) v2.1"
You can check your score/setting on https://en.internet.nl/ . Enter your ...
by Justin
15 Jul 2021 12:08
Forum: How-to
Topic: Massive spam attack - how to block?
Replies: 1
Views: 5247

Massive spam attack - how to block?

Hi all,

I'm currently receiving a lot of spam email all to my domain.
They are not originating from our IP, so SPF is doing it's job but i still have a lagging spamfilter due too all spam emails.
Just for the idea, my Milter Inbound hasnt dropped under 2000 all day.

https://i.imgur.com/rJ9M0ng ...
by Justin
13 Jul 2021 12:41
Forum: Discussion
Topic: Let's Encrypt is not auto-renewing
Replies: 1
Views: 19146

Let's Encrypt is not auto-renewing

Hi everyone,

I'm currently facing the following with two of my EFA machines. All the others are functioning corretly.
Let's Encrypt is not auto-renewing on these two hosts.

------
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache ...
by Justin
12 Jul 2021 08:10
Forum: Feature Requests
Topic: EFA4 Cluster?
Replies: 6
Views: 31127

Re: EFA4 Cluster?

Any news on this cluster function?
by Justin
12 May 2020 07:07
Forum: How-to
Topic: Blacklist To user
Replies: 0
Views: 5049

Blacklist To user

Hi there,

Is there a possibility to blacklist a To address?
We are receiving a big amount of spam in our filter and report to a mailbox which is not in use for years.
Blacklisting the From is not possible since it's empty for some reason and the IP's are constantly changing of this spammers ...
by Justin
04 May 2020 10:04
Forum: Feature Requests
Topic: EFA4 Cluster?
Replies: 6
Views: 31127

Re: EFA4 Cluster?

shawniverson wrote: 26 Nov 2019 22:43 Yep, in the works. Evaluating a candidate mailscanner admin interface to facilitate this currently.
Hi Shawn,

Any news on this topic? :D

Kind regards and stay safe!
by Justin
14 Feb 2020 08:03
Forum: Feature Requests
Topic: Outdated TLS
Replies: 2
Views: 4441

Outdated TLS

Since TLS 1.0 and TLS 1.1 will be phased out on March 2020, i would like to suggest removing/disabling it in EFA.

An additional request would be to integrate the Mozilla SSL Config list, which contains all the secure cihpers so you don't have to edit/remove them manually. (https://ssl-config ...
by Justin
27 Nov 2019 12:06
Forum: Feature Requests
Topic: EFA4 Cluster?
Replies: 6
Views: 31127

Re: EFA4 Cluster?

This is indeed a most-wanted function here, so i will be following it with pleasure.
Let me know if you need testers Shawn :dance:
by Justin
11 Nov 2019 14:04
Forum: 4.x Bugs
Topic: SSL uses self signed instead of Lets encrypt
Replies: 4
Views: 5109

Re: SSL uses self signed instead of Lets encrypt

kommunen wrote: 06 Nov 2019 07:56 That mx99.domain.nl certificate was automatically created when you installed EFA.

Its location is defined in /etc/postfix/main.cf . Look for smtpd_tls
Will this be overwritten by an update of eFa?
by Justin
11 Nov 2019 10:46
Forum: 4.x Bugs
Topic: EFA4.0 rc3 updates
Replies: 12
Views: 13876

Re: EFA4.0 rc3 updates

Just a small note with the first command

Instead of
sudo rm /etc/yum.repos.d/eFa4-Testing.repo

I had to use
sudo rm /etc/yum.repos.d/eFa4-testing.repo

Otherwise i receive a file/folder not found
by Justin
05 Nov 2019 10:09
Forum: 4.x Bugs
Topic: SSL uses self signed instead of Lets encrypt
Replies: 4
Views: 5109

Re: SSL uses self signed instead of Lets encrypt

After using the Let's Encrypt the certificate is correct.
How can i do this with my own certificates? Seems likethe certificates used on HTTPS are not the same used on Postfix/EFA
by Justin
05 Nov 2019 09:03
Forum: Discussion
Topic: Forward to email
Replies: 4
Views: 8027

Re: Forward to email

Instead of emailing it from EFA to a mailserver, directly to a mail adres like user@domain.nl
Like a catch-all emailbox
by Justin
05 Nov 2019 09:00
Forum: 4.x Bugs
Topic: SSL uses self signed instead of Lets encrypt
Replies: 4
Views: 5109

SSL uses self signed instead of Lets encrypt

Hi there,

I'm using "hardenize" and "STARTTLS Everywhere" to check all my domain records, and both are giving errors on my MX server.
I have a EFA 3.2.6 server and a EFA 4 RC3 server which both give the same error/result

For some reason the tools pick up a Self-Signed certificate, which i've never ...
by Justin
02 Sep 2019 08:57
Forum: Discussion
Topic: Forward to email
Replies: 4
Views: 8027

Forward to email

Hi there,

Would it be possible to forward all emails to a email address instead of a server?
What i mean is, adding a mailaddress to a domain in "Transport Mapping" instead of smtp:[server]

This way i could save a lot of "forwarder" Mailboxes on my Exchange, which saves licensing costs.

Kind ...
by Justin
03 May 2019 08:32
Forum: How-to
Topic: Enabling Auto Release Feature in 3.0.1.4
Replies: 13
Views: 43098

Re: Enabling Auto Release Feature in 3.0.1.4


I am contemplating the ability to support the postfix feature of recipient address verification.

http://www.postfix.org/ADDRESS_VERIFICATION_README.html

Combine that with a process that detects successful deliveries and grabs recipient addresses, it may be possible to automatically populate the ...
by Justin
03 May 2019 08:27
Forum: 4.x Bugs
Topic: eFa 4.0 RTM
Replies: 7
Views: 11540

Re: eFa 4.0 RTM

shawniverson wrote: 25 Apr 2019 22:33 Hi!

I was on vacation for a few. I'm wrapping things up to do the first release. :dance:

Yeah, so yes, it has been very quiet. :roll:
Enjoy your vacation!

One question
Any news on the synchronisation between multiple server?
by Justin
18 Apr 2019 12:18
Forum: 4.x Bugs
Topic: IPv6 disable bug
Replies: 1
Views: 2914

IPv6 disable bug

Hi there,

When i try to disable IPv6 on our system i get the following error:
/var/eFa/lib/eFa-Configure/func_ipsettings: line 94: Read: command not found
All done

Steps are as followed:
4) IP Settings --> 6) Disable IPv6 --> Error

Any idea how to solve this?
Our IPv6 implementation is ...
by Justin
04 Mar 2019 11:28
Forum: 4.x Bugs
Topic: Service unbound down
Replies: 6
Views: 6973

Re: Service unbound down

henk wrote: 04 Mar 2019 10:53 Check the values in /etc/eFa/eFa-Config

Do you use RC3? ( eFa-Configure -- DNS server entry throwing an error is a resolved issue viewtopic.php?f=19&t=3306
This file shows the 2 DNS records i need and added.
I use the latest version of this morning.
by Justin
04 Mar 2019 10:45
Forum: 4.x Bugs
Topic: Service unbound down
Replies: 6
Views: 6973

Re: Service unbound down


Yes. It shows the name server(s) that would be used to look up the name specified.

Just dig google.com multiple times. Query time should be 0 msec

The main question is: how did this happen ("though i added them with the setup")

Can you show the original /etc/unbound/conf.d/forwarders.conf, just ...
by Justin
04 Mar 2019 09:18
Forum: 4.x Bugs
Topic: Service unbound down
Replies: 6
Views: 6973

Re: Service unbound down


unbound-checkconf[29880:0] error: cannot parse forward . ip address: 'forward-addr:'

can you check?: cat /etc/unbound/conf.d/forwarders.conf

it should be something like this:
forward-zone:
name: "."
forward-addr: xxx.xxx.xxx.xxx
forward-first: yes


restart unbound after changing

test ...
by Justin
04 Mar 2019 07:48
Forum: 4.x Bugs
Topic: Service unbound down
Replies: 6
Views: 6973

Service unbound down

I keep receiving this error email after a few days.
Sadly, i cannot find the logfile which is needed to get more info.

-----
eFa Monitor ALERT


Service unbound down and restarted ( 3 attempts in past day, max attempts is 3 )

Please examine your eFa logs on mx99.domain.nl and resources to ...
by Justin
11 Feb 2019 09:07
Forum: 4.x Bugs
Topic: Exporting blacklist/whitelist
Replies: 3
Views: 5647

Re: Exporting blacklist/whitelist


Actually, this is so simple, it is probably easier just to make a little howto...

Step 1

Run these commands on the v3 as root


MYSQLPWD=$(grep MYSQLROOTPWD /etc/EFA-Config | sed -e 's/^.*://')
mysqldump --user=root --password=$MYSQLPWD mailscanner blacklist > list.sql
mysqldump --user=root ...
by Justin
08 Feb 2019 10:43
Forum: 4.x Bugs
Topic: Exporting blacklist/whitelist
Replies: 3
Views: 5647

Exporting blacklist/whitelist

Hi there,

Our backup EFA MX crashed, which wasnt used a lot anyway.
So i would like to setup a new one with v4.

How can i Export the blacklist/whitelist from my primary EFA MX v3 and import them in my clean EFA MX v4?
Found this topic, but i only want the two lists instead of the whole system ...
by Justin
28 Jan 2019 10:08
Forum: 4.x Bugs
Topic: Migration
Replies: 13
Views: 22222

Re: Migration

shawniverson wrote: 26 Jan 2019 20:25 Migration testers are needed!
Feel free to PM me.
I can clone my production VM to provide migration tests.
by Justin
11 Jan 2019 09:51
Forum: How-to
Topic: Only 66mb in VAR !!
Replies: 8
Views: 8298

Re: Only 66mb in VAR !!

I'm having the same issue at the moment.
44mb left on /var

/var/lib/mysql/mailscanner has a file name maillog.ibd which is 23.6 GB

Is there a way to shrink this?