Search found 24 matches

by heronimus
03 Oct 2017 13:56
Forum: Discussion
Topic: SPF not working
Replies: 12
Views: 4792

Re: SPF not working

I just figured it out. You need to put this at the end of /etc/mail/spamassassin/local.cf file: ifplugin Mail::SpamAssassin::Plugin::SPF score SPF_FAIL 0 0 0 9.50 score SPF_SOFTFAIL 0 0 0 7.50 score SPF_HELO_FAIL 0 0 0 1.00 score SPF_HELO_SOFTFAIL 0 0 0 0.50 endif # Mail::SpamAssassin::Plugin::SPF ...
by heronimus
03 Oct 2017 12:49
Forum: 3.x How-to
Topic: SQLGrey - Greylisting Improvements with SPF\DNSWL
Replies: 15
Views: 5218

Re: SQLGrey - Greylisting Improvements with SPF\DNSWL

shawniverson wrote:
04 Oct 2015 08:14
:text-goodpost:

Going to see about pulling this in :)

https://github.com/E-F-A/v3/issues/213
I can't wait for version 3.1.0.0 :think:
Meanwhile i lost the Greylist improvement because i reïnstalled EFA :?
by heronimus
09 Aug 2017 15:17
Forum: 3.x Bugs
Topic: Message tracking
Replies: 7
Views: 2345

Re: Message tracking

I also remember seeing that info but couldn't find it with newer EFA versions. I applied your solution but still can't find it. Where exactly should I be looking? I thought I remembered last seeing this info when opening an email in EFA, somewhere above the SA score but its still not ehre even thou...
by heronimus
03 Aug 2017 10:26
Forum: 3.x Bugs
Topic: Message tracking
Replies: 7
Views: 2345

Re: Message tracking

Confirmed bug. Problem is on line 39 of /usr/local/bin/mailwatch/tools/Postfix_relay/mailwatch_postfix_relay.php $pathToMailscannerDir = '/opt/mailwatch/mailscanner/'; Change this to $pathToMailscannerDir = '/var/www/html/mailscanner/'; Thank you Shawniverson! I can confirm that the solution you ga...
by heronimus
02 Aug 2017 08:05
Forum: 3.x Bugs
Topic: Message tracking
Replies: 7
Views: 2345

Message tracking

( I'm sorry in advance if this question is already answered, but i can't find it in the forums here and the search engine doesn't allow me to search for some keywords). In the past i could see the mailprocessing of send messages in the GUI; the mailserver which has accepted the outgoing mail, time e...
by heronimus
03 Feb 2016 14:43
Forum: 3.x How-to
Topic: update best practice
Replies: 3
Views: 1756

Re: update best practice

shawniverson wrote:At this point I would wait. 3.0.0.9 will fully support yum update with exceptions defined internally, to make updating easier in combination with EFA-Update.
Do you know when EFA 3.0.0.9 update is planned?

Kind regards,
Heronimus
by heronimus
13 Jan 2016 10:18
Forum: 3.x How-to
Topic: SPAM report : too large
Replies: 5
Views: 2059

Re: SPAM report : too large

Also, by default, no rules are defined in /etc/MailScanner/rules/max.message.size.rules, so there shouldn't be a limit imposed Just to be sure, i examined the config file, it has only 1 rule: FromOrTo: default 20480000 So, do you happen to have a full spam report of a blocked message you can share?...
by heronimus
05 Jan 2016 13:43
Forum: 3.x How-to
Topic: SPAM report : too large
Replies: 5
Views: 2059

Re: SPAM report : too large

In /var/log/messages is see this error line. (Its around that time that mailscanner reports "too large".)

I don't know if this has something to do with it.

Jan 5 12:20:13 mail2 clamd[1460]: lstat() failed on: /var/spool/MailScanner/incoming/25942/1387E12085F.AF86F/tnefwqveiq
by heronimus
05 Jan 2016 11:45
Forum: 3.x How-to
Topic: SPAM report : too large
Replies: 5
Views: 2059

SPAM report : too large

Dear readers, Our max message size is 25MB. If a message exceeds this limit, the sender receives an error message. However, sometimes a message is accepted by EFA, but internally dropped by SPAM filter. In the webportal i see something like "too large". In this rarely case no-one receives a mail; so...
by heronimus
08 Dec 2015 08:17
Forum: 3.x Bugs
Topic: sqlgrey: fatal
Replies: 1
Views: 1268

Re: sqlgrey: fatal

In addition to my previous post:
Blacklisting the IP address in EFA seems not te be enough: before the blacklist is checked, sqlgrey does its thing and crashes on the connections with this specific IP address. I now blacklisted it in the firewall.
by heronimus
07 Dec 2015 09:39
Forum: 3.x Bugs
Topic: sqlgrey: fatal
Replies: 1
Views: 1268

sqlgrey: fatal

Dear all, EFA sometimes stops accepting mail. In a SMTP session, we see: 451 4.3.5 Server configuration problem I examined the logfiles in /var/log. In logfile messages, i see the following error: sqlgrey: fatal: sender domain should be an FQDN, not an address literal at /usr/share/perl5/vendor_perl...
by heronimus
04 Nov 2015 08:25
Forum: 3.x How-to
Topic: How to setup BitDefender or other AV
Replies: 12
Views: 4579

Re: How to setup BitDefender or other AV

Last two weeks we had several infected mail messages, not recognized by ClamAV. Replacing CLAMAV with a commercial AV has our interest.
by heronimus
12 Oct 2015 15:07
Forum: Discussion
Topic: Handling Spammy IP Addresses / Address Blocks
Replies: 5
Views: 2740

Re: Handling Spammy IP Addresses / Address Blocks

Reading this thread, i checked the domains you mentioned. Most of them don't have a spf record.
by heronimus
06 Oct 2015 14:12
Forum: 3.x How-to
Topic: SQLGrey - Greylisting Improvements with SPF\DNSWL
Replies: 15
Views: 5218

Re: SQLGrey - Greylisting Improvements with SPF\DNSWL

shawniverson wrote::text-goodpost:
Going to see about pulling this in :)
https://github.com/E-F-A/v3/issues/213
Does this prevent the improvement from being overwritten by a new release? Or should i backup something in case EFA auto-updates itself?

Regards,
Heronimus
by heronimus
06 Oct 2015 11:56
Forum: 3.x How-to
Topic: SQLGrey - Greylisting Improvements with SPF\DNSWL
Replies: 15
Views: 5218

Re: SQLGrey - Greylisting Improvements with SPF\DNSWL

One day after i implemented the improvement, i've already 2 complaining people who can't reach us by mail. I examined their SPF record; both their domains were in error (sending on other IP address and SPF signed with -all ). So the rejection of this improvement works very well! To discover the SPF ...
by heronimus
05 Oct 2015 13:51
Forum: 3.x How-to
Topic: SQLGrey - Greylisting Improvements with SPF\DNSWL
Replies: 15
Views: 5218

Re: SQLGrey - Greylisting Improvements with SPF\DNSWL

you wont find sqlgrey-check_policy_service in the file.. just take "check_policy_service inet:127.0.0.1:2501" out from smtpd_recipient_restrictions and put it in smtpd_client_restrictions with permit_mynetworks. OK, i've already taken these steps. I will now restart the services and monitor how it ...
by heronimus
05 Oct 2015 12:58
Forum: 3.x How-to
Topic: SQLGrey - Greylisting Improvements with SPF\DNSWL
Replies: 15
Views: 5218

Re: SQLGrey - Greylisting Improvements with SPF\DNSWL

Zohman,

I've completed the steps you mentioned above, except this one:
zohman wrote:replace sqlgrey-check_policy_service order in /etc/postfix/main.cf
so you don't have those queries on your trusted network IPs,
I can't find anything that matches sqlgrey in this file.
by heronimus
02 Oct 2015 09:22
Forum: 3.x Feature Requests
Topic: Only greylist if SPF fails
Replies: 3
Views: 1716

Re: Only greylist if SPF fails

what you mean is that if he passes spf.. well, then why greylisting? he is the good guy. should be like this, spf pass - don't grey list, let him pass.. spf fail (-all) - reject at the protocol - he is not welcome at all. any other result - softfail, natural permerror, etc - greylist. That's exactl...
by heronimus
29 Sep 2015 09:06
Forum: 3.x Feature Requests
Topic: Only greylist if SPF fails
Replies: 3
Views: 1716

Only greylist if SPF fails

Following other threads on the internet, it seems a good idea to me to skip the greylist filter in case of a positive SPF check on the sending mailserver. By now, i see many IP's in the "waiting greylist" with the same FROM: and TO: address but many different sender IP's.

Regards, Heronimus
by heronimus
29 Sep 2015 08:54
Forum: 3.x How-to
Topic: Mail loop
Replies: 3
Views: 1486

Re: Mail loop

Hello shawniverson, 1) There were 26 recipients in the TO: field. I will tell the sender to put them in the BCC: field. Instead of increasing the Mailscanner limit, is there any other workaround for this? If not, the only option seems to tell the endusers not using more than 20 addressees. 2) As far...
by heronimus
24 Sep 2015 15:12
Forum: 3.x How-to
Topic: Mail loop
Replies: 3
Views: 1486

Mail loop

Hello there, We are using EFA for a couple of weeks now , and we are very satisfied with the results. EFA is configured to relay Email from our internal servers and to filter Email coming from the internet. There are two problems with which i don't know were to start to troubleshoot them. 1) Sent ma...
by heronimus
17 Sep 2015 08:39
Forum: 3.x How-to
Topic: trusted domain / network emails are being marked as spam
Replies: 15
Views: 3878

Re: trusted domain / network emails are being marked as spam

So, it seems a better idea to trust an internal server (IP or trusted host) instead of trusting a domain name. You can whitelist by IP address, which is what I recommend for an internal email server. From: <yourserverip> To: default Good idea. EFA is new for me, and i didn't know that i could white...
by heronimus
14 Sep 2015 08:14
Forum: 3.x How-to
Topic: trusted domain / network emails are being marked as spam
Replies: 15
Views: 3878

Re: trusted domain / network emails are being marked as spam

In your example, whitelisting an internal domain has one disadvantage; "Someone sending mail to mydomain.com" with a from address as "mydomain.com", will not be checked for spam. In the case the mail is coming from your internal server, this is OK. But coming from somewhere in the WorldWideWeb, it's...
by heronimus
11 Sep 2015 10:48
Forum: 3.x How-to
Topic: trusted domain / network emails are being marked as spam
Replies: 15
Views: 3878

Re: trusted domain / network emails are being marked as spam

Exactly the same situation at my site. While mailing one of our external contacts, the message is a false positive detected spam. The (external) addressee gets a message to release the mail from spam quarantine. Then I am not sure. All I know is that once I whitelisted my internal domain, all spam c...