Search found 64 matches

by dbrunt
01 Mar 2017 23:16
Forum: 3.x Bugs
Topic: Typo: "Quarentine" on MailWatch GUI
Replies: 0
Views: 1194

Typo: "Quarentine" on MailWatch GUI

Bottom Pane of MailWatch GUI when viewing a message says "Quarentine". Typo can be fixed here: [root@efa var]# find . -type f -exec grep Quarentine {} \; -print 'quarantine04' => 'Quarentine', ./www/html/mailscanner/languages/en.php // Added in 2015-06-23 // 04-details.php 'quarantine04' => 'Quarant...
by dbrunt
08 Feb 2017 22:41
Forum: Discussion
Topic: Greylisting problem
Replies: 38
Views: 15968

Re: Greylisting problem

Ovizii, I don't believe update_sqlgrey_config merges the .local files as radiogen's post alludes to. It downloads new files from SQLGrey source. [root@efa sqlgrey]# update_sqlgrey_config updating /etc/sqlgrey/clients_fqdn_whitelist: --- /etc/sqlgrey/clients_fqdn_whitelist 2015-02-26 18:45:56.3179997...
by dbrunt
20 Jan 2017 22:25
Forum: 3.x Bugs
Topic: Quarantine Report: ==== user@somedomain.com has empty e-mail recipient address, skipping...
Replies: 2
Views: 2992

Re: Quarantine Report: ==== user@somedomain.com has empty e-mail recipient address, skipping...

Code adopted by mailwatch 1.2.0 RC4: https://github.com/mailwatch/1.2.0/releases/tag/v1.2.0-rc.4 https://github.com/mailwatch/1.2.0/commit/3c76fe4a693de70af9a56e2930d6eed32494a477?diff=split switch ($user->type) { case 'D': // Type: domain admin - this must be overridden if (!empty($user->quarantine...
by dbrunt
20 Jan 2017 21:41
Forum: 3.x Bugs
Topic: 3.0.1.5: cron.hourly email is sent when there are files in /etc/MailScanner/conf.d
Replies: 2
Views: 1531

Re: 3.0.1.5: cron.hourly email is sent when there are files in /etc/MailScanner/conf.d

See viewtopic.php?f=13&t=1545&p=5765&hilit=cron#p5765

If variables are referenced in the custom .conf files, apparently they need to be defined there as well.
by dbrunt
19 Jan 2017 22:25
Forum: 3.x Bugs
Topic: 3.0.1.5: EFA-MS-Update has stopped updating phishing sites as of Jan 15, 2017
Replies: 4
Views: 2282

Re: 3.0.1.5: EFA-MS-Update has stopped updating phishing sites as of Jan 15, 2017

Digging further...trying to determine why my entries in .custom files were no longer prepended to .conf files from Tuesday Jan 17th... What if anything runs EFA-MS-Update? I found /usr/local/sbin/ms-update-[safe|bad]-sites which is run daily by cron: /etc/cron.daily/mailscanner /usr/sbin/ms-cron DAI...
by dbrunt
19 Jan 2017 20:30
Forum: 3.x Bugs
Topic: 3.0.1.5: EFA-MS-Update has stopped updating phishing sites as of Jan 15, 2017
Replies: 4
Views: 2282

Re: 3.0.1.5: EFA-MS-Update has stopped updating phishing sites as of Jan 15, 2017

Thanks, it is updating now. However, I now see a problem with /usr/local/sbin/EFA-MS-Update ...it is not implementing the phishing. [safe|bad] .sites.custom files! Has this been addressed in 3.0.1.8? # +--------------------------------------------------------------------+ # EFA Project Mailscanner r...
by dbrunt
17 Jan 2017 22:09
Forum: 3.x Bugs
Topic: 3.0.1.5: EFA-MS-Update has stopped updating phishing sites as of Jan 15, 2017
Replies: 4
Views: 2282

3.0.1.5: EFA-MS-Update has stopped updating phishing sites as of Jan 15, 2017

The following URL's seem to be invalid: [root@efa sbin]# ./usr/local/sbin/EFA-MS-Update -update bash: ./usr/local/sbin/EFA-MS-Update: No such file or directory [root@efa sbin]# /usr/local/sbin/EFA-MS-Update -update --2017-01-17 13:21:53-- http://dl.efa-project.org/MailScanner/phishing.bad.sites.conf...
by dbrunt
25 Oct 2016 22:29
Forum: 3.x Bugs
Topic: LDAP authentication fails on passwords with ">" character
Replies: 3
Views: 2303

Re: LDAP authentication fails on passwords with ">" character

I've just fixed the problem.

In the ldap_authenticate function in /var/www/html/mailscanner/functions .php change

Code: Select all

if (ldap_bind($ds, $user, "$password")) {
to

Code: Select all

if (ldap_bind($ds, $user, html_entity_decode($password))) {
Is this a MailWatch bug?
by dbrunt
25 Oct 2016 02:20
Forum: How-to
Topic: How to integrate E.F.A with Active Directory on 3.0.0.9
Replies: 41
Views: 271628

Re: How to integrate E.F.A with Active Directory on 3.0.0.9

Has anyone explored integrating with multiple AD servers? We currently host a Barracuda server for a couple of dozen Exchange Servers owned by other companies. The Barracuda uses LDAP queries to get the valid users and (optionally) authentication credentials for each of those domains. I like the EF...
by dbrunt
25 Oct 2016 02:12
Forum: Feature Requests
Topic: Multiple LDAP Authentication Sources
Replies: 2
Views: 2450

Re: Multiple LDAP Authentication Sources

Added to and working in 3.0.0.8
:thumbup:
Next up... 3.0.1.5
by dbrunt
17 Oct 2016 22:17
Forum: How-to
Topic: Where to find EFA version.
Replies: 11
Views: 4263

Re: Where to find EFA version.

I agree! It's slightly better than having to run /etc/EFA-Version at the shell prompt though!
by dbrunt
17 Oct 2016 18:08
Forum: How-to
Topic: Where to find EFA version.
Replies: 11
Views: 4263

Re: Where to find EFA version.

It displays below the login box:
http://efa.your_domain.com/mailscanner/login.php
by dbrunt
12 Oct 2016 23:54
Forum: 3.x Bugs
Topic: postfix/smtpd warning SASL authentication problem
Replies: 8
Views: 4576

Re: postfix/smtpd warning SASL authentication problem

Hackers are at work... Oct 9 23:22:33 efa postfix/smtpd[15261]: warning: unknown[1.250.238.180]: SASL LOGIN authentication failed: authentication failure Oct 9 23:22:34 efa postfix/smtpd[15261]: lost connection after AUTH from unknown[1.250.238.180] Is this the best way to disable SASL authenticatio...
by dbrunt
12 Oct 2016 23:34
Forum: How-to
Topic: Help with Custom SpamAssassin Module
Replies: 23
Views: 7911

Re: Help with Custom SpamAssassin Module

I'm trying to make this work but SA is not adding the scoring when I send a macro enabled .XLS through.
Two installs of EFA: 3.0.0.8 and the other is 3.0.1.1
In the SpamAssassin Lint (Test) the ole2macro.pm is picked up.
Any ideas?
by dbrunt
12 Oct 2016 22:49
Forum: How-to
Topic: EFA to only block .doc macros?
Replies: 5
Views: 2129

Re: EFA to only block .doc macros?

One more note, install Sophos A/V scanning: viewtopic.php?t=1329
It catches more than clamav but not everything than clamav does...
by dbrunt
12 Oct 2016 22:46
Forum: How-to
Topic: EFA to only block .doc macros?
Replies: 5
Views: 2129

Re: EFA to only block .doc macros?

For SpamAssassin scoring, see viewtopic.php?t=1547
Scroll abount 1/2 way down for pdwalker's step-by-step process for installation.

I'm still trying to get it to work though...
by dbrunt
12 Oct 2016 22:43
Forum: How-to
Topic: EFA to only block .doc macros?
Replies: 5
Views: 2129

Re: EFA to only block .doc macros?

OLE2 macro blocking is supposed to be enabled in newer versions of EFA (clamd) I'm not sure when the default changed. This setting in /etc/clamd.conf controls OLE2 macro blocking: # With this option enabled OLE2 files with VBA macros, which were not # detected by signatures will be marked as "Heuris...
by dbrunt
12 Oct 2016 19:27
Forum: How-to
Topic: Install Sophos Antivirus
Replies: 26
Views: 13767

Re: Install Sophos Antivirus

sav-linux installed and working on 3.0.0.8.
/tmp did not have enough space so created /install and put the download and the extraction in there. After installation, rm -rf /install
by dbrunt
08 Oct 2016 00:31
Forum: 3.x Bugs
Topic: 3.0.1.5: cron.hourly email is sent when there are files in /etc/MailScanner/conf.d
Replies: 2
Views: 1531

Re: 3.0.1.5: cron.hourly email is sent when there are files in /etc/MailScanner/conf.d

Here is the email: Subject: Cron <root@efa> run-parts /etc/cron.hourly /etc/cron.hourly/mailwatch_relay.sh: Notice: Undefined index: %rules-dir% in /var/www/html/mailscanner/functions.php on line 1486 Notice: Undefined index: %rules-dir% in /var/www/html/mailscanner/functions.php on line 1486 Notice...
by dbrunt
24 Sep 2016 00:47
Forum: 3.x Bugs
Topic: No Quarantine Report since Update
Replies: 7
Views: 2077

Re: No Quarantine Report since Update

If the username is simply "user", you have to complete the overriding email field. If the username is user@somedomain.com then an overriding email address is not required unless the user type is Administrator or Domain Administrator, in which case you have to have an overriding email address despite...
by dbrunt
24 Sep 2016 00:22
Forum: 3.x Bugs
Topic: 3.0.1.5: cron.hourly email is sent when there are files in /etc/MailScanner/conf.d
Replies: 2
Views: 1531

3.0.1.5: cron.hourly email is sent when there are files in /etc/MailScanner/conf.d

The subject says it all. With our custom files in /etc/MailScanner/conf.d, cron.hourly email is sent every hour. drwxr-xr-x. 2 root root 4096 Sep 20 16:05 . drwxr-xr-x. 6 root root 4096 Sep 21 16:38 .. -rw-r--r-- 1 root root 100 Sep 20 15:12 filename.conf -rw-r--r-- 1 root root 100 Sep 20 15:12 file...
by dbrunt
22 Sep 2016 19:43
Forum: 3.x Bugs
Topic: Quarantine Report: ==== user@somedomain.com has empty e-mail recipient address, skipping...
Replies: 2
Views: 2992

Quarantine Report: ==== user@somedomain.com has empty e-mail recipient address, skipping...

If a user's "User Type" is Administrator or Domain Administrator, the quarantine report will not get delivered unless the Quarantine Report Recipient contains an overriding email address. The description says "Override quarantine report recipient (uses your username if blank)" but this only works if...
by dbrunt
22 Sep 2016 00:00
Forum: 3.x Bugs
Topic: SUSPECTED SPAM NOTIFICATIONS do not get sent to Recipient when Sender is blank or <>
Replies: 0
Views: 1107

SUSPECTED SPAM NOTIFICATIONS do not get sent to Recipient when Sender is blank or <>

While trying to test SUSPECTED SPAM NOTIFICATIONS actions as per https://forum.efa-project.org/viewtopic.php?f=14&t=1541 I noticed that SSNs do not get sent to Recipients when the Sender is blank or <>. The problem is in /usr/lib/MailScanner/MailScanner/CustomFunctions/CustomAction.pm: sub HandleSpa...
by dbrunt
21 Sep 2016 23:32
Forum: How-to
Topic: Disable {Spam not delivered} notifications
Replies: 14
Views: 5236

Re: Disable {Spam not delivered} notifications

Just to be clear for others, here is our implementation: In /etc/MailScanner/conf.d create: spam.actions.conf Spam Actions = %rules-dir%/spam.actions.rules In /etc/MailScanner/rules create: spam.actions.rules To: user@mydomain.com store FromOrTo: default store custom(spam) (Use tabs between fields)