Search found 387 matches

by henk
05 Sep 2019 19:59
Forum: Discussion
Topic: best practice ???
Replies: 6
Views: 168

Re: best practice ???

We are planning to set up an email service to send ads and advertising, regulated according to content to avoid blacklisting
set up a spam service:?:
by henk
23 Aug 2019 22:36
Forum: 4.x Testing
Topic: 451 4.7.1 - Milter service inet:127.0.0.1:8893: Connection refused
Replies: 6
Views: 2253

Re: 451 4.7.1 - Milter service inet:127.0.0.1:8893: Connection refused

I had the same issue. My eFa4 is only used for inbound mail.I use fetchmail to fetch mail from my different mailservers out there. My internal mailserver is the only one that can send mail, I had no need for sqlgrey/dkim/dmarc on eFa so there where disabled. I did a yum update today and this somehow...
by henk
23 Aug 2019 21:08
Forum: 4.x Testing
Topic: Duplicate entries in etc/postfix/header_checks-solution
Replies: 0
Views: 527

Duplicate entries in etc/postfix/header_checks-solution

rpmbuild/SOURCES/eFa-4.0.0/updates/update-4.0.0.sh Line 389: if [[ -z $(grep '^Received: from localhost' /etc/postfix/header_checks) ]]; then checks if it returns an empty string. If so, the following line needs to be added to the '/etc/postfix/header_checks' file "/^Received:\ from\ localhost\ \(lo...
by henk
23 Aug 2019 18:01
Forum: 4.x Testing
Topic: Efa4 timeout issues solution
Replies: 0
Views: 487

Efa4 timeout issues solution

Testing the latest Efa4 version results in 2 minor issues The issue is created by rpmbuild/SOURCES/eFa-4.0.0/updates/update-4.0.0.sh due a wrong section name. ( commit-id 6dd91d0) Errors in var/log/messages: 1. /etc/systemd/system/mariadb.service.d/override.conf:1] Unknown section 'System'. Ignoring...
by henk
27 Jul 2019 10:15
Forum: 3.x How-to
Topic: FREEMAIL_FORGED_REPLYTO
Replies: 6
Views: 4087

Re: FREEMAIL_FORGED_REPLYTO

# shortcircuit BAYES_00 ham score FREEMAIL_FORGED_REPLYTO 4.0 <<< move this line outside of the if/endif blocks as you created a dependency on the Shortcircuit plugin endif # Mail::SpamAssassin::Plugin::Shortcircuit To Check if the Shortcircuit plugin is active or not /etc/mail/spamassassin/v320.pr...
by henk
04 Jul 2019 17:47
Forum: Discussion
Topic: http://www.backscatterer.org
Replies: 5
Views: 1622

Re: http://www.backscatterer.org

Hi Nicola, Check again ;) https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a195.120.124.42&run=toolpage or https://www.dnsbl.info/dnsbl-database-check.php Are you sure Efa is the only system that can send outbound -NDR-mail? To be sure add some firewall smtp / smtp ports rules on mail traffic ...
by henk
02 Jul 2019 21:31
Forum: 3.x How-to
Topic: Change Login Page text
Replies: 2
Views: 1577

Re: Change Login Page text

Hi Andy I would send a corperate email with the same content to inform users. :idea: But if you want to change some text, take a look at /var/www/html/mailscanner/languages/en.php Make a backup of this file in case you messed up and end up with a broken gui. LoginPage.png PS. To make life easy and a...
by henk
02 Jul 2019 21:08
Forum: 4.x Testing
Topic: Allowing A Banned File Extension
Replies: 1
Views: 559

Re: Allowing A Banned File Extension

Q883260 is denied in filename.rules.conf (deny \.pst$ Dangerous Office Data File (according to Microsoft)

Zip files are allowed ( allow \.zip$ )

To try to allow the pst file, you could take a look at viewtopic.php?t=1498
by henk
25 Jun 2019 14:30
Forum: 3.x Bugs
Topic: 3.0.2.5 - 3.0.2.6 Update HTTP ERROR 500
Replies: 5
Views: 1233

Re: 3.0.2.5 - 3.0.2.6 Update without errors

Hi Vladimir Not clear what you mean by "when i'm tried replace broken efa to fresh," And I would forget the "didn't check it properly, cause its production environment " remark if I was you. :shifty: :idea: As I do not know the updrade steps followed, I would take a close look at the nexts post ment...
by henk
24 Jun 2019 17:47
Forum: 3.x Bugs
Topic: 3.0.2.5 - 3.0.2.6 Update HTTP ERROR 500
Replies: 5
Views: 1233

Re: 3.0.2.5 - 3.0.2.6 Update HTTP ERROR 500

Vladimir Efa's system restore didn't help?? anyway. there is always the upgrade log. :idea: and there are some posts in this forum about the minor (solved)issues when upgrading from 3.0.2.5 to 3.0.2.6. It seems you have an error in /var/www/html/mailscanner/conf.php on line 147 "Call to undefined fu...
by henk
20 Jun 2019 21:54
Forum: Discussion
Topic: New method of spoofing?
Replies: 5
Views: 1197

Re: New method of spoofing?

bikertrash, if the spoofs come mainly from Asia (specifically Taiwan) a simple country block will do the trick viewtopic.php?t=2659

See https://www.spamhaus.org/statistics/countries/

and the country codes https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#TW
by henk
06 Jun 2019 22:20
Forum: 3.x How-to
Topic: spamassassin filtering not consistently working for some TLDs
Replies: 7
Views: 853

Re: spamassassin filtering not consistently working for some TLDs

Why do all the mail have a score 0? and your -succesfull- blacklisted mail a 150 score? And you did enable MCP? Do you ever have a score > 0 ? Looks like you disabled scanning somehow. Anyway, when you enter them via the Gui-> blackandwhitelist just enter @ and the domain you want to blacklist. so j...
by henk
06 Jun 2019 22:01
Forum: Discussion
Topic: Smarthost with TLS
Replies: 4
Views: 938

Re: Smarthost with TLS

As "one of the Directors has been doing the "IT stuff" since then", they have "state of the art" hardware? Everybody can buy a hammer and nails, but that doesn't make them a carpenter :snooty: ( translated from Dutch it looks silly..) The good news, besides the hotel bar, they use Efa 8-) When you s...
by henk
06 Jun 2019 18:02
Forum: Discussion
Topic: Smarthost with TLS
Replies: 4
Views: 938

Re: Smarthost with TLS

There are more members as fortunate as you :lol: they should be able to give advise on this one.

I use efa inbound only and, lucky me, no Exchange ;) and I sure like pfsense a lot. :clap:

but, "important partners from a Gmail account"? :shifty: :oops:
by henk
06 Jun 2019 17:47
Forum: 3.x How-to
Topic: spamassassin filtering not consistently working for some TLDs
Replies: 7
Views: 853

Re: spamassassin filtering not consistently working for some TLDs

Somehow i live in a banned rule tld ( .nl) :think: blacklist_from *.agency - Remove the wildcard and just leave the domain. Via MailWatch GUI under black and white lists. will take effect either after restarting MailScanner. You could also add block country / ip's - https://forum.efa-project.org/vie...
by henk
06 Jun 2019 09:57
Forum: 4.x Testing
Topic: eFa 4.0 RTM
Replies: 7
Views: 1693

Re: eFa 4.0 RTM

As you have version 3.0.2.5 running you could take a look at version 3.0.2.6 https://github.com/E-F-A/v3/blob/master/CHANGELOG and decide if you want to upgrade or wait for the first v4 stable release. Nice to know: you can migrate from v3 to v4. As v4 contains massive changes, I'm sure the efa team...
by henk
05 Jun 2019 15:03
Forum: 4.x Testing
Topic: eFa 4.0 RTM
Replies: 7
Views: 1693

Re: eFa 4.0 RTM

"try one on production" As in "Test in Production" ? :shifty: :roll:
by henk
02 Jun 2019 13:49
Forum: Discussion
Topic: LetsEncrypt: Blessing and curse at the same time?
Replies: 0
Views: 1795

LetsEncrypt: Blessing and curse at the same time?

As DNS is essential, not only in efa, it's worth the time to read this post about Global DNS Hijacking.

It's the perfect way to harvest credentials and get access.

https://www.fireeye.com/blog/threat-res ... scale.html
by henk
02 Jun 2019 09:54
Forum: Discussion
Topic: help about blocked files
Replies: 3
Views: 496

Re: help about blocked files

"All DNS settings are correct" So if you dig your TXT record, your sending IP shows , or is included? Maybe someone, who is also sending notifications, can step in? Besides dns , you can take a look at https://forum.efa-project.org/viewtopic.php?t=2802 about double extensions ( Attempt to hide real ...
by henk
02 Jun 2019 09:28
Forum: 4.x Testing
Topic: 1 jun bug / emails are not released
Replies: 2
Views: 628

Re: 1 jun bug / emails are not released

Having no issues whatsoever, I would say that the next messages in your log are pointing to the issue:

continue not asking DCC 438 seconds after 5 failures

Insufficient system resources (SystemMemory)


And check your available diskspace https://robot.lk/viewtopic.php?f=20&t=2972
by henk
01 Jun 2019 19:05
Forum: Discussion
Topic: help about blocked files
Replies: 3
Views: 496

Re: help about blocked files

You should check your DNS settings for your domain, as efa sends mail to the outside world,and gmail checks if the ip is allowed to send mail for your domain ( that's correct) dig MX <yourdomain> and dig TXT <yourdomain> And check if reverse dns points to the correct PTR name. If you make sure the T...
by henk
31 May 2019 07:10
Forum: 3.x Bugs
Topic: mysql overloading system cpu/IO
Replies: 34
Views: 8383

Re: mysql overloading system cpu/IO

From the mysql documentation : https://dev.mysql.com/doc/refman/5.7/en/host-cache.html You should check your EFA Unbound dns. As the dns seems to be a problem. Mysqltuner provides usefull info. To bypass dns issues with mysql and bump up security by using localhost for connections only 1. /etc/my.cn...
by henk
28 May 2019 07:30
Forum: Discussion
Topic: Show login history
Replies: 4
Views: 656

Re: Show login history

You are right, so just did a test to see when someone logged in with ssh: 1. /var/log/secure grep -irHn 'Accepted password' /var/log/secure /var/log/secure:7794:May 28 09:05:09 efa sshd[10331]: Accepted password for <user> from <IP> port 49517 ssh2 /var/log/secure:7800:May 28 09:05:09 efa sshd[10334...