Search found 12 matches

by northwindit
14 Mar 2019 14:33
Forum: 3.x How-to
Topic: Greylisting sending server sends on different IP
Replies: 0
Views: 26

Greylisting sending server sends on different IP

Hello, A few times i have run into this issue and i'm not sure of an automatic way of correcting it. An email comes in and gets greylisted. 5 or so minutes later the sending server honors the request and sends the email again, however it then comes from a different IP address. How can i have greylis...
by northwindit
04 Sep 2018 15:16
Forum: Discussion
Topic: Letsencrypt not installing/renewing on EFA 3.0.2.6
Replies: 9
Views: 1823

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

I had this same problem and the solutions listed in here didn't work for me. Not even webmin would load. This was my solution to get everything working again. Just passing the info along in case it can help someone else. //////////////////////////////////////////////////// Disable Lets Encrypt Disab...
by northwindit
01 May 2017 19:57
Forum: 3.x Bugs
Topic: 3.0.2.1 - Can't add a particular domain to blacklist
Replies: 16
Views: 3055

Re: 3.0.2.1 - Can't add a particular domain to blacklist

I should mention that just adding that ID to the list of excludes did not actually stop it from running. It only worked after commenting out those lines. Once i commented out those lines i did not proceed in investigating any further as it was on a production server.
by northwindit
01 May 2017 17:11
Forum: 3.x Bugs
Topic: 3.0.2.1 - Can't add a particular domain to blacklist
Replies: 16
Views: 3055

Re: 3.0.2.1 - Can't add a particular domain to blacklist

I have managed to get rid of all the errors by commenting out two lines in: /etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf # -=[ Detect DB Names ]=- # #SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAMES|ARGS|XML:/* "(?i:(?:m(?:s(...
by northwindit
01 May 2017 16:57
Forum: 3.x Bugs
Topic: 3.0.2.1 - Can't add a particular domain to blacklist
Replies: 16
Views: 3055

Re: 3.0.2.1 - Can't add a particular domain to blacklist

"(?i:(?:m(?:s(?:ysaccessobjects|ysaces|ysobjects|ysqueries|ysrelationships|ysaccessstorage|ysaccessxml|ysmodules|ysmodules2|db)|aster\\\\.\\\\.sysdatabases|ysql\\\\.db)|s(?:ys(?:\\\\.database_name|aux)|chema(?:\\\\W*\\\\(|_name)|qlite($ ..." at ARGS:chk[]. [file "/etc/httpd/modsecurity.d/activated_r...
by northwindit
01 May 2017 15:37
Forum: 3.x Bugs
Topic: 3.0.2.1 - Can't add a particular domain to blacklist
Replies: 16
Views: 3055

Re: 3.0.2.1 - Can't add a particular domain to blacklist

These are the lines that jump out at me: ssl_access_log 10.1.10.116 - - [01/May/2017:11:32:39 -0400] "POST /sgwi/connect.php HTTP/1.1" 200 58876 10.1.10.116 - - [01/May/2017:11:32:40 -0400] "GET /sgwi/connect.php?sort=first_seen&csort=sender_name&order=desc HTTP/1.1" 403 337 10.1.10.116 - - [01/May/...
by northwindit
01 May 2017 14:55
Forum: 3.x Bugs
Topic: 3.0.2.1 - Can't add a particular domain to blacklist
Replies: 16
Views: 3055

Re: 3.0.2.1 - Can't add a particular domain to blacklist

Still receiving forbidden messages when trying to move an item in the greylist to whitelist You don't have permission to access /sgwi/connect.php on this server. All secrules that have been mentioned to add in the previous posts have been added SecRuleRemoveByID 981173 SecRuleRemoveByID 981249 SecRu...
by northwindit
25 Apr 2017 18:59
Forum: 3.x Bugs
Topic: 3.0.2.1 - Can't add a particular domain to blacklist
Replies: 16
Views: 3055

Re: 3.0.2.1 - Can't add a particular domain to blacklist

Yeah, i have the same problem when trying to release a message:
You don't have permission to access /mailscanner/detail.php on this server.

Seems that version 3.0.1.9 and forward seriously did not go through any quality testing before release.
by northwindit
27 Oct 2016 12:29
Forum: 3.x How-to
Topic: Tag clean emails (backup server)
Replies: 2
Views: 740

Re: Tag clean emails (backup server)

Because within minutes of the backup server being brought online it was hit hard with spam emails. So in the off chance one gets through the backup server to the primary server i want the users to exercise more caution when viewing emails that have MX2 in the subject line when the primary server has...
by northwindit
26 Oct 2016 19:12
Forum: 3.x How-to
Topic: Tag clean emails (backup server)
Replies: 2
Views: 740

Tag clean emails (backup server)

Good day all, I have two zimbra email servers, one on location, and one remote. Both also have EFA project running as well to filter emails. Basic concept is if the primary location goes down, our secondary MX records will kick in and email will still get delivered and filtered through the off-site ...
by northwindit
21 Apr 2016 14:18
Forum: 3.x How-to
Topic: Released bad content gets reblocked
Replies: 0
Views: 1018

Released bad content gets reblocked

Hello all, My company gets file attachments from government agencies. Some of these incoming emails have attachments that have multiple periods in the file name which the /etc/MailScanner/filename.rules.conf will block. This is really good in most cases, but for the few legitimate emails that get bl...
by northwindit
12 Apr 2016 15:55
Forum: 3.x How-to
Topic: Block entire Countries by IPs
Replies: 7
Views: 3619

Block entire Countries by IPs

Hello everyone, Just started using this wonderful product in our office and while it is doing great. I would like to ask a few questions that after searching have not found clear answers on how to perform. 1) How would i go about blocking entire IP ranges from countries. I use https://www.countryipb...