efa-project.org

I noticed that the Pyzor on the latest EFA is version 0.7, while version 1.0 is available.

Do you know of a reason to not move to 1.0?

Also where are of the configuration files, I was looking add "pyzor.scrolloutf1.com:24441" as another server to the default.

RavioliKing If I am reading you correct you want to create a list of valid recipients email addresses and reject unknown ones, and these list will come from multiple servers, is this multiple AD's? I have two different AD domains, I extract all valid emails addresses from the two AD, merge the files...

if your code works, go with I am not an expert on SA coding. I was suggesting an alternative to the problem, since I added "reject_non_fqdn_sender" I very rarely get DHL spam anymore. I also force inbound TLS for common delivery company like dhl.com get rid the spoofed, zombie PCs tend not to do TLS...

Is this mail from somebodies home PC? If so, I find adding this to my main.cf (reject_non_fqdn_sender) smtpd_sender_restrictions = ...... reject_non_fqdn_sender, ..... other rules The reason is the majority of PC's are normally standalone and they are not joined to a domain, so they do not have an F...

In headers_check in /etc/postfix add below in, change ExchangeServer to what name your internal server is. You need to put a # in front of the line "/^Message-ID:/ HOLD" /^Received:/ HOLD /^Received: from ExchangeServer/ IGNORE /^Received: from 127.0.0.1/ IGNORE Then issue postmap /etc/postfix/heade...

I did end up using this rawbody WOMBLE_FREEWEB /tripod\.com|freewebs\.com|wix\.com|ukit\.com/ score WOMBLE_FREEWEB 4.00 describe WOMBLE_FREEWEB Body contains hyperlink to free website hosting domain (phishing?) low security At least the message is tagged as spam, if it fails other test it can quite ...

I did do both of those. I did some more reading and found another example that used rawbody I changed body TRIPOD1 /\.tripod\.com/ to rawbody TRIPOD1 /\.tripod\.com/ and compiled and restarted MailScanner, it did not work, I went to bed, and went to have a look the following day and found it was wor...

Just like virus there are also zero day phishing links that have not filtering into any urbl list. I am trying to get Mailscanner/SA as part of a spam check to add urls is certain free hosting web-sites to be given a score. In local.cf I have added body WOMBLE_FREEWEB /tripod\.com|freewebs\.com/ sco...

SOLUTION BELOW: in MailScanner.conf by default for AV scanning you have Virus Scanners = clamd When I installed sophos I added Virus Scanners = clamd sophos What I did was swop them round, the email is quarantined, the user can see it, but cannot release it, problem solved. Virus Scanners = sophos c...

I used the instructions to install from another poster https://forum.efa-project.org/viewtopic.php?f=14&t=1329&p=7288&hilit=sophos#p7288 I have noticed since installing SOPHOS has detected a number of ransomware viruses based on the double extension. All good, however on the MailWatch screen it show...

My top virus on my system is reported as "YARA.possible_includes_base64_packed_functions.UNOFFICIAL", with just 1.4% daily of all messages being logged as virus infected. I am using the default unofficial ones, plus a securiteinfo.com subscription. I have had a report from one of my users that they ...

I noticed one of the domains we force TLS to and from had changed their TLS settings to high, and mail was not being delivered, it was OK on low. On analyzing the MTA logs, it was found we was getting an error similar to below. postfix/smtp[<pid>]: warning: TLS library problem: error:1407741A: SSL r...

just incase anybody else is going to do this, this is the HOW TO. In the /etc/unbound/conf.d/forwarders.conf I added the following lines, x.x.x.x is the local DNS that as the zone replication. forward-zone: name: "multi.surbl.org" forward-addr: x.x.x.x forward-addr: x.x.x.x Also # Use SBL from your ...

Thanks for the pointer I will give that a go.

I am using the stock build of EFA version 3.0.1.7. I am getting URIBL_BLOCKED The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists\#dnsbl-block for more information. I have access to access to non-public/professional data feed for SURBL and URIBL (http://www.surbl.or...

I have my existing mail gateway which I am looking to replace with EFA over the next few months so I am looking to try and get as much as possible the same. The system adds disclaimers to email (as does EFA) but the disclaimer is dynamic, where the disclaimers uses variables such as date/time the se...

I recently installed by first EFA Vm.

I have noticed point release .8 is now out, think I was on 5 or 6 when I built it, now on 7. I have made some changes in the main.cf file, if I upgrade to .8 will any of the configuration files be replaced?

Hello, While looking to building a email gateway to front my exchange I found first, Mailscanner then EFA. Very easy to build and setup. I am still playing with it and there seems to a lot that been built in over the years. What is enabled by default, and what do you need to be tweaked for an effect...

webguyz I am having the same issue, what do I need to add 127.0.0.1 to?