Search found 164 matches

by jamerson
20 Jan 2019 15:05
Forum: 4.x Bugs
Topic: Migration
Replies: 13
Views: 14988

Re: Migration

Please stay tuned we are testing the migration tools
by jamerson
17 Dec 2018 22:51
Forum: How-to
Topic: How to Configure DKIM | Multiple Domains
Replies: 13
Views: 7544

Re: How to Configure DKIM | Multiple Domains

At the end of your tutorial you stated to add the below to your DNS. Is this just a text record like for spf? What would the hostname be? The efa hostname or the sending domain? in your public DNS important add this DMRAC v=DMARC1; p=reject; sp=reject; rua=mailto:postmaster@efa.org its just your po...
by jamerson
17 Dec 2018 22:32
Forum: How-to
Topic: [How to ] How to block GEO IP
Replies: 0
Views: 3147

[How to ] How to block GEO IP

Hi Guys, Today i will show you how to block a country with their RELAY server. let Say we wanna block Russia from spoofing our EFA go to cd /etc/mail/spamassassin nano init.pre and remove # in front of # loadplugin Mail::SpamAssassin::Plugin::RelayCountry now edit local.cf nano local.cf add this at ...
by jamerson
02 Nov 2018 11:28
Forum: How-to
Topic: How to Configure DKIM | Multiple Domains
Replies: 13
Views: 7544

How to Configure DKIM | Multiple Domains

Dear all, hierby i will explain how to get your EFA configured to check the DKIM signature of out /incoming emails. lets assune your domain is efa.org make a folder on the opendkim mkdir -p /etc/opendkim/keys/efa.org/ browse to cd /etc/opendkim/keys/efa.org/ run the below to generate the private and...
by jamerson
18 Jul 2018 20:14
Forum: Discussion
Topic: New SPAM or back scatter?
Replies: 5
Views: 5028

Re: New SPAM or back scatter?

yes exactly that one has been configured.
for now i am set.
in the new release AFAIK it will be build in.
if the EFA is behind a firewall, i will suggest to block GEOIP.
by jamerson
13 Jul 2018 08:51
Forum: Discussion
Topic: Clamd update kills my EFA
Replies: 15
Views: 31170

Re: Clamd update kills my EFA

See above the solution.
if you have any questions let me know
by jamerson
13 Jul 2018 08:33
Forum: Discussion
Topic: Clamd update kills my EFA
Replies: 15
Views: 31170

Clamd update kills my EFA

Hi guys, after the last update of the antivirus CLAMD my EFA keeps detecting everything as spam. Clamd::ERROR:: COULD NOT CONNECT TO CLAMD, RECOMMEND RESTARTING DAEMON :: . Jul 13 10:20:42 filter MailScanner[3045]: Virus Scanning: Clamd found 1 infections Jul 13 10:20:42 filter MailScanner[3045]: Vi...
by jamerson
21 Jun 2018 22:23
Forum: Discussion
Topic: New SPAM or back scatter?
Replies: 5
Views: 5028

Re: New SPAM or back scatter?

i remeber me having this before, there where alot of servers trying to relay.
i've configured fail2ban and i noticed it reduced now.
by jamerson
21 Jun 2018 22:21
Forum: Discussion
Topic: block German language
Replies: 5
Views: 4311

Re: block German language

I am not sure such things exist !
by jamerson
19 Jun 2018 17:29
Forum: Discussion
Topic: block German language
Replies: 5
Views: 4311

Re: block German language

I am not sure i understand,
Do you mean you want to remove the German language to be visible on the web Gui ?
by jamerson
15 Jun 2018 23:36
Forum: Discussion
Topic: Letsencrypt not installing/renewing on EFA 3.0.2.6
Replies: 10
Views: 10441

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Hi Guys, after adding this line RewriteEngine On [*]RewriteCond %{SERVER_PORT} 80 RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/ #RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] Whcih command we have to run to renew the SSL or it will do it automatically ?
by jamerson
15 Jun 2018 23:30
Forum: Discussion
Topic: TLS error
Replies: 7
Views: 6028

Re: TLS error

If you have a need/requirement enforce TLS inbound from certain domains. This is an HOW TO: create a file /etc/postfix/tls_server_policy_sender sender-must-be-tls.com reject_plaintext_session In main.cf add check_sender_access hash:/etc/postfix/tls_server_policy_sender, under smtpd_sender_restricti...
by jamerson
15 Jun 2018 23:28
Forum: Discussion
Topic: Fail2ban
Replies: 23
Views: 32204

Re: Fail2ban

you can activate pattern for http code response like 403 : access denied or 404 : page not found. Or for example if a ip address request the web page a big number of time over a short time. For example if you have the same ip address with "get" on 500 line request the same page during 1mi...
by jamerson
19 May 2018 14:14
Forum: Discussion
Topic: TLS error
Replies: 7
Views: 6028

Re: TLS error

This seems to be the wrong question. As I said… Postfix does TLS on an opportunistic approach. If both side agree on TLS, than it will be used. If the other end doesn't, than Postfix doesn't care and proceeds anyway. You can use the tls_policy to enforce TLS connections, where necessary. However, y...
by jamerson
18 May 2018 16:24
Forum: How-to
Topic: How removes the Received line
Replies: 4
Views: 4163

Re: How removes the Received line

Odon Garma wrote: 17 May 2018 13:18 can you explain "/^Received:.*192.168.4.5/ IGNORE" ??
sorry the 192.168.4.5 is the IP of the EFA appliance in my case is 10.10.44.6
the command will remove the IP of the appliance ( LAN IP ) on the destinatination so your network lan won't be compromised.
by jamerson
14 May 2018 23:48
Forum: How-to
Topic: How removes the Received line
Replies: 4
Views: 4163

How removes the Received line

How to remove the Received line on the EFA . when sending out emails using the EFA, the reciepient recieves your internal network information, like your exchange/mail server FQDN and internal IP which is risky. this is a example of my messages header before i configured the EFA. as you see it shows...
by jamerson
14 May 2018 15:55
Forum: Discussion
Topic: PGP S/MIME Leak
Replies: 1
Views: 2268

PGP S/MIME Leak

Dear all,
as you may have readen the news the PGP S/MIME LEAK has been over the new.
https://thehackernews.com/2018/05/pgp-s ... ption.html
How is the EFA configured to handle those ?
Do we need some extra configuratio nfor this ?
by jamerson
11 May 2018 13:57
Forum: Discussion
Topic: TLS error
Replies: 7
Views: 6028

Re: TLS error

Thank you budy for your time.
if we dont configure the tls its not going to be a security issue ?
Thank you
by jamerson
10 May 2018 22:19
Forum: Discussion
Topic: TLS error
Replies: 7
Views: 6028

TLS error

Dear All, after we did a EFA scan we figured out that the EFA does not send with TLS. seconds test stage and result [000.096] Connected to server [000.188] <-- 220 filter.domain.com ESMTP Postfix [000.189] We are allowed to connect [000.189] --> EHLO www6.CheckTLS.com [000.278] <-- 250-filter.domain...
by jamerson
05 May 2018 14:11
Forum: Discussion
Topic: Fail2ban
Replies: 23
Views: 32204

Re: Fail2ban

hi jamerson, That's the problem. I don't know what it shows until I see it. If I knew what you considered an attack from the log files, then we could come up with a fail2ban rule to help protect you. Basically, you would need to browse back in time to when your last attack was happening, then look ...
by jamerson
03 May 2018 22:22
Forum: Discussion
Topic: Fail2ban
Replies: 23
Views: 32204

Re: Fail2ban

Hi Paul,
what does the log shows exactly ? so i won't have to read a 1000 line :)

Thank you
by jamerson
03 May 2018 10:09
Forum: Discussion
Topic: Fail2ban
Replies: 23
Views: 32204

Re: Fail2ban

i've got Paul. mine seems clean after the IDS. SSL ERROR LOG [Mon Apr 30 18:53:38 2018] [error] [client 142.0.36.250] File does not exist: /var/www/html/000000000000.cfg [Mon Apr 30 18:53:38 2018] [error] [client 142.0.36.250] File does not exist: /var/www/html/polycom [Mon Apr 30 18:53:38 2018] [er...
by jamerson
02 May 2018 21:37
Forum: Discussion
Topic: Postfix Stalling
Replies: 8
Views: 5874

Re: Postfix Stalling

was it just one request that was causing the postfix hang, or several in quick succession? I ask, because until there is a fix, it could happen again from another ip at any time. If it takes more than one request, then fail2ban may protect you next time. If not, well crap. It was just one request. ...
by jamerson
02 May 2018 21:23
Forum: How-to
Topic: How to enable port 587 and TLS for sending and receiving emails
Replies: 11
Views: 21176

Re: How to enable port 587 and TLS for sending and receiving emails

I know this a old post but has been configured on the latest version of today ?
the version is 3.0.2.6
enabling the tls won't cause emails to be rejected or not deleverd for some mail servers ?
by jamerson
02 May 2018 14:23
Forum: Discussion
Topic: Outgoing Mail
Replies: 10
Views: 12613

Re: Outgoing Mail

You can add the IP of your mail server(s) to the list of servers allowed to relay email through EFA. That's done through the options on SSH, under Mail Settings, then Outbound Mail Relay, then specify the list of IPs or IP/mask, separated by spaces. Note that when you go to edit this line you'll ne...