efa-project.org

Thank you very much for your clarification. I had it configured correctly from the get-go, but ended up with poor results. Unfortunately, the spammers are using legitimate SPF records now. After enabling this, we were getting slammed with messages coming from spammers with valid SPF records for much...

Zohman, Thank you again for the very informative post, and for the attempted clarification. Unfortunately, I'm still confused. I understand 'comment out' to mean any line starting with # in this case. When I read the 'don't comment out this' I am confused, because it is already commented out in your...

This is excellent work - I've been wondering how to make EFA more pro-active to learning regular traffic! As I am implementing it, however, I am confused by the following from the initial instructions: #dnswl_reject_unauthorized = 1 Shortly following is a comment: but don't comment out dnswl_reject_...

After further research, I found some changes to make: Edit: /etc/MailScanner/MailScanner.conf Change: Maximum Archive Depth From: 0 To: 2 This is now successfully causing the Zip attachment to be stripped from the email, and replaced with a warning. Works for me! I'm curious why this is set to 0 in ...

That would be a fantastic idea, but I don't know how to go about doing that with EFA. I'll be honest and say I don't know nearly as much about this project as I ought, given it's immense flexibility!

Suggestions?

Thanks in advance!

Hello all! We've been using EFA for a few weeks, and while it has mostly eliminated the (massive) daily spam-dump campaigns that were hitting us, it has introduced another problem: We are being hit hard with malicious attachments which are 'only' downloaders for the actual content. They are mostly ....

How about .js as well, if this double-extension includes looking inside of non-password zip attachments.

We're getting slammed with .zip files containing malicious .doc.js malware downloader files, but EFA is letting a good portion of them right through. Not sure what to do about this.

Greetings from near Pittsburgh, in South-Western Pennsylvania, USA! We are using the E.F.A. project as a (temporary?) replacement for our ailing old email security appliance. I like messing around with the various settings, but the more I read and work with, the more I realize there is to learn abou...