efa-project.org

Hello Alexandeerbrix,

There is housekeeping on the audit log, so why clear it?

You can control the days to keep for your audit log in

Try: Tools AND Links-> Update SpamAssassin Rule Descriptions

In your example there is Bayes_00, giving the correct value.

In Tools AND LINKS there is also the Spamassassin Lint test. Run this and check the results

Did change it yesterday, and checked today. No errors seen. ( i did make a snapshot before that :shhh: ) There is a default Mysql script that will take care of all the changes: /usr/bin/mysql_secure_installation See https://www.tecmint.com/install-mariadb-in-centos-6/ Step 3 Nice feature: To be able...

Is there a valid reason why the hosts 127.0.0.1 and the ::1 for user root have no password assigned? The host: localhost and user: root use the password from /etc/EFA-Config : MYSQLROOTPWD:****************************************** MariaDB [mysql]> select Host,User,Password from user; +-----------+-...

The fast way is to restore the bayes db from a backup, but as I understand you do not have a backup from an previous(EFA) version. 1) sa-learn --backup > backup.txt 2) sa-learn --clear (this is optional , but good to do to clear out the old database) 3) Once you have backed up all databases you can ...

Try feed it (bayes) some spam. :idea: I couldn't find any settings regarding the bayes corpus in Efa, so it will be default settings. bayes_min_ham_num (Default: 200) bayes_min_spam_num (Default: 200) To be accurate, the Bayes system does not activate until a certain number of ham (non-spam) and spa...

Solved the issue, by reading the comments # EFA Note: CustomAction.pm will Sign Clean Messages instead using the custom(nonspam) action. in MailScanner.conf :oops: Sign Clean Messages = No did the trick. Read IP Address From Received Header = 2 ensures I have the correct IP in Received from Header: ...

[root@spammy log]# chkconfig --list spamassassin I'm using the latest E.F.A. version

MailScanner v1.2.3-dev running on EFA-3.0.2.3 I wanted to remove the Message Header, inserted by fetchmail, from the EFA box itself, since it always localhost. To clear things a bit, I must explain we use a 2 stage method to process mail. The efa box is using fetchmail to fetch all inbound -external...

Glad to see we are all human

To have a pretty good impression of a consultant typical workday : https://www.youtube.com/watch?v=BKorP55Aqvg

P.S. Anderson is an alias for Henk....

I guess I'm giving the 42 answer to often these days, so I should apologize... I assume ( I know not to use the word) you are using the latest EFA version and you log in with a user having the administrator user type? So if you add info@vlanmail.be and leave the rest of the fields empty , check Blac...

Dear curibe,

Just take some time and take a look at your question. The best possible answer on this would be 42.
I guess you should add some meaningful details or hope there are members that have divine powers.

Hi monsi, Helps a lot indeed :clap: before the change: https://eatspam.sinkhole.eu/mailscanner/viewmail.php?token=f595a4832fd0e0cbb8211933ede8f278aa17fbfe&id=A4CF9120245.ACCCD after the change: https://eatspam.sinkhole.eu/mailscanner/viewmail.php?token=f595a4832fd0e0cbb8211933ede8f278aa17fbf...

Hi Jokr, You could remove sender restrictions in /etc/postfix/main.cf #smtpd_sender_restrictions = permit_sasl_authenticated, check_sender_access hash:/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain smtpd_sender_restrictions = permit_sasl_authenticated, check_sender_...

Did update this morning to 3.0.2.2 (from 3.0.2.1), and timeouts are gone.
No errors whatsoever. Will check for errors tomorrow again.

I also used to modify -a lot- and was sure to remember the changes done. Found that I modified more than I could remember

Since EFA is still on Centos6, You can use package tmpwatch also to do some housekeeping on useless files. By default, tmpwatch dates files by their atime (access time) the /var/spool/MailScanner/incoming/SpamAssassin-Temp is perfect candidate for tmpwatch just add in /etc/cron.daily/tmpwatch at the...

Hi Blixem, Is it possible to stop munin-node and webmin? If you want to stop and disable Webmin / Munin To show enabled services: chkconfig --list or just webmin chkconfig --list |grep 'webmin' show the status /etc/init.d/webmin status stop the service /etc/init.d/webmin stop disable the service chk...

Noticed the same. It's Modsecurity :doh: Detects concatenated basic SQL injection and SQLLFI attempts There is quite a list that will have the same error: union|select|create|rename|truncate|load|alter|delete|update|insert|desc Try to add: @selectdsleeponlineinfo.top and you see the same error. Poss...

Could be wrong, but Housekeeping on dcc should be done by /etc/cron.daily/cron-dccd [root@sansspam cron.daily]# ls -l total 56 lrwxrwxrwx. 1 root root 26 May 25 2015 cron-dccd -> /var/dcc/libexec/cron-dccd Where in /var/dcc/dcc_conf # days to keep files in DCC log directories DBCLEAN_LOGDAYS=1 Since...

relink seems to solve it. -The file used in /usr/local/bin/msre_reload.sh is a copy of /usr/local/bin/mailwatch/tools/MailScanner_rule_editor see INSTALLATION INSTRUCTIONS- ls -la total 48 drwxr-xr-x. 2 root root 4096 Apr 12 16:31 . drwxr-xr-x. 101 root root 12288 Apr 12 12:40 .. -rw-r--r-- 1 root r...

Update from 3.0.1.9 to 3.0.2.0.->3.0.2.1 Before I start nagging about err messages ( just 1) I want to thank thr EFA team for the massive effort to keep our mail system free from spam :clap: I'm not sure to what to do with this err message in /var/log/cron. Shoud I copy the msre_reload.crond to the ...

I can confirm that Xymon running on centos7 with version to: 4.3.28-1.terabithia solved my issue. The ModSecurity works fine without the extra disable line in /etc/httpd/conf.d/mod_security.conf

Hi Brad, You could try to disable: [id "981173"] in /etc/httpd/conf.d/mod_security.conf SecTmpDir /var/lib/mod_security SecDataDir /var/lib/mod_security SecRuleRemoveById 960017 SecRuleRemoveById 950908 SecRuleRemoveById 981173 <================= disable [id "981173"] restart the...

My current xymon server running on ubuntu 14.04 : dpkg -l | grep xymon ii xymon 4.3.7-1ubuntu2 amd64 monitoring system for systems, networks and applications ii xymon-client 4.3.7-1ubuntu2 amd64 client for the Xymon network monitor In the xymon server hosts,cfg I've got the entry xx.xx.xx.xx efaserv...

Ok. It's quite a story, but did my best to add some useful comments ;) # Disabling symbolic-links is recommended to prevent assorted security risks; symbolic-links=0 #If the server is run with external locking enabled, you can use myisamchk at any time for read operations #such a checking tables. In...