Search found 33 matches
- 07 Oct 2015 20:45
- Forum: How-to
- Topic: SQLGrey - Greylisting Improvements with SPF\DNSWL
- Replies: 15
- Views: 11785
Re: SQLGrey - Greylisting Improvements with SPF\DNSWL
Thank you very much for your clarification. I had it configured correctly from the get-go, but ended up with poor results. Unfortunately, the spammers are using legitimate SPF records now. After enabling this, we were getting slammed with messages coming from spammers with valid SPF records for much...
- 07 Oct 2015 18:12
- Forum: How-to
- Topic: SQLGrey - Greylisting Improvements with SPF\DNSWL
- Replies: 15
- Views: 11785
Re: SQLGrey - Greylisting Improvements with SPF\DNSWL
Zohman, Thank you again for the very informative post, and for the attempted clarification. Unfortunately, I'm still confused. I understand 'comment out' to mean any line starting with # in this case. When I read the 'don't comment out this' I am confused, because it is already commented out in your...
- 07 Oct 2015 13:48
- Forum: How-to
- Topic: SQLGrey - Greylisting Improvements with SPF\DNSWL
- Replies: 15
- Views: 11785
Re: SQLGrey - Greylisting Improvements with SPF\DNSWL
This is excellent work - I've been wondering how to make EFA more pro-active to learning regular traffic! As I am implementing it, however, I am confused by the following from the initial instructions: #dnswl_reject_unauthorized = 1 Shortly following is a comment: but don't comment out dnswl_reject_...
- 15 Sep 2015 19:54
- Forum: 3.x Bugs
- Topic: (Malicious) Attachment Problems
- Replies: 5
- Views: 5043
Re: (Malicious) Attachment Problems
After further research, I found some changes to make: Edit: /etc/MailScanner/MailScanner.conf Change: Maximum Archive Depth From: 0 To: 2 This is now successfully causing the Zip attachment to be stripped from the email, and replaced with a warning. Works for me! I'm curious why this is set to 0 in ...
- 15 Sep 2015 15:40
- Forum: 3.x Bugs
- Topic: (Malicious) Attachment Problems
- Replies: 5
- Views: 5043
Re: (Malicious) Attachment Problems
That would be a fantastic idea, but I don't know how to go about doing that with EFA. I'll be honest and say I don't know nearly as much about this project as I ought, given it's immense flexibility!
Suggestions?
Thanks in advance!
Suggestions?
Thanks in advance!
- 14 Sep 2015 17:05
- Forum: 3.x Bugs
- Topic: (Malicious) Attachment Problems
- Replies: 5
- Views: 5043
(Malicious) Attachment Problems
Hello all! We've been using EFA for a few weeks, and while it has mostly eliminated the (massive) daily spam-dump campaigns that were hitting us, it has introduced another problem: We are being hit hard with malicious attachments which are 'only' downloaders for the actual content. They are mostly ....
- 14 Sep 2015 16:54
- Forum: Feature Requests
- Topic: Mailscanner double filename extension
- Replies: 9
- Views: 12020
Re: Mailscanner double filename extension
How about .js as well, if this double-extension includes looking inside of non-password zip attachments.
We're getting slammed with .zip files containing malicious .doc.js malware downloader files, but EFA is letting a good portion of them right through. Not sure what to do about this.
We're getting slammed with .zip files containing malicious .doc.js malware downloader files, but EFA is letting a good portion of them right through. Not sure what to do about this.
- 31 Aug 2015 19:43
- Forum: Introduction
- Topic: Initiate UDP Handshake - 'Hello!'
- Replies: 1
- Views: 2230
Initiate UDP Handshake - 'Hello!'
Greetings from near Pittsburgh, in South-Western Pennsylvania, USA! We are using the E.F.A. project as a (temporary?) replacement for our ailing old email security appliance. I like messing around with the various settings, but the more I read and work with, the more I realize there is to learn abou...