Search found 1553 matches

by pdwalker
13 Oct 2016 08:56
Forum: How-to
Topic: Help with Custom SpamAssassin Module
Replies: 23
Views: 16812

Re: Help with Custom SpamAssassin Module

better yet, email it to me if you can and let's see if my system catches it. I'll send you a pm with my email address
by pdwalker
13 Oct 2016 08:55
Forum: How-to
Topic: Help with Custom SpamAssassin Module
Replies: 23
Views: 16812

Re: Help with Custom SpamAssassin Module

email yourself a word document with an enabled macro and see if that is caught.
by pdwalker
13 Oct 2016 08:54
Forum: How-to
Topic: EFA to only block .doc macros?
Replies: 5
Views: 5460

Re: EFA to only block .doc macros?

Did someone invoke my name? ClamAV will block 100% of macro enabled word documents. So if you're happy doing that then set OLE2BlockMacros yes The plugin mentioned in https://forum.efa-project.org/viewtopic.php?t=1547 will catch some, but not all macro enabled word documents. So don't assume it work...
by pdwalker
11 Oct 2016 19:57
Forum: How-to
Topic: how to reject domain not equal to sender address
Replies: 7
Views: 5970

Re: how to reject domain not equal to sender address

Thank you for that. I use ~all instead of -all because sometimes sites send email for their domains from other servers. For non spf matches, I just increase the spam score and I rely on the Bayesian filtering to reduce the spam score in the cases where the Mail is coming no fry a non spf authorized ...
by pdwalker
11 Oct 2016 03:23
Forum: How-to
Topic: how to reject domain not equal to sender address
Replies: 7
Views: 5970

Re: how to reject domain not equal to sender address

Can you tell me what you did?
by pdwalker
07 Oct 2016 07:28
Forum: How-to
Topic: how to reject domain not equal to sender address
Replies: 7
Views: 5970

Re: how to reject domain not equal to sender address

I understand what you are trying to do now, and I recommend you not do this. The biggest problem is, how do you know which servers are allowed to send mail for your domain or not? For example, CompanyX might use google mail for hosting their mail. Their domain will be "companyx.com" but th...
by pdwalker
06 Oct 2016 09:13
Forum: How-to
Topic: uc plugin
Replies: 3
Views: 2445

Re: uc plugin

Oh my. Another plugin from Nicola to test and implement.

Thanks Nicola!
by pdwalker
06 Oct 2016 09:12
Forum: How-to
Topic: how to reject domain not equal to sender address
Replies: 7
Views: 5970

Re: how to reject domain not equal to sender address

Sorry, I don't fully understand what you are trying to do.

Can you explain what conditions you want to accept or reject the mail?
by pdwalker
06 Oct 2016 09:09
Forum: Discussion
Topic: EFA deliver to multiple servers?
Replies: 1
Views: 1899

Re: EFA deliver to multiple servers?

Sure. One obvious way is to take advantage of DNS round robin. E.g. efa, accepts mail for example.com. In my mail transport settings, I have 3 hosts that will accept the mail for example.com and do the right thing. So in my dns, I might do the following: 10.10.1.1 A mail.example.com 10.10.1.2 A mail...
by pdwalker
01 Oct 2016 06:29
Forum: Discussion
Topic: Do EFA queue your mail (Backup) if target hsot is down ?
Replies: 2
Views: 2383

Re: Do EFA queue your mail (Backup) if target hsot is down ?

Short answer: yes. Long answer: that's a function of the mailer, in this case, postfix. If postfix is unable to deliver, it will retry at increasingly longer intervals until the maximum time is reached and then deliver a NDR to the sender. What are the exact postfix settings? Not sure, I'll need to ...
by pdwalker
30 Sep 2016 06:38
Forum: How-to
Topic: Client host rejected"
Replies: 2
Views: 3713

Re: Client host rejected"

googling that smtp error code leads me to this http://www.techieshelp.com/450-4-7-1-client-host-rejected-cannot-find-your-hostname/ short answer, the receiving mail server is doing a reverse ip lookup and is either not finding a match or it is finding a mismatch. while i understand why people do tha...
by pdwalker
29 Sep 2016 12:30
Forum: Feature Requests
Topic: Add adminer to the toolset?
Replies: 3
Views: 4036

Re: Add adminer to the toolset?

Even without saved php credentials, having that kind of tool accessible via the web interface leaves you subject to the bugs in the software, which could give access to the server is a bug is found. Once access is had, the rest opens up really quickly If you've ever had the chance to watch a good cr...
by pdwalker
29 Sep 2016 05:30
Forum: 3.x Bugs
Topic: Not accepting incoming Mail
Replies: 3
Views: 3098

Re: Not accepting incoming Mail

Also, it would be good to let us know what setting was causing the problem when you find the problem
by pdwalker
29 Sep 2016 05:26
Forum: Feature Requests
Topic: Add adminer to the toolset?
Replies: 3
Views: 4036

Re: Add adminer to the toolset?

I would actually recommend against it. phpmyadmin/adminer actually presents a large security hole if it ever becomes accessible to the outside world. Instead, I prefer to make a tunnelled ssh connection for mysql to the database and then use a tool like mysqlworkbench to check my database. This is m...
by pdwalker
28 Sep 2016 08:29
Forum: 3.x Bugs
Topic: Clam errors in EFA 3.0.1.5
Replies: 4
Views: 4164

Re: Clam errors in EFA 3.0.1.5

oh, good. it's not just me then.
by pdwalker
28 Sep 2016 06:00
Forum: How-to
Topic: How to Integrate Transport Settings (Mail Domain) to MySQL
Replies: 8
Views: 5376

Re: How to Integrate Transport Settings (Mail Domain) to MySQL

'But honestly it doesnt make much sense to convert the flat file into SQL insert / update statements - it should be rather that EFA is able to read the mysql DB for transport settings. Actually the reason why I want to accomplish this is so that the postfix transport settings can be centralized to ...
by pdwalker
21 Sep 2016 10:30
Forum: How-to
Topic: Show mails blocked by greylisting in mail list
Replies: 1
Views: 1724

Re: Show mails blocked by greylisting in mail list

Interesting question. Looking through my logs (mature server, greylisting databases already populated), I cannot find any recent entries showing greylisted connection attempts. Either the servers sending me mail are already known to me, or the spamming servers are getting stopped by postfix even bef...
by pdwalker
19 Sep 2016 03:39
Forum: How-to
Topic: Exeptions for files
Replies: 4
Views: 3689

Re: Exeptions for files

akl, When you are dealing with someone with Atomic Grade Stupidity, the best thing to do is to let them hang themselves. a) get it in writing from him that he understands the risks of accepting macros and that he will be fully responsible for the damage caused if said macros contain a virus infectio...
by pdwalker
15 Sep 2016 18:25
Forum: How-to
Topic: Exeptions for files
Replies: 4
Views: 3689

Re: Exeptions for files

Sorry for the delay. I understand your pain with macros. Frankly, there is no reason to accept macro enabled documents in the vast majority of the cases. I had a case with a client 2 years ago where a macro enabled document lead to a chain of events that ended up with some kind of bitlocker ransomwa...
by pdwalker
15 Sep 2016 13:27
Forum: How-to
Topic: Exeptions for files
Replies: 4
Views: 3689

Re: Exeptions for files

I have an answer to this. Once I get to my computer, I can answer it for you.
by pdwalker
14 Sep 2016 09:38
Forum: 3.x Bugs
Topic: DKIM problem
Replies: 7
Views: 5217

Re: DKIM problem

Nicola and I have tracked down the problem. under /etc/MailScanner/MailScanner.conf he had: Non Spam Actions = <blah blah> custom(nonspam) and I did not. It appears that the custom(nonspam) action modifies the message body after the dkim signing which will then cause a dkim verification failure. The...
by pdwalker
13 Sep 2016 13:52
Forum: How-to
Topic: Infected files slipping through
Replies: 17
Views: 8184

Re: Infected files slipping through

@pdwalker: you could use /etc/clamd.conf and set OLE2BlockMacros yes the description is a bit misleading, at first I assumed one could use this to add a header: Heuristics.OLE2.ContainsMacros without blocking but that doesn't seem to work that way. I use this: https://github.com/JonathanThorpe/spam...
by pdwalker
13 Sep 2016 13:40
Forum: How-to
Topic: Infected files slipping through
Replies: 17
Views: 8184

Re: Infected files slipping through

I ran freshclam, and now it is detected.
by pdwalker
13 Sep 2016 13:10
Forum: How-to
Topic: Infected files slipping through
Replies: 17
Views: 8184

Re: Infected files slipping through

how are you checking for macros?
by pdwalker
13 Sep 2016 13:00
Forum: How-to
Topic: Infected files slipping through
Replies: 17
Views: 8184

Re: Infected files slipping through

Frankly, I'd like efa to just immediately quarantine any macro enabled office document. However, it seems that is quite a difficult thing to accomplish.

Thanks Microsoft!