MailScanner on freebsd
Marc Dufresne
Marc.Dufresne at PARKS.ON.CA
Mon Nov 21 15:57:27 GMT 2005
My apologies for the private discussions. Didn't realize I posted to the
forum.
Sendmail is running on port 25. Sendmail is acting as a Relay for my
domain. I have no problem sending/receiving internet e-mail. The two
problems I am having are:
1- MailScanner doesn't seem to be scanning inbound mail.
2- local mail sent to root and postmaster is not being delivered. The
/var/spool/clientmqueue is backing up with e-mails sent to root and
postmaster.
Here's what /var/spool/maillog is saying
mail sm-msp-queue[1655]: i24AKJeL005105: to=postmaster,
delay=10:33:28,
xdelay=00:00:00, mailer=relay, pri=1023910, relay=[127.0.0.1],
dsn=4.0.0, stat=Deferred: Connection refused by [127.0.0.1]
I issued the command sendmail -v root </dev/null. This is the error I'm
receiving.
root....connecting to [127.0.0.1] via relay
root....Deferred: Connection refused by [127.0.0.1]
I have modified my /etc/mail/access to reflect
127.0.0.1 RELAY
localhost.localdomain RELAY
localhost RELAY
Issued a makemap hash /etc/mail/access.db < /etc/mail/access. Restarted
sendmail and still receive the Connection Refused error.
Any ideas?
I want to fix problem 2 first, eliminating the connection refused
errors. Then I want to move onto the MailScanner problem.
Marc Dufresne, Corporate IT Officer
St. Lawrence Parks Commission
13740 County Road 2
Morrisburg, ON K0C 1X0
E-mail: Marc.Dufresne at parks.on.ca
Voice: 613-543-3704 Ext#2455
Fax: 613-543-2847
Corporate website: www.parks.on.ca
>>> ugob at CAMO-ROUTE.COM 11/21/2005 9:17 AM >>>
Marc Dufresne wrote:
> Couldn't download any of your sample files. None of the links to
your
> files work.
Looking a the links, I'm not surprised.
The way you are quoting is making it very hard to follow. Please avoid
having private discussions while using a public mailing list and don't
top-post.
>
> From the command line, if I issue sendmail -v root </dev/null
> I receive this error,
>
> root....connecting to [127.0.0.1] via relay
> root....Deferred: Connection refused by [127.0.0.1]
Is sendmail running?
On what port/IP is it running on?
>
> What files do I need to modify under /etc/mail?
>
Are you familiar with Sendmail or other MTAs?
Regards,
Ugo
>
> Marc Dufresne, Corporate IT Officer
> St. Lawrence Parks Commission
> 13740 County Road 2
> Morrisburg, ON K0C 1X0
>
> E-mail: Marc.Dufresne at parks.on.ca
> Voice: 613-543-3704 Ext#2455
> Fax: 613-543-2847
> Corporate website: www.parks.on.ca
>
>>>> BB <brent.bolin at gmail.com> 11/20/2005 9:38 PM >>>
> Marc,
>
> I have attached working sendmail.mc <http://sendmail.mc> and
> sendmail.cf<http://sendmail.cf>files along with /etc/rc.conf
startup.
> There are a number of things in the
> rc.conf that you don't need just use the sendmail portion for
examples.
> BTW
> /etc/defaults/rc.conf show examples and are used if /etc/rc.conf
does
> not
> exist. /etc/rc.conf will override /etc/defaults/rc.conf.
>
> The first thing is to get a working copy of sendmail running. Make
> your
> edits to /etc/rc.conf with the examples sent.
>
> Copy sendmail.cf <http://sendmail.cf> /etc/mail
>
> Verify no sendmail processes are running and if they are kill the
pid
> of
> them. Verify again they are gone.
>
> Run "sh /etc/rc.sendmail start" . No quotes. This should start
> sendmail.
> Send your self a test message from the MTA level -
>
> sendmail -v root </dev/null Enter(the enter key)
>
> This should send a test mesage to root with no subject and
undisclosed
> recipients. Thats fine all we want to know is if sendmail is
running.
> Its
> also a good test to check the header files.
>
> If its working thats great, move on to MailScanner. I've included a
> working
> copy of a mailscanner.conf file. There are some things configured
that
> you
> might not be using, but all the directores are in place and are set
to
> defaults.
>
> Virus scanners set to none if not using (I'm using three)
> Spamassassin set to no if not using (I'm using 3.1.0_3)
> Uncomment the whitlist and blacklist file rules, I'm using
> SQLblacklist/whitelists
>
> I've included another file called directories.needed. Just run, it
> will
> create them if they don't exist
>
> This should be enough to get you going. Remember you need to get
> sendmail
> running first. I didn't or never have used the Makefile included
with
> the
> distribution. I use the m4 macro on the configuration file *.mc or
just
> use
> webmin. Its in the ports or can be downloaded from
> webmin.com<http://webmin.com>
> .
>
> It does not make sense to me why sendmail is running if it is marked
> to
> "NONE". If that dosen't do it mark the first instance with NONE and
all
> the
> others with NO
>
> BTW: There is also a nice webmin modual for MailScanner. Once setup
> things
> don't change much other then whitelists/blacklists. The latest
version
> of
> mailwatch can do this hence
>
> Is Definitely Not Spam = &SQLWhitelist
> Is Definitely Spam = &SQLBlacklist
>
>
> Hang on for the ride...
>
>
>
> On 11/20/05, Marc Dufresne <Marc.Dufresne at parks.on.ca > wrote:
>> I am going to explain my understanding of the MailScanner setup.
> Please
>> reveiw and let me know if I'm understanding this correctly?
>>
>> When MailScanner.conf is configured, the following parameters
should
> be
>> set if I'm using sendmail on FreeBSD 5.4:
>>
>> #MTA used for the Gateway
>> MTA=sendmail
>>
>> #Set how to invoke MTA when sending messages MailScanner has
created
>> (e.g. to sender/recipient saying "found a virus in your message").
> This
>> can also be the filename of a ruleset.
>> sendmail=/usr/sbin/sendmail
>>
>> #Incoming mail queue directory for Sendmail
>> Incoming Queue Directory=/var/spool/mqueue
>>
>> #Outgoing mail queue directory for Sendmail
>> Outgoing Queue Directory=/var/spool/mqueue
>>
>> #Incoming Queue Directory for MailScanner
>> /var/spool/MailScanner/incoming
>>
>> #Quarantine Directory for MailScanner
>> /var/spool/MailScanner/quaratine
>>
>> System Startup should be as follows:
>>
>> 1) #Disable sendmail from loading at system startup
>> modify /etc/rc.conf to disable sendmail load
>>
>>
>
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mail-changingmta.html
>
>>
>> Section 23.4.2.3 <http://23.4.2.3> FreeBSD 5.0-STABLE and Later
>>
>> /etc/rc.conf
>>
>> sendmail_enable="NO"
>> sendmail_submit_enable="NO"
>> sendmail_outbound_enable="NO"
>> sendmail_msp_queue_enable="NO"
>>
>> 2) #Load MailScanner at system startup.
>> #Make sure mailscanner.sh file is located under /usr/local/etc/rc.d
>> in order to load MailScannner process at startup. Mailscanner.sh
> should
>> invoke sendmail and mailscanner process to start
scanning/delivering
>> mail.
>>
>> /usr/local/etc/rc.d/mailscanner.sh
>> _________________________________
>>
>> First Problem
>>
>> I cannot disable sendmail on bootup on FreeBSD 5.4!!!! I tried
>> everything. Sendmail still loads at startup???????
>>
>> Second Problem
>>
>> Once system is completly loaded and sitting at the login prompt, I
>> receive an error
>> NOQUEUE:SYSERROR(root):opendaemon socket:daeomon IPv4:cannot bind
>> address already in use
>>
>> I login, and run ps -ax (This is what I see)
>>
>> 375 ?? Ss 0:00.07 sendmail: accepting connections (sendmail)
>> 379 ?? Is 0:00.00 sendmail: Queue runner at 00:30:00 for
>> /var/spool/client
>>
>> 426 ?? Is 0:00.01 sendmail: Queue runner at 00:15:00 for
>> /var/spool/mqueue
>> 430 ?? Is 0:00.01 sendmail: Queue runner at 00:15:00 for
>> /var/spool/client
>>
>> 613 ?? Ss 0:00.02 /usr/bin/perl -I/usr/local/lib/MailScanner
>> /usr/local 614 ?? S 0:02.33 /usr/bin/perl
>> -I/usr/local/lib/MailScanner /usr/local
>> 627 ?? S 0:02.19 /usr/bin/perl -I/usr/local/lib/MailScanner
>> /usr/local
>> 630 ?? S 0:02.15 /usr/bin/perl -I/usr/local/lib/MailScanner
>> /usr/local
>> 635 ?? S 0:02.17 /usr/bin/perl -I/usr/local/lib/MailScanner
>> /usr/local
>> 636 ?? S 0:00.11 /usr/bin/perl -I/usr/local/lib/MailScanner
>> /usr/local
>>
>> Third Problem
>>
>> I run tail -f /var/log/maillog
>>
>> I will send test e-mails from the outside and watch sendmail
receive
>> and process incoming mail. Everyone receives e-mails from the
> outside,
>> but mailscanner does not scan any messages.
>>
>> I will issue a mailq to view /var/spool/mqueue directory. Directory
> is
>> always empty.
>>
>> I'm completely stumped here as to why Sendmail refuses to disable
at
>> startup and MailScanner refuses to scan e-mail messages!!!!!
>>
>> Any ideas????
>>
>>
>> Marc Dufresne, Corporate IT Officer
>> St. Lawrence Parks Commission
>> 13740 County Road 2
>> Morrisburg, ON K0C 1X0
>>
>> E-mail: Marc.Dufresne at parks.on.ca
>> Voice: 613-543-3704 Ext#2455
>> Fax: 613-543-2847
>> Corporate website: www.parks.on.ca <http://www.parks.on.ca>
>>
>>>>> BB <brent.bolin at gmail.com> 11/19/2005 12:38 AM >>>
>> Don't know if they ever got the list fixed for my replies, so I'm
> doing
>> it
>> direct and through the list.
>>
>> Change /etc/rc.conf or /etc/defaults/rc.conf
>> sendmail_enable=NONE
>>
>> Verify mailscanner is starting up with
> /usr/local/etc/rc.d/mailscanner
>> .sh
>>
>> Think you need to manually create some of the directores. Verify
>> MailScanner.conf for directories.
>>
>> tail -f /var/log/maillog will show you the details
>>
>> The only reason to rebuild sendmail.cf <http://sendmail.cf>
> <http://sendmail.cf/
>>> is to
>> remove
>> IPv6 stuff. I would use m4 macro for that. Webmin would be a good
>> choice to
>> use.
>>
>> # SMTP daemon options
>>
>> O DaemonPortOptions=Name=IPv4, Family=inet
>> O DaemonPortOptions=Name=IPv6, Family=inet6, Modifiers=O
>> O DaemonPortOptions=Port=587, Name=MSA, M=E
>>
>>
>> --
>> ACK and you shall receive
>>
>>
>>
>
>
> --
> ACK and you shall receive
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
>
>
------------------------------------------------------------------------
>
> BEGIN:VCARD
> VERSION:2.1
> X-GWTYPE:USER
> FN:Marc Dufresne
> TEL;WORK:613-543-3704
> ORG:;Information Technology
> TEL;PREF;FAX:613-543-2847
> EMAIL;WORK;PREF;NGW:Marc.Dufresne at parks.on.ca
> N:Dufresne;Marc
> TITLE:Corporate IT Officer
> END:VCARD
>
--
Ugo
-> Please don't send a copy of your reply by e-mail. I read the list.
-> Please avoid top-posting, long signatures and HTML, and cut the
irrelevant parts in your replies.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
[ Part 2, Text/PLAIN (Name: "Marc Dufresne.vcf") 20 lines. ]
[ Unable to print this part. ]
More information about the MailScanner
mailing list