MailScanner on freebsd
BB
brent.bolin at GMAIL.COM
Mon Nov 21 16:26:02 GMT 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Don't care about private discussions. The list exiled me when I called
someone a "Dipswitch".
Pretty harsh words ya think ?
Do you show this?
# ps auxwww|grep sendmail
root 36220 0.0 0.3 3500 2640 ?? Ss 9:59AM 0:00.03 sendmail:
accepting connections (sendmail)
root 36223 0.0 0.3 3500 2624 ?? Is 9:59AM 0:00.00 sendmail:
Queue runner at 00:15:00 for /var/spool/mqueue (sendmail)
smmsp 36227 0.0 0.2 3368 2520 ?? Is 9:59AM 0:00.00 sendmail:
Queue runner at 00:15:00 for /var/spool/clientmqueue (sendmail)
root 36419 0.0 0.1 1448 848 p0 S+ 10:16AM 0:00.00 grep
sendmail
Sounds to me like your sendmail submit isn't running.
Also attaching a valid submit.cf file
Make sure your using both the sendmail.cf and submit files I'm sending
you.
On 11/21/05, Marc Dufresne <Marc.Dufresne at parks.on.ca> wrote:
My apologies for the private discussions. Didn't realize I
posted to the
forum.
Sendmail is running on port 25. Sendmail is acting as a Relay
for my
domain. I have no problem sending/receiving internet e-mail.
The two
problems I am having are:
1- MailScanner doesn't seem to be scanning inbound mail.
2- local mail sent to root and postmaster is not being
delivered. The
/var/spool/clientmqueue is backing up with e-mails sent to
root and
postmaster.
Here's what /var/spool/maillog is saying
mail sm-msp-queue[1655]: i24AKJeL005105: to=postmaster,
delay=10:33:28,
xdelay=00:00:00, mailer=relay, pri=1023910,
relay=[numericlinkwarning 127.0.0.1],
dsn=4.0.0, stat=Deferred: Connection refused by
[numericlinkwarning 127.0.0.1]
I issued the command sendmail -v root </dev/null. This is the
error I'm
receiving.
root....connecting to [ numericlinkwarning 127.0.0.1] via
relay
root....Deferred: Connection refused by [numericlinkwarning
127.0.0.1]
I have modified my /etc/mail/access to reflect
numericlinkwarning 127.0.0.1 RELAY
localhost.localdomain RELAY
localhost RELAY
Issued a makemap hash /etc/mail/access.db < /etc/mail/access.
Restarted
sendmail and still receive the Connection Refused error.
Any ideas?
I want to fix problem 2 first, eliminating the connection
refused
errors. Then I want to move onto the MailScanner problem.
Marc Dufresne, Corporate IT Officer
St. Lawrence Parks Commission
13740 County Road 2
Morrisburg, ON K0C 1X0
E-mail: Marc.Dufresne at parks.on.ca
Voice: 613-543-3704 Ext#2455
Fax: 613-543-2847
Corporate website: www.parks.on.ca
>>> ugob at CAMO-ROUTE.COM 11/21/2005 9:17 AM >>>
Marc Dufresne wrote:
> Couldn't download any of your sample files. None of the
links to
your
> files work.
Looking a the links, I'm not surprised.
The way you are quoting is making it very hard to
follow. Please avoid
having private discussions while using a public mailing list
and don't
top-post.
>
> From the command line, if I issue sendmail -v root
</dev/null
> I receive this error,
>
> root....connecting to [numericlinkwarning 127.0.0.1] via
relay
> root....Deferred: Connection refused by [numericlinkwarning
127.0.0.1]
Is sendmail running?
On what port/IP is it running on?
>
> What files do I need to modify under /etc/mail?
>
Are you familiar with Sendmail or other MTAs?
Regards,
Ugo
>
> Marc Dufresne, Corporate IT Officer
> St. Lawrence Parks Commission
> 13740 County Road 2
> Morrisburg, ON K0C 1X0
>
> E-mail: Marc.Dufresne at parks.on.ca
> Voice: 613-543-3704 Ext#2455
> Fax: 613-543-2847
> Corporate website: www.parks.on.ca
>
>>>> BB <brent.bolin at gmail.com> 11/20/2005 9:38 PM >>>
> Marc,
>
> I have attached working sendmail.mc <http://sendmail.mc>
and
> sendmail.cf<http://sendmail.cf>files along with
/etc/rc.conf
startup.
> There are a number of things in the
> rc.conf that you don't need just use the sendmail portion
for
examples.
> BTW
> /etc/defaults/rc.conf show examples and are used if
/etc/rc.conf
does
> not
> exist. /etc/rc.conf will override /etc/defaults/rc.conf.
>
> The first thing is to get a working copy of sendmail
running. Make
> your
> edits to /etc/rc.conf with the examples sent.
>
> Copy sendmail.cf <http://sendmail.cf> /etc/mail
>
> Verify no sendmail processes are running and if they are
kill the
pid
> of
> them. Verify again they are gone.
>
> Run "sh /etc/rc.sendmail start" . No quotes. This should
start
> sendmail.
> Send your self a test message from the MTA level -
>
> sendmail -v root </dev/null Enter(the enter key)
>
> This should send a test mesage to root with no subject and
undisclosed
> recipients. Thats fine all we want to know is if sendmail
is
running.
> Its
> also a good test to check the header files.
>
> If its working thats great, move on to MailScanner. I've
included a
> working
> copy of a mailscanner.conf file. There are some things
configured
that
> you
> might not be using, but all the directores are in place and
are set
to
> defaults.
>
> Virus scanners set to none if not using (I'm using three)
> Spamassassin set to no if not using (I'm using 3.1.0_3)
> Uncomment the whitlist and blacklist file rules, I'm using
> SQLblacklist/whitelists
>
> I've included another file called directories.needed. Just
run, it
> will
> create them if they don't exist
>
> This should be enough to get you going. Remember you need
to get
> sendmail
> running first. I didn't or never have used the Makefile
included
with
> the
> distribution. I use the m4 macro on the configuration file
*.mc or
just
> use
> webmin. Its in the ports or can be downloaded from
> webmin.com<http://webmin.com>
> .
>
> It does not make sense to me why sendmail is running if it
is marked
> to
> "NONE". If that dosen't do it mark the first instance with
NONE and
all
> the
> others with NO
>
> BTW: There is also a nice webmin modual for MailScanner.
Once setup
> things
> don't change much other then whitelists/blacklists. The
latest
version
> of
> mailwatch can do this hence
>
> Is Definitely Not Spam = &SQLWhitelist
> Is Definitely Spam = &SQLBlacklist
>
>
> Hang on for the ride...
>
>
>
> On 11/20/05, Marc Dufresne <Marc.Dufresne at parks.on.ca >
wrote:
>> I am going to explain my understanding of the MailScanner
setup.
> Please
>> reveiw and let me know if I'm understanding this
correctly?
>>
>> When MailScanner.conf is configured, the following
parameters
should
> be
>> set if I'm using sendmail on FreeBSD 5.4:
>>
>> #MTA used for the Gateway
>> MTA=sendmail
>>
>> #Set how to invoke MTA when sending messages MailScanner
has
created
>> (e.g. to sender/recipient saying "found a virus in your
message").
> This
>> can also be the filename of a ruleset.
>> sendmail=/usr/sbin/sendmail
>>
>> #Incoming mail queue directory for Sendmail
>> Incoming Queue Directory=/var/spool/mqueue
>>
>> #Outgoing mail queue directory for Sendmail
>> Outgoing Queue Directory=/var/spool/mqueue
>>
>> #Incoming Queue Directory for MailScanner
>> /var/spool/MailScanner/incoming
>>
>> #Quarantine Directory for MailScanner
>> /var/spool/MailScanner/quaratine
>>
>> System Startup should be as follows:
>>
>> 1) #Disable sendmail from loading at system startup
>> modify /etc/rc.conf to disable sendmail load
>>
>>
>
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mail-changingmta.html
>
>>
>> Section numericlinkwarning 23.4.2.3 <numericlinkwarning
http://23.4.2.3> FreeBSD 5.0-STABLE and Later
>>
>> /etc/rc.conf
>>
>> sendmail_enable="NO"
>> sendmail_submit_enable="NO"
>> sendmail_outbound_enable="NO"
>> sendmail_msp_queue_enable="NO"
>>
>> 2) #Load MailScanner at system startup.
>> #Make sure mailscanner.sh file is located under
/usr/local/etc/rc.d
>> in order to load MailScannner process at startup.
Mailscanner.sh
> should
>> invoke sendmail and mailscanner process to start
scanning/delivering
>> mail.
>>
>> /usr/local/etc/rc.d/mailscanner.sh
>> _________________________________
>>
>> First Problem
>>
>> I cannot disable sendmail on bootup on FreeBSD 5.4!!!! I
tried
>> everything. Sendmail still loads at startup???????
>>
>> Second Problem
>>
>> Once system is completly loaded and sitting at the login
prompt, I
>> receive an error
>> NOQUEUE:SYSERROR(root):opendaemon socket:daeomon
IPv4:cannot bind
>> address already in use
>>
>> I login, and run ps -ax (This is what I see)
>>
>> 375 ?? Ss 0:00.07 sendmail: accepting connections
(sendmail)
>> 379 ?? Is 0:00.00 sendmail: Queue runner at 00:30:00 for
>> /var/spool/client
>>
>> 426 ?? Is 0:00.01 sendmail: Queue runner at 00:15:00 for
>> /var/spool/mqueue
>> 430 ?? Is 0:00.01 sendmail: Queue runner at 00:15:00 for
>> /var/spool/client
>>
>> 613 ?? Ss 0:00.02 /usr/bin/perl
-I/usr/local/lib/MailScanner
>> /usr/local 614 ?? S 0: 02.33 /usr/bin/perl
>> -I/usr/local/lib/MailScanner /usr/local
>> 627 ?? S 0:02.19 /usr/bin/perl
-I/usr/local/lib/MailScanner
>> /usr/local
>> 630 ?? S 0:02.15 /usr/bin/perl
-I/usr/local/lib/MailScanner
>> /usr/local
>> 635 ?? S 0:02.17 /usr/bin/perl
-I/usr/local/lib/MailScanner
>> /usr/local
>> 636 ?? S 0:00.11 /usr/bin/perl
-I/usr/local/lib/MailScanner
>> /usr/local
>>
>> Third Problem
>>
>> I run tail -f /var/log/maillog
>>
>> I will send test e-mails from the outside and watch
sendmail
receive
>> and process incoming mail. Everyone receives e-mails from
the
> outside,
>> but mailscanner does not scan any messages.
>>
>> I will issue a mailq to view /var/spool/mqueue directory.
Directory
> is
>> always empty.
>>
>> I'm completely stumped here as to why Sendmail refuses to
disable
at
>> startup and MailScanner refuses to scan e-mail
messages!!!!!
>>
>> Any ideas????
>>
>>
>> Marc Dufresne, Corporate IT Officer
>> St. Lawrence Parks Commission
>> 13740 County Road 2
>> Morrisburg, ON K0C 1X0
>>
>> E-mail: Marc.Dufresne at parks.on.ca
>> Voice: 613-543-3704 Ext#2455
>> Fax: 613-543-2847
>> Corporate website: www.parks.on.ca
<http://www.parks.on.ca>
>>
>>>>> BB < brent.bolin at gmail.com> 11/19/2005 12:38 AM >>>
>> Don't know if they ever got the list fixed for my replies,
so I'm
> doing
>> it
>> direct and through the list.
>>
>> Change /etc/rc.conf or /etc/defaults/rc.conf
>> sendmail_enable=NONE
>>
>> Verify mailscanner is starting up with
> /usr/local/etc/rc.d/mailscanner
>> .sh
>>
>> Think you need to manually create some of the directores.
Verify
>> MailScanner.conf for directories.
>>
>> tail -f /var/log/maillog will show you the details
>>
>> The only reason to rebuild sendmail.cf
<http://sendmail.cf>
> <http://sendmail.cf/
>>> is to
>> remove
>> IPv6 stuff. I would use m4 macro for that. Webmin would be
a good
>> choice to
>> use.
>>
>> # SMTP daemon options
>>
>> O DaemonPortOptions=Name=IPv4, Family=inet
>> O DaemonPortOptions=Name=IPv6, Family=inet6, Modifiers=O
>> O DaemonPortOptions=Port=587, Name=MSA, M=E
>>
>>
>> --
>> ACK and you shall receive
>>
>>
>>
>
>
> --
> ACK and you shall receive
>
> ------------------------ MailScanner list
------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the
words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki
(http://wiki.mailscanner.info/) and
> the archives
(http://www.jiscmail.ac.uk/lists/mailscanner.html ).
>
> Support MailScanner development - buy the book off the
website!
>
>
>
------------------------------------------------------------------------
>
> BEGIN:VCARD
> VERSION: 2.1
> X-GWTYPE:USER
> FN:Marc Dufresne
> TEL;WORK:613-543-3704
> ORG:;Information Technology
> TEL;PREF;FAX:613-543-2847
> EMAIL;WORK;PREF;NGW: Marc.Dufresne at parks.on.ca
> N:Dufresne;Marc
> TITLE:Corporate IT Officer
> END:VCARD
>
--
Ugo
-> Please don't send a copy of your reply by e-mail. I read
the list.
-> Please avoid top-posting, long signatures and HTML, and
cut the
irrelevant parts in your replies.
------------------------ MailScanner list
------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/)
and
the archives (
http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the
website!
------------------------ MailScanner list
------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/
) and
the archives
(http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the
website!
--
ACK and you shall receive
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/)
and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
[ Part 2, Application/OCTET-STREAM (Name: "sendmail.cf") 80KB. ]
[ Unable to print this part. ]
[ Part 3, Application/OCTET-STREAM (Name: "submit.cf") 53KB. ]
[ Unable to print this part. ]
More information about the MailScanner
mailing list