Mailscanner doesnt scan.

Mon Nov 24 18:18:20 GMT 2008

2008/11/24 michael <michael at osund.com>:
> Hi!
> Like the topic says mailscanner or spamassassin doesnt scan or check my
> incoming or outgoing emails.
> I have Mailscanner spamassassin and clamav installed, and my configuration
> for postfix / mailscanner and some output from my /var/log/mail are
> attached below.
>
> /etc/postfix/main.cf
>
> readme_directory = /usr/share/doc/packages/postfix/README_FILES
> inet_protocols = all
> biff = no
> mail_spool_directory = /var/mail
> canonical_maps = hash:/etc/postfix/canonical
> virtual_alias_maps = hash:/etc/postfix/virtual
> virtual_alias_domains = hash:/etc/postfix/virtual
> relocated_maps = hash:/etc/postfix/relocated
> transport_maps = hash:/etc/postfix/transport
> sender_canonical_maps = hash:/etc/postfix/sender_canonical
> masquerade_exceptions = root
> masquerade_classes = envelope_sender, header_sender, header_recipient
> myhostname = osund.com
> program_directory = /usr/lib/postfix
> inet_interfaces = all
> masquerade_domains =
> mydestination = $myhostname, localhost.$mydomain
> defer_transports =
> mynetworks_style = subnet
> disable_dns_lookups = no
> relayhost = ****************
> mailbox_command =
> mailbox_transport =
> strict_8bitmime = no
> disable_mime_output_conversion = no
> smtpd_sender_restrictions = hash:/etc/postfix/access
> smtpd_client_restrictions =
> smtpd_helo_required = no
> smtpd_helo_restrictions =
> strict_rfc821_envelopes = no
> smtpd_recipient_restrictions =
> permit_sasl_authenticated,permit_mynetworks,check_relay_domains
> smtp_sasl_auth_enable = no
> smtpd_sasl_auth_enable = yes
> smtpd_use_tls = yes
> smtp_use_tls = yes
> alias_maps = hash:/etc/aliases
> mailbox_size_limit = 0
> message_size_limit = 10240000
> mydomain = osund.com
> mynetworks = 127.0.0.0/8 , 13.37.0.0/24
> smtpd_sasl_local_domain =
> smtpd_sasl_security_options = noanonymous
> broken_sasl_auth_clients = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_tls_auth_only = no
> smtp_tls_note_starttls_offer = yes
> smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
> smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
> smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_tls_session_cache_timeout = 3600s
> tls_random_source = dev:/dev/urandom
> home_mailbox = Maildir/
> header_checks = regexp:/etc/postfix/header_checks
>
> /etc/MailScanner/MailScanner.conf
> # ONLY SHOWING ACTIVE LINES THAT HAVE SOMETHING TODO WITH SCANNING
>
> %etc-dir% = /etc/MailScanner
> %report-dir% = /etc/MailScanner/reports/en
> Run As User = postfix
> Run As Group = postfix
> Max Children = 5
> Queue Scan Interval = 6
> Incoming Queue Dir = /var/spool/MailScanner/hold
> Outgoing Queue Dir = /var/spool/MailScanner/incoming
> Incoming Work Dir = /var/spool/MailScanner/incoming
> Quarantine Dir = /var/spool/MailScanner/quarantine
> MTA = postfix
> Scan Messages = yes
> Virus Scanning = yes
> Virus Scanners = clamav
> Use SpamAssassin = yes
> Log Spam = yes
>
> Of course theres alot of other options, please tell me if you want to know
> a value of another option.
>
> The /var/log/mail says this when a mail is being received.
>
> Nov 17 15:30:18 gateway postfix/smtpd[2597]: connect from
> *************.***[***.***.***.***]
> Nov 17 15:30:18 gateway MailScanner[2596]: MailScanner E-Mail Virus Scanner
> version 4.72.5 starting...
> Nov 17 15:30:20 gateway postfix/smtpd[2597]: warning: support for
> restriction "check_relay_domains" will be removed from Postfix; use
> "reject_unauth_destination" instead
> Nov 17 15:30:20 gateway postfix/smtpd[2597]: D7D0623970:
> client=***********.***[***.***.***.***]
> Nov 17 15:30:21 gateway postfix/cleanup[2617]: D7D0623970: hold: header
> Received: from **********.*** (******.**** [***.***.***.***])??by *****.***
> (Postfix) with ESMTP id D7D0623970??for <*****@*******.***>; Mon, 17 Nov
> 2008 15:30:19 +0100 (CET) from *********.***[***.***.***.***];
> from=<sundlunchbox at gmail.com> to=<****@******.***> proto=ESMTP
> helo=<wa-out-1112.google.com>
> Nov 17 15:30:21 gateway postfix/cleanup[2617]: D7D0623970:
> message-id=<707c30aa0811170635x587645ddn1077ecfa2d08fc36 at mail.****.com>
>
> The messages are being correctly recieved and sent in both directions, but
> not scanned at all, i also dont get the "Scanned by MailScanner watermark
> in my sent Emails".
>
> I also see thees lines repeat along with the ClamAv update notice (ClamAv
> allready the latest database version bla bla bla)
>
> Nov 19 16:19:33 gateway MailScanner[3634]: MailScanner E-Mail Virus Scanner
> version 4.72.5 starting...
> Nov 19 16:19:35 gateway MailScanner[3634]: Read 848 hostnames from the
> phishing whitelist
> Nov 19 16:19:37 gateway MailScanner[3633]: Using SpamAssassin results cache
>
> Nov 19 16:19:37 gateway MailScanner[3633]: Connected to SpamAssassin cache
> database
> Nov 19 16:19:37 gateway MailScanner[3633]: Enabling SpamAssassin
> auto-whitelist functionality...
> Nov 19 16:19:39 gateway MailScanner[3634]: Read 7320 hostnames from the
> phishing blacklist
> Nov 19 16:19:39 gateway MailScanner[3634]: SpamAssassin temporary working
> directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp
>
> Ive searched the internet for MailScanner configurations and i think i have
> a correct configuration, any pointers and help at all would be awsome!
>
> /Reagards
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
Michael

well looking at the postfix mailscanner how-to..

http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:postfix:installation

in MailScanner.conf the "Incoming" and "Outgoing" queues are
wrong...but that doesn't explain why the mail's being delivered.

I presume you've created the /etc/postfix/header_checks file correctly?

-- 
Martin Hepworth
Oxford, UK