Mailscanner doesnt scan.

michael michael at osund.com
Mon Nov 24 20:17:21 GMT 2008 

On Mon, 24 Nov 2008 18:18:20 +0000, "Martin Hepworth" <maxsec at gmail.com>
wrote:
> 2008/11/24 michael <michael at osund.com>:
>> Hi!
>> Like the topic says mailscanner or spamassassin doesnt scan or check my
>> incoming or outgoing emails.
>> I have Mailscanner spamassassin and clamav installed, and my
>> configuration
>> for postfix / mailscanner and some output from my /var/log/mail are
>> attached below.
>>
>> /etc/postfix/main.cf
>>
>> readme_directory = /usr/share/doc/packages/postfix/README_FILES
>> inet_protocols = all
>> biff = no
>> mail_spool_directory = /var/mail
>> canonical_maps = hash:/etc/postfix/canonical
>> virtual_alias_maps = hash:/etc/postfix/virtual
>> virtual_alias_domains = hash:/etc/postfix/virtual
>> relocated_maps = hash:/etc/postfix/relocated
>> transport_maps = hash:/etc/postfix/transport
>> sender_canonical_maps = hash:/etc/postfix/sender_canonical
>> masquerade_exceptions = root
>> masquerade_classes = envelope_sender, header_sender, header_recipient
>> myhostname = osund.com
>> program_directory = /usr/lib/postfix
>> inet_interfaces = all
>> masquerade_domains =
>> mydestination = $myhostname, localhost.$mydomain
>> defer_transports =
>> mynetworks_style = subnet
>> disable_dns_lookups = no
>> relayhost = ****************
>> mailbox_command =
>> mailbox_transport =
>> strict_8bitmime = no
>> disable_mime_output_conversion = no
>> smtpd_sender_restrictions = hash:/etc/postfix/access
>> smtpd_client_restrictions =
>> smtpd_helo_required = no
>> smtpd_helo_restrictions =
>> strict_rfc821_envelopes = no
>> smtpd_recipient_restrictions =
>> permit_sasl_authenticated,permit_mynetworks,check_relay_domains
>> smtp_sasl_auth_enable = no
>> smtpd_sasl_auth_enable = yes
>> smtpd_use_tls = yes
>> smtp_use_tls = yes
>> alias_maps = hash:/etc/aliases
>> mailbox_size_limit = 0
>> message_size_limit = 10240000
>> mydomain = osund.com
>> mynetworks = 127.0.0.0/8 , 13.37.0.0/24
>> smtpd_sasl_local_domain =
>> smtpd_sasl_security_options = noanonymous
>> broken_sasl_auth_clients = yes
>> smtpd_sasl_authenticated_header = yes
>> smtpd_tls_auth_only = no
>> smtp_tls_note_starttls_offer = yes
>> smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
>> smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
>> smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
>> smtpd_tls_loglevel = 1
>> smtpd_tls_received_header = yes
>> smtpd_tls_session_cache_timeout = 3600s
>> tls_random_source = dev:/dev/urandom
>> home_mailbox = Maildir/
>> header_checks = regexp:/etc/postfix/header_checks
>>
>> /etc/MailScanner/MailScanner.conf
>> # ONLY SHOWING ACTIVE LINES THAT HAVE SOMETHING TODO WITH SCANNING
>>
>> %etc-dir% = /etc/MailScanner
>> %report-dir% = /etc/MailScanner/reports/en
>> Run As User = postfix
>> Run As Group = postfix
>> Max Children = 5
>> Queue Scan Interval = 6
>> Incoming Queue Dir = /var/spool/MailScanner/hold
>> Outgoing Queue Dir = /var/spool/MailScanner/incoming
>> Incoming Work Dir = /var/spool/MailScanner/incoming
>> Quarantine Dir = /var/spool/MailScanner/quarantine
>> MTA = postfix
>> Scan Messages = yes
>> Virus Scanning = yes
>> Virus Scanners = clamav
>> Use SpamAssassin = yes
>> Log Spam = yes
>>
>> Of course theres alot of other options, please tell me if you want to
>> know
>> a value of another option.
>>
>> The /var/log/mail says this when a mail is being received.
>>
>> Nov 17 15:30:18 gateway postfix/smtpd[2597]: connect from
>> *************.***[***.***.***.***]
>> Nov 17 15:30:18 gateway MailScanner[2596]: MailScanner E-Mail Virus
>> Scanner
>> version 4.72.5 starting...
>> Nov 17 15:30:20 gateway postfix/smtpd[2597]: warning: support for
>> restriction "check_relay_domains" will be removed from Postfix; use
>> "reject_unauth_destination" instead
>> Nov 17 15:30:20 gateway postfix/smtpd[2597]: D7D0623970:
>> client=***********.***[***.***.***.***]
>> Nov 17 15:30:21 gateway postfix/cleanup[2617]: D7D0623970: hold: header
>> Received: from **********.*** (******.**** [***.***.***.***])??by
>> *****.***
>> (Postfix) with ESMTP id D7D0623970??for <*****@*******.***>; Mon, 17 Nov
>> 2008 15:30:19 +0100 (CET) from *********.***[***.***.***.***];
>> from=<sundlunchbox at gmail.com> to=<****@******.***> proto=ESMTP
>> helo=<wa-out-1112.google.com>
>> Nov 17 15:30:21 gateway postfix/cleanup[2617]: D7D0623970:
>> message-id=<707c30aa0811170635x587645ddn1077ecfa2d08fc36 at mail.****.com>
>>
>> The messages are being correctly recieved and sent in both directions,
>> but
>> not scanned at all, i also dont get the "Scanned by MailScanner
watermark
>> in my sent Emails".
>>
>> I also see thees lines repeat along with the ClamAv update notice
(ClamAv
>> allready the latest database version bla bla bla)
>>
>> Nov 19 16:19:33 gateway MailScanner[3634]: MailScanner E-Mail Virus
>> Scanner
>> version 4.72.5 starting...
>> Nov 19 16:19:35 gateway MailScanner[3634]: Read 848 hostnames from the
>> phishing whitelist
>> Nov 19 16:19:37 gateway MailScanner[3633]: Using SpamAssassin results
>> cache
>>
>> Nov 19 16:19:37 gateway MailScanner[3633]: Connected to SpamAssassin
>> cache
>> database
>> Nov 19 16:19:37 gateway MailScanner[3633]: Enabling SpamAssassin
>> auto-whitelist functionality...
>> Nov 19 16:19:39 gateway MailScanner[3634]: Read 7320 hostnames from the
>> phishing blacklist
>> Nov 19 16:19:39 gateway MailScanner[3634]: SpamAssassin temporary
working
>> directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp
>>
>> Ive searched the internet for MailScanner configurations and i think i
>> have
>> a correct configuration, any pointers and help at all would be awsome!
>>
>> /Reagards
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>
> Michael
> 
> well looking at the postfix mailscanner how-to..
> 
>
http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:postfix:installation
> 
> in MailScanner.conf the "Incoming" and "Outgoing" queues are
> wrong...but that doesn't explain why the mail's being delivered.
> 
> I presume you've created the /etc/postfix/header_checks file correctly?
> 
> 
> -- 
> Martin Hepworth
> Oxford, UK
>

Sweet jebus i did mix up the Incoming and Outgoing paths, it now scans all
mails correctly, thanks a bunch!

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list