From mark at msapiro.net  Mon Jul  1 20:30:02 2013
From: mark at msapiro.net (Mark Sapiro)
Date: Mon, 01 Jul 2013 12:30:02 -0700
Subject: ScamNailer update STILL not working
In-Reply-To: <CADU1O-2yiyAf2A5=z-m4pyY2EjOwgLvm_y-L98dWYi43a70NjA@mail.gmail.com>
References: <51B3CFE3.10500@msapiro.net> <51C20F27.4030401@msapiro.net>
	<51C210DA.6080409@msapiro.net>
	<CADU1O-2yiyAf2A5=z-m4pyY2EjOwgLvm_y-L98dWYi43a70NjA@mail.gmail.com>
Message-ID: <51D1D8BA.2010505@msapiro.net>

On 6/30/2013 5:52 AM, Jeff Earickson wrote:
> 
> I have still been getting constant "not working" out of ScamNailer lately:
> 
> Failed to retrieve http://mailscanner.eu/emails.2013-260.11 at
> /etc/MailScanner/ScamNailer line 289.
> 
> or
> 
> Failed to retrieve http://cdn.mailscanner.info/emails.2013-260.11 at
> /etc/MailScanner/ScamNailer line 289.
> 
> This is after applying Mr. Sapiro's patch.  Are these two websites dead?  I
> can get to cdn.mailscanner.info via
> web, but that is it.  Any ideas?


This is normal and expected behavior with my patch. Since the
information as to the number of the latest update is not available in
the TXT record at emails.msupdate.greylist.bastionmail.com, I guess that
the latest update is 99 and sequentially retrieve the updates until I
get a 404. In your case, the updates 260.1 through 260.10 were
successfully retrieved on this or a prior run and 260.11 didn't exist
yet and returned a 404. I then reset the current update to 10 and proceed.

If you don't want to see the "Failed to retrieve" message, change the
part of the patched Scamnailetr which reads

        unless ($res->is_success) {
          warn "Failed to retrieve $urlbase$currentbase.$i";
          $currentupdate = $i - 1;
        }

to

        unless ($res->is_success) {
          $currentupdate = $i - 1;
        }

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From peter at farrows.org  Tue Jul  2 08:41:08 2013
From: peter at farrows.org (Peter Farrow)
Date: Tue, 02 Jul 2013 08:41:08 +0100
Subject: update bad phishing sites broken?
In-Reply-To: <51C3A507.7020303@msapiro.net>
References: <CAEEyRN2ih7dJjTZJfMbAnstfQhYLPDon24idY3+r-p5Dqeppvg@mail.gmail.com>
	<51C3A507.7020303@msapiro.net>
Message-ID: <51D28414.2050507@farrows.org>

At the risk of sounding slightly ignorant,

Can someone advise me on how to apply the patches - i.e. the command,

Many thanks

Pete


On 21/06/2013 01:57, Mark Sapiro wrote:
> Matt Hampton wrote:
>> renewed
> But it still returns "v=spf1 a -all" as the only TXT record for
> emails.msupdate.greylist.bastionmail.com. Is this ever going to be fixed?
>
> Meanwhile, I have ported my Scamnailer patch to
> update_bad_phishing_sites. The patch is attached.
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130702/c64709a9/attachment.html 

From mark at msapiro.net  Tue Jul  2 17:00:18 2013
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 02 Jul 2013 09:00:18 -0700
Subject: update bad phishing sites broken?
In-Reply-To: <51D28414.2050507@farrows.org>
References: <CAEEyRN2ih7dJjTZJfMbAnstfQhYLPDon24idY3+r-p5Dqeppvg@mail.gmail.com>
	<51C3A507.7020303@msapiro.net> <51D28414.2050507@farrows.org>
Message-ID: <51D2F912.8090004@msapiro.net>

On 07/02/2013 12:41 AM, Peter Farrow wrote:
> At the risk of sounding slightly ignorant,
> 
> Can someone advise me on how to apply the patches - i.e. the command,


Assuming your update_bad_phishing_sites is in the standard place, i.e.
/usr/sbin/update_bad_phishing_sites, just save the patch and give the
command

sudo patch -p0 < /path/to/patch/file

See ' man patch' for more info.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From michaelm12-asfbugzilla at aquaorange.net  Wed Jul  3 10:04:31 2013
From: michaelm12-asfbugzilla at aquaorange.net (MikeM)
Date: Wed, 03 Jul 2013 10:04:31 +0100
Subject: MailScanner temporary files not deleted
Message-ID: <51D3E91F.6040305@aquaorange.net>

Hi,

Attached is a patch which helps to avoid the various temporary files 
left lying around by MailScanner in /tmp and 
/var/spool/MailScanner/incoming/SpamAssassin-Temp

They tend to be named:
     /tmp/tmp.XXXXXXXXXX
     /var/spool/MailScanner/incoming/SpamAssassin-Temp/tmp.XXXXXXXXXX
/var/spool/MailScanner/incoming/SpamAssassin-Temp/MailScanner.LastSpam.XXXXXX
/var/spool/MailScanner/incoming/SpamAssassin-Temp/MailScanner.XXXXXX

The patch also disables the mcafee (old not version 6) virus scanner (in 
etc/virus.scanners.conf) which should no longer be being used. By 
leaving it included the detection routines will increase your server's 
load unnecessarily if you have the McAfee v6 scanner installed.

Many thanks,
Mike

-------------- next part --------------
diff -ur MailScanner-4.84.5-3-orig/etc/virus.scanners.conf MailScanner/etc/virus.scanners.conf
--- MailScanner-4.84.5-3-orig/etc/virus.scanners.conf	2013-07-02 19:57:15.649957030 +0100
+++ MailScanner/etc/virus.scanners.conf	2013-07-02 20:24:54.927741681 +0100
@@ -36,7 +36,8 @@
 kaspersky-4.5	/opt/MailScanner/lib/kaspersky-wrapper	/opt/kav
 kaspersky	/opt/MailScanner/lib/kaspersky-wrapper	/opt/AVP
 kavdaemonclient	/opt/MailScanner/lib/kavdaemonclient-wrapper /usr/local
-mcafee		/opt/MailScanner/lib/mcafee-wrapper	/usr/local/uvscan
+##mcafee pre-verion6 should not be used. Not DAT updates anymore
+##mcafee		/opt/MailScanner/lib/mcafee-wrapper	/usr/local/uvscan
 mcafee6		/opt/MailScanner/lib/mcafee6-wrapper	/usr/local/uvscan
 # Now updated to handle nod32 2.01 and upwards
 #nod32-1.99	/opt/MailScanner/lib/nod32-wrapper	/usr/local/nod32
diff -ur MailScanner-4.84.5-3-orig/lib/bitdefender-wrapper MailScanner/lib/bitdefender-wrapper
--- MailScanner-4.84.5-3-orig/lib/bitdefender-wrapper	2011-08-20 13:20:04.000000000 +0100
+++ MailScanner/lib/bitdefender-wrapper	2013-07-02 18:57:17.205996644 +0100
@@ -55,13 +55,15 @@
 fi
 
 if [ "x$1" = "x-IsItInstalled" ]; then
+  rm -f $LogFile
   [ -x ${PackageDir}/$prog ] && exit 0
   exit 1
 fi
 
 umask 077
-rm -f $LogFile
+#rm -f $LogFile # We don't delete here, possible race condition. It's empty!
 ${PackageDir}/$prog --log=$LogFile $extras "$@" >/dev/null 2>&1
 cat $LogFile
 rm -f $LogFile
 exit 0
+
diff -ur MailScanner-4.84.5-3-orig/lib/clamav-wrapper MailScanner/lib/clamav-wrapper
--- MailScanner-4.84.5-3-orig/lib/clamav-wrapper	2011-08-20 13:32:02.000000000 +0100
+++ MailScanner/lib/clamav-wrapper	2013-07-02 19:06:32.353402229 +0100
@@ -52,7 +52,7 @@
 # You may want to check this script for bash-isms
 
 #TempDir="/tmp/clamav.$$"
-TempDir=$(mktemp) || { echo "$0: Cannot make name for temporary dir" >&2; exit 1; }
+TempDir=$(mktemp -d) || { echo "$0: Cannot make temporary dir" >&2; exit 1; }
 ClamUser="clamav"
 ClamGroup="clamav"
 
@@ -132,6 +132,7 @@
 fi
 
 if [ "x$1" = "x-IsItInstalled" ]; then
+  rm -rf ${TempDir} >/dev/null 2>&1
   [ -x $ClamScan ] && exit 0
   exit 1
 fi
@@ -140,32 +141,23 @@
 PATH=$PATH:/usr/ucb
 export PATH
 
-# Check if the tmpdir exists, if so delete so we start with a clean slate
-if [ -x "${TempDir}" ]; then
-	rm -rf ${TempDir} >/dev/null 2>&1
-fi
-
-# Make the Temp dir
-umask 0077
-mkdir "${TempDir}" >/dev/null 2>&1
-
 # In case we get interupted....
 trap "rm -rf ${TempDir}" EXIT
 
-if [ $? ]; then 
+if [ -d "${TempDir}" ]
   ExtraScanOptions="$ExtraScanOptions --tempdir=${TempDir}"
   # If we are root chown it to the clamav user/group
   if [ `whoami` = "root" ]; then
     chown ${ClamUser}:${ClamGroup} "${TempDir}"
   fi
- fi
+fi
 
 $ClamScan $ExtraScanOptions $ScanOptions "$@"
 
 retval=$?
 
 #Clean up the temp directory
-if [ -x "${TempDir}" ]; then
+if [ -e "${TempDir}" ]; then
 	rm -rf ${TempDir}
 fi
 trap '' EXIT
diff -ur MailScanner-4.84.5-3-orig/lib/kaspersky-wrapper MailScanner/lib/kaspersky-wrapper
--- MailScanner-4.84.5-3-orig/lib/kaspersky-wrapper	2011-08-20 13:32:02.000000000 +0100
+++ MailScanner/lib/kaspersky-wrapper	2013-07-02 19:18:04.057323885 +0100
@@ -45,11 +45,12 @@
   Report=$(mktemp) || { echo "$0: Cannot create temporary file" >&2; exit 1; }
   ScanOptions="-xp -i0" # Don't report progress, don't attempt to clean
   if [ "x$1" = "x-IsItInstalled" ]; then
+    rm -f ${Report}
     exit 0
   fi
 
   Args=`echo "$@" | sed -e 's/ -I/ -i/g; s/^-I/-i/g; s/-- / /g;'`
-  rm -f $Report
+  #rm -f $Report ##Don't delete - possible race condition. Already empty.
   # 29/09/05 JKF Removed -j3 on advice from Kaspersky users
   ${PackageDir}/$Scanner $ScanOptions -o$Report -q "$@"
   cat $Report
@@ -64,11 +65,12 @@
   Report=$(mktemp) || { echo "$0: Cannot create temporary file" >&2; exit 1; }
   ScanOptions="-xp -i0" # Don't report progress, don't attempt to clean
   if [ "x$1" = "x-IsItInstalled" ]; then
+    rm -f ${Report}
     exit 0
   fi
 
   Args=`echo "$@" | sed -e 's/ -I/ -i/g; s/^-I/-i/g; s/-- / /g;'`
-  rm -f $Report
+  #rm -f $Report ##Don't delete - possible race condition. Already empty.
   # 29/09/05 JKF Removed -j3 on advice from Kaspersky users
   ${PackageDir}/$Scanner $ScanOptions -o$Report -q "$@"
   cat $Report
@@ -83,11 +85,12 @@
   Report=$(mktemp) || { echo "$0: Cannot create temporary file" >&2; exit 1; }
   ScanOptions="-xp -i0" # Don't report progress, don't attempt to clean
   if [ "x$1" = "x-IsItInstalled" ]; then
+    rm -f ${Report}
     exit 0
   fi
 
   Args=`echo "$@" | sed -e 's/ -I/ -i/g; s/^-I/-i/g; s/-- / /g;'`
-  rm -f $Report
+  #rm -f $Report ##Don't delete - possible race condition. Already empty.
   # 29/09/05 JKF Removed -j3 on advice from Kaspersky users
   ${PackageDir}/$Scanner $ScanOptions -o$Report -q "$@"
   cat $Report
diff -ur MailScanner-4.84.5-3-orig/lib/MailScanner/CustomFunctions/LastSpam.pm MailScanner/lib/MailScanner/CustomFunctions/LastSpam.pm
--- MailScanner-4.84.5-3-orig/lib/MailScanner/CustomFunctions/LastSpam.pm	2011-08-20 13:24:49.000000000 +0100
+++ MailScanner/lib/MailScanner/CustomFunctions/LastSpam.pm	2013-07-02 20:17:34.388358859 +0100
@@ -32,7 +32,7 @@
 my $Debug = 0; # Set to 1 to enable debug output to STDERR
 #my $tmpfilename = "/tmp/MailScanner.LastSpam.$$.conf"; # Temp MS.conf file
 # Temp MS.conf file
-my($tmpfh, $tmpfilename) = tempfile("MailScanner.LastSpam.XXXXXX", TMPDIR => 1, UNLINK => 0);
+my($tmpfh, $tmpfilename) = tempfile("MailScanner.LastSpam.XXXXXX", TMPDIR => 1, UNLINK => 1);
 my %modtime = (); # Time domain list magic word file was last changed
 my %filename = (); # Map Config option to magic word file
 my %magicwords = {}; # Map Config option --> domains --> magic words
diff -ur MailScanner-4.84.5-3-orig/lib/MailScanner/CustomFunctions/Ruleset-from-Function.pm MailScanner/lib/MailScanner/CustomFunctions/Ruleset-from-Function.pm
--- MailScanner-4.84.5-3-orig/lib/MailScanner/CustomFunctions/Ruleset-from-Function.pm	2011-08-20 13:25:42.000000000 +0100
+++ MailScanner/lib/MailScanner/CustomFunctions/Ruleset-from-Function.pm	2013-07-02 20:19:01.571397055 +0100
@@ -31,7 +31,7 @@
 
 my $Debug = 0; # Set to 1 to enable debug output to STDERR
 #my $tmpfilename = "/tmp/MailScanner.$$.conf"; # Temp MS.conf file
-my($tmpfh, $tmpfilename) = tempfile("MailScanner.XXXXXX", TMPDIR => 1, UNLINK => 0);
+my($tmpfh, $tmpfilename) = tempfile("MailScanner.XXXXXX", TMPDIR => 1, UNLINK => 1);
 
 
 

From jgao at veecall.com  Wed Jul  3 17:22:29 2013
From: jgao at veecall.com (J Gao)
Date: Wed, 03 Jul 2013 09:22:29 -0700
Subject: "Problem Messages" every hour
Message-ID: <51D44FC5.8070208@veecall.com>

Hi, All,

I just installed MailScanner v4.84.6 on a new email server (CentOS 6.4 + 
Postfix + Courier) last week. Now as MailScanner admin I got lots email 
with subject: "Problem Messages" every hour. The content is like this:

Archive:

Number of messages: 1
Tries	Message	Last Tried
=====	=======	==========
6	C3A94C22C2.A8945	Wed Jul  3 00:18:47 2013

-- MailScanner


On the server I found this mail is in quarantine.


I also received a warning email with subject "Other Bad Content Detected" :
  The following e-mails were found to have: Other Bad Content Detected

     Sender: ksximr388 at arbetarenzenit.se
IP Address: 24.172.66.66
  Recipient: jgao at veecall.com
    Subject: The 50 Best Foods for Weight Loss
  MessageID: C3A94C22C2.A8945
Quarantine: /var/spool/MailScanner/quarantine/20130703/C3A94C22C2.A8945
     Report: MailScanner: Message attempted to kill MailScanner


I googled and found a solution by deleting:
/var/spool/MailScanner/incoming/Processing.db

Yesterday I delete the above file and it has been quite until midnight. 
This morning I see there is 9 emails in my Inbox for the same warning 
message.

So I see "Message attempted to kill MailScanner". I don't know why it 
isn't succeed and keep send me warning repeatedly. Is there something I 
can do to let MailScanner take care these "Other Bad Content" and just 
send me a warning once?



Here is related maillog:
-----------------------------
Making attempt 6 at processing message C3A94C22C2.A8945
Jul  3 00:16:25 szeta MailScanner[8999]: New Batch: Scanning 1 messages, 
14246 bytes
Jul  3 00:16:26 szeta MailScanner[8999]: Virus and Content Scanning: 
Starting
Jul  3 00:16:26 szeta MailScanner[8999]: Spam Checks: Starting
Jul  3 00:16:26 szeta MailScanner[8999]: SpamAssassin cache hit for 
message C3A94C22C2.A8945
Jul  3 00:16:26 szeta MailScanner[8999]: Message C3A94C22C2.A8945 from 
24.172.66.66 (ksximr388 at arbetarenzenit.se) to veecall.com is spam, Sp
amAssassin (cached, score=19.708, required 5, autolearn=spam, DCC_CHECK 
1.10, DIGEST_MULTIPLE 0.00, DKIM_ADSP_NXDOMAIN 0.80, FS_WEIGHT_LOSS
1.54, HELO_DYNAMIC_IPADDR 3.24, HK_RANDOM_REPLYTO 0.58, 
HTML_FONT_FACE_BAD 0.29, HTML_MESSAGE 0.00, MIME_HTML_ONLY 1.10, 
NO_DNS_FOR_FROM 0.3
8, RAZOR2_CHECK 1.73, RCVD_IN_BL_SPAMCOP_NET 1.25, RCVD_IN_BRBL_LASTEXT 
1.64, RCVD_IN_PSBL 2.70, RCVD_IN_RP_RNBL 1.28, RDNS_DYNAMIC 0.36, UR
IBL_BLOCKED 0.00, URIBL_DBL_SPAM 1.70)
Jul  3 00:16:26 szeta MailScanner[8999]: Spam Checks: Found 1 spam messages
Jul  3 00:16:26 szeta MailScanner[8999]: Spam Actions: message 
C3A94C22C2.A8945 actions are store
Jul  3 00:16:29 szeta MailScanner[9169]: Warning: skipping message 
C3A94C22C2.A8945 as it has been attempted too many times
Jul  3 00:16:29 szeta MailScanner[9169]: Quarantined message 
C3A94C22C2.A8945 as it caused MailScanner to crash several times
Jul  3 00:16:29 szeta MailScanner[9169]: Saved entire message to 
/var/spool/MailScanner/quarantine/20130703/C3A94C22C2.A8945
-----------------------------------

Also, I have this setting in my MailScanner.conf:
High Scoring Spam Actions = store

On our old email server I have this exactly same setting but I don't 
have any problem.

Thanks for help.

Gao


-- 
      __
    _|==|_
     ('')__/
 >--(`^^')
   (`^'^'`)
   `======'

From maxsec at gmail.com  Thu Jul  4 10:07:08 2013
From: maxsec at gmail.com (Martin Hepworth)
Date: Thu, 4 Jul 2013 10:07:08 +0100
Subject: "Problem Messages" every hour
In-Reply-To: <51D44FC5.8070208@veecall.com>
References: <51D44FC5.8070208@veecall.com>
Message-ID: <CAGDKorKMRiteKbKL+G9V2WxU7-oNF2LLLFJOMbY20TA_0TpvHg@mail.gmail.com>

check you're running MailScanner with the -U flag present

also double check all the file permissions in the working and quarantine
directories and the MailScanner.conf settings relating to these

-- 
Martin Hepworth, CISSP
Oxford, UK


On 3 July 2013 17:22, J Gao <jgao at veecall.com> wrote:

> Hi, All,
>
> I just installed MailScanner v4.84.6 on a new email server (CentOS 6.4 +
> Postfix + Courier) last week. Now as MailScanner admin I got lots email
> with subject: "Problem Messages" every hour. The content is like this:
>
> Archive:
>
> Number of messages: 1
> Tries   Message Last Tried
> =====   ======= ==========
> 6       C3A94C22C2.A8945        Wed Jul  3 00:18:47 2013
>
> -- MailScanner
>
>
> On the server I found this mail is in quarantine.
>
>
> I also received a warning email with subject "Other Bad Content Detected" :
>   The following e-mails were found to have: Other Bad Content Detected
>
>      Sender: ksximr388 at arbetarenzenit.se
> IP Address: 24.172.66.66
>   Recipient: jgao at veecall.com
>     Subject: The 50 Best Foods for Weight Loss
>   MessageID: C3A94C22C2.A8945
> Quarantine: /var/spool/MailScanner/quarantine/20130703/C3A94C22C2.A8945
>      Report: MailScanner: Message attempted to kill MailScanner
>
>
> I googled and found a solution by deleting:
> /var/spool/MailScanner/incoming/Processing.db
>
> Yesterday I delete the above file and it has been quite until midnight.
> This morning I see there is 9 emails in my Inbox for the same warning
> message.
>
> So I see "Message attempted to kill MailScanner". I don't know why it
> isn't succeed and keep send me warning repeatedly. Is there something I
> can do to let MailScanner take care these "Other Bad Content" and just
> send me a warning once?
>
>
>
> Here is related maillog:
> -----------------------------
> Making attempt 6 at processing message C3A94C22C2.A8945
> Jul  3 00:16:25 szeta MailScanner[8999]: New Batch: Scanning 1 messages,
> 14246 bytes
> Jul  3 00:16:26 szeta MailScanner[8999]: Virus and Content Scanning:
> Starting
> Jul  3 00:16:26 szeta MailScanner[8999]: Spam Checks: Starting
> Jul  3 00:16:26 szeta MailScanner[8999]: SpamAssassin cache hit for
> message C3A94C22C2.A8945
> Jul  3 00:16:26 szeta MailScanner[8999]: Message C3A94C22C2.A8945 from
> 24.172.66.66 (ksximr388 at arbetarenzenit.se) to veecall.com is spam, Sp
> amAssassin (cached, score=19.708, required 5, autolearn=spam, DCC_CHECK
> 1.10, DIGEST_MULTIPLE 0.00, DKIM_ADSP_NXDOMAIN 0.80, FS_WEIGHT_LOSS
> 1.54, HELO_DYNAMIC_IPADDR 3.24, HK_RANDOM_REPLYTO 0.58,
> HTML_FONT_FACE_BAD 0.29, HTML_MESSAGE 0.00, MIME_HTML_ONLY 1.10,
> NO_DNS_FOR_FROM 0.3
> 8, RAZOR2_CHECK 1.73, RCVD_IN_BL_SPAMCOP_NET 1.25, RCVD_IN_BRBL_LASTEXT
> 1.64, RCVD_IN_PSBL 2.70, RCVD_IN_RP_RNBL 1.28, RDNS_DYNAMIC 0.36, UR
> IBL_BLOCKED 0.00, URIBL_DBL_SPAM 1.70)
> Jul  3 00:16:26 szeta MailScanner[8999]: Spam Checks: Found 1 spam messages
> Jul  3 00:16:26 szeta MailScanner[8999]: Spam Actions: message
> C3A94C22C2.A8945 actions are store
> Jul  3 00:16:29 szeta MailScanner[9169]: Warning: skipping message
> C3A94C22C2.A8945 as it has been attempted too many times
> Jul  3 00:16:29 szeta MailScanner[9169]: Quarantined message
> C3A94C22C2.A8945 as it caused MailScanner to crash several times
> Jul  3 00:16:29 szeta MailScanner[9169]: Saved entire message to
> /var/spool/MailScanner/quarantine/20130703/C3A94C22C2.A8945
> -----------------------------------
>
> Also, I have this setting in my MailScanner.conf:
> High Scoring Spam Actions = store
>
> On our old email server I have this exactly same setting but I don't
> have any problem.
>
> Thanks for help.
>
> Gao
>
>
> --
>       __
>     _|==|_
>      ('')__/
>  >--(`^^')
>    (`^'^'`)
>    `======'
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130704/45776afd/attachment.html 

From jgao at veecall.com  Sat Jul  6 00:47:14 2013
From: jgao at veecall.com (J Gao)
Date: Fri, 05 Jul 2013 16:47:14 -0700
Subject: "Problem Messages" every hour
In-Reply-To: <CAGDKorKMRiteKbKL+G9V2WxU7-oNF2LLLFJOMbY20TA_0TpvHg@mail.gmail.com>
References: <51D44FC5.8070208@veecall.com>
	<CAGDKorKMRiteKbKL+G9V2WxU7-oNF2LLLFJOMbY20TA_0TpvHg@mail.gmail.com>
Message-ID: <51D75B02.6050606@veecall.com>

On 13-07-04 02:07 AM, Martin Hepworth wrote:
> check you're running MailScanner with the -U flag present
>
> also double check all the file permissions in the working and quarantine
> directories and the MailScanner.conf settings relating to these
>
> --
> Martin Hepworth, CISSP
> Oxford, UK

Thanks a lot. That "-U" works!.

Gao








-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


From stephencoxmail at gmail.com  Tue Jul  9 07:28:13 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Tue, 9 Jul 2013 08:28:13 +0200
Subject: MailScanner temporary files not deleted
In-Reply-To: <51D3E91F.6040305@aquaorange.net>
References: <51D3E91F.6040305@aquaorange.net>
Message-ID: <CAMgku6TcPzseaUPjFpg4ed7__pX=m6qfjGcpwLJ_uysm=BhUdw@mail.gmail.com>

On Wed, Jul 3, 2013 at 11:04 AM, MikeM <
michaelm12-asfbugzilla at aquaorange.net> wrote:

> Attached is a patch which helps to avoid the various temporary files left
> lying around by MailScanner in /tmp and /var/spool/MailScanner/**
> incoming/SpamAssassin-Temp
>

Mike,

Thank you for the patch. Can you please open a pull request on github.

Regards,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/cb7190d1/attachment.html 

From stephencoxmail at gmail.com  Tue Jul  9 07:36:01 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Tue, 9 Jul 2013 08:36:01 +0200
Subject: update bad phishing sites broken?
In-Reply-To: <51C3A507.7020303@msapiro.net>
References: <CAEEyRN2ih7dJjTZJfMbAnstfQhYLPDon24idY3+r-p5Dqeppvg@mail.gmail.com>
	<51C3A507.7020303@msapiro.net>
Message-ID: <CAMgku6T_R_c++Do8bxRKpzxg9prcQ13r2mRvN0On0Hb-prQSBA@mail.gmail.com>

Mark,

Can you please submit a pull request on github?

Regards,
Stephen


On Fri, Jun 21, 2013 at 2:57 AM, Mark Sapiro <mark at msapiro.net> wrote:

> Matt Hampton wrote:
> >
> > renewed
>
> But it still returns "v=spf1 a -all" as the only TXT record for
> emails.msupdate.greylist.bastionmail.com. Is this ever going to be fixed?
>
> Meanwhile, I have ported my Scamnailer patch to
> update_bad_phishing_sites. The patch is attached.
>
> --
> Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/02d2f2b5/attachment.html 

From stephencoxmail at gmail.com  Tue Jul  9 07:44:20 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Tue, 9 Jul 2013 08:44:20 +0200
Subject: MailScanner Logging
In-Reply-To: <CAED3VzAHgy9vO=cB0ijnxLSzF-zSYbncoM4UBqfo=JQX3jLzaQ@mail.gmail.com>
References: <CAED3VzAHgy9vO=cB0ijnxLSzF-zSYbncoM4UBqfo=JQX3jLzaQ@mail.gmail.com>
Message-ID: <CAMgku6T5_D9H5nQYp-a55ebSho6mUp3v3-7W1-NWHJSfBzwLJQ@mail.gmail.com>

On Fri, Jun 21, 2013 at 11:19 PM, Jerry Benton
<jerry.benton at mailborder.com>wrote:

> In short, the subject line "C'est ?a que ?a dit" gets chopped in the SQL
> logs to just "C'est". Reviewing the MailWatch code, the message
> information is pushed into an array like this:
>
> push @in, $_;
>

Jerry,

Can you please file an issue on github and I will try to look into it.

Regards,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/22326f78/attachment.html 

From stephencoxmail at gmail.com  Tue Jul  9 07:56:24 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Tue, 9 Jul 2013 08:56:24 +0200
Subject: quarantine error
In-Reply-To: <CA+FyZ0fP4iJUWG+JHMzwL2_Kz1mUOsLHphAjtGYD0nBKum5Rqw@mail.gmail.com>
References: <CA+FyZ0fP4iJUWG+JHMzwL2_Kz1mUOsLHphAjtGYD0nBKum5Rqw@mail.gmail.com>
Message-ID: <CAMgku6QnfOuW7=7qDPzpHmvRWNpznKuS0U5ZBC81qvkPFVCkUA@mail.gmail.com>

On Mon, Jun 17, 2013 at 5:53 PM, Ismail Ozatay <ismailozatay at gmail.com>wrote:

> I have installed MailScanner version 4.84.6-1 on Centos 6.4 x64 box with
> Clam-0.96.5-SA-3.3.1 package and configured them with postfix. Everything
> is working except quarantine. When i blacklist someone, it holds the mail
> but does not put into quarantine folder. If it is not blacklisted,
> mailscanner sends it to the exchange without any problem. How can i handle
> this problem?
>

Ismail,

Did you try to use the RPM from repo.baruwa.org?

Regards,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/3957ac9d/attachment.html 

From stephencoxmail at gmail.com  Tue Jul  9 07:59:22 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Tue, 9 Jul 2013 08:59:22 +0200
Subject: Visible code in emails tagged as dis-armed
In-Reply-To: <CAAJHbAoaAJxZe0ZFO-vHFP6mTg__4q7eDABEG2BJ0kASzqG8Og@mail.gmail.com>
References: <CAAJHbAoaAJxZe0ZFO-vHFP6mTg__4q7eDABEG2BJ0kASzqG8Og@mail.gmail.com>
Message-ID: <CAMgku6QtJ_kSyMVunwS1kE77V+zqgpyYy7ia8bqE+Ww3yj5F4g@mail.gmail.com>

On Thu, Jun 13, 2013 at 10:16 PM, Robert Lopez <rlopezcnm at gmail.com> wrote:

> A google of the following code will show it is found in a lot of email
> as visible code.
>
> var WAX = function () { var _arrInputs;
> window.addEventListener('waxSetArr', function(evt)
> {_arrInputs=evt.detail;}); return { getElement: function (i) { return
> _arrInputs[i]; } } }(); function waxGetElement(i) { return
> WAX.getElement(i); }
>
> In all cases where it has been reported to our service desk it occurs
> in email in which the Subject line of the email has the MailScanner
> generated tag of "{Disarmed} ".
>
> Before this recent situation I have never before seen any code become
> visible in HTML email which was disarmed by MailScanner.
>
> Any idea if it is intentionally visible of if it is the side effect of
> a MailScanner bug while processing the web bug?
>

Robert,

This may be a bug. Can you please file an issue on github?
https://github.com/MailScanner/MailScanner/issues/new

Regards,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/023aa82f/attachment.html 

From stephencoxmail at gmail.com  Tue Jul  9 08:03:30 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Tue, 9 Jul 2013 09:03:30 +0200
Subject: Mail addresses with more @ signs
In-Reply-To: <51B85845.4070308@gmail.com>
References: <51B85845.4070308@gmail.com>
Message-ID: <CAMgku6SzJxCGbGvq9pBV7YYW5itiRsP0vdS5FMQsG2SGjtH1bA@mail.gmail.com>

On Wed, Jun 12, 2013 at 1:15 PM, Lasantha Marian <x72m35 at gmail.com> wrote:

> Friends,
> I have noticed that MailScanner ignores messages with envelop address
> having more than one "@" sign. Notably those messages are appended with
> an IP address. An example like (sender at xyz.uv@193.216.123.213) returns
> "X-ABC-MailScanner-SpamCheck: spam(no watermark or sender address)".
> Any thoughts as to what could cause this (letting this spam go as ham).
> Looking at the message content, they are positively spam.
>

Lasantha,

Can you please file this as an issue?
https://github.com/MailScanner/MailScanner/issues/new

Regards,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/d719d177/attachment.html 

From stephencoxmail at gmail.com  Tue Jul  9 08:10:03 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Tue, 9 Jul 2013 09:10:03 +0200
Subject: problem with mail address case
In-Reply-To: <51B1DE960200007D00038001@groupwise.skbs.de>
References: <CAED3VzCe7FDGZKhZ1-XzzYLj0Uqkrzh+DXQnH_WsBctz-M7pfw@mail.gmail.com>
	<CABY0g1W5m-2eeZNwN+Npv=_BOWSwy-=5NSb_gyyLhMCFSQ6wJQ@mail.gmail.com>
	<CAED3VzBfGx_WUCZVKX4rpxbceBnFjV=z3Z7e5TJ7ApCHmujzwQ@mail.gmail.com>
	<CABY0g1XmtXdMjWWSFNs300k72c0h-ATE+-BAZA1a=+FNnU1haw@mail.gmail.com>
	<51B19ABA0200007D00037F8B@groupwise.skbs.de>
	<CAED3VzD42A1W=94pJNHETJxUyOnuFBqxtZhVH3FBkYRi0xaLAg@mail.gmail.com>
	<51B1DE960200007D00038001@groupwise.skbs.de>
Message-ID: <CAMgku6RTwwvOmHGpAsTUfme9THgSJi5827qccqbTY6=knnNMRA@mail.gmail.com>

On Fri, Jun 7, 2013 at 1:22 PM, f immenroth <
f.immenroth at klinikum-braunschweig.de> wrote:

> The error is located in MailScanner. After changing all lines with "{to}"
> in it in /usr/lib/MailScanner/MailScanner/Postfix.pm from
>
>         push @{$message->{to}}, lc($recdata);
>
> to
>
>         push @{$message->{to}}, $recdata;
>
> the mailadress is unchanged.
>
>
Florian,

Can you file an issue on github, we can maybe add a extra config to handle
this. https://github.com/MailScanner/MailScanner/issues/new

Regards,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/cf2ccbaf/attachment.html 

From stephencoxmail at gmail.com  Tue Jul  9 08:16:15 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Tue, 9 Jul 2013 09:16:15 +0200
Subject: winmail.dat
In-Reply-To: <7CA580B59C1ABD45B4614ED90D4C7B8541965428@HC-EXMBX04.herefordshire.gov.uk>
References: <00aa01ce6086$e2acc260$a8064720$@dynamicquest.com>
	<7CA580B59C1ABD45B4614ED90D4C7B8541965428@HC-EXMBX04.herefordshire.gov.uk>
Message-ID: <CAMgku6SmU2t0mQdCF05EB0EO8N_iGCTkiuSFbWYjm-1miNC=KA@mail.gmail.com>

On Tue, Jun 4, 2013 at 11:06 AM, Randal, Phil
<phil.randal at hoopleltd.co.uk>wrote:

>  Try using the latest TNEF.pm from the MailScanner GIT repository:
>
>
>
>
> https://github.com/MailScanner/MailScanner/blob/master/mailscanner/bin/MailScanner/TNEF.pm
>
>
>
> Even with this, I ended up turning off TNEF handling.  Something just
> isn?t right, still.
>

Phil,

What is the output of  MailScanner -V

Regards,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/3ed9822b/attachment.html 

From jerry.benton at mailborder.com  Tue Jul  9 09:12:56 2013
From: jerry.benton at mailborder.com (Jerry Benton)
Date: Tue, 9 Jul 2013 10:12:56 +0200
Subject: MailScanner Logging
In-Reply-To: <CAMgku6T5_D9H5nQYp-a55ebSho6mUp3v3-7W1-NWHJSfBzwLJQ@mail.gmail.com>
References: <CAED3VzAHgy9vO=cB0ijnxLSzF-zSYbncoM4UBqfo=JQX3jLzaQ@mail.gmail.com>
	<CAMgku6T5_D9H5nQYp-a55ebSho6mUp3v3-7W1-NWHJSfBzwLJQ@mail.gmail.com>
Message-ID: <CAED3VzD+dDubXVxgX0j3yRKeaAQDKN0j_kLk1x0PR2hfaG0qsw@mail.gmail.com>

Submitted on github.


On Tue, Jul 9, 2013 at 8:44 AM, Stephen Cox <stephencoxmail at gmail.com>wrote:

> On Fri, Jun 21, 2013 at 11:19 PM, Jerry Benton <
> jerry.benton at mailborder.com> wrote:
>
>> In short, the subject line "C'est ?a que ?a dit" gets chopped in the SQL
>> logs to just "C'est". Reviewing the MailWatch code, the message
>> information is pushed into an array like this:
>>
>> push @in, $_;
>>
>
> Jerry,
>
> Can you please file an issue on github and I will try to look into it.
>
> Regards,
> Stephen
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>


-- 

--
Jerry Benton
Mailborder Systems
www.mailborder.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130709/6bc88ee4/attachment.html 

From mark at msapiro.net  Wed Jul 10 03:43:19 2013
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 09 Jul 2013 19:43:19 -0700
Subject: MailScanner temporary files not deleted
In-Reply-To: <CAMgku6TcPzseaUPjFpg4ed7__pX=m6qfjGcpwLJ_uysm=BhUdw@mail.gmail.com>
References: <51D3E91F.6040305@aquaorange.net>
	<CAMgku6TcPzseaUPjFpg4ed7__pX=m6qfjGcpwLJ_uysm=BhUdw@mail.gmail.com>
Message-ID: <51DCCA47.7060501@msapiro.net>

On 07/08/2013 11:28 PM, Stephen Cox wrote:
> On Wed, Jul 3, 2013 at 11:04 AM, MikeM
> <michaelm12-asfbugzilla at aquaorange.net> wrote:
> 
>     Attached is a patch which helps to avoid the various temporary files
>     left lying around by MailScanner in /tmp and
>     /var/spool/MailScanner/__incoming/SpamAssassin-Temp
> 
> 
> Mike,
> 
> Thank you for the patch. Can you please open a pull request on github.
> 
> Regards,
> Stephen 


Patches for this issue were committed in GitHub a year ago. See
<https://github.com/MailScanner/MailScanner/commit/3765b8b20e3d6166734fc923a1d00ea04918f2da>.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From mark at msapiro.net  Wed Jul 10 03:52:03 2013
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 09 Jul 2013 19:52:03 -0700
Subject: update bad phishing sites broken?
In-Reply-To: <CAMgku6T_R_c++Do8bxRKpzxg9prcQ13r2mRvN0On0Hb-prQSBA@mail.gmail.com>
References: <CAEEyRN2ih7dJjTZJfMbAnstfQhYLPDon24idY3+r-p5Dqeppvg@mail.gmail.com>
	<51C3A507.7020303@msapiro.net>
	<CAMgku6T_R_c++Do8bxRKpzxg9prcQ13r2mRvN0On0Hb-prQSBA@mail.gmail.com>
Message-ID: <51DCCC53.7070006@msapiro.net>

On 07/08/2013 11:36 PM, Stephen Cox wrote:
> Mark,
> 
> Can you please submit a pull request on github?
> 
> Regards,
> Stephen


I can, but I'm not sure that it's appropriate as my patches to
update_bad_fishing_sites and ScamNailer are just workarounds for an
issue that should properly be fixed by fixing the process that updates
the TXT record for emails.msupdate.greylist.bastionmail.com.

If someone could do that, the patches are not needed.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From cickumqt at gmail.com  Thu Jul 11 10:06:16 2013
From: cickumqt at gmail.com (Christopher Meng)
Date: Thu, 11 Jul 2013 17:06:16 +0800
Subject: Getting mailscanner into Fedora
Message-ID: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>

Hi,

I heard that years ago someone had asked or posted some threads about
getting mailscanner in Fedora.

However for unknown reason this finally stopped. So I'm thinking about
if we can do this again.

Things are getting better because more packages are being splited from
one big perl.

I've cleanup the wiki page left years ago
(http://fedoraproject.org/wiki/MailScanner_in_Fedora) and waiting for
your ideas.

Are there any people interested in packaging help?

Thanks.


Yours sincerely,
Christopher Meng

Always playing in Fedora Project

http://cicku.me

From jerry.benton at mailborder.com  Thu Jul 11 11:06:37 2013
From: jerry.benton at mailborder.com (Jerry Benton)
Date: Thu, 11 Jul 2013 12:06:37 +0200
Subject: Getting mailscanner into Fedora
In-Reply-To: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
Message-ID: <CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>

Chris,

You are probably not going to find too many takers here on Fedora.


On Thu, Jul 11, 2013 at 11:06 AM, Christopher Meng <cickumqt at gmail.com>wrote:

> Hi,
>
> I heard that years ago someone had asked or posted some threads about
> getting mailscanner in Fedora.
>
> However for unknown reason this finally stopped. So I'm thinking about
> if we can do this again.
>
> Things are getting better because more packages are being splited from
> one big perl.
>
> I've cleanup the wiki page left years ago
> (http://fedoraproject.org/wiki/MailScanner_in_Fedora) and waiting for
> your ideas.
>
> Are there any people interested in packaging help?
>
> Thanks.
>
>
> Yours sincerely,
> Christopher Meng
>
> Always playing in Fedora Project
>
> http://cicku.me
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>



-- 

--
Jerry Benton
Mailborder Systems
www.mailborder.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130711/34bf5d42/attachment.html 

From phaleintx at gmail.com  Thu Jul 11 15:53:27 2013
From: phaleintx at gmail.com (Phil Hale)
Date: Thu, 11 Jul 2013 09:53:27 -0500
Subject: Getting mailscanner into Fedora
In-Reply-To: <CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
Message-ID: <1373554407.10478.3.camel@zues.tamucc.edu>

If we can get it into Fedora EPEL, that would be ideal for my situation.
I install MailScanner on to of CentOS and use EPEL as one of my
auxiliary repositories.

Phil Hale
Systems Administrator
Texas A&M University-Corpus Christi

-
----Original Message-----
From: Jerry Benton <jerry.benton at mailborder.com>
Reply-to: MailScanner discussion <mailscanner at lists.mailscanner.info>
To: MailScanner discussion <mailscanner at lists.mailscanner.info>
Subject: Re: Getting mailscanner into Fedora
Date: Thu, 11 Jul 2013 12:06:37 +0200

Chris,


You are probably not going to find too many takers here on Fedora. 


On Thu, Jul 11, 2013 at 11:06 AM, Christopher Meng <cickumqt at gmail.com>
wrote:

        Hi,
        
        I heard that years ago someone had asked or posted some threads
        about
        getting mailscanner in Fedora.
        
        However for unknown reason this finally stopped. So I'm thinking
        about
        if we can do this again.
        
        Things are getting better because more packages are being
        splited from
        one big perl.
        
        I've cleanup the wiki page left years ago
        (http://fedoraproject.org/wiki/MailScanner_in_Fedora) and
        waiting for
        your ideas.
        
        Are there any people interested in packaging help?
        
        Thanks.
        
        
        Yours sincerely,
        Christopher Meng
        
        Always playing in Fedora Project
        
        http://cicku.me
        --
        MailScanner mailing list
        mailscanner at lists.mailscanner.info
        http://lists.mailscanner.info/mailman/listinfo/mailscanner
        
        Before posting, read http://wiki.mailscanner.info/posting
        
        Support MailScanner development - buy the book off the website!




-- 

--

Jerry Benton

Mailborder Systems
www.mailborder.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130711/3283a8e5/attachment.html 

From maxsec at gmail.com  Thu Jul 11 16:23:46 2013
From: maxsec at gmail.com (Martin Hepworth)
Date: Thu, 11 Jul 2013 16:23:46 +0100
Subject: Getting mailscanner into Fedora
In-Reply-To: <CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
Message-ID: <CAGDKorJRNc9+XQUxYtp0sfNCzaxiGjqkcbv59bBoKUjJGhPqxg@mail.gmail.com>

true, why use fedora when Centos is also free and much better suited to
being a server

-- 
Martin Hepworth, CISSP
Oxford, UK


On 11 July 2013 11:06, Jerry Benton <jerry.benton at mailborder.com> wrote:

> Chris,
>
> You are probably not going to find too many takers here on Fedora.
>
>
> On Thu, Jul 11, 2013 at 11:06 AM, Christopher Meng <cickumqt at gmail.com>wrote:
>
>> Hi,
>>
>> I heard that years ago someone had asked or posted some threads about
>> getting mailscanner in Fedora.
>>
>> However for unknown reason this finally stopped. So I'm thinking about
>> if we can do this again.
>>
>> Things are getting better because more packages are being splited from
>> one big perl.
>>
>> I've cleanup the wiki page left years ago
>> (http://fedoraproject.org/wiki/MailScanner_in_Fedora) and waiting for
>> your ideas.
>>
>> Are there any people interested in packaging help?
>>
>> Thanks.
>>
>>
>> Yours sincerely,
>> Christopher Meng
>>
>> Always playing in Fedora Project
>>
>> http://cicku.me
>> --
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>
>
>
>
> --
>
> --
> Jerry Benton
> Mailborder Systems
> www.mailborder.com
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130711/8a7cf961/attachment.html 

From cickumqt at gmail.com  Thu Jul 11 17:57:36 2013
From: cickumqt at gmail.com (Christopher Meng)
Date: Fri, 12 Jul 2013 00:57:36 +0800
Subject: Getting mailscanner into Fedora
In-Reply-To: <1373554407.10478.3.camel@zues.tamucc.edu>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<1373554407.10478.3.camel@zues.tamucc.edu>
Message-ID: <CAHcXnBF0gkgE--q20RX4h6zhfEkn+X85PYhmEFriqA6h+4iy7w@mail.gmail.com>

I don't know the deps' status in EPEL6.

I'll try building it on Fedora first, IMO the shipped perl modules in
the ms install RPM are too old. Fedora includes newer version of
nearly each of them.

From cickumqt at gmail.com  Thu Jul 11 19:07:41 2013
From: cickumqt at gmail.com (Christopher Meng)
Date: Fri, 12 Jul 2013 02:07:41 +0800
Subject: Getting mailscanner into Fedora
In-Reply-To: <CAGDKorJRNc9+XQUxYtp0sfNCzaxiGjqkcbv59bBoKUjJGhPqxg@mail.gmail.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<CAGDKorJRNc9+XQUxYtp0sfNCzaxiGjqkcbv59bBoKUjJGhPqxg@mail.gmail.com>
Message-ID: <CAHcXnBF2RyQzq+7S96+DFrVa8aervMWZWHZGVV1_wRVqgwateQ@mail.gmail.com>

? 2013-7-12 AM1:25?"Martin Hepworth" <maxsec at gmail.com>???
>
> true, why use fedora when Centos is also free and much better suited to
being a server

This is not a problem of using which operating system...

I just want to get this software directly from yum, thus easy for
maintenance. And pushing one software can extend the user base and its
popularity.

CentOS users can also install it via EPEL if things are done.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130712/97b9f1cb/attachment.html 

From jerry.benton at mailborder.com  Thu Jul 11 19:38:08 2013
From: jerry.benton at mailborder.com (Jerry Benton)
Date: Thu, 11 Jul 2013 20:38:08 +0200
Subject: Getting mailscanner into Fedora
In-Reply-To: <CAHcXnBF0gkgE--q20RX4h6zhfEkn+X85PYhmEFriqA6h+4iy7w@mail.gmail.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<1373554407.10478.3.camel@zues.tamucc.edu>
	<CAHcXnBF0gkgE--q20RX4h6zhfEkn+X85PYhmEFriqA6h+4iy7w@mail.gmail.com>
Message-ID: <CAED3VzCDYKSn23_KGw-rEOYkA6XB_oQVeE-kNKO0FQs0J8Q-MQ@mail.gmail.com>

newer != better

Just saying.


On Thu, Jul 11, 2013 at 6:57 PM, Christopher Meng <cickumqt at gmail.com>wrote:

> I don't know the deps' status in EPEL6.
>
> I'll try building it on Fedora first, IMO the shipped perl modules in
> the ms install RPM are too old. Fedora includes newer version of
> nearly each of them.
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>



-- 

--
Jerry Benton
Mailborder Systems
www.mailborder.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130711/72f018a3/attachment.html 

From steve at fsl.com  Thu Jul 11 22:35:20 2013
From: steve at fsl.com (Stephen Swaney)
Date: Thu, 11 Jul 2013 17:35:20 -0400
Subject: Getting mailscanner into Fedora
In-Reply-To: <WM!a7beafa6338cc6646d27cd33f615879df930b5ed0fb9f05846f7e842613ca42ce587cbaa2e3b5d1aff5f67054be5ef5edad410a5c6fb27d8d6e7735e8c576e5b0b07f684f986151c0c1379bbdc70174a!@mail1-ec2.fsl.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<LISTHINT!ee8e03d103dc4a25d75b0f6641ea215d92b98b1750e1001d7c99b9c31e025974219285b7b96a4cebba1db98901c24da1a32a0560390e3a9a582b4e5760c1748675b854b471ee0eb9a4ad5a9407219169!@mail1-ec2.fsl.com>
	<CAGDKorJRNc9+XQUxYtp0sfNCzaxiGjqkcbv59bBoKUjJGhPqxg@mail.gmail.com>
	<WM!a7beafa6338cc6646d27cd33f615879df930b5ed0fb9f05846f7e842613ca42ce587cbaa2e3b5d1aff5f67054be5ef5edad410a5c6fb27d8d6e7735e8c576e5b0b07f684f986151c0c1379bbdc70174a!@mail1-ec2.fsl.com>
	<51DF2518.3040400@fsl.com>
Message-ID: <WM!24ad79d82d0440651680ae60c20f9d17022821b2ca64f9217d7e867ff3f3485cb17512e08d543593b07862ecc37d1b16!@mail1-ec2.fsl.com>

I agree and would never run Fedora on a production server BUT if one or 
more Fedora enthusiasts want to create and  maintain a Fedora distro of 
MailScanner I'm all for it.

After all Fedora is the "Bleeding Edge" version of Red Hat OS, it can't 
hurt to have a "Bleeding Edge" version of Mailscanner.

Just my 2p :)

Steve
-- 
Steve Swaney
steve at fsl.com
202 595-7760 ext: 601
www.fsl.com
The most accurate and cost effective anti-spam solutions available


On 7/11/13 11:23 AM, Martin Hepworth wrote:
> true, why use fedora when Centos is also free and much better suited 
> to being a server
>
> -- 
> Martin Hepworth, CISSP
> Oxford, UK
>
>
> On 11 July 2013 11:06, Jerry Benton <jerry.benton at mailborder.com 
> <mailto:jerry.benton at mailborder.com>> wrote:
>
>     Chris,
>
>     You are probably not going to find too many takers here on Fedora.
>
>
>     On Thu, Jul 11, 2013 at 11:06 AM, Christopher Meng
>     <cickumqt at gmail.com <mailto:cickumqt at gmail.com>> wrote:
>
>         Hi,
>
>         I heard that years ago someone had asked or posted some
>         threads about
>         getting mailscanner in Fedora.
>
>         However for unknown reason this finally stopped. So I'm
>         thinking about
>         if we can do this again.
>
>         Things are getting better because more packages are being
>         splited from
>         one big perl.
>
>         I've cleanup the wiki page left years ago
>         (http://fedoraproject.org/wiki/MailScanner_in_Fedora) and
>         waiting for
>         your ideas.
>
>         Are there any people interested in packaging help?
>
>         Thanks.
>
>
>         Yours sincerely,
>         Christopher Meng
>
>         Always playing in Fedora Project
>
>         http://cicku.me
>         --
>         MailScanner mailing list
>         mailscanner at lists.mailscanner.info
>         <mailto:mailscanner at lists.mailscanner.info>
>         http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>         Before posting, read http://wiki.mailscanner.info/posting
>
>         Support MailScanner development - buy the book off the website!
>
>
>
>
>     -- 
>
>     --
>     Jerry Benton
>     Mailborder Systems
>     www.mailborder.com <http://www.mailborder.com>
>
>     --
>     MailScanner mailing list
>     mailscanner at lists.mailscanner.info
>     <mailto:mailscanner at lists.mailscanner.info>
>     http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>     Before posting, read http://wiki.mailscanner.info/posting
>
>     Support MailScanner development - buy the book off the website!
>
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130711/800c7f16/attachment.html 

From cickumqt at gmail.com  Fri Jul 12 07:10:01 2013
From: cickumqt at gmail.com (Christopher Meng)
Date: Fri, 12 Jul 2013 14:10:01 +0800
Subject: Getting mailscanner into Fedora
In-Reply-To: <WM!24ad79d82d0440651680ae60c20f9d17022821b2ca64f9217d7e867ff3f3485cb17512e08d543593b07862ecc37d1b16!@mail1-ec2.fsl.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<LISTHINT!ee8e03d103dc4a25d75b0f6641ea215d92b98b1750e1001d7c99b9c31e025974219285b7b96a4cebba1db98901c24da1a32a0560390e3a9a582b4e5760c1748675b854b471ee0eb9a4ad5a9407219169!@mail1-ec2.fsl.com>
	<CAGDKorJRNc9+XQUxYtp0sfNCzaxiGjqkcbv59bBoKUjJGhPqxg@mail.gmail.com>
	<51DF2518.3040400@fsl.com>
	<WM!a7beafa6338cc6646d27cd33f615879df930b5ed0fb9f05846f7e842613ca42ce587cbaa2e3b5d1aff5f67054be5ef5edad410a5c6fb27d8d6e7735e8c576e5b0b07f684f986151c0c1379bbdc70174a!@mail1-ec2.fsl.com>
	<WM!24ad79d82d0440651680ae60c20f9d17022821b2ca64f9217d7e867ff3f3485cb17512e08d543593b07862ecc37d1b16!@mail1-ec2.fsl.com>
Message-ID: <CAHcXnBEFtHOPt5T7qsWwGKhVQRk0tAEbkUSsg0+X2J7s96CRCA@mail.gmail.com>

To Jerry:

I never say newer is better. But the fact is newer things are
appearing more and more now. After doing a searching of each package
ms needed, I found that all these packages have newer version now, and
newer version is now in not only Fedora, but many other distros.

You can enjoy your life with many old systems, like me, also have a
CentOS 5 instance on my server. But I just said I will have a try to
get this famous software borned again in the repos.

I'm just saying, too.

To Stephen Swaney:

Thanks. I want to package it for Fedora because I also want to package
it for EPEL and because EPEL can be configured on RHEL/CentOS servers.
I don't use Fedora as server OS.

I think EPEL is old enough.

Summary: Guys, please spare me. I just want to package a software, I'm
not trying to start an argument here.

From jerry.benton at mailborder.com  Fri Jul 12 08:20:06 2013
From: jerry.benton at mailborder.com (Jerry Benton)
Date: Fri, 12 Jul 2013 09:20:06 +0200
Subject: Getting mailscanner into Fedora
In-Reply-To: <CAHcXnBEFtHOPt5T7qsWwGKhVQRk0tAEbkUSsg0+X2J7s96CRCA@mail.gmail.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<LISTHINT!ee8e03d103dc4a25d75b0f6641ea215d92b98b1750e1001d7c99b9c31e025974219285b7b96a4cebba1db98901c24da1a32a0560390e3a9a582b4e5760c1748675b854b471ee0eb9a4ad5a9407219169!@mail1-ec2.fsl.com>
	<CAGDKorJRNc9+XQUxYtp0sfNCzaxiGjqkcbv59bBoKUjJGhPqxg@mail.gmail.com>
	<51DF2518.3040400@fsl.com>
	<WM!a7beafa6338cc6646d27cd33f615879df930b5ed0fb9f05846f7e842613ca42ce587cbaa2e3b5d1aff5f67054be5ef5edad410a5c6fb27d8d6e7735e8c576e5b0b07f684f986151c0c1379bbdc70174a!@mail1-ec2.fsl.com>
	<WM!24ad79d82d0440651680ae60c20f9d17022821b2ca64f9217d7e867ff3f3485cb17512e08d543593b07862ecc37d1b16!@mail1-ec2.fsl.com>
	<CAHcXnBEFtHOPt5T7qsWwGKhVQRk0tAEbkUSsg0+X2J7s96CRCA@mail.gmail.com>
Message-ID: <CAED3VzDdT_bu_dePuZdJrMKrF_42nXbsP45fMkLkttWeBjt55w@mail.gmail.com>

Chris,

Getting MailScanner into EPEL would be great. I do agree. However, running
a server platform on Fedora is an amazingly bad idea. The software is so
bleeding edge that entirely defeats the purpose of running it on a server
because it is not what you need for a server platform, which is: mature,
stable, secure, and reliable.

So, no, newer does not equal better for servers where critical services are
handled. Of course, some may disagree.


Jerry Benton



On Fri, Jul 12, 2013 at 8:10 AM, Christopher Meng <cickumqt at gmail.com>wrote:

> To Jerry:
>
> I never say newer is better. But the fact is newer things are
> appearing more and more now. After doing a searching of each package
> ms needed, I found that all these packages have newer version now, and
> newer version is now in not only Fedora, but many other distros.
>
> You can enjoy your life with many old systems, like me, also have a
> CentOS 5 instance on my server. But I just said I will have a try to
> get this famous software borned again in the repos.
>
> I'm just saying, too.
>
> To Stephen Swaney:
>
> Thanks. I want to package it for Fedora because I also want to package
> it for EPEL and because EPEL can be configured on RHEL/CentOS servers.
> I don't use Fedora as server OS.
>
> I think EPEL is old enough.
>
> Summary: Guys, please spare me. I just want to package a software, I'm
> not trying to start an argument here.
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>



-- 

--
Jerry Benton
Mailborder Systems
www.mailborder.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130712/a33bff2c/attachment.html 

From cickumqt at gmail.com  Fri Jul 12 08:54:29 2013
From: cickumqt at gmail.com (Christopher Meng)
Date: Fri, 12 Jul 2013 15:54:29 +0800
Subject: Getting mailscanner into Fedora
In-Reply-To: <CAED3VzDdT_bu_dePuZdJrMKrF_42nXbsP45fMkLkttWeBjt55w@mail.gmail.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<LISTHINT!ee8e03d103dc4a25d75b0f6641ea215d92b98b1750e1001d7c99b9c31e025974219285b7b96a4cebba1db98901c24da1a32a0560390e3a9a582b4e5760c1748675b854b471ee0eb9a4ad5a9407219169!@mail1-ec2.fsl.com>
	<CAGDKorJRNc9+XQUxYtp0sfNCzaxiGjqkcbv59bBoKUjJGhPqxg@mail.gmail.com>
	<51DF2518.3040400@fsl.com>
	<WM!a7beafa6338cc6646d27cd33f615879df930b5ed0fb9f05846f7e842613ca42ce587cbaa2e3b5d1aff5f67054be5ef5edad410a5c6fb27d8d6e7735e8c576e5b0b07f684f986151c0c1379bbdc70174a!@mail1-ec2.fsl.com>
	<WM!24ad79d82d0440651680ae60c20f9d17022821b2ca64f9217d7e867ff3f3485cb17512e08d543593b07862ecc37d1b16!@mail1-ec2.fsl.com>
	<CAHcXnBEFtHOPt5T7qsWwGKhVQRk0tAEbkUSsg0+X2J7s96CRCA@mail.gmail.com>
	<CAED3VzDdT_bu_dePuZdJrMKrF_42nXbsP45fMkLkttWeBjt55w@mail.gmail.com>
Message-ID: <CAHcXnBHTTOZLD+-S-3hLvuMWey4B1Rd7KWrQ4s3N2OzEoD1OnQ@mail.gmail.com>

I know I know... I understand your meaning and in fact I always follow
these...... I just said doing a
packaging work for Fedora, thus for EPEL, too.

I cannot only package this into EPEL without Fedora. Guideline may
disallow this.

From m.a.young at durham.ac.uk  Fri Jul 12 10:38:39 2013
From: m.a.young at durham.ac.uk (M A Young)
Date: Fri, 12 Jul 2013 10:38:39 +0100 (BST)
Subject: Getting mailscanner into Fedora
In-Reply-To: <CAHcXnBF0gkgE--q20RX4h6zhfEkn+X85PYhmEFriqA6h+4iy7w@mail.gmail.com>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<1373554407.10478.3.camel@zues.tamucc.edu>
	<CAHcXnBF0gkgE--q20RX4h6zhfEkn+X85PYhmEFriqA6h+4iy7w@mail.gmail.com>
Message-ID: <alpine.GSO.2.00.1307121027490.10826@algedi.dur.ac.uk>

On Thu, 11 Jul 2013, Christopher Meng wrote:

> I don't know the deps' status in EPEL6.
>
> I'll try building it on Fedora first, IMO the shipped perl modules in
> the ms install RPM are too old. Fedora includes newer version of
> nearly each of them.

I believe RHEL/CentOS or EPEL already contain all the dependencies for the 
mailscanner rpm (as shipped from mailscanner.info) so you probably just 
need to provide the mailscanner rpm. I imagine Fedora is the same.

As others have said I don't think Fedora is a good platform to use 
mailscanner on in production, though it is probably okay as a testbed (it 
might for example be useful for working out what issues RHEL/CentOS 7 
might have with mailscanner).

 	Michael Young

From cickumqt at gmail.com  Fri Jul 12 11:38:22 2013
From: cickumqt at gmail.com (Christopher Meng)
Date: Fri, 12 Jul 2013 18:38:22 +0800
Subject: Getting mailscanner into Fedora
In-Reply-To: <alpine.GSO.2.00.1307121027490.10826@algedi.dur.ac.uk>
References: <CAHcXnBGB048DtpM6kPYE3Brz5HRpJDv6+hBEp1jT=1ctMCV1Pg@mail.gmail.com>
	<CAED3VzDGTPzOeZaF_ypmLiQYj8gCNaznKMQ_QiLFR=WdPfbGcg@mail.gmail.com>
	<1373554407.10478.3.camel@zues.tamucc.edu>
	<CAHcXnBF0gkgE--q20RX4h6zhfEkn+X85PYhmEFriqA6h+4iy7w@mail.gmail.com>
	<alpine.GSO.2.00.1307121027490.10826@algedi.dur.ac.uk>
Message-ID: <CAHcXnBG-MrxKwxfytXHsiw_ZswH2MuEfhfiVw4E1uj7+=u5k6A@mail.gmail.com>

Currently I'm focusing on the deps, all deps in the repo, either in Fedora,
or in EPEL, are newer than the shipped version from ms official package. So
I have to test if ms can work well with newer version deps.

And the main issue is ms itself, I will try to reuse the spec shipped in
the tar ball.

Thank you all.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130712/ff336bd2/attachment.html 

From x72m35 at gmail.com  Sat Jul 13 07:23:54 2013
From: x72m35 at gmail.com (Lasantha Marian)
Date: Sat, 13 Jul 2013 11:53:54 +0530
Subject: Mail addresses with more @ signs
In-Reply-To: <CAMgku6SzJxCGbGvq9pBV7YYW5itiRsP0vdS5FMQsG2SGjtH1bA@mail.gmail.com>
References: <51B85845.4070308@gmail.com>
	<CAMgku6SzJxCGbGvq9pBV7YYW5itiRsP0vdS5FMQsG2SGjtH1bA@mail.gmail.com>
Message-ID: <51E0F27A.9030805@gmail.com>


> Lasantha,
>
> Can you please file this as an issue? 
> https://github.com/MailScanner/MailScanner/issues/new
>
> Regards,
> Stephen
>
>
Done ( https://github.com/MailScanner/MailScanner/issues/26).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130713/eb6e84f1/attachment.html 

From michaelm12-asfbugzilla at aquaorange.net  Mon Jul 15 12:09:08 2013
From: michaelm12-asfbugzilla at aquaorange.net (MikeM)
Date: Mon, 15 Jul 2013 12:09:08 +0100
Subject: MailScanner temporary files not deleted
In-Reply-To: <51DCCA47.7060501@msapiro.net>
References: <51D3E91F.6040305@aquaorange.net>
	<CAMgku6TcPzseaUPjFpg4ed7__pX=m6qfjGcpwLJ_uysm=BhUdw@mail.gmail.com>
	<51DCCA47.7060501@msapiro.net>
Message-ID: <51E3D854.5080107@aquaorange.net>

Hi,

Please note that the commit below does not include all the changes from 
my patch.

Regards,
Mike

On 10/07/2013 03:43, Mark Sapiro wrote:
> On 07/08/2013 11:28 PM, Stephen Cox wrote:
>> On Wed, Jul 3, 2013 at 11:04 AM, MikeM
>> <michaelm12-asfbugzilla at aquaorange.net> wrote:
>>
>>      Attached is a patch which helps to avoid the various temporary files
>>      left lying around by MailScanner in /tmp and
>>      /var/spool/MailScanner/__incoming/SpamAssassin-Temp
>>
>>
>> Mike,
>>
>> Thank you for the patch. Can you please open a pull request on github.
>>
>> Regards,
>> Stephen
>
> Patches for this issue were committed in GitHub a year ago. See
> <https://github.com/MailScanner/MailScanner/commit/3765b8b20e3d6166734fc923a1d00ea04918f2da>.
>


From pparsons at techeez.com  Tue Jul 16 20:00:59 2013
From: pparsons at techeez.com (Philip Parsons)
Date: Tue, 16 Jul 2013 19:00:59 +0000
Subject: Is there a newer .deb package available for download 
Message-ID: <11D8E491D9562549A61FD3186F36342001B487FDD9@exchange.techeez.com>

As the webpage only has a link to mailscanner_4.79.11-2.2_all.deb


Thank you.
Philip Parsons
IT and Telecommunication Specialist
Techeez IT Consulting
250-818-2879
www.techeez.com "Making IT easy"

Disclaimer:  This email, and any attachments, is intended only for the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this email, you are hereby notified that any dissemination, distribution or copying of this email or any attachments is strictly prohibited.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130716/9b7d71db/attachment.html 

From jeff at askcornerstone.net  Tue Jul 16 20:12:05 2013
From: jeff at askcornerstone.net (Jeff Bernhardt)
Date: Tue, 16 Jul 2013 19:12:05 +0000
Subject: Is there a newer .deb package available for download 
In-Reply-To: <11D8E491D9562549A61FD3186F36342001B487FDD9@exchange.techeez.com>
References: <11D8E491D9562549A61FD3186F36342001B487FDD9@exchange.techeez.com>
Message-ID: <8A9716A5B256904FB1F07C050F9CCCCB02283266@mail2.firstdataworks.net>

Baruwa has later versions (4.84.5 when I installed about a month ago):
http://apt.baruwa.org/

Add to apt/sources then just run "apt-get install mailscanner" instead of  "apt-get install baruwa" (actually couldn't get Baruwa to run; might be my own incompetence).

Jeff

From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Philip Parsons
Sent: Tuesday, July 16, 2013 9:01 AM
To: mailscanner at lists.mailscanner.info
Subject: Is there a newer .deb package available for download

As the webpage only has a link to mailscanner_4.79.11-2.2_all.deb


Thank you.
Philip Parsons
IT and Telecommunication Specialist
Techeez IT Consulting
250-818-2879
www.techeez.com<http://www.techeez.com> "Making IT easy"

Disclaimer:  This email, and any attachments, is intended only for the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this email, you are hereby notified that any dissemination, distribution or copying of this email or any attachments is strictly prohibited.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130716/60657dbf/attachment.html 

From mark at msapiro.net  Tue Jul 16 22:41:53 2013
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 16 Jul 2013 14:41:53 -0700
Subject: MailScanner temporary files not deleted
In-Reply-To: <51E3D854.5080107@aquaorange.net>
References: <51D3E91F.6040305@aquaorange.net>
	<CAMgku6TcPzseaUPjFpg4ed7__pX=m6qfjGcpwLJ_uysm=BhUdw@mail.gmail.com>
	<51DCCA47.7060501@msapiro.net> <51E3D854.5080107@aquaorange.net>
Message-ID: <51E5BE21.6060701@msapiro.net>

On 07/15/2013 04:09 AM, MikeM wrote:
> Hi,
> 
> Please note that the commit below does not include all the changes from
> my patch.


That's true, but there were several other commits on this issue around
that time. See the May 29 and June 4 commits at
<https://github.com/MailScanner/MailScanner/commits/master>, or better
yet, can you look at

<https://github.com/MailScanner/MailScanner/blob/master/mailscanner/lib/bitdefender-wrapper>
<https://github.com/MailScanner/MailScanner/blob/master/mailscanner/lib/clamav-wrapper>
<https://github.com/MailScanner/MailScanner/blob/master/mailscanner/lib/kaspersky-wrapper>
<https://github.com/MailScanner/MailScanner/blob/master/mailscanner/bin/MailScanner/CustomFunctions/Ruleset-from-Function.pm>

and see what if anything is missing from those? As far as I can tell,
those have fixed this issue for me and the only parts of your patch that
are new are the patches to MailScanner/etc/virus.scanners.conf and
MailScanner/CustomFunctions/LastSpam.pm.

The LastSpam.pm file doesn't even exist in my 4.84.5-3 installation.

I think it would still be appropriate to create a patch for only those
things which are still not addressed in the master at
<https://github.com/MailScanner/MailScanner> and open a pull request.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From stephencoxmail at gmail.com  Wed Jul 17 09:15:01 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Wed, 17 Jul 2013 10:15:01 +0200
Subject: Is there a newer .deb package available for download
In-Reply-To: <8A9716A5B256904FB1F07C050F9CCCCB02283266@mail2.firstdataworks.net>
References: <11D8E491D9562549A61FD3186F36342001B487FDD9@exchange.techeez.com>
	<8A9716A5B256904FB1F07C050F9CCCCB02283266@mail2.firstdataworks.net>
Message-ID: <CAMgku6RDfBw7nxweFvYV4rtzUb7T-jtSS=H4BfS80aJs0C+qMA@mail.gmail.com>

On Tue, Jul 16, 2013 at 9:12 PM, Jeff Bernhardt <jeff at askcornerstone.net>wrote:

>  Baruwa has later versions (4.84.5 when I installed about a month ago):***
> *
>
> http://apt.baruwa.org/****
>
> ** **
>
> Add to apt/sources then just run ?apt-get install mailscanner? instead of
>  ?apt-get install baruwa? (actually couldn?t get Baruwa to run; might be my
> own incompetence).****
>
> ** **
>
> Jeff ****
>
> ** **
>
> *From:* mailscanner-bounces at lists.mailscanner.info [mailto:
> mailscanner-bounces at lists.mailscanner.info] *On Behalf Of *Philip Parsons
> *Sent:* Tuesday, July 16, 2013 9:01 AM
> *To:* mailscanner at lists.mailscanner.info
> *Subject:* Is there a newer .deb package available for download ****
>
> ** **
>
> As the webpage only has a link to mailscanner_4.79.11-2.2_all.deb****
>
> **
>

Use the baruwa repo. I have emailed the maintainer of the Debian package
and asked him to update.


>  **
>
> ** **
>
> Thank you. ****
>
> Philip Parsons****
>
> IT and Telecommunication Specialist****
>
> Techeez IT Consulting****
>
> 250-818-2879****
>
> www.techeez.com "Making IT easy"****
>
> ** **
>
> Disclaimer:  This email, and any attachments, is intended only for the
> addressee(s) named herein and may contain confidential information. If you
> are not the intended recipient of this email, you are hereby notified that
> any dissemination, distribution or copying of this email or any attachments
> is strictly prohibited.****
>
> ** **
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130717/140633be/attachment.html 

From mark at msapiro.net  Wed Jul 17 15:39:51 2013
From: mark at msapiro.net (Mark Sapiro)
Date: Wed, 17 Jul 2013 07:39:51 -0700
Subject: Fail2ban and logging
In-Reply-To: <51E69AD3.1090908@vandervlis.nl>
References: <krtubr$j86$1@ger.gmane.org> <51E2F370.7080802@msapiro.net>
	<51E41EAB.8070901@vandervlis.nl> <51E4B73E.2000504@msapiro.net>
	<51E69AD3.1090908@vandervlis.nl>
Message-ID: <51E6ACB7.4080001@msapiro.net>

On 07/17/2013 06:23 AM, Paul van der Vlis wrote:
> 
> What wonders me is that every attempt is logged. With me the attemps are
> counted together.  I think it's not very important which port or
> protocol is used.


I think the reason is I was testing with a client that sends QUIT after
receiving the login failure. If it kept the session open and sent
another login, Dovecot would probably log as it does for you.

Sorry for the confusion.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From davidj at mail24-7.com  Wed Jul 17 17:11:33 2013
From: davidj at mail24-7.com (David J)
Date: Wed, 17 Jul 2013 12:11:33 -0400
Subject: New help installing MailScanner
Message-ID: <000001ce8308$4e490b70$eadb2250$@mail24-7.com>

Hi,

 

I have mailscanner running on my current server which I of course I think is
great, but I'm setting it up a on new one and I may need some step by step.

 

Can MailScanner work with MailDir or does it work only with mbox.

 

FYI: The MTA I'll be using is postfix which I'll need to also setup the
chroot jail.

 

Thanks

David j.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130717/fa90d538/attachment.html 

From stephencoxmail at gmail.com  Wed Jul 17 19:00:04 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Wed, 17 Jul 2013 20:00:04 +0200
Subject: New help installing MailScanner
In-Reply-To: <000001ce8308$4e490b70$eadb2250$@mail24-7.com>
References: <000001ce8308$4e490b70$eadb2250$@mail24-7.com>
Message-ID: <CAMgku6T9_HGSotTgm=BvCj0kbF-B0Bcc41FSBDJHpVYZOVYBQg@mail.gmail.com>

On Jul 17, 2013 6:44 PM, "David J" <davidj at mail24-7.com> wrote:
>
> Hi,
>
>
>
> I have mailscanner running on my current server which I of course I think
is great, but I'm setting it up a on new one and I may need some step by
step.
>
>
>
> Can MailScanner work with MailDir or does it work only with mbox.
>
>
>
> FYI: The MTA I?ll be using is postfix which I?ll need to also setup the
chroot jail.
>
>
>
> Thanks
>
> David j.
>

David,

Postfix handles MailDir just fine with MailScanner in the mix.

Regards,
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130717/e5f5c37f/attachment.html 

From davidj at mail24-7.com  Wed Jul 17 23:29:33 2013
From: davidj at mail24-7.com (David J)
Date: Wed, 17 Jul 2013 18:29:33 -0400
Subject: New help installing MailScanner
In-Reply-To: <CAMgku6T9_HGSotTgm=BvCj0kbF-B0Bcc41FSBDJHpVYZOVYBQg@mail.gmail.com>
References: <000001ce8308$4e490b70$eadb2250$@mail24-7.com>
	<CAMgku6T9_HGSotTgm=BvCj0kbF-B0Bcc41FSBDJHpVYZOVYBQg@mail.gmail.com>
Message-ID: <003d01ce833d$1d53fbd0$57fbf370$@mail24-7.com>

Hi,

 

Thanks for your help so far.

 

I installed MailScanner, configured it for postfix 

 

a.       I ran the postfix chroot script and it seemed to work fine.  I then
followed the instructions on the MailScanner web site about setting up
MailScanner with postfix.

b.      Spam assassin was installed from a respository for this OS wrt
co-location company I'm using.

 

I'm able to send email but it gets stuck in the mailq eg . mailq

 

I ran MailScanner -lint

 

The errors are:

 

1. The unrar I'll do last but the spam assassin is not working.

 

2. ERROR: The "envelope_sender_header" in your spam.assassin.prefs.conf

ERROR: is not correct, it should match X-yoursite-MailScanner-From

 

I do a:  locate spam.assassin.prefs.conf but I find only
/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf

 

3.  Could not create SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db at
/usr/lib/MailScanner/MailScanner/SA.pm line 232

Could not create SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db

SpamAssassin reported no errors.

I have found sophos scanners installed, and will use them all by default.

ERROR: Could not connect to SQLite database
/var/spool/MailScanner/incoming/Processing.db, either I cannot write to that
location or your SQLite installation is screwed. at /usr/sbin/MailScanner
line 1763

 

Howevere, in /var/spool/MailScanner/incoming the 2 db files are there yet
the error keeps coming up

 

4. The SQLite error - I'm not sure what that means

 

Here is the output of MailScanner -lint

 

Trying to setlogsock(unix)

 

Reading configuration file /etc/MailScanner/MailScanner.conf

Reading configuration file /etc/MailScanner/conf.d/README

Read 873 hostnames from the phishing whitelist

Read 3966 hostnames from the phishing blacklists

 

Checking version numbers...

Version number in MailScanner.conf (4.84.6) is correct.

 

Unrar is not installed, it should be in /usr/bin/unrar.

This is required for RAR archives to be read to check

filenames and filetypes. Virus scanning is not affected.

 

 

ERROR: The "envelope_sender_header" in your spam.assassin.prefs.conf

ERROR: is not correct, it should match X-yoursite-MailScanner-From

 

MailScanner setting GID to  (89)

MailScanner setting UID to  (89)

 

Checking for SpamAssassin errors (if you use it)...

Using SpamAssassin results cache

Could not create SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db at
/usr/lib/MailScanner/MailScanner/SA.pm line 232

Could not create SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db

SpamAssassin reported no errors.

I have found sophos scanners installed, and will use them all by default.

ERROR: Could not connect to SQLite database
/var/spool/MailScanner/incoming/Processing.db, either I cannot write to that
location or your SQLite installation is screwed. at /usr/sbin/MailScanner
line 1763

Using locktype = posix

MailScanner.conf says "Virus Scanners = auto"

Found these virus scanners installed: sophos

===========================================================================

Filename Checks: Windows/DOS Executable (1 eicar.com)

Other Checks: Found 1 problems

Virus and Content Scanning: Starting

>>> Virus 'EICAR-AV-Test' found in file ./1/eicar.com

Virus Scanning: Sophos found 1 infections

Infected message 1 came from 10.1.1.1

Virus Scanning: Found 1 viruses

===========================================================================

Virus Scanner test reports:

Sophos said ">>> Virus 'EICAR-AV-Test' found in file ./1/eicar.com"

 

If any of your virus scanners (sophos)

are not listed there, you should check that they are installed correctly

and that MailScanner is finding them correctly via its virus.scanners.conf.

 

Thanks

David j.

 

From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Stephen Cox
Sent: Wednesday, July 17, 2013 2:00 PM
To: MailScanner discussion
Subject: Re: New help installing MailScanner

 


On Jul 17, 2013 6:44 PM, "David J" <davidj at mail24-7.com> wrote:
>
> Hi,
>
>  
>
> I have mailscanner running on my current server which I of course I think
is great, but I'm setting it up a on new one and I may need some step by
step.
>
>  
>
> Can MailScanner work with MailDir or does it work only with mbox.
>
>  
>
> FYI: The MTA I'll be using is postfix which I'll need to also setup the
chroot jail.
>
>  
>
> Thanks
>
> David j.
>

David,

Postfix handles MailDir just fine with MailScanner in the mix.

Regards,
Stephen


-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130717/b83a57b3/attachment.html 

From davidj at mail24-7.com  Thu Jul 18 04:33:19 2013
From: davidj at mail24-7.com (David J)
Date: Wed, 17 Jul 2013 23:33:19 -0400
Subject: FW: New help installing MailScanner
In-Reply-To: <003d01ce833d$1d53fbd0$57fbf370$@mail24-7.com>
References: <000001ce8308$4e490b70$eadb2250$@mail24-7.com>	<CAMgku6T9_HGSotTgm=BvCj0kbF-B0Bcc41FSBDJHpVYZOVYBQg@mail.gmail.com>
	<003d01ce833d$1d53fbd0$57fbf370$@mail24-7.com>
Message-ID: <002c01ce8367$8c8d1750$a5a745f0$@mail24-7.com>

Hi,

 

I've successfully installed MailScanner.

 

The solutions were as follows:

 

2. ERROR: The "envelope_sender_header" in your spam.assassin.prefs.conf

ERROR: is not correct, it should match X-yoursite-MailScanner-From

 

%org-name% ABC in MailScanner.conf should match

 

envelope_sender_header X-ABC-MailScanner-From in spam.assassin.prefs.conf
(which I found J)

 

 

3. /var/spool/MailScanner/incoming/SpamAssassin.cache.db and
/var/spool/MailScanner/incoming/Processing.db

 

Were owned by root not postfix. As soon as I changed that it all worked.

 

1.       Setting up unrar - still looking into that.

 

Thanks 

David J.

 

 

 

From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of David J
Sent: Wednesday, July 17, 2013 6:30 PM
To: 'MailScanner discussion'
Subject: RE: New help installing MailScanner

 

Hi,

 

Thanks for your help so far.

 

I installed MailScanner, configured it for postfix 

 

a.       I ran the postfix chroot script and it seemed to work fine.  I then
followed the instructions on the MailScanner web site about setting up
MailScanner with postfix.

b.      Spam assassin was installed from a respository for this OS wrt
co-location company I'm using.

 

I'm able to send email but it gets stuck in the mailq eg . mailq

 

I ran MailScanner -lint

 

The errors are:

 

1. The unrar I'll do last but the spam assassin is not working.

 

2. ERROR: The "envelope_sender_header" in your spam.assassin.prefs.conf

ERROR: is not correct, it should match X-yoursite-MailScanner-From

 

I do a:  locate spam.assassin.prefs.conf but I find only
/etc/MailScanner/mcp/mcp.spam.assassin.prefs.conf

 

3.  Could not create SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db at
/usr/lib/MailScanner/MailScanner/SA.pm line 232

Could not create SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db

SpamAssassin reported no errors.

I have found sophos scanners installed, and will use them all by default.

ERROR: Could not connect to SQLite database
/var/spool/MailScanner/incoming/Processing.db, either I cannot write to that
location or your SQLite installation is screwed. at /usr/sbin/MailScanner
line 1763

 

Howevere, in /var/spool/MailScanner/incoming the 2 db files are there yet
the error keeps coming up

 

4. The SQLite error - I'm not sure what that means

 

Here is the output of MailScanner -lint

 

Trying to setlogsock(unix)

 

Reading configuration file /etc/MailScanner/MailScanner.conf

Reading configuration file /etc/MailScanner/conf.d/README

Read 873 hostnames from the phishing whitelist

Read 3966 hostnames from the phishing blacklists

 

Checking version numbers...

Version number in MailScanner.conf (4.84.6) is correct.

 

Unrar is not installed, it should be in /usr/bin/unrar.

This is required for RAR archives to be read to check

filenames and filetypes. Virus scanning is not affected.

 

 

ERROR: The "envelope_sender_header" in your spam.assassin.prefs.conf

ERROR: is not correct, it should match X-yoursite-MailScanner-From

 

MailScanner setting GID to  (89)

MailScanner setting UID to  (89)

 

Checking for SpamAssassin errors (if you use it)...

Using SpamAssassin results cache

Could not create SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db at
/usr/lib/MailScanner/MailScanner/SA.pm line 232

Could not create SpamAssassin cache database
/var/spool/MailScanner/incoming/SpamAssassin.cache.db

SpamAssassin reported no errors.

I have found sophos scanners installed, and will use them all by default.

ERROR: Could not connect to SQLite database
/var/spool/MailScanner/incoming/Processing.db, either I cannot write to that
location or your SQLite installation is screwed. at /usr/sbin/MailScanner
line 1763

Using locktype = posix

MailScanner.conf says "Virus Scanners = auto"

Found these virus scanners installed: sophos

===========================================================================

Filename Checks: Windows/DOS Executable (1 eicar.com)

Other Checks: Found 1 problems

Virus and Content Scanning: Starting

>>> Virus 'EICAR-AV-Test' found in file ./1/eicar.com

Virus Scanning: Sophos found 1 infections

Infected message 1 came from 10.1.1.1

Virus Scanning: Found 1 viruses

===========================================================================

Virus Scanner test reports:

Sophos said ">>> Virus 'EICAR-AV-Test' found in file ./1/eicar.com"

 

If any of your virus scanners (sophos)

are not listed there, you should check that they are installed correctly

and that MailScanner is finding them correctly via its virus.scanners.conf.

 

Thanks

David j.

 

From: mailscanner-bounces at lists.mailscanner.info
[mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Stephen Cox
Sent: Wednesday, July 17, 2013 2:00 PM
To: MailScanner discussion
Subject: Re: New help installing MailScanner

 


On Jul 17, 2013 6:44 PM, "David J" <davidj at mail24-7.com> wrote:
>
> Hi,
>
>  
>
> I have mailscanner running on my current server which I of course I think
is great, but I'm setting it up a on new one and I may need some step by
step.
>
>  
>
> Can MailScanner work with MailDir or does it work only with mbox.
>
>  
>
> FYI: The MTA I'll be using is postfix which I'll need to also setup the
chroot jail.
>
>  
>
> Thanks
>
> David j.
>

David,

Postfix handles MailDir just fine with MailScanner in the mix.

Regards,
Stephen


-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 


-- 
This message has been scanned for viruses and 
dangerous content by  <http://www.mailscanner.info/> MailScanner, and is 
believed to be clean. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130717/c3797204/attachment.html 

From richard at fastnet.co.uk  Thu Jul 18 10:30:07 2013
From: richard at fastnet.co.uk (Richard Mealing)
Date: Thu, 18 Jul 2013 09:30:07 +0000
Subject: Quarantined message * as it caused MailScanner to crash several times
Message-ID: <6EE47AF64C339A4F8F7F50507241B3795E2459E0@BTN-EXCHANGE-V1.fastnet.local>

Hi,

I have searched for a while and I cannot find a solution to my problem. The only reference to this problem was when I reported it back in 2011.

I've been struggling along updating to the latest mailscanner and FreeBSD versions but this problem keeps hitting all of my servers once and a while.



Basically I get a log entry similar to this  -

Jul 17 22:44:40 mailfilter6 sm-mta-in[8204]: r6HLicbY008204: to=<info at somedomain.com>, delay=00:00:01, mailer=esmtp, pri=63196, stat=queued
Jul 17 22:49:53 mailfilter6 MailScanner[10329]: Making attempt 2 at processing message r6HLicbY008204
Jul 17 22:52:39 mailfilter6 MailScanner[11223]: Making attempt 3 at processing message r6HLicbY008204
Jul 17 22:55:07 mailfilter6 MailScanner[12183]: Making attempt 4 at processing message r6HLicbY008204
Jul 17 22:57:58 mailfilter6 MailScanner[13318]: Making attempt 5 at processing message r6HLicbY008204
Jul 17 23:00:48 mailfilter6 MailScanner[14702]: Making attempt 6 at processing message r6HLicbY008204
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Warning: skipping message r6HLicbY008204 as it has been attempted too many times
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Quarantined message r6HLicbY008204 as it caused MailScanner to crash several times
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Saved entire message to /var/spool/MailScanner/quarantine/20130717/r6HLicbY008204

It then fails on every subsequent message. To resolve I have to turn off the server and remove all the emails in the queue. If I pass the emails over to another server, say around 6000 emails, that server then has the exact same problem.

I've debugged mailscanner and spamassassin, I don't see any problems with SA, but mailscanner I get the following, still -

Can't call method "CombineReports" on unblessed reference at /usr/local/lib/MailScanner/MailScanner/MessageBatch.pm line 736.



Can anyone help me with this problem? I am using the -U flag, but this doesn't make any odds to the problem.

#!/usr/bin/perl -U -I/usr/local/lib/MailScanner


When I debug mailscanner I move the first problematic message to it's incoming queue and run the debug (I stop mailscanner before this so it's not running as a daemon) and I get no problems with the debug, but when I run it with over 6000 emails in the queue it comes up with the above debug message. I imagine this is a problem with timeout or such, but I'm not sure why it stops processing messages in the first place.

Does anyone have any ideas what I can do to fix this problem?

Thanks,
Rich
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130718/0f27f520/attachment.html 

From richard at fastnet.co.uk  Thu Jul 18 12:20:43 2013
From: richard at fastnet.co.uk (Richard Mealing)
Date: Thu, 18 Jul 2013 11:20:43 +0000
Subject: Quarantined message * as it caused MailScanner to crash several
	times - fixed?
Message-ID: <6EE47AF64C339A4F8F7F50507241B3795E245C5F@BTN-EXCHANGE-V1.fastnet.local>

I'm fairly sure this has nothing to do with mailscanner itself, but my MTA. When it happens my MTA doesn't seem to be running properly (or can't handle the emails).

I've changed some permissions on the incoming and outgoing (and slow) queue's now, according to the mailscanner sendmail configuration page. I'll report back if it happens again.



Thanks,

From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Richard Mealing
Sent: 18 July 2013 10:30
To: 'MailScanner discussion (mailscanner at lists.mailscanner.info)'
Subject: Quarantined message * as it caused MailScanner to crash several times

Hi,

I have searched for a while and I cannot find a solution to my problem. The only reference to this problem was when I reported it back in 2011.

I've been struggling along updating to the latest mailscanner and FreeBSD versions but this problem keeps hitting all of my servers once and a while.



Basically I get a log entry similar to this  -

Jul 17 22:44:40 mailfilter6 sm-mta-in[8204]: r6HLicbY008204: to=<info at somedomain.com<mailto:info at somedomain.com>>, delay=00:00:01, mailer=esmtp, pri=63196, stat=queued
Jul 17 22:49:53 mailfilter6 MailScanner[10329]: Making attempt 2 at processing message r6HLicbY008204
Jul 17 22:52:39 mailfilter6 MailScanner[11223]: Making attempt 3 at processing message r6HLicbY008204
Jul 17 22:55:07 mailfilter6 MailScanner[12183]: Making attempt 4 at processing message r6HLicbY008204
Jul 17 22:57:58 mailfilter6 MailScanner[13318]: Making attempt 5 at processing message r6HLicbY008204
Jul 17 23:00:48 mailfilter6 MailScanner[14702]: Making attempt 6 at processing message r6HLicbY008204
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Warning: skipping message r6HLicbY008204 as it has been attempted too many times
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Quarantined message r6HLicbY008204 as it caused MailScanner to crash several times
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Saved entire message to /var/spool/MailScanner/quarantine/20130717/r6HLicbY008204

It then fails on every subsequent message. To resolve I have to turn off the server and remove all the emails in the queue. If I pass the emails over to another server, say around 6000 emails, that server then has the exact same problem.

I've debugged mailscanner and spamassassin, I don't see any problems with SA, but mailscanner I get the following, still -

Can't call method "CombineReports" on unblessed reference at /usr/local/lib/MailScanner/MailScanner/MessageBatch.pm line 736.



Can anyone help me with this problem? I am using the -U flag, but this doesn't make any odds to the problem.

#!/usr/bin/perl -U -I/usr/local/lib/MailScanner


When I debug mailscanner I move the first problematic message to it's incoming queue and run the debug (I stop mailscanner before this so it's not running as a daemon) and I get no problems with the debug, but when I run it with over 6000 emails in the queue it comes up with the above debug message. I imagine this is a problem with timeout or such, but I'm not sure why it stops processing messages in the first place.

Does anyone have any ideas what I can do to fix this problem?

Thanks,
Rich
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130718/576e7030/attachment.html 

From stephencoxmail at gmail.com  Fri Jul 19 07:24:07 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Fri, 19 Jul 2013 08:24:07 +0200
Subject: Quarantined message * as it caused MailScanner to crash several
	times - fixed?
In-Reply-To: <6EE47AF64C339A4F8F7F50507241B3795E245C5F@BTN-EXCHANGE-V1.fastnet.local>
References: <6EE47AF64C339A4F8F7F50507241B3795E245C5F@BTN-EXCHANGE-V1.fastnet.local>
Message-ID: <CAMgku6QwSFb1BiW_swQzmVmfvG2t93ENF7Uqr5mCsXFo20YByg@mail.gmail.com>

On Thu, Jul 18, 2013 at 1:20 PM, Richard Mealing <richard at fastnet.co.uk>wrote:

> I?m fairly sure this has nothing to do with mailscanner itself, but my
> MTA. When it happens my MTA doesn?t seem to be running properly (or can?t
> handle the emails).****
>
> ** **
>
> I?ve changed some permissions on the incoming and outgoing (and slow)
> queue?s now, according to the mailscanner sendmail configuration page. I?ll
> report back if it happens again.****
>
> ** **
>
> ** **
>
> **
>

What the output of MailScanner --lint?


>  **
>
> Thanks,****
>
> ** **
>
> *From:* mailscanner-bounces at lists.mailscanner.info [mailto:
> mailscanner-bounces at lists.mailscanner.info] *On Behalf Of *Richard Mealing
> *Sent:* 18 July 2013 10:30
> *To:* 'MailScanner discussion (mailscanner at lists.mailscanner.info)'
> *Subject:* Quarantined message * as it caused MailScanner to crash
> several times****
>
> ** **
>
> Hi,****
>
> ** **
>
> I have searched for a while and I cannot find a solution to my problem.
> The only reference to this problem was when I reported it back in 2011.***
> *
>
> ** **
>
> I?ve been struggling along updating to the latest mailscanner and FreeBSD
> versions but this problem keeps hitting all of my servers once and a while.
> ****
>
> ** **
>
> ** **
>
> ** **
>
> Basically I get a log entry similar to this  - ****
>
> ** **
>
> Jul 17 22:44:40 mailfilter6 sm-mta-in[8204]: r6HLicbY008204: to=<
> info at somedomain.com>, delay=00:00:01, mailer=esmtp, pri=63196, stat=queued
> ****
>
> Jul 17 22:49:53 mailfilter6 MailScanner[10329]: Making attempt 2 at
> processing message r6HLicbY008204****
>
> Jul 17 22:52:39 mailfilter6 MailScanner[11223]: Making attempt 3 at
> processing message r6HLicbY008204****
>
> Jul 17 22:55:07 mailfilter6 MailScanner[12183]: Making attempt 4 at
> processing message r6HLicbY008204****
>
> Jul 17 22:57:58 mailfilter6 MailScanner[13318]: Making attempt 5 at
> processing message r6HLicbY008204****
>
> Jul 17 23:00:48 mailfilter6 MailScanner[14702]: Making attempt 6 at
> processing message r6HLicbY008204****
>
> Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Warning: skipping message
> r6HLicbY008204 as it has been attempted too many times****
>
> Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Quarantined message
> r6HLicbY008204 as it caused MailScanner to crash several times****
>
> Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Saved entire message to
> /var/spool/MailScanner/quarantine/20130717/r6HLicbY008204****
>
> ** **
>
> It then fails on every subsequent message. To resolve I have to turn off
> the server and remove all the emails in the queue. If I pass the emails
> over to another server, say around 6000 emails, that server then has the
> exact same problem.****
>
> ** **
>
> I?ve debugged mailscanner and spamassassin, I don?t see any problems with
> SA, but mailscanner I get the following, still ? ****
>
> ** **
>
> Can't call method "CombineReports" on unblessed reference at
> /usr/local/lib/MailScanner/MailScanner/MessageBatch.pm line 736.****
>
> ** **
>
> ** **
>
> ** **
>
> Can anyone help me with this problem? I am using the ?U flag, but this
> doesn?t make any odds to the problem.****
>
> ** **
>
> #!/usr/bin/perl -U -I/usr/local/lib/MailScanner****
>
> ** **
>
> ** **
>
> When I debug mailscanner I move the first problematic message to it?s
> incoming queue and run the debug (I stop mailscanner before this so it?s
> not running as a daemon) and I get no problems with the debug, but when I
> run it with over 6000 emails in the queue it comes up with the above debug
> message. I imagine this is a problem with timeout or such, but I?m not sure
> why it stops processing messages in the first place. ****
>
> ** **
>
> Does anyone have any ideas what I can do to fix this problem? ****
>
> ** **
>
> Thanks,****
>
> Rich****
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130719/aa9ab3fc/attachment.html 

From richard at fastnet.co.uk  Fri Jul 19 10:45:01 2013
From: richard at fastnet.co.uk (Richard Mealing)
Date: Fri, 19 Jul 2013 09:45:01 +0000
Subject: Quarantined message * as it caused MailScanner to crash several
	times - fixed?
In-Reply-To: <CAMgku6QwSFb1BiW_swQzmVmfvG2t93ENF7Uqr5mCsXFo20YByg@mail.gmail.com>
References: <6EE47AF64C339A4F8F7F50507241B3795E245C5F@BTN-EXCHANGE-V1.fastnet.local>
	<CAMgku6QwSFb1BiW_swQzmVmfvG2t93ENF7Uqr5mCsXFo20YByg@mail.gmail.com>
Message-ID: <6EE47AF64C339A4F8F7F50507241B3795E2476E6@BTN-EXCHANGE-V1.fastnet.local>

Hi,

Mailscanner -lint didn't show any problems with my configuration. I found the error when turning on Debug = yes for mailscanner. SA was fine but mailscanner produced the error -

Can't call method "CombineReports" on unblessed reference at /usr/local/lib/MailScanner/MailScanner/MessageBatch.pm line 736.
When looking at the logs I see no sendmail processing emails but just mailscanner going around in a loop quarantining all the emails.

I've tightened the timeouts on my sendmail mta as I think this was the problem. I've also changed the permissions on the incoming and outgoing queue folders. I can't reproduce the problem but I don't believe this is a mailscanner issue.
If it happens again I might change over to postfix or I might try Exim (as a test).

Thanks.
Rich

From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Stephen Cox
Sent: 19 July 2013 07:24
To: MailScanner discussion
Subject: Re: Quarantined message * as it caused MailScanner to crash several times - fixed?

On Thu, Jul 18, 2013 at 1:20 PM, Richard Mealing <richard at fastnet.co.uk<mailto:richard at fastnet.co.uk>> wrote:
I'm fairly sure this has nothing to do with mailscanner itself, but my MTA. When it happens my MTA doesn't seem to be running properly (or can't handle the emails).

I've changed some permissions on the incoming and outgoing (and slow) queue's now, according to the mailscanner sendmail configuration page. I'll report back if it happens again.



What the output of MailScanner --lint?


Thanks,

From: mailscanner-bounces at lists.mailscanner.info<mailto:mailscanner-bounces at lists.mailscanner.info> [mailto:mailscanner-bounces at lists.mailscanner.info<mailto:mailscanner-bounces at lists.mailscanner.info>] On Behalf Of Richard Mealing
Sent: 18 July 2013 10:30
To: 'MailScanner discussion (mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>)'
Subject: Quarantined message * as it caused MailScanner to crash several times

Hi,

I have searched for a while and I cannot find a solution to my problem. The only reference to this problem was when I reported it back in 2011.

I've been struggling along updating to the latest mailscanner and FreeBSD versions but this problem keeps hitting all of my servers once and a while.



Basically I get a log entry similar to this  -

Jul 17 22:44:40 mailfilter6 sm-mta-in[8204]: r6HLicbY008204: to=<info at somedomain.com<mailto:info at somedomain.com>>, delay=00:00:01, mailer=esmtp, pri=63196, stat=queued
Jul 17 22:49:53 mailfilter6 MailScanner[10329]: Making attempt 2 at processing message r6HLicbY008204
Jul 17 22:52:39 mailfilter6 MailScanner[11223]: Making attempt 3 at processing message r6HLicbY008204
Jul 17 22:55:07 mailfilter6 MailScanner[12183]: Making attempt 4 at processing message r6HLicbY008204
Jul 17 22:57:58 mailfilter6 MailScanner[13318]: Making attempt 5 at processing message r6HLicbY008204
Jul 17 23:00:48 mailfilter6 MailScanner[14702]: Making attempt 6 at processing message r6HLicbY008204
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Warning: skipping message r6HLicbY008204 as it has been attempted too many times
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Quarantined message r6HLicbY008204 as it caused MailScanner to crash several times
Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Saved entire message to /var/spool/MailScanner/quarantine/20130717/r6HLicbY008204

It then fails on every subsequent message. To resolve I have to turn off the server and remove all the emails in the queue. If I pass the emails over to another server, say around 6000 emails, that server then has the exact same problem.

I've debugged mailscanner and spamassassin, I don't see any problems with SA, but mailscanner I get the following, still -

Can't call method "CombineReports" on unblessed reference at /usr/local/lib/MailScanner/MailScanner/MessageBatch.pm line 736.



Can anyone help me with this problem? I am using the -U flag, but this doesn't make any odds to the problem.

#!/usr/bin/perl -U -I/usr/local/lib/MailScanner


When I debug mailscanner I move the first problematic message to it's incoming queue and run the debug (I stop mailscanner before this so it's not running as a daemon) and I get no problems with the debug, but when I run it with over 6000 emails in the queue it comes up with the above debug message. I imagine this is a problem with timeout or such, but I'm not sure why it stops processing messages in the first place.

Does anyone have any ideas what I can do to fix this problem?

Thanks,
Rich

--
MailScanner mailing list
mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130719/a665a20e/attachment.html 

From stephencoxmail at gmail.com  Fri Jul 19 14:50:57 2013
From: stephencoxmail at gmail.com (Stephen Cox)
Date: Fri, 19 Jul 2013 15:50:57 +0200
Subject: Quarantined message * as it caused MailScanner to crash several
	times - fixed?
In-Reply-To: <6EE47AF64C339A4F8F7F50507241B3795E2476E6@BTN-EXCHANGE-V1.fastnet.local>
References: <6EE47AF64C339A4F8F7F50507241B3795E245C5F@BTN-EXCHANGE-V1.fastnet.local>
	<CAMgku6QwSFb1BiW_swQzmVmfvG2t93ENF7Uqr5mCsXFo20YByg@mail.gmail.com>
	<6EE47AF64C339A4F8F7F50507241B3795E2476E6@BTN-EXCHANGE-V1.fastnet.local>
Message-ID: <CAMgku6Qx1ooZc_YaRBcce0Uqwef2guq745yTccHSSqvidG9oHA@mail.gmail.com>

On Fri, Jul 19, 2013 at 11:45 AM, Richard Mealing <richard at fastnet.co.uk>wrote:

> Hi,****
>
> ** **
>
> Mailscanner ?lint didn?t show any problems with my configuration. I found
> the error when turning on Debug = yes for mailscanner. SA was fine but
> mailscanner produced the error ? ****
>
> ** **
>
> Can't call method "CombineReports" on unblessed reference at
> /usr/local/lib/MailScanner/MailScanner/MessageBatch.pm line 736.
>

This can be a permission issue.


> ****
>
> When looking at the logs I see no sendmail processing emails but just
> mailscanner going around in a loop quarantining all the emails. ****
>
> ** **
>
> I?ve tightened the timeouts on my sendmail mta as I think this was the
> problem. I?ve also changed the permissions on the incoming and outgoing
> queue folders. I can?t reproduce the problem but I don?t believe this is a
> mailscanner issue. ****
>
> If it happens again I might change over to postfix or I might try Exim (as
> a test).****
>
> ** **
>
> Thanks.****
>
> Rich****
>
> ** **
>
> *From:* mailscanner-bounces at lists.mailscanner.info [mailto:
> mailscanner-bounces at lists.mailscanner.info] *On Behalf Of *Stephen Cox
> *Sent:* 19 July 2013 07:24
> *To:* MailScanner discussion
> *Subject:* Re: Quarantined message * as it caused MailScanner to crash
> several times - fixed?****
>
> ** **
>
> On Thu, Jul 18, 2013 at 1:20 PM, Richard Mealing <richard at fastnet.co.uk>
> wrote:****
>
> I?m fairly sure this has nothing to do with mailscanner itself, but my
> MTA. When it happens my MTA doesn?t seem to be running properly (or can?t
> handle the emails).****
>
>  ****
>
> I?ve changed some permissions on the incoming and outgoing (and slow)
> queue?s now, according to the mailscanner sendmail configuration page. I?ll
> report back if it happens again.****
>
>  ****
>
>  ****
>
> ** **
>
> What the output of MailScanner --lint?****
>
>  ****
>
>  ****
>
> Thanks,****
>
>  ****
>
> *From:* mailscanner-bounces at lists.mailscanner.info [mailto:
> mailscanner-bounces at lists.mailscanner.info] *On Behalf Of *Richard Mealing
> *Sent:* 18 July 2013 10:30
> *To:* 'MailScanner discussion (mailscanner at lists.mailscanner.info)'
> *Subject:* Quarantined message * as it caused MailScanner to crash
> several times****
>
>  ****
>
> Hi,****
>
>  ****
>
> I have searched for a while and I cannot find a solution to my problem.
> The only reference to this problem was when I reported it back in 2011.***
> *
>
>  ****
>
> I?ve been struggling along updating to the latest mailscanner and FreeBSD
> versions but this problem keeps hitting all of my servers once and a while.
> ****
>
>  ****
>
>  ****
>
>  ****
>
> Basically I get a log entry similar to this  - ****
>
>  ****
>
> Jul 17 22:44:40 mailfilter6 sm-mta-in[8204]: r6HLicbY008204: to=<
> info at somedomain.com>, delay=00:00:01, mailer=esmtp, pri=63196, stat=queued
> ****
>
> Jul 17 22:49:53 mailfilter6 MailScanner[10329]: Making attempt 2 at
> processing message r6HLicbY008204****
>
> Jul 17 22:52:39 mailfilter6 MailScanner[11223]: Making attempt 3 at
> processing message r6HLicbY008204****
>
> Jul 17 22:55:07 mailfilter6 MailScanner[12183]: Making attempt 4 at
> processing message r6HLicbY008204****
>
> Jul 17 22:57:58 mailfilter6 MailScanner[13318]: Making attempt 5 at
> processing message r6HLicbY008204****
>
> Jul 17 23:00:48 mailfilter6 MailScanner[14702]: Making attempt 6 at
> processing message r6HLicbY008204****
>
> Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Warning: skipping message
> r6HLicbY008204 as it has been attempted too many times****
>
> Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Quarantined message
> r6HLicbY008204 as it caused MailScanner to crash several times****
>
> Jul 17 23:00:53 mailfilter6 MailScanner[14733]: Saved entire message to
> /var/spool/MailScanner/quarantine/20130717/r6HLicbY008204****
>
>  ****
>
> It then fails on every subsequent message. To resolve I have to turn off
> the server and remove all the emails in the queue. If I pass the emails
> over to another server, say around 6000 emails, that server then has the
> exact same problem.****
>
>  ****
>
> I?ve debugged mailscanner and spamassassin, I don?t see any problems with
> SA, but mailscanner I get the following, still ? ****
>
>  ****
>
> Can't call method "CombineReports" on unblessed reference at
> /usr/local/lib/MailScanner/MailScanner/MessageBatch.pm line 736.****
>
>  ****
>
>  ****
>
>  ****
>
> Can anyone help me with this problem? I am using the ?U flag, but this
> doesn?t make any odds to the problem.****
>
>  ****
>
> #!/usr/bin/perl -U -I/usr/local/lib/MailScanner****
>
>  ****
>
>  ****
>
> When I debug mailscanner I move the first problematic message to it?s
> incoming queue and run the debug (I stop mailscanner before this so it?s
> not running as a daemon) and I get no problems with the debug, but when I
> run it with over 6000 emails in the queue it comes up with the above debug
> message. I imagine this is a problem with timeout or such, but I?m not sure
> why it stops processing messages in the first place. ****
>
>  ****
>
> Does anyone have any ideas what I can do to fix this problem? ****
>
>  ****
>
> Thanks,****
>
> Rich****
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!****
>
> ** **
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130719/63d4975a/attachment.html 

From richard at fastnet.co.uk  Mon Jul 22 16:36:21 2013
From: richard at fastnet.co.uk (Richard Mealing)
Date: Mon, 22 Jul 2013 15:36:21 +0000
Subject: ScamNailer
Message-ID: <6EE47AF64C339A4F8F7F50507241B3795E249FB7@BTN-EXCHANGE-V1.fastnet.local>

Hi everyone,

I'm trying to implement ScamNailer and I'm using the perl script to download the ScamNailer.cf file into my spamassassin directory.


On that file I can see lots of rules included with a score at the very bottom. I'm just wondering if I have to add a line to the "SpamAssassin Rule Actions" directive or can I leave spamassassin to deal with the scores?



The reason I am asking is that I've run this most of the day today and so far I can't see it's tripped on any emails using a "grep SCAMNAILER /var/log/maillog".




Thanks,
Rich
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130722/e51ca50a/attachment.html 

From mark at msapiro.net  Tue Jul 23 20:12:51 2013
From: mark at msapiro.net (Mark Sapiro)
Date: Tue, 23 Jul 2013 12:12:51 -0700
Subject: ScamNailer
In-Reply-To: <6EE47AF64C339A4F8F7F50507241B3795E249FB7@BTN-EXCHANGE-V1.fastnet.local>
References: <6EE47AF64C339A4F8F7F50507241B3795E249FB7@BTN-EXCHANGE-V1.fastnet.local>
Message-ID: <51EED5B3.4060507@msapiro.net>

On 07/22/2013 08:36 AM, Richard Mealing wrote:
> 
> I?m trying to implement ScamNailer and I?m using the perl script to
> download the ScamNailer.cf file into my spamassassin directory.


First of all, see the thread that begins
at<http://lists.mailscanner.info/pipermail/mailscanner/2013-June/100789.html>
and particularly, the patch in the post at
<http://lists.mailscanner.info/pipermail/mailscanner/2013-June/100822.html>.

Otherwise you will be working with old data.


> On that file I can see lots of rules included with a score at the very
> bottom. I?m just wondering if I have to add a line to the ?SpamAssassin
> Rule Actions? directive or can I leave spamassassin to deal with the scores?


The bottom has a score for the rule 'SCAMNAILER'. The score is not
important, but you need a 'SpamAssassin Rule Actions' rule or ruleset
for it. See the documentation in MailScanner.conf around line 2551
starting with "# This next setting is very powerful."

In my case, I have

SpamAssassin Rule Actions = %rules-dir%/spamassassin_rule_actions.rules

and for the default rule I have

FromOrTo:	default	SCAMNAILER=>store,not-deliver,forward
user+phish at example.com,header "X-GPC-MailScanner-Originally-To: _TO_"

which will store the message in quarantine, not deliver it, forward it
to user+phish at example.com and add the header
X-GPC-MailScanner-Originally-To: with the original envelope recipient to
the forwarded message.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From thiagobemerguy at gmail.com  Thu Jul 25 15:49:45 2013
From: thiagobemerguy at gmail.com (Thiago Bemerguy)
Date: Thu, 25 Jul 2013 11:49:45 -0300
Subject: Reject messages from outside my domain with FROM HEADER from inside
	(forgery)
Message-ID: <CAGiK5QgdQ+ExtHXKnbjOeEKbyrbRHB1uY+XC6kAq66vBh37cxQ@mail.gmail.com>

Hello,

I have an Exchange 2010 server with MailScanner for filtering external
messages. The users are receiving phishing messages from outside my network
with FROM header forged with email addresses from my domain. Is there any
way to avoid that messages from outside come with certain email addresses,
like filtering email and ip address or MTA hostname?

Following the header of the phishing message

Received: from ???.com (????) by ???
 (????) with ????
Received-SPF: none (beetobee.it: No applicable sender policy available)
receiver=????.com; identity=mailfrom; envelope-from="www-data at beetobee.it";
helo=mail.beetobee.it; client-ip=???
X-Greylist: delayed 1335 seconds by postgrey-1.32 at ????;
Received: from mail.beetobee.it (mail.blucamera.it [82.85.28.154]) by
???.com (Postfix) with ESMTP id BE94320722 for
 <address1 at internal.com>;
Received: by mail.beetobee.it (Postfix, from userid 33) id 6D9D2291ADE;
To: <address1 at internal.com>
Subject: .....
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
X-Mailer: Microsoft Office Outlook, Build 17.551210
*From: <address1 at internal.com> (forged)*
Message-ID: <????@mail.beetobee.it>
Date:
X-TCE-MailScanner-ID: BE94320722.89A9A
X-TCE-MailScanner: Found to be clean
X-TCE-MailScanner-SpamScore: sss
X-TCE-MailScanner-From: www-data at beetobee.it
X-Spam-Status: No
Return-Path: www-data at beetobee.it
X-MS-Exchange-Organization-AuthSource: Maia.tce.pa
X-MS-Exchange-Organization-AuthAs: Anonymous

We have SPF configured but I think it only protects envelope sender address.

Thanks in advance,

-- 
Thiago Bemerguy
thiagobemerguy at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130725/cacb557b/attachment.html 

From richard at fastnet.co.uk  Thu Jul 25 17:12:28 2013
From: richard at fastnet.co.uk (Richard Mealing)
Date: Thu, 25 Jul 2013 16:12:28 +0000
Subject: ScamNailer
In-Reply-To: <51EED5B3.4060507@msapiro.net>
References: <6EE47AF64C339A4F8F7F50507241B3795E249FB7@BTN-EXCHANGE-V1.fastnet.local>
	<51EED5B3.4060507@msapiro.net>
Message-ID: <6EE47AF64C339A4F8F7F50507241B3795E2A0552@BTN-EXCHANGE-V1.fastnet.local>


Hi Mark,

Thanks for this. I went for the database clamd option in the end.
I don't imagine there's any difference. I want the phishing just added as spam viruses (which share the same header as normal spam), but I might split up phishing and spam viruses at some point.

It's all working now. Thanks for your explanation (and sorry for top posting).


Rich





-----Original Message-----
From: Mark Sapiro [mailto:mark at msapiro.net] 
Sent: 23 July 2013 20:13
To: MailScanner discussion
Cc: Richard Mealing
Subject: Re: ScamNailer

On 07/22/2013 08:36 AM, Richard Mealing wrote:
> 
> I'm trying to implement ScamNailer and I'm using the perl script to 
> download the ScamNailer.cf file into my spamassassin directory.


First of all, see the thread that begins at<http://lists.mailscanner.info/pipermail/mailscanner/2013-June/100789.html>
and particularly, the patch in the post at <http://lists.mailscanner.info/pipermail/mailscanner/2013-June/100822.html>.

Otherwise you will be working with old data.


> On that file I can see lots of rules included with a score at the very 
> bottom. I'm just wondering if I have to add a line to the 
> "SpamAssassin Rule Actions" directive or can I leave spamassassin to deal with the scores?


The bottom has a score for the rule 'SCAMNAILER'. The score is not important, but you need a 'SpamAssassin Rule Actions' rule or ruleset for it. See the documentation in MailScanner.conf around line 2551 starting with "# This next setting is very powerful."

In my case, I have

SpamAssassin Rule Actions = %rules-dir%/spamassassin_rule_actions.rules

and for the default rule I have

FromOrTo:	default	SCAMNAILER=>store,not-deliver,forward
user+phish at example.com,header "X-GPC-MailScanner-Originally-To: _TO_"

which will store the message in quarantine, not deliver it, forward it to user+phish at example.com and add the header
X-GPC-MailScanner-Originally-To: with the original envelope recipient to the forwarded message.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

From Kevin_Miller at ci.juneau.ak.us  Thu Jul 25 17:43:07 2013
From: Kevin_Miller at ci.juneau.ak.us (Kevin Miller)
Date: Thu, 25 Jul 2013 08:43:07 -0800
Subject: Reject messages from outside my domain with FROM HEADER from
	inside	(forgery)
In-Reply-To: <CAGiK5QgdQ+ExtHXKnbjOeEKbyrbRHB1uY+XC6kAq66vBh37cxQ@mail.gmail.com>
References: <CAGiK5QgdQ+ExtHXKnbjOeEKbyrbRHB1uY+XC6kAq66vBh37cxQ@mail.gmail.com>
Message-ID: <C87702B41702834792222AE25D4057B62AC2D1@city-exchange07>

Implement SPF records in your DNS.

 ...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4500
Registered Linux User No: 307357
From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Thiago Bemerguy
Sent: Thursday, July 25, 2013 6:50 AM
To: mailscanner at lists.mailscanner.info
Subject: Reject messages from outside my domain with FROM HEADER from inside (forgery)

Hello,

I have an Exchange 2010 server with MailScanner for filtering external messages. The users are receiving phishing messages from outside my network with FROM header forged with email addresses from my domain. Is there any way to avoid that messages from outside come with certain email addresses, like filtering email and ip address or MTA hostname?

Following the header of the phishing message

Received: from ???.com (????) by ???
 (????) with ????
Received-SPF: none (beetobee.it<http://beetobee.it>: No applicable sender policy available) receiver=????.com; identity=mailfrom; envelope-from="www-data at beetobee.it<mailto:www-data at beetobee.it>"; helo=mail.beetobee.it<http://mail.beetobee.it>; client-ip=???
X-Greylist: delayed 1335 seconds by postgrey-1.32 at ????;
Received: from mail.beetobee.it<http://mail.beetobee.it> (mail.blucamera.it<http://mail.blucamera.it> [82.85.28.154])  by
???.com (Postfix) with ESMTP id BE94320722        for
 <address1 at internal.com<mailto:address1 at internal.com>>;
Received: by mail.beetobee.it<http://mail.beetobee.it> (Postfix, from userid 33)        id 6D9D2291ADE;
To: <address1 at internal.com<mailto:address1 at internal.com>>
Subject: .....
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
X-Mailer: Microsoft Office Outlook, Build 17.551210
From: <address1 at internal.com<mailto:address1 at internal.com>> (forged)
Message-ID: <????@mail.beetobee.it<http://mail.beetobee.it>>
Date:
X-TCE-MailScanner-ID: BE94320722.89A9A
X-TCE-MailScanner: Found to be clean
X-TCE-MailScanner-SpamScore: sss
X-TCE-MailScanner-From: www-data at beetobee.it<mailto:www-data at beetobee.it>
X-Spam-Status: No
Return-Path: www-data at beetobee.it<mailto:www-data at beetobee.it>
X-MS-Exchange-Organization-AuthSource: Maia.tce.pa<http://Maia.tce.pa>
X-MS-Exchange-Organization-AuthAs: Anonymous

We have SPF configured but I think it only protects envelope sender address.

Thanks in advance,

--
Thiago Bemerguy
thiagobemerguy at gmail.com<mailto:thiagobemerguy at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130725/bfadd1db/attachment.html 

From thiagobemerguy at gmail.com  Thu Jul 25 19:45:22 2013
From: thiagobemerguy at gmail.com (Thiago Bemerguy)
Date: Thu, 25 Jul 2013 15:45:22 -0300
Subject: Reject messages from outside my domain with FROM HEADER from
	inside (forgery)
In-Reply-To: <C87702B41702834792222AE25D4057B62AC2D1@city-exchange07>
References: <CAGiK5QgdQ+ExtHXKnbjOeEKbyrbRHB1uY+XC6kAq66vBh37cxQ@mail.gmail.com>
	<C87702B41702834792222AE25D4057B62AC2D1@city-exchange07>
Message-ID: <CAGiK5QjrLN7vBH0ixPC1Kk4kuEZ8cfnhiDTXx_qaHvxr9wEM_A@mail.gmail.com>

as far as I know spf only avoid forgery in envelop sender address, not in
FROM that is displayed to the user.


2013/7/25 Kevin Miller <Kevin_Miller at ci.juneau.ak.us>

> Implement SPF records in your DNS.****
>
> ** **
>
>  ...Kevin
> --
> Kevin Miller
> Network/email Administrator, CBJ MIS Dept.
> 155 South Seward Street
> Juneau, Alaska 99801
> Phone: (907) 586-0242, Fax: (907) 586-4500
> Registered Linux User No: 307357 ****
>
> *From:* mailscanner-bounces at lists.mailscanner.info [mailto:
> mailscanner-bounces at lists.mailscanner.info] *On Behalf Of *Thiago Bemerguy
> *Sent:* Thursday, July 25, 2013 6:50 AM
> *To:* mailscanner at lists.mailscanner.info
> *Subject:* Reject messages from outside my domain with FROM HEADER from
> inside (forgery)****
>
> ** **
>
> Hello,****
>
> ** **
>
> I have an Exchange 2010 server with MailScanner for filtering external
> messages. The users are receiving phishing messages from outside my network
> with FROM header forged with email addresses from my domain. Is there any
> way to avoid that messages from outside come with certain email addresses,
> like filtering email and ip address or MTA hostname?****
>
> ** **
>
> Following the header of the phishing message****
>
> ** **
>
> Received: from ???.com (????) by ???****
>
>  (????) with ????****
>
> Received-SPF: none (beetobee.it: No applicable sender policy available)
> receiver=????.com; identity=mailfrom; envelope-from="www-data at beetobee.it";
> helo=mail.beetobee.it; client-ip=???****
>
> X-Greylist: delayed 1335 seconds by postgrey-1.32 at ????; ****
>
> Received: from mail.beetobee.it (mail.blucamera.it [82.85.28.154])  by****
>
> ???.com (Postfix) with ESMTP id BE94320722        for****
>
>  <address1 at internal.com>; ****
>
> Received: by mail.beetobee.it (Postfix, from userid 33)        id
> 6D9D2291ADE; ****
>
> To: <address1 at internal.com>****
>
> Subject: .....****
>
> MIME-Version: 1.0****
>
> Content-Type: text/html; charset="iso-8859-1"****
>
> X-Mailer: Microsoft Office Outlook, Build 17.551210****
>
> *From: <address1 at internal.com> (forged)*****
>
> Message-ID: <????@mail.beetobee.it>****
>
> Date: ****
>
> X-TCE-MailScanner-ID: BE94320722.89A9A****
>
> X-TCE-MailScanner: Found to be clean****
>
> X-TCE-MailScanner-SpamScore: sss****
>
> X-TCE-MailScanner-From: www-data at beetobee.it****
>
> X-Spam-Status: No****
>
> Return-Path: www-data at beetobee.it****
>
> X-MS-Exchange-Organization-AuthSource: Maia.tce.pa****
>
> X-MS-Exchange-Organization-AuthAs: Anonymous****
>
> ** **
>
> We have SPF configured but I think it only protects envelope sender
> address.****
>
> ** **
>
> Thanks in advance,****
>
> ** **
>
> --
> Thiago Bemerguy
> thiagobemerguy at gmail.com ****
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>


-- 
Thiago Bemerguy
thiagobemerguy at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130725/809753e2/attachment.html 

From max at inmindlabs.com  Thu Jul 25 20:06:40 2013
From: max at inmindlabs.com (Max Kipness)
Date: Thu, 25 Jul 2013 14:06:40 -0500
Subject: Whitelisting issue
Message-ID: <11375BD8FE838A409E10DB32B9BFFE9B7D8F01@addc01.assuredata.local>

Hello,

I  seem to be having an issue with whitelisting in MailScanner. I've
checked previous posts  and the only thing I can think of is that I
don't have the correct address whitelisted. For the most part what is in
my extensive whitelist file actually gets whitelisted, but some do not.

On a previous post I saw it mentioned that MailScanner uses the envelope
sender to compare to the whitelist. When opening the Sendmail QF file,
is that not the address on the S line? 

In my latest example, I have in my whitelist file From: user at domain.com
yes and I checked the qf file in the quarantine and the S line has the
exact email address. Further, I can find no reference in the qf file to
any other address on that domain.

Does anyone know what might be happening here? Any help is appreciated.

Thanks,
Max

From bonivart at opencsw.org  Thu Jul 25 20:49:46 2013
From: bonivart at opencsw.org (Peter Bonivart)
Date: Thu, 25 Jul 2013 21:49:46 +0200
Subject: Reject messages from outside my domain with FROM HEADER from
	inside (forgery)
In-Reply-To: <CAGiK5QjrLN7vBH0ixPC1Kk4kuEZ8cfnhiDTXx_qaHvxr9wEM_A@mail.gmail.com>
References: <CAGiK5QgdQ+ExtHXKnbjOeEKbyrbRHB1uY+XC6kAq66vBh37cxQ@mail.gmail.com>
	<C87702B41702834792222AE25D4057B62AC2D1@city-exchange07>
	<CAGiK5QjrLN7vBH0ixPC1Kk4kuEZ8cfnhiDTXx_qaHvxr9wEM_A@mail.gmail.com>
Message-ID: <CABY0g1V3EX1LtrMFjZY1_ocgzm7=H1X7=7aeWVee1YY1Qz7vVQ@mail.gmail.com>

On Thu, Jul 25, 2013 at 8:45 PM, Thiago Bemerguy
<thiagobemerguy at gmail.com> wrote:
> as far as I know spf only avoid forgery in envelop sender address, not in
> FROM that is displayed to the user.

http://spamassassin.1065346.n5.nabble.com/How-to-reject-spam-where-sender-receiver-td65361.html

Look at Adam Katz answer in the above post.

/peter

From Kevin_Miller at ci.juneau.ak.us  Thu Jul 25 21:10:24 2013
From: Kevin_Miller at ci.juneau.ak.us (Kevin Miller)
Date: Thu, 25 Jul 2013 12:10:24 -0800
Subject: Reject messages from outside my domain with FROM HEADER from
	inside (forgery)
In-Reply-To: <CAGiK5QjrLN7vBH0ixPC1Kk4kuEZ8cfnhiDTXx_qaHvxr9wEM_A@mail.gmail.com>
References: <CAGiK5QgdQ+ExtHXKnbjOeEKbyrbRHB1uY+XC6kAq66vBh37cxQ@mail.gmail.com>
	<C87702B41702834792222AE25D4057B62AC2D1@city-exchange07>
	<CAGiK5QjrLN7vBH0ixPC1Kk4kuEZ8cfnhiDTXx_qaHvxr9wEM_A@mail.gmail.com>
Message-ID: <C87702B41702834792222AE25D4057B62AC2D9@city-exchange07>

I think you're right.  I didn't notice that you were already using SPF.  I should have read closer - sorry.

 ...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4500
Registered Linux User No: 307357
From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Thiago Bemerguy
Sent: Thursday, July 25, 2013 10:45 AM
To: MailScanner discussion
Subject: Re: Reject messages from outside my domain with FROM HEADER from inside (forgery)

as far as I know spf only avoid forgery in envelop sender address, not in FROM that is displayed to the user.

2013/7/25 Kevin Miller <Kevin_Miller at ci.juneau.ak.us<mailto:Kevin_Miller at ci.juneau.ak.us>>
Implement SPF records in your DNS.

 ...Kevin
--
Kevin Miller
Network/email Administrator, CBJ MIS Dept.
155 South Seward Street
Juneau, Alaska 99801
Phone: (907) 586-0242, Fax: (907) 586-4500
Registered Linux User No: 307357
From: mailscanner-bounces at lists.mailscanner.info<mailto:mailscanner-bounces at lists.mailscanner.info> [mailto:mailscanner-bounces at lists.mailscanner.info<mailto:mailscanner-bounces at lists.mailscanner.info>] On Behalf Of Thiago Bemerguy
Sent: Thursday, July 25, 2013 6:50 AM
To: mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>
Subject: Reject messages from outside my domain with FROM HEADER from inside (forgery)

Hello,

I have an Exchange 2010 server with MailScanner for filtering external messages. The users are receiving phishing messages from outside my network with FROM header forged with email addresses from my domain. Is there any way to avoid that messages from outside come with certain email addresses, like filtering email and ip address or MTA hostname?

Following the header of the phishing message

Received: from ???.com (????) by ???
 (????) with ????
Received-SPF: none (beetobee.it<http://beetobee.it>: No applicable sender policy available) receiver=????.com; identity=mailfrom; envelope-from="www-data at beetobee.it<mailto:www-data at beetobee.it>"; helo=mail.beetobee.it<http://mail.beetobee.it>; client-ip=???
X-Greylist: delayed 1335 seconds by postgrey-1.32 at ????;
Received: from mail.beetobee.it<http://mail.beetobee.it> (mail.blucamera.it<http://mail.blucamera.it> [82.85.28.154])  by
???.com (Postfix) with ESMTP id BE94320722        for
 <address1 at internal.com<mailto:address1 at internal.com>>;
Received: by mail.beetobee.it<http://mail.beetobee.it> (Postfix, from userid 33)        id 6D9D2291ADE;
To: <address1 at internal.com<mailto:address1 at internal.com>>
Subject: .....
MIME-Version: 1.0
Content-Type: text/html; charset="iso-8859-1"
X-Mailer: Microsoft Office Outlook, Build 17.551210
From: <address1 at internal.com<mailto:address1 at internal.com>> (forged)
Message-ID: <????@mail.beetobee.it<http://mail.beetobee.it>>
Date:
X-TCE-MailScanner-ID: BE94320722.89A9A
X-TCE-MailScanner: Found to be clean
X-TCE-MailScanner-SpamScore: sss
X-TCE-MailScanner-From: www-data at beetobee.it<mailto:www-data at beetobee.it>
X-Spam-Status: No
Return-Path: www-data at beetobee.it<mailto:www-data at beetobee.it>
X-MS-Exchange-Organization-AuthSource: Maia.tce.pa<http://Maia.tce.pa>
X-MS-Exchange-Organization-AuthAs: Anonymous

We have SPF configured but I think it only protects envelope sender address.

Thanks in advance,

--
Thiago Bemerguy
thiagobemerguy at gmail.com<mailto:thiagobemerguy at gmail.com>

--
MailScanner mailing list
mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>
http://lists.mailscanner.info/mailman/listinfo/mailscanner

Before posting, read http://wiki.mailscanner.info/posting

Support MailScanner development - buy the book off the website!



--
Thiago Bemerguy
thiagobemerguy at gmail.com<mailto:thiagobemerguy at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130725/4b3de13c/attachment.html 

From jaearick at colby.edu  Mon Jul 29 15:39:53 2013
From: jaearick at colby.edu (Jeff Earickson)
Date: Mon, 29 Jul 2013 10:39:53 -0400
Subject: update_bad_phishing_sites broken (again)
Message-ID: <CADU1O-2wmMYeWf51gAG5Cb_i3pHxR4P9UOqE2YAqRHdWb_izVw@mail.gmail.com>

Gang,

The script MailScanner/bin/update_bad_phishing_sites has been spitting up
errors all weekend:

(57)> ./update_bad_phishing_sites
Reading status from /var/spool/MailScanner/quarantine/phishingupdate/status
Checking that
/var/spool/MailScanner/quarantine/phishingupdate/cache/2013-164 exists... ok
Checking that
/var/spool/MailScanner/quarantine/phishingupdate/cache/2013-164.52
exists... ok
Failed to retrieve valid current details

I tried the following urls:

http://cdn.mailscanner.info/
http://mailscanner.eu/

within the script and both fail.  When I go to either by hand in a browser,
I get the MailScanner
logo, so these sites are not down.  Any ideas what broke?

-----------------------------------
Jeff A. Earickson, Ph.D
Senior Server System Administrator
Colby College,
4214 Mayflower Hill,
Waterville ME, 04901-8842
207-859-4214 (fax 207-859-4186)
Eastern Time Zone, USA
-----------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20130729/5b91f581/attachment.html 

From nick.z.edwards at gmail.com  Tue Jul 30 01:42:32 2013
From: nick.z.edwards at gmail.com (Nick Edwards)
Date: Tue, 30 Jul 2013 10:42:32 +1000
Subject: No subject
Message-ID: <CAMD-=V+fgCy=HbvzGhKY7PsMVHF2tJMTHWXLMGdG6m-AcYdC0Q@mail.gmail.com>

It seems you're right.


~$ host -t TXT msupdate.greylist.bastionmail.com
Host msupdate.greylist.bastionmail.com not found: 3(NXDOMAIN)

I've seen someone in archives recently mention emails.msupdate   (when
did that change?)
However I suspect it is just cname because

~$ host -t TXT emails.msupdate.greylist.bastionmail.com
Host emails.msupdate.greylist.bastionmail.com not found: 3(NXDOMAIN)


Which brings me to question, we found sometime ago, it was more stable
to use our old version of mailscanner (about 2 years old)  it uses the
older msupdate, not emails.msupdate, and cdn now points to /emails
but old method worked until the weekend, is that just an alias, or
should we modify the script to point to
emails.msupdate.greylist.bastionmail.com  and cdn /emails, or does it
make no difference?

Either way, as Jeff said, it is all broken at this time, and it seems
last timestamp on file was from early June, so is this even updating
at all anymore since Julian has stepped away from the project?

Nikki
------
Gang,


The script MailScanner/bin/update_bad_phishing_sites has been spitting
up errors all weekend:

(57)> ./update_bad_phishing_sites
Reading status from /var/spool/MailScanner/quarantine/phishingupdate/status
Checking that /var/spool/MailScanner/quarantine/phishingupdate/cache/2013-164
exists... ok
Checking that /var/spool/MailScanner/quarantine/phishingupdate/cache/2013-164.52
exists... ok
Failed to retrieve valid current details