From email at ace.net.au Sun Feb 1 08:34:07 2015 From: email at ace.net.au (Peter Nitschke) Date: Sun, 01 Feb 2015 19:04:07 +1030 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> References: <7CA580B59C1ABD45B4614ED90D4C7B857EB3B3C1@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3C56D@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3D73A@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3F3ED@HC-EXMBX04.herefordshire.gov.uk> <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> Message-ID: <201502011904070721.0BEE0C0F@web.ace.net.au> Any update on this? *********** REPLY SEPARATOR *********** On 18/09/2014 at 6:28 PM Jerry Benton wrote: >There will be RPM, DEB, and source tarballs available once I iron out the >packaging. FSL is donating their MailScanner Gold and they have done a lot >of the legwork. Once I get a chance to review what they have I will make >it available. > > > >- >Jerry Benton >www.mailborder.com > From jerry.benton at mailborder.com Tue Feb 3 21:07:12 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 3 Feb 2015 16:07:12 -0500 Subject: MailScanner v4.85.1-1 Message-ID: I have updated the change log on github to reflect the changes since the last version. Jules sent me his entire development environment a while back. I am working on a new build now. I will need to test it before release. I will try to have it out to this list next week for a sanity check. Once I (and others) have confirmed I have not screwed it up I will post it on the website. https://github.com/MailScanner/v4/blob/master/ChangeLog - Jerry Benton www.mailborder.com From levnagdimunov0 at hotmail.com Tue Feb 3 21:56:34 2015 From: levnagdimunov0 at hotmail.com (Lev Nagdimunov) Date: Tue, 3 Feb 2015 16:56:34 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: References: Message-ID: Dear Jerry, Is there any chance you will fix the issue reported earlier, that Mailscanner will change the length of encoded (at least base64 encoded) email on anything greater than 60 characters down to 60 characters in the spool file for Exim. For any DKIM signed email, this will break the body hash. Normally it's not a problem since it's already been processed by the MTA at that point, but if you do a blind forward afterward then it is a problem. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150203/41254125/attachment.html From achim+mailwatch at qustodium.net Tue Feb 3 22:03:37 2015 From: achim+mailwatch at qustodium.net (Achim J. Latz) Date: Tue, 03 Feb 2015 23:03:37 +0100 Subject: MailScanner v4.85.1-1 In-Reply-To: References: Message-ID: <54D145B9.1050308@qustodium.net> Hello Jerry: On 03/02/2015 22:07, Jerry Benton wrote: > I have updated the change log on github to reflect the changes since the last version. Jules sent me his entire development environment a while back. I am working on a new build now. I will need to test it before release. I will try to have it out to this list next week for a sanity check. Once I (and others) have confirmed I have not screwed it up I will post it on the website. > > https://github.com/MailScanner/v4/blob/master/ChangeLog Thanks for including my updated Spanish translation I had sent do the Baruwa project. At the same time, I believe that it would be also correct to remove all the footers that contain this text: "For all your IT requirements visit: http://www.transtec.co.uk" which appear to be at least some of the German and Spanish report texts. Cheers, Achim From jerry.benton at mailborder.com Tue Feb 3 22:41:34 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 3 Feb 2015 17:41:34 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: References: Message-ID: <409BF9D1-C5A9-4F97-AF7D-5A09B9479715@mailborder.com> Yes, if you can point out the problem (and the fix) in the code. If not, I will have to do testing and there is no way it will make the next version. - Jerry Benton www.mailborder.com > On Feb 3, 2015, at 4:56 PM, Lev Nagdimunov wrote: > > Dear Jerry, > > Is there any chance you will fix the issue reported earlier, that Mailscanner will change the length of encoded (at least base64 encoded) email on anything greater than 60 characters down to 60 characters in the spool file for Exim. For any DKIM signed email, this will break the body hash. Normally it's not a problem since it's already been processed by the MTA at that point, but if you do a blind forward afterward then it is a problem. > > Thank you. > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150203/7dbb2517/attachment.html From jerry.benton at mailborder.com Tue Feb 3 22:45:41 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 3 Feb 2015 17:45:41 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: <54D145B9.1050308@qustodium.net> References: <54D145B9.1050308@qustodium.net> Message-ID: Done. - Jerry Benton www.mailborder.com > On Feb 3, 2015, at 5:03 PM, Achim J. Latz wrote: > > Hello Jerry: > > On 03/02/2015 22:07, Jerry Benton wrote: >> I have updated the change log on github to reflect the changes since the last version. Jules sent me his entire development environment a while back. I am working on a new build now. I will need to test it before release. I will try to have it out to this list next week for a sanity check. Once I (and others) have confirmed I have not screwed it up I will post it on the website. >> >> https://github.com/MailScanner/v4/blob/master/ChangeLog > > > Thanks for including my updated Spanish translation I had sent do the > Baruwa project. > > At the same time, I believe that it would be also correct to remove all > the footers that contain this text: > > "For all your IT requirements visit: http://www.transtec.co.uk" > > which appear to be at least some of the German and Spanish report texts. > > Cheers, Achim > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From andrew at topdog.za.net Wed Feb 4 05:45:08 2015 From: andrew at topdog.za.net (Andrew Colin Kissa) Date: Wed, 4 Feb 2015 07:45:08 +0200 Subject: MailScanner v4.85.1-1 In-Reply-To: References: Message-ID: <8CE1D1A6-712E-4F04-B210-3C0ED64F2B64@topdog.za.net> On 03 Feb 2015, at 11:56 PM, Lev Nagdimunov wrote: > Is there any chance you will fix the issue reported earlier, that Mailscanner will change the length of encoded (at least base64 encoded) email on anything greater than 60 characters down to 60 characters in the spool file for Exim. For any DKIM signed email, this will break the body hash. Normally it's not a problem since it's already been processed by the MTA at that point, but if you do a blind forward afterward then it is a problem. Hi Lev, Can you provide some more detail here such that i can try replicate the issue. -- www.baruwa.org -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150204/db104753/attachment.bin From levnagdimunov0 at hotmail.com Wed Feb 4 06:55:01 2015 From: levnagdimunov0 at hotmail.com (Lev Nagdimunov) Date: Wed, 4 Feb 2015 01:55:01 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: <8CE1D1A6-712E-4F04-B210-3C0ED64F2B64@topdog.za.net> References: , , <8CE1D1A6-712E-4F04-B210-3C0ED64F2B64@topdog.za.net> Message-ID: Hi Andrew, You should be able to replicate the issue as follows: setup Exim (my server reports Exim version 4.84 #2) as the MTA to only process incoming email, set it to defer all incoming email. Setup mailscanner to process email in Exim's spool (ie, set incoming queue dir in Mailscanner to the spool_directory location in Exim's configuration). Normally you would then set Outgoing Queue Dir to the spool_directory of a second instance of exim (with a different configuration that does not defer), which would actually deliver the mail then (to replicate the issue you don't need this step). If you check the -D file (Exim's email data portion) in the Outgoing Queue Dir (before the second exim delivers any email in there), you will find that if your email was Base64 encoded, and some Base64 encoded lines (after they were encoded) were longer than 60 characters then Mailscanner will change the message in such a way that the full Base64 string is preserved but each line is formatted to be 60 characters instead of whatever it had been before. This will break any DKIM key, and if its being forwarded by the second Exim (which also needs SRS enabled for this to work even without a DKIM key generally) then most freemails at least will reject the message (e.g. Yahoo, Google, Hotmail, etc). Thank you, Lev -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150204/c49c9139/attachment.html From achim+mailwatch at qustodium.net Wed Feb 4 16:30:57 2015 From: achim+mailwatch at qustodium.net (Achim J. Latz) Date: Wed, 04 Feb 2015 17:30:57 +0100 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> Message-ID: <54D24941.7070702@qustodium.net> Cheers Jerry! Only the following ones are still there: mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn diolch i gwmni transtec Computers am ei gymorth. mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner thanks transtec Computers for their support. mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt transtec f?r die freundliche Unterst?tzung. mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a transtec Computers por su apoyo. mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie transtec pour son soutien. mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni a transtec Computers tamogatasat. Best regards, Achim On 03/02/2015 23:45, Jerry Benton wrote: > Done. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 3, 2015, at 5:03 PM, Achim J. Latz wrote: >> >> Hello Jerry: >> >> On 03/02/2015 22:07, Jerry Benton wrote: >>> I have updated the change log on github to reflect the changes since the last version. Jules sent me his entire development environment a while back. I am working on a new build now. I will need to test it before release. I will try to have it out to this list next week for a sanity check. Once I (and others) have confirmed I have not screwed it up I will post it on the website. >>> >>> https://github.com/MailScanner/v4/blob/master/ChangeLog >> >> >> Thanks for including my updated Spanish translation I had sent do the >> Baruwa project. >> >> At the same time, I believe that it would be also correct to remove all >> the footers that contain this text: >> >> "For all your IT requirements visit: http://www.transtec.co.uk" >> >> which appear to be at least some of the German and Spanish report texts. >> >> Cheers, Achim >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > -- Achim J. Latz, Qustodium Internet Security achim.latz at qustodium.net ? http://www.qustodium.net Data Encryption ? Backup Automatisation ? E-Mail Protection From jerry.benton at mailborder.com Wed Feb 4 17:09:08 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 4 Feb 2015 12:09:08 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: <54D24941.7070702@qustodium.net> References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> Message-ID: <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> Ok I will take another look. Apparently I only did the plain text items. - Jerry Benton www.mailborder.com > On Feb 4, 2015, at 11:30 AM, Achim J. Latz wrote: > > Cheers Jerry! > > Only the following ones are still there: > > mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn > diolch i gwmni transtec > Computers am ei gymorth. > > mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner > thanks transtec Computers for > their support. > > mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt href="http://www.transtec.de/">transtec f?r die freundliche > Unterst?tzung. > > mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a > transtec Computers por su apoyo. > > mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie href="http://www.transtec.fr/">transtec pour son soutien. > > mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni a > transtec Computers tamogatasat. > > Best regards, Achim > > On 03/02/2015 23:45, Jerry Benton wrote: >> Done. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz wrote: >>> >>> Hello Jerry: >>> >>> On 03/02/2015 22:07, Jerry Benton wrote: >>>> I have updated the change log on github to reflect the changes since the last version. Jules sent me his entire development environment a while back. I am working on a new build now. I will need to test it before release. I will try to have it out to this list next week for a sanity check. Once I (and others) have confirmed I have not screwed it up I will post it on the website. >>>> >>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>> >>> >>> Thanks for including my updated Spanish translation I had sent do the >>> Baruwa project. >>> >>> At the same time, I believe that it would be also correct to remove all >>> the footers that contain this text: >>> >>> "For all your IT requirements visit: http://www.transtec.co.uk" >>> >>> which appear to be at least some of the German and Spanish report texts. >>> >>> Cheers, Achim >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> > > > -- > Achim J. Latz, Qustodium Internet Security > achim.latz at qustodium.net ? http://www.qustodium.net > Data Encryption ? Backup Automatisation ? E-Mail Protection > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From nick.z.edwards at gmail.com Wed Feb 4 23:53:11 2015 From: nick.z.edwards at gmail.com (Nick Edwards) Date: Thu, 5 Feb 2015 09:53:11 +1000 Subject: MailScanner v4.85.1-1 In-Reply-To: <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> Message-ID: and what phishing.bad.sites.conf will it contain? The one from mailborder is completely stupidly anal and utterly over encompassing with listing stuff like t.co and bit.ly, tiny url and wp.me and so on, funny though, mailborder must be in love with facebook, because that cesspit of a place fb.me hasnt seemingly been listed, though everyone else has. I'm gettin sick of writing rewrite rules to stop this over zelous mass blanket anally retentive listings. If they want people to use it, be bloody sensible about it. alsmost reminds me of that old extinct rbl, orbs wasn't it? the one that saw some spam from one ip address result in listing the entire /16 netblocks... jesus... it not rocket science, you need to work in proportions before you go dumb arse and block an entire heavily used mostly by decent innocent people, full domain. On 2/5/15, Jerry Benton wrote: > Ok I will take another look. Apparently I only did the plain text items. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 4, 2015, at 11:30 AM, Achim J. Latz >> wrote: >> >> Cheers Jerry! >> >> Only the following ones are still there: >> >> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn >> diolch i gwmni transtec >> Computers am ei gymorth. >> >> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner >> thanks transtec Computers for >> their support. >> >> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt > href="http://www.transtec.de/">transtec f?r die freundliche >> Unterst?tzung. >> >> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a >> transtec Computers por su apoyo. >> >> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie > href="http://www.transtec.fr/">transtec pour son soutien. >> >> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni a >> transtec Computers tamogatasat. >> >> Best regards, Achim >> >> On 03/02/2015 23:45, Jerry Benton wrote: >>> Done. >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz >>>> wrote: >>>> >>>> Hello Jerry: >>>> >>>> On 03/02/2015 22:07, Jerry Benton wrote: >>>>> I have updated the change log on github to reflect the changes since >>>>> the last version. Jules sent me his entire development environment a >>>>> while back. I am working on a new build now. I will need to test it >>>>> before release. I will try to have it out to this list next week for a >>>>> sanity check. Once I (and others) have confirmed I have not screwed it >>>>> up I will post it on the website. >>>>> >>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>>> >>>> >>>> Thanks for including my updated Spanish translation I had sent do the >>>> Baruwa project. >>>> >>>> At the same time, I believe that it would be also correct to remove all >>>> the footers that contain this text: >>>> >>>> "For all your IT requirements visit: http://www.transtec.co.uk" >>>> >>>> which appear to be at least some of the German and Spanish report texts. >>>> >>>> Cheers, Achim >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >> >> >> -- >> Achim J. Latz, Qustodium Internet Security >> achim.latz at qustodium.net ? http://www.qustodium.net >> Data Encryption ? Backup Automatisation ? E-Mail Protection >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > From jerry.benton at mailborder.com Thu Feb 5 02:22:19 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 4 Feb 2015 21:22:19 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> Message-ID: Well Nick, write something better to contribute to the project if you don?t like the Mailborder list. No one is making you use that list. So get off your ass and put your obvious elite skills to work and build something better for everyone to use. - Jerry Benton www.mailborder.com > On Feb 4, 2015, at 6:53 PM, Nick Edwards wrote: > > and what phishing.bad.sites.conf will it contain? > > The one from mailborder is completely stupidly anal and utterly over > encompassing with listing stuff like t.co and bit.ly, tiny url and > wp.me and so on, funny though, mailborder must be in love with > facebook, because that cesspit of a place fb.me hasnt seemingly been > listed, though everyone else has. > > I'm gettin sick of writing rewrite rules to stop this over zelous mass > blanket anally retentive listings. > > If they want people to use it, be bloody sensible about it. alsmost > reminds me of that old extinct rbl, orbs wasn't it? the one that saw > some spam from one ip address result in listing the entire /16 > netblocks... jesus... it not rocket science, you need to work in > proportions before you go dumb arse and block an entire heavily used > mostly by decent innocent people, full domain. > > > On 2/5/15, Jerry Benton wrote: >> Ok I will take another look. Apparently I only did the plain text items. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz >>> wrote: >>> >>> Cheers Jerry! >>> >>> Only the following ones are still there: >>> >>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn >>> diolch i gwmni transtec >>> Computers am ei gymorth. >>> >>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner >>> thanks transtec Computers for >>> their support. >>> >>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >> href="http://www.transtec.de/">transtec f?r die freundliche >>> Unterst?tzung. >>> >>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a >>> transtec Computers por su apoyo. >>> >>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie >> href="http://www.transtec.fr/">transtec pour son soutien. >>> >>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni a >>> transtec Computers tamogatasat. >>> >>> Best regards, Achim >>> >>> On 03/02/2015 23:45, Jerry Benton wrote: >>>> Done. >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> >>>> >>>> >>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz >>>>> wrote: >>>>> >>>>> Hello Jerry: >>>>> >>>>> On 03/02/2015 22:07, Jerry Benton wrote: >>>>>> I have updated the change log on github to reflect the changes since >>>>>> the last version. Jules sent me his entire development environment a >>>>>> while back. I am working on a new build now. I will need to test it >>>>>> before release. I will try to have it out to this list next week for a >>>>>> sanity check. Once I (and others) have confirmed I have not screwed it >>>>>> up I will post it on the website. >>>>>> >>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>>>> >>>>> >>>>> Thanks for including my updated Spanish translation I had sent do the >>>>> Baruwa project. >>>>> >>>>> At the same time, I believe that it would be also correct to remove all >>>>> the footers that contain this text: >>>>> >>>>> "For all your IT requirements visit: http://www.transtec.co.uk" >>>>> >>>>> which appear to be at least some of the German and Spanish report texts. >>>>> >>>>> Cheers, Achim >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> >>> >>> >>> -- >>> Achim J. Latz, Qustodium Internet Security >>> achim.latz at qustodium.net ? http://www.qustodium.net >>> Data Encryption ? Backup Automatisation ? E-Mail Protection >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Thu Feb 5 03:09:28 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 4 Feb 2015 22:09:28 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: <54D24941.7070702@qustodium.net> References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> Message-ID: These were updated today. - Jerry Benton www.mailborder.com > On Feb 4, 2015, at 11:30 AM, Achim J. Latz wrote: > > Cheers Jerry! > > Only the following ones are still there: > > mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn > diolch i gwmni transtec > Computers am ei gymorth. > > mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner > thanks transtec Computers for > their support. > > mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt href="http://www.transtec.de/">transtec f?r die freundliche > Unterst?tzung. > > mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a > transtec Computers por su apoyo. > > mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie href="http://www.transtec.fr/">transtec pour son soutien. > > mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni a > transtec Computers tamogatasat. > > Best regards, Achim > > On 03/02/2015 23:45, Jerry Benton wrote: >> Done. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz wrote: >>> >>> Hello Jerry: >>> >>> On 03/02/2015 22:07, Jerry Benton wrote: >>>> I have updated the change log on github to reflect the changes since the last version. Jules sent me his entire development environment a while back. I am working on a new build now. I will need to test it before release. I will try to have it out to this list next week for a sanity check. Once I (and others) have confirmed I have not screwed it up I will post it on the website. >>>> >>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>> >>> >>> Thanks for including my updated Spanish translation I had sent do the >>> Baruwa project. >>> >>> At the same time, I believe that it would be also correct to remove all >>> the footers that contain this text: >>> >>> "For all your IT requirements visit: http://www.transtec.co.uk" >>> >>> which appear to be at least some of the German and Spanish report texts. >>> >>> Cheers, Achim >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> > > > -- > Achim J. Latz, Qustodium Internet Security > achim.latz at qustodium.net ? http://www.qustodium.net > Data Encryption ? Backup Automatisation ? E-Mail Protection > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From nick.z.edwards at gmail.com Thu Feb 5 05:59:42 2015 From: nick.z.edwards at gmail.com (Nick Edwards) Date: Thu, 5 Feb 2015 15:59:42 +1000 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> Message-ID: So you're admitting the script that does this has zero intelligence? you are clearly stopping facebook from being added, so you have /some/ mechanisms in place. if you dont, send to the mailing list the script that does it all, I, and/or others, can then fix it up by sending you patches, you can then decide what one you want to include. at present we have in house mass perl subs to stop your scripts adding everyone but farkbook. On 2/5/15, Jerry Benton wrote: > Well Nick, write something better to contribute to the project if you don't > like the Mailborder list. No one is making you use that list. So get off > your ass and put your obvious elite skills to work and build something > better for everyone to use. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 4, 2015, at 6:53 PM, Nick Edwards >> wrote: >> >> and what phishing.bad.sites.conf will it contain? >> >> The one from mailborder is completely stupidly anal and utterly over >> encompassing with listing stuff like t.co and bit.ly, tiny url and >> wp.me and so on, funny though, mailborder must be in love with >> facebook, because that cesspit of a place fb.me hasnt seemingly been >> listed, though everyone else has. >> >> I'm gettin sick of writing rewrite rules to stop this over zelous mass >> blanket anally retentive listings. >> >> If they want people to use it, be bloody sensible about it. alsmost >> reminds me of that old extinct rbl, orbs wasn't it? the one that saw >> some spam from one ip address result in listing the entire /16 >> netblocks... jesus... it not rocket science, you need to work in >> proportions before you go dumb arse and block an entire heavily used >> mostly by decent innocent people, full domain. >> >> >> On 2/5/15, Jerry Benton wrote: >>> Ok I will take another look. Apparently I only did the plain text items. >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz >>>> >>>> wrote: >>>> >>>> Cheers Jerry! >>>> >>>> Only the following ones are still there: >>>> >>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn >>>> diolch i gwmni transtec >>>> Computers am ei gymorth. >>>> >>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner >>>> thanks transtec Computers for >>>> their support. >>>> >>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>> href="http://www.transtec.de/">transtec f?r die freundliche >>>> Unterst?tzung. >>>> >>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a >>>> transtec Computers por su >>>> apoyo. >>>> >>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie >>>> >>> href="http://www.transtec.fr/">transtec pour son soutien. >>>> >>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni >>>> a >>>> transtec Computers >>>> tamogatasat. >>>> >>>> Best regards, Achim >>>> >>>> On 03/02/2015 23:45, Jerry Benton wrote: >>>>> Done. >>>>> >>>>> - >>>>> Jerry Benton >>>>> www.mailborder.com >>>>> >>>>> >>>>> >>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz >>>>>> wrote: >>>>>> >>>>>> Hello Jerry: >>>>>> >>>>>> On 03/02/2015 22:07, Jerry Benton wrote: >>>>>>> I have updated the change log on github to reflect the changes since >>>>>>> the last version. Jules sent me his entire development environment a >>>>>>> while back. I am working on a new build now. I will need to test it >>>>>>> before release. I will try to have it out to this list next week for >>>>>>> a >>>>>>> sanity check. Once I (and others) have confirmed I have not screwed >>>>>>> it >>>>>>> up I will post it on the website. >>>>>>> >>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>>>>> >>>>>> >>>>>> Thanks for including my updated Spanish translation I had sent do the >>>>>> Baruwa project. >>>>>> >>>>>> At the same time, I believe that it would be also correct to remove >>>>>> all >>>>>> the footers that contain this text: >>>>>> >>>>>> "For all your IT requirements visit: http://www.transtec.co.uk" >>>>>> >>>>>> which appear to be at least some of the German and Spanish report >>>>>> texts. >>>>>> >>>>>> Cheers, Achim >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> >>>> >>>> >>>> -- >>>> Achim J. Latz, Qustodium Internet Security >>>> achim.latz at qustodium.net ? http://www.qustodium.net >>>> Data Encryption ? Backup Automatisation ? E-Mail Protection >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > From michael at huntley.net Thu Feb 5 06:29:30 2015 From: michael at huntley.net (Michael Huntley) Date: Wed, 04 Feb 2015 22:29:30 -0800 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> Message-ID: <54D30DCA.5010007@huntley.net> I have a new rule: From: nick.z.edwards at gmail.com -> /dev/null . No need for this lack of professionalism and civility. m On 2/4/2015 9:59 PM, Nick Edwards wrote: > So you're admitting the script that does this has zero intelligence? > > you are clearly stopping facebook from being added, so you have /some/ > mechanisms in place. > > if you dont, send to the mailing list the script that does it all, I, > and/or others, can then fix it up by sending you patches, you can then > decide what one you want to include. at present we have in house mass > perl subs to stop your scripts adding everyone but farkbook. > > > > > On 2/5/15, Jerry Benton wrote: >> Well Nick, write something better to contribute to the project if you don't >> like the Mailborder list. No one is making you use that list. So get off >> your ass and put your obvious elite skills to work and build something >> better for everyone to use. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards >>> wrote: >>> >>> and what phishing.bad.sites.conf will it contain? >>> >>> The one from mailborder is completely stupidly anal and utterly over >>> encompassing with listing stuff like t.co and bit.ly, tiny url and >>> wp.me and so on, funny though, mailborder must be in love with >>> facebook, because that cesspit of a place fb.me hasnt seemingly been >>> listed, though everyone else has. >>> >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass >>> blanket anally retentive listings. >>> >>> If they want people to use it, be bloody sensible about it. alsmost >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw >>> some spam from one ip address result in listing the entire /16 >>> netblocks... jesus... it not rocket science, you need to work in >>> proportions before you go dumb arse and block an entire heavily used >>> mostly by decent innocent people, full domain. >>> >>> >>> On 2/5/15, Jerry Benton wrote: >>>> Ok I will take another look. Apparently I only did the plain text items. >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> >>>> >>>> >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz >>>>> >>>>> wrote: >>>>> >>>>> Cheers Jerry! >>>>> >>>>> Only the following ones are still there: >>>>> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn >>>>> diolch i gwmni transtec >>>>> Computers am ei gymorth. >>>>> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner >>>>> thanks transtec Computers for >>>>> their support. >>>>> >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>>> href="http://www.transtec.de/">transtec f?r die freundliche >>>>> Unterst?tzung. >>>>> >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a >>>>> transtec Computers por su >>>>> apoyo. >>>>> >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie >>>>> >>>> href="http://www.transtec.fr/">transtec pour son soutien. >>>>> >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni >>>>> a >>>>> transtec Computers >>>>> tamogatasat. >>>>> >>>>> Best regards, Achim >>>>> >>>>> On 03/02/2015 23:45, Jerry Benton wrote: >>>>>> Done. >>>>>> >>>>>> - >>>>>> Jerry Benton >>>>>> www.mailborder.com >>>>>> >>>>>> >>>>>> >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz >>>>>>> wrote: >>>>>>> >>>>>>> Hello Jerry: >>>>>>> >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: >>>>>>>> I have updated the change log on github to reflect the changes since >>>>>>>> the last version. Jules sent me his entire development environment a >>>>>>>> while back. I am working on a new build now. I will need to test it >>>>>>>> before release. I will try to have it out to this list next week for >>>>>>>> a >>>>>>>> sanity check. Once I (and others) have confirmed I have not screwed >>>>>>>> it >>>>>>>> up I will post it on the website. >>>>>>>> >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>>>>>> >>>>>>> Thanks for including my updated Spanish translation I had sent do the >>>>>>> Baruwa project. >>>>>>> >>>>>>> At the same time, I believe that it would be also correct to remove >>>>>>> all >>>>>>> the footers that contain this text: >>>>>>> >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk" >>>>>>> >>>>>>> which appear to be at least some of the German and Spanish report >>>>>>> texts. >>>>>>> >>>>>>> Cheers, Achim >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>> >>>>> -- >>>>> Achim J. Latz, Qustodium Internet Security >>>>> achim.latz at qustodium.net ? http://www.qustodium.net >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> From jerry.benton at mailborder.com Thu Feb 5 07:51:22 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 5 Feb 2015 02:51:22 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> Message-ID: Nick, The Mailborder phishing.bad.sites.conf is NOT included in the MailScanner package. http://phishing.mailborder.com is an alternative if you wish to use it and the site clearly explains the data source used to generate the list. In order to use the Mailborder provided list you must manually install it. If you have not installed it, then you are not getting the Mailborder provided file. So, you may either use the Mailborder generated file place place of the default or continue using the default that is included in the MailScanner distribution, which pulls from http://www.mailscanner.eu/phishing.bad.sites.conf. So to be very clear: - No Mailborder specific items, code, or anything else is included in the MailScanner open source distribution. - No Baruwa specific items, code, or anything else is included in the MailScanner open source distribution. - No MailWatch specific items, code, or anything else is included in the MailScanner open source distribution. - I nor anyone else on the development team has access to the system that generates the http://www.mailscanner.eu/phishing.bad.sites.conf file. Jules controls this and cannot grant us access to the source due to restrictions placed on him by either licensing or an NDA. - If you do not like the two available sources for the automatically updated phishing.bad.sites.conf file, no one is forcing you to use them. Feel free to develop a superior solution and use it for yourself or share it with the MailScanner community. If you have an improvement to the open source code that would benefit everyone, you may submit it to this list. If it makes sense I will add it to the distribution. However, proclaiming some has ?zero intelligence? is of "zero value? to everyone unless you have an alternate solution. You have complete access to all of the MailScanner source code here: https://github.com/MailScanner/v4 I eagerly await your superior solution and selfless contribution to the MailScanner project in regards to this matter. - Jerry Benton www.mailborder.com > On Feb 5, 2015, at 12:59 AM, Nick Edwards wrote: > > So you're admitting the script that does this has zero intelligence? > > you are clearly stopping facebook from being added, so you have /some/ > mechanisms in place. > > if you dont, send to the mailing list the script that does it all, I, > and/or others, can then fix it up by sending you patches, you can then > decide what one you want to include. at present we have in house mass > perl subs to stop your scripts adding everyone but farkbook. > > > > > On 2/5/15, Jerry Benton wrote: >> Well Nick, write something better to contribute to the project if you don't >> like the Mailborder list. No one is making you use that list. So get off >> your ass and put your obvious elite skills to work and build something >> better for everyone to use. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards >>> wrote: >>> >>> and what phishing.bad.sites.conf will it contain? >>> >>> The one from mailborder is completely stupidly anal and utterly over >>> encompassing with listing stuff like t.co and bit.ly, tiny url and >>> wp.me and so on, funny though, mailborder must be in love with >>> facebook, because that cesspit of a place fb.me hasnt seemingly been >>> listed, though everyone else has. >>> >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass >>> blanket anally retentive listings. >>> >>> If they want people to use it, be bloody sensible about it. alsmost >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw >>> some spam from one ip address result in listing the entire /16 >>> netblocks... jesus... it not rocket science, you need to work in >>> proportions before you go dumb arse and block an entire heavily used >>> mostly by decent innocent people, full domain. >>> >>> >>> On 2/5/15, Jerry Benton wrote: >>>> Ok I will take another look. Apparently I only did the plain text items. >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> >>>> >>>> >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz >>>>> >>>>> wrote: >>>>> >>>>> Cheers Jerry! >>>>> >>>>> Only the following ones are still there: >>>>> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn >>>>> diolch i gwmni transtec >>>>> Computers am ei gymorth. >>>>> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner >>>>> thanks transtec Computers for >>>>> their support. >>>>> >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>>> href="http://www.transtec.de/">transtec f?r die freundliche >>>>> Unterst?tzung. >>>>> >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a >>>>> transtec Computers por su >>>>> apoyo. >>>>> >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie >>>>> >>>> href="http://www.transtec.fr/">transtec pour son soutien. >>>>> >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni >>>>> a >>>>> transtec Computers >>>>> tamogatasat. >>>>> >>>>> Best regards, Achim >>>>> >>>>> On 03/02/2015 23:45, Jerry Benton wrote: >>>>>> Done. >>>>>> >>>>>> - >>>>>> Jerry Benton >>>>>> www.mailborder.com >>>>>> >>>>>> >>>>>> >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz >>>>>>> wrote: >>>>>>> >>>>>>> Hello Jerry: >>>>>>> >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: >>>>>>>> I have updated the change log on github to reflect the changes since >>>>>>>> the last version. Jules sent me his entire development environment a >>>>>>>> while back. I am working on a new build now. I will need to test it >>>>>>>> before release. I will try to have it out to this list next week for >>>>>>>> a >>>>>>>> sanity check. Once I (and others) have confirmed I have not screwed >>>>>>>> it >>>>>>>> up I will post it on the website. >>>>>>>> >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>>>>>> >>>>>>> >>>>>>> Thanks for including my updated Spanish translation I had sent do the >>>>>>> Baruwa project. >>>>>>> >>>>>>> At the same time, I believe that it would be also correct to remove >>>>>>> all >>>>>>> the footers that contain this text: >>>>>>> >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk" >>>>>>> >>>>>>> which appear to be at least some of the German and Spanish report >>>>>>> texts. >>>>>>> >>>>>>> Cheers, Achim >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> >>>>> >>>>> >>>>> -- >>>>> Achim J. Latz, Qustodium Internet Security >>>>> achim.latz at qustodium.net ? http://www.qustodium.net >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From achim+mailwatch at qustodium.net Thu Feb 5 13:28:26 2015 From: achim+mailwatch at qustodium.net (Achim J. Latz) Date: Thu, 05 Feb 2015 14:28:26 +0100 Subject: Per-user or per-domain language settings Message-ID: <54D36FFA.2080601@qustodium.net> Hello list: I have been unsuccessfully trying to get MailScanner (4.84.5-4~precise) to respect my per-user (or per-domain) language settings. My findings: 1) %report-dir% cannot be overwritten in a local .conf in /etc/MailScanner/conf.d/ (the value is never used, probably due to QuickPeek) 2) %report-dir% cannot be a ruleset either, so apparently "Reports" can only have one pre-defined language, AND that language must be set in /etc/MailScanner/MailScanner.conf 3) "Language Strings" apparently CAN be a rule set, but apparently only the default rule works. For instance, the following combination should lead to reports in Dutch/NL for every @example.tld address, and German/DE for everybody else: ==== /etc/MailScanner/MailScanner.conf (stock values) %report-dir% = /etc/MailScanner/reports/en %rules-dir% = /etc/MailScanner/rules Language Strings = %report-dir%/languages.conf [?] include /etc/MailScanner/conf.d/* ==== /etc/MailScanner/conf.d/local.conf (local overwrites) # setting has no effect, MailScanner.conf value for report-dir is always used %report-dir% = /etc/MailScanner/reports/de %rules-dir% = /etc/MailScanner/rules Language Strings = %rules-dir%/languages.rules ====/etc/MailScanner/rules/languages.rules (Dutch for example.tld, German for the rest) # separated by tabs or space makes no difference To: *@example.tld /etc/MailScanner/reports/nl/languages.conf To: default /etc/MailScanner/reports/de/languages.conf Changing the language in the "To: default" rule does indeed work as expected for everybody, but the specific per-domain or per-address rules do not seem to work. I have tried all conceivable combinations of the rules file, including with tabs, spaces, "*@example.tld", "example.tld", "john.doe at example.tld" etc?: no success, only the default rule is evaluated. Anybody on this list using MailScanner in a multi-language set-up? I saw that Baruwa apparently can use that MailScanner setting, perhaps somebody has experience? Cheers, Achim From alex at vidadigital.com.pa Thu Feb 5 15:27:16 2015 From: alex at vidadigital.com.pa (Alex Neuman) Date: Thu, 5 Feb 2015 10:27:16 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: <54D30DCA.5010007@huntley.net> References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> Message-ID: I put mine at /etc/mail/access On Feb 5, 2015 2:36 AM, "Michael Huntley" wrote: > I have a new rule: From: nick.z.edwards at gmail.com -> /dev/null . > > No need for this lack of professionalism and civility. > > m > > On 2/4/2015 9:59 PM, Nick Edwards wrote: > > So you're admitting the script that does this has zero intelligence? > > > > you are clearly stopping facebook from being added, so you have /some/ > > mechanisms in place. > > > > if you dont, send to the mailing list the script that does it all, I, > > and/or others, can then fix it up by sending you patches, you can then > > decide what one you want to include. at present we have in house mass > > perl subs to stop your scripts adding everyone but farkbook. > > > > > > > > > > On 2/5/15, Jerry Benton wrote: > >> Well Nick, write something better to contribute to the project if you > don't > >> like the Mailborder list. No one is making you use that list. So get off > >> your ass and put your obvious elite skills to work and build something > >> better for everyone to use. > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> > >> > >> > >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards > >>> wrote: > >>> > >>> and what phishing.bad.sites.conf will it contain? > >>> > >>> The one from mailborder is completely stupidly anal and utterly over > >>> encompassing with listing stuff like t.co and bit.ly, tiny url and > >>> wp.me and so on, funny though, mailborder must be in love with > >>> facebook, because that cesspit of a place fb.me hasnt seemingly been > >>> listed, though everyone else has. > >>> > >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass > >>> blanket anally retentive listings. > >>> > >>> If they want people to use it, be bloody sensible about it. alsmost > >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw > >>> some spam from one ip address result in listing the entire /16 > >>> netblocks... jesus... it not rocket science, you need to work in > >>> proportions before you go dumb arse and block an entire heavily used > >>> mostly by decent innocent people, full domain. > >>> > >>> > >>> On 2/5/15, Jerry Benton wrote: > >>>> Ok I will take another look. Apparently I only did the plain text > items. > >>>> > >>>> - > >>>> Jerry Benton > >>>> www.mailborder.com > >>>> > >>>> > >>>> > >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz > >>>>> > >>>>> wrote: > >>>>> > >>>>> Cheers Jerry! > >>>>> > >>>>> Only the following ones are still there: > >>>>> > >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner > yn > >>>>> diolch i gwmni transtec > >>>>> Computers am ei gymorth. > >>>>> > >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner > >>>>> thanks transtec Computers > for > >>>>> their support. > >>>>> > >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>>>> href="http://www.transtec.de/">transtec f?r die freundliche > >>>>> Unterst?tzung. > >>>>> > >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner > agradece a > >>>>> transtec Computers por su > >>>>> apoyo. > >>>>> > >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie > >>>>> >>>>> href="http://www.transtec.fr/">transtec pour son soutien. > >>>>> > >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner > koszoni > >>>>> a > >>>>> transtec Computers > >>>>> tamogatasat. > >>>>> > >>>>> Best regards, Achim > >>>>> > >>>>> On 03/02/2015 23:45, Jerry Benton wrote: > >>>>>> Done. > >>>>>> > >>>>>> - > >>>>>> Jerry Benton > >>>>>> www.mailborder.com > >>>>>> > >>>>>> > >>>>>> > >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz > >>>>>>> wrote: > >>>>>>> > >>>>>>> Hello Jerry: > >>>>>>> > >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: > >>>>>>>> I have updated the change log on github to reflect the changes > since > >>>>>>>> the last version. Jules sent me his entire development > environment a > >>>>>>>> while back. I am working on a new build now. I will need to test > it > >>>>>>>> before release. I will try to have it out to this list next week > for > >>>>>>>> a > >>>>>>>> sanity check. Once I (and others) have confirmed I have not > screwed > >>>>>>>> it > >>>>>>>> up I will post it on the website. > >>>>>>>> > >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog > >>>>>>> > >>>>>>> Thanks for including my updated Spanish translation I had sent do > the > >>>>>>> Baruwa project. > >>>>>>> > >>>>>>> At the same time, I believe that it would be also correct to remove > >>>>>>> all > >>>>>>> the footers that contain this text: > >>>>>>> > >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk" > >>>>>>> > >>>>>>> which appear to be at least some of the German and Spanish report > >>>>>>> texts. > >>>>>>> > >>>>>>> Cheers, Achim > >>>>>>> -- > >>>>>>> MailScanner mailing list > >>>>>>> mailscanner at lists.mailscanner.info > >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>>>>> > >>>>>>> Before posting, read http://wiki.mailscanner.info/posting > >>>>>>> > >>>>>>> Support MailScanner development - buy the book off the website! > >>>>> > >>>>> -- > >>>>> Achim J. Latz, Qustodium Internet Security > >>>>> achim.latz at qustodium.net ? http://www.qustodium.net > >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>>> > >>>>> Before posting, read http://wiki.mailscanner.info/posting > >>>>> > >>>>> Support MailScanner development - buy the book off the website! > >>>> -- > >>>> MailScanner mailing list > >>>> mailscanner at lists.mailscanner.info > >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>> > >>>> Before posting, read http://wiki.mailscanner.info/posting > >>>> > >>>> Support MailScanner development - buy the book off the website! > >>>> > >>> -- > >>> MailScanner mailing list > >>> mailscanner at lists.mailscanner.info > >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>> > >>> Before posting, read http://wiki.mailscanner.info/posting > >>> > >>> Support MailScanner development - buy the book off the website! > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >> > >> Before posting, read http://wiki.mailscanner.info/posting > >> > >> Support MailScanner development - buy the book off the website! > >> > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150205/e1540933/attachment.html From markee at bandwidthco.com Fri Feb 6 23:44:29 2015 From: markee at bandwidthco.com (Mark E. Donaldson) Date: Fri, 6 Feb 2015 23:44:29 +0000 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> Message-ID: <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> nick.z.edwards at gmail.com discard From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Alex Neuman Sent: Thursday, February 05, 2015 7:27 AM To: MailScanner discussion Subject: Re: MailScanner v4.85.1-1 I put mine at /etc/mail/access On Feb 5, 2015 2:36 AM, "Michael Huntley" > wrote: I have a new rule: From: nick.z.edwards at gmail.com -> /dev/null . No need for this lack of professionalism and civility. m On 2/4/2015 9:59 PM, Nick Edwards wrote: > So you're admitting the script that does this has zero intelligence? > > you are clearly stopping facebook from being added, so you have /some/ > mechanisms in place. > > if you dont, send to the mailing list the script that does it all, I, > and/or others, can then fix it up by sending you patches, you can then > decide what one you want to include. at present we have in house mass > perl subs to stop your scripts adding everyone but farkbook. > > > > > On 2/5/15, Jerry Benton > wrote: >> Well Nick, write something better to contribute to the project if you don't >> like the Mailborder list. No one is making you use that list. So get off >> your ass and put your obvious elite skills to work and build something >> better for everyone to use. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards > >>> wrote: >>> >>> and what phishing.bad.sites.conf will it contain? >>> >>> The one from mailborder is completely stupidly anal and utterly over >>> encompassing with listing stuff like t.co and bit.ly, tiny url and >>> wp.me and so on, funny though, mailborder must be in love with >>> facebook, because that cesspit of a place fb.me hasnt seemingly been >>> listed, though everyone else has. >>> >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass >>> blanket anally retentive listings. >>> >>> If they want people to use it, be bloody sensible about it. alsmost >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw >>> some spam from one ip address result in listing the entire /16 >>> netblocks... jesus... it not rocket science, you need to work in >>> proportions before you go dumb arse and block an entire heavily used >>> mostly by decent innocent people, full domain. >>> >>> >>> On 2/5/15, Jerry Benton > wrote: >>>> Ok I will take another look. Apparently I only did the plain text items. >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> >>>> >>>> >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz >>>>> > >>>>> wrote: >>>>> >>>>> Cheers Jerry! >>>>> >>>>> Only the following ones are still there: >>>>> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn >>>>> diolch i gwmni transtec >>>>> Computers am ei gymorth. >>>>> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner >>>>> thanks transtec Computers for >>>>> their support. >>>>> >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>>> href="http://www.transtec.de/">transtec f?r die freundliche >>>>> Unterst?tzung. >>>>> >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a >>>>> transtec Computers por su >>>>> apoyo. >>>>> >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie >>>>> >>>> href="http://www.transtec.fr/">transtec pour son soutien. >>>>> >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni >>>>> a >>>>> transtec Computers >>>>> tamogatasat. >>>>> >>>>> Best regards, Achim >>>>> >>>>> On 03/02/2015 23:45, Jerry Benton wrote: >>>>>> Done. >>>>>> >>>>>> - >>>>>> Jerry Benton >>>>>> www.mailborder.com >>>>>> >>>>>> >>>>>> >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz >>>>>>> > wrote: >>>>>>> >>>>>>> Hello Jerry: >>>>>>> >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: >>>>>>>> I have updated the change log on github to reflect the changes since >>>>>>>> the last version. Jules sent me his entire development environment a >>>>>>>> while back. I am working on a new build now. I will need to test it >>>>>>>> before release. I will try to have it out to this list next week for >>>>>>>> a >>>>>>>> sanity check. Once I (and others) have confirmed I have not screwed >>>>>>>> it >>>>>>>> up I will post it on the website. >>>>>>>> >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>>>>>> >>>>>>> Thanks for including my updated Spanish translation I had sent do the >>>>>>> Baruwa project. >>>>>>> >>>>>>> At the same time, I believe that it would be also correct to remove >>>>>>> all >>>>>>> the footers that contain this text: >>>>>>> >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk" >>>>>>> >>>>>>> which appear to be at least some of the German and Spanish report >>>>>>> texts. >>>>>>> >>>>>>> Cheers, Achim >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>> >>>>> -- >>>>> Achim J. Latz, Qustodium Internet Security >>>>> achim.latz at qustodium.net ? http://www.qustodium.net >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner at Bandwidthco Computer Security is for your absolute protection. ######################################################## This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. postmaster at bandwidthco.com MailScanner at Bandwidthco Computer Security is for your absolute protection. ######################################################## -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150206/ad2f3be1/attachment.html From alex at vidadigital.com.pa Sat Feb 7 03:51:21 2015 From: alex at vidadigital.com.pa (Alex Neuman) Date: Fri, 6 Feb 2015 19:51:21 -0800 Subject: MailScanner v4.85.1-1 In-Reply-To: <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> Message-ID: Better to do a 551 so it bounces; less load on the server and less bandwidth waste. Also, there are scripts to feed it to spamcop as well IIRC. *Alex Neuman van der Hans* Reliant Technologies / Vida Digital http://vidadigital.com.pa/ Mobile: +507 6781-9505 Work: +507 832-6725 Work (USA): +1 (440) 253-9789 Skype: AlexNeuman Don't miss Vida Digital on LiveStream ! Saturdays 8am-10am on M?xima 91.7FM Panama Follow *@AlexNeuman * on Twitter Like Vida Digital on Facebook Follow VidaDigital on Instagram Subscribe to Vida Digital on Youtube On Fri, Feb 6, 2015 at 3:44 PM, Mark E. Donaldson wrote: > nick.z.edwards at gmail.com discard > > > > *From:* mailscanner-bounces at lists.mailscanner.info [mailto: > mailscanner-bounces at lists.mailscanner.info] *On Behalf Of *Alex Neuman > *Sent:* Thursday, February 05, 2015 7:27 AM > *To:* MailScanner discussion > *Subject:* Re: MailScanner v4.85.1-1 > > > > I put mine at /etc/mail/access > > On Feb 5, 2015 2:36 AM, "Michael Huntley" wrote: > > I have a new rule: From: nick.z.edwards at gmail.com -> /dev/null . > > No need for this lack of professionalism and civility. > > m > > On 2/4/2015 9:59 PM, Nick Edwards wrote: > > So you're admitting the script that does this has zero intelligence? > > > > you are clearly stopping facebook from being added, so you have /some/ > > mechanisms in place. > > > > if you dont, send to the mailing list the script that does it all, I, > > and/or others, can then fix it up by sending you patches, you can then > > decide what one you want to include. at present we have in house mass > > perl subs to stop your scripts adding everyone but farkbook. > > > > > > > > > > On 2/5/15, Jerry Benton wrote: > >> Well Nick, write something better to contribute to the project if you > don't > >> like the Mailborder list. No one is making you use that list. So get off > >> your ass and put your obvious elite skills to work and build something > >> better for everyone to use. > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> > >> > >> > >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards > >>> wrote: > >>> > >>> and what phishing.bad.sites.conf will it contain? > >>> > >>> The one from mailborder is completely stupidly anal and utterly over > >>> encompassing with listing stuff like t.co and bit.ly, tiny url and > >>> wp.me and so on, funny though, mailborder must be in love with > >>> facebook, because that cesspit of a place fb.me hasnt seemingly been > >>> listed, though everyone else has. > >>> > >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass > >>> blanket anally retentive listings. > >>> > >>> If they want people to use it, be bloody sensible about it. alsmost > >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw > >>> some spam from one ip address result in listing the entire /16 > >>> netblocks... jesus... it not rocket science, you need to work in > >>> proportions before you go dumb arse and block an entire heavily used > >>> mostly by decent innocent people, full domain. > >>> > >>> > >>> On 2/5/15, Jerry Benton wrote: > >>>> Ok I will take another look. Apparently I only did the plain text > items. > >>>> > >>>> - > >>>> Jerry Benton > >>>> www.mailborder.com > >>>> > >>>> > >>>> > >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz > >>>>> > >>>>> wrote: > >>>>> > >>>>> Cheers Jerry! > >>>>> > >>>>> Only the following ones are still there: > >>>>> > >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner > yn > >>>>> diolch i gwmni transtec > >>>>> Computers am ei gymorth. > >>>>> > >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner > >>>>> thanks transtec Computers > for > >>>>> their support. > >>>>> > >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>>>> href="http://www.transtec.de/">transtec f?r die freundliche > >>>>> Unterst?tzung. > >>>>> > >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner > agradece a > >>>>> transtec Computers por su > >>>>> apoyo. > >>>>> > >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie > >>>>> >>>>> href="http://www.transtec.fr/">transtec pour son soutien. > >>>>> > >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner > koszoni > >>>>> a > >>>>> transtec Computers > >>>>> tamogatasat. > >>>>> > >>>>> Best regards, Achim > >>>>> > >>>>> On 03/02/2015 23:45, Jerry Benton wrote: > >>>>>> Done. > >>>>>> > >>>>>> - > >>>>>> Jerry Benton > >>>>>> www.mailborder.com > >>>>>> > >>>>>> > >>>>>> > >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz > >>>>>>> wrote: > >>>>>>> > >>>>>>> Hello Jerry: > >>>>>>> > >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: > >>>>>>>> I have updated the change log on github to reflect the changes > since > >>>>>>>> the last version. Jules sent me his entire development > environment a > >>>>>>>> while back. I am working on a new build now. I will need to test > it > >>>>>>>> before release. I will try to have it out to this list next week > for > >>>>>>>> a > >>>>>>>> sanity check. Once I (and others) have confirmed I have not > screwed > >>>>>>>> it > >>>>>>>> up I will post it on the website. > >>>>>>>> > >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog > >>>>>>> > >>>>>>> Thanks for including my updated Spanish translation I had sent do > the > >>>>>>> Baruwa project. > >>>>>>> > >>>>>>> At the same time, I believe that it would be also correct to remove > >>>>>>> all > >>>>>>> the footers that contain this text: > >>>>>>> > >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk" > >>>>>>> > >>>>>>> which appear to be at least some of the German and Spanish report > >>>>>>> texts. > >>>>>>> > >>>>>>> Cheers, Achim > >>>>>>> -- > >>>>>>> MailScanner mailing list > >>>>>>> mailscanner at lists.mailscanner.info > >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>>>>> > >>>>>>> Before posting, read http://wiki.mailscanner.info/posting > >>>>>>> > >>>>>>> Support MailScanner development - buy the book off the website! > >>>>> > >>>>> -- > >>>>> Achim J. Latz, Qustodium Internet Security > >>>>> achim.latz at qustodium.net ? http://www.qustodium.net > >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>>> > >>>>> Before posting, read http://wiki.mailscanner.info/posting > >>>>> > >>>>> Support MailScanner development - buy the book off the website! > >>>> -- > >>>> MailScanner mailing list > >>>> mailscanner at lists.mailscanner.info > >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>> > >>>> Before posting, read http://wiki.mailscanner.info/posting > >>>> > >>>> Support MailScanner development - buy the book off the website! > >>>> > >>> -- > >>> MailScanner mailing list > >>> mailscanner at lists.mailscanner.info > >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>> > >>> Before posting, read http://wiki.mailscanner.info/posting > >>> > >>> Support MailScanner development - buy the book off the website! > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >> > >> Before posting, read http://wiki.mailscanner.info/posting > >> > >> Support MailScanner development - buy the book off the website! > >> > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > > -- > This message has been scanned for viruses and dangerous > content by *MailScanner* , and is believed > to be clean. > MailScanner at *Bandwidthco Computer Security* > is for your absolute protection. > > -- > This message has been scanned for viruses and dangerous > content by *MailScanner* , and is believed > to be clean. > MailScanner at *Bandwidthco Computer Security* > is for your absolute protection. > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150206/1e4053e3/attachment.html From iversons at rushville.k12.in.us Sat Feb 7 23:14:03 2015 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sat, 7 Feb 2015 18:14:03 -0500 Subject: MailScanner v4.85.1-1 Patch Message-ID: Wondering if the following has been resolved in v4.85... (see attached) -- Shawn Iverson Director of Technology Rush County Schools 765-932-3901 x271 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150207/0951d716/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: mailscanner-4.84.6-1.patch Type: text/x-patch Size: 1563 bytes Desc: not available Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150207/0951d716/attachment.bin From jerry.benton at mailborder.com Sun Feb 8 01:51:15 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 7 Feb 2015 20:51:15 -0500 Subject: MailScanner v4.85.1-1 Patch In-Reply-To: References: Message-ID: https://github.com/MailScanner/v4/blob/master/mailscanner/lib/bitdefender-wrapper Send me your patched file. - Jerry Benton www.mailborder.com > On Feb 7, 2015, at 6:14 PM, Shawn Iverson wrote: > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150207/49854c83/attachment.html From mailborder at gmail.com Mon Feb 9 07:47:14 2015 From: mailborder at gmail.com (Mailborder at Gmail) Date: Mon, 9 Feb 2015 02:47:14 -0500 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: <201502011904070721.0BEE0C0F@web.ace.net.au> References: <7CA580B59C1ABD45B4614ED90D4C7B857EB3B3C1@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3C56D@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3D73A@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3F3ED@HC-EXMBX04.herefordshire.gov.uk> <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> Message-ID: I am working on the RPM install scripts now and just finished working out the Perl requirements today. This is pretty much a total rewrite of the install scripts as I am having it leverage each distro's package management system rather than installing from source. It makes the management for everyone involved easier and ensures that the latest stable items are installed. I am doing tests for and gearing this towards CentOS and RHEL on 5,6,7. (And variants like Scientific.) Here is how the install it is going to work: - Install uses as many RPM packages (for Perl modules) as possible from the distro base - You are given an option to install EPEL to cover more Perl modules via RPM - You are given the option to have anything missing installed via CPAN - After the available RPMs are installed it tests to see what is missing - If you elect to use CPAN whatever is missing will be installed from CPAN - You are given the option to have the install script install spamassassin (distro) - You are given the option to have the install script install Clam AV (distro) if you elect to use EPEL My research and tests on RHEL 7 show that so far only Filesys::Df and Sys::Hostname::Long are missing if you elect to use EPEL. All Perl modules are available on RHEL 5 and 6 when using EPEL. I expect to have a beta out this week for the RPM package. (I will provide a link.) If someone could help test that would be helpful. Jerry Benton www.mailborder.com On Sun, Feb 1, 2015 at 3:34 AM, Peter Nitschke wrote: > Any update on this? > > > *********** REPLY SEPARATOR *********** > > On 18/09/2014 at 6:28 PM Jerry Benton wrote: > > >There will be RPM, DEB, and source tarballs available once I iron out the > >packaging. FSL is donating their MailScanner Gold and they have done a lot > >of the legwork. Once I get a chance to review what they have I will make > >it available. > > > > > > > >- > >Jerry Benton > >www.mailborder.com > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150209/06cc6817/attachment.html From pas at unh.edu Mon Feb 9 08:53:46 2015 From: pas at unh.edu (Paul A Sand) Date: Mon, 9 Feb 2015 03:53:46 -0500 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EB3D73A@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3F3ED@HC-EXMBX04.herefordshire.gov.uk> <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> Message-ID: <20150209085346.GA1437@cisunix.unh.edu> * Mailborder at Gmail [2015-02-09 02:55]: > I am working on the RPM install scripts now and just finished working out > the Perl requirements today. This is pretty much a total rewrite of the > install scripts as I am having it leverage each distro's package management > system rather than installing from source. It makes the management for > everyone involved easier and ensures that the latest stable items are > installed. I am doing tests for and gearing this towards CentOS and RHEL on > 5,6,7. (And variants like Scientific.) As a long-time user of MailScanner on Red Hat, I think this is the right way to go. Thanks very much for your efforts. > My research and tests on RHEL 7 show that so far only Filesys::Df and > Sys::Hostname::Long are missing if you elect to use EPEL. All Perl modules > are available on RHEL 5 and 6 when using EPEL. I've taken the liberty of mailing the "main contacts" for these two packages, asking about getting them into EPEL 7. (I have no idea if that's the appropriate way to make such a request or not, but if not, at least they'll be irked with me, not you.) -- -- Paul A Sand -- Information Technology / University of New Hampshire -- http://pubpages.unh.edu/~pas -- No electrons were harmed in the transmission of this message. From alex at vidadigital.com.pa Mon Feb 9 15:51:10 2015 From: alex at vidadigital.com.pa (Alex Neuman) Date: Mon, 9 Feb 2015 10:51:10 -0500 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EB3B3C1@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3C56D@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3D73A@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3F3ED@HC-EXMBX04.herefordshire.gov.uk> <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> Message-ID: I can help test. *Alex Neuman van der Hans* Reliant Technologies / Vida Digital http://vidadigital.com.pa/ Mobile: +507 6781-9505 Work: +507 832-6725 Work (USA): +1 (440) 253-9789 Skype: AlexNeuman Don't miss Vida Digital on LiveStream ! Saturdays 8am-10am on M?xima 91.7FM Panama Follow *@AlexNeuman * on Twitter Like Vida Digital on Facebook Follow VidaDigital on Instagram Subscribe to Vida Digital on Youtube On Mon, Feb 9, 2015 at 2:47 AM, Mailborder at Gmail wrote: > I am working on the RPM install scripts now and just finished working out > the Perl requirements today. This is pretty much a total rewrite of the > install scripts as I am having it leverage each distro's package management > system rather than installing from source. It makes the management for > everyone involved easier and ensures that the latest stable items are > installed. I am doing tests for and gearing this towards CentOS and RHEL on > 5,6,7. (And variants like Scientific.) > > Here is how the install it is going to work: > > - Install uses as many RPM packages (for Perl modules) as possible from > the distro base > - You are given an option to install EPEL to cover more Perl modules via > RPM > - You are given the option to have anything missing installed via CPAN > - After the available RPMs are installed it tests to see what is missing > - If you elect to use CPAN whatever is missing will be installed from CPAN > - You are given the option to have the install script install spamassassin > (distro) > - You are given the option to have the install script install Clam AV > (distro) if you elect to use EPEL > > My research and tests on RHEL 7 show that so far only Filesys::Df and > Sys::Hostname::Long are missing if you elect to use EPEL. All Perl modules > are available on RHEL 5 and 6 when using EPEL. > > I expect to have a beta out this week for the RPM package. (I will provide > a link.) If someone could help test that would be helpful. > > Jerry Benton > www.mailborder.com > > > On Sun, Feb 1, 2015 at 3:34 AM, Peter Nitschke wrote: > >> Any update on this? >> >> >> *********** REPLY SEPARATOR *********** >> >> On 18/09/2014 at 6:28 PM Jerry Benton wrote: >> >> >There will be RPM, DEB, and source tarballs available once I iron out the >> >packaging. FSL is donating their MailScanner Gold and they have done a >> lot >> >of the legwork. Once I get a chance to review what they have I will make >> >it available. >> > >> > >> > >> >- >> >Jerry Benton >> >www.mailborder.com >> > >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150209/26667dcf/attachment.html From kevin.miller at juneau.org Mon Feb 9 20:31:42 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Mon, 9 Feb 2015 20:31:42 +0000 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EB3B3C1@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3C56D@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3D73A@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3F3ED@HC-EXMBX04.herefordshire.gov.uk> <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> Message-ID: I?m in the process of rebuilding our MailScanner gateways so I?m happy to help test. A very limited amount of mail will actually transverse the test box, but for installation and setup it?s perfect timing. Is the idea of downloading from CPAN so that the most current version of a perl module is installed rather than bundling them with MS as Julian did? I have EPEL enabled, but I?m not finding these modules from the list Phil published on Aug 10 of last year: perl-bignum perl-Filesys-Df perl-IO perl-Math-BigInt perl-Math-BigRat perl-MIME-Base64 perl-Sys-Hostname-Long Perhaps these are included in modules of slightly different names? For instance, there are almost two dozen perl-IO-SOMETHING modules; same with perl-MIME. I see too that there?s a perl-Math-BigInt-GMP which might serve as the perl-Math-BigInt? Or perhaps the perl requirements have changed and some previously necessary modules have been deprecated in favor of others? Thanks for all you?re doing! ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Mailborder at Gmail Sent: Sunday, February 08, 2015 10:47 PM To: MailScanner discussion Subject: Re: Has anyone tried MailScanner on CentOS 7? I am working on the RPM install scripts now and just finished working out the Perl requirements today. This is pretty much a total rewrite of the install scripts as I am having it leverage each distro's package management system rather than installing from source. It makes the management for everyone involved easier and ensures that the latest stable items are installed. I am doing tests for and gearing this towards CentOS and RHEL on 5,6,7. (And variants like Scientific.) Here is how the install it is going to work: - Install uses as many RPM packages (for Perl modules) as possible from the distro base - You are given an option to install EPEL to cover more Perl modules via RPM - You are given the option to have anything missing installed via CPAN - After the available RPMs are installed it tests to see what is missing - If you elect to use CPAN whatever is missing will be installed from CPAN - You are given the option to have the install script install spamassassin (distro) - You are given the option to have the install script install Clam AV (distro) if you elect to use EPEL My research and tests on RHEL 7 show that so far only Filesys::Df and Sys::Hostname::Long are missing if you elect to use EPEL. All Perl modules are available on RHEL 5 and 6 when using EPEL. I expect to have a beta out this week for the RPM package. (I will provide a link.) If someone could help test that would be helpful. Jerry Benton www.mailborder.com On Sun, Feb 1, 2015 at 3:34 AM, Peter Nitschke > wrote: Any update on this? *********** REPLY SEPARATOR *********** On 18/09/2014 at 6:28 PM Jerry Benton wrote: >There will be RPM, DEB, and source tarballs available once I iron out the >packaging. FSL is donating their MailScanner Gold and they have done a lot >of the legwork. Once I get a chance to review what they have I will make >it available. > > > >- >Jerry Benton >www.mailborder.com > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150209/e9fb66cc/attachment.html From jerry.benton at mailborder.com Mon Feb 9 22:04:52 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 9 Feb 2015 17:04:52 -0500 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EB3B3C1@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3C56D@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3D73A@HC-EXMBX04.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EB3F3ED@HC-EXMBX04.herefordshire.gov.uk> <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> Message-ID: <32CFB776-0F89-4460-AE0A-AED12685F695@mailborder.com> You can test to see if a model is installed like this: perldoc -l Sys::Hostname::Long (That is a dash L) Some models ship with Perl, so you may not see everything. You can get a complete list of disto packaged modules like this: yum list|grep -i perl- - Jerry Benton www.mailborder.com > On Feb 9, 2015, at 3:31 PM, Kevin Miller wrote: > > I?m in the process of rebuilding our MailScanner gateways so I?m happy to help test. A very limited amount of mail will actually transverse the test box, but for installation and setup it?s perfect timing. > > Is the idea of downloading from CPAN so that the most current version of a perl module is installed rather than bundling them with MS as Julian did? > > I have EPEL enabled, but I?m not finding these modules from the list Phil published on Aug 10 of last year: > perl-bignum > perl-Filesys-Df > perl-IO > perl-Math-BigInt > perl-Math-BigRat > perl-MIME-Base64 > perl-Sys-Hostname-Long > > Perhaps these are included in modules of slightly different names? For instance, there are almost two dozen perl-IO-SOMETHING modules; same with perl-MIME. > > I see too that there?s a perl-Math-BigInt-GMP which might serve as the perl-Math-BigInt? Or perhaps the perl requirements have changed and some previously necessary modules have been deprecated in favor of others? > > Thanks for all you?re doing! > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 > Registered Linux User No: 307357 > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Mailborder at Gmail > Sent: Sunday, February 08, 2015 10:47 PM > To: MailScanner discussion > Subject: Re: Has anyone tried MailScanner on CentOS 7? > > I am working on the RPM install scripts now and just finished working out the Perl requirements today. This is pretty much a total rewrite of the install scripts as I am having it leverage each distro's package management system rather than installing from source. It makes the management for everyone involved easier and ensures that the latest stable items are installed. I am doing tests for and gearing this towards CentOS and RHEL on 5,6,7. (And variants like Scientific.) > > Here is how the install it is going to work: > > - Install uses as many RPM packages (for Perl modules) as possible from the distro base > - You are given an option to install EPEL to cover more Perl modules via RPM > - You are given the option to have anything missing installed via CPAN > - After the available RPMs are installed it tests to see what is missing > - If you elect to use CPAN whatever is missing will be installed from CPAN > - You are given the option to have the install script install spamassassin (distro) > - You are given the option to have the install script install Clam AV (distro) if you elect to use EPEL > > My research and tests on RHEL 7 show that so far only Filesys::Df and Sys::Hostname::Long are missing if you elect to use EPEL. All Perl modules are available on RHEL 5 and 6 when using EPEL. > > I expect to have a beta out this week for the RPM package. (I will provide a link.) If someone could help test that would be helpful. > > Jerry Benton > www.mailborder.com > > On Sun, Feb 1, 2015 at 3:34 AM, Peter Nitschke > wrote: > Any update on this? > > > *********** REPLY SEPARATOR *********** > > On 18/09/2014 at 6:28 PM Jerry Benton wrote: > > >There will be RPM, DEB, and source tarballs available once I iron out the > >packaging. FSL is donating their MailScanner Gold and they have done a lot > >of the legwork. Once I get a chance to review what they have I will make > >it available. > > > > > > > >- > >Jerry Benton > >www.mailborder.com > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150209/3daee5d2/attachment.html From pas at unh.edu Mon Feb 9 22:54:31 2015 From: pas at unh.edu (Paul A Sand) Date: Mon, 9 Feb 2015 17:54:31 -0500 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EB3F3ED@HC-EXMBX04.herefordshire.gov.uk> <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> Message-ID: <20150209225430.GA41033@cisunix.unh.edu> * Kevin Miller [2015-02-09 15:41]: > perl-bignum > perl-Filesys-Df > perl-IO > perl-Math-BigInt > perl-Math-BigRat > perl-MIME-Base64 > perl-Sys-Hostname-Long In RHEL 7: bignum IO Math::BigInt Math::BigRat MIME::Base64 ... modules are all included in the base perl RPM. As Jerry noted, Filesys::Df and Sys::Hostname::Long aren't in either the RedHat official repositories, nor EPEL yet. The Fedora contact for the perl-Sys-Hostname-Long package tells me that he's requested an EPEL 7 branch. (Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=555232) Specifically: It'll take a couple of weeks to get into EPEL-7, though the process can be sped up by getting it tested when it's in the epel-testing repository and giving positive feedback on the update. Haven't heard anything about Filesys::Df yet. -- -- Paul A Sand -- Information Technology / University of New Hampshire -- http://pubpages.unh.edu/~pas -- Should you need legal advice, please consult your lawyer. From kevin.miller at juneau.org Mon Feb 9 23:18:03 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Mon, 9 Feb 2015 23:18:03 +0000 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: <20150209225430.GA41033@cisunix.unh.edu> References: <7CA580B59C1ABD45B4614ED90D4C7B857EB3F3ED@HC-EXMBX04.herefordshire.gov.uk> <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> <20150209225430.GA41033@cisunix.unh.edu> Message-ID: Thanks Paul & Jerry. Slightly off topic, do you have any recommendations on getting re2c? It doesn't appear to be supplied in 7 yet, although EPEL for centos 6 has it. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From pas at unh.edu Tue Feb 10 10:27:28 2015 From: pas at unh.edu (Paul A Sand) Date: Tue, 10 Feb 2015 05:27:28 -0500 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: References: <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> <20150209225430.GA41033@cisunix.unh.edu> Message-ID: <20150210102728.GA5871@cisunix.unh.edu> * Kevin Miller [2015-02-09 18:26]: > > Slightly off topic, do you have any recommendations on getting re2c? It > doesn't appear to be supplied in 7 yet, although EPEL for centos 6 has it. Hi -- I've mailed the contact person for the re2c package to request it be made available in EPEL 7. -- -- Paul A Sand -- Information Technology / University of New Hampshire -- http://pubpages.unh.edu/~pas -- Rikki lost my number. From kevin.miller at juneau.org Tue Feb 10 17:40:52 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Tue, 10 Feb 2015 17:40:52 +0000 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: <20150210102728.GA5871@cisunix.unh.edu> References: <2747.b75900f0.1410738774.nsm@mail.fumlersoft.dk> <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> <20150209225430.GA41033@cisunix.unh.edu> <20150210102728.GA5871@cisunix.unh.edu> Message-ID: <77c71cdb2a4f4af4adab832bfd9fc057@City-Exch-DB1.cbj.local> Much appreciated. Is there a "formal" way for folks on the street to submit inclusion requests? I got a chuckle from your signature. :-) ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Paul A Sand > Sent: Tuesday, February 10, 2015 1:27 AM > To: MailScanner discussion > Subject: Re: Has anyone tried MailScanner on CentOS 7? > > * Kevin Miller [2015-02-09 18:26]: > > > > Slightly off topic, do you have any recommendations on getting re2c? > > It doesn't appear to be supplied in 7 yet, although EPEL for centos 6 > has it. > > Hi -- > > I've mailed the contact person for the re2c package to request it be > made available in EPEL 7. > > -- > -- Paul A Sand > -- Information Technology / University of New Hampshire > -- http://pubpages.unh.edu/~pas > -- Rikki lost my number. From pas at unh.edu Tue Feb 10 18:04:48 2015 From: pas at unh.edu (Paul A Sand) Date: Tue, 10 Feb 2015 13:04:48 -0500 Subject: Has anyone tried MailScanner on CentOS 7? In-Reply-To: <77c71cdb2a4f4af4adab832bfd9fc057@City-Exch-DB1.cbj.local> References: <541B5416.2080707@farrows.org> <1535416A-B06A-4E2F-9CF5-13620FAF971F@mailborder.com> <201502011904070721.0BEE0C0F@web.ace.net.au> <20150209225430.GA41033@cisunix.unh.edu> <20150210102728.GA5871@cisunix.unh.edu> <77c71cdb2a4f4af4adab832bfd9fc057@City-Exch-DB1.cbj.local> Message-ID: <20150210180448.GA34480@cisunix.unh.edu> * Kevin Miller [2015-02-10 12:48]: > Much appreciated. Is there a "formal" way for folks on the street to > submit inclusion requests? For our purposes (package in EPEL 5/6, not in EPEL 7), I think this is the relevant doc: https://fedoraproject.org/wiki/Package_SCM_admin_requests#Package_Change_Requests_for_existing_packages It appears the "right" way to do things is to add the request to the Bugzilla ticket corresponding to the initial package review. But: Please check with the package owner first before requesting a new branch, if you are not the owner. So that's what I've been trying. Note that https://bugzilla.redhat.com/show_bug.cgi?id=555232 shows progress for perl-Sys-Hostname-Long -- -- Paul A Sand -- Information Technology / University of New Hampshire -- http://pubpages.unh.edu/~pas -- Sent without the express written consent of Major League Baseball. From jerry.benton at mailborder.com Wed Feb 11 06:20:53 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 11 Feb 2015 01:20:53 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> Message-ID: Ok, I am done with the RPM installer except for one problem: tnef It is not present in base or EPEL. Jules has this listed as a dependency on the MailScanner RPM, and I would prefer to have this binary available. So ... Option 1: Download and build it from source during the installation. Source is here: http://sourceforge.net/projects/tnef/files/ This would be easy to do. It would also be an option for you user to select yes or no to do this during the installation. Option 2: Find a reliable src rpm and build that. However, I have not been able to find one that is not broken in some way as most are for FC22, which causes problems on stable platforms like RHEL and COS. If you have one (that will also work on RHEL5) let me know. Option 3: Find a regular rpm (two of them for 32 and 64 bit) that can be used in the installer and install from that. This would also be easy. The hard part is finding the RPMs. need EL5, EL6, and EL7 Option 4: You tell me. From my options here, building from source is the easiest route with the most predictable outcome, but RPM remains the most preferred method. - Jerry Benton www.mailborder.com > On Feb 6, 2015, at 10:51 PM, Alex Neuman wrote: > > Better to do a 551 so it bounces; less load on the server and less bandwidth waste. > > Also, there are scripts to feed it to spamcop as well IIRC. > > > > Alex Neuman van der Hans > Reliant Technologies / Vida Digital > http://vidadigital.com.pa/ > > > Mobile: +507 6781-9505 <> > Work: +507 832-6725 > Work (USA): +1 (440) 253-9789 <> > Skype: AlexNeuman <> > > Don't miss Vida Digital on LiveStream ! > Saturdays 8am-10am on M?xima 91.7FM Panama > > Follow @AlexNeuman on Twitter > Like Vida Digital on Facebook > Follow VidaDigital on Instagram > Subscribe to Vida Digital on Youtube > > On Fri, Feb 6, 2015 at 3:44 PM, Mark E. Donaldson > wrote: > nick.z.edwards at gmail.com discard > > > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info ] On Behalf Of Alex Neuman > Sent: Thursday, February 05, 2015 7:27 AM > To: MailScanner discussion > Subject: Re: MailScanner v4.85.1-1 > > > > I put mine at /etc/mail/access > > On Feb 5, 2015 2:36 AM, "Michael Huntley" > wrote: > > I have a new rule: From: nick.z.edwards at gmail.com -> /dev/null . > > No need for this lack of professionalism and civility. > > m > > On 2/4/2015 9:59 PM, Nick Edwards wrote: > > So you're admitting the script that does this has zero intelligence? > > > > you are clearly stopping facebook from being added, so you have /some/ > > mechanisms in place. > > > > if you dont, send to the mailing list the script that does it all, I, > > and/or others, can then fix it up by sending you patches, you can then > > decide what one you want to include. at present we have in house mass > > perl subs to stop your scripts adding everyone but farkbook. > > > > > > > > > > On 2/5/15, Jerry Benton > wrote: > >> Well Nick, write something better to contribute to the project if you don't > >> like the Mailborder list. No one is making you use that list. So get off > >> your ass and put your obvious elite skills to work and build something > >> better for everyone to use. > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> > >> > >> > >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards > > >>> wrote: > >>> > >>> and what phishing.bad.sites.conf will it contain? > >>> > >>> The one from mailborder is completely stupidly anal and utterly over > >>> encompassing with listing stuff like t.co and bit.ly , tiny url and > >>> wp.me and so on, funny though, mailborder must be in love with > >>> facebook, because that cesspit of a place fb.me hasnt seemingly been > >>> listed, though everyone else has. > >>> > >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass > >>> blanket anally retentive listings. > >>> > >>> If they want people to use it, be bloody sensible about it. alsmost > >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw > >>> some spam from one ip address result in listing the entire /16 > >>> netblocks... jesus... it not rocket science, you need to work in > >>> proportions before you go dumb arse and block an entire heavily used > >>> mostly by decent innocent people, full domain. > >>> > >>> > >>> On 2/5/15, Jerry Benton > wrote: > >>>> Ok I will take another look. Apparently I only did the plain text items. > >>>> > >>>> - > >>>> Jerry Benton > >>>> www.mailborder.com > >>>> > >>>> > >>>> > >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz > >>>>> > > >>>>> wrote: > >>>>> > >>>>> Cheers Jerry! > >>>>> > >>>>> Only the following ones are still there: > >>>>> > >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn > >>>>> diolch i gwmni transtec > >>>>> Computers am ei gymorth. > >>>>> > >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner > >>>>> thanks transtec Computers for > >>>>> their support. > >>>>> > >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>>>> href="http://www.transtec.de/ ">transtec f?r die freundliche > >>>>> Unterst?tzung. > >>>>> > >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a > >>>>> transtec Computers por su > >>>>> apoyo. > >>>>> > >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie > >>>>> >>>>> href="http://www.transtec.fr/ ">transtec pour son soutien. > >>>>> > >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni > >>>>> a > >>>>> transtec Computers > >>>>> tamogatasat. > >>>>> > >>>>> Best regards, Achim > >>>>> > >>>>> On 03/02/2015 23:45, Jerry Benton wrote: > >>>>>> Done. > >>>>>> > >>>>>> - > >>>>>> Jerry Benton > >>>>>> www.mailborder.com > >>>>>> > >>>>>> > >>>>>> > >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz > >>>>>>> > wrote: > >>>>>>> > >>>>>>> Hello Jerry: > >>>>>>> > >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: > >>>>>>>> I have updated the change log on github to reflect the changes since > >>>>>>>> the last version. Jules sent me his entire development environment a > >>>>>>>> while back. I am working on a new build now. I will need to test it > >>>>>>>> before release. I will try to have it out to this list next week for > >>>>>>>> a > >>>>>>>> sanity check. Once I (and others) have confirmed I have not screwed > >>>>>>>> it > >>>>>>>> up I will post it on the website. > >>>>>>>> > >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog > >>>>>>> > >>>>>>> Thanks for including my updated Spanish translation I had sent do the > >>>>>>> Baruwa project. > >>>>>>> > >>>>>>> At the same time, I believe that it would be also correct to remove > >>>>>>> all > >>>>>>> the footers that contain this text: > >>>>>>> > >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk " > >>>>>>> > >>>>>>> which appear to be at least some of the German and Spanish report > >>>>>>> texts. > >>>>>>> > >>>>>>> Cheers, Achim > >>>>>>> -- > >>>>>>> MailScanner mailing list > >>>>>>> mailscanner at lists.mailscanner.info > >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>>>>> > >>>>>>> Before posting, read http://wiki.mailscanner.info/posting > >>>>>>> > >>>>>>> Support MailScanner development - buy the book off the website! > >>>>> > >>>>> -- > >>>>> Achim J. Latz, Qustodium Internet Security > >>>>> achim.latz at qustodium.net ? http://www.qustodium.net > >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>>> > >>>>> Before posting, read http://wiki.mailscanner.info/posting > >>>>> > >>>>> Support MailScanner development - buy the book off the website! > >>>> -- > >>>> MailScanner mailing list > >>>> mailscanner at lists.mailscanner.info > >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>> > >>>> Before posting, read http://wiki.mailscanner.info/posting > >>>> > >>>> Support MailScanner development - buy the book off the website! > >>>> > >>> -- > >>> MailScanner mailing list > >>> mailscanner at lists.mailscanner.info > >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>> > >>> Before posting, read http://wiki.mailscanner.info/posting > >>> > >>> Support MailScanner development - buy the book off the website! > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >> > >> Before posting, read http://wiki.mailscanner.info/posting > >> > >> Support MailScanner development - buy the book off the website! > >> > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > > -- > This message has been scanned for viruses and dangerous > content by MailScanner , and is believed to be clean. > MailScanner at Bandwidthco Computer Security is for your absolute protection. > > > -- > This message has been scanned for viruses and dangerous > content by MailScanner , and is believed to be clean. > MailScanner at Bandwidthco Computer Security is for your absolute protection. > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150211/7b5e0d4b/attachment.html From jerry.benton at mailborder.com Wed Feb 11 10:37:43 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 11 Feb 2015 05:37:43 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> Message-ID: <158E13DD-1DA0-4E2B-96B2-DDC2B7CD07DC@mailborder.com> Found a solution. I created an RPM from the source. So I will add a menu option in the install script that will install it if it is not found. (After trying to install it via yum.) I will of course test it ? blah blah blah ? - Jerry Benton www.mailborder.com > On Feb 11, 2015, at 1:20 AM, Jerry Benton wrote: > > Ok, I am done with the RPM installer except for one problem: tnef > > It is not present in base or EPEL. Jules has this listed as a dependency on the MailScanner RPM, and I would prefer to have this binary available. So ... > > Option 1: Download and build it from source during the installation. Source is here: http://sourceforge.net/projects/tnef/files/ This would be easy to do. It would also be an option for you user to select yes or no to do this during the installation. > > Option 2: Find a reliable src rpm and build that. However, I have not been able to find one that is not broken in some way as most are for FC22, which causes problems on stable platforms like RHEL and COS. If you have one (that will also work on RHEL5) let me know. > > Option 3: Find a regular rpm (two of them for 32 and 64 bit) that can be used in the installer and install from that. This would also be easy. The hard part is finding the RPMs. need EL5, EL6, and EL7 > > Option 4: You tell me. > > > From my options here, building from source is the easiest route with the most predictable outcome, but RPM remains the most preferred method. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 6, 2015, at 10:51 PM, Alex Neuman > wrote: >> >> Better to do a 551 so it bounces; less load on the server and less bandwidth waste. >> >> Also, there are scripts to feed it to spamcop as well IIRC. >> >> >> >> Alex Neuman van der Hans >> Reliant Technologies / Vida Digital >> http://vidadigital.com.pa/ >> >> >> Mobile: +507 6781-9505 <> >> Work: +507 832-6725 >> Work (USA): +1 (440) 253-9789 <> >> Skype: AlexNeuman <> >> >> Don't miss Vida Digital on LiveStream ! >> Saturdays 8am-10am on M?xima 91.7FM Panama >> >> Follow @AlexNeuman on Twitter >> Like Vida Digital on Facebook >> Follow VidaDigital on Instagram >> Subscribe to Vida Digital on Youtube >> >> On Fri, Feb 6, 2015 at 3:44 PM, Mark E. Donaldson > wrote: >> nick.z.edwards at gmail.com discard >> >> >> >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info ] On Behalf Of Alex Neuman >> Sent: Thursday, February 05, 2015 7:27 AM >> To: MailScanner discussion >> Subject: Re: MailScanner v4.85.1-1 >> >> >> >> I put mine at /etc/mail/access >> >> On Feb 5, 2015 2:36 AM, "Michael Huntley" > wrote: >> >> I have a new rule: From: nick.z.edwards at gmail.com -> /dev/null . >> >> No need for this lack of professionalism and civility. >> >> m >> >> On 2/4/2015 9:59 PM, Nick Edwards wrote: >> > So you're admitting the script that does this has zero intelligence? >> > >> > you are clearly stopping facebook from being added, so you have /some/ >> > mechanisms in place. >> > >> > if you dont, send to the mailing list the script that does it all, I, >> > and/or others, can then fix it up by sending you patches, you can then >> > decide what one you want to include. at present we have in house mass >> > perl subs to stop your scripts adding everyone but farkbook. >> > >> > >> > >> > >> > On 2/5/15, Jerry Benton > wrote: >> >> Well Nick, write something better to contribute to the project if you don't >> >> like the Mailborder list. No one is making you use that list. So get off >> >> your ass and put your obvious elite skills to work and build something >> >> better for everyone to use. >> >> >> >> - >> >> Jerry Benton >> >> www.mailborder.com >> >> >> >> >> >> >> >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards > >> >>> wrote: >> >>> >> >>> and what phishing.bad.sites.conf will it contain? >> >>> >> >>> The one from mailborder is completely stupidly anal and utterly over >> >>> encompassing with listing stuff like t.co and bit.ly , tiny url and >> >>> wp.me and so on, funny though, mailborder must be in love with >> >>> facebook, because that cesspit of a place fb.me hasnt seemingly been >> >>> listed, though everyone else has. >> >>> >> >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass >> >>> blanket anally retentive listings. >> >>> >> >>> If they want people to use it, be bloody sensible about it. alsmost >> >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw >> >>> some spam from one ip address result in listing the entire /16 >> >>> netblocks... jesus... it not rocket science, you need to work in >> >>> proportions before you go dumb arse and block an entire heavily used >> >>> mostly by decent innocent people, full domain. >> >>> >> >>> >> >>> On 2/5/15, Jerry Benton > wrote: >> >>>> Ok I will take another look. Apparently I only did the plain text items. >> >>>> >> >>>> - >> >>>> Jerry Benton >> >>>> www.mailborder.com >> >>>> >> >>>> >> >>>> >> >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz >> >>>>> > >> >>>>> wrote: >> >>>>> >> >>>>> Cheers Jerry! >> >>>>> >> >>>>> Only the following ones are still there: >> >>>>> >> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn >> >>>>> diolch i gwmni transtec >> >>>>> Computers am ei gymorth. >> >>>>> >> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner >> >>>>> thanks transtec Computers for >> >>>>> their support. >> >>>>> >> >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt > >>>>> href="http://www.transtec.de/ ">transtec f?r die freundliche >> >>>>> Unterst?tzung. >> >>>>> >> >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a >> >>>>> transtec Computers por su >> >>>>> apoyo. >> >>>>> >> >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie >> >>>>> > >>>>> href="http://www.transtec.fr/ ">transtec pour son soutien. >> >>>>> >> >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni >> >>>>> a >> >>>>> transtec Computers >> >>>>> tamogatasat. >> >>>>> >> >>>>> Best regards, Achim >> >>>>> >> >>>>> On 03/02/2015 23:45, Jerry Benton wrote: >> >>>>>> Done. >> >>>>>> >> >>>>>> - >> >>>>>> Jerry Benton >> >>>>>> www.mailborder.com >> >>>>>> >> >>>>>> >> >>>>>> >> >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz >> >>>>>>> > wrote: >> >>>>>>> >> >>>>>>> Hello Jerry: >> >>>>>>> >> >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: >> >>>>>>>> I have updated the change log on github to reflect the changes since >> >>>>>>>> the last version. Jules sent me his entire development environment a >> >>>>>>>> while back. I am working on a new build now. I will need to test it >> >>>>>>>> before release. I will try to have it out to this list next week for >> >>>>>>>> a >> >>>>>>>> sanity check. Once I (and others) have confirmed I have not screwed >> >>>>>>>> it >> >>>>>>>> up I will post it on the website. >> >>>>>>>> >> >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >> >>>>>>> >> >>>>>>> Thanks for including my updated Spanish translation I had sent do the >> >>>>>>> Baruwa project. >> >>>>>>> >> >>>>>>> At the same time, I believe that it would be also correct to remove >> >>>>>>> all >> >>>>>>> the footers that contain this text: >> >>>>>>> >> >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk " >> >>>>>>> >> >>>>>>> which appear to be at least some of the German and Spanish report >> >>>>>>> texts. >> >>>>>>> >> >>>>>>> Cheers, Achim >> >>>>>>> -- >> >>>>>>> MailScanner mailing list >> >>>>>>> mailscanner at lists.mailscanner.info >> >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >>>>>>> >> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >> >>>>>>> >> >>>>>>> Support MailScanner development - buy the book off the website! >> >>>>> >> >>>>> -- >> >>>>> Achim J. Latz, Qustodium Internet Security >> >>>>> achim.latz at qustodium.net ? http://www.qustodium.net >> >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection >> >>>>> -- >> >>>>> MailScanner mailing list >> >>>>> mailscanner at lists.mailscanner.info >> >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >>>>> >> >>>>> Before posting, read http://wiki.mailscanner.info/posting >> >>>>> >> >>>>> Support MailScanner development - buy the book off the website! >> >>>> -- >> >>>> MailScanner mailing list >> >>>> mailscanner at lists.mailscanner.info >> >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >>>> >> >>>> Before posting, read http://wiki.mailscanner.info/posting >> >>>> >> >>>> Support MailScanner development - buy the book off the website! >> >>>> >> >>> -- >> >>> MailScanner mailing list >> >>> mailscanner at lists.mailscanner.info >> >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >>> >> >>> Before posting, read http://wiki.mailscanner.info/posting >> >>> >> >>> Support MailScanner development - buy the book off the website! >> >> -- >> >> MailScanner mailing list >> >> mailscanner at lists.mailscanner.info >> >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> >> >> Support MailScanner development - buy the book off the website! >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> >> >> -- >> This message has been scanned for viruses and dangerous >> content by MailScanner , and is believed to be clean. >> MailScanner at Bandwidthco Computer Security is for your absolute protection. >> >> >> -- >> This message has been scanned for viruses and dangerous >> content by MailScanner , and is believed to be clean. >> MailScanner at Bandwidthco Computer Security is for your absolute protection. >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150211/a08063cb/attachment.html From andrew at topdog.za.net Thu Feb 12 18:55:02 2015 From: andrew at topdog.za.net (Andrew Colin Kissa) Date: Thu, 12 Feb 2015 20:55:02 +0200 Subject: MailScanner v4.85.1-1 In-Reply-To: <158E13DD-1DA0-4E2B-96B2-DDC2B7CD07DC@mailborder.com> References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> <158E13DD-1DA0-4E2B-96B2-DDC2B7CD07DC@mailborder.com> Message-ID: fnef is available in EPEL[1] [1] https://admin.fedoraproject.org/pkgdb/package/tnef/ On 11 Feb 2015, at 12:37 PM, Jerry Benton wrote: > Found a solution. I created an RPM from the source. So I will add a menu option in the install script that will install it if it is not found. (After trying to install it via yum.) I will of course test it ? blah blah blah ? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 841 bytes Desc: Message signed with OpenPGP using GPGMail Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150212/e5dc29a6/attachment.bin From jerry.benton at mailborder.com Thu Feb 12 20:10:06 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 12 Feb 2015 15:10:06 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> <158E13DD-1DA0-4E2B-96B2-DDC2B7CD07DC@mailborder.com> Message-ID: <471A2904-6C13-4CE0-9E2B-F35B8A355554@mailborder.com> it is listed in EL5 but not actually available. it works on EL6. it is not available in EL7. I don't just check a list. I actually test what I am working on. - Jerry Benton www.mailborder.com Sent from my iPhone > On Feb 12, 2015, at 13:55, Andrew Colin Kissa wrote: > > > fnef is available in EPEL[1] > > [1] https://admin.fedoraproject.org/pkgdb/package/tnef/ > >> On 11 Feb 2015, at 12:37 PM, Jerry Benton wrote: >> >> Found a solution. I created an RPM from the source. So I will add a menu option in the install script that will install it if it is not found. (After trying to install it via yum.) I will of course test it ? blah blah blah ? > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From kevin.miller at juneau.org Fri Feb 13 18:15:43 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Fri, 13 Feb 2015 18:15:43 +0000 Subject: MailScanner v4.85.1-1 In-Reply-To: <158E13DD-1DA0-4E2B-96B2-DDC2B7CD07DC@mailborder.com> References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> <158E13DD-1DA0-4E2B-96B2-DDC2B7CD07DC@mailborder.com> Message-ID: <7830505737db49e79fd44b83b214a678@City-Exch-DB1.cbj.local> Whenever you?re ready for a crash test dummy to give it a try let me know. I?m happy to add a repo source to the new box I?m building, or I can just run the rpm when you have it built and accessible. It?s a brand new box, so the risk is minimal on my side. I already have most of the perl modules installed but no matter. It?ll just be somewhere between a new install and an update? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Wednesday, February 11, 2015 1:38 AM To: MailScanner discussion Subject: Re: MailScanner v4.85.1-1 Found a solution. I created an RPM from the source. So I will add a menu option in the install script that will install it if it is not found. (After trying to install it via yum.) I will of course test it ? blah blah blah ? - Jerry Benton www.mailborder.com On Feb 11, 2015, at 1:20 AM, Jerry Benton > wrote: Ok, I am done with the RPM installer except for one problem: tnef It is not present in base or EPEL. Jules has this listed as a dependency on the MailScanner RPM, and I would prefer to have this binary available. So ... Option 1: Download and build it from source during the installation. Source is here: http://sourceforge.net/projects/tnef/files/ This would be easy to do. It would also be an option for you user to select yes or no to do this during the installation. Option 2: Find a reliable src rpm and build that. However, I have not been able to find one that is not broken in some way as most are for FC22, which causes problems on stable platforms like RHEL and COS. If you have one (that will also work on RHEL5) let me know. Option 3: Find a regular rpm (two of them for 32 and 64 bit) that can be used in the installer and install from that. This would also be easy. The hard part is finding the RPMs. need EL5, EL6, and EL7 Option 4: You tell me. From my options here, building from source is the easiest route with the most predictable outcome, but RPM remains the most preferred method. - Jerry Benton www.mailborder.com On Feb 6, 2015, at 10:51 PM, Alex Neuman > wrote: Better to do a 551 so it bounces; less load on the server and less bandwidth waste. Also, there are scripts to feed it to spamcop as well IIRC. Alex Neuman van der Hans Reliant Technologies / Vida Digital http://vidadigital.com.pa/ [http://vidadigital.com.pa/wp-content/uploads/2014/01/vdtransparent.png] Mobile: +507 6781-9505 Work: MailScanner has detected a possible fraud attempt from "+5078326725" claiming to be +507 832-6725 Work (USA): +1 (440) 253-9789 Skype: AlexNeuman Don't miss Vida Digital on LiveStream! Saturdays 8am-10am on M?xima 91.7FM Panama Follow @AlexNeuman on Twitter Like Vida Digital on Facebook Follow VidaDigital on Instagram Subscribe to Vida Digital on Youtube On Fri, Feb 6, 2015 at 3:44 PM, Mark E. Donaldson > wrote: nick.z.edwards at gmail.com discard From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Alex Neuman Sent: Thursday, February 05, 2015 7:27 AM To: MailScanner discussion Subject: Re: MailScanner v4.85.1-1 I put mine at /etc/mail/access On Feb 5, 2015 2:36 AM, "Michael Huntley" > wrote: I have a new rule: From: nick.z.edwards at gmail.com -> /dev/null . No need for this lack of professionalism and civility. m On 2/4/2015 9:59 PM, Nick Edwards wrote: > So you're admitting the script that does this has zero intelligence? > > you are clearly stopping facebook from being added, so you have /some/ > mechanisms in place. > > if you dont, send to the mailing list the script that does it all, I, > and/or others, can then fix it up by sending you patches, you can then > decide what one you want to include. at present we have in house mass > perl subs to stop your scripts adding everyone but farkbook. > > > > > On 2/5/15, Jerry Benton > wrote: >> Well Nick, write something better to contribute to the project if you don't >> like the Mailborder list. No one is making you use that list. So get off >> your ass and put your obvious elite skills to work and build something >> better for everyone to use. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards > >>> wrote: >>> >>> and what phishing.bad.sites.conf will it contain? >>> >>> The one from mailborder is completely stupidly anal and utterly over >>> encompassing with listing stuff like t.co and bit.ly, tiny url and >>> wp.me and so on, funny though, mailborder must be in love with >>> facebook, because that cesspit of a place fb.me hasnt seemingly been >>> listed, though everyone else has. >>> >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass >>> blanket anally retentive listings. >>> >>> If they want people to use it, be bloody sensible about it. alsmost >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw >>> some spam from one ip address result in listing the entire /16 >>> netblocks... jesus... it not rocket science, you need to work in >>> proportions before you go dumb arse and block an entire heavily used >>> mostly by decent innocent people, full domain. >>> >>> >>> On 2/5/15, Jerry Benton > wrote: >>>> Ok I will take another look. Apparently I only did the plain text items. >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> >>>> >>>> >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz >>>>> > >>>>> wrote: >>>>> >>>>> Cheers Jerry! >>>>> >>>>> Only the following ones are still there: >>>>> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn >>>>> diolch i gwmni transtec >>>>> Computers am ei gymorth. >>>>> >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner >>>>> thanks transtec Computers for >>>>> their support. >>>>> >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>>> href="http://www.transtec.de/">transtec f?r die freundliche >>>>> Unterst?tzung. >>>>> >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a >>>>> transtec Computers por su >>>>> apoyo. >>>>> >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie >>>>> >>>> href="http://www.transtec.fr/">transtec pour son soutien. >>>>> >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni >>>>> a >>>>> transtec Computers >>>>> tamogatasat. >>>>> >>>>> Best regards, Achim >>>>> >>>>> On 03/02/2015 23:45, Jerry Benton wrote: >>>>>> Done. >>>>>> >>>>>> - >>>>>> Jerry Benton >>>>>> www.mailborder.com >>>>>> >>>>>> >>>>>> >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz >>>>>>> > wrote: >>>>>>> >>>>>>> Hello Jerry: >>>>>>> >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: >>>>>>>> I have updated the change log on github to reflect the changes since >>>>>>>> the last version. Jules sent me his entire development environment a >>>>>>>> while back. I am working on a new build now. I will need to test it >>>>>>>> before release. I will try to have it out to this list next week for >>>>>>>> a >>>>>>>> sanity check. Once I (and others) have confirmed I have not screwed >>>>>>>> it >>>>>>>> up I will post it on the website. >>>>>>>> >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog >>>>>>> >>>>>>> Thanks for including my updated Spanish translation I had sent do the >>>>>>> Baruwa project. >>>>>>> >>>>>>> At the same time, I believe that it would be also correct to remove >>>>>>> all >>>>>>> the footers that contain this text: >>>>>>> >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk" >>>>>>> >>>>>>> which appear to be at least some of the German and Spanish report >>>>>>> texts. >>>>>>> >>>>>>> Cheers, Achim >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>> >>>>> -- >>>>> Achim J. Latz, Qustodium Internet Security >>>>> achim.latz at qustodium.net ? http://www.qustodium.net >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner at Bandwidthco Computer Security is for your absolute protection. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner at Bandwidthco Computer Security is for your absolute protection. -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150213/6b78fd43/attachment.html From James.Nelson at vgt.net Fri Feb 13 20:34:32 2015 From: James.Nelson at vgt.net (James Nelson) Date: Fri, 13 Feb 2015 20:34:32 +0000 Subject: Filename Restrictions Not working Message-ID: Hello, I am having an issue where none of my filetype rules seem to be working. I can send a test message with something as clearly dangerous as a .bat or .scr file, and MailScanner allows it through regardless. My filetype.rules.conf and filename.rules.conf (and their archive counterparts) are in their default state, and my Mail.conf points to the rules files in %rules-dir% appropriate for each section. The rules files are tabbed properly, with a simple: FromOrTo: default /etc/MailScanner/filename.rules.conf No matter what I've tried, MailScanner still allows everything through, even if I explicitly deny a file type in Mail.conf (without using a ruleset). Any suggestions? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150213/49cd0b8c/attachment.html From jeremy at fluxlabs.net Fri Feb 13 20:51:06 2015 From: jeremy at fluxlabs.net (Jeremy McSpadden) Date: Fri, 13 Feb 2015 20:51:06 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: <1F517C6E-574B-4798-8E12-23D2E42F95C5@fluxlabs.net> Show us your rules file. -- Jeremy McSpadden Flux Labs | http://www.fluxlabs.net | Endless Solutions Office : 850-250-5590x501 | Cell : 850-890-2543 | Fax : 850-254-2955 On Feb 13, 2015, at 2:45 PM, James Nelson > wrote: Hello, I am having an issue where none of my filetype rules seem to be working. I can send a test message with something as clearly dangerous as a .bat or .scr file, and MailScanner allows it through regardless. My filetype.rules.conf and filename.rules.conf (and their archive counterparts) are in their default state, and my Mail.conf points to the rules files in %rules-dir% appropriate for each section. The rules files are tabbed properly, with a simple: FromOrTo: default /etc/MailScanner/filename.rules.conf No matter what I've tried, MailScanner still allows everything through, even if I explicitly deny a file type in Mail.conf (without using a ruleset). Any suggestions? -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150213/845b3e45/attachment.html From James.Nelson at vgt.net Fri Feb 13 21:54:02 2015 From: James.Nelson at vgt.net (James Nelson) Date: Fri, 13 Feb 2015 21:54:02 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: <97fb4dff514549e89b66f24e56a61369@VGTMAIL1.vgt.net> Additional details: Running on CentOS 6.6, MTA is Postfix. I've covered all of the settings in MailScanner.conf that seem to be pertinent-scanning is enabled, proper location for /usr/bin/file, which I can run against the files being allowed through, to the expected result. If I run a MailScanner -lint , I don't see any mention made of the attachment rules being read, but that may be by design. filename.rules.conf # # NOTE: Fields are separated by TAB characters --- Important! # # Syntax is allow/deny/deny+delete/rename/rename to replacement-text/email-addresses, # then regular expression, # then log text, # then user report text. # # The "email-addresses" can be a space or comma-separated list of email # addresses. If the rule hits, the message will be sent to these address(es) # instead of the original recipients. # If a rule is a "rename" rule, then the attachment filename will be renamed # according to the "Default Rename Pattern" setting in MailScanner.conf. # If a rule is a "rename" rule and the "to replacement-text" is supplied, then # the text matched by the regular expression in the 2nd field of the line # will be replaced with the "replacement-text" string. # For example, the rule # rename to .ppt \.pps$ Renamed .pps to .ppt Renamed .pps to .ppt # will find all filenames ending in ".pps" and rename them so they end in # ".ppt" instead. # Due to a bug in Outlook Express, you can make the 2nd from last extension # be what is used to run the file. So very long filenames must be denied, # regardless of the final extension. deny .{150,} Very long filename, possible OE attack Very long filenames are good signs of attacks against Microsoft e-mail packages # JKF 10/08/2007 Adobe Acrobat nastiness rename \.fdf$ Dangerous Adobe Acrobat data-file Opening this file can cause auto-loading of any file from the internet # JKF 04/01/2005 More Microsoft security vulnerabilities deny \.ico$ Windows icon file security vulnerability Possible buffer overflow in Windows deny \.ani$ Windows animated cursor file security vulnerability Possible buffer overflow in Windows deny \.cur$ Windows cursor file security vulnerability Possible buffer overflow in Windows #deny \.hlp$ Windows help file security vulnerability Possible buffer overflow in Windows # These 4 are well known viruses. deny pretty\s+park\.exe$ "Pretty Park" virus "Pretty Park" virus deny happy99\.exe$ "Happy" virus "Happy" virus deny \.ceo$ WinEvar virus attachment Often used by the WinEvar virus deny webpage\.rar$ I-Worm.Yanker virus attachment Often used by the I-Worm.Yanker virus # JKF 08/07/2005 Several virus scanners may miss this one deny \.cab$ Possible malicious Microsoft cabinet file Cabinet files may hide viruses # These are in the archives which are Microsoft Office 2007 files (e.g. docx) allow \.xml\d*\.rel$ - - allow \.x\d+\.rel$ - - allow \.rtf$ - - # These are known to be mostly harmless. allow \.jpg$ - - allow \.gif$ - - # .url is arguably dangerous, but I can't just ban it... allow \.url$ - - allow \.vcf$ - - allow \.txt$ - - deny \.zip$ - - allow \.t?gz$ - - allow \.bz2$ - - allow \.Z$ - - allow \.rpm$ - - # PGP and GPG allow \.gpg$ - - allow \.pgp$ - - allow \.sig$ - - allow \.asc$ - - # Macintosh archives allow \.hqx$ - - allow \.sit.bin$ - - allow \.sea$ - - # Backup files allow \.bak$ - - # And TeX and LaTeX are harmless AFAIK allow \.tex$ - - # These are known to be dangerous in almost all cases. deny \.reg$ Possible Windows registry attack Windows registry entries are very dangerous in email deny \.chm$ Possible compiled Help file-based virus Compiled help files are very dangerous in email # See http://office.microsoft.com/2000/articles/Out2ksecFAQ.htm for more info. deny \.cnf$ Possible SpeedDial attack SpeedDials are very dangerous in email deny \.hta$ Possible Microsoft HTML archive attack HTML archives are very dangerous in email deny \.ins$ Possible Microsoft Internet Comm. Settings attack Windows Internet Settings are dangerous in email deny \.jse?$ Possible Microsoft JScript attack JScript Scripts are dangerous in email deny \.job$ Possible Microsoft Task Scheduler attack Task Scheduler requests are dangerous in email deny \.lnk$ Possible Eudora *.lnk security hole attack Eudora *.lnk security hole attack # Removed ".mat" from next line as widely used by Matlab deny \.ma[dfgmqrsvw]$ Possible Microsoft Access Shortcut attack Microsoft Access Shortcuts are dangerous in email deny \.pif$ Possible MS-Dos program shortcut attack Shortcuts to MS-Dos programs are very dangerous in email deny \.scf$ Possible Windows Explorer Command attack Windows Explorer Commands are dangerous in email deny \.sct$ Possible Microsoft Windows Script Component attack Windows Script Components are dangerous in email deny \.shb$ Possible document shortcut attack Shortcuts Into Documents are very dangerous in email deny \.shs$ Possible Shell Scrap Object attack Shell Scrap Objects are very dangerous in email deny \.vb[es]$ Possible Microsoft Visual Basic script attack Visual Basic Scripts are dangerous in email deny \.ws[cfh]$ Possible Microsoft Windows Script Host attack Windows Script Host files are dangerous in email deny \.xnk$ Possible Microsoft Exchange Shortcut attack Microsoft Exchange Shortcuts are dangerous in email # These are new dangerous attachment types according to Microsoft in # http://support.microsoft.com/?kbid=883260 deny \.cer$ Dangerous Security Certificate (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.its$ Dangerous Internet Document Set (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.mau$ Dangerous attachment type (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.md[az]$ Dangerous attachment type (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.prf$ Dangerous Outlook Profile Settings (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.pst$ Dangerous Office Data File (according to Microsoft) Dangerous attachment according to Microsoft Q883260 #deny \.tmp$ Dangerous Temporary File (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.vsmacros$ Dangerous Visual Studio Macros (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.vs[stw]$ Dangerous attachment type (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.ws$ Dangerous Windows Script (according to Microsoft) Dangerous attachment according to Microsoft Q883260 # These 2 added by popular demand - Very often used by viruses deny \.com$ Windows/DOS Executable Executable DOS/Windows programs are dangerous in email deny \.exe$ Windows/DOS Executable Executable DOS/Windows programs are dangerous in email # These are very dangerous and have been used to hide viruses deny \.scr$ Possible virus hidden in a screensaver Windows Screensavers are often used to hide viruses deny \.bat$ Possible malicious batch file script Batch files are often malicious deny \.cmd$ Possible malicious batch file script Batch files are often malicious deny \.cpl$ Possible malicious control panel item Control panel items are often used to hide viruses deny \.mhtml$ Possible Eudora meta-refresh attack MHTML files can be used in an attack against Eudora # Deny filenames containing CLSID's deny \{[a-hA-H0-9-]{25,}\} Filename trying to hide its real type Files containing CLSID's are trying to hide their real type # Deny filenames with lots of contiguous white space in them. deny \s{10,} Filename contains lots of white space A long gap in a name is often used to hide part of it # Allow repeated file extension, e.g. blah.zip.zip allow (\.[a-z0-9]{3})\1$ - - # Allow days of the week and months in doc names, e.g. blah.wed.doc allow \.(mon|tue|wed|thu|fri|sat|sun)\.[a-z0-9]{3}$ - - allow \.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$ - - # Deny all other double file extensions. This catches any hidden filenames. deny \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$ Found possible filename hiding Attempt to hide real filename extension filetype.rules.conf: # # NOTE: Fields are separated by TAB characters --- Important! # # Syntax is allow/deny/deny+delete/email-addresses, then regular expression, # then log text, then user report text. # # The "email-addresses" can be a space or comma-separated list of email # addresses. If the rule hits, the message will be sent to these address(es) # instead of the original recipients. # # If none of the rules match, then the filetype is allowed. # # An optional fifth field can also be added before the "log text", which # makes the checked text check against the MIME type of the attachment # as determined by the output of the "file -i" command. allow text - - allow \bscript - - allow archive - - allow postscript - - deny self-extract No self-extracting archives No self-extracting archives allowed deny executable No executables No programs allowed #EXAMPLE: deny - x-dosexec No DOS executables No DOS programs alloweddeny ELF No executables No programs allowed deny Registry No Windows Registry entries No Windows Registry files allowed #deny MPEG No MPEG movies No MPEG movies allowed #deny AVI No AVI movies No AVI movies allowed #deny MNG No MNG/PNG movies No MNG movies allowed #deny QuickTime No QuickTime movies No QuickTime movies allowed #deny ASF No Windows media No Windows media files allowed #deny metafont No Windows Metafont drawings No WMF drawings allowed From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of James Nelson Sent: Friday, February 13, 2015 2:35 PM To: mailscanner at lists.mailscanner.info Subject: Filename Restrictions Not working Hello, I am having an issue where none of my filetype rules seem to be working. I can send a test message with something as clearly dangerous as a .bat or .scr file, and MailScanner allows it through regardless. My filetype.rules.conf and filename.rules.conf (and their archive counterparts) are in their default state, and my Mail.conf points to the rules files in %rules-dir% appropriate for each section. The rules files are tabbed properly, with a simple: FromOrTo: default /etc/MailScanner/filename.rules.conf No matter what I've tried, MailScanner still allows everything through, even if I explicitly deny a file type in Mail.conf (without using a ruleset). Any suggestions? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150213/faa16c5f/attachment-0001.html From kevin.miller at juneau.org Fri Feb 13 22:31:45 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Fri, 13 Feb 2015 22:31:45 +0000 Subject: Filename Restrictions Not working In-Reply-To: <97fb4dff514549e89b66f24e56a61369@VGTMAIL1.vgt.net> References: <97fb4dff514549e89b66f24e56a61369@VGTMAIL1.vgt.net> Message-ID: <655c42af65314346a6a9bac9dd98ffe7@City-Exch-DB1.cbj.local> Just a swag, but you've stopped the Postfix daemon and took it out of the startup config, right? I use sendmail, not Postfix (yet), but sometimes an upgrade would put sendmail back into the startup routines, and I'd have mail coming in via sendmail that bypasses MailScanner. It may not be the case here, but easy enough to double-check... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of James Nelson Sent: Friday, February 13, 2015 12:54 PM To: MailScanner discussion Subject: RE: Filename Restrictions Not working Additional details: Running on CentOS 6.6, MTA is Postfix. I've covered all of the settings in MailScanner.conf that seem to be pertinent-scanning is enabled, proper location for /usr/bin/file, which I can run against the files being allowed through, to the expected result. If I run a MailScanner -lint , I don't see any mention made of the attachment rules being read, but that may be by design. filename.rules.conf # # NOTE: Fields are separated by TAB characters --- Important! # # Syntax is allow/deny/deny+delete/rename/rename to replacement-text/email-addresses, # then regular expression, # then log text, # then user report text. # # The "email-addresses" can be a space or comma-separated list of email # addresses. If the rule hits, the message will be sent to these address(es) # instead of the original recipients. # If a rule is a "rename" rule, then the attachment filename will be renamed # according to the "Default Rename Pattern" setting in MailScanner.conf. # If a rule is a "rename" rule and the "to replacement-text" is supplied, then # the text matched by the regular expression in the 2nd field of the line # will be replaced with the "replacement-text" string. # For example, the rule # rename to .ppt \.pps$ Renamed .pps to .ppt Renamed .pps to .ppt # will find all filenames ending in ".pps" and rename them so they end in # ".ppt" instead. # Due to a bug in Outlook Express, you can make the 2nd from last extension # be what is used to run the file. So very long filenames must be denied, # regardless of the final extension. deny .{150,} Very long filename, possible OE attack Very long filenames are good signs of attacks against Microsoft e-mail packages # JKF 10/08/2007 Adobe Acrobat nastiness rename \.fdf$ Dangerous Adobe Acrobat data-file Opening this file can cause auto-loading of any file from the internet # JKF 04/01/2005 More Microsoft security vulnerabilities deny \.ico$ Windows icon file security vulnerability Possible buffer overflow in Windows deny \.ani$ Windows animated cursor file security vulnerability Possible buffer overflow in Windows deny \.cur$ Windows cursor file security vulnerability Possible buffer overflow in Windows #deny \.hlp$ Windows help file security vulnerability Possible buffer overflow in Windows # These 4 are well known viruses. deny pretty\s+park\.exe$ "Pretty Park" virus "Pretty Park" virus deny happy99\.exe$ "Happy" virus "Happy" virus deny \.ceo$ WinEvar virus attachment Often used by the WinEvar virus deny webpage\.rar$ I-Worm.Yanker virus attachment Often used by the I-Worm.Yanker virus # JKF 08/07/2005 Several virus scanners may miss this one deny \.cab$ Possible malicious Microsoft cabinet file Cabinet files may hide viruses # These are in the archives which are Microsoft Office 2007 files (e.g. docx) allow \.xml\d*\.rel$ - - allow \.x\d+\.rel$ - - allow \.rtf$ - - # These are known to be mostly harmless. allow \.jpg$ - - allow \.gif$ - - # .url is arguably dangerous, but I can't just ban it... allow \.url$ - - allow \.vcf$ - - allow \.txt$ - - deny \.zip$ - - allow \.t?gz$ - - allow \.bz2$ - - allow \.Z$ - - allow \.rpm$ - - # PGP and GPG allow \.gpg$ - - allow \.pgp$ - - allow \.sig$ - - allow \.asc$ - - # Macintosh archives allow \.hqx$ - - allow \.sit.bin$ - - allow \.sea$ - - # Backup files allow \.bak$ - - # And TeX and LaTeX are harmless AFAIK allow \.tex$ - - # These are known to be dangerous in almost all cases. deny \.reg$ Possible Windows registry attack Windows registry entries are very dangerous in email deny \.chm$ Possible compiled Help file-based virus Compiled help files are very dangerous in email # See http://office.microsoft.com/2000/articles/Out2ksecFAQ.htm for more info. deny \.cnf$ Possible SpeedDial attack SpeedDials are very dangerous in email deny \.hta$ Possible Microsoft HTML archive attack HTML archives are very dangerous in email deny \.ins$ Possible Microsoft Internet Comm. Settings attack Windows Internet Settings are dangerous in email deny \.jse?$ Possible Microsoft JScript attack JScript Scripts are dangerous in email deny \.job$ Possible Microsoft Task Scheduler attack Task Scheduler requests are dangerous in email deny \.lnk$ Possible Eudora *.lnk security hole attack Eudora *.lnk security hole attack # Removed ".mat" from next line as widely used by Matlab deny \.ma[dfgmqrsvw]$ Possible Microsoft Access Shortcut attack Microsoft Access Shortcuts are dangerous in email deny \.pif$ Possible MS-Dos program shortcut attack Shortcuts to MS-Dos programs are very dangerous in email deny \.scf$ Possible Windows Explorer Command attack Windows Explorer Commands are dangerous in email deny \.sct$ Possible Microsoft Windows Script Component attack Windows Script Components are dangerous in email deny \.shb$ Possible document shortcut attack Shortcuts Into Documents are very dangerous in email deny \.shs$ Possible Shell Scrap Object attack Shell Scrap Objects are very dangerous in email deny \.vb[es]$ Possible Microsoft Visual Basic script attack Visual Basic Scripts are dangerous in email deny \.ws[cfh]$ Possible Microsoft Windows Script Host attack Windows Script Host files are dangerous in email deny \.xnk$ Possible Microsoft Exchange Shortcut attack Microsoft Exchange Shortcuts are dangerous in email # These are new dangerous attachment types according to Microsoft in # http://support.microsoft.com/?kbid=883260 deny \.cer$ Dangerous Security Certificate (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.its$ Dangerous Internet Document Set (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.mau$ Dangerous attachment type (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.md[az]$ Dangerous attachment type (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.prf$ Dangerous Outlook Profile Settings (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.pst$ Dangerous Office Data File (according to Microsoft) Dangerous attachment according to Microsoft Q883260 #deny \.tmp$ Dangerous Temporary File (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.vsmacros$ Dangerous Visual Studio Macros (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.vs[stw]$ Dangerous attachment type (according to Microsoft) Dangerous attachment according to Microsoft Q883260 deny \.ws$ Dangerous Windows Script (according to Microsoft) Dangerous attachment according to Microsoft Q883260 # These 2 added by popular demand - Very often used by viruses deny \.com$ Windows/DOS Executable Executable DOS/Windows programs are dangerous in email deny \.exe$ Windows/DOS Executable Executable DOS/Windows programs are dangerous in email # These are very dangerous and have been used to hide viruses deny \.scr$ Possible virus hidden in a screensaver Windows Screensavers are often used to hide viruses deny \.bat$ Possible malicious batch file script Batch files are often malicious deny \.cmd$ Possible malicious batch file script Batch files are often malicious deny \.cpl$ Possible malicious control panel item Control panel items are often used to hide viruses deny \.mhtml$ Possible Eudora meta-refresh attack MHTML files can be used in an attack against Eudora # Deny filenames containing CLSID's deny \{[a-hA-H0-9-]{25,}\} Filename trying to hide its real type Files containing CLSID's are trying to hide their real type # Deny filenames with lots of contiguous white space in them. deny \s{10,} Filename contains lots of white space A long gap in a name is often used to hide part of it # Allow repeated file extension, e.g. blah.zip.zip allow (\.[a-z0-9]{3})\1$ - - # Allow days of the week and months in doc names, e.g. blah.wed.doc allow \.(mon|tue|wed|thu|fri|sat|sun)\.[a-z0-9]{3}$ - - allow \.(jan|feb|mar|apr|may|jun|june|jul|july|aug|sep|sept|oct|nov|dec)\.[a-z0-9]{3}$ - - # Deny all other double file extensions. This catches any hidden filenames. deny \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$ Found possible filename hiding Attempt to hide real filename extension filetype.rules.conf: # # NOTE: Fields are separated by TAB characters --- Important! # # Syntax is allow/deny/deny+delete/email-addresses, then regular expression, # then log text, then user report text. # # The "email-addresses" can be a space or comma-separated list of email # addresses. If the rule hits, the message will be sent to these address(es) # instead of the original recipients. # # If none of the rules match, then the filetype is allowed. # # An optional fifth field can also be added before the "log text", which # makes the checked text check against the MIME type of the attachment # as determined by the output of the "file -i" command. allow text - - allow \bscript - - allow archive - - allow postscript - - deny self-extract No self-extracting archives No self-extracting archives allowed deny executable No executables No programs allowed #EXAMPLE: deny - x-dosexec No DOS executables No DOS programs alloweddeny ELF No executables No programs allowed deny Registry No Windows Registry entries No Windows Registry files allowed #deny MPEG No MPEG movies No MPEG movies allowed #deny AVI No AVI movies No AVI movies allowed #deny MNG No MNG/PNG movies No MNG movies allowed #deny QuickTime No QuickTime movies No QuickTime movies allowed #deny ASF No Windows media No Windows media files allowed #deny metafont No Windows Metafont drawings No WMF drawings allowed From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of James Nelson Sent: Friday, February 13, 2015 2:35 PM To: mailscanner at lists.mailscanner.info Subject: Filename Restrictions Not working Hello, I am having an issue where none of my filetype rules seem to be working. I can send a test message with something as clearly dangerous as a .bat or .scr file, and MailScanner allows it through regardless. My filetype.rules.conf and filename.rules.conf (and their archive counterparts) are in their default state, and my Mail.conf points to the rules files in %rules-dir% appropriate for each section. The rules files are tabbed properly, with a simple: FromOrTo: default /etc/MailScanner/filename.rules.conf No matter what I've tried, MailScanner still allows everything through, even if I explicitly deny a file type in Mail.conf (without using a ruleset). Any suggestions? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150213/80fa08dd/attachment.html From jerry.benton at mailborder.com Sat Feb 14 07:20:53 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 14 Feb 2015 02:20:53 -0500 Subject: MailScanner v4.85.1-1 In-Reply-To: <7830505737db49e79fd44b83b214a678@City-Exch-DB1.cbj.local> References: <54D145B9.1050308@qustodium.net> <54D24941.7070702@qustodium.net> <970FC6B4-5A71-4BA4-8688-60C530B4FF50@mailborder.com> <54D30DCA.5010007@huntley.net> <27F3D7A99E7B7F449005017F90623A833A80E9E7@server7.bandwidthco.com> <158E13DD-1DA0-4E2B-96B2-DDC2B7CD07DC@mailborder.com> <7830505737db49e79fd44b83b214a678@City-Exch-DB1.cbj.local> Message-ID: <671B028F-B693-466C-AE12-A63341AF9EDA@mailborder.com> I should have the beta out to this list soon. I have a functioning rpm and install script that works on RHEL 5,6,7. I just need to do some polishing and final testing. I want to run some more tests on RHEL 5,6 (32 and 64 bit) and RHEL 7. After the beta release and after I get feedback from public testing I will make any required adjustments I will post if for public release. There is one open issue that I have not had time to address in time for this release, which is Postfix FIFO vs UNIX. Postfix is using the latter now and it doesn?t work with MailScanner. The bandaid is to change your Postfix settings back to FIFO. If someone knows of a fix for the Postfix.pm, please share it to save me some work. If a fix doesn?t make this release, I will work on it later and put it into 4.85.2. - Jerry Benton www.mailborder.com > On Feb 13, 2015, at 1:15 PM, Kevin Miller wrote: > > Whenever you?re ready for a crash test dummy to give it a try let me know. I?m happy to add a repo source to the new box I?m building, or I can just run the rpm when you have it built and accessible. It?s a brand new box, so the risk is minimal on my side. I already have most of the perl modules installed but no matter. It?ll just be somewhere between a new install and an update? > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 > Registered Linux User No: 307357 > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info ] On Behalf Of Jerry Benton > Sent: Wednesday, February 11, 2015 1:38 AM > To: MailScanner discussion > Subject: Re: MailScanner v4.85.1-1 > > Found a solution. I created an RPM from the source. So I will add a menu option in the install script that will install it if it is not found. (After trying to install it via yum.) I will of course test it ? blah blah blah ? > > > - > Jerry Benton > www.mailborder.com > > > > On Feb 11, 2015, at 1:20 AM, Jerry Benton > wrote: > > Ok, I am done with the RPM installer except for one problem: tnef > > It is not present in base or EPEL. Jules has this listed as a dependency on the MailScanner RPM, and I would prefer to have this binary available. So ... > > Option 1: Download and build it from source during the installation. Source is here: http://sourceforge.net/projects/tnef/files/ This would be easy to do. It would also be an option for you user to select yes or no to do this during the installation. > > Option 2: Find a reliable src rpm and build that. However, I have not been able to find one that is not broken in some way as most are for FC22, which causes problems on stable platforms like RHEL and COS. If you have one (that will also work on RHEL5) let me know. > > Option 3: Find a regular rpm (two of them for 32 and 64 bit) that can be used in the installer and install from that. This would also be easy. The hard part is finding the RPMs. need EL5, EL6, and EL7 > > Option 4: You tell me. > > > From my options here, building from source is the easiest route with the most predictable outcome, but RPM remains the most preferred method. > > - > Jerry Benton > www.mailborder.com > > > > On Feb 6, 2015, at 10:51 PM, Alex Neuman > wrote: > > Better to do a 551 so it bounces; less load on the server and less bandwidth waste. > > Also, there are scripts to feed it to spamcop as well IIRC. > > > > Alex Neuman van der Hans > Reliant Technologies / Vida Digital > http://vidadigital.com.pa/ > > Mobile: +507 6781-9505 > Work: MailScanner has detected a possible fraud attempt from "+5078326725" claiming to be?+507 832-6725 > Work (USA): +1 (440) 253-9789 > Skype: AlexNeuman > > Don't miss Vida Digital on LiveStream ! > Saturdays 8am-10am on M?xima 91.7FM Panama > > Follow @AlexNeuman on Twitter > Like Vida Digital on Facebook > Follow VidaDigital on Instagram > Subscribe to Vida Digital on Youtube > > On Fri, Feb 6, 2015 at 3:44 PM, Mark E. Donaldson > wrote: > nick.z.edwards at gmail.com discard > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info ] On Behalf Of Alex Neuman > Sent: Thursday, February 05, 2015 7:27 AM > To: MailScanner discussion > Subject: Re: MailScanner v4.85.1-1 > > I put mine at /etc/mail/access > On Feb 5, 2015 2:36 AM, "Michael Huntley" > wrote: > I have a new rule: From: nick.z.edwards at gmail.com -> /dev/null . > > No need for this lack of professionalism and civility. > > m > > On 2/4/2015 9:59 PM, Nick Edwards wrote: > > So you're admitting the script that does this has zero intelligence? > > > > you are clearly stopping facebook from being added, so you have /some/ > > mechanisms in place. > > > > if you dont, send to the mailing list the script that does it all, I, > > and/or others, can then fix it up by sending you patches, you can then > > decide what one you want to include. at present we have in house mass > > perl subs to stop your scripts adding everyone but farkbook. > > > > > > > > > > On 2/5/15, Jerry Benton > wrote: > >> Well Nick, write something better to contribute to the project if you don't > >> like the Mailborder list. No one is making you use that list. So get off > >> your ass and put your obvious elite skills to work and build something > >> better for everyone to use. > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> > >> > >> > >>> On Feb 4, 2015, at 6:53 PM, Nick Edwards > > >>> wrote: > >>> > >>> and what phishing.bad.sites.conf will it contain? > >>> > >>> The one from mailborder is completely stupidly anal and utterly over > >>> encompassing with listing stuff like t.co and bit.ly , tiny url and > >>> wp.me and so on, funny though, mailborder must be in love with > >>> facebook, because that cesspit of a place fb.me hasnt seemingly been > >>> listed, though everyone else has. > >>> > >>> I'm gettin sick of writing rewrite rules to stop this over zelous mass > >>> blanket anally retentive listings. > >>> > >>> If they want people to use it, be bloody sensible about it. alsmost > >>> reminds me of that old extinct rbl, orbs wasn't it? the one that saw > >>> some spam from one ip address result in listing the entire /16 > >>> netblocks... jesus... it not rocket science, you need to work in > >>> proportions before you go dumb arse and block an entire heavily used > >>> mostly by decent innocent people, full domain. > >>> > >>> > >>> On 2/5/15, Jerry Benton > wrote: > >>>> Ok I will take another look. Apparently I only did the plain text items. > >>>> > >>>> - > >>>> Jerry Benton > >>>> www.mailborder.com > >>>> > >>>> > >>>> > >>>>> On Feb 4, 2015, at 11:30 AM, Achim J. Latz > >>>>> > > >>>>> wrote: > >>>>> > >>>>> Cheers Jerry! > >>>>> > >>>>> Only the following ones are still there: > >>>>> > >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
Mae MailScanner yn > >>>>> diolch i gwmni transtec > >>>>> Computers am ei gymorth. > >>>>> > >>>>> mailscanner/etc/reports/cy+en/inline.sig.html:
MailScanner > >>>>> thanks transtec Computers for > >>>>> their support. > >>>>> > >>>>> mailscanner/etc/reports/de/inline.sig.html:
MailScanner dankt >>>>> href="http://www.transtec.de/ ">transtec f?r die freundliche > >>>>> Unterst?tzung. > >>>>> > >>>>> mailscanner/etc/reports/es/inline.sig.html:
MailScanner agradece a > >>>>> transtec Computers por su > >>>>> apoyo. > >>>>> > >>>>> mailscanner/etc/reports/fr/inline.sig.html:
MailScanner remercie > >>>>> >>>>> href="http://www.transtec.fr/ ">transtec pour son soutien. > >>>>> > >>>>> mailscanner/etc/reports/hu/inline.sig.html:
A MailScanner koszoni > >>>>> a > >>>>> transtec Computers > >>>>> tamogatasat. > >>>>> > >>>>> Best regards, Achim > >>>>> > >>>>> On 03/02/2015 23:45, Jerry Benton wrote: > >>>>>> Done. > >>>>>> > >>>>>> - > >>>>>> Jerry Benton > >>>>>> www.mailborder.com > >>>>>> > >>>>>> > >>>>>> > >>>>>>> On Feb 3, 2015, at 5:03 PM, Achim J. Latz > >>>>>>> > wrote: > >>>>>>> > >>>>>>> Hello Jerry: > >>>>>>> > >>>>>>> On 03/02/2015 22:07, Jerry Benton wrote: > >>>>>>>> I have updated the change log on github to reflect the changes since > >>>>>>>> the last version. Jules sent me his entire development environment a > >>>>>>>> while back. I am working on a new build now. I will need to test it > >>>>>>>> before release. I will try to have it out to this list next week for > >>>>>>>> a > >>>>>>>> sanity check. Once I (and others) have confirmed I have not screwed > >>>>>>>> it > >>>>>>>> up I will post it on the website. > >>>>>>>> > >>>>>>>> https://github.com/MailScanner/v4/blob/master/ChangeLog > >>>>>>> > >>>>>>> Thanks for including my updated Spanish translation I had sent do the > >>>>>>> Baruwa project. > >>>>>>> > >>>>>>> At the same time, I believe that it would be also correct to remove > >>>>>>> all > >>>>>>> the footers that contain this text: > >>>>>>> > >>>>>>> "For all your IT requirements visit: http://www.transtec.co.uk " > >>>>>>> > >>>>>>> which appear to be at least some of the German and Spanish report > >>>>>>> texts. > >>>>>>> > >>>>>>> Cheers, Achim > >>>>>>> -- > >>>>>>> MailScanner mailing list > >>>>>>> mailscanner at lists.mailscanner.info > >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>>>>> > >>>>>>> Before posting, read http://wiki.mailscanner.info/posting > >>>>>>> > >>>>>>> Support MailScanner development - buy the book off the website! > >>>>> > >>>>> -- > >>>>> Achim J. Latz, Qustodium Internet Security > >>>>> achim.latz at qustodium.net ? http://www.qustodium.net > >>>>> Data Encryption ? Backup Automatisation ? E-Mail Protection > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>>> > >>>>> Before posting, read http://wiki.mailscanner.info/posting > >>>>> > >>>>> Support MailScanner development - buy the book off the website! > >>>> -- > >>>> MailScanner mailing list > >>>> mailscanner at lists.mailscanner.info > >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>>> > >>>> Before posting, read http://wiki.mailscanner.info/posting > >>>> > >>>> Support MailScanner development - buy the book off the website! > >>>> > >>> -- > >>> MailScanner mailing list > >>> mailscanner at lists.mailscanner.info > >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >>> > >>> Before posting, read http://wiki.mailscanner.info/posting > >>> > >>> Support MailScanner development - buy the book off the website! > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >> > >> Before posting, read http://wiki.mailscanner.info/posting > >> > >> Support MailScanner development - buy the book off the website! > >> > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > -- > This message has been scanned for viruses and dangerous > content by MailScanner , and is believed to be clean. > MailScanner at Bandwidthco Computer Security is for your absolute protection. > > -- > This message has been scanned for viruses and dangerous > content by MailScanner , and is believed to be clean. > MailScanner at Bandwidthco Computer Security is for your absolute protection. > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150214/bbabbe97/attachment-0001.html From jerry.benton at mailborder.com Sun Feb 15 10:05:59 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sun, 15 Feb 2015 05:05:59 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available Message-ID: After an absurd amount of face-palming over two weeks: https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz Note: This is beta! If you install on on a production box, that?s on you. Please give me feedback via this list if you test this build. It is built for RHEL 5,6,7 and tested on CentOS 32 and 64 bit (Except for EL7 of course.) I built the installer to use the Yum package manger as much as possible. - Order of install priority is Base > EPEL > Custom RPM > CPAN (All based on the options you select.) - For RHEL 6 the dependencies are fulfilled 100% by yum if you elect to use EPEL. - For RHEL 5 only tnef is missing via yum when using EPEL. The installer gives the option to install an RPM package I built from source if it can?t find tnef after trying to install it with yum. - For RHEL 7 tnef, perl-Filesys-Df, and perl-Sys-Hostname-Long and not available in base or EPEL. You are given the option to install these via RPMs after the installer tries to install them using yum. Tnef was built by me from source and the others were built by other people. From what I tested they seem to work fine. - You can elect to not install perl-Filesys-Df and perl-Sys-Hostname-Long from these RPMs and they will be installed via CPAN if you want to do that. - If you elect to install missing modules via CPAN, ?nodeps will be used when installing the MailScanner RPM. This is because rpm?s auto require does not recognize things not installed via RPM. So, for example, even if Filesys::Df is installed and available to perl because the installer used CPAN to install it, the rpm installer doesn?t see it. - The last released version of MailScanner had 2 dependencies attached to the RPM: perl and perl-MIME-Tools. This version has 85 dependencies attached to the RPM. Why? Glad you asked ? I poured over all of the MailScanner source code. If a perl module is used in the code I made it a dependency. (Many are included with the base perl package.) If an optional module like Mail::ClamAV is available, its dependency was added, which would be openssl-devel and Inline::C in the case of Mail::ClamAV. - Using ClamAV as an example again ? The installer will ask if you want to install ClamAV, but only if you elect to use EPEL. (Not available in base.) If you elect to install ClamAV the installer will check for the perl module Mail::ClamAV, which is used by MailScanner if you are using ClamAV. The installer will check to see if it is installed. If not, it goes through the Base > EPEL > Custom > CPAN routine of installing it. The same is true for Mail::SpamAssassin if you elect to install spamassassin. I have already completed the tarball source for the next version, but I want to go over it again. SuSE after that. After that I will work on the Debian package. FreeBSD guys, you are on your own :) - Jerry Benton www.mailborder.com From joh.hendriks at gmail.com Sun Feb 15 10:43:06 2015 From: joh.hendriks at gmail.com (Johan Hendriks) Date: Sun, 15 Feb 2015 11:43:06 +0100 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: Message-ID: I will try the source on FreeBSD maybe later next week. I am not a developer, but will try to make it run. Why are we always left in the cold. :-) FreeBSD is so nice to work with. Op 15 feb. 2015 11:35 schreef "Jerry Benton" : > After an absurd amount of face-palming over two weeks: > > https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz > > Note: This is beta! If you install on on a production box, that?s on you. > > > Please give me feedback via this list if you test this build. It is built > for RHEL 5,6,7 and tested on CentOS 32 and 64 bit (Except for EL7 of > course.) I built the installer to use the Yum package manger as much as > possible. > > - Order of install priority is Base > EPEL > Custom RPM > CPAN (All based > on the options you select.) > - For RHEL 6 the dependencies are fulfilled 100% by yum if you elect to > use EPEL. > - For RHEL 5 only tnef is missing via yum when using EPEL. The installer > gives the option to install an RPM package I built from source if it can?t > find tnef after trying to install it with yum. > - For RHEL 7 tnef, perl-Filesys-Df, and perl-Sys-Hostname-Long and not > available in base or EPEL. You are given the option to install these via > RPMs after the installer tries to install them using yum. Tnef was built by > me from source and the others were built by other people. From what I > tested they seem to work fine. > - You can elect to not install perl-Filesys-Df and perl-Sys-Hostname-Long > from these RPMs and they will be installed via CPAN if you want to do that. > - If you elect to install missing modules via CPAN, ?nodeps will be used > when installing the MailScanner RPM. This is because rpm?s auto require > does not recognize things not installed via RPM. So, for example, even if > Filesys::Df is installed and available to perl because the installer used > CPAN to install it, the rpm installer doesn?t see it. > - The last released version of MailScanner had 2 dependencies attached to > the RPM: perl and perl-MIME-Tools. This version has 85 dependencies > attached to the RPM. Why? Glad you asked ? I poured over all of the > MailScanner source code. If a perl module is used in the code I made it a > dependency. (Many are included with the base perl package.) If an optional > module like Mail::ClamAV is available, its dependency was added, which > would be openssl-devel and Inline::C in the case of Mail::ClamAV. > - Using ClamAV as an example again ? The installer will ask if you want to > install ClamAV, but only if you elect to use EPEL. (Not available in base.) > If you elect to install ClamAV the installer will check for the perl module > Mail::ClamAV, which is used by MailScanner if you are using ClamAV. The > installer will check to see if it is installed. If not, it goes through the > Base > EPEL > Custom > CPAN routine of installing it. The same is true for > Mail::SpamAssassin if you elect to install spamassassin. > > > I have already completed the tarball source for the next version, but I > want to go over it again. SuSE after that. After that I will work on the > Debian package. FreeBSD guys, you are on your own :) > > - > Jerry Benton > www.mailborder.com > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150215/9627153d/attachment.html From joh.hendriks at gmail.com Sun Feb 15 10:45:42 2015 From: joh.hendriks at gmail.com (Johan Hendriks) Date: Sun, 15 Feb 2015 11:45:42 +0100 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: Message-ID: Sorry forget to ask. Where can I find the tarball? Op 15 feb. 2015 11:35 schreef "Jerry Benton" : > After an absurd amount of face-palming over two weeks: > > https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz > > Note: This is beta! If you install on on a production box, that?s on you. > > > Please give me feedback via this list if you test this build. It is built > for RHEL 5,6,7 and tested on CentOS 32 and 64 bit (Except for EL7 of > course.) I built the installer to use the Yum package manger as much as > possible. > > - Order of install priority is Base > EPEL > Custom RPM > CPAN (All based > on the options you select.) > - For RHEL 6 the dependencies are fulfilled 100% by yum if you elect to > use EPEL. > - For RHEL 5 only tnef is missing via yum when using EPEL. The installer > gives the option to install an RPM package I built from source if it can?t > find tnef after trying to install it with yum. > - For RHEL 7 tnef, perl-Filesys-Df, and perl-Sys-Hostname-Long and not > available in base or EPEL. You are given the option to install these via > RPMs after the installer tries to install them using yum. Tnef was built by > me from source and the others were built by other people. From what I > tested they seem to work fine. > - You can elect to not install perl-Filesys-Df and perl-Sys-Hostname-Long > from these RPMs and they will be installed via CPAN if you want to do that. > - If you elect to install missing modules via CPAN, ?nodeps will be used > when installing the MailScanner RPM. This is because rpm?s auto require > does not recognize things not installed via RPM. So, for example, even if > Filesys::Df is installed and available to perl because the installer used > CPAN to install it, the rpm installer doesn?t see it. > - The last released version of MailScanner had 2 dependencies attached to > the RPM: perl and perl-MIME-Tools. This version has 85 dependencies > attached to the RPM. Why? Glad you asked ? I poured over all of the > MailScanner source code. If a perl module is used in the code I made it a > dependency. (Many are included with the base perl package.) If an optional > module like Mail::ClamAV is available, its dependency was added, which > would be openssl-devel and Inline::C in the case of Mail::ClamAV. > - Using ClamAV as an example again ? The installer will ask if you want to > install ClamAV, but only if you elect to use EPEL. (Not available in base.) > If you elect to install ClamAV the installer will check for the perl module > Mail::ClamAV, which is used by MailScanner if you are using ClamAV. The > installer will check to see if it is installed. If not, it goes through the > Base > EPEL > Custom > CPAN routine of installing it. The same is true for > Mail::SpamAssassin if you elect to install spamassassin. > > > I have already completed the tarball source for the next version, but I > want to go over it again. SuSE after that. After that I will work on the > Debian package. FreeBSD guys, you are on your own :) > > - > Jerry Benton > www.mailborder.com > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150215/640e1933/attachment.html From jerry.benton at mailborder.com Sun Feb 15 11:22:45 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sun, 15 Feb 2015 06:22:45 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: Message-ID: Johan, Not released yet. I want to work on it some more and double check it. - Jerry Benton www.mailborder.com > On Feb 15, 2015, at 5:45 AM, Johan Hendriks wrote: > > Sorry forget to ask. > Where can I find the tarball? > > Op 15 feb. 2015 11:35 schreef "Jerry Benton" >: > After an absurd amount of face-palming over two weeks: > > https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz > > Note: This is beta! If you install on on a production box, that?s on you. > > > Please give me feedback via this list if you test this build. It is built for RHEL 5,6,7 and tested on CentOS 32 and 64 bit (Except for EL7 of course.) I built the installer to use the Yum package manger as much as possible. > > - Order of install priority is Base > EPEL > Custom RPM > CPAN (All based on the options you select.) > - For RHEL 6 the dependencies are fulfilled 100% by yum if you elect to use EPEL. > - For RHEL 5 only tnef is missing via yum when using EPEL. The installer gives the option to install an RPM package I built from source if it can?t find tnef after trying to install it with yum. > - For RHEL 7 tnef, perl-Filesys-Df, and perl-Sys-Hostname-Long and not available in base or EPEL. You are given the option to install these via RPMs after the installer tries to install them using yum. Tnef was built by me from source and the others were built by other people. From what I tested they seem to work fine. > - You can elect to not install perl-Filesys-Df and perl-Sys-Hostname-Long from these RPMs and they will be installed via CPAN if you want to do that. > - If you elect to install missing modules via CPAN, ?nodeps will be used when installing the MailScanner RPM. This is because rpm?s auto require does not recognize things not installed via RPM. So, for example, even if Filesys::Df is installed and available to perl because the installer used CPAN to install it, the rpm installer doesn?t see it. > - The last released version of MailScanner had 2 dependencies attached to the RPM: perl and perl-MIME-Tools. This version has 85 dependencies attached to the RPM. Why? Glad you asked ? I poured over all of the MailScanner source code. If a perl module is used in the code I made it a dependency. (Many are included with the base perl package.) If an optional module like Mail::ClamAV is available, its dependency was added, which would be openssl-devel and Inline::C in the case of Mail::ClamAV. > - Using ClamAV as an example again ? The installer will ask if you want to install ClamAV, but only if you elect to use EPEL. (Not available in base.) If you elect to install ClamAV the installer will check for the perl module Mail::ClamAV, which is used by MailScanner if you are using ClamAV. The installer will check to see if it is installed. If not, it goes through the Base > EPEL > Custom > CPAN routine of installing it. The same is true for Mail::SpamAssassin if you elect to install spamassassin. > > > I have already completed the tarball source for the next version, but I want to go over it again. SuSE after that. After that I will work on the Debian package. FreeBSD guys, you are on your own :) > > - > Jerry Benton > www.mailborder.com > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150215/ddf2e8b1/attachment.html From ryan.virgo at gmail.com Mon Feb 16 07:51:41 2015 From: ryan.virgo at gmail.com (Ryan Braganza) Date: Mon, 16 Feb 2015 13:21:41 +0530 Subject: McAfee VirusScan Enterprise for Linux Message-ID: Can anyone let me know if McAfee VirusScan can be used with Mailscanner ? I have installed mcafee on my test server , the default install dir path is /opt/NAI/LinuxShield I have set the virus.scanners.conf as below for mcafee mcafee /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield But when I do a test scan using he wrapper I get the below o/p /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield /root/install.log /usr/lib/MailScanner/mcafee-wrapper: line 63: /opt/NAI/LinuxShield/uvscan: No such file or directory /usr/lib/MailScanner/mcafee-wrapper: line 63: exec: /opt/NAI/LinuxShield/uvscan: cannot execute: No such file or directory Its looking for uvscan ... any inputs? -- -------------------------------------------------------------------------------------------------------------------------------------- *?* *Race the rain, Ride the wind & Chase the sunset. Only a biker understands.**? * -------------------------------------------------------------------------------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150216/428ceb47/attachment.html From ryan.virgo at gmail.com Mon Feb 16 07:51:41 2015 From: ryan.virgo at gmail.com (Ryan Braganza) Date: Mon, 16 Feb 2015 13:21:41 +0530 Subject: McAfee VirusScan Enterprise for Linux Message-ID: Can anyone let me know if McAfee VirusScan can be used with Mailscanner ? I have installed mcafee on my test server , the default install dir path is /opt/NAI/LinuxShield I have set the virus.scanners.conf as below for mcafee mcafee /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield But when I do a test scan using he wrapper I get the below o/p /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield /root/install.log /usr/lib/MailScanner/mcafee-wrapper: line 63: /opt/NAI/LinuxShield/uvscan: No such file or directory /usr/lib/MailScanner/mcafee-wrapper: line 63: exec: /opt/NAI/LinuxShield/uvscan: cannot execute: No such file or directory Its looking for uvscan ... any inputs? -- -------------------------------------------------------------------------------------------------------------------------------------- *?* *Race the rain, Ride the wind & Chase the sunset. Only a biker understands.**? * -------------------------------------------------------------------------------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150216/428ceb47/attachment-0001.html From dudi at kolcore.com Mon Feb 16 10:44:04 2015 From: dudi at kolcore.com (Dudi Goldenberg) Date: Mon, 16 Feb 2015 10:44:04 +0000 Subject: McAfee VirusScan Enterprise for Linux In-Reply-To: References: Message-ID: Does /opt/NAI/LinuxShield/uvscan exist? Could be a permission issue. D. /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield /root/install.log /usr/lib/MailScanner/mcafee-wrapper: line 63: /opt/NAI/LinuxShield/uvscan: No such file or directory /usr/lib/MailScanner/mcafee-wrapper: line 63: exec: /opt/NAI/LinuxShield/uvscan: cannot execute: No such file or directory From grenier at cgsecurity.org Mon Feb 16 17:23:12 2015 From: grenier at cgsecurity.org (Christophe GRENIER) Date: Mon, 16 Feb 2015 18:23:12 +0100 (CET) Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: Message-ID: On Sun, 15 Feb 2015, Jerry Benton wrote: > After an absurd amount of face-palming over two weeks: > > https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz > > Note: This is beta! If you install on on a production box, that?s on you. Hi I have tested the install script on CentOS 6. Here are my results: - DFOPTION variable is undefined on non CentOS 7 ./install.sh: line 409: [: ==: unary operator expected - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: File::ShareDir::Install is missing. Installing via CPAN ... Mail::ClamAV is missing. Installing via CPAN ... - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: ... /usr/bin/ld: cannot find -lbz2 collect2: ld returned 1 exit status make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 make[1]: Leaving directory `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' - IMOO answers should default to recommanded values (Y instead of N). - After rerunning the install script, /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): MailScanner --lint Could not read file /etc/MailScanner/phishing.bad.sites.conf at /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line 990, file "/etc/MailScanner/phishing.bad.sites.conf" for phishingblacklist does not exist (or can not be read) at /usr/lib/MailScanner/MailScanner/Config.pm line 3066 - Some configurations is needed (I am using postfix), you may want to add it in QuickInstall.txt: Could not read directory /var/spool/mqueue at /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in configuration file line 169, directory /var/spool/mqueue for outqueuedir does not exist (or is not readable) at /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 hostnames from the phishing whitelist - Unrar is not installed, it should be in /usr/bin/unrar. This is required for RAR archives to be read to check filenames and filetypes. Virus scanning is not affected. Two possibilities: switch to internal unrar or install it... - config: failed to parse line, skipping, in "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 I haven't test this version of MailScanner for the moment, only the install script. Thanks for your work Regards, Christophe -- ,-~~-.___. ._. / | ' \ | |--------. Christophe GRENIER ( ) 0 | | | grenier at cgsecurity.org \_/-, ,----' | | | ==== !_!-v---v--. / \-'~; .--------. TestDisk & PhotoRec / __/~| ._-""|| | Data Recovery =( _____|_|____||________| http://www.cgsecurity.org From max at inmindlabs.com Mon Feb 16 17:51:41 2015 From: max at inmindlabs.com (Max Kipness) Date: Mon, 16 Feb 2015 11:51:41 -0600 Subject: Any new techniques? Message-ID: <11375BD8FE838A409E10DB32B9BFFE9BAB7262@addc01.assuredata.local> Hi, I've been using MailScanner for some time, and I've noticed many different trends in spam attempts. I've currently got my latest server on Centos 7.0 with DCC, Pyzor, Razor2, many custom spamassassin rules, SpamCOP, SpamHaus, and Barracuda and URIBL checks. As an overall total, tons of spam is caught, but it seems like the spammers still figure out ways to get around. Just this morning I've gotten several news ones that get around everything. I used Bayes and do not use auto learn (which I think is a big mistake) and EVERY spam message that gets by is tagged with BAYES_99/BAYES_999 so no problem there. However my guess is I'm getting early spam before it gets listed on the blacklists and URBLs, etc. Probably if I tested them again with spamassassin about 5 minutes after received they would get caught by a bunch of tests. I've noticed the spammers will break up words with spaces, dashes, etc. I've also noticed they will register a domain name, send as that domain name, and then have a URL with that domain name in it, which seems legitimate. I normally will study the email, look for obvious patterns to create a rule for any other similar emails. But I'm just wondering if anyone else does anything differently, or there are any other tests I can try. I could raise my Bayes score, but I don't want the decision of spam/not spam based just on Bayes. It's pretty good with Ham, but not 100%. Also, Is there a way to create your own on-server URIBL, that way as soon as an email comes in with a URL that was not detected by the official URIBL, I could create a small program to add it locally? Thanks, Max From jlarsen at richweb.com Mon Feb 16 18:56:14 2015 From: jlarsen at richweb.com (C. Jon Larsen) Date: Mon, 16 Feb 2015 13:56:14 -0500 (EST) Subject: Any new techniques? In-Reply-To: <11375BD8FE838A409E10DB32B9BFFE9BAB7262@addc01.assuredata.local> References: <11375BD8FE838A409E10DB32B9BFFE9BAB7262@addc01.assuredata.local> Message-ID: > Also, Is there a way to create your own on-server URIBL, that way as > soon as an email comes in with a URL that was not detected by the > official URIBL, I could create a small program to add it locally? yes, you can install the rbldnsd package and serve your own uri dbls right out of it via a simple text file. Setup SA rules to query it, and you are set. We use unbound dns caches to lessen the dns query load so another step for us is to point the caches at the rbl instance via unbound dns static routes. > Thanks, > Max > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > From jerry.benton at mailborder.com Mon Feb 16 21:24:12 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 16 Feb 2015 16:24:12 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: Message-ID: Thanks for the feedback. - DFOPTION - fixed that. - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. - I will add the bzip2-devel to the base packages. - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. - The unrar package is not a dependency. - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. Thanks for testing it out. - Jerry Benton www.mailborder.com > On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: > > On Sun, 15 Feb 2015, Jerry Benton wrote: > >> After an absurd amount of face-palming over two weeks: >> >> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >> >> Note: This is beta! If you install on on a production box, that?s on you. > > Hi > > I have tested the install script on CentOS 6. > > Here are my results: > - DFOPTION variable is undefined on non CentOS 7 > ./install.sh: line 409: [: ==: unary operator expected > > - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: > File::ShareDir::Install is missing. Installing via CPAN ... > Mail::ClamAV is missing. Installing via CPAN ... > > - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: > ... > /usr/bin/ld: cannot find -lbz2 > collect2: ld returned 1 exit status > make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 > make[1]: Leaving directory > `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' > > - IMOO answers should default to recommanded values (Y instead of N). > > - After rerunning the install script, > /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): > MailScanner --lint > > Could not read file /etc/MailScanner/phishing.bad.sites.conf at /usr/lib/MailScanner/MailScanner/Config.pm line 2864 > Error in line 990, file "/etc/MailScanner/phishing.bad.sites.conf" for phishingblacklist does not exist (or can not be read) at /usr/lib/MailScanner/MailScanner/Config.pm line 3066 > > - Some configurations is needed (I am using postfix), you may want to > add it in QuickInstall.txt: > > Could not read directory /var/spool/mqueue at /usr/lib/MailScanner/MailScanner/Config.pm line 2874 > Error in configuration file line 169, directory /var/spool/mqueue for outqueuedir does not exist (or is not readable) at /usr/lib/MailScanner/MailScanner/Config.pm line 3238 > Read 868 hostnames from the phishing whitelist > > - Unrar is not installed, it should be in /usr/bin/unrar. > This is required for RAR archives to be read to check > filenames and filetypes. Virus scanning is not affected. > > Two possibilities: switch to internal unrar or install it... > > - config: failed to parse line, skipping, in "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 > > I haven't test this version of MailScanner for the moment, only the install script. > > Thanks for your work > > Regards, > > Christophe > > -- > ,-~~-.___. ._. > / | ' \ | |--------. Christophe GRENIER > ( ) 0 | | | grenier at cgsecurity.org > \_/-, ,----' | | | > ==== !_!-v---v--. > / \-'~; .--------. TestDisk & PhotoRec > / __/~| ._-""|| | Data Recovery > =( _____|_|____||________| http://www.cgsecurity.org-- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Mon Feb 16 21:39:34 2015 From: James.Nelson at vgt.net (James Nelson) Date: Mon, 16 Feb 2015 21:39:34 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: <938c215e61e240c3a0f2f55596191dce@VGTMAIL1.vgt.net> Hi Kevin, I am running Postfix and all other MTAs are disabled. I can see the message in my mail log, and can view the details in MailWatch, so I know it's traversing MailScanner as expected, it's just behaving as if it's not taking any action or inspection on file names or types. I'm thoroughly stumped. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150216/04f0c696/attachment.html From michael at huntley.net Mon Feb 16 21:41:14 2015 From: michael at huntley.net (Michael Huntley) Date: Mon, 16 Feb 2015 13:41:14 -0800 Subject: McAfee VirusScan Enterprise for Linux In-Reply-To: References: Message-ID: <54E263FA.6090704@huntley.net> You need to edit the wrapper for mcafee. In there you will find the prog=uvscan line. I have a hunch you are probably going to need to edit more than just that one line. Cheers, mph On 2/15/2015 11:51 PM, Ryan Braganza wrote: > Can anyone let me know if McAfee VirusScan can be used with Mailscanner ? > > I have installed mcafee on my test server , the default install dir > path is /opt/NAI/LinuxShield > > I have set the virus.scanners.conf as below for mcafee > > mcafee /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield > > But when I do a test scan using he wrapper I get the below o/p > > /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield /root/install.log > /usr/lib/MailScanner/mcafee-wrapper: line 63: > /opt/NAI/LinuxShield/uvscan: No such file or directory > /usr/lib/MailScanner/mcafee-wrapper: line 63: exec: > /opt/NAI/LinuxShield/uvscan: cannot execute: No such file or directory > > > Its looking for uvscan ... any inputs? > > > -- > -------------------------------------------------------------------------------------------------------------------------------------- > *?**Race the rain, Ride the wind & Chase the sunset. > Only a biker understands.**? * > -------------------------------------------------------------------------------------------------------------------------------------- > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150216/f7763ee7/attachment.html From Denis.Beauchemin at usherbrooke.ca Tue Feb 17 13:18:01 2015 From: Denis.Beauchemin at usherbrooke.ca (Denis Beauchemin) Date: Tue, 17 Feb 2015 13:18:01 +0000 Subject: McAfee VirusScan Enterprise for Linux In-Reply-To: References: Message-ID: Ryan, I?ve been told this product is not suited for MailScanner use as it scans files as soon as they are created, the same way it works on a Windows PC. MailScanner has to be able to save the files to disk and then scan the files and get a return code about the results of the scan. From what I?ve been told, this is not how this product works. Denis De : mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] De la part de Ryan Braganza Envoy? : 16 f?vrier 2015 02:58 ? : MailScanner discussion Objet : McAfee VirusScan Enterprise for Linux Can anyone let me know if McAfee VirusScan can be used with Mailscanner ? I have installed mcafee on my test server , the default install dir path is /opt/NAI/LinuxShield I have set the virus.scanners.conf as below for mcafee mcafee /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield But when I do a test scan using he wrapper I get the below o/p /usr/lib/MailScanner/mcafee-wrapper /opt/NAI/LinuxShield /root/install.log /usr/lib/MailScanner/mcafee-wrapper: line 63: /opt/NAI/LinuxShield/uvscan: No such file or directory /usr/lib/MailScanner/mcafee-wrapper: line 63: exec: /opt/NAI/LinuxShield/uvscan: cannot execute: No such file or directory Its looking for uvscan ... any inputs? -- -------------------------------------------------------------------------------------------------------------------------------------- ?Race the rain, Ride the wind & Chase the sunset. Only a biker understands.? -------------------------------------------------------------------------------------------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150217/f8dbbd6e/attachment.html From kevin.miller at juneau.org Tue Feb 17 18:27:31 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Tue, 17 Feb 2015 18:27:31 +0000 Subject: Filename Restrictions Not working In-Reply-To: <938c215e61e240c3a0f2f55596191dce@VGTMAIL1.vgt.net> References: <938c215e61e240c3a0f2f55596191dce@VGTMAIL1.vgt.net> Message-ID: <26a77af4172048c3944bbbdf6a9b2824@City-Exch-DB1.cbj.local> Do you have a filename.rules or filetype.rules in the mix? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of James Nelson Sent: Monday, February 16, 2015 12:40 PM To: MailScanner discussion Subject: RE: Filename Restrictions Not working Hi Kevin, I am running Postfix and all other MTAs are disabled. I can see the message in my mail log, and can view the details in MailWatch, so I know it's traversing MailScanner as expected, it's just behaving as if it's not taking any action or inspection on file names or types. I'm thoroughly stumped. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150217/c83209b1/attachment.html From James.Nelson at vgt.net Tue Feb 17 21:33:36 2015 From: James.Nelson at vgt.net (James Nelson) Date: Tue, 17 Feb 2015 21:33:36 +0000 Subject: Filename Restrictions Not working References: Message-ID: Hi Kevin, I've tried with linking directly to filename.rules.conf, I've tried using a filename.rules that points FromOrTo: default \etc\MailScanner\filename.rules.conf , but neither approach is working. What's especially odd is if explicitly define a blocked file type...say, \.exe$ directly in MailScanner.conf, even THAT doesn't work. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150217/de077e4e/attachment.html From kevin.miller at juneau.org Tue Feb 17 23:02:00 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Tue, 17 Feb 2015 23:02:00 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: So I'm thinking maybe it's a permissions issue? If you put a file in the temp dir that MailScanner uses (probably /var/spool/MailScanner/incoming) and then try to scan that as the user that your MailScanner is running as, does it return a proper response? What are the permissions on that directory? Does virus scanning work as advertised if you send an eicar "infected" file? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of James Nelson Sent: Tuesday, February 17, 2015 12:34 PM To: MailScanner discussion Subject: RE: Filename Restrictions Not working Hi Kevin, I've tried with linking directly to filename.rules.conf, I've tried using a filename.rules that points FromOrTo: default \etc\MailScanner\filename.rules.conf , but neither approach is working. What's especially odd is if explicitly define a blocked file type...say, \.exe$ directly in MailScanner.conf, even THAT doesn't work. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150217/6323a71f/attachment.html From kevin.miller at juneau.org Tue Feb 17 23:02:29 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Tue, 17 Feb 2015 23:02:29 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: Also, is there anything in your mail log or syslog that may point to the issue? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of James Nelson Sent: Tuesday, February 17, 2015 12:34 PM To: MailScanner discussion Subject: RE: Filename Restrictions Not working Hi Kevin, I've tried with linking directly to filename.rules.conf, I've tried using a filename.rules that points FromOrTo: default \etc\MailScanner\filename.rules.conf , but neither approach is working. What's especially odd is if explicitly define a blocked file type...say, \.exe$ directly in MailScanner.conf, even THAT doesn't work. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150217/56068e02/attachment.html From alex at vidadigital.com.pa Tue Feb 17 23:04:48 2015 From: alex at vidadigital.com.pa (Alex Neuman) Date: Tue, 17 Feb 2015 18:04:48 -0500 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: On Tue, Feb 17, 2015 at 4:33 PM, James Nelson wrote: > \etc\MailScanner\filename.rules.conf You're using backslashes on filenames? \etc\MailScanner\filename.rules.conf ? *Alex Neuman van der Hans* Reliant Technologies / Vida Digital http://vidadigital.com.pa/ Mobile: +507 6781-9505 Work: +507 832-6725 Work (USA): +1 (440) 253-9789 Skype: AlexNeuman Don't miss Vida Digital on LiveStream ! Saturdays 8am-10am on M?xima 91.7FM Panama Follow *@AlexNeuman * on Twitter Like Vida Digital on Facebook Follow VidaDigital on Instagram Subscribe to Vida Digital on Youtube -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150217/58c5ee45/attachment.html From J.Ede at birchenallhowden.co.uk Wed Feb 18 09:42:14 2015 From: J.Ede at birchenallhowden.co.uk (Jason Ede) Date: Wed, 18 Feb 2015 09:42:14 +0000 Subject: Rebuilding RPM file In-Reply-To: <92665C7597419742B19470DFA3D5BEA2090B12F3@vonLipwig.aoc-uk.com> References: <92665C7597419742B19470DFA3D5BEA2090B12F3@vonLipwig.aoc-uk.com> Message-ID: I know this is an old message, but did you get this sorted? I'm trying to rebuild the srpm and having the same issue when I try to install it. Jason -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Stef Morrell Sent: 21 February 2014 11:18 To: mailscanner at lists.mailscanner.info Subject: Rebuilding RPM file Hi all, I'm trying to get an up to date RPM built, using a CentOS 6 machine do the building. I've downloaded mailscanner-4.84.6-1.src.rpm I've unpacked using rpm -i and that seems fine, I can see the source tgz and specs file as I would expect. I've then unpacked the tgz, pulled in latest files from git and made a patch which I've added to the specs, then rebuilt the rpm. So far no problem. When I come to install, however I have the following dependency issues: --> Processing Dependency: perl(MailScanner::FileInto) for package: --> mailscanner-4.84.6-1.noarch Processing Dependency: --> perl(MailScanner::MCPMessage) for package: --> mailscanner-4.84.6-1.noarch Finished Dependency Resolution Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) Requires: perl(MailScanner::FileInto) Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) Requires: perl(MailScanner::MCPMessage) And on further investigation, if I simply 'rpmbuild --rebuild' the src rpm, the same dependency issues are present. I also notice the rpm I've generated is some 140k smaller than the one downloaded from the MS webpage. So - I suspect I'm missing a trick with the rebuild. I have been simply doing ' rpmbuild -ba MailScanner4.spec'. Is there something else I should be putting on this command line? Thanks Stef -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Wed Feb 18 10:33:16 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 05:33:16 -0500 Subject: Rebuilding RPM file In-Reply-To: References: <92665C7597419742B19470DFA3D5BEA2090B12F3@vonLipwig.aoc-uk.com> Message-ID: <971C485E-CA00-4DC8-96D4-DF03B5FF84DB@mailborder.com> You seem to have missed this message I sent out 3 days ago: http://comments.gmane.org/gmane.mail.virus.mailscanner/80742 - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 4:42 AM, Jason Ede wrote: > > I know this is an old message, but did you get this sorted? > > I'm trying to rebuild the srpm and having the same issue when I try to install it. > > Jason > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Stef Morrell > Sent: 21 February 2014 11:18 > To: mailscanner at lists.mailscanner.info > Subject: Rebuilding RPM file > > Hi all, > > I'm trying to get an up to date RPM built, using a CentOS 6 machine do the building. > > I've downloaded mailscanner-4.84.6-1.src.rpm > > I've unpacked using rpm -i and that seems fine, I can see the source tgz and specs file as I would expect. > > I've then unpacked the tgz, pulled in latest files from git and made a patch which I've added to the specs, then rebuilt the rpm. So far no problem. > > When I come to install, however I have the following dependency issues: > > --> Processing Dependency: perl(MailScanner::FileInto) for package: > --> mailscanner-4.84.6-1.noarch Processing Dependency: > --> perl(MailScanner::MCPMessage) for package: > --> mailscanner-4.84.6-1.noarch Finished Dependency Resolution > Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) > Requires: perl(MailScanner::FileInto) > Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) > Requires: perl(MailScanner::MCPMessage) > > And on further investigation, if I simply 'rpmbuild --rebuild' the src rpm, the same dependency issues are present. I also notice the rpm I've generated is some 140k smaller than the one downloaded from the MS webpage. > > So - I suspect I'm missing a trick with the rebuild. I have been simply doing ' rpmbuild -ba MailScanner4.spec'. Is there something else I should be putting on this command line? > > Thanks > > Stef > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From J.Ede at birchenallhowden.co.uk Wed Feb 18 10:44:21 2015 From: J.Ede at birchenallhowden.co.uk (Jason Ede) Date: Wed, 18 Feb 2015 10:44:21 +0000 Subject: Rebuilding RPM file In-Reply-To: <971C485E-CA00-4DC8-96D4-DF03B5FF84DB@mailborder.com> References: <92665C7597419742B19470DFA3D5BEA2090B12F3@vonLipwig.aoc-uk.com> <971C485E-CA00-4DC8-96D4-DF03B5FF84DB@mailborder.com> Message-ID: I saw that, but I'm rebuilding a production machine and not happy using a beta version on it... Is there a copy of the .spec file available so I can work out the dependency problem for my version? Jason -- Dr Jason Ede Development Manager, BirchenallHowden Ltd -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: 18 February 2015 10:33 To: MailScanner discussion Subject: Re: Rebuilding RPM file You seem to have missed this message I sent out 3 days ago: http://comments.gmane.org/gmane.mail.virus.mailscanner/80742 - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 4:42 AM, Jason Ede wrote: > > I know this is an old message, but did you get this sorted? > > I'm trying to rebuild the srpm and having the same issue when I try to install it. > > Jason > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Stef Morrell > Sent: 21 February 2014 11:18 > To: mailscanner at lists.mailscanner.info > Subject: Rebuilding RPM file > > Hi all, > > I'm trying to get an up to date RPM built, using a CentOS 6 machine do the building. > > I've downloaded mailscanner-4.84.6-1.src.rpm > > I've unpacked using rpm -i and that seems fine, I can see the source tgz and specs file as I would expect. > > I've then unpacked the tgz, pulled in latest files from git and made a patch which I've added to the specs, then rebuilt the rpm. So far no problem. > > When I come to install, however I have the following dependency issues: > > --> Processing Dependency: perl(MailScanner::FileInto) for package: > --> mailscanner-4.84.6-1.noarch Processing Dependency: > --> perl(MailScanner::MCPMessage) for package: > --> mailscanner-4.84.6-1.noarch Finished Dependency Resolution > Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) > Requires: perl(MailScanner::FileInto) > Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) > Requires: perl(MailScanner::MCPMessage) > > And on further investigation, if I simply 'rpmbuild --rebuild' the src rpm, the same dependency issues are present. I also notice the rpm I've generated is some 140k smaller than the one downloaded from the MS webpage. > > So - I suspect I'm missing a trick with the rebuild. I have been simply doing ' rpmbuild -ba MailScanner4.spec'. Is there something else I should be putting on this command line? > > Thanks > > Stef > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Wed Feb 18 11:29:36 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 06:29:36 -0500 Subject: Rebuilding RPM file In-Reply-To: References: <92665C7597419742B19470DFA3D5BEA2090B12F3@vonLipwig.aoc-uk.com> <971C485E-CA00-4DC8-96D4-DF03B5FF84DB@mailborder.com> Message-ID: Jason, If you are installing from source using the stuff at github, then you are installing the same exact thing, but without the 200 hours or so of research and review that I have put into this. In short, you are installing alpha. If you give me a couple of hours I will have a newer package available. It is going to be the final in a day or two unless someone else reports a problem with the version I posted. I can let you know today when it is ready. Or, you can march on with what you are doing. To do so, add this to your spec file: Provides: perl(MailScanner::FileInto), perl(next_item_here), perl(and_the_next) And your RPM will install. However, you will be missing a lot of MailScanner dependencies that the RPM installer does not catch that is installed with the version I am making. Its your barbecue. - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 5:44 AM, Jason Ede wrote: > > I saw that, but I'm rebuilding a production machine and not happy using a beta version on it... > > Is there a copy of the .spec file available so I can work out the dependency problem for my version? > > Jason > > -- > Dr Jason Ede > Development Manager, BirchenallHowden Ltd > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: 18 February 2015 10:33 > To: MailScanner discussion > Subject: Re: Rebuilding RPM file > > You seem to have missed this message I sent out 3 days ago: > > http://comments.gmane.org/gmane.mail.virus.mailscanner/80742 > > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 18, 2015, at 4:42 AM, Jason Ede wrote: >> >> I know this is an old message, but did you get this sorted? >> >> I'm trying to rebuild the srpm and having the same issue when I try to install it. >> >> Jason >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Stef Morrell >> Sent: 21 February 2014 11:18 >> To: mailscanner at lists.mailscanner.info >> Subject: Rebuilding RPM file >> >> Hi all, >> >> I'm trying to get an up to date RPM built, using a CentOS 6 machine do the building. >> >> I've downloaded mailscanner-4.84.6-1.src.rpm >> >> I've unpacked using rpm -i and that seems fine, I can see the source tgz and specs file as I would expect. >> >> I've then unpacked the tgz, pulled in latest files from git and made a patch which I've added to the specs, then rebuilt the rpm. So far no problem. >> >> When I come to install, however I have the following dependency issues: >> >> --> Processing Dependency: perl(MailScanner::FileInto) for package: >> --> mailscanner-4.84.6-1.noarch Processing Dependency: >> --> perl(MailScanner::MCPMessage) for package: >> --> mailscanner-4.84.6-1.noarch Finished Dependency Resolution >> Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) >> Requires: perl(MailScanner::FileInto) >> Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) >> Requires: perl(MailScanner::MCPMessage) >> >> And on further investigation, if I simply 'rpmbuild --rebuild' the src rpm, the same dependency issues are present. I also notice the rpm I've generated is some 140k smaller than the one downloaded from the MS webpage. >> >> So - I suspect I'm missing a trick with the rebuild. I have been simply doing ' rpmbuild -ba MailScanner4.spec'. Is there something else I should be putting on this command line? >> >> Thanks >> >> Stef >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From J.Ede at birchenallhowden.co.uk Wed Feb 18 11:55:38 2015 From: J.Ede at birchenallhowden.co.uk (Jason Ede) Date: Wed, 18 Feb 2015 11:55:38 +0000 Subject: Rebuilding RPM file In-Reply-To: References: <92665C7597419742B19470DFA3D5BEA2090B12F3@vonLipwig.aoc-uk.com> <971C485E-CA00-4DC8-96D4-DF03B5FF84DB@mailborder.com> Message-ID: I'll hang on till the final version then -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: 18 February 2015 11:30 To: MailScanner discussion Subject: Re: Rebuilding RPM file Jason, If you are installing from source using the stuff at github, then you are installing the same exact thing, but without the 200 hours or so of research and review that I have put into this. In short, you are installing alpha. If you give me a couple of hours I will have a newer package available. It is going to be the final in a day or two unless someone else reports a problem with the version I posted. I can let you know today when it is ready. Or, you can march on with what you are doing. To do so, add this to your spec file: Provides: perl(MailScanner::FileInto), perl(next_item_here), perl(and_the_next) And your RPM will install. However, you will be missing a lot of MailScanner dependencies that the RPM installer does not catch that is installed with the version I am making. Its your barbecue. - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 5:44 AM, Jason Ede wrote: > > I saw that, but I'm rebuilding a production machine and not happy using a beta version on it... > > Is there a copy of the .spec file available so I can work out the dependency problem for my version? > > Jason > > -- > Dr Jason Ede > Development Manager, BirchenallHowden Ltd > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: 18 February 2015 10:33 > To: MailScanner discussion > Subject: Re: Rebuilding RPM file > > You seem to have missed this message I sent out 3 days ago: > > http://comments.gmane.org/gmane.mail.virus.mailscanner/80742 > > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 18, 2015, at 4:42 AM, Jason Ede wrote: >> >> I know this is an old message, but did you get this sorted? >> >> I'm trying to rebuild the srpm and having the same issue when I try to install it. >> >> Jason >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Stef Morrell >> Sent: 21 February 2014 11:18 >> To: mailscanner at lists.mailscanner.info >> Subject: Rebuilding RPM file >> >> Hi all, >> >> I'm trying to get an up to date RPM built, using a CentOS 6 machine do the building. >> >> I've downloaded mailscanner-4.84.6-1.src.rpm >> >> I've unpacked using rpm -i and that seems fine, I can see the source tgz and specs file as I would expect. >> >> I've then unpacked the tgz, pulled in latest files from git and made a patch which I've added to the specs, then rebuilt the rpm. So far no problem. >> >> When I come to install, however I have the following dependency issues: >> >> --> Processing Dependency: perl(MailScanner::FileInto) for package: >> --> mailscanner-4.84.6-1.noarch Processing Dependency: >> --> perl(MailScanner::MCPMessage) for package: >> --> mailscanner-4.84.6-1.noarch Finished Dependency Resolution >> Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) >> Requires: perl(MailScanner::FileInto) >> Error: Package: mailscanner-4.84.6-1.noarch (/mailscanner-4.84.6-1.noarch) >> Requires: perl(MailScanner::MCPMessage) >> >> And on further investigation, if I simply 'rpmbuild --rebuild' the src rpm, the same dependency issues are present. I also notice the rpm I've generated is some 140k smaller than the one downloaded from the MS webpage. >> >> So - I suspect I'm missing a trick with the rebuild. I have been simply doing ' rpmbuild -ba MailScanner4.spec'. Is there something else I should be putting on this command line? >> >> Thanks >> >> Stef >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From phil.randal at hoopleltd.co.uk Wed Feb 18 12:35:45 2015 From: phil.randal at hoopleltd.co.uk (Randal, Phil) Date: Wed, 18 Feb 2015 12:35:45 +0000 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: Message-ID: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> Mail::Clamav should be sent to the great bit bucket in the sky. If ClamAV is selected during install, clamd and clamav should be installed with a note to the user to configure MailScanner to use clamd. Cheers, Phil -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: 16 February 2015 21:24 To: MailScanner discussion Subject: Re: v4.85.1.0 Beta for Linux RPM Available Thanks for the feedback. - DFOPTION - fixed that. - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. - I will add the bzip2-devel to the base packages. - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. - The unrar package is not a dependency. - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. Thanks for testing it out. - Jerry Benton www.mailborder.com > On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: > > On Sun, 15 Feb 2015, Jerry Benton wrote: > >> After an absurd amount of face-palming over two weeks: >> >> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >> >> Note: This is beta! If you install on on a production box, that?s on you. > > Hi > > I have tested the install script on CentOS 6. > > Here are my results: > - DFOPTION variable is undefined on non CentOS 7 > ./install.sh: line 409: [: ==: unary operator expected > > - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: > File::ShareDir::Install is missing. Installing via CPAN ... > Mail::ClamAV is missing. Installing via CPAN ... > > - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: > ... > /usr/bin/ld: cannot find -lbz2 > collect2: ld returned 1 exit status > make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 > make[1]: Leaving directory > `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' > > - IMOO answers should default to recommanded values (Y instead of N). > > - After rerunning the install script, > /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): > MailScanner --lint > > Could not read file /etc/MailScanner/phishing.bad.sites.conf at > /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line > 990, file "/etc/MailScanner/phishing.bad.sites.conf" for > phishingblacklist does not exist (or can not be read) at > /usr/lib/MailScanner/MailScanner/Config.pm line 3066 > > - Some configurations is needed (I am using postfix), you may want to > add it in QuickInstall.txt: > > Could not read directory /var/spool/mqueue at > /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in > configuration file line 169, directory /var/spool/mqueue for > outqueuedir does not exist (or is not readable) at > /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 > hostnames from the phishing whitelist > > - Unrar is not installed, it should be in /usr/bin/unrar. > This is required for RAR archives to be read to check filenames and > filetypes. Virus scanning is not affected. > > Two possibilities: switch to internal unrar or install it... > > - config: failed to parse line, skipping, in > "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 > > I haven't test this version of MailScanner for the moment, only the install script. > > Thanks for your work > > Regards, > > Christophe > > -- > ,-~~-.___. ._. > / | ' \ | |--------. Christophe GRENIER > ( ) 0 | | | grenier at cgsecurity.org > \_/-, ,----' | | | > ==== !_!-v---v--. > / \-'~; .--------. TestDisk & PhotoRec > / __/~| ._-""|| | Data Recovery > =( _____|_|____||________| http://www.cgsecurity.org-- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! Hoople Ltd, Registered in England and Wales No. 7556595 Registered office: Plough Lane, Hereford, HR4 0LE "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." From jerry.benton at mailborder.com Wed Feb 18 13:13:03 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 08:13:03 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> Message-ID: Phil, I agree, but someone else may not. It doesn?t hurt to have the module available. - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 7:35 AM, Randal, Phil wrote: > > Mail::Clamav should be sent to the great bit bucket in the sky. > > If ClamAV is selected during install, clamd and clamav should be installed with a note to the user to configure MailScanner to use clamd. > > Cheers, > > Phil > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: 16 February 2015 21:24 > To: MailScanner discussion > Subject: Re: v4.85.1.0 Beta for Linux RPM Available > > Thanks for the feedback. > > - DFOPTION - fixed that. > - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. > - I will add the bzip2-devel to the base packages. > - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. > - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. > - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. > - The unrar package is not a dependency. > - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. > > > Thanks for testing it out. > > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >> >> On Sun, 15 Feb 2015, Jerry Benton wrote: >> >>> After an absurd amount of face-palming over two weeks: >>> >>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >>> >>> Note: This is beta! If you install on on a production box, that?s on you. >> >> Hi >> >> I have tested the install script on CentOS 6. >> >> Here are my results: >> - DFOPTION variable is undefined on non CentOS 7 >> ./install.sh: line 409: [: ==: unary operator expected >> >> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >> File::ShareDir::Install is missing. Installing via CPAN ... >> Mail::ClamAV is missing. Installing via CPAN ... >> >> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >> ... >> /usr/bin/ld: cannot find -lbz2 >> collect2: ld returned 1 exit status >> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >> make[1]: Leaving directory >> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >> >> - IMOO answers should default to recommanded values (Y instead of N). >> >> - After rerunning the install script, >> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >> MailScanner --lint >> >> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >> phishingblacklist does not exist (or can not be read) at >> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >> >> - Some configurations is needed (I am using postfix), you may want to >> add it in QuickInstall.txt: >> >> Could not read directory /var/spool/mqueue at >> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >> configuration file line 169, directory /var/spool/mqueue for >> outqueuedir does not exist (or is not readable) at >> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >> hostnames from the phishing whitelist >> >> - Unrar is not installed, it should be in /usr/bin/unrar. >> This is required for RAR archives to be read to check filenames and >> filetypes. Virus scanning is not affected. >> >> Two possibilities: switch to internal unrar or install it... >> >> - config: failed to parse line, skipping, in >> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >> >> I haven't test this version of MailScanner for the moment, only the install script. >> >> Thanks for your work >> >> Regards, >> >> Christophe >> >> -- >> ,-~~-.___. ._. >> / | ' \ | |--------. Christophe GRENIER >> ( ) 0 | | | grenier at cgsecurity.org >> \_/-, ,----' | | | >> ==== !_!-v---v--. >> / \-'~; .--------. TestDisk & PhotoRec >> / __/~| ._-""|| | Data Recovery >> =( _____|_|____||________| http://www.cgsecurity.org-- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > Hoople Ltd, Registered in England and Wales No. 7556595 > Registered office: Plough Lane, Hereford, HR4 0LE > > "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Wed Feb 18 13:34:32 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 08:34:32 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: Message-ID: <500054FE-F3E1-4C96-9156-3701792A109D@mailborder.com> Ok, updates were made based on feedback and further testing. I will do some more tests over the next 2 days in my lab on RHEL 5,6,7 on both 32 and 64 bit. Barring any other issues, I will move this to build 1 and release by Monday. I am working on the tarball release as well, but the MailScanner code won?t change once the RPM is finalized. Only the installer. https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz - Jerry Benton www.mailborder.com > On Feb 16, 2015, at 4:24 PM, Jerry Benton wrote: > > Thanks for the feedback. > > - DFOPTION - fixed that. > - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. > - I will add the bzip2-devel to the base packages. > - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. > - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. > - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. > - The unrar package is not a dependency. > - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. > > > Thanks for testing it out. > > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >> >> On Sun, 15 Feb 2015, Jerry Benton wrote: >> >>> After an absurd amount of face-palming over two weeks: >>> >>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >>> >>> Note: This is beta! If you install on on a production box, that?s on you. >> >> Hi >> >> I have tested the install script on CentOS 6. >> >> Here are my results: >> - DFOPTION variable is undefined on non CentOS 7 >> ./install.sh: line 409: [: ==: unary operator expected >> >> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >> File::ShareDir::Install is missing. Installing via CPAN ... >> Mail::ClamAV is missing. Installing via CPAN ... >> >> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >> ... >> /usr/bin/ld: cannot find -lbz2 >> collect2: ld returned 1 exit status >> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >> make[1]: Leaving directory >> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >> >> - IMOO answers should default to recommanded values (Y instead of N). >> >> - After rerunning the install script, >> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >> MailScanner --lint >> >> Could not read file /etc/MailScanner/phishing.bad.sites.conf at /usr/lib/MailScanner/MailScanner/Config.pm line 2864 >> Error in line 990, file "/etc/MailScanner/phishing.bad.sites.conf" for phishingblacklist does not exist (or can not be read) at /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >> >> - Some configurations is needed (I am using postfix), you may want to >> add it in QuickInstall.txt: >> >> Could not read directory /var/spool/mqueue at /usr/lib/MailScanner/MailScanner/Config.pm line 2874 >> Error in configuration file line 169, directory /var/spool/mqueue for outqueuedir does not exist (or is not readable) at /usr/lib/MailScanner/MailScanner/Config.pm line 3238 >> Read 868 hostnames from the phishing whitelist >> >> - Unrar is not installed, it should be in /usr/bin/unrar. >> This is required for RAR archives to be read to check >> filenames and filetypes. Virus scanning is not affected. >> >> Two possibilities: switch to internal unrar or install it... >> >> - config: failed to parse line, skipping, in "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >> >> I haven't test this version of MailScanner for the moment, only the install script. >> >> Thanks for your work >> >> Regards, >> >> Christophe >> >> -- >> ,-~~-.___. ._. >> / | ' \ | |--------. Christophe GRENIER >> ( ) 0 | | | grenier at cgsecurity.org >> \_/-, ,----' | | | >> ==== !_!-v---v--. >> / \-'~; .--------. TestDisk & PhotoRec >> / __/~| ._-""|| | Data Recovery >> =( _____|_|____||________| http://www.cgsecurity.org-- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > From Denis.Beauchemin at usherbrooke.ca Wed Feb 18 13:44:21 2015 From: Denis.Beauchemin at usherbrooke.ca (Denis Beauchemin) Date: Wed, 18 Feb 2015 13:44:21 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: Agreed : you should use forward slashes ?/? in all MS config files whenever you want to refer to a file path. And I?m also pretty sure you can?t put ?allow/deny? filetypes rules directly in MailScanner.conf. Have you tried ?MailScanner --lint?? If so, don?t you have any errors? Denis De : mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] De la part de James Nelson Envoy? : 17 f?vrier 2015 16:40 ? : MailScanner discussion Objet : RE: Filename Restrictions Not working Hi Kevin, I?ve tried with linking directly to filename.rules.conf, I?ve tried using a filename.rules that points FromOrTo: default \etc\MailScanner\filename.rules.conf , but neither approach is working. What?s especially odd is if explicitly define a blocked file type?say, \.exe$ directly in MailScanner.conf, even THAT doesn?t work. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150218/7403655c/attachment.html From glenn.steen at gmail.com Wed Feb 18 14:41:28 2015 From: glenn.steen at gmail.com (Glenn Steen) Date: Wed, 18 Feb 2015 15:41:28 +0100 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> Message-ID: Actually, it could. The way it sucks up resources, it really should not only be deprecated, but removed entirely. Loading a fat copy of the sigs into every MailWScanner child was OK when the sigs were relatively few, but ... these days, the only sane way to use clamav is via clamd. Cheers! -- -- Glenn On 18 February 2015 at 14:13, Jerry Benton wrote: > Phil, > > I agree, but someone else may not. It doesn?t hurt to have the module available. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 18, 2015, at 7:35 AM, Randal, Phil wrote: >> >> Mail::Clamav should be sent to the great bit bucket in the sky. >> >> If ClamAV is selected during install, clamd and clamav should be installed with a note to the user to configure MailScanner to use clamd. >> >> Cheers, >> >> Phil >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >> Sent: 16 February 2015 21:24 >> To: MailScanner discussion >> Subject: Re: v4.85.1.0 Beta for Linux RPM Available >> >> Thanks for the feedback. >> >> - DFOPTION - fixed that. >> - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. >> - I will add the bzip2-devel to the base packages. >> - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. >> - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. >> - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. >> - The unrar package is not a dependency. >> - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. >> >> >> Thanks for testing it out. >> >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >>> >>> On Sun, 15 Feb 2015, Jerry Benton wrote: >>> >>>> After an absurd amount of face-palming over two weeks: >>>> >>>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >>>> >>>> Note: This is beta! If you install on on a production box, that?s on you. >>> >>> Hi >>> >>> I have tested the install script on CentOS 6. >>> >>> Here are my results: >>> - DFOPTION variable is undefined on non CentOS 7 >>> ./install.sh: line 409: [: ==: unary operator expected >>> >>> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >>> File::ShareDir::Install is missing. Installing via CPAN ... >>> Mail::ClamAV is missing. Installing via CPAN ... >>> >>> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >>> ... >>> /usr/bin/ld: cannot find -lbz2 >>> collect2: ld returned 1 exit status >>> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >>> make[1]: Leaving directory >>> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >>> >>> - IMOO answers should default to recommanded values (Y instead of N). >>> >>> - After rerunning the install script, >>> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >>> MailScanner --lint >>> >>> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >>> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >>> phishingblacklist does not exist (or can not be read) at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >>> >>> - Some configurations is needed (I am using postfix), you may want to >>> add it in QuickInstall.txt: >>> >>> Could not read directory /var/spool/mqueue at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >>> configuration file line 169, directory /var/spool/mqueue for >>> outqueuedir does not exist (or is not readable) at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >>> hostnames from the phishing whitelist >>> >>> - Unrar is not installed, it should be in /usr/bin/unrar. >>> This is required for RAR archives to be read to check filenames and >>> filetypes. Virus scanning is not affected. >>> >>> Two possibilities: switch to internal unrar or install it... >>> >>> - config: failed to parse line, skipping, in >>> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >>> >>> I haven't test this version of MailScanner for the moment, only the install script. >>> >>> Thanks for your work >>> >>> Regards, >>> >>> Christophe >>> >>> -- >>> ,-~~-.___. ._. >>> / | ' \ | |--------. Christophe GRENIER >>> ( ) 0 | | | grenier at cgsecurity.org >>> \_/-, ,----' | | | >>> ==== !_!-v---v--. >>> / \-'~; .--------. TestDisk & PhotoRec >>> / __/~| ._-""|| | Data Recovery >>> =( _____|_|____||________| http://www.cgsecurity.org-- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> Hoople Ltd, Registered in England and Wales No. 7556595 >> Registered office: Plough Lane, Hereford, HR4 0LE >> >> "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se From glenn.steen at gmail.com Wed Feb 18 14:53:29 2015 From: glenn.steen at gmail.com (Glenn Steen) Date: Wed, 18 Feb 2015 15:53:29 +0100 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: Have you checked that there are headers in the delivered mails that indicate that MailScanner has been involved? If not, especially with some MTAs (like Postfix), it seems like you've gogofed your install a bit and there is still a "non-MS-aware MTA" running, which would just deliver/relay any mails.... Further... When you've fixed your typos (the back-forwardslash thing for example), do as Denis says and try a lint run. If that works, then do a debug run: shut down MailScanner, then as the Run As user run: MailScanner --debug wrote: > Agreed : you should use forward slashes ?/? in all MS config files whenever > you want to refer to a file path. And I?m also pretty sure you can?t put > ?allow/deny? filetypes rules directly in MailScanner.conf. > > > > Have you tried ?MailScanner --lint?? If so, don?t you have any errors? > > > > Denis > > > > > > De : mailscanner-bounces at lists.mailscanner.info > [mailto:mailscanner-bounces at lists.mailscanner.info] De la part de James > Nelson > Envoy? : 17 f?vrier 2015 16:40 > ? : MailScanner discussion > Objet : RE: Filename Restrictions Not working > > > > Hi Kevin, > > > > I?ve tried with linking directly to filename.rules.conf, I?ve tried using a > filename.rules that points FromOrTo: default > \etc\MailScanner\filename.rules.conf , but neither approach is working. > > > > What?s especially odd is if explicitly define a blocked file type?say, > \.exe$ directly in MailScanner.conf, even THAT doesn?t work. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se From email at ace.net.au Wed Feb 18 15:07:15 2015 From: email at ace.net.au (Peter Nitschke) Date: Thu, 19 Feb 2015 01:37:15 +1030 Subject: Clean.quarantine Message-ID: <201502190137150526.19A1A03E@web.ace.net.au> The current clean quarantine is great, but I would like to be able to have different days_to_keep for spam and for nonspam. There is more chance that someone will want to recover a mail that has been caught as spam, and as mails are having much more content, keeping non-spam for long doesn't make sense. Any help appreciated. From phil.randal at hoopleltd.co.uk Wed Feb 18 15:13:13 2015 From: phil.randal at hoopleltd.co.uk (Randal, Phil) Date: Wed, 18 Feb 2015 15:13:13 +0000 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <500054FE-F3E1-4C96-9156-3701792A109D@mailborder.com> References: <500054FE-F3E1-4C96-9156-3701792A109D@mailborder.com> Message-ID: <7CA580B59C1ABD45B4614ED90D4C7B857EFB245F@HC-EXMBX03.herefordshire.gov.uk> By the way, tnef is available fro RGHEL/CentOS 5/6/7 from the repoforge yum repo. Cheers, Phil -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: 18 February 2015 13:35 To: MailScanner discussion Subject: Re: v4.85.1.0 Beta for Linux RPM Available Ok, updates were made based on feedback and further testing. I will do some more tests over the next 2 days in my lab on RHEL 5,6,7 on both 32 and 64 bit. Barring any other issues, I will move this to build 1 and release by Monday. I am working on the tarball release as well, but the MailScanner code won?t change once the RPM is finalized. Only the installer. https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz - Jerry Benton www.mailborder.com > On Feb 16, 2015, at 4:24 PM, Jerry Benton wrote: > > Thanks for the feedback. > > - DFOPTION - fixed that. > - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. > - I will add the bzip2-devel to the base packages. > - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. > - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. > - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. > - The unrar package is not a dependency. > - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. > > > Thanks for testing it out. > > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >> >> On Sun, 15 Feb 2015, Jerry Benton wrote: >> >>> After an absurd amount of face-palming over two weeks: >>> >>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >>> >>> Note: This is beta! If you install on on a production box, that?s on you. >> >> Hi >> >> I have tested the install script on CentOS 6. >> >> Here are my results: >> - DFOPTION variable is undefined on non CentOS 7 >> ./install.sh: line 409: [: ==: unary operator expected >> >> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >> File::ShareDir::Install is missing. Installing via CPAN ... >> Mail::ClamAV is missing. Installing via CPAN ... >> >> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >> ... >> /usr/bin/ld: cannot find -lbz2 >> collect2: ld returned 1 exit status >> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >> make[1]: Leaving directory >> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >> >> - IMOO answers should default to recommanded values (Y instead of N). >> >> - After rerunning the install script, >> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >> MailScanner --lint >> >> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >> phishingblacklist does not exist (or can not be read) at >> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >> >> - Some configurations is needed (I am using postfix), you may want to >> add it in QuickInstall.txt: >> >> Could not read directory /var/spool/mqueue at >> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >> configuration file line 169, directory /var/spool/mqueue for >> outqueuedir does not exist (or is not readable) at >> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >> hostnames from the phishing whitelist >> >> - Unrar is not installed, it should be in /usr/bin/unrar. >> This is required for RAR archives to be read to check filenames and >> filetypes. Virus scanning is not affected. >> >> Two possibilities: switch to internal unrar or install it... >> >> - config: failed to parse line, skipping, in >> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >> >> I haven't test this version of MailScanner for the moment, only the install script. >> >> Thanks for your work >> >> Regards, >> >> Christophe >> >> -- >> ,-~~-.___. ._. >> / | ' \ | |--------. Christophe GRENIER >> ( ) 0 | | | grenier at cgsecurity.org >> \_/-, ,----' | | | >> ==== !_!-v---v--. >> / \-'~; .--------. TestDisk & PhotoRec >> / __/~| ._-""|| | Data Recovery >> =( _____|_|____||________| http://www.cgsecurity.org-- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! Hoople Ltd, Registered in England and Wales No. 7556595 Registered office: Plough Lane, Hereford, HR4 0LE "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." From phil.randal at hoopleltd.co.uk Wed Feb 18 15:19:56 2015 From: phil.randal at hoopleltd.co.uk (Randal, Phil) Date: Wed, 18 Feb 2015 15:19:56 +0000 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> Message-ID: <7CA580B59C1ABD45B4614ED90D4C7B857EFB252A@HC-EXMBX03.herefordshire.gov.uk> To expand on that: 1: each child has a full copy of the ClamAV database - that makes MailScanner children real memory hogs 2: each child has to load that DB on startup - which adds to server load and slows down throughput 3: weren't there issues with Mail::ClamAV and later versions of ClamAV, anyhow? See https://rt.cpan.org/Public/Bug/Display.html?id=96876 Cheers, Phil -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn Steen Sent: 18 February 2015 14:41 To: MailScanner discussion Subject: Re: v4.85.1.0 Beta for Linux RPM Available Actually, it could. The way it sucks up resources, it really should not only be deprecated, but removed entirely. Loading a fat copy of the sigs into every MailWScanner child was OK when the sigs were relatively few, but ... these days, the only sane way to use clamav is via clamd. Cheers! -- -- Glenn On 18 February 2015 at 14:13, Jerry Benton wrote: > Phil, > > I agree, but someone else may not. It doesn?t hurt to have the module available. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 18, 2015, at 7:35 AM, Randal, Phil wrote: >> >> Mail::Clamav should be sent to the great bit bucket in the sky. >> >> If ClamAV is selected during install, clamd and clamav should be installed with a note to the user to configure MailScanner to use clamd. >> >> Cheers, >> >> Phil >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >> Jerry Benton >> Sent: 16 February 2015 21:24 >> To: MailScanner discussion >> Subject: Re: v4.85.1.0 Beta for Linux RPM Available >> >> Thanks for the feedback. >> >> - DFOPTION - fixed that. >> - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. >> - I will add the bzip2-devel to the base packages. >> - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. >> - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. >> - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. >> - The unrar package is not a dependency. >> - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. >> >> >> Thanks for testing it out. >> >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >>> >>> On Sun, 15 Feb 2015, Jerry Benton wrote: >>> >>>> After an absurd amount of face-palming over two weeks: >>>> >>>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.g >>>> z >>>> >>>> Note: This is beta! If you install on on a production box, that?s on you. >>> >>> Hi >>> >>> I have tested the install script on CentOS 6. >>> >>> Here are my results: >>> - DFOPTION variable is undefined on non CentOS 7 >>> ./install.sh: line 409: [: ==: unary operator expected >>> >>> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >>> File::ShareDir::Install is missing. Installing via CPAN ... >>> Mail::ClamAV is missing. Installing via CPAN ... >>> >>> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >>> ... >>> /usr/bin/ld: cannot find -lbz2 >>> collect2: ld returned 1 exit status >>> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >>> make[1]: Leaving directory >>> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >>> >>> - IMOO answers should default to recommanded values (Y instead of N). >>> >>> - After rerunning the install script, >>> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >>> MailScanner --lint >>> >>> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >>> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >>> phishingblacklist does not exist (or can not be read) at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >>> >>> - Some configurations is needed (I am using postfix), you may want >>> to add it in QuickInstall.txt: >>> >>> Could not read directory /var/spool/mqueue at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >>> configuration file line 169, directory /var/spool/mqueue for >>> outqueuedir does not exist (or is not readable) at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >>> hostnames from the phishing whitelist >>> >>> - Unrar is not installed, it should be in /usr/bin/unrar. >>> This is required for RAR archives to be read to check filenames and >>> filetypes. Virus scanning is not affected. >>> >>> Two possibilities: switch to internal unrar or install it... >>> >>> - config: failed to parse line, skipping, in >>> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >>> >>> I haven't test this version of MailScanner for the moment, only the install script. >>> >>> Thanks for your work >>> >>> Regards, >>> >>> Christophe >>> >>> -- >>> ,-~~-.___. ._. >>> / | ' \ | |--------. Christophe GRENIER >>> ( ) 0 | | | grenier at cgsecurity.org >>> \_/-, ,----' | | | >>> ==== !_!-v---v--. >>> / \-'~; .--------. TestDisk & PhotoRec >>> / __/~| ._-""|| | Data Recovery >>> =( _____|_|____||________| http://www.cgsecurity.org-- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> Hoople Ltd, Registered in England and Wales No. 7556595 Registered >> office: Plough Lane, Hereford, HR4 0LE >> >> "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Wed Feb 18 15:32:03 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 10:32:03 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> Message-ID: Again, I do not disagree. However, there may be a situation for someone, somewhere, that cannot meet what we both consider to be sane. The file for the perl module existing on a system is not going to do any harm. The ?rm? command could do a lot more damage if used improperly, but we are not going to remove it just because of that. - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 9:41 AM, Glenn Steen wrote: > > Actually, it could. The way it sucks up resources, it really should > not only be deprecated, but removed entirely. Loading a fat copy of > the sigs into every MailWScanner child was OK when the sigs were > relatively few, but ... these days, the only sane way to use clamav is > via clamd. > > Cheers! > -- > -- Glenn > > On 18 February 2015 at 14:13, Jerry Benton wrote: >> Phil, >> >> I agree, but someone else may not. It doesn?t hurt to have the module available. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 18, 2015, at 7:35 AM, Randal, Phil wrote: >>> >>> Mail::Clamav should be sent to the great bit bucket in the sky. >>> >>> If ClamAV is selected during install, clamd and clamav should be installed with a note to the user to configure MailScanner to use clamd. >>> >>> Cheers, >>> >>> Phil >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>> Sent: 16 February 2015 21:24 >>> To: MailScanner discussion >>> Subject: Re: v4.85.1.0 Beta for Linux RPM Available >>> >>> Thanks for the feedback. >>> >>> - DFOPTION - fixed that. >>> - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. >>> - I will add the bzip2-devel to the base packages. >>> - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. >>> - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. >>> - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. >>> - The unrar package is not a dependency. >>> - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. >>> >>> >>> Thanks for testing it out. >>> >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >>>> >>>> On Sun, 15 Feb 2015, Jerry Benton wrote: >>>> >>>>> After an absurd amount of face-palming over two weeks: >>>>> >>>>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >>>>> >>>>> Note: This is beta! If you install on on a production box, that?s on you. >>>> >>>> Hi >>>> >>>> I have tested the install script on CentOS 6. >>>> >>>> Here are my results: >>>> - DFOPTION variable is undefined on non CentOS 7 >>>> ./install.sh: line 409: [: ==: unary operator expected >>>> >>>> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >>>> File::ShareDir::Install is missing. Installing via CPAN ... >>>> Mail::ClamAV is missing. Installing via CPAN ... >>>> >>>> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >>>> ... >>>> /usr/bin/ld: cannot find -lbz2 >>>> collect2: ld returned 1 exit status >>>> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >>>> make[1]: Leaving directory >>>> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >>>> >>>> - IMOO answers should default to recommanded values (Y instead of N). >>>> >>>> - After rerunning the install script, >>>> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >>>> MailScanner --lint >>>> >>>> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >>>> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >>>> phishingblacklist does not exist (or can not be read) at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >>>> >>>> - Some configurations is needed (I am using postfix), you may want to >>>> add it in QuickInstall.txt: >>>> >>>> Could not read directory /var/spool/mqueue at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >>>> configuration file line 169, directory /var/spool/mqueue for >>>> outqueuedir does not exist (or is not readable) at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >>>> hostnames from the phishing whitelist >>>> >>>> - Unrar is not installed, it should be in /usr/bin/unrar. >>>> This is required for RAR archives to be read to check filenames and >>>> filetypes. Virus scanning is not affected. >>>> >>>> Two possibilities: switch to internal unrar or install it... >>>> >>>> - config: failed to parse line, skipping, in >>>> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >>>> >>>> I haven't test this version of MailScanner for the moment, only the install script. >>>> >>>> Thanks for your work >>>> >>>> Regards, >>>> >>>> Christophe >>>> >>>> -- >>>> ,-~~-.___. ._. >>>> / | ' \ | |--------. Christophe GRENIER >>>> ( ) 0 | | | grenier at cgsecurity.org >>>> \_/-, ,----' | | | >>>> ==== !_!-v---v--. >>>> / \-'~; .--------. TestDisk & PhotoRec >>>> / __/~| ._-""|| | Data Recovery >>>> =( _____|_|____||________| http://www.cgsecurity.org-- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> Hoople Ltd, Registered in England and Wales No. 7556595 >>> Registered office: Plough Lane, Hereford, HR4 0LE >>> >>> "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > > > -- > -- Glenn > email: glenn < dot > steen < at > gmail < dot > com > work: glenn < dot > steen < at > ap1 < dot > se > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Wed Feb 18 15:43:28 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 10:43:28 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <7CA580B59C1ABD45B4614ED90D4C7B857EFB245F@HC-EXMBX03.herefordshire.gov.uk> References: <500054FE-F3E1-4C96-9156-3701792A109D@mailborder.com> <7CA580B59C1ABD45B4614ED90D4C7B857EFB245F@HC-EXMBX03.herefordshire.gov.uk> Message-ID: <31CFA6A0-956D-432F-86BE-256AA5E5BF30@mailborder.com> It is listed for RHEL 5 and 6. Only 6 works. (5 isn?t actually available from EPEL for some reason.) There is nothing for 7. That is why I built an RPM for it from source. The new installer tries to install it from Yum. If it can?t, it will install it from the RPM I made if you elect to do so. - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 10:13 AM, Randal, Phil wrote: > > By the way, tnef is available fro RGHEL/CentOS 5/6/7 from the repoforge yum repo. > > Cheers, > > Phil > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: 18 February 2015 13:35 > To: MailScanner discussion > Subject: Re: v4.85.1.0 Beta for Linux RPM Available > > Ok, updates were made based on feedback and further testing. I will do some more tests over the next 2 days in my lab on RHEL 5,6,7 on both 32 and 64 bit. Barring any other issues, I will move this to build 1 and release by Monday. I am working on the tarball release as well, but the MailScanner code won?t change once the RPM is finalized. Only the installer. > > https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz > > > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 16, 2015, at 4:24 PM, Jerry Benton wrote: >> >> Thanks for the feedback. >> >> - DFOPTION - fixed that. >> - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. >> - I will add the bzip2-devel to the base packages. >> - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. >> - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. >> - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. >> - The unrar package is not a dependency. >> - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. >> >> >> Thanks for testing it out. >> >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >>> >>> On Sun, 15 Feb 2015, Jerry Benton wrote: >>> >>>> After an absurd amount of face-palming over two weeks: >>>> >>>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >>>> >>>> Note: This is beta! If you install on on a production box, that?s on you. >>> >>> Hi >>> >>> I have tested the install script on CentOS 6. >>> >>> Here are my results: >>> - DFOPTION variable is undefined on non CentOS 7 >>> ./install.sh: line 409: [: ==: unary operator expected >>> >>> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >>> File::ShareDir::Install is missing. Installing via CPAN ... >>> Mail::ClamAV is missing. Installing via CPAN ... >>> >>> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >>> ... >>> /usr/bin/ld: cannot find -lbz2 >>> collect2: ld returned 1 exit status >>> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >>> make[1]: Leaving directory >>> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >>> >>> - IMOO answers should default to recommanded values (Y instead of N). >>> >>> - After rerunning the install script, >>> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >>> MailScanner --lint >>> >>> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >>> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >>> phishingblacklist does not exist (or can not be read) at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >>> >>> - Some configurations is needed (I am using postfix), you may want to >>> add it in QuickInstall.txt: >>> >>> Could not read directory /var/spool/mqueue at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >>> configuration file line 169, directory /var/spool/mqueue for >>> outqueuedir does not exist (or is not readable) at >>> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >>> hostnames from the phishing whitelist >>> >>> - Unrar is not installed, it should be in /usr/bin/unrar. >>> This is required for RAR archives to be read to check filenames and >>> filetypes. Virus scanning is not affected. >>> >>> Two possibilities: switch to internal unrar or install it... >>> >>> - config: failed to parse line, skipping, in >>> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >>> >>> I haven't test this version of MailScanner for the moment, only the install script. >>> >>> Thanks for your work >>> >>> Regards, >>> >>> Christophe >>> >>> -- >>> ,-~~-.___. ._. >>> / | ' \ | |--------. Christophe GRENIER >>> ( ) 0 | | | grenier at cgsecurity.org >>> \_/-, ,----' | | | >>> ==== !_!-v---v--. >>> / \-'~; .--------. TestDisk & PhotoRec >>> / __/~| ._-""|| | Data Recovery >>> =( _____|_|____||________| http://www.cgsecurity.org-- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > Hoople Ltd, Registered in England and Wales No. 7556595 > Registered office: Plough Lane, Hereford, HR4 0LE > > "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From Denis.Beauchemin at usherbrooke.ca Wed Feb 18 15:59:45 2015 From: Denis.Beauchemin at usherbrooke.ca (Denis Beauchemin) Date: Wed, 18 Feb 2015 15:59:45 +0000 Subject: Clean.quarantine In-Reply-To: <201502190137150526.19A1A03E@web.ace.net.au> References: <201502190137150526.19A1A03E@web.ace.net.au> Message-ID: Peter, The /etc/cron.daily/clean.quarantine script uses these variables: $quarantine_dir = '/var/spool/MailScanner/quarantine'; $days_to_keep = 30; You could create a new copy of the script such as /etc/cron.daily/clean.quarantine.spam and modify the variables to your liking. The script is not really intelligent and it does not know if you change the quarantine dir like I do: Quarantine Dir = %rules-dir%/quarantine.rules The file contains: To: *@usherbrooke.ca /quarantaine/usherbrooke To: default /quarantaine/autres I use these crontab entries to clean my quarantine: # clean nonspam 5 0 * * * /bin/rm -rf /quarantaine/*/$(date +\%Y\%m\%d --date "2 days ago")/nonspam # clean rest of quarantine 5 0 * * * /bin/rm -rf /quarantaine/*/$(date +\%Y\%m\%d --date "40 days ago")/ Denis -----Message d'origine----- De?: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] De la part de Peter Nitschke Envoy??: 18 f?vrier 2015 10:15 ??: mailscanner at lists.mailscanner.info Objet?: Clean.quarantine The current clean quarantine is great, but I would like to be able to have different days_to_keep for spam and for nonspam. There is more chance that someone will want to recover a mail that has been caught as spam, and as mails are having much more content, keeping non-spam for long doesn't make sense. Any help appreciated. -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From pas at unh.edu Wed Feb 18 16:03:41 2015 From: pas at unh.edu (Paul A Sand) Date: Wed, 18 Feb 2015 11:03:41 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <31CFA6A0-956D-432F-86BE-256AA5E5BF30@mailborder.com> References: <500054FE-F3E1-4C96-9156-3701792A109D@mailborder.com> <7CA580B59C1ABD45B4614ED90D4C7B857EFB245F@HC-EXMBX03.herefordshire.gov.uk> <31CFA6A0-956D-432F-86BE-256AA5E5BF30@mailborder.com> Message-ID: <20150218160341.GA16545@cisunix.unh.edu> * Jerry Benton [2015-02-18 10:52]: > [tnef] is listed for RHEL 5 and 6. Only 6 works. (5 isn?t actually > available from EPEL for some reason.) There is nothing for 7. That is why > I built an RPM for it from source. The new installer tries to install it > from Yum. If it can?t, it will install it from the RPM I made if you elect > to do so. I submitted a bug on this: https://bugzilla.redhat.com/show_bug.cgi?id=1193160 The maintainer says he'll take a look over the weekend. (His attempted build for el5 back in 2011 failed.) -- -- Paul A Sand -- Information Technology / University of New Hampshire -- http://pubpages.unh.edu/~pas -- Rikki lost my number. From rcooper at dwford.com Wed Feb 18 16:18:58 2015 From: rcooper at dwford.com (Rick Cooper) Date: Wed, 18 Feb 2015 11:18:58 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> Message-ID: <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> Glenn Steen wrote: > Actually, it could. The way it sucks up resources, it really should > not only be deprecated, but removed entirely. Loading a fat copy of > the sigs into every MailWScanner child was OK when the sigs were > relatively few, but ... these days, the only sane way to use clamav is > via clamd. > > Cheers! > -- > -- Glenn > > On 18 February 2015 at 14:13, Jerry Benton > wrote: >> Phil, >> >> I agree, but someone else may not. It doesn't hurt to have the >> module available. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 18, 2015, at 7:35 AM, Randal, Phil >>> wrote: >>> >>> Mail::Clamav should be sent to the great bit bucket in the sky. >>> >>> If ClamAV is selected during install, clamd and clamav should be >>> installed with a note to the user to configure MailScanner to use >>> clamd. >>> >>> Cheers, >>> >>> Phil >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>> Jerry Benton >>> Sent: 16 February 2015 21:24 >>> To: MailScanner discussion >>> Subject: Re: v4.85.1.0 Beta for Linux RPM Available >>> >>> Thanks for the feedback. >>> >>> - DFOPTION - fixed that. >>> - Mail::ClamAV is not a MailScanner dependency, but the script >>> attempts to install it if you elect to install Clam AV. There is no >>> RPM package for it. >>> - I will add the bzip2-devel to the base packages. >>> - I can look at what I can do with the default Y option. It is not >>> as easy or straight forward as it seems. >>> - I will check check the phishing.bad.sites.conf issue, but it did >>> install during the tests I did. >>> - You are missing /var/spool/mqueue because either you did not >>> install an MTA or you did not configure MailScanner.conf to use >>> your MTA. The script does not install an MTA for you or setup >>> MailScanner.conf. If you installed sendmail, you wouldn't get the >>> errors because the defaults in MailScanner.conf are for sendmail. >>> - The unrar package is not a dependency. >>> - the mailscanner.cf is a soft link created in the >>> /etc/mail/spamassassin directory to the spam.assassin.prefs.conf >>> file in /etc/MailScanner. If you did not elect to install >>> spamassassin the link won't be created. >>> >>> >>> Thanks for testing it out. >>> >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER >>>> wrote: >>>> >>>> On Sun, 15 Feb 2015, Jerry Benton wrote: >>>> >>>>> After an absurd amount of face-palming over two weeks: >>>>> >>>>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.gz >>>>> >>>>> Note: This is beta! If you install on on a production box, that's >>>>> on you. >>>> >>>> Hi >>>> >>>> I have tested the install script on CentOS 6. >>>> >>>> Here are my results: >>>> - DFOPTION variable is undefined on non CentOS 7 >>>> ./install.sh: line 409: [: ==: unary operator expected >>>> >>>> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even >>>> if you elect to use EPEL: File::ShareDir::Install is missing. >>>> Installing via CPAN ... >>>> Mail::ClamAV is missing. Installing via CPAN ... >>>> >>>> - bzip2-devel need to be installed otherwise Mail::ClamAV failed >>>> to be compiled: ... /usr/bin/ld: cannot find -lbz2 >>>> collect2: ld returned 1 exit status >>>> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >>>> make[1]: Leaving directory >>>> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >>>> >>>> - IMOO answers should default to recommanded values (Y instead of >>>> N). >>>> >>>> - After rerunning the install script, >>>> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as >>>> .old): >>>> MailScanner --lint >>>> >>>> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >>>> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >>>> phishingblacklist does not exist (or can not be read) at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >>>> >>>> - Some configurations is needed (I am using postfix), you may want >>>> to >>>> add it in QuickInstall.txt: >>>> >>>> Could not read directory /var/spool/mqueue at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >>>> configuration file line 169, directory /var/spool/mqueue for >>>> outqueuedir does not exist (or is not readable) at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >>>> hostnames from the phishing whitelist >>>> >>>> - Unrar is not installed, it should be in /usr/bin/unrar. >>>> This is required for RAR archives to be read to check filenames and >>>> filetypes. Virus scanning is not affected. >>>> >>>> Two possibilities: switch to internal unrar or install it... >>>> >>>> - config: failed to parse line, skipping, in >>>> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >>>> >>>> I haven't test this version of MailScanner for the moment, only >>>> the install script. >>>> >>>> Thanks for your work >>>> >>>> Regards, >>>> >>>> Christophe >>>> >>>> -- >>>> ,-~~-.___. ._. >>>> / | ' \ | |--------. Christophe GRENIER >>>> ( ) 0 | | | grenier at cgsecurity.org \_/-, ,----' >>>> | | | ==== !_!-v---v--. >>>> / \-'~; .--------. TestDisk & PhotoRec >>>> / __/~| ._-""|| | Data Recovery >>>> =( _____|_|____||________| http://www.cgsecurity.org-- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> Hoople Ltd, Registered in England and Wales No. 7556595 >>> Registered office: Plough Lane, Hereford, HR4 0LE >>> >>> "Any opinion expressed in this e-mail or any attached files are >>> those of the individual and not necessarily those of Hoople Ltd. >>> You should be aware that Hoople Ltd. monitors its email service. >>> This e-mail and any attached files are confidential and intended >>> solely for the use of the addressee. This communication may contain >>> material protected by law from being passed on. If you are not the >>> intended recipient and have received this e-mail in error, you are >>> advised that any use, dissemination, forwarding, printing or >>> copying of this e-mail is strictly prohibited. If you have received >>> this e-mail in error please contact the sender immediately and >>> destroy all copies of it." -- MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > > > -- > -- Glenn > email: glenn < dot > steen < at > gmail < dot > com > work: glenn < dot > steen < at > ap1 < dot > se This applies to SpamAssassin as well. I sent Jules code to move MailScanner to use the Spamd process years ago. Now the clamav module had a lot of issues because when internal defs within the clam code changed the module would puke until someone patched the module but it makes no sense to me why anything MailScanner shares should be based on a perl module if there is a daemon available to communicate with. Spamd protocol is pretty simple and fairly easy to integrate within MailScanner. The difference in speed is pretty much nil but the difference in MailScanner memory usage per child is significant. When I originally worked with JF to integrate the clamd code his biggest hesitation was he wasn't comfortable with network code... I would bet that was the biggest reason for handling postfix the way it's handled as well. Whoever is currently developing MS should really look at moving toward spamd support in place of the perl module Rick From jerry.benton at mailborder.com Wed Feb 18 16:25:00 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 11:25:00 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <7CA580B59C1ABD45B4614ED90D4C7B857EFB252A@HC-EXMBX03.herefordshire.gov.uk> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EFB252A@HC-EXMBX03.herefordshire.gov.uk> Message-ID: Ok, we need to stop beating this dead horse. In General: - I am aware that clamd is better. - I am aware of how a MailScanner child behaves when using the Mail::ClamAV module and the implications of doing so. - I am aware that any perl module can have, or appear to have, a bug when a new version of some other software comes out. The Installer: - You do not have to use the CPAN module remediation when using the new installer if you don?t want to. - You don?t have to opt to install ClamAV during installation and thus the installer will not even attempt to install the Mail::ClamAV module even if you select CPAN remediation for other items. - You can edit the installer and comment out line number 374 before you run it in the event that you do want to installer to try and remediate modules via CPAN but not Mail::ClamAV. The Conclusion: - The Mail::ClamAV perl module install option is staying in place until any use or reference to that module has been completely removed from the MailScanner source. So please stop beating me over the head regarding this issue. I am sure that each and every one raising this issue knows, or should know, that you just can?t rip something out based on your personal opinion regardless of supporting evidence without thorough review and testing of the item to include the implications of removing said item in respect to the insane number of MailScanner installations out there. If you have an actual solution, present it. Please do not just make a statement on how it should be in your opinion without a serious amount of research and testing supporting a documented solution. If you do this and it makes sense, then I guarantee you it will get done. - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 10:19 AM, Randal, Phil wrote: > > To expand on that: > > 1: each child has a full copy of the ClamAV database - that makes MailScanner children real memory hogs > > 2: each child has to load that DB on startup - which adds to server load and slows down throughput > > 3: weren't there issues with Mail::ClamAV and later versions of ClamAV, anyhow? See https://rt.cpan.org/Public/Bug/Display.html?id=96876 > > Cheers, > > Phil > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn Steen > Sent: 18 February 2015 14:41 > To: MailScanner discussion > Subject: Re: v4.85.1.0 Beta for Linux RPM Available > > Actually, it could. The way it sucks up resources, it really should not only be deprecated, but removed entirely. Loading a fat copy of the sigs into every MailWScanner child was OK when the sigs were relatively few, but ... these days, the only sane way to use clamav is via clamd. > > Cheers! > -- > -- Glenn > > On 18 February 2015 at 14:13, Jerry Benton wrote: >> Phil, >> >> I agree, but someone else may not. It doesn?t hurt to have the module available. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 18, 2015, at 7:35 AM, Randal, Phil wrote: >>> >>> Mail::Clamav should be sent to the great bit bucket in the sky. >>> >>> If ClamAV is selected during install, clamd and clamav should be installed with a note to the user to configure MailScanner to use clamd. >>> >>> Cheers, >>> >>> Phil >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>> Jerry Benton >>> Sent: 16 February 2015 21:24 >>> To: MailScanner discussion >>> Subject: Re: v4.85.1.0 Beta for Linux RPM Available >>> >>> Thanks for the feedback. >>> >>> - DFOPTION - fixed that. >>> - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. >>> - I will add the bzip2-devel to the base packages. >>> - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. >>> - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. >>> - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. >>> - The unrar package is not a dependency. >>> - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. >>> >>> >>> Thanks for testing it out. >>> >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >>>> >>>> On Sun, 15 Feb 2015, Jerry Benton wrote: >>>> >>>>> After an absurd amount of face-palming over two weeks: >>>>> >>>>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar.g >>>>> z >>>>> >>>>> Note: This is beta! If you install on on a production box, that?s on you. >>>> >>>> Hi >>>> >>>> I have tested the install script on CentOS 6. >>>> >>>> Here are my results: >>>> - DFOPTION variable is undefined on non CentOS 7 >>>> ./install.sh: line 409: [: ==: unary operator expected >>>> >>>> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >>>> File::ShareDir::Install is missing. Installing via CPAN ... >>>> Mail::ClamAV is missing. Installing via CPAN ... >>>> >>>> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >>>> ... >>>> /usr/bin/ld: cannot find -lbz2 >>>> collect2: ld returned 1 exit status >>>> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >>>> make[1]: Leaving directory >>>> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >>>> >>>> - IMOO answers should default to recommanded values (Y instead of N). >>>> >>>> - After rerunning the install script, >>>> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >>>> MailScanner --lint >>>> >>>> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >>>> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >>>> phishingblacklist does not exist (or can not be read) at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >>>> >>>> - Some configurations is needed (I am using postfix), you may want >>>> to add it in QuickInstall.txt: >>>> >>>> Could not read directory /var/spool/mqueue at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >>>> configuration file line 169, directory /var/spool/mqueue for >>>> outqueuedir does not exist (or is not readable) at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >>>> hostnames from the phishing whitelist >>>> >>>> - Unrar is not installed, it should be in /usr/bin/unrar. >>>> This is required for RAR archives to be read to check filenames and >>>> filetypes. Virus scanning is not affected. >>>> >>>> Two possibilities: switch to internal unrar or install it... >>>> >>>> - config: failed to parse line, skipping, in >>>> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >>>> >>>> I haven't test this version of MailScanner for the moment, only the install script. >>>> >>>> Thanks for your work >>>> >>>> Regards, >>>> >>>> Christophe >>>> >>>> -- >>>> ,-~~-.___. ._. >>>> / | ' \ | |--------. Christophe GRENIER >>>> ( ) 0 | | | grenier at cgsecurity.org >>>> \_/-, ,----' | | | >>>> ==== !_!-v---v--. >>>> / \-'~; .--------. TestDisk & PhotoRec >>>> / __/~| ._-""|| | Data Recovery >>>> =( _____|_|____||________| http://www.cgsecurity.org-- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> Hoople Ltd, Registered in England and Wales No. 7556595 Registered >>> office: Plough Lane, Hereford, HR4 0LE >>> >>> "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > > > -- > -- Glenn > email: glenn < dot > steen < at > gmail < dot > com > work: glenn < dot > steen < at > ap1 < dot > se > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From email at ace.net.au Wed Feb 18 17:01:20 2015 From: email at ace.net.au (Peter Nitschke) Date: Thu, 19 Feb 2015 03:31:20 +1030 Subject: Clean.quarantine In-Reply-To: References: <201502190137150526.19A1A03E@web.ace.net.au> Message-ID: <201502190331200698.1A0A1332@web.ace.net.au> Hi Dennis, Thanks for your prompt reply. I don't get this bit, which seems to be stopping me from understanding what you are doing. The file contains: To: *@usherbrooke.ca /quarantaine/usherbrooke To: default /quarantaine/autres Then below that you use "quarantaine" a couple more times, is that just a typo? Cheers, Peter *********** REPLY SEPARATOR *********** On 18/02/2015 at 3:59 PM Denis Beauchemin wrote: >This encoded message has been converted to an attachment. > >Peter, > >The /etc/cron.daily/clean.quarantine script uses these variables: >$quarantine_dir = '/var/spool/MailScanner/quarantine'; >$days_to_keep = 30; > >You could create a new copy of the script such as >/etc/cron.daily/clean.quarantine.spam and modify the variables to your >liking. > >The script is not really intelligent and it does not know if you change >the quarantine dir like I do: >Quarantine Dir = %rules-dir%/quarantine.rules > >The file contains: >To: *@usherbrooke.ca /quarantaine/usherbrooke >To: default /quarantaine/autres > >I use these crontab entries to clean my quarantine: ># clean nonspam >5 0 * * * /bin/rm -rf /quarantaine/*/$(date +\%Y\%m\%d --date "2 days >ago")/nonspam ># clean rest of quarantine >5 0 * * * /bin/rm -rf /quarantaine/*/$(date +\%Y\%m\%d --date "40 days >ago")/ > >Denis > >-----Message d'origine----- >De??: mailscanner-bounces at lists.mailscanner.info >[mailto:mailscanner-bounces at lists.mailscanner.info] De la part de Peter >Nitschke >Envoy????: 18 f??vrier 2015 10:15 >????: mailscanner at lists.mailscanner.info >Objet??: Clean.quarantine > >The current clean quarantine is great, but I would like to be able to have >different days_to_keep for spam and for nonspam. > >There is more chance that someone will want to recover a mail that has >been caught as spam, and as mails are having much more content, keeping >non-spam for long doesn't make sense. > >Any help appreciated. > > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/mailman/listinfo/mailscanner > >Before posting, read http://wiki.mailscanner.info/posting > >Support MailScanner development - buy the book off the website! >-- MailScanner mailing >list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From phil.randal at hoopleltd.co.uk Wed Feb 18 17:29:34 2015 From: phil.randal at hoopleltd.co.uk (Randal, Phil) Date: Wed, 18 Feb 2015 17:29:34 +0000 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <7CA580B59C1ABD45B4614ED90D4C7B857EFB252A@HC-EXMBX03.herefordshire.gov.uk> Message-ID: <7CA580B59C1ABD45B4614ED90D4C7B857EFB2F15@HC-EXMBX03.herefordshire.gov.uk> My comments were there to encourage list readers to switch to clamd if they already haven't. Cheers, Phil -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: 18 February 2015 16:25 To: MailScanner discussion Subject: Re: v4.85.1.0 Beta for Linux RPM Available Ok, we need to stop beating this dead horse. In General: - I am aware that clamd is better. - I am aware of how a MailScanner child behaves when using the Mail::ClamAV module and the implications of doing so. - I am aware that any perl module can have, or appear to have, a bug when a new version of some other software comes out. The Installer: - You do not have to use the CPAN module remediation when using the new installer if you don?t want to. - You don?t have to opt to install ClamAV during installation and thus the installer will not even attempt to install the Mail::ClamAV module even if you select CPAN remediation for other items. - You can edit the installer and comment out line number 374 before you run it in the event that you do want to installer to try and remediate modules via CPAN but not Mail::ClamAV. The Conclusion: - The Mail::ClamAV perl module install option is staying in place until any use or reference to that module has been completely removed from the MailScanner source. So please stop beating me over the head regarding this issue. I am sure that each and every one raising this issue knows, or should know, that you just can?t rip something out based on your personal opinion regardless of supporting evidence without thorough review and testing of the item to include the implications of removing said item in respect to the insane number of MailScanner installations out there. If you have an actual solution, present it. Please do not just make a statement on how it should be in your opinion without a serious amount of research and testing supporting a documented solution. If you do this and it makes sense, then I guarantee you it will get done. - Jerry Benton www.mailborder.com > On Feb 18, 2015, at 10:19 AM, Randal, Phil wrote: > > To expand on that: > > 1: each child has a full copy of the ClamAV database - that makes > MailScanner children real memory hogs > > 2: each child has to load that DB on startup - which adds to server > load and slows down throughput > > 3: weren't there issues with Mail::ClamAV and later versions of > ClamAV, anyhow? See > https://rt.cpan.org/Public/Bug/Display.html?id=96876 > > Cheers, > > Phil > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info > [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn > Steen > Sent: 18 February 2015 14:41 > To: MailScanner discussion > Subject: Re: v4.85.1.0 Beta for Linux RPM Available > > Actually, it could. The way it sucks up resources, it really should not only be deprecated, but removed entirely. Loading a fat copy of the sigs into every MailWScanner child was OK when the sigs were relatively few, but ... these days, the only sane way to use clamav is via clamd. > > Cheers! > -- > -- Glenn > > On 18 February 2015 at 14:13, Jerry Benton wrote: >> Phil, >> >> I agree, but someone else may not. It doesn?t hurt to have the module available. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 18, 2015, at 7:35 AM, Randal, Phil wrote: >>> >>> Mail::Clamav should be sent to the great bit bucket in the sky. >>> >>> If ClamAV is selected during install, clamd and clamav should be installed with a note to the user to configure MailScanner to use clamd. >>> >>> Cheers, >>> >>> Phil >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>> Jerry Benton >>> Sent: 16 February 2015 21:24 >>> To: MailScanner discussion >>> Subject: Re: v4.85.1.0 Beta for Linux RPM Available >>> >>> Thanks for the feedback. >>> >>> - DFOPTION - fixed that. >>> - Mail::ClamAV is not a MailScanner dependency, but the script attempts to install it if you elect to install Clam AV. There is no RPM package for it. >>> - I will add the bzip2-devel to the base packages. >>> - I can look at what I can do with the default Y option. It is not as easy or straight forward as it seems. >>> - I will check check the phishing.bad.sites.conf issue, but it did install during the tests I did. >>> - You are missing /var/spool/mqueue because either you did not install an MTA or you did not configure MailScanner.conf to use your MTA. The script does not install an MTA for you or setup MailScanner.conf. If you installed sendmail, you wouldn?t get the errors because the defaults in MailScanner.conf are for sendmail. >>> - The unrar package is not a dependency. >>> - the mailscanner.cf is a soft link created in the /etc/mail/spamassassin directory to the spam.assassin.prefs.conf file in /etc/MailScanner. If you did not elect to install spamassassin the link won?t be created. >>> >>> >>> Thanks for testing it out. >>> >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 16, 2015, at 12:23 PM, Christophe GRENIER wrote: >>>> >>>> On Sun, 15 Feb 2015, Jerry Benton wrote: >>>> >>>>> After an absurd amount of face-palming over two weeks: >>>>> >>>>> https://s3.amazonaws.com/mailscanner/MailScanner-4.85.1-0.rpm.tar. >>>>> g >>>>> z >>>>> >>>>> Note: This is beta! If you install on on a production box, that?s on you. >>>> >>>> Hi >>>> >>>> I have tested the install script on CentOS 6. >>>> >>>> Here are my results: >>>> - DFOPTION variable is undefined on non CentOS 7 >>>> ./install.sh: line 409: [: ==: unary operator expected >>>> >>>> - For RHEL 6 the dependencies are NOT fulfilled 100% by yum even if you elect to use EPEL: >>>> File::ShareDir::Install is missing. Installing via CPAN ... >>>> Mail::ClamAV is missing. Installing via CPAN ... >>>> >>>> - bzip2-devel need to be installed otherwise Mail::ClamAV failed to be compiled: >>>> ... >>>> /usr/bin/ld: cannot find -lbz2 >>>> collect2: ld returned 1 exit status >>>> make[1]: *** [blib/arch/auto/Mail/ClamAV/ClamAV.so] Error 1 >>>> make[1]: Leaving directory >>>> `/root/.cpan/build/Mail-ClamAV-0.29-JoeFgy/_Inline/build/Mail/ClamAV' >>>> >>>> - IMOO answers should default to recommanded values (Y instead of N). >>>> >>>> - After rerunning the install script, >>>> /etc/MailScanner/phishing.bad.sites.conf is missing (renamed as .old): >>>> MailScanner --lint >>>> >>>> Could not read file /etc/MailScanner/phishing.bad.sites.conf at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 2864 Error in line >>>> 990, file "/etc/MailScanner/phishing.bad.sites.conf" for >>>> phishingblacklist does not exist (or can not be read) at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 3066 >>>> >>>> - Some configurations is needed (I am using postfix), you may want >>>> to add it in QuickInstall.txt: >>>> >>>> Could not read directory /var/spool/mqueue at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 2874 Error in >>>> configuration file line 169, directory /var/spool/mqueue for >>>> outqueuedir does not exist (or is not readable) at >>>> /usr/lib/MailScanner/MailScanner/Config.pm line 3238 Read 868 >>>> hostnames from the phishing whitelist >>>> >>>> - Unrar is not installed, it should be in /usr/bin/unrar. >>>> This is required for RAR archives to be read to check filenames and >>>> filetypes. Virus scanning is not affected. >>>> >>>> Two possibilities: switch to internal unrar or install it... >>>> >>>> - config: failed to parse line, skipping, in >>>> "/etc/mail/spamassassin/mailscanner.cf": use_auto_whitelist 0 >>>> >>>> I haven't test this version of MailScanner for the moment, only the install script. >>>> >>>> Thanks for your work >>>> >>>> Regards, >>>> >>>> Christophe >>>> >>>> -- >>>> ,-~~-.___. ._. >>>> / | ' \ | |--------. Christophe GRENIER >>>> ( ) 0 | | | grenier at cgsecurity.org >>>> \_/-, ,----' | | | >>>> ==== !_!-v---v--. >>>> / \-'~; .--------. TestDisk & PhotoRec >>>> / __/~| ._-""|| | Data Recovery >>>> =( _____|_|____||________| http://www.cgsecurity.org-- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> Hoople Ltd, Registered in England and Wales No. 7556595 Registered >>> office: Plough Lane, Hereford, HR4 0LE >>> >>> "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > > > -- > -- Glenn > email: glenn < dot > steen < at > gmail < dot > com > work: glenn < dot > steen < at > ap1 < dot > se > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From kevin.miller at juneau.org Wed Feb 18 17:53:03 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Wed, 18 Feb 2015 17:53:03 +0000 Subject: Clean.quarantine In-Reply-To: References: <201502190137150526.19A1A03E@web.ace.net.au> Message-ID: One thing to be aware of, with two different deletion routines is if he's also using MailWatch or some other database to interface with MailScanner, it will be necessary to clean/sync the database with the disk storage. Or just realize that although messages appear to exist in MailWatch they may in fact be gone... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From kevin.miller at juneau.org Wed Feb 18 18:06:57 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Wed, 18 Feb 2015 18:06:57 +0000 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> Message-ID: <11b7d798573d4e05af7f1b5178f10c61@City-Exch-DB1.cbj.local> So I'm confused. Pretty much my normal state . Is the clamavmodule loaded at MS startup, or merely installed on the drive? If the latter, then there's no performance hit unless you're down to your last few hundred bytes of free space, in which case you probably have imminent bigger issues. In my MailScanner.conf is the line: Virus Scanners = f-secure clamd I get hits with both scanners, so apparently clamd is working as advertised. I don't understand the reference to "network code" and "moving toward spamd support". Isn't spamd support there already? If all the installer is doing is dropping a perl module in place then it's just offering an option to those that perhaps can't run clamd for some reason, right? Or am I missing something... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > This applies to SpamAssassin as well. I sent Jules code to move > MailScanner to use the Spamd process years ago. Now the clamav module > had a lot of issues because when internal defs within the clam code > changed the module would puke until someone patched the module but it > makes no sense to me why anything MailScanner shares should be based on > a perl module if there is a daemon available to communicate with. Spamd > protocol is pretty simple and fairly easy to integrate within > MailScanner. The difference in speed is pretty much nil but the > difference in MailScanner memory usage per child is significant. When I > originally worked with JF to integrate the clamd code his biggest > hesitation was he wasn't comfortable with network code... I would bet > that was the biggest reason for handling postfix the way it's handled as > well. Whoever is currently developing MS should really look at moving > toward spamd support in place of the perl module From bonivart at opencsw.org Wed Feb 18 18:46:12 2015 From: bonivart at opencsw.org (Peter Bonivart) Date: Wed, 18 Feb 2015 19:46:12 +0100 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> Message-ID: On Wed, Feb 18, 2015 at 5:18 PM, Rick Cooper wrote: > This applies to SpamAssassin as well. I sent Jules code to move MailScanner > to use the Spamd process years ago. Now the clamav module had a lot of > issues because when internal defs within the clam code changed the module > would puke until someone patched the module but it makes no sense to me why > anything MailScanner shares should be based on a perl module if there is a > daemon available to communicate with. Spamd protocol is pretty simple and > fairly easy to integrate within MailScanner. The difference in speed is > pretty much nil but the difference in MailScanner memory usage per child is > significant. When I originally worked with JF to integrate the clamd code > his biggest hesitation was he wasn't comfortable with network code... I > would bet that was the biggest reason for handling postfix the way it's > handled as well. Whoever is currently developing MS should really look at > moving toward spamd support in place of the perl module That's still a great idea, I remember it from back in the day. However, I think it's high time to close the wish list for this long awaited release and start filling it for the next one or we may have to wait a few more years. :) /peter From Denis.Beauchemin at usherbrooke.ca Wed Feb 18 18:53:16 2015 From: Denis.Beauchemin at usherbrooke.ca (Denis Beauchemin) Date: Wed, 18 Feb 2015 18:53:16 +0000 Subject: Clean.quarantine In-Reply-To: <201502190331200698.1A0A1332@web.ace.net.au> References: <201502190137150526.19A1A03E@web.ace.net.au> <201502190331200698.1A0A1332@web.ace.net.au> Message-ID: Peter, My quarantine dir is named /quarantaine (which is French for quarantine). /quarantaine/usherbrooke gets all emails destined to our local email addresses, while /quarantaine/autres gets the others (autres means others). BTW there was a typo in the crontab entries that got concatenated on a single line. The entries should look like this: # delete nonspam older than 2 days 5 0 * * * /bin/rm -rf /quarantaine/*/$(date +\%Y\%m\%d --date "2 days ago")/nonspam # delete spam older than 40 days 5 0 * * * /bin/rm -rf /quarantaine/*/$(date +\%Y\%m\%d --date "40 days ago")/ Denis -----Message d'origine----- De?: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] De la part de Peter Nitschke Envoy??: 18 f?vrier 2015 12:25 ??: mailscanner at lists.mailscanner.info Objet?: RE: Clean.quarantine Hi Dennis, Thanks for your prompt reply. I don't get this bit, which seems to be stopping me from understanding what you are doing. The file contains: To: *@usherbrooke.ca /quarantaine/usherbrooke To: default /quarantaine/autres Then below that you use "quarantaine" a couple more times, is that just a typo? Cheers, Peter *********** REPLY SEPARATOR *********** On 18/02/2015 at 3:59 PM Denis Beauchemin wrote: >This encoded message has been converted to an attachment. > >Peter, > >The /etc/cron.daily/clean.quarantine script uses these variables: >$quarantine_dir = '/var/spool/MailScanner/quarantine'; >$days_to_keep = 30; > >You could create a new copy of the script such as >/etc/cron.daily/clean.quarantine.spam and modify the variables to your >liking. > >The script is not really intelligent and it does not know if you change >the quarantine dir like I do: >Quarantine Dir = %rules-dir%/quarantine.rules > >The file contains: >To: *@usherbrooke.ca /quarantaine/usherbrooke >To: default /quarantaine/autres > >I use these crontab entries to clean my quarantine: ># clean nonspam >5 0 * * * /bin/rm -rf /quarantaine/*/$(date +\%Y\%m\%d --date "2 days >ago")/nonspam # clean rest of quarantine >5 0 * * * /bin/rm -rf /quarantaine/*/$(date +\%Y\%m\%d --date "40 days >ago")/ > >Denis > >-----Message d'origine----- >De?: mailscanner-bounces at lists.mailscanner.info >[mailto:mailscanner-bounces at lists.mailscanner.info] De la part de Peter >Nitschke Envoy??: 18 f?vrier 2015 10:15 ??: >mailscanner at lists.mailscanner.info >Objet?: Clean.quarantine > >The current clean quarantine is great, but I would like to be able to >have different days_to_keep for spam and for nonspam. > >There is more chance that someone will want to recover a mail that has >been caught as spam, and as mails are having much more content, keeping >non-spam for long doesn't make sense. > >Any help appreciated. > > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/mailman/listinfo/mailscanner > >Before posting, read http://wiki.mailscanner.info/posting > >Support MailScanner development - buy the book off the website! >-- MailScanner mailing >list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From rcooper at dwford.com Wed Feb 18 20:00:27 2015 From: rcooper at dwford.com (Rick Cooper) Date: Wed, 18 Feb 2015 15:00:27 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <11b7d798573d4e05af7f1b5178f10c61@City-Exch-DB1.cbj.local> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk><746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> <11b7d798573d4e05af7f1b5178f10c61@City-Exch-DB1.cbj.local> Message-ID: <952E1733F61D4676AFA959C9796FE6EB@SAHOMELT> Kevin Miller wrote: > So I'm confused. Pretty much my normal state . > > Is the clamavmodule loaded at MS startup, or merely installed on the > drive? If the latter, then there's no performance hit unless you're > down to your last few hundred bytes of free space, in which case you > probably have imminent bigger issues. > > In my MailScanner.conf is the line: > Virus Scanners = f-secure clamd > > I get hits with both scanners, so apparently clamd is working as > advertised. I don't understand the reference to "network code" and > "moving toward spamd support". Isn't spamd support there already? > If MS is not configured to use the module it doesn't load anything. The network code statement really should have read sockets in general, TCP or unix as both clamd and spamd will talk on either. With clamd MailScanner communicates with the daemon via sockets (TCP/unix) and there is nothing loaded such as signatures. MailScanner does NOT use spamd it uses a perl module much like clamav module so for each child everything is loaded, IIRC it's on the order of about 30+MB per child. MailScanner has no use for a running instance of spamd, if it did it would reduce the MailScanner foot print nearly as much as supporting clamd did way back when I first wrote the code and JF finally agreed to include it in the code base. > If all the installer is doing is dropping a perl module in place then > it's just offering an option to those that perhaps can't run clamd > for some reason, right? Or am I missing something... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 > Registered Linux User No: 307357 > > >> This applies to SpamAssassin as well. I sent Jules code to move >> MailScanner to use the Spamd process years ago. Now the clamav module >> had a lot of issues because when internal defs within the clam code >> changed the module would puke until someone patched the module but it >> makes no sense to me why anything MailScanner shares should be based >> on a perl module if there is a daemon available to communicate with. >> Spamd protocol is pretty simple and fairly easy to integrate within >> MailScanner. The difference in speed is pretty much nil but the >> difference in MailScanner memory usage per child is significant. >> When I originally worked with JF to integrate the clamd code his >> biggest hesitation was he wasn't comfortable with network code... I >> would bet that was the biggest reason for handling postfix the way >> it's handled as well. Whoever is currently developing MS should >> really look at moving toward spamd support in place of the perl >> module From kevin.miller at juneau.org Wed Feb 18 20:29:50 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Wed, 18 Feb 2015 20:29:50 +0000 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <952E1733F61D4676AFA959C9796FE6EB@SAHOMELT> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk><746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> <11b7d798573d4e05af7f1b5178f10c61@City-Exch-DB1.cbj.local> <952E1733F61D4676AFA959C9796FE6EB@SAHOMELT> Message-ID: <0166f14056a1448ba5b146c01214de9b@City-Exch-DB1.cbj.local> Ugh. Brain fart. Clamd != spamd. Got it. Sigh... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Rick Cooper > Sent: Wednesday, February 18, 2015 11:00 AM > To: 'MailScanner discussion' > Subject: RE: v4.85.1.0 Beta for Linux RPM Available > > Kevin Miller wrote: > > So I'm confused. Pretty much my normal state . > > > > Is the clamavmodule loaded at MS startup, or merely installed on the > > drive? If the latter, then there's no performance hit unless you're > > down to your last few hundred bytes of free space, in which case you > > probably have imminent bigger issues. > > > > In my MailScanner.conf is the line: > > Virus Scanners = f-secure clamd > > > > I get hits with both scanners, so apparently clamd is working as > > advertised. I don't understand the reference to "network code" and > > "moving toward spamd support". Isn't spamd support there already? > > > If MS is not configured to use the module it doesn't load anything. The > network code statement really should have read sockets in general, TCP > or unix as both clamd and spamd will talk on either. With clamd > MailScanner communicates with the daemon via sockets (TCP/unix) and > there is nothing loaded such as signatures. MailScanner does NOT use > spamd it uses a perl module much like clamav module so for each child > everything is loaded, IIRC it's on the order of about 30+MB per child. > MailScanner has no use for a running instance of spamd, if it did it > would reduce the MailScanner foot print nearly as much as supporting > clamd did way back when I first wrote the code and JF finally agreed to > include it in the code base. > > > If all the installer is doing is dropping a perl module in place then > > it's just offering an option to those that perhaps can't run clamd for > > some reason, right? Or am I missing something... > > > > ...Kevin > > -- > > Kevin Miller > > Network/email Administrator, CBJ MIS Dept. > > 155 South Seward Street > > Juneau, Alaska 99801 > > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > > 307357 > > > > > >> This applies to SpamAssassin as well. I sent Jules code to move > >> MailScanner to use the Spamd process years ago. Now the clamav module > >> had a lot of issues because when internal defs within the clam code > >> changed the module would puke until someone patched the module but it > >> makes no sense to me why anything MailScanner shares should be based > >> on a perl module if there is a daemon available to communicate with. > >> Spamd protocol is pretty simple and fairly easy to integrate within > >> MailScanner. The difference in speed is pretty much nil but the > >> difference in MailScanner memory usage per child is significant. > >> When I originally worked with JF to integrate the clamd code his > >> biggest hesitation was he wasn't comfortable with network code... I > >> would bet that was the biggest reason for handling postfix the way > >> it's handled as well. Whoever is currently developing MS should > >> really look at moving toward spamd support in place of the perl > >> module > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Wed Feb 18 22:04:08 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 17:04:08 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <11b7d798573d4e05af7f1b5178f10c61@City-Exch-DB1.cbj.local> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> <11b7d798573d4e05af7f1b5178f10c61@City-Exch-DB1.cbj.local> Message-ID: <3106383B-80BA-4005-987B-160FD02DD8FF@mailborder.com> > > On Feb 18, 2015, at 1:06 PM, Kevin Miller wrote: > > If all the installer is doing is dropping a perl module in place then it's just offering an option to those that perhaps can't run clamd for some reason, right? Or am I missing something... > That is correct and my point. - Jerry Benton www.mailborder.com From jerry.benton at mailborder.com Wed Feb 18 22:11:16 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 17:11:16 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> Message-ID: <039E7436-3C57-4FDB-B556-0180D95D4930@mailborder.com> > > On Feb 18, 2015, at 11:18 AM, Rick Cooper wrote: > > This applies to SpamAssassin as well. I sent Jules code to move MailScanner > to use the Spamd process years ago. Now the clamav module had a lot of > issues because when internal defs within the clam code changed the module > would puke until someone patched the module but it makes no sense to me why > anything MailScanner shares should be based on a perl module if there is a > daemon available to communicate with. Spamd protocol is pretty simple and > fairly easy to integrate within MailScanner. The difference in speed is > pretty much nil but the difference in MailScanner memory usage per child is > significant. When I originally worked with JF to integrate the clamd code > his biggest hesitation was he wasn't comfortable with network code... I > would bet that was the biggest reason for handling postfix the way it's > handled as well. Whoever is currently developing MS should really look at > moving toward spamd support in place of the perl module. Rick, Please send me the working code you have for this. I will add it to the development of the next version. The same is true for Postfix handling if you have anything. I have spoken to Wietse Venema regarding MailScanner integration of Postfix and he doesn?t like how it is currently done and posted a recommendation years ago on postfix.org that Postfix shouldn?t be used with MailScanner. In short, MailScanner should be using a milter for Postfix. - Jerry Benton www.mailborder.com From jerry.benton at mailborder.com Wed Feb 18 22:15:18 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 18 Feb 2015 17:15:18 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> Message-ID: > On Feb 18, 2015, at 1:46 PM, Peter Bonivart wrote: > > That's still a great idea, I remember it from back in the day. > However, I think it's high time to close the wish list for this long > awaited release and start filling it for the next one or we may have > to wait a few more years. :) > I agreed to take over as lead for the project because my Mailborder business depends on the success of MailScanner. I have developed an affinity for things like food and shelter, so it is deeply in my interest that the MailScanner project succeed. - Jerry Benton www.mailborder.com From James.Nelson at vgt.net Wed Feb 18 22:42:45 2015 From: James.Nelson at vgt.net (James Nelson) Date: Wed, 18 Feb 2015 22:42:45 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: Hey Kevin\Alex\Denis\Glenn, Sorry, the slash direction was a typo as a result of responding on my phone. They are forward slashes in the actual files. Kevin?Yes, virus scanning works. I?ve sent the EICAR file as a test, and additionally its caught legitimate viruses since installation. I see the entries in the maillog for virus\spam scanning, but no mention of file scanning?no error there or in the system log. Denis- I?ve mostly been trying to make rulesets work for these purposes, but I did try explicitly defining the restrictions as a troubleshooting measure. The information in the mailscanner.conf file seems to indicate that this is supported: # To simplify web-based configuration systems, there are now two extra # settings here. They are both intended for use with normal rulesets # that you would expect to find in %rules-dir%. The first gives a list # of patterns to match against the attachment filenames, and a filename # is allowed if it matches any of these patterns. The second gives the # the equivalent list for patterns that are used to deny filenames. # If either of these match at all, then filename.rules.conf is ignored # for that filename. # So you can easily have a set like this: # Allow Filenames = \.txt$ \.pdf$ # Deny Filenames = \.com$ \.exe$ \.cpl$ \.pif$ Glenn?I have verified that MailScanner is processing these messages. We?ve had it in place for a few months, and the SpamAssassin\ClamAV components are processing and catching mail as expected. I can see all of MailScanner\SpamAssassin?s header info, and it states that it?s processed by postfix, as I Would expect. I?ve run Mailscann ?-lint and MailScanner --debug with no errors detected, but here?s the results anyway: Trying to setlogsock(unix) Reading configuration file /etc/MailScanner/MailScanner.conf Read 876 hostnames from the phishing whitelist Read 5890 hostnames from the phishing blacklists Config: calling custom init function MailWatchLogging Started SQL Logging child Checking version numbers... Version number in MailScanner.conf (4.84.6) is correct. Your envelope_sender_header in spam.assassin.prefs.conf is correct. MailScanner setting GID to (89) MailScanner setting UID to (89) Checking for SpamAssassin errors (if you use it)... Using SpamAssassin results cache Connected to SpamAssassin cache database SpamAssassin reported no errors. Connected to Processing Attempts Database Created Processing Attempts Database successfully There are 0 messages in the Processing Attempts Database Using locktype = posix MailScanner.conf says "Virus Scanners = clamd" Found these virus scanners installed: clamd =========================================================================== Filename Checks: Windows/DOS Executable (1 eicar.com) Other Checks: Found 1 problems Virus and Content Scanning: Starting Clamd::INFECTED::Eicar-Test-Signature :: ./1/ Clamd::INFECTED:: Eicar-Test-Signature :: ./1/eicar.com Virus Scanning: Clamd found 2 infections Infected message 1 came from 10.1.1.1 Virus Scanning: Found 2 viruses =========================================================================== Virus Scanner test reports: Clamd said "eicar.com was infected: Eicar-Test-Signature" If any of your virus scanners (clamd) are not listed there, you should check that they are installed correctly and that MailScanner is finding them correctly via its virus.scanners.conf. Config: calling custom end function MailWatchLogging And debug log, using an external account I sent myself a ZIP file, which should be blocked. The only thing I noticed where it even seemed to be looking at a file was this: 16:31:07 Feb 18 16:31:07.790 [5557] dbg: message: ---- MIME PARSER START ---- 16:31:07 Feb 18 16:31:07.790 [5557] dbg: message: parsing multipart, got boundary: 047d7bdc131a7ef13b050f645fc3 16:31:07 Feb 18 16:31:07.790 [5557] dbg: message: found part of type multipart/alternative, boundary: 047d7bdc131a7ef134050f645fc1 16:31:07 Feb 18 16:31:07.790 [5557] dbg: message: added part, type: multipart/alternative 16:31:07 Feb 18 16:31:07.791 [5557] dbg: message: found part of type application/zip, boundary: 047d7bdc131a7ef13b050f645fc3 16:31:07 Feb 18 16:31:07.791 [5557] dbg: message: added part, type: application/zip 16:31:07 Feb 18 16:31:07.791 [5557] dbg: message: parsing multipart, got boundary: 047d7bdc131a7ef134050f645fc1 16:31:07 Feb 18 16:31:07.791 [5557] dbg: message: found part of type text/plain, boundary: 047d7bdc131a7ef134050f645fc1 16:31:07 Feb 18 16:31:07.791 [5557] dbg: message: added part, type: text/plain 16:31:07 Feb 18 16:31:07.791 [5557] dbg: message: found part of type text/html, boundary: 047d7bdc131a7ef134050f645fc1 16:31:07 Feb 18 16:31:07.792 [5557] dbg: message: added part, type: text/html 16:31:07 Feb 18 16:31:07.792 [5557] dbg: message: parsing normal part 16:31:07 Feb 18 16:31:07.792 [5557] dbg: message: parsing normal part 16:31:07 Feb 18 16:31:07.792 [5557] dbg: message: parsing normal part 16:31:07 Feb 18 16:31:07.792 [5557] dbg: message: ---- MIME PARSER END ---- -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn Steen Sent: Wednesday, February 18, 2015 8:53 AM To: MailScanner discussion Subject: Re: Filename Restrictions Not working Have you checked that there are headers in the delivered mails that indicate that MailScanner has been involved? If not, especially with some MTAs (like Postfix), it seems like you've gogofed your install a bit and there is still a "non-MS-aware MTA" running, which would just deliver/relay any mails.... Further... When you've fixed your typos (the back-forwardslash thing for example), do as Denis says and try a lint run. If that works, then do a debug run: shut down MailScanner, then as the Run As user run: MailScanner --debug wrote: > Agreed : you should use forward slashes ?/? in all MS config files > whenever you want to refer to a file path. And I?m also pretty sure > you can?t put ?allow/deny? filetypes rules directly in MailScanner.conf. > > > > Have you tried ?MailScanner --lint?? If so, don?t you have any errors? > > > > Denis > > > > > > De : mailscanner-bounces at lists.mailscanner.info > [mailto:mailscanner-bounces at lists.mailscanner.info] De la part de > James Nelson Envoy? : 17 f?vrier 2015 16:40 ? : MailScanner discussion > Objet : RE: Filename Restrictions Not working > > > > Hi Kevin, > > > > I?ve tried with linking directly to filename.rules.conf, I?ve tried using a > filename.rules that points FromOrTo: default > \etc\MailScanner\filename.rules.conf , but neither approach is working. > > > > What?s especially odd is if explicitly define a blocked file type?say, > \.exe$ directly in MailScanner.conf, even THAT doesn?t work. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From kevin.miller at juneau.org Wed Feb 18 22:56:05 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Wed, 18 Feb 2015 22:56:05 +0000 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> Message-ID: <8a3aad902978486e80d6b7e75dbc1022@City-Exch-DB1.cbj.local> Regardless of motive, we all appreciate your work in keeping MailScanner alive! Re: the Postfix integration, Jules mentioned the disagreement between him and Venema on more than on occasion. The issue was one of efficiency, IIRC. MailScanner batches the virus and spam scanning on up to 30 messages at once (or some such). Doing it with a milter is going to spawn a scan for each inbound message taking more system resources. Or so the theory goes. I don't have any imperical data to substantiate the practical difference on a high volume mail server, but I always agreed with Jules because 1, he's a heck of a nice guy, and 2, I used sendmail with MailScanner. Gotta root for the home team after all. ;-) I got the impression that it was a bit of pride and a "not invented here" attitude on the postfix side but I've never had any interaction with Venema so that may not be the case at all. I'm going to try Postfix on my new gateways, mostly because it purports to do LDAP lookups against AD for recipient verification. Exchange 2013 won't properly let me do a call-ahead with smf-sav so I need some sort of LDAP integration to cull out the non-existant users at MTA time to avoid back-scatter. If you do attempt to implement a solution after the fashion that Venema recommends, it would be instructive to test it against a stock MailScanner installation, capturing time and load statistics. It may be a wash, or it may be that there's a significant difference. I burn through maybe 10K messages a day, with around 650 users so my servers probably wouldn't know the difference. I'd imagine that it would make a big difference however for servers that are doing multi-million messages a day... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Wednesday, February 18, 2015 1:15 PM > To: MailScanner discussion > Subject: Re: v4.85.1.0 Beta for Linux RPM Available > > > On Feb 18, 2015, at 1:46 PM, Peter Bonivart > wrote: > > > > That's still a great idea, I remember it from back in the day. > > However, I think it's high time to close the wish list for this long > > awaited release and start filling it for the next one or we may have > > to wait a few more years. :) > > > > I agreed to take over as lead for the project because my Mailborder > business depends on the success of MailScanner. I have developed an > affinity for things like food and shelter, so it is deeply in my > interest that the MailScanner project succeed. > > - > Jerry Benton > www.mailborder.com > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From rcooper at dwford.com Wed Feb 18 23:23:40 2015 From: rcooper at dwford.com (Rick Cooper) Date: Wed, 18 Feb 2015 18:23:40 -0500 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <039E7436-3C57-4FDB-B556-0180D95D4930@mailborder.com> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk><746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> <039E7436-3C57-4FDB-B556-0180D95D4930@mailborder.com> Message-ID: <3929246683B44771BC2B5F5CB8A62787@SAHOMELT> Jerry Benton wrote: >> On Feb 18, 2015, at 11:18 AM, Rick Cooper wrote: >> >> This applies to SpamAssassin as well. I sent Jules code to move >> MailScanner to use the Spamd process years ago. Now the clamav >> module had a lot of issues because when internal defs within the >> clam code changed the module would puke until someone patched the >> module but it makes no sense to me why anything MailScanner shares >> should be based on a perl module if there is a daemon available to >> communicate with. Spamd protocol is pretty simple and fairly easy to >> integrate within MailScanner. The difference in speed is pretty much >> nil but the difference in MailScanner memory usage per child is >> significant. When I originally worked with JF to integrate the clamd >> code his biggest hesitation was he wasn't comfortable with network >> code... I would bet that was the biggest reason for handling postfix >> the way it's handled as well. Whoever is currently developing MS >> should really look at moving toward spamd support in place of the >> perl module. > > > Rick, > > Please send me the working code you have for this. I will add it to > the development of the next version. The same is true for Postfix > handling if you have anything. I have spoken to Wietse Venema > regarding MailScanner integration of Postfix and he doesn't like how > it is currently done and posted a recommendation years ago on > postfix.org that Postfix shouldn't be used with MailScanner. In > short, MailScanner should be using a milter for Postfix. > > - > Jerry Benton > www.mailborder.com I will have to see what needs patch, I have not really maintained the patches because of my wife's health issues so it's probably a few versions back at least. I think the last patch I did was around the time that JF moved away from the project. As far as postfix, I do not nor never will use it. The author seems pretty full of himself without real justification. I just remember the issues and it seemed they were all related to how postfix handled it's mail queue and I believe the proper way discussed at that time was it should be redelivered through some process which would have required sockets again. You know, I think Glenn did *a lot* of the postfix code and seems to know it very well. Dunno if he has time to take a crack or not. Rick From kevin.miller at juneau.org Thu Feb 19 00:21:11 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Thu, 19 Feb 2015 00:21:11 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: Message-ID: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> Do you have filename.rules and filetype.rules files or did you edit MailScanner.conf? Here's my filename/type rules. They're the default. I presume they match yours. /etc/MailScanner # cat filename.rules From: 127.0.0.1 /etc/MailScanner/filename.rules.allowall.conf FromOrTo: default /etc/MailScanner/filename.rules.conf /etc/MailScanner # cat filetype.rules From: 127.0.0.1 /etc/MailScanner/filetype.rules.allowall.conf FromOrTo: default /etc/MailScanner/filetype.rules.conf /etc/MailScanner # cat filename.rules.allowall.conf allow .* - - A while back I was having an issue where an Office365 Word doc was getting flagged as an executable and blocked. I tried using the "Allow Filenames" and "Allow Filetypes" in MailScanner.conf. The notes in there said that I'd have to an entry for both name and type. I set "Allow Filetypes = \.exe$" and "Allow Filenames = /[0-9a-f]{4}\.dat$/I". (I was trying to allow .dat files with a four character name composed of hexadecimal characters. Specifically 0000.dat but not limited to it.) The notes said the exception would have to match both rules to pass. It didn't. It had the odd effect of letting any .exe file through regardless of the name. Have you tried reverting the filename.rules and filetype.rules back to the stock setting and mucking around in filename.rules.conf or filetype.rules.conf instead? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 From J.Ede at birchenallhowden.co.uk Thu Feb 19 08:04:20 2015 From: J.Ede at birchenallhowden.co.uk (Jason Ede) Date: Thu, 19 Feb 2015 08:04:20 +0000 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <8a3aad902978486e80d6b7e75dbc1022@City-Exch-DB1.cbj.local> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> <8a3aad902978486e80d6b7e75dbc1022@City-Exch-DB1.cbj.local> Message-ID: -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: 18 February 2015 22:56 To: 'MailScanner discussion' Subject: RE: v4.85.1.0 Beta for Linux RPM Available Regardless of motive, we all appreciate your work in keeping MailScanner alive! Re: the Postfix integration, Jules mentioned the disagreement between him and Venema on more than on occasion. The issue was one of efficiency, IIRC. MailScanner batches the virus and spam scanning on up to 30 messages at once (or some such). Doing it with a milter is going to spawn a scan for each inbound message taking more system resources. Or so the theory goes. I don't have any imperical data to substantiate the practical difference on a high volume mail server, but I always agreed with Jules because 1, he's a heck of a nice guy, and 2, I used sendmail with MailScanner. Gotta root for the home team after all. ;-) I got the impression that it was a bit of pride and a "not invented here" attitude on the postfix side but I've never had any interaction with Venema so that may not be the case at all. I'm going to try Postfix on my new gateways, mostly because it purports to do LDAP lookups against AD for recipient verification. Exchange 2013 won't properly let me do a call-ahead with smf-sav so I need some sort of LDAP integration to cull out the non-existant users at MTA time to avoid back-scatter. If you do attempt to implement a solution after the fashion that Venema recommends, it would be instructive to test it against a stock MailScanner installation, capturing time and load statistics. It may be a wash, or it may be that there's a significant difference. I burn through maybe 10K messages a day, with around 650 users so my servers probably wouldn't know the difference. I'd imagine that it would make a big difference however for servers that are doing multi-million messages a day... We've always used postfix with MailScanner and never had a problem with it. At their peak our 2 servers were having around 5-6million connection attempts per month out of which MS scanned around 200,000-300,000 a month. The batch process to me always made sense especially when the system was busy as it means you're not duplicating resources. The only benefit I can see in a milter, besides keeping the postfix guys happy, is that it gives you the option to reject the message if you decide it's spam rather than having to quarantine it. Running spamd as opposed to the perl module would make a lot of sense and would cut down the resources needed on the server. The benefits of being able to move clam to a daemon were fantastic. Jason -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150219/b11e4952/attachment.html From James.Nelson at vgt.net Thu Feb 19 14:47:11 2015 From: James.Nelson at vgt.net (James Nelson) Date: Thu, 19 Feb 2015 14:47:11 +0000 Subject: Filename Restrictions Not working In-Reply-To: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> Message-ID: Hi Kevin, I never touched the filename\type rules or their associated line items in MailScanner.conf until I realized it wasn't working, so they have failed in both a virgin state and in a "test" state, trying various configurations that I've seen work for other people. I'm not defining anything as an allowed filetype, so that shouldn't be tripping me up I don't think. This front-ends an Exchange system, and if I can't get it working I could use Exchange transport rules to disallow these filetypes, I just hate to do that because it puts processing back on my backend production mail system, as well as losing the ability to search within the contents of an archived file. I don't want to have to put a blanket block on zip files as in the old days, I would much rather leverage MailScanner's ability to block only those that contain malicious filetypes. "a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral." -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Wednesday, February 18, 2015 6:21 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working Do you have filename.rules and filetype.rules files or did you edit MailScanner.conf? Here's my filename/type rules. They're the default. I presume they match yours. /etc/MailScanner # cat filename.rules From: 127.0.0.1 /etc/MailScanner/filename.rules.allowall.conf FromOrTo: default /etc/MailScanner/filename.rules.conf /etc/MailScanner # cat filetype.rules From: 127.0.0.1 /etc/MailScanner/filetype.rules.allowall.conf FromOrTo: default /etc/MailScanner/filetype.rules.conf /etc/MailScanner # cat filename.rules.allowall.conf allow .* - - A while back I was having an issue where an Office365 Word doc was getting flagged as an executable and blocked. I tried using the "Allow Filenames" and "Allow Filetypes" in MailScanner.conf. The notes in there said that I'd have to an entry for both name and type. I set "Allow Filetypes = \.exe$" and "Allow Filenames = /[0-9a-f]{4}\.dat$/I". (I was trying to allow .dat files with a four character name composed of hexadecimal characters. Specifically 0000.dat but not limited to it.) The notes said the exception would have to match both rules to pass. It didn't. It had the odd effect of letting any .exe file through regardless of the name. Have you tried reverting the filename.rules and filetype.rules back to the stock setting and mucking around in filename.rules.conf or filetype.rules.conf instead? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Thu Feb 19 21:12:00 2015 From: James.Nelson at vgt.net (James Nelson) Date: Thu, 19 Feb 2015 21:12:00 +0000 Subject: Filename Restrictions Not working In-Reply-To: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> Message-ID: <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> One thing of note...maybe, maybe not...is that when I run MailScanner --lint , I notice this: Filename Checks: Windows/DOS Executable (1 eicar.com) Filetype Checks: Allowing 1 eicar.com (no match found) If my filename\type checks were working, shouldn't it be denying that type, given that I have excecutables configured (as default) to deny in my filetype.rules.conf? "a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral." -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Wednesday, February 18, 2015 6:21 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working Do you have filename.rules and filetype.rules files or did you edit MailScanner.conf? Here's my filename/type rules. They're the default. I presume they match yours. /etc/MailScanner # cat filename.rules From: 127.0.0.1 /etc/MailScanner/filename.rules.allowall.conf FromOrTo: default /etc/MailScanner/filename.rules.conf /etc/MailScanner # cat filetype.rules From: 127.0.0.1 /etc/MailScanner/filetype.rules.allowall.conf FromOrTo: default /etc/MailScanner/filetype.rules.conf /etc/MailScanner # cat filename.rules.allowall.conf allow .* - - A while back I was having an issue where an Office365 Word doc was getting flagged as an executable and blocked. I tried using the "Allow Filenames" and "Allow Filetypes" in MailScanner.conf. The notes in there said that I'd have to an entry for both name and type. I set "Allow Filetypes = \.exe$" and "Allow Filenames = /[0-9a-f]{4}\.dat$/I". (I was trying to allow .dat files with a four character name composed of hexadecimal characters. Specifically 0000.dat but not limited to it.) The notes said the exception would have to match both rules to pass. It didn't. It had the odd effect of letting any .exe file through regardless of the name. Have you tried reverting the filename.rules and filetype.rules back to the stock setting and mucking around in filename.rules.conf or filetype.rules.conf instead? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From kevin.miller at juneau.org Thu Feb 19 21:31:06 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Thu, 19 Feb 2015 21:31:06 +0000 Subject: Filename Restrictions Not working In-Reply-To: <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> Message-ID: Eicar is a virus test signature. It should be caught by your virus scanner. It should also be denied by filetype checks. If it gets that far. I don't recall which happens first, virus checking or spam checking. I think filename/type checking would fall under the spam check umbrella... Refresh our memory, what distro and version are you running? What version of file do you have? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Thursday, February 19, 2015 12:12 PM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > One thing of note...maybe, maybe not...is that when I run MailScanner -- > lint , I notice this: > > Filename Checks: Windows/DOS Executable (1 eicar.com) Filetype Checks: > Allowing 1 eicar.com (no match found) > > If my filename\type checks were working, shouldn't it be denying that > type, given that I have excecutables configured (as default) to deny in > my filetype.rules.conf? > > > > "a rockpile ceases to be a rockpile the moment a single man contemplates > it, bearing within him the image of a cathedral." > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Wednesday, February 18, 2015 6:21 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Do you have filename.rules and filetype.rules files or did you edit > MailScanner.conf? > > Here's my filename/type rules. They're the default. I presume they > match yours. > > /etc/MailScanner # cat filename.rules > From: 127.0.0.1 > /etc/MailScanner/filename.rules.allowall.conf > FromOrTo: default /etc/MailScanner/filename.rules.conf > > /etc/MailScanner # cat filetype.rules > From: 127.0.0.1 > /etc/MailScanner/filetype.rules.allowall.conf > FromOrTo: default /etc/MailScanner/filetype.rules.conf > > /etc/MailScanner # cat filename.rules.allowall.conf > allow .* - - > > A while back I was having an issue where an Office365 Word doc was > getting flagged as an executable and blocked. I tried using the "Allow > Filenames" and "Allow Filetypes" in MailScanner.conf. The notes in > there said that I'd have to an entry for both name and type. I set > "Allow Filetypes = \.exe$" and "Allow Filenames = /[0-9a-f]{4}\.dat$/I". > (I was trying to allow .dat files with a four character name composed of > hexadecimal characters. Specifically 0000.dat but not limited to it.) > The notes said the exception would have to match both rules to pass. It > didn't. It had the odd effect of letting any .exe file through > regardless of the name. > > Have you tried reverting the filename.rules and filetype.rules back to > the stock setting and mucking around in filename.rules.conf or > filetype.rules.conf instead? > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Thu Feb 19 22:09:26 2015 From: James.Nelson at vgt.net (James Nelson) Date: Thu, 19 Feb 2015 22:09:26 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> Message-ID: <601f4c7b7547439eabd69897940da30b@VGTMAIL1.vgt.net> Right, and clamd is detecting that successfully, but as noted in the earlier message, it is being inspected via the File check, detected as an executable, and then "allowed." If it's not working at that level in a test scenario, I'm probably hopeless for it to work on anything else :) MailScanner is version 4.84.6, Centos 6.6, file is version 5.04 "a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral." -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Thursday, February 19, 2015 3:31 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working Eicar is a virus test signature. It should be caught by your virus scanner. It should also be denied by filetype checks. If it gets that far. I don't recall which happens first, virus checking or spam checking. I think filename/type checking would fall under the spam check umbrella... Refresh our memory, what distro and version are you running? What version of file do you have? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Thursday, February 19, 2015 12:12 PM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > One thing of note...maybe, maybe not...is that when I run MailScanner > -- lint , I notice this: > > Filename Checks: Windows/DOS Executable (1 eicar.com) Filetype Checks: > Allowing 1 eicar.com (no match found) > > If my filename\type checks were working, shouldn't it be denying that > type, given that I have excecutables configured (as default) to deny > in my filetype.rules.conf? > > > > "a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral." > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Wednesday, February 18, 2015 6:21 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Do you have filename.rules and filetype.rules files or did you edit > MailScanner.conf? > > Here's my filename/type rules. They're the default. I presume they > match yours. > > /etc/MailScanner # cat filename.rules > From: 127.0.0.1 > /etc/MailScanner/filename.rules.allowall.conf > FromOrTo: default /etc/MailScanner/filename.rules.conf > > /etc/MailScanner # cat filetype.rules > From: 127.0.0.1 > /etc/MailScanner/filetype.rules.allowall.conf > FromOrTo: default /etc/MailScanner/filetype.rules.conf > > /etc/MailScanner # cat filename.rules.allowall.conf > allow .* - - > > A while back I was having an issue where an Office365 Word doc was > getting flagged as an executable and blocked. I tried using the > "Allow Filenames" and "Allow Filetypes" in MailScanner.conf. The > notes in there said that I'd have to an entry for both name and type. > I set "Allow Filetypes = \.exe$" and "Allow Filenames = /[0-9a-f]{4}\.dat$/I". > (I was trying to allow .dat files with a four character name composed > of hexadecimal characters. Specifically 0000.dat but not limited to > it.) The notes said the exception would have to match both rules to > pass. It didn't. It had the odd effect of letting any .exe file > through regardless of the name. > > Have you tried reverting the filename.rules and filetype.rules back to > the stock setting and mucking around in filename.rules.conf or > filetype.rules.conf instead? > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From kevin.miller at juneau.org Fri Feb 20 01:19:34 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Fri, 20 Feb 2015 01:19:34 +0000 Subject: Filename Restrictions Not working In-Reply-To: <601f4c7b7547439eabd69897940da30b@VGTMAIL1.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <601f4c7b7547439eabd69897940da30b@VGTMAIL1.vgt.net> Message-ID: <76b3bd604c00453fb0222793137ace7d@City-Exch-DB1.cbj.local> Hmmm. If it's not a production server I'd say wipe it and reinstall from scratch at this point. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Thursday, February 19, 2015 1:09 PM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Right, and clamd is detecting that successfully, but as noted in the > earlier message, it is being inspected via the File check, detected as > an executable, and then "allowed." If it's not working at that level in > a test scenario, I'm probably hopeless for it to work on anything else > :) > > MailScanner is version 4.84.6, Centos 6.6, file is version 5.04 > > "a rockpile ceases to be a rockpile the moment a single man contemplates > it, bearing within him the image of a cathedral." > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Thursday, February 19, 2015 3:31 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Eicar is a virus test signature. It should be caught by your virus > scanner. It should also be denied by filetype checks. If it gets that > far. I don't recall which happens first, virus checking or spam > checking. I think filename/type checking would fall under the spam > check umbrella... > > Refresh our memory, what distro and version are you running? What > version of file do you have? > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of James Nelson > > Sent: Thursday, February 19, 2015 12:12 PM > > To: MailScanner discussion > > Subject: RE: Filename Restrictions Not working > > > > One thing of note...maybe, maybe not...is that when I run MailScanner > > -- lint , I notice this: > > > > Filename Checks: Windows/DOS Executable (1 eicar.com) Filetype Checks: > > Allowing 1 eicar.com (no match found) > > > > If my filename\type checks were working, shouldn't it be denying that > > type, given that I have excecutables configured (as default) to deny > > in my filetype.rules.conf? > > > > > > > > "a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral." > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > > Sent: Wednesday, February 18, 2015 6:21 PM > > To: 'MailScanner discussion' > > Subject: RE: Filename Restrictions Not working > > > > Do you have filename.rules and filetype.rules files or did you edit > > MailScanner.conf? > > > > Here's my filename/type rules. They're the default. I presume they > > match yours. > > > > /etc/MailScanner # cat filename.rules > > From: 127.0.0.1 > > /etc/MailScanner/filename.rules.allowall.conf > > FromOrTo: default /etc/MailScanner/filename.rules.conf > > > > /etc/MailScanner # cat filetype.rules > > From: 127.0.0.1 > > /etc/MailScanner/filetype.rules.allowall.conf > > FromOrTo: default /etc/MailScanner/filetype.rules.conf > > > > /etc/MailScanner # cat filename.rules.allowall.conf > > allow .* - - > > > > A while back I was having an issue where an Office365 Word doc was > > getting flagged as an executable and blocked. I tried using the > > "Allow Filenames" and "Allow Filetypes" in MailScanner.conf. The > > notes in there said that I'd have to an entry for both name and type. > > I set "Allow Filetypes = \.exe$" and "Allow Filenames = /[0-9a- > f]{4}\.dat$/I". > > (I was trying to allow .dat files with a four character name composed > > of hexadecimal characters. Specifically 0000.dat but not limited to > > it.) The notes said the exception would have to match both rules to > > pass. It didn't. It had the odd effect of letting any .exe file > > through regardless of the name. > > > > Have you tried reverting the filename.rules and filetype.rules back to > > the stock setting and mucking around in filename.rules.conf or > > filetype.rules.conf instead? > > > > ...Kevin > > -- > > Kevin Miller > > Network/email Administrator, CBJ MIS Dept. > > 155 South Seward Street > > Juneau, Alaska 99801 > > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > > 307357 > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From sbanderson at impromed.com Fri Feb 20 02:12:49 2015 From: sbanderson at impromed.com (Scott B. Anderson) Date: Fri, 20 Feb 2015 02:12:49 +0000 Subject: Filename Restrictions Not working In-Reply-To: <76b3bd604c00453fb0222793137ace7d@City-Exch-DB1.cbj.local> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <601f4c7b7547439eabd69897940da30b@VGTMAIL1.vgt.net> <76b3bd604c00453fb0222793137ace7d@City-Exch-DB1.cbj.local> Message-ID: <0f46d23c5c394198a32e2564a11572b4@ES5.impromed.com> FWIW - I've been running 4.84.3 on both a Fedora custom source build derivative (long story, can't get stock kernels to see the software based reiserfs boot volume) and a current unbuntu server LTS. Both catch eicar and sent two notifications - depends on your notification settings. I use a ruleset to send virus, spam and file denies to people in my domain but the default is to turn it off. If you were getting a ton of undeliverable emails you might have turned one of the notifications off rather than using a domain based ruleset, you might have disabled other notifications as well. I am eagerly awaiting the new release to be considered Beta instead of Alpha in tar (not rpm or deb) form before going further. Scott -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Thursday, February 19, 2015 7:20 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working Hmmm. If it's not a production server I'd say wipe it and reinstall from scratch at this point. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Thursday, February 19, 2015 1:09 PM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Right, and clamd is detecting that successfully, but as noted in the > earlier message, it is being inspected via the File check, detected as > an executable, and then "allowed." If it's not working at that level > in a test scenario, I'm probably hopeless for it to work on anything > else > :) > > MailScanner is version 4.84.6, Centos 6.6, file is version 5.04 > > "a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral." > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Thursday, February 19, 2015 3:31 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Eicar is a virus test signature. It should be caught by your virus > scanner. It should also be denied by filetype checks. If it gets > that far. I don't recall which happens first, virus checking or spam > checking. I think filename/type checking would fall under the spam > check umbrella... > > Refresh our memory, what distro and version are you running? What > version of file do you have? > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > James Nelson > > Sent: Thursday, February 19, 2015 12:12 PM > > To: MailScanner discussion > > Subject: RE: Filename Restrictions Not working > > > > One thing of note...maybe, maybe not...is that when I run > > MailScanner > > -- lint , I notice this: > > > > Filename Checks: Windows/DOS Executable (1 eicar.com) Filetype Checks: > > Allowing 1 eicar.com (no match found) > > > > If my filename\type checks were working, shouldn't it be denying > > that type, given that I have excecutables configured (as default) to > > deny in my filetype.rules.conf? > > > > > > > > "a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral." > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > Kevin Miller > > Sent: Wednesday, February 18, 2015 6:21 PM > > To: 'MailScanner discussion' > > Subject: RE: Filename Restrictions Not working > > > > Do you have filename.rules and filetype.rules files or did you edit > > MailScanner.conf? > > > > Here's my filename/type rules. They're the default. I presume they > > match yours. > > > > /etc/MailScanner # cat filename.rules > > From: 127.0.0.1 > > /etc/MailScanner/filename.rules.allowall.conf > > FromOrTo: default /etc/MailScanner/filename.rules.conf > > > > /etc/MailScanner # cat filetype.rules > > From: 127.0.0.1 > > /etc/MailScanner/filetype.rules.allowall.conf > > FromOrTo: default /etc/MailScanner/filetype.rules.conf > > > > /etc/MailScanner # cat filename.rules.allowall.conf > > allow .* - - > > > > A while back I was having an issue where an Office365 Word doc was > > getting flagged as an executable and blocked. I tried using the > > "Allow Filenames" and "Allow Filetypes" in MailScanner.conf. The > > notes in there said that I'd have to an entry for both name and type. > > I set "Allow Filetypes = \.exe$" and "Allow Filenames = /[0-9a- > f]{4}\.dat$/I". > > (I was trying to allow .dat files with a four character name > > composed of hexadecimal characters. Specifically 0000.dat but not > > limited to > > it.) The notes said the exception would have to match both rules to > > pass. It didn't. It had the odd effect of letting any .exe file > > through regardless of the name. > > > > Have you tried reverting the filename.rules and filetype.rules back > > to the stock setting and mucking around in filename.rules.conf or > > filetype.rules.conf instead? > > > > ...Kevin > > -- > > Kevin Miller > > Network/email Administrator, CBJ MIS Dept. > > 155 South Seward Street > > Juneau, Alaska 99801 > > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > > 307357 > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! ... -- Rely On Us. ImproMed LLC -- From Denis.Beauchemin at usherbrooke.ca Fri Feb 20 13:53:13 2015 From: Denis.Beauchemin at usherbrooke.ca (Denis Beauchemin) Date: Fri, 20 Feb 2015 13:53:13 +0000 Subject: Filename Restrictions Not working In-Reply-To: <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> Message-ID: My MailScanner --lint returns: MailScanner.conf says "Virus Scanners = clamd" Found these virus scanners installed: clamd =========================================================================== Filename Checks: Fichiers COM dangereux (1 eicar.com) Other Checks: Found 1 problems Virus and Content Scanning: Starting Clamd::INFECTED::Eicar-Test-Signature :: ./1/ Clamd::INFECTED:: Eicar-Test-Signature :: ./1/eicar.com Virus Scanning: Clamd found 2 infections Infected message 1 came from 10.1.1.1 Virus Scanning: Found 2 viruses =========================================================================== Virus Scanner test reports: Clamd said "eicar.com was infected: Eicar-Test-Signature" I'm running version 4.84.5 on RHEL 6.6 with a lot of Perl stuff not up to date because I put exclude=perl* in /etc/yum.conf just to make sure an update does not cause trouble. Denis -----Message d'origine----- De?: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] De la part de James Nelson Envoy??: 19 f?vrier 2015 16:19 ??: MailScanner discussion Objet?: RE: Filename Restrictions Not working One thing of note...maybe, maybe not...is that when I run MailScanner --lint , I notice this: Filename Checks: Windows/DOS Executable (1 eicar.com) Filetype Checks: Allowing 1 eicar.com (no match found) If my filename\type checks were working, shouldn't it be denying that type, given that I have excecutables configured (as default) to deny in my filetype.rules.conf? "a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral." -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Wednesday, February 18, 2015 6:21 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working Do you have filename.rules and filetype.rules files or did you edit MailScanner.conf? Here's my filename/type rules. They're the default. I presume they match yours. /etc/MailScanner # cat filename.rules From: 127.0.0.1 /etc/MailScanner/filename.rules.allowall.conf FromOrTo: default /etc/MailScanner/filename.rules.conf /etc/MailScanner # cat filetype.rules From: 127.0.0.1 /etc/MailScanner/filetype.rules.allowall.conf FromOrTo: default /etc/MailScanner/filetype.rules.conf /etc/MailScanner # cat filename.rules.allowall.conf allow .* - - A while back I was having an issue where an Office365 Word doc was getting flagged as an executable and blocked. I tried using the "Allow Filenames" and "Allow Filetypes" in MailScanner.conf. The notes in there said that I'd have to an entry for both name and type. I set "Allow Filetypes = \.exe$" and "Allow Filenames = /[0-9a-f]{4}\.dat$/I". (I was trying to allow .dat files with a four character name composed of hexadecimal characters. Specifically 0000.dat but not limited to it.) The notes said the exception would have to match both rules to pass. It didn't. It had the odd effect of letting any .exe file through regardless of the name. Have you tried reverting the filename.rules and filetype.rules back to the stock setting and mucking around in filename.rules.conf or filetype.rules.conf instead? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Sat Feb 21 07:29:26 2015 From: James.Nelson at vgt.net (James Nelson) Date: Sat, 21 Feb 2015 07:29:26 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net>, Message-ID: Sigh, built a brand new MailScanner box from scratch...once again, everything works except filename checking. The only thing I changed was to disallow zip files(just changed allow to deny in filenames.rules.conf) and it still lets it all through. It just doesn't seem to want to work, with no errors to shed any light. From jerry.benton at mailborder.com Sat Feb 21 11:53:43 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 21 Feb 2015 06:53:43 -0500 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > Message-ID: <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> I?m not pimping my product, but I would suggest you install a Mailborder server for a comparison test. Check to see if it is working correctly (the Mailborder server) and compare the configs on the Mailborder server to yours. This will at least eliminate the Mailscanner configuration variable from the equation. - Jerry Benton www.mailborder.com > On Feb 21, 2015, at 2:29 AM, James Nelson wrote: > > Sigh, built a brand new MailScanner box from scratch...once again, everything works except filename checking. The only thing I changed was to disallow zip files(just changed allow to deny in filenames.rules.conf) and it still lets it all through. > > It just doesn't seem to want to work, with no errors to shed any light. > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Sat Feb 21 12:06:37 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 21 Feb 2015 07:06:37 -0500 Subject: MailScanner v4.85.1-1 Final - RPM Release Message-ID: <326C0DFB-7412-4A70-9C37-EF2682BEABBB@mailborder.com> This is the final for the release of MailScanner v4.85.1-1 for RPM based distributions. I am working on the tarball source installer now. This RPM version will get posted on the MailScanner website once I get access from Jules. I will send a separate email when the tarball source installer is ready. RPM Package: https://s3.amazonaws.com/mailscanner/release/v4/rpm/MailScanner-4.85.1-1.rpm.tar.gz MD5 Sum: https://s3.amazonaws.com/mailscanner/release/v4/rpm/MailScanner-4.85.1-1.md5sum - Jerry Benton www.mailborder.com From jeremy at fluxlabs.net Sat Feb 21 12:25:42 2015 From: jeremy at fluxlabs.net (Jeremy McSpadden) Date: Sat, 21 Feb 2015 12:25:42 +0000 Subject: MailScanner v4.85.1-1 Final - RPM Release In-Reply-To: <326C0DFB-7412-4A70-9C37-EF2682BEABBB@mailborder.com> References: <326C0DFB-7412-4A70-9C37-EF2682BEABBB@mailborder.com> Message-ID: <36FCAC38-638C-4B73-82AF-5FCA158CC215@fluxlabs.net> Thanks Jerry -- Jeremy McSpadden Flux Labs | http://www.fluxlabs.net | Endless Solutions Office : 850-250-5590x501 | Cell : 850-890-2543 | Fax : 850-254-2955 On Feb 21, 2015, at 6:15 AM, Jerry Benton > wrote: This is the final for the release of MailScanner v4.85.1-1 for RPM based distributions. I am working on the tarball source installer now. This RPM version will get posted on the MailScanner website once I get access from Jules. I will send a separate email when the tarball source installer is ready. RPM Package: https://s3.amazonaws.com/mailscanner/release/v4/rpm/MailScanner-4.85.1-1.rpm.tar.gz MD5 Sum: https://s3.amazonaws.com/mailscanner/release/v4/rpm/MailScanner-4.85.1-1.md5sum - Jerry Benton www.mailborder.com -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150221/658dbaf2/attachment.html From nerijusb at dtiltas.lt Sat Feb 21 13:33:08 2015 From: nerijusb at dtiltas.lt (Nerijus Baliunas) Date: Sat, 21 Feb 2015 15:33:08 +0200 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <20150218160341.GA16545@cisunix.unh.edu> References: <500054FE-F3E1-4C96-9156-3701792A109D@mailborder.com><7CA580B59C1ABD45B4614ED90D4C7B857EFB245F@HC-EXMBX03.herefordshire.gov.uk><31CFA6A0-956D-432F-86BE-256AA5E5BF30@mailborder.com> <20150218160341.GA16545@cisunix.unh.edu> Message-ID: On Wed, 18 Feb 2015 11:03:41 -0500 Paul A Sand wrote: > I submitted a bug on this: > > https://bugzilla.redhat.com/show_bug.cgi?id=1193160 Thanks a lot, soon there will be releases for both 5 and 7: tnef-1.4.12-2.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/tnef-1.4.12-2.el7 tnef-1.4.12-2.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/tnef-1.4.12-2.el5 Regards, Nerijus From chapman at simplesrv.com Sat Feb 21 17:40:49 2015 From: chapman at simplesrv.com (Chris Chapman) Date: Sat, 21 Feb 2015 11:40:49 -0600 Subject: DKIM and MailScanner Watermarking Message-ID: <1743371F-1191-4E4A-A49E-4BA9BA15D2F5@simplesrv.com> MailScanner - v4.84.5 I have been running into an issue regarding DKIM with MailScanner and wanted to see if anyone had some input. Out of the blue, Yahoo started rejecting messages from our servers with the error "554 Message not allowed - [299]?. While the messages were certainly not spammy, I noticed in their documentation the line "For example, it is against Yahoo Mail's policy to accept messages with malicious content or manipulated header information?? This led me to wonder about Watermarking, as the feature adds a few header lines to messages. I found if I disable watermarking in MS, messages deliver as expected. Re-enable Watermarking, I get bounces. In the process of tracking down the cause, I ran a DKIM test, found at http://appmaildev.com/en/dkim/ With Watermarking enabled, the DKIM tests fail with the error ?Wrong body hash?. Disable watermarking, the DKIM tests pass. It seems to me the watermarks are added *after* the DKIM body hash is generated, invalidating DKIM. I believe this is the reason Yahoo is bouncing mail. But even if I disable DKIM, messages will continue to bounce if the watermark headers are present. So the DKIM may or may not have anything to do with it. I have verified the Watermark Header, %org-name% and %org-long-name% do not contain special characters, dots, underscores or spaces and the like. Does anyone have any experience/input? Thanks! Chris Chapman From James.Nelson at vgt.net Sun Feb 22 21:33:46 2015 From: James.Nelson at vgt.net (James Nelson) Date: Sun, 22 Feb 2015 21:33:46 +0000 Subject: Filename Restrictions Not working In-Reply-To: <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> Message-ID: <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> I will try that tomorrow...i'm about out of other ideas. I suppose I could also try the new MS beta, just to throw something else at the wall... ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Saturday, February 21, 2015 5:54 AM To: MailScanner discussion Subject: Re: Filename Restrictions Not working I?m not pimping my product, but I would suggest you install a Mailborder server for a comparison test. Check to see if it is working correctly (the Mailborder server) and compare the configs on the Mailborder server to yours. This will at least eliminate the Mailscanner configuration variable from the equation. - Jerry Benton www.mailborder.com > On Feb 21, 2015, at 2:29 AM, James Nelson wrote: > > Sigh, built a brand new MailScanner box from scratch...once again, everything works except filename checking. The only thing I changed was to disallow zip files(just changed allow to deny in filenames.rules.conf) and it still lets it all through. > > It just doesn't seem to want to work, with no errors to shed any light. > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Sun Feb 22 22:11:22 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sun, 22 Feb 2015 17:11:22 -0500 Subject: Filename Restrictions Not working In-Reply-To: <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> Message-ID: <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> Its not beta anymore. (The RPM package.) - Jerry Benton www.mailborder.com > On Feb 22, 2015, at 4:33 PM, James Nelson wrote: > > I will try that tomorrow...i'm about out of other ideas. > > I suppose I could also try the new MS beta, just to throw something else at the wall... > > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Saturday, February 21, 2015 5:54 AM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > I?m not pimping my product, but I would suggest you install a Mailborder server for a comparison test. Check to see if it is working correctly (the Mailborder server) and compare the configs on the Mailborder server to yours. This will at least eliminate the Mailscanner configuration variable from the equation. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson wrote: >> >> Sigh, built a brand new MailScanner box from scratch...once again, everything works except filename checking. The only thing I changed was to disallow zip files(just changed allow to deny in filenames.rules.conf) and it still lets it all through. >> >> It just doesn't seem to want to work, with no errors to shed any light. >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From glenn.steen at gmail.com Mon Feb 23 12:46:25 2015 From: glenn.steen at gmail.com (Glenn Steen) Date: Mon, 23 Feb 2015 13:46:25 +0100 Subject: v4.85.1.0 Beta for Linux RPM Available In-Reply-To: <3929246683B44771BC2B5F5CB8A62787@SAHOMELT> References: <7CA580B59C1ABD45B4614ED90D4C7B857EFB0E2B@HC-EXMBX03.herefordshire.gov.uk> <746CF7DD27F74E1FB64B2FA354B33E3F@SAHOMELT> <039E7436-3C57-4FDB-B556-0180D95D4930@mailborder.com> <3929246683B44771BC2B5F5CB8A62787@SAHOMELT> Message-ID: Yeah well, the core parts of the postfix code is all JF, all I did was (at the time when the p-records were introduced to the queue file structure) hack up some not too inefficient code to make it cope with the new stuff. Had to delve deep into the innarts of both postfix and MailScanner, but ... Theat was a few years back;-). I don't know of any development in postfix that would radically change the frontline between MS and PF... They want us to sacrifice efficiency to protect against possible corruption by using "published interfaces" (LMTP/SMTP would make it wellnigh impossible to keep the "batch scanning" functionality). We want to keep doing things as efficiently as possible. A fun fact is that during one of Jules rows with Wietse, Wietse actually detailed all that needed be done (as a dettering example, mind you) to "steal" the messages from the queue, break it apart, reconstruct a new message (pretty much identical, but with a completely new queue file/ID). Jules only comment was "Yes, that is exactly what we do". After that, the lines of communication were a bit... strained:-). Anyway, unless there is something significantly different that can be done vis-a-vis how postfix can interract with MailScanner, there simply is nothing to be done. At least nothing that will improve MailScanner. And mind you, I've been using Postfix/MailScanner successfully for more than 10 years now... Deprecated indeed;-) Cheers! -- -- Glenn On 19 February 2015 at 00:23, Rick Cooper wrote: > Jerry Benton wrote: >>> On Feb 18, 2015, at 11:18 AM, Rick Cooper wrote: >>> >>> This applies to SpamAssassin as well. I sent Jules code to move >>> MailScanner to use the Spamd process years ago. Now the clamav >>> module had a lot of issues because when internal defs within the >>> clam code changed the module would puke until someone patched the >>> module but it makes no sense to me why anything MailScanner shares >>> should be based on a perl module if there is a daemon available to >>> communicate with. Spamd protocol is pretty simple and fairly easy to >>> integrate within MailScanner. The difference in speed is pretty much >>> nil but the difference in MailScanner memory usage per child is >>> significant. When I originally worked with JF to integrate the clamd >>> code his biggest hesitation was he wasn't comfortable with network >>> code... I would bet that was the biggest reason for handling postfix >>> the way it's handled as well. Whoever is currently developing MS >>> should really look at moving toward spamd support in place of the >>> perl module. >> >> >> Rick, >> >> Please send me the working code you have for this. I will add it to >> the development of the next version. The same is true for Postfix >> handling if you have anything. I have spoken to Wietse Venema >> regarding MailScanner integration of Postfix and he doesn't like how >> it is currently done and posted a recommendation years ago on >> postfix.org that Postfix shouldn't be used with MailScanner. In >> short, MailScanner should be using a milter for Postfix. >> >> - >> Jerry Benton >> www.mailborder.com > > I will have to see what needs patch, I have not really maintained the > patches because of my wife's health issues so it's probably a few versions > back at least. I think the last patch I did was around the time that JF > moved away from the project. As far as postfix, I do not nor never will use > it. The author seems pretty full of himself without real justification. I > just remember the issues and it seemed they were all related to how postfix > handled it's mail queue and I believe the proper way discussed at that time > was it should be redelivered through some process which would have required > sockets again. You know, I think Glenn did *a lot* of the postfix code and > seems to know it very well. Dunno if he has time to take a crack or not. > > Rick > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se From sbanderson at impromed.com Mon Feb 23 14:32:35 2015 From: sbanderson at impromed.com (Scott B. Anderson) Date: Mon, 23 Feb 2015 14:32:35 +0000 Subject: DKIM and MailScanner Watermarking In-Reply-To: <1743371F-1191-4E4A-A49E-4BA9BA15D2F5@simplesrv.com> References: <1743371F-1191-4E4A-A49E-4BA9BA15D2F5@simplesrv.com> Message-ID: <4dccf09f7a624c39a8aa005b6c5d12bc@ES5.impromed.com> > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Chris Chapman > Sent: Saturday, February 21, 2015 11:41 AM > To: mailscanner at lists.mailscanner.info > Subject: DKIM and MailScanner Watermarking > > MailScanner - v4.84.5 > > I have been running into an issue regarding DKIM with MailScanner and wanted > to see if anyone had some input. > > Out of the blue, Yahoo started rejecting messages from our servers with the > error "554 Message not allowed - [299]?. While the messages were certainly not > spammy, I noticed in their documentation the line "For example, it is against > Yahoo Mail's policy to accept messages with malicious content or manipulated > header information?? > > This led me to wonder about Watermarking, as the feature adds a few header > lines to messages. I found if I disable watermarking in MS, messages deliver as > expected. Re-enable Watermarking, I get bounces. > > In the process of tracking down the cause, I ran a DKIM test, found at > http://appmaildev.com/en/dkim/ > > With Watermarking enabled, the DKIM tests fail with the error ?Wrong body > hash?. Disable watermarking, the DKIM tests pass. It seems to me the > watermarks are added *after* the DKIM body hash is generated, invalidating > DKIM. I believe this is the reason Yahoo is bouncing mail. But even if I disable > DKIM, messages will continue to bounce if the watermark headers are present. > So the DKIM may or may not have anything to do with it. > > I have verified the Watermark Header, %org-name% and %org-long-name% do > not contain special characters, dots, underscores or spaces and the like. > > Does anyone have any experience/input? > > Thanks! > > Chris Chapman > I also have run into this issue. It started late last year with Yahoo rejecting replies and forwards but not original messages. I do not use DKIM at my site. I set : Multiple Headers = append Place New Headers At Top Of Message = yes This seemed to make Yahoo stop rejecting replies and forwards, FWIW. Not sure what else this might break in your configuration. I am not certain why this helped, it would seem contrary to the help text around these options. Also, it would appear you could make this a ruleset, so you could set Yahoo.com to append and everything else to add, as the help text suggests. Scott Anderson ... -- Rely On Us. ImproMed LLC -- From peter at farrows.org Mon Feb 23 16:39:04 2015 From: peter at farrows.org (Peter Farrow) Date: Mon, 23 Feb 2015 16:39:04 +0000 Subject: DKIM and MailScanner Watermarking In-Reply-To: <4dccf09f7a624c39a8aa005b6c5d12bc@ES5.impromed.com> References: <1743371F-1191-4E4A-A49E-4BA9BA15D2F5@simplesrv.com> <4dccf09f7a624c39a8aa005b6c5d12bc@ES5.impromed.com> Message-ID: <54EB57A8.5090502@farrows.org> In my experience Yahoo has a lot to answer for their weak security, spammy mail accounts and dodgy spam history.. They are the last company to be bleating on about security given their poor track record. Personally, watermarks stops backscatter and allows for NDRs to be handled more efficiently. If the price paid for that is not being able to email Yahoo, then so be it. P. On 23/02/2015 14:32, Scott B. Anderson wrote: >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> bounces at lists.mailscanner.info] On Behalf Of Chris Chapman >> Sent: Saturday, February 21, 2015 11:41 AM >> To: mailscanner at lists.mailscanner.info >> Subject: DKIM and MailScanner Watermarking >> >> MailScanner - v4.84.5 >> >> I have been running into an issue regarding DKIM with MailScanner and wanted >> to see if anyone had some input. >> >> Out of the blue, Yahoo started rejecting messages from our servers with the >> error "554 Message not allowed - [299]?. While the messages were certainly not >> spammy, I noticed in their documentation the line "For example, it is against >> Yahoo Mail's policy to accept messages with malicious content or manipulated >> header information?? >> >> This led me to wonder about Watermarking, as the feature adds a few header >> lines to messages. I found if I disable watermarking in MS, messages deliver as >> expected. Re-enable Watermarking, I get bounces. >> >> In the process of tracking down the cause, I ran a DKIM test, found at >> http://appmaildev.com/en/dkim/ >> >> With Watermarking enabled, the DKIM tests fail with the error ?Wrong body >> hash?. Disable watermarking, the DKIM tests pass. It seems to me the >> watermarks are added *after* the DKIM body hash is generated, invalidating >> DKIM. I believe this is the reason Yahoo is bouncing mail. But even if I disable >> DKIM, messages will continue to bounce if the watermark headers are present. >> So the DKIM may or may not have anything to do with it. >> >> I have verified the Watermark Header, %org-name% and %org-long-name% do >> not contain special characters, dots, underscores or spaces and the like. >> >> Does anyone have any experience/input? >> >> Thanks! >> >> Chris Chapman >> > I also have run into this issue. It started late last year with Yahoo rejecting replies and forwards but not original messages. > I do not use DKIM at my site. I set : > > Multiple Headers = append > Place New Headers At Top Of Message = yes > > This seemed to make Yahoo stop rejecting replies and forwards, FWIW. Not sure what else this might break in your configuration. > > I am not certain why this helped, it would seem contrary to the help text around these options. > > Also, it would appear you could make this a ruleset, so you could set Yahoo.com to append and everything else to add, as the help text suggests. > > > Scott Anderson > > ... > > > -- > horizontal ruler > > Peter Farrow > avatar > ______________________ > Home: 01249 654183 > Fax: 01249 461 548 > Mobile: 07799605617 > Skype: peter_farrow > Web: www.peterfarrow.com > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150223/206499c4/attachment.html -------------- next part -------------- A non-text attachment was scrubbed... Name: orange_spacer.gif Type: image/gif Size: 57 bytes Desc: not available Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150223/206499c4/attachment.gif -------------- next part -------------- A non-text attachment was scrubbed... Name: avatar.gif Type: image/gif Size: 8198 bytes Desc: not available Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150223/206499c4/attachment-0001.gif From jeremy at fluxlabs.net Mon Feb 23 16:57:49 2015 From: jeremy at fluxlabs.net (Jeremy McSpadden) Date: Mon, 23 Feb 2015 16:57:49 +0000 Subject: DKIM and MailScanner Watermarking In-Reply-To: <54EB57A8.5090502@farrows.org> References: <1743371F-1191-4E4A-A49E-4BA9BA15D2F5@simplesrv.com> <4dccf09f7a624c39a8aa005b6c5d12bc@ES5.impromed.com> <54EB57A8.5090502@farrows.org> Message-ID: I second this. I?ve told our clients that they should not expect any communications to and from Yahoo accounts. -- Jeremy McSpadden Flux Labs | http://www.fluxlabs.net | Endless Solutions Office : 850-250-5590x501 | Cell : 850-890-2543 | Fax : 850-254-2955 On Feb 23, 2015, at 10:39 AM, Peter Farrow > wrote: In my experience Yahoo has a lot to answer for their weak security, spammy mail accounts and dodgy spam history.. They are the last company to be bleating on about security given their poor track record. Personally, watermarks stops backscatter and allows for NDRs to be handled more efficiently. If the price paid for that is not being able to email Yahoo, then so be it. P. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150223/c8e70679/attachment.html From James.Nelson at vgt.net Mon Feb 23 18:26:05 2015 From: James.Nelson at vgt.net (James Nelson) Date: Mon, 23 Feb 2015 18:26:05 +0000 Subject: Filename Restrictions Not working In-Reply-To: <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> Message-ID: <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> Well, an interesting update... I changed up my approach, and pointed the Deny Filenames = in MailScanner.conf to %rules-dir%/filename_deny.rules , which is as follows: To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$ When running MailScanner --lint now, it DOES detect eicar.com as a blocked filetype. However, it's still allowing blocked filetypes through ? ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Sunday, February 22, 2015 4:11 PM To: MailScanner discussion Subject: Re: Filename Restrictions Not working Its not beta anymore. (The RPM package.) - Jerry Benton www.mailborder.com > On Feb 22, 2015, at 4:33 PM, James Nelson wrote: > > I will try that tomorrow...i'm about out of other ideas. > > I suppose I could also try the new MS beta, just to throw something else at the wall... > > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Saturday, February 21, 2015 5:54 AM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > I?m not pimping my product, but I would suggest you install a Mailborder server for a comparison test. Check to see if it is working correctly (the Mailborder server) and compare the configs on the Mailborder server to yours. This will at least eliminate the Mailscanner configuration variable from the equation. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson wrote: >> >> Sigh, built a brand new MailScanner box from scratch...once again, everything works except filename checking. The only thing I changed was to disallow zip files(just changed allow to deny in filenames.rules.conf) and it still lets it all through. >> >> It just doesn't seem to want to work, with no errors to shed any light. >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From kevin.miller at juneau.org Mon Feb 23 18:49:48 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Mon, 23 Feb 2015 18:49:48 +0000 Subject: Filename Restrictions Not working In-Reply-To: <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> Message-ID: <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> Maybe you could post your MailScanner.conf to pastebin. I'm guessing something in there is wonky. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Monday, February 23, 2015 9:26 AM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Well, an interesting update... > > I changed up my approach, and pointed the Deny Filenames = in > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as > follows: > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ \.sct$ > \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ \.mau$ \.md[az]$ > \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ \.com$ \.exe$ \.scr$ > \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- > 9]{3}$ > > When running MailScanner --lint now, it DOES detect eicar.com as a > blocked filetype. However, it's still allowing blocked filetypes > through ? > > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates > it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Sunday, February 22, 2015 4:11 PM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Its not beta anymore. (The RPM package.) > > - > Jerry Benton > www.mailborder.com > > > > > On Feb 22, 2015, at 4:33 PM, James Nelson > wrote: > > > > I will try that tomorrow...i'm about out of other ideas. > > > > I suppose I could also try the new MS beta, just to throw something > else at the wall... > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral.? > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > Sent: Saturday, February 21, 2015 5:54 AM > > To: MailScanner discussion > > Subject: Re: Filename Restrictions Not working > > > > I?m not pimping my product, but I would suggest you install a > Mailborder server for a comparison test. Check to see if it is working > correctly (the Mailborder server) and compare the configs on the > Mailborder server to yours. This will at least eliminate the Mailscanner > configuration variable from the equation. > > > > - > > Jerry Benton > > www.mailborder.com > > > > > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson > wrote: > >> > >> Sigh, built a brand new MailScanner box from scratch...once again, > everything works except filename checking. The only thing I changed was > to disallow zip files(just changed allow to deny in > filenames.rules.conf) and it still lets it all through. > >> > >> It just doesn't seem to want to work, with no errors to shed any > light. > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >> > >> Before posting, read http://wiki.mailscanner.info/posting > >> > >> Support MailScanner development - buy the book off the website! > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Mon Feb 23 19:18:05 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 23 Feb 2015 14:18:05 -0500 Subject: Filename Restrictions Not working In-Reply-To: <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> Message-ID: I mentioned Mailborder earlier because after I wrote everything I kind of forgot about it, but here is an example using one domain and a default ruleset. Keep in mind this isn?t using MailScanner default file names. This is how rulesets should be used. The MailScanner.conf reads the custom configuration file ./conf.d/mailborder.conf which then defines this file: /etc/MailScanner/frules/filename.rules for Filename rules which contains this: # Domain Policies FromOrTo: linuxref.com /etc/MailScanner/frules/linuxref.com.fn.conf FromOrTo: default /etc/MailScanner/frules/default.fn.rules.conf The default.fn.rules.conf contains this, which I am truncating for brevity: deny \.bak$ - - allow \.bz2$ - - deny \{[a-hA-H0-9-]{25,}\} - - allow \.Z$ - - deny \s{10,} - - deny \.fdf$ - - allow \.(mon|tue|wed|thu|fri|sat|sun)\.[a-z0-9]{3}$ - - allow \.x\d+\.rel$ - - So, it looks like your use of *@* is incorrect and should be ?default?. - Jerry Benton www.mailborder.com > On Feb 23, 2015, at 1:26 PM, James Nelson wrote: > > Well, an interesting update... > > I changed up my approach, and pointed the Deny Filenames = in MailScanner.conf to %rules-dir%/filename_deny.rules , which is as follows: > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} \.[a-z][a-z0-9]{2,3}\s*\.[a-z0-9]{3}$ > > When running MailScanner --lint now, it DOES detect eicar.com as a blocked filetype. However, it's still allowing blocked filetypes through ? > > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Sunday, February 22, 2015 4:11 PM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Its not beta anymore. (The RPM package.) > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 22, 2015, at 4:33 PM, James Nelson wrote: >> >> I will try that tomorrow...i'm about out of other ideas. >> >> I suppose I could also try the new MS beta, just to throw something else at the wall... >> >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >> Sent: Saturday, February 21, 2015 5:54 AM >> To: MailScanner discussion >> Subject: Re: Filename Restrictions Not working >> >> I?m not pimping my product, but I would suggest you install a Mailborder server for a comparison test. Check to see if it is working correctly (the Mailborder server) and compare the configs on the Mailborder server to yours. This will at least eliminate the Mailscanner configuration variable from the equation. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 21, 2015, at 2:29 AM, James Nelson wrote: >>> >>> Sigh, built a brand new MailScanner box from scratch...once again, everything works except filename checking. The only thing I changed was to disallow zip files(just changed allow to deny in filenames.rules.conf) and it still lets it all through. >>> >>> It just doesn't seem to want to work, with no errors to shed any light. >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Mon Feb 23 19:51:56 2015 From: James.Nelson at vgt.net (James Nelson) Date: Mon, 23 Feb 2015 19:51:56 +0000 Subject: Filename Restrictions Not working In-Reply-To: <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> Message-ID: <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> Kevin, Here's my complete MailScanner.conf: http://pastebin.com/ci9dz8iL Jerry: I changed default to *@* this morning in the course of my, "did that work? No, okay, how about this," but the result was the same regardless. I'm not applying any configuration via conf.d at the moment...if I were to do that, would it supersede anything in MailScanner.conf? ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Monday, February 23, 2015 12:50 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working Maybe you could post your MailScanner.conf to pastebin. I'm guessing something in there is wonky. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Monday, February 23, 2015 9:26 AM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Well, an interesting update... > > I changed up my approach, and pointed the Deny Filenames = in > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as > follows: > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ \.sct$ > \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ \.mau$ > \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ \.com$ > \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ > > When running MailScanner --lint now, it DOES detect eicar.com as a > blocked filetype. However, it's still allowing blocked filetypes > through ? > > > > > ?a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Sunday, February 22, 2015 4:11 PM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Its not beta anymore. (The RPM package.) > > - > Jerry Benton > www.mailborder.com > > > > > On Feb 22, 2015, at 4:33 PM, James Nelson > wrote: > > > > I will try that tomorrow...i'm about out of other ideas. > > > > I suppose I could also try the new MS beta, just to throw something > else at the wall... > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral.? > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > Sent: Saturday, February 21, 2015 5:54 AM > > To: MailScanner discussion > > Subject: Re: Filename Restrictions Not working > > > > I?m not pimping my product, but I would suggest you install a > Mailborder server for a comparison test. Check to see if it is working > correctly (the Mailborder server) and compare the configs on the > Mailborder server to yours. This will at least eliminate the > Mailscanner configuration variable from the equation. > > > > - > > Jerry Benton > > www.mailborder.com > > > > > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson > wrote: > >> > >> Sigh, built a brand new MailScanner box from scratch...once again, > everything works except filename checking. The only thing I changed > was to disallow zip files(just changed allow to deny in > filenames.rules.conf) and it still lets it all through. > >> > >> It just doesn't seem to want to work, with no errors to shed any > light. > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > >> > >> Before posting, read http://wiki.mailscanner.info/posting > >> > >> Support MailScanner development - buy the book off the website! > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From kevin.miller at juneau.org Mon Feb 23 20:19:58 2015 From: kevin.miller at juneau.org (Kevin Miller) Date: Mon, 23 Feb 2015 20:19:58 +0000 Subject: Filename Restrictions Not working In-Reply-To: <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> Message-ID: <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> It said this "This is a private paste. If you created this paste, please login to view it." I couldn't see it. If there's anything that needs to be munged (like your watermark), just edit that before posting and make it a public post. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Monday, February 23, 2015 10:52 AM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Kevin, > > Here's my complete MailScanner.conf: > > http://pastebin.com/ci9dz8iL > > Jerry: > > I changed default to *@* this morning in the course of my, "did that > work? No, okay, how about this," but the result was the same regardless. > > I'm not applying any configuration via conf.d at the moment...if I were > to do that, would it supersede anything in MailScanner.conf? > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates > it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Monday, February 23, 2015 12:50 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Maybe you could post your MailScanner.conf to pastebin. I'm guessing > something in there is wonky. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of James Nelson > > Sent: Monday, February 23, 2015 9:26 AM > > To: MailScanner discussion > > Subject: RE: Filename Restrictions Not working > > > > Well, an interesting update... > > > > I changed up my approach, and pointed the Deny Filenames = in > > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as > > follows: > > > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ > > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ \.sct$ > > \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ \.mau$ > > \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ \.com$ > > \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} > > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ > > > > When running MailScanner --lint now, it DOES detect eicar.com as a > > blocked filetype. However, it's still allowing blocked filetypes > > through ? > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > Sent: Sunday, February 22, 2015 4:11 PM > > To: MailScanner discussion > > Subject: Re: Filename Restrictions Not working > > > > Its not beta anymore. (The RPM package.) > > > > - > > Jerry Benton > > www.mailborder.com > > > > > > > > > On Feb 22, 2015, at 4:33 PM, James Nelson > > wrote: > > > > > > I will try that tomorrow...i'm about out of other ideas. > > > > > > I suppose I could also try the new MS beta, just to throw something > > else at the wall... > > > > > > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > > > > -----Original Message----- > > > From: mailscanner-bounces at lists.mailscanner.info > > > [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > > Sent: Saturday, February 21, 2015 5:54 AM > > > To: MailScanner discussion > > > Subject: Re: Filename Restrictions Not working > > > > > > I?m not pimping my product, but I would suggest you install a > > Mailborder server for a comparison test. Check to see if it is working > > correctly (the Mailborder server) and compare the configs on the > > Mailborder server to yours. This will at least eliminate the > > Mailscanner configuration variable from the equation. > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > > > > > > > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson > > wrote: > > >> > > >> Sigh, built a brand new MailScanner box from scratch...once again, > > everything works except filename checking. The only thing I changed > > was to disallow zip files(just changed allow to deny in > > filenames.rules.conf) and it still lets it all through. > > >> > > >> It just doesn't seem to want to work, with no errors to shed any > > light. > > >> -- > > >> MailScanner mailing list > > >> mailscanner at lists.mailscanner.info > > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > > >> > > >> Before posting, read http://wiki.mailscanner.info/posting > > >> > > >> Support MailScanner development - buy the book off the website! > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From jeremy at fluxlabs.net Mon Feb 23 20:20:38 2015 From: jeremy at fluxlabs.net (Jeremy McSpadden) Date: Mon, 23 Feb 2015 20:20:38 +0000 Subject: Filename Restrictions Not working In-Reply-To: <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> Message-ID: pastebin message is set to private -- Jeremy McSpadden Flux Labs, Inc | http://www.fluxlabs.net | Endless Solutions Office : 850-250-5590 x 501 | Cell : 850-890-2543 | Fax : 850-254-2955 On Feb 23, 2015, at 1:51 PM, James Nelson > wrote: Kevin, Here's my complete MailScanner.conf: http://pastebin.com/ci9dz8iL Jerry: I changed default to *@* this morning in the course of my, "did that work? No, okay, how about this," but the result was the same regardless. I'm not applying any configuration via conf.d at the moment...if I were to do that, would it supersede anything in MailScanner.conf? ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Monday, February 23, 2015 12:50 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working Maybe you could post your MailScanner.conf to pastebin. I'm guessing something in there is wonky. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of James Nelson Sent: Monday, February 23, 2015 9:26 AM To: MailScanner discussion Subject: RE: Filename Restrictions Not working Well, an interesting update... I changed up my approach, and pointed the Deny Filenames = in MailScanner.conf to %rules-dir%/filename_deny.rules , which is as follows: To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ When running MailScanner --lint now, it DOES detect eicar.com as a blocked filetype. However, it's still allowing blocked filetypes through ? ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Sunday, February 22, 2015 4:11 PM To: MailScanner discussion Subject: Re: Filename Restrictions Not working Its not beta anymore. (The RPM package.) - Jerry Benton www.mailborder.com On Feb 22, 2015, at 4:33 PM, James Nelson wrote: I will try that tomorrow...i'm about out of other ideas. I suppose I could also try the new MS beta, just to throw something else at the wall... ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Saturday, February 21, 2015 5:54 AM To: MailScanner discussion Subject: Re: Filename Restrictions Not working I?m not pimping my product, but I would suggest you install a Mailborder server for a comparison test. Check to see if it is working correctly (the Mailborder server) and compare the configs on the Mailborder server to yours. This will at least eliminate the Mailscanner configuration variable from the equation. - Jerry Benton www.mailborder.com On Feb 21, 2015, at 2:29 AM, James Nelson wrote: Sigh, built a brand new MailScanner box from scratch...once again, everything works except filename checking. The only thing I changed was to disallow zip files(just changed allow to deny in filenames.rules.conf) and it still lets it all through. It just doesn't seem to want to work, with no errors to shed any light. -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150223/9a0cedda/attachment.html From jerry.benton at mailborder.com Mon Feb 23 20:28:02 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 23 Feb 2015 15:28:02 -0500 Subject: Filename Restrictions Not working In-Reply-To: <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> Message-ID: <80A97C06-28C2-4A2C-B088-3231743B371F@mailborder.com> Yes, you do not have to edit MailScanner.conf directly at all. You can put your settings in a con file in the ./conf.d directory. - Jerry Benton www.mailborder.com > On Feb 23, 2015, at 2:51 PM, James Nelson wrote: > > Kevin, > > Here's my complete MailScanner.conf: > > http://pastebin.com/ci9dz8iL > > Jerry: > > I changed default to *@* this morning in the course of my, "did that work? No, okay, how about this," but the result was the same regardless. > > I'm not applying any configuration via conf.d at the moment...if I were to do that, would it supersede anything in MailScanner.conf? > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Monday, February 23, 2015 12:50 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Maybe you could post your MailScanner.conf to pastebin. I'm guessing something in there is wonky. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > > >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> bounces at lists.mailscanner.info] On Behalf Of James Nelson >> Sent: Monday, February 23, 2015 9:26 AM >> To: MailScanner discussion >> Subject: RE: Filename Restrictions Not working >> >> Well, an interesting update... >> >> I changed up my approach, and pointed the Deny Filenames = in >> MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >> follows: >> >> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ >> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ \.sct$ >> \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ \.mau$ >> \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ \.com$ >> \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >> >> When running MailScanner --lint now, it DOES detect eicar.com as a >> blocked filetype. However, it's still allowing blocked filetypes >> through ? >> >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man >> contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >> Sent: Sunday, February 22, 2015 4:11 PM >> To: MailScanner discussion >> Subject: Re: Filename Restrictions Not working >> >> Its not beta anymore. (The RPM package.) >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 22, 2015, at 4:33 PM, James Nelson >> wrote: >>> >>> I will try that tomorrow...i'm about out of other ideas. >>> >>> I suppose I could also try the new MS beta, just to throw something >> else at the wall... >>> >>> >>> >>> >>> ?a rockpile ceases to be a rockpile the moment a single man >> contemplates it, bearing within him the image of a cathedral.? >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner- >> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>> Sent: Saturday, February 21, 2015 5:54 AM >>> To: MailScanner discussion >>> Subject: Re: Filename Restrictions Not working >>> >>> I?m not pimping my product, but I would suggest you install a >> Mailborder server for a comparison test. Check to see if it is working >> correctly (the Mailborder server) and compare the configs on the >> Mailborder server to yours. This will at least eliminate the >> Mailscanner configuration variable from the equation. >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 21, 2015, at 2:29 AM, James Nelson >> wrote: >>>> >>>> Sigh, built a brand new MailScanner box from scratch...once again, >> everything works except filename checking. The only thing I changed >> was to disallow zip files(just changed allow to deny in >> filenames.rules.conf) and it still lets it all through. >>>> >>>> It just doesn't seem to want to work, with no errors to shed any >> light. >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Mon Feb 23 20:37:58 2015 From: James.Nelson at vgt.net (James Nelson) Date: Mon, 23 Feb 2015 20:37:58 +0000 Subject: Filename Restrictions Not working In-Reply-To: <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> Message-ID: Sorry about that, I thought I set it to public. Try again :). Jerry, I'm building a Mailborder server now to test. ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Monday, February 23, 2015 2:20 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working It said this "This is a private paste. If you created this paste, please login to view it." I couldn't see it. If there's anything that needs to be munged (like your watermark), just edit that before posting and make it a public post. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Monday, February 23, 2015 10:52 AM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Kevin, > > Here's my complete MailScanner.conf: > > http://pastebin.com/ci9dz8iL > > Jerry: > > I changed default to *@* this morning in the course of my, "did that > work? No, okay, how about this," but the result was the same regardless. > > I'm not applying any configuration via conf.d at the moment...if I > were to do that, would it supersede anything in MailScanner.conf? > > > > ?a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Monday, February 23, 2015 12:50 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Maybe you could post your MailScanner.conf to pastebin. I'm guessing > something in there is wonky. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > James Nelson > > Sent: Monday, February 23, 2015 9:26 AM > > To: MailScanner discussion > > Subject: RE: Filename Restrictions Not working > > > > Well, an interesting update... > > > > I changed up my approach, and pointed the Deny Filenames = in > > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as > > follows: > > > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ > > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ > > \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ > > \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ > > \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} > > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ > > > > When running MailScanner --lint now, it DOES detect eicar.com as a > > blocked filetype. However, it's still allowing blocked filetypes > > through ? > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > Jerry Benton > > Sent: Sunday, February 22, 2015 4:11 PM > > To: MailScanner discussion > > Subject: Re: Filename Restrictions Not working > > > > Its not beta anymore. (The RPM package.) > > > > - > > Jerry Benton > > www.mailborder.com > > > > > > > > > On Feb 22, 2015, at 4:33 PM, James Nelson > > wrote: > > > > > > I will try that tomorrow...i'm about out of other ideas. > > > > > > I suppose I could also try the new MS beta, just to throw > > > something > > else at the wall... > > > > > > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > > > > -----Original Message----- > > > From: mailscanner-bounces at lists.mailscanner.info > > > [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > > Sent: Saturday, February 21, 2015 5:54 AM > > > To: MailScanner discussion > > > Subject: Re: Filename Restrictions Not working > > > > > > I?m not pimping my product, but I would suggest you install a > > Mailborder server for a comparison test. Check to see if it is > > working correctly (the Mailborder server) and compare the configs on > > the Mailborder server to yours. This will at least eliminate the > > Mailscanner configuration variable from the equation. > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > > > > > > > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson > > wrote: > > >> > > >> Sigh, built a brand new MailScanner box from scratch...once > > >> again, > > everything works except filename checking. The only thing I changed > > was to disallow zip files(just changed allow to deny in > > filenames.rules.conf) and it still lets it all through. > > >> > > >> It just doesn't seem to want to work, with no errors to shed any > > light. > > >> -- > > >> MailScanner mailing list > > >> mailscanner at lists.mailscanner.info > > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > > >> > > >> Before posting, read http://wiki.mailscanner.info/posting > > >> > > >> Support MailScanner development - buy the book off the website! > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Mon Feb 23 21:25:45 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 23 Feb 2015 16:25:45 -0500 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <, > <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> Message-ID: Yeah I saw. I created you a 30 day commercial license so you can unlock more stuff for testing. Just download the new license file and replace your /mailborder/license.php. - Jerry Benton www.mailborder.com > On Feb 23, 2015, at 3:37 PM, James Nelson wrote: > > > Sorry about that, I thought I set it to public. Try again :). > > Jerry, I'm building a Mailborder server now to test. > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Monday, February 23, 2015 2:20 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > It said this "This is a private paste. If you created this paste, please login to view it." I couldn't see it. > > If there's anything that needs to be munged (like your watermark), just edit that before posting and make it a public post. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > > >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> bounces at lists.mailscanner.info] On Behalf Of James Nelson >> Sent: Monday, February 23, 2015 10:52 AM >> To: MailScanner discussion >> Subject: RE: Filename Restrictions Not working >> >> Kevin, >> >> Here's my complete MailScanner.conf: >> >> http://pastebin.com/ci9dz8iL >> >> Jerry: >> >> I changed default to *@* this morning in the course of my, "did that >> work? No, okay, how about this," but the result was the same regardless. >> >> I'm not applying any configuration via conf.d at the moment...if I >> were to do that, would it supersede anything in MailScanner.conf? >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man >> contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> bounces at lists.mailscanner.info] On Behalf Of Kevin Miller >> Sent: Monday, February 23, 2015 12:50 PM >> To: 'MailScanner discussion' >> Subject: RE: Filename Restrictions Not working >> >> Maybe you could post your MailScanner.conf to pastebin. I'm guessing >> something in there is wonky. >> >> ...Kevin >> -- >> Kevin Miller >> Network/email Administrator, CBJ MIS Dept. >> 155 South Seward Street >> Juneau, Alaska 99801 >> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >> 307357 >> >> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>> James Nelson >>> Sent: Monday, February 23, 2015 9:26 AM >>> To: MailScanner discussion >>> Subject: RE: Filename Restrictions Not working >>> >>> Well, an interesting update... >>> >>> I changed up my approach, and pointed the Deny Filenames = in >>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >>> follows: >>> >>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ >>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ >>> \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>> >>> When running MailScanner --lint now, it DOES detect eicar.com as a >>> blocked filetype. However, it's still allowing blocked filetypes >>> through ? >>> >>> >>> >>> >>> ?a rockpile ceases to be a rockpile the moment a single man >>> contemplates it, bearing within him the image of a cathedral.? >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>> Jerry Benton >>> Sent: Sunday, February 22, 2015 4:11 PM >>> To: MailScanner discussion >>> Subject: Re: Filename Restrictions Not working >>> >>> Its not beta anymore. (The RPM package.) >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>> wrote: >>>> >>>> I will try that tomorrow...i'm about out of other ideas. >>>> >>>> I suppose I could also try the new MS beta, just to throw >>>> something >>> else at the wall... >>>> >>>> >>>> >>>> >>>> ?a rockpile ceases to be a rockpile the moment a single man >>> contemplates it, bearing within him the image of a cathedral.? >>>> >>>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner- >>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>> Sent: Saturday, February 21, 2015 5:54 AM >>>> To: MailScanner discussion >>>> Subject: Re: Filename Restrictions Not working >>>> >>>> I?m not pimping my product, but I would suggest you install a >>> Mailborder server for a comparison test. Check to see if it is >>> working correctly (the Mailborder server) and compare the configs on >>> the Mailborder server to yours. This will at least eliminate the >>> Mailscanner configuration variable from the equation. >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> >>>> >>>> >>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>> wrote: >>>>> >>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>> again, >>> everything works except filename checking. The only thing I changed >>> was to disallow zip files(just changed allow to deny in >>> filenames.rules.conf) and it still lets it all through. >>>>> >>>>> It just doesn't seem to want to work, with no errors to shed any >>> light. >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From glenn.steen at gmail.com Tue Feb 24 09:18:03 2015 From: glenn.steen at gmail.com (Glenn Steen) Date: Tue, 24 Feb 2015 10:18:03 +0100 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> Message-ID: I see you have run as user/group set to postfix/apache... When you've done your lint and debug runs, did you do them as postfix user or root? My guess is that the rule file for filenames might not be readable to the postfix user. Cheers! -- -- Glenn Den 23 feb 2015 22:09 skrev "James Nelson" : > > Sorry about that, I thought I set it to public. Try again :). > > Jerry, I'm building a Mailborder server now to test. > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates > it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto: > mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Monday, February 23, 2015 2:20 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > It said this "This is a private paste. If you created this paste, please > login to view it." I couldn't see it. > > If there's anything that needs to be munged (like your watermark), just > edit that before posting and make it a public post. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of James Nelson > > Sent: Monday, February 23, 2015 10:52 AM > > To: MailScanner discussion > > Subject: RE: Filename Restrictions Not working > > > > Kevin, > > > > Here's my complete MailScanner.conf: > > > > http://pastebin.com/ci9dz8iL > > > > Jerry: > > > > I changed default to *@* this morning in the course of my, "did that > > work? No, okay, how about this," but the result was the same regardless. > > > > I'm not applying any configuration via conf.d at the moment...if I > > were to do that, would it supersede anything in MailScanner.conf? > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > > Sent: Monday, February 23, 2015 12:50 PM > > To: 'MailScanner discussion' > > Subject: RE: Filename Restrictions Not working > > > > Maybe you could post your MailScanner.conf to pastebin. I'm guessing > > something in there is wonky. > > > > ...Kevin > > -- > > Kevin Miller > > Network/email Administrator, CBJ MIS Dept. > > 155 South Seward Street > > Juneau, Alaska 99801 > > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > > 307357 > > > > > > > -----Original Message----- > > > From: mailscanner-bounces at lists.mailscanner.info > > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > > James Nelson > > > Sent: Monday, February 23, 2015 9:26 AM > > > To: MailScanner discussion > > > Subject: RE: Filename Restrictions Not working > > > > > > Well, an interesting update... > > > > > > I changed up my approach, and pointed the Deny Filenames = in > > > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as > > > follows: > > > > > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ > \.chm$ > > > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ > > > \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ > > > \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ > > > \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} > > > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ > > > > > > When running MailScanner --lint now, it DOES detect eicar.com as a > > > blocked filetype. However, it's still allowing blocked filetypes > > > through ? > > > > > > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > > contemplates it, bearing within him the image of a cathedral.? > > > > > > > > > -----Original Message----- > > > From: mailscanner-bounces at lists.mailscanner.info > > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > > Jerry Benton > > > Sent: Sunday, February 22, 2015 4:11 PM > > > To: MailScanner discussion > > > Subject: Re: Filename Restrictions Not working > > > > > > Its not beta anymore. (The RPM package.) > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > > > > > > > > > > > On Feb 22, 2015, at 4:33 PM, James Nelson > > > wrote: > > > > > > > > I will try that tomorrow...i'm about out of other ideas. > > > > > > > > I suppose I could also try the new MS beta, just to throw > > > > something > > > else at the wall... > > > > > > > > > > > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > > contemplates it, bearing within him the image of a cathedral.? > > > > > > > > > > > > -----Original Message----- > > > > From: mailscanner-bounces at lists.mailscanner.info > > > > [mailto:mailscanner- > > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > > > Sent: Saturday, February 21, 2015 5:54 AM > > > > To: MailScanner discussion > > > > Subject: Re: Filename Restrictions Not working > > > > > > > > I?m not pimping my product, but I would suggest you install a > > > Mailborder server for a comparison test. Check to see if it is > > > working correctly (the Mailborder server) and compare the configs on > > > the Mailborder server to yours. This will at least eliminate the > > > Mailscanner configuration variable from the equation. > > > > > > > > - > > > > Jerry Benton > > > > www.mailborder.com > > > > > > > > > > > > > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson > > > wrote: > > > >> > > > >> Sigh, built a brand new MailScanner box from scratch...once > > > >> again, > > > everything works except filename checking. The only thing I changed > > > was to disallow zip files(just changed allow to deny in > > > filenames.rules.conf) and it still lets it all through. > > > >> > > > >> It just doesn't seem to want to work, with no errors to shed any > > > light. > > > >> -- > > > >> MailScanner mailing list > > > >> mailscanner at lists.mailscanner.info > > > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > >> > > > >> Before posting, read http://wiki.mailscanner.info/posting > > > >> > > > >> Support MailScanner development - buy the book off the website! > > > > > > > > -- > > > > MailScanner mailing list > > > > mailscanner at lists.mailscanner.info > > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > > > Support MailScanner development - buy the book off the website! > > > > -- > > > > MailScanner mailing list > > > > mailscanner at lists.mailscanner.info > > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > > > Support MailScanner development - buy the book off the website! > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150224/d9e41d67/attachment.html From J.Ede at birchenallhowden.co.uk Tue Feb 24 09:44:04 2015 From: J.Ede at birchenallhowden.co.uk (Jason Ede) Date: Tue, 24 Feb 2015 09:44:04 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> Message-ID: Shouldn?t MailScanner ?lint pick up permission problems such as that? I thought it still ran that as the correct user. Jason From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn Steen Sent: 24 February 2015 09:18 To: MailScanner discussion Subject: RE: Filename Restrictions Not working I see you have run as user/group set to postfix/apache... When you've done your lint and debug runs, did you do them as postfix user or root? My guess is that the rule file for filenames might not be readable to the postfix user. Cheers! -- -- Glenn Den 23 feb 2015 22:09 skrev "James Nelson" >: Sorry about that, I thought I set it to public. Try again :). Jerry, I'm building a Mailborder server now to test. ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Monday, February 23, 2015 2:20 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working It said this "This is a private paste. If you created this paste, please login to view it." I couldn't see it. If there's anything that needs to be munged (like your watermark), just edit that before posting and make it a public post. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Monday, February 23, 2015 10:52 AM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Kevin, > > Here's my complete MailScanner.conf: > > http://pastebin.com/ci9dz8iL > > Jerry: > > I changed default to *@* this morning in the course of my, "did that > work? No, okay, how about this," but the result was the same regardless. > > I'm not applying any configuration via conf.d at the moment...if I > were to do that, would it supersede anything in MailScanner.conf? > > > > ?a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Monday, February 23, 2015 12:50 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Maybe you could post your MailScanner.conf to pastebin. I'm guessing > something in there is wonky. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > James Nelson > > Sent: Monday, February 23, 2015 9:26 AM > > To: MailScanner discussion > > Subject: RE: Filename Restrictions Not working > > > > Well, an interesting update... > > > > I changed up my approach, and pointed the Deny Filenames = in > > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as > > follows: > > > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ > > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ > > \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ > > \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ > > \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} > > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ > > > > When running MailScanner --lint now, it DOES detect eicar.com as a > > blocked filetype. However, it's still allowing blocked filetypes > > through ? > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > Jerry Benton > > Sent: Sunday, February 22, 2015 4:11 PM > > To: MailScanner discussion > > Subject: Re: Filename Restrictions Not working > > > > Its not beta anymore. (The RPM package.) > > > > - > > Jerry Benton > > www.mailborder.com > > > > > > > > > On Feb 22, 2015, at 4:33 PM, James Nelson > > > wrote: > > > > > > I will try that tomorrow...i'm about out of other ideas. > > > > > > I suppose I could also try the new MS beta, just to throw > > > something > > else at the wall... > > > > > > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > > > > -----Original Message----- > > > From: mailscanner-bounces at lists.mailscanner.info > > > [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > > Sent: Saturday, February 21, 2015 5:54 AM > > > To: MailScanner discussion > > > Subject: Re: Filename Restrictions Not working > > > > > > I?m not pimping my product, but I would suggest you install a > > Mailborder server for a comparison test. Check to see if it is > > working correctly (the Mailborder server) and compare the configs on > > the Mailborder server to yours. This will at least eliminate the > > Mailscanner configuration variable from the equation. > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > > > > > > > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson > > > wrote: > > >> > > >> Sigh, built a brand new MailScanner box from scratch...once > > >> again, > > everything works except filename checking. The only thing I changed > > was to disallow zip files(just changed allow to deny in > > filenames.rules.conf) and it still lets it all through. > > >> > > >> It just doesn't seem to want to work, with no errors to shed any > > light. > > >> -- > > >> MailScanner mailing list > > >> mailscanner at lists.mailscanner.info > > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > > >> > > >> Before posting, read http://wiki.mailscanner.info/posting > > >> > > >> Support MailScanner development - buy the book off the website! > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150224/fadd7f90/attachment-0001.html From James.Nelson at vgt.net Tue Feb 24 13:22:48 2015 From: James.Nelson at vgt.net (James Nelson) Date: Tue, 24 Feb 2015 13:22:48 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> , Message-ID: <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a blocked filetype, it just doesn't do anything about it during mail scanning. I had the thought that my rules files had permissions problems, but I made them readable for everyone just to be sure. I have the group as Apache as part of the configuration for MailWatch. On Feb 24, 2015, at 3:37 AM, Glenn Steen > wrote: I see you have run as user/group set to postfix/apache... When you've done your lint and debug runs, did you do them as postfix user or root? My guess is that the rule file for filenames might not be readable to the postfix user. Cheers! -- -- Glenn Den 23 feb 2015 22:09 skrev "James Nelson" >: Sorry about that, I thought I set it to public. Try again :). Jerry, I'm building a Mailborder server now to test. ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Monday, February 23, 2015 2:20 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working It said this "This is a private paste. If you created this paste, please login to view it." I couldn't see it. If there's anything that needs to be munged (like your watermark), just edit that before posting and make it a public post. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Monday, February 23, 2015 10:52 AM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Kevin, > > Here's my complete MailScanner.conf: > > http://pastebin.com/ci9dz8iL > > Jerry: > > I changed default to *@* this morning in the course of my, "did that > work? No, okay, how about this," but the result was the same regardless. > > I'm not applying any configuration via conf.d at the moment...if I > were to do that, would it supersede anything in MailScanner.conf? > > > > ?a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Monday, February 23, 2015 12:50 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Maybe you could post your MailScanner.conf to pastebin. I'm guessing > something in there is wonky. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > James Nelson > > Sent: Monday, February 23, 2015 9:26 AM > > To: MailScanner discussion > > Subject: RE: Filename Restrictions Not working > > > > Well, an interesting update... > > > > I changed up my approach, and pointed the Deny Filenames = in > > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as > > follows: > > > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ > > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ > > \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ > > \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ > > \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} > > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ > > > > When running MailScanner --lint now, it DOES detect eicar.com as a > > blocked filetype. However, it's still allowing blocked filetypes > > through ? > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > Jerry Benton > > Sent: Sunday, February 22, 2015 4:11 PM > > To: MailScanner discussion > > Subject: Re: Filename Restrictions Not working > > > > Its not beta anymore. (The RPM package.) > > > > - > > Jerry Benton > > www.mailborder.com > > > > > > > > > On Feb 22, 2015, at 4:33 PM, James Nelson > > > wrote: > > > > > > I will try that tomorrow...i'm about out of other ideas. > > > > > > I suppose I could also try the new MS beta, just to throw > > > something > > else at the wall... > > > > > > > > > > > > > > > ?a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral.? > > > > > > > > > -----Original Message----- > > > From: mailscanner-bounces at lists.mailscanner.info > > > [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > > Sent: Saturday, February 21, 2015 5:54 AM > > > To: MailScanner discussion > > > Subject: Re: Filename Restrictions Not working > > > > > > I?m not pimping my product, but I would suggest you install a > > Mailborder server for a comparison test. Check to see if it is > > working correctly (the Mailborder server) and compare the configs on > > the Mailborder server to yours. This will at least eliminate the > > Mailscanner configuration variable from the equation. > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > > > > > > > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson > > > wrote: > > >> > > >> Sigh, built a brand new MailScanner box from scratch...once > > >> again, > > everything works except filename checking. The only thing I changed > > was to disallow zip files(just changed allow to deny in > > filenames.rules.conf) and it still lets it all through. > > >> > > >> It just doesn't seem to want to work, with no errors to shed any > > light. > > >> -- > > >> MailScanner mailing list > > >> mailscanner at lists.mailscanner.info > > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > > >> > > >> Before posting, read http://wiki.mailscanner.info/posting > > >> > > >> Support MailScanner development - buy the book off the website! > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150224/2cbd0996/attachment.html From J.Ede at birchenallhowden.co.uk Tue Feb 24 13:35:57 2015 From: J.Ede at birchenallhowden.co.uk (Jason Ede) Date: Tue, 24 Feb 2015 13:35:57 +0000 Subject: Filename Restrictions Not working In-Reply-To: <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> , <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> Message-ID: Have you checked your Virus Names Which Are Spam setting? From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of James Nelson Sent: 24 February 2015 13:23 To: MailScanner discussion Subject: Re: Filename Restrictions Not working Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a blocked filetype, it just doesn't do anything about it during mail scanning. I had the thought that my rules files had permissions problems, but I made them readable for everyone just to be sure. I have the group as Apache as part of the configuration for MailWatch. On Feb 24, 2015, at 3:37 AM, Glenn Steen > wrote: I see you have run as user/group set to postfix/apache... When you've done your lint and debug runs, did you do them as postfix user or root? My guess is that the rule file for filenames might not be readable to the postfix user. Cheers! -- -- Glenn Den 23 feb 2015 22:09 skrev "James Nelson" >: Sorry about that, I thought I set it to public. Try again :). Jerry, I'm building a Mailborder server now to test. "a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral." -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin Miller Sent: Monday, February 23, 2015 2:20 PM To: 'MailScanner discussion' Subject: RE: Filename Restrictions Not working It said this "This is a private paste. If you created this paste, please login to view it." I couldn't see it. If there's anything that needs to be munged (like your watermark), just edit that before posting and make it a public post. ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of James Nelson > Sent: Monday, February 23, 2015 10:52 AM > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > Kevin, > > Here's my complete MailScanner.conf: > > http://pastebin.com/ci9dz8iL > > Jerry: > > I changed default to *@* this morning in the course of my, "did that > work? No, okay, how about this," but the result was the same regardless. > > I'm not applying any configuration via conf.d at the moment...if I > were to do that, would it supersede anything in MailScanner.conf? > > > > "a rockpile ceases to be a rockpile the moment a single man > contemplates it, bearing within him the image of a cathedral." > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller > Sent: Monday, February 23, 2015 12:50 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > Maybe you could post your MailScanner.conf to pastebin. I'm guessing > something in there is wonky. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: > 307357 > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > James Nelson > > Sent: Monday, February 23, 2015 9:26 AM > > To: MailScanner discussion > > Subject: RE: Filename Restrictions Not working > > > > Well, an interesting update... > > > > I changed up my approach, and pointed the Deny Filenames = in > > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as > > follows: > > > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ \.chm$ > > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ > > \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ > > \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ > > \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} > > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ > > > > When running MailScanner --lint now, it DOES detect eicar.com as a > > blocked filetype. However, it's still allowing blocked filetypes > > through ? > > > > > > > > > > "a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral." > > > > > > -----Original Message----- > > From: mailscanner-bounces at lists.mailscanner.info > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of > > Jerry Benton > > Sent: Sunday, February 22, 2015 4:11 PM > > To: MailScanner discussion > > Subject: Re: Filename Restrictions Not working > > > > Its not beta anymore. (The RPM package.) > > > > - > > Jerry Benton > > www.mailborder.com > > > > > > > > > On Feb 22, 2015, at 4:33 PM, James Nelson > > > wrote: > > > > > > I will try that tomorrow...i'm about out of other ideas. > > > > > > I suppose I could also try the new MS beta, just to throw > > > something > > else at the wall... > > > > > > > > > > > > > > > "a rockpile ceases to be a rockpile the moment a single man > > contemplates it, bearing within him the image of a cathedral." > > > > > > > > > -----Original Message----- > > > From: mailscanner-bounces at lists.mailscanner.info > > > [mailto:mailscanner- > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > > > Sent: Saturday, February 21, 2015 5:54 AM > > > To: MailScanner discussion > > > Subject: Re: Filename Restrictions Not working > > > > > > I'm not pimping my product, but I would suggest you install a > > Mailborder server for a comparison test. Check to see if it is > > working correctly (the Mailborder server) and compare the configs on > > the Mailborder server to yours. This will at least eliminate the > > Mailscanner configuration variable from the equation. > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > > > > > > > > > >> On Feb 21, 2015, at 2:29 AM, James Nelson > > > wrote: > > >> > > >> Sigh, built a brand new MailScanner box from scratch...once > > >> again, > > everything works except filename checking. The only thing I changed > > was to disallow zip files(just changed allow to deny in > > filenames.rules.conf) and it still lets it all through. > > >> > > >> It just doesn't seem to want to work, with no errors to shed any > > light. > > >> -- > > >> MailScanner mailing list > > >> mailscanner at lists.mailscanner.info > > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner > > >> > > >> Before posting, read http://wiki.mailscanner.info/posting > > >> > > >> Support MailScanner development - buy the book off the website! > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > > > Support MailScanner development - buy the book off the website! > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > Before posting, read http://wiki.mailscanner.info/posting > > > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150224/100cdac6/attachment.html From glenn.steen at gmail.com Tue Feb 24 15:39:33 2015 From: glenn.steen at gmail.com (Glenn Steen) Date: Tue, 24 Feb 2015 16:39:33 +0100 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> Message-ID: Sure, for lint at least. But it is, when coming to Postfix, always good to doublechack that permissions pertaining to the postfix user actually work, as the postfix user. Maybe wasn't that clear:-) Cheers -- -- Glenn On 24 February 2015 at 10:44, Jason Ede wrote: > Shouldn?t MailScanner ?lint pick up permission problems such as that? I > thought it still ran that as the correct user. > > > > Jason > > > > From: mailscanner-bounces at lists.mailscanner.info > [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn Steen > Sent: 24 February 2015 09:18 > > > To: MailScanner discussion > Subject: RE: Filename Restrictions Not working > > > > I see you have run as user/group set to postfix/apache... When you've done > your lint and debug runs, did you do them as postfix user or root? > My guess is that the rule file for filenames might not be readable to the > postfix user. > > Cheers! > -- > -- Glenn > > Den 23 feb 2015 22:09 skrev "James Nelson" : > > > Sorry about that, I thought I set it to public. Try again :). > > Jerry, I'm building a Mailborder server now to test. > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, > bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info > [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin > Miller > Sent: Monday, February 23, 2015 2:20 PM > To: 'MailScanner discussion' > Subject: RE: Filename Restrictions Not working > > It said this "This is a private paste. If you created this paste, please > login to view it." I couldn't see it. > > If there's anything that needs to be munged (like your watermark), just edit > that before posting and make it a public post. > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357 > > >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> bounces at lists.mailscanner.info] On Behalf Of James Nelson >> Sent: Monday, February 23, 2015 10:52 AM >> To: MailScanner discussion >> Subject: RE: Filename Restrictions Not working >> >> Kevin, >> >> Here's my complete MailScanner.conf: >> >> http://pastebin.com/ci9dz8iL >> >> Jerry: >> >> I changed default to *@* this morning in the course of my, "did that >> work? No, okay, how about this," but the result was the same regardless. >> >> I'm not applying any configuration via conf.d at the moment...if I >> were to do that, would it supersede anything in MailScanner.conf? >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man >> contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> bounces at lists.mailscanner.info] On Behalf Of Kevin Miller >> Sent: Monday, February 23, 2015 12:50 PM >> To: 'MailScanner discussion' >> Subject: RE: Filename Restrictions Not working >> >> Maybe you could post your MailScanner.conf to pastebin. I'm guessing >> something in there is wonky. >> >> ...Kevin >> -- >> Kevin Miller >> Network/email Administrator, CBJ MIS Dept. >> 155 South Seward Street >> Juneau, Alaska 99801 >> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >> 307357 >> >> >> > -----Original Message----- >> > From: mailscanner-bounces at lists.mailscanner.info >> > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >> > James Nelson >> > Sent: Monday, February 23, 2015 9:26 AM >> > To: MailScanner discussion >> > Subject: RE: Filename Restrictions Not working >> > >> > Well, an interesting update... >> > >> > I changed up my approach, and pointed the Deny Filenames = in >> > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >> > follows: >> > >> > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >> > \.chm$ >> > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >> > \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >> > \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ >> > \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >> > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >> > >> > When running MailScanner --lint now, it DOES detect eicar.com as a >> > blocked filetype. However, it's still allowing blocked filetypes >> > through ? >> > >> > >> > >> > >> > ?a rockpile ceases to be a rockpile the moment a single man >> > contemplates it, bearing within him the image of a cathedral.? >> > >> > >> > -----Original Message----- >> > From: mailscanner-bounces at lists.mailscanner.info >> > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >> > Jerry Benton >> > Sent: Sunday, February 22, 2015 4:11 PM >> > To: MailScanner discussion >> > Subject: Re: Filename Restrictions Not working >> > >> > Its not beta anymore. (The RPM package.) >> > >> > - >> > Jerry Benton >> > www.mailborder.com >> > >> > >> > >> > > On Feb 22, 2015, at 4:33 PM, James Nelson >> > wrote: >> > > >> > > I will try that tomorrow...i'm about out of other ideas. >> > > >> > > I suppose I could also try the new MS beta, just to throw >> > > something >> > else at the wall... >> > > >> > > >> > > >> > > >> > > ?a rockpile ceases to be a rockpile the moment a single man >> > contemplates it, bearing within him the image of a cathedral.? >> > > >> > > >> > > -----Original Message----- >> > > From: mailscanner-bounces at lists.mailscanner.info >> > > [mailto:mailscanner- >> > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >> > > Sent: Saturday, February 21, 2015 5:54 AM >> > > To: MailScanner discussion >> > > Subject: Re: Filename Restrictions Not working >> > > >> > > I?m not pimping my product, but I would suggest you install a >> > Mailborder server for a comparison test. Check to see if it is >> > working correctly (the Mailborder server) and compare the configs on >> > the Mailborder server to yours. This will at least eliminate the >> > Mailscanner configuration variable from the equation. >> > > >> > > - >> > > Jerry Benton >> > > www.mailborder.com >> > > >> > > >> > > >> > >> On Feb 21, 2015, at 2:29 AM, James Nelson >> > wrote: >> > >> >> > >> Sigh, built a brand new MailScanner box from scratch...once >> > >> again, >> > everything works except filename checking. The only thing I changed >> > was to disallow zip files(just changed allow to deny in >> > filenames.rules.conf) and it still lets it all through. >> > >> >> > >> It just doesn't seem to want to work, with no errors to shed any >> > light. >> > >> -- >> > >> MailScanner mailing list >> > >> mailscanner at lists.mailscanner.info >> > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > >> >> > >> Before posting, read http://wiki.mailscanner.info/posting >> > >> >> > >> Support MailScanner development - buy the book off the website! >> > > >> > > -- >> > > MailScanner mailing list >> > > mailscanner at lists.mailscanner.info >> > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > >> > > Before posting, read http://wiki.mailscanner.info/posting >> > > >> > > Support MailScanner development - buy the book off the website! >> > > -- >> > > MailScanner mailing list >> > > mailscanner at lists.mailscanner.info >> > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > >> > > Before posting, read http://wiki.mailscanner.info/posting >> > > >> > > Support MailScanner development - buy the book off the website! >> > >> > -- >> > MailScanner mailing list >> > mailscanner at lists.mailscanner.info >> > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > >> > Before posting, read http://wiki.mailscanner.info/posting >> > >> > Support MailScanner development - buy the book off the website! >> > -- >> > MailScanner mailing list >> > mailscanner at lists.mailscanner.info >> > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > >> > Before posting, read http://wiki.mailscanner.info/posting >> > >> > Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se From glenn.steen at gmail.com Tue Feb 24 15:55:26 2015 From: glenn.steen at gmail.com (Glenn Steen) Date: Tue, 24 Feb 2015 16:55:26 +0100 Subject: Filename Restrictions Not working In-Reply-To: <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> Message-ID: Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" With sender = someone at example.net recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" -bash-4.2$ Check the syntax with "MailScanner --help". Seems to me that the ruleset is borked, the actual filenames aren't read, or there still resida a postfix instance that don't have the correct HOLD thingy on your system... In decreasing order of probability;-) Cheers -- -- Glenn On 24 February 2015 at 14:22, James Nelson wrote: > Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a blocked > filetype, it just doesn't do anything about it during mail scanning. I had > the thought that my rules files had permissions problems, but I made them > readable for everyone just to be sure. > > I have the group as Apache as part of the configuration for MailWatch. > > > > On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: > > I see you have run as user/group set to postfix/apache... When you've done > your lint and debug runs, did you do them as postfix user or root? > My guess is that the rule file for filenames might not be readable to the > postfix user. > > Cheers! > -- > -- Glenn > > Den 23 feb 2015 22:09 skrev "James Nelson" : >> >> >> Sorry about that, I thought I set it to public. Try again :). >> >> Jerry, I'm building a Mailborder server now to test. >> >> >> ?a rockpile ceases to be a rockpile the moment a single man contemplates >> it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Kevin >> Miller >> Sent: Monday, February 23, 2015 2:20 PM >> To: 'MailScanner discussion' >> Subject: RE: Filename Restrictions Not working >> >> It said this "This is a private paste. If you created this paste, please >> login to view it." I couldn't see it. >> >> If there's anything that needs to be munged (like your watermark), just >> edit that before posting and make it a public post. >> >> ...Kevin >> -- >> Kevin Miller >> Network/email Administrator, CBJ MIS Dept. >> 155 South Seward Street >> Juneau, Alaska 99801 >> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >> 307357 >> >> >> > -----Original Message----- >> > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> > bounces at lists.mailscanner.info] On Behalf Of James Nelson >> > Sent: Monday, February 23, 2015 10:52 AM >> > To: MailScanner discussion >> > Subject: RE: Filename Restrictions Not working >> > >> > Kevin, >> > >> > Here's my complete MailScanner.conf: >> > >> > http://pastebin.com/ci9dz8iL >> > >> > Jerry: >> > >> > I changed default to *@* this morning in the course of my, "did that >> > work? No, okay, how about this," but the result was the same regardless. >> > >> > I'm not applying any configuration via conf.d at the moment...if I >> > were to do that, would it supersede anything in MailScanner.conf? >> > >> > >> > >> > ?a rockpile ceases to be a rockpile the moment a single man >> > contemplates it, bearing within him the image of a cathedral.? >> > >> > >> > -----Original Message----- >> > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner- >> > bounces at lists.mailscanner.info] On Behalf Of Kevin Miller >> > Sent: Monday, February 23, 2015 12:50 PM >> > To: 'MailScanner discussion' >> > Subject: RE: Filename Restrictions Not working >> > >> > Maybe you could post your MailScanner.conf to pastebin. I'm guessing >> > something in there is wonky. >> > >> > ...Kevin >> > -- >> > Kevin Miller >> > Network/email Administrator, CBJ MIS Dept. >> > 155 South Seward Street >> > Juneau, Alaska 99801 >> > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >> > 307357 >> > >> > >> > > -----Original Message----- >> > > From: mailscanner-bounces at lists.mailscanner.info >> > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >> > > James Nelson >> > > Sent: Monday, February 23, 2015 9:26 AM >> > > To: MailScanner discussion >> > > Subject: RE: Filename Restrictions Not working >> > > >> > > Well, an interesting update... >> > > >> > > I changed up my approach, and pointed the Deny Filenames = in >> > > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >> > > follows: >> > > >> > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >> > > \.chm$ >> > > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >> > > \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >> > > \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ >> > > \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >> > > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >> > > >> > > When running MailScanner --lint now, it DOES detect eicar.com as a >> > > blocked filetype. However, it's still allowing blocked filetypes >> > > through ? >> > > >> > > >> > > >> > > >> > > ?a rockpile ceases to be a rockpile the moment a single man >> > > contemplates it, bearing within him the image of a cathedral.? >> > > >> > > >> > > -----Original Message----- >> > > From: mailscanner-bounces at lists.mailscanner.info >> > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >> > > Jerry Benton >> > > Sent: Sunday, February 22, 2015 4:11 PM >> > > To: MailScanner discussion >> > > Subject: Re: Filename Restrictions Not working >> > > >> > > Its not beta anymore. (The RPM package.) >> > > >> > > - >> > > Jerry Benton >> > > www.mailborder.com >> > > >> > > >> > > >> > > > On Feb 22, 2015, at 4:33 PM, James Nelson >> > > wrote: >> > > > >> > > > I will try that tomorrow...i'm about out of other ideas. >> > > > >> > > > I suppose I could also try the new MS beta, just to throw >> > > > something >> > > else at the wall... >> > > > >> > > > >> > > > >> > > > >> > > > ?a rockpile ceases to be a rockpile the moment a single man >> > > contemplates it, bearing within him the image of a cathedral.? >> > > > >> > > > >> > > > -----Original Message----- >> > > > From: mailscanner-bounces at lists.mailscanner.info >> > > > [mailto:mailscanner- >> > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >> > > > Sent: Saturday, February 21, 2015 5:54 AM >> > > > To: MailScanner discussion >> > > > Subject: Re: Filename Restrictions Not working >> > > > >> > > > I?m not pimping my product, but I would suggest you install a >> > > Mailborder server for a comparison test. Check to see if it is >> > > working correctly (the Mailborder server) and compare the configs on >> > > the Mailborder server to yours. This will at least eliminate the >> > > Mailscanner configuration variable from the equation. >> > > > >> > > > - >> > > > Jerry Benton >> > > > www.mailborder.com >> > > > >> > > > >> > > > >> > > >> On Feb 21, 2015, at 2:29 AM, James Nelson >> > > wrote: >> > > >> >> > > >> Sigh, built a brand new MailScanner box from scratch...once >> > > >> again, >> > > everything works except filename checking. The only thing I changed >> > > was to disallow zip files(just changed allow to deny in >> > > filenames.rules.conf) and it still lets it all through. >> > > >> >> > > >> It just doesn't seem to want to work, with no errors to shed any >> > > light. >> > > >> -- >> > > >> MailScanner mailing list >> > > >> mailscanner at lists.mailscanner.info >> > > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > >> >> > > >> Before posting, read http://wiki.mailscanner.info/posting >> > > >> >> > > >> Support MailScanner development - buy the book off the website! >> > > > >> > > > -- >> > > > MailScanner mailing list >> > > > mailscanner at lists.mailscanner.info >> > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > > >> > > > Before posting, read http://wiki.mailscanner.info/posting >> > > > >> > > > Support MailScanner development - buy the book off the website! >> > > > -- >> > > > MailScanner mailing list >> > > > mailscanner at lists.mailscanner.info >> > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > > >> > > > Before posting, read http://wiki.mailscanner.info/posting >> > > > >> > > > Support MailScanner development - buy the book off the website! >> > > >> > > -- >> > > MailScanner mailing list >> > > mailscanner at lists.mailscanner.info >> > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > >> > > Before posting, read http://wiki.mailscanner.info/posting >> > > >> > > Support MailScanner development - buy the book off the website! >> > > -- >> > > MailScanner mailing list >> > > mailscanner at lists.mailscanner.info >> > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > >> > > Before posting, read http://wiki.mailscanner.info/posting >> > > >> > > Support MailScanner development - buy the book off the website! >> > -- >> > MailScanner mailing list >> > mailscanner at lists.mailscanner.info >> > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > >> > Before posting, read http://wiki.mailscanner.info/posting >> > >> > Support MailScanner development - buy the book off the website! >> > -- >> > MailScanner mailing list >> > mailscanner at lists.mailscanner.info >> > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > >> > Before posting, read http://wiki.mailscanner.info/posting >> > >> > Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se From James.Nelson at vgt.net Tue Feb 24 16:28:31 2015 From: James.Nelson at vgt.net (James Nelson) Date: Tue, 24 Feb 2015 16:28:31 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> Message-ID: <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> Hi Glenn, I ran that test and got the exact result you did, which is either good or very bad, because it's still not working :) ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn Steen Sent: Tuesday, February 24, 2015 9:55 AM To: MailScanner discussion Subject: Re: Filename Restrictions Not working Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" With sender = someone at example.net recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" -bash-4.2$ Check the syntax with "MailScanner --help". Seems to me that the ruleset is borked, the actual filenames aren't read, or there still resida a postfix instance that don't have the correct HOLD thingy on your system... In decreasing order of probability;-) Cheers -- -- Glenn On 24 February 2015 at 14:22, James Nelson wrote: > Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a > blocked filetype, it just doesn't do anything about it during mail > scanning. I had the thought that my rules files had permissions > problems, but I made them readable for everyone just to be sure. > > I have the group as Apache as part of the configuration for MailWatch. > > > > On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: > > I see you have run as user/group set to postfix/apache... When you've > done your lint and debug runs, did you do them as postfix user or root? > My guess is that the rule file for filenames might not be readable to > the postfix user. > > Cheers! > -- > -- Glenn > > Den 23 feb 2015 22:09 skrev "James Nelson" : >> >> >> Sorry about that, I thought I set it to public. Try again :). >> >> Jerry, I'm building a Mailborder server now to test. >> >> >> ?a rockpile ceases to be a rockpile the moment a single man >> contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >> Kevin Miller >> Sent: Monday, February 23, 2015 2:20 PM >> To: 'MailScanner discussion' >> Subject: RE: Filename Restrictions Not working >> >> It said this "This is a private paste. If you created this paste, >> please login to view it." I couldn't see it. >> >> If there's anything that needs to be munged (like your watermark), >> just edit that before posting and make it a public post. >> >> ...Kevin >> -- >> Kevin Miller >> Network/email Administrator, CBJ MIS Dept. >> 155 South Seward Street >> Juneau, Alaska 99801 >> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >> 307357 >> >> >> > -----Original Message----- >> > From: mailscanner-bounces at lists.mailscanner.info >> > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >> > James Nelson >> > Sent: Monday, February 23, 2015 10:52 AM >> > To: MailScanner discussion >> > Subject: RE: Filename Restrictions Not working >> > >> > Kevin, >> > >> > Here's my complete MailScanner.conf: >> > >> > http://pastebin.com/ci9dz8iL >> > >> > Jerry: >> > >> > I changed default to *@* this morning in the course of my, "did >> > that work? No, okay, how about this," but the result was the same regardless. >> > >> > I'm not applying any configuration via conf.d at the moment...if I >> > were to do that, would it supersede anything in MailScanner.conf? >> > >> > >> > >> > ?a rockpile ceases to be a rockpile the moment a single man >> > contemplates it, bearing within him the image of a cathedral.? >> > >> > >> > -----Original Message----- >> > From: mailscanner-bounces at lists.mailscanner.info >> > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >> > Kevin Miller >> > Sent: Monday, February 23, 2015 12:50 PM >> > To: 'MailScanner discussion' >> > Subject: RE: Filename Restrictions Not working >> > >> > Maybe you could post your MailScanner.conf to pastebin. I'm >> > guessing something in there is wonky. >> > >> > ...Kevin >> > -- >> > Kevin Miller >> > Network/email Administrator, CBJ MIS Dept. >> > 155 South Seward Street >> > Juneau, Alaska 99801 >> > Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >> > 307357 >> > >> > >> > > -----Original Message----- >> > > From: mailscanner-bounces at lists.mailscanner.info >> > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >> > > James Nelson >> > > Sent: Monday, February 23, 2015 9:26 AM >> > > To: MailScanner discussion >> > > Subject: RE: Filename Restrictions Not working >> > > >> > > Well, an interesting update... >> > > >> > > I changed up my approach, and pointed the Deny Filenames = in >> > > MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >> > > follows: >> > > >> > > To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >> > > \.chm$ >> > > \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >> > > \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >> > > \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ >> > > \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >> > > \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >> > > >> > > When running MailScanner --lint now, it DOES detect eicar.com as >> > > a blocked filetype. However, it's still allowing blocked >> > > filetypes through ? >> > > >> > > >> > > >> > > >> > > ?a rockpile ceases to be a rockpile the moment a single man >> > > contemplates it, bearing within him the image of a cathedral.? >> > > >> > > >> > > -----Original Message----- >> > > From: mailscanner-bounces at lists.mailscanner.info >> > > [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >> > > Jerry Benton >> > > Sent: Sunday, February 22, 2015 4:11 PM >> > > To: MailScanner discussion >> > > Subject: Re: Filename Restrictions Not working >> > > >> > > Its not beta anymore. (The RPM package.) >> > > >> > > - >> > > Jerry Benton >> > > www.mailborder.com >> > > >> > > >> > > >> > > > On Feb 22, 2015, at 4:33 PM, James Nelson >> > > > >> > > wrote: >> > > > >> > > > I will try that tomorrow...i'm about out of other ideas. >> > > > >> > > > I suppose I could also try the new MS beta, just to throw >> > > > something >> > > else at the wall... >> > > > >> > > > >> > > > >> > > > >> > > > ?a rockpile ceases to be a rockpile the moment a single man >> > > contemplates it, bearing within him the image of a cathedral.? >> > > > >> > > > >> > > > -----Original Message----- >> > > > From: mailscanner-bounces at lists.mailscanner.info >> > > > [mailto:mailscanner- >> > > bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >> > > > Sent: Saturday, February 21, 2015 5:54 AM >> > > > To: MailScanner discussion >> > > > Subject: Re: Filename Restrictions Not working >> > > > >> > > > I?m not pimping my product, but I would suggest you install a >> > > Mailborder server for a comparison test. Check to see if it is >> > > working correctly (the Mailborder server) and compare the configs >> > > on the Mailborder server to yours. This will at least eliminate >> > > the Mailscanner configuration variable from the equation. >> > > > >> > > > - >> > > > Jerry Benton >> > > > www.mailborder.com >> > > > >> > > > >> > > > >> > > >> On Feb 21, 2015, at 2:29 AM, James Nelson >> > > >> >> > > wrote: >> > > >> >> > > >> Sigh, built a brand new MailScanner box from scratch...once >> > > >> again, >> > > everything works except filename checking. The only thing I >> > > changed was to disallow zip files(just changed allow to deny in >> > > filenames.rules.conf) and it still lets it all through. >> > > >> >> > > >> It just doesn't seem to want to work, with no errors to shed >> > > >> any >> > > light. >> > > >> -- >> > > >> MailScanner mailing list >> > > >> mailscanner at lists.mailscanner.info >> > > >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > >> >> > > >> Before posting, read http://wiki.mailscanner.info/posting >> > > >> >> > > >> Support MailScanner development - buy the book off the website! >> > > > >> > > > -- >> > > > MailScanner mailing list >> > > > mailscanner at lists.mailscanner.info >> > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > > >> > > > Before posting, read http://wiki.mailscanner.info/posting >> > > > >> > > > Support MailScanner development - buy the book off the website! >> > > > -- >> > > > MailScanner mailing list >> > > > mailscanner at lists.mailscanner.info >> > > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > > >> > > > Before posting, read http://wiki.mailscanner.info/posting >> > > > >> > > > Support MailScanner development - buy the book off the website! >> > > >> > > -- >> > > MailScanner mailing list >> > > mailscanner at lists.mailscanner.info >> > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > >> > > Before posting, read http://wiki.mailscanner.info/posting >> > > >> > > Support MailScanner development - buy the book off the website! >> > > -- >> > > MailScanner mailing list >> > > mailscanner at lists.mailscanner.info >> > > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > > >> > > Before posting, read http://wiki.mailscanner.info/posting >> > > >> > > Support MailScanner development - buy the book off the website! >> > -- >> > MailScanner mailing list >> > mailscanner at lists.mailscanner.info >> > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > >> > Before posting, read http://wiki.mailscanner.info/posting >> > >> > Support MailScanner development - buy the book off the website! >> > -- >> > MailScanner mailing list >> > mailscanner at lists.mailscanner.info >> > http://lists.mailscanner.info/mailman/listinfo/mailscanner >> > >> > Before posting, read http://wiki.mailscanner.info/posting >> > >> > Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Tue Feb 24 17:13:30 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 24 Feb 2015 12:13:30 -0500 Subject: Filename Restrictions Not working In-Reply-To: <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> Message-ID: <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> Crazy question: Did the Mailborder server you setup work? If so, use it to create your configs and copy them? - Jerry Benton www.mailborder.com > On Feb 24, 2015, at 11:28 AM, James Nelson wrote: > > Hi Glenn, > > I ran that test and got the exact result you did, which is either good or very bad, because it's still not working :) > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn Steen > Sent: Tuesday, February 24, 2015 9:55 AM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? > Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. > > You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: > -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" > With sender = someone at example.net > recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" > -bash-4.2$ > > > Check the syntax with "MailScanner --help". > > Seems to me that the ruleset is borked, the actual filenames aren't read, or there still resida a postfix instance that don't have the correct HOLD thingy on your system... In decreasing order of > probability;-) > > Cheers > -- > -- Glenn > > On 24 February 2015 at 14:22, James Nelson wrote: >> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a >> blocked filetype, it just doesn't do anything about it during mail >> scanning. I had the thought that my rules files had permissions >> problems, but I made them readable for everyone just to be sure. >> >> I have the group as Apache as part of the configuration for MailWatch. >> >> >> >> On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: >> >> I see you have run as user/group set to postfix/apache... When you've >> done your lint and debug runs, did you do them as postfix user or root? >> My guess is that the rule file for filenames might not be readable to >> the postfix user. >> >> Cheers! >> -- >> -- Glenn >> >> Den 23 feb 2015 22:09 skrev "James Nelson" : >>> >>> >>> Sorry about that, I thought I set it to public. Try again :). >>> >>> Jerry, I'm building a Mailborder server now to test. >>> >>> >>> ?a rockpile ceases to be a rockpile the moment a single man >>> contemplates it, bearing within him the image of a cathedral.? >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>> Kevin Miller >>> Sent: Monday, February 23, 2015 2:20 PM >>> To: 'MailScanner discussion' >>> Subject: RE: Filename Restrictions Not working >>> >>> It said this "This is a private paste. If you created this paste, >>> please login to view it." I couldn't see it. >>> >>> If there's anything that needs to be munged (like your watermark), >>> just edit that before posting and make it a public post. >>> >>> ...Kevin >>> -- >>> Kevin Miller >>> Network/email Administrator, CBJ MIS Dept. >>> 155 South Seward Street >>> Juneau, Alaska 99801 >>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>> 307357 >>> >>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>> James Nelson >>>> Sent: Monday, February 23, 2015 10:52 AM >>>> To: MailScanner discussion >>>> Subject: RE: Filename Restrictions Not working >>>> >>>> Kevin, >>>> >>>> Here's my complete MailScanner.conf: >>>> >>>> http://pastebin.com/ci9dz8iL >>>> >>>> Jerry: >>>> >>>> I changed default to *@* this morning in the course of my, "did >>>> that work? No, okay, how about this," but the result was the same regardless. >>>> >>>> I'm not applying any configuration via conf.d at the moment...if I >>>> were to do that, would it supersede anything in MailScanner.conf? >>>> >>>> >>>> >>>> ?a rockpile ceases to be a rockpile the moment a single man >>>> contemplates it, bearing within him the image of a cathedral.? >>>> >>>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>> Kevin Miller >>>> Sent: Monday, February 23, 2015 12:50 PM >>>> To: 'MailScanner discussion' >>>> Subject: RE: Filename Restrictions Not working >>>> >>>> Maybe you could post your MailScanner.conf to pastebin. I'm >>>> guessing something in there is wonky. >>>> >>>> ...Kevin >>>> -- >>>> Kevin Miller >>>> Network/email Administrator, CBJ MIS Dept. >>>> 155 South Seward Street >>>> Juneau, Alaska 99801 >>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>> 307357 >>>> >>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>> James Nelson >>>>> Sent: Monday, February 23, 2015 9:26 AM >>>>> To: MailScanner discussion >>>>> Subject: RE: Filename Restrictions Not working >>>>> >>>>> Well, an interesting update... >>>>> >>>>> I changed up my approach, and pointed the Deny Filenames = in >>>>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >>>>> follows: >>>>> >>>>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >>>>> \.chm$ >>>>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>>>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>>>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ >>>>> \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >>>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>>>> >>>>> When running MailScanner --lint now, it DOES detect eicar.com as >>>>> a blocked filetype. However, it's still allowing blocked >>>>> filetypes through ? >>>>> >>>>> >>>>> >>>>> >>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>> contemplates it, bearing within him the image of a cathedral.? >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>> Jerry Benton >>>>> Sent: Sunday, February 22, 2015 4:11 PM >>>>> To: MailScanner discussion >>>>> Subject: Re: Filename Restrictions Not working >>>>> >>>>> Its not beta anymore. (The RPM package.) >>>>> >>>>> - >>>>> Jerry Benton >>>>> www.mailborder.com >>>>> >>>>> >>>>> >>>>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>>>>> >>>>> wrote: >>>>>> >>>>>> I will try that tomorrow...i'm about out of other ideas. >>>>>> >>>>>> I suppose I could also try the new MS beta, just to throw >>>>>> something >>>>> else at the wall... >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>> >>>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- >>>>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>>>> Sent: Saturday, February 21, 2015 5:54 AM >>>>>> To: MailScanner discussion >>>>>> Subject: Re: Filename Restrictions Not working >>>>>> >>>>>> I?m not pimping my product, but I would suggest you install a >>>>> Mailborder server for a comparison test. Check to see if it is >>>>> working correctly (the Mailborder server) and compare the configs >>>>> on the Mailborder server to yours. This will at least eliminate >>>>> the Mailscanner configuration variable from the equation. >>>>>> >>>>>> - >>>>>> Jerry Benton >>>>>> www.mailborder.com >>>>>> >>>>>> >>>>>> >>>>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>>>>>> >>>>> wrote: >>>>>>> >>>>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>>>> again, >>>>> everything works except filename checking. The only thing I >>>>> changed was to disallow zip files(just changed allow to deny in >>>>> filenames.rules.conf) and it still lets it all through. >>>>>>> >>>>>>> It just doesn't seem to want to work, with no errors to shed >>>>>>> any >>>>> light. >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> > > > > -- > -- Glenn > email: glenn < dot > steen < at > gmail < dot > com > work: glenn < dot > steen < at > ap1 < dot > se > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Tue Feb 24 17:44:43 2015 From: James.Nelson at vgt.net (James Nelson) Date: Tue, 24 Feb 2015 17:44:43 +0000 Subject: Filename Restrictions Not working In-Reply-To: <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> Message-ID: <2cdd76b5e7bf48fe8cb4440d89b7191b@VGTMAIL2.vgt.net> It did, and I've tried copying over the filename\type rules (modifying the names and paths of course) and it doesn't work Now...in the MailBorder configuration, it stated not to install WebMin...which I do have running on the original MailScanner server...could that be causing a problem? I didn't think it was since virus scanning, spam scoring, etc-- all work. Basically everything except attachment checking\blocking seems to be in good shape. ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Tuesday, February 24, 2015 11:14 AM To: MailScanner discussion Subject: Re: Filename Restrictions Not working Crazy question: Did the Mailborder server you setup work? If so, use it to create your configs and copy them? - Jerry Benton www.mailborder.com > On Feb 24, 2015, at 11:28 AM, James Nelson wrote: > > Hi Glenn, > > I ran that test and got the exact result you did, which is either good > or very bad, because it's still not working :) > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info > [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn > Steen > Sent: Tuesday, February 24, 2015 9:55 AM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? > Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. > > You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: > -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" > With sender = someone at example.net > recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" > -bash-4.2$ > > > Check the syntax with "MailScanner --help". > > Seems to me that the ruleset is borked, the actual filenames aren't > read, or there still resida a postfix instance that don't have the > correct HOLD thingy on your system... In decreasing order of > probability;-) > > Cheers > -- > -- Glenn > > On 24 February 2015 at 14:22, James Nelson wrote: >> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a >> blocked filetype, it just doesn't do anything about it during mail >> scanning. I had the thought that my rules files had permissions >> problems, but I made them readable for everyone just to be sure. >> >> I have the group as Apache as part of the configuration for MailWatch. >> >> >> >> On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: >> >> I see you have run as user/group set to postfix/apache... When >> you've done your lint and debug runs, did you do them as postfix user or root? >> My guess is that the rule file for filenames might not be readable to >> the postfix user. >> >> Cheers! >> -- >> -- Glenn >> >> Den 23 feb 2015 22:09 skrev "James Nelson" : >>> >>> >>> Sorry about that, I thought I set it to public. Try again :). >>> >>> Jerry, I'm building a Mailborder server now to test. >>> >>> >>> ?a rockpile ceases to be a rockpile the moment a single man >>> contemplates it, bearing within him the image of a cathedral.? >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>> Kevin Miller >>> Sent: Monday, February 23, 2015 2:20 PM >>> To: 'MailScanner discussion' >>> Subject: RE: Filename Restrictions Not working >>> >>> It said this "This is a private paste. If you created this paste, >>> please login to view it." I couldn't see it. >>> >>> If there's anything that needs to be munged (like your watermark), >>> just edit that before posting and make it a public post. >>> >>> ...Kevin >>> -- >>> Kevin Miller >>> Network/email Administrator, CBJ MIS Dept. >>> 155 South Seward Street >>> Juneau, Alaska 99801 >>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>> 307357 >>> >>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>> James Nelson >>>> Sent: Monday, February 23, 2015 10:52 AM >>>> To: MailScanner discussion >>>> Subject: RE: Filename Restrictions Not working >>>> >>>> Kevin, >>>> >>>> Here's my complete MailScanner.conf: >>>> >>>> http://pastebin.com/ci9dz8iL >>>> >>>> Jerry: >>>> >>>> I changed default to *@* this morning in the course of my, "did >>>> that work? No, okay, how about this," but the result was the same regardless. >>>> >>>> I'm not applying any configuration via conf.d at the moment...if I >>>> were to do that, would it supersede anything in MailScanner.conf? >>>> >>>> >>>> >>>> ?a rockpile ceases to be a rockpile the moment a single man >>>> contemplates it, bearing within him the image of a cathedral.? >>>> >>>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>> Kevin Miller >>>> Sent: Monday, February 23, 2015 12:50 PM >>>> To: 'MailScanner discussion' >>>> Subject: RE: Filename Restrictions Not working >>>> >>>> Maybe you could post your MailScanner.conf to pastebin. I'm >>>> guessing something in there is wonky. >>>> >>>> ...Kevin >>>> -- >>>> Kevin Miller >>>> Network/email Administrator, CBJ MIS Dept. >>>> 155 South Seward Street >>>> Juneau, Alaska 99801 >>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>> 307357 >>>> >>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>> James Nelson >>>>> Sent: Monday, February 23, 2015 9:26 AM >>>>> To: MailScanner discussion >>>>> Subject: RE: Filename Restrictions Not working >>>>> >>>>> Well, an interesting update... >>>>> >>>>> I changed up my approach, and pointed the Deny Filenames = in >>>>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >>>>> follows: >>>>> >>>>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >>>>> \.chm$ >>>>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>>>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>>>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ >>>>> \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >>>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>>>> >>>>> When running MailScanner --lint now, it DOES detect eicar.com as a >>>>> blocked filetype. However, it's still allowing blocked filetypes >>>>> through ? >>>>> >>>>> >>>>> >>>>> >>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>> contemplates it, bearing within him the image of a cathedral.? >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>> Jerry Benton >>>>> Sent: Sunday, February 22, 2015 4:11 PM >>>>> To: MailScanner discussion >>>>> Subject: Re: Filename Restrictions Not working >>>>> >>>>> Its not beta anymore. (The RPM package.) >>>>> >>>>> - >>>>> Jerry Benton >>>>> www.mailborder.com >>>>> >>>>> >>>>> >>>>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>>>> wrote: >>>>>> >>>>>> I will try that tomorrow...i'm about out of other ideas. >>>>>> >>>>>> I suppose I could also try the new MS beta, just to throw >>>>>> something >>>>> else at the wall... >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>> >>>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- >>>>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>>>> Sent: Saturday, February 21, 2015 5:54 AM >>>>>> To: MailScanner discussion >>>>>> Subject: Re: Filename Restrictions Not working >>>>>> >>>>>> I?m not pimping my product, but I would suggest you install a >>>>> Mailborder server for a comparison test. Check to see if it is >>>>> working correctly (the Mailborder server) and compare the configs >>>>> on the Mailborder server to yours. This will at least eliminate >>>>> the Mailscanner configuration variable from the equation. >>>>>> >>>>>> - >>>>>> Jerry Benton >>>>>> www.mailborder.com >>>>>> >>>>>> >>>>>> >>>>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>>>>>> >>>>> wrote: >>>>>>> >>>>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>>>> again, >>>>> everything works except filename checking. The only thing I >>>>> changed was to disallow zip files(just changed allow to deny in >>>>> filenames.rules.conf) and it still lets it all through. >>>>>>> >>>>>>> It just doesn't seem to want to work, with no errors to shed >>>>>>> any >>>>> light. >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> > > > > -- > -- Glenn > email: glenn < dot > steen < at > gmail < dot > com > work: glenn < dot > steen < at > ap1 < dot > se > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Tue Feb 24 18:21:25 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 24 Feb 2015 13:21:25 -0500 Subject: Filename Restrictions Not working In-Reply-To: <2cdd76b5e7bf48fe8cb4440d89b7191b@VGTMAIL2.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> <2cdd76b5e7bf48fe8cb4440d89b7191b@VGTMAIL2.vgt.net> Message-ID: <7E27E743-68DC-4378-8187-C22D3B89AC81@mailborder.com> Webmin is not recommended in the event that it changes file permissions or modifies the firewall, which the Mailborder scripts handle. It will work, until webmin breaks it. So you are saying the Mailborder install does not work for filename checking and blocking? If so, you are doing something wrong somewhere on both the vanilla MailScanner and Mailborder controlled MailScanner. The Mailborder controlled version should work on a default install. - Jerry Benton www.mailborder.com > On Feb 24, 2015, at 12:44 PM, James Nelson wrote: > > It did, and I've tried copying over the filename\type rules (modifying the names and paths of course) and it doesn't work > > Now...in the MailBorder configuration, it stated not to install WebMin...which I do have running on the original MailScanner server...could that be causing a problem? I didn't think it was since virus scanning, spam scoring, etc-- all work. Basically everything except attachment checking\blocking seems to be in good shape. > > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Tuesday, February 24, 2015 11:14 AM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Crazy question: Did the Mailborder server you setup work? If so, use it to create your configs and copy them? > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 24, 2015, at 11:28 AM, James Nelson wrote: >> >> Hi Glenn, >> >> I ran that test and got the exact result you did, which is either good >> or very bad, because it's still not working :) >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Glenn >> Steen >> Sent: Tuesday, February 24, 2015 9:55 AM >> To: MailScanner discussion >> Subject: Re: Filename Restrictions Not working >> >> Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? >> Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. >> >> You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: >> -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" >> With sender = someone at example.net >> recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" >> -bash-4.2$ >> >> >> Check the syntax with "MailScanner --help". >> >> Seems to me that the ruleset is borked, the actual filenames aren't >> read, or there still resida a postfix instance that don't have the >> correct HOLD thingy on your system... In decreasing order of >> probability;-) >> >> Cheers >> -- >> -- Glenn >> >> On 24 February 2015 at 14:22, James Nelson wrote: >>> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a >>> blocked filetype, it just doesn't do anything about it during mail >>> scanning. I had the thought that my rules files had permissions >>> problems, but I made them readable for everyone just to be sure. >>> >>> I have the group as Apache as part of the configuration for MailWatch. >>> >>> >>> >>> On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: >>> >>> I see you have run as user/group set to postfix/apache... When >>> you've done your lint and debug runs, did you do them as postfix user or root? >>> My guess is that the rule file for filenames might not be readable to >>> the postfix user. >>> >>> Cheers! >>> -- >>> -- Glenn >>> >>> Den 23 feb 2015 22:09 skrev "James Nelson" : >>>> >>>> >>>> Sorry about that, I thought I set it to public. Try again :). >>>> >>>> Jerry, I'm building a Mailborder server now to test. >>>> >>>> >>>> ?a rockpile ceases to be a rockpile the moment a single man >>>> contemplates it, bearing within him the image of a cathedral.? >>>> >>>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>> Kevin Miller >>>> Sent: Monday, February 23, 2015 2:20 PM >>>> To: 'MailScanner discussion' >>>> Subject: RE: Filename Restrictions Not working >>>> >>>> It said this "This is a private paste. If you created this paste, >>>> please login to view it." I couldn't see it. >>>> >>>> If there's anything that needs to be munged (like your watermark), >>>> just edit that before posting and make it a public post. >>>> >>>> ...Kevin >>>> -- >>>> Kevin Miller >>>> Network/email Administrator, CBJ MIS Dept. >>>> 155 South Seward Street >>>> Juneau, Alaska 99801 >>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>> 307357 >>>> >>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>> James Nelson >>>>> Sent: Monday, February 23, 2015 10:52 AM >>>>> To: MailScanner discussion >>>>> Subject: RE: Filename Restrictions Not working >>>>> >>>>> Kevin, >>>>> >>>>> Here's my complete MailScanner.conf: >>>>> >>>>> http://pastebin.com/ci9dz8iL >>>>> >>>>> Jerry: >>>>> >>>>> I changed default to *@* this morning in the course of my, "did >>>>> that work? No, okay, how about this," but the result was the same regardless. >>>>> >>>>> I'm not applying any configuration via conf.d at the moment...if I >>>>> were to do that, would it supersede anything in MailScanner.conf? >>>>> >>>>> >>>>> >>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>> contemplates it, bearing within him the image of a cathedral.? >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>> Kevin Miller >>>>> Sent: Monday, February 23, 2015 12:50 PM >>>>> To: 'MailScanner discussion' >>>>> Subject: RE: Filename Restrictions Not working >>>>> >>>>> Maybe you could post your MailScanner.conf to pastebin. I'm >>>>> guessing something in there is wonky. >>>>> >>>>> ...Kevin >>>>> -- >>>>> Kevin Miller >>>>> Network/email Administrator, CBJ MIS Dept. >>>>> 155 South Seward Street >>>>> Juneau, Alaska 99801 >>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>> 307357 >>>>> >>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>> James Nelson >>>>>> Sent: Monday, February 23, 2015 9:26 AM >>>>>> To: MailScanner discussion >>>>>> Subject: RE: Filename Restrictions Not working >>>>>> >>>>>> Well, an interesting update... >>>>>> >>>>>> I changed up my approach, and pointed the Deny Filenames = in >>>>>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >>>>>> follows: >>>>>> >>>>>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >>>>>> \.chm$ >>>>>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>>>>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>>>>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ \.ws$ >>>>>> \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >>>>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>>>>> >>>>>> When running MailScanner --lint now, it DOES detect eicar.com as a >>>>>> blocked filetype. However, it's still allowing blocked filetypes >>>>>> through ? >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>> >>>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>> Jerry Benton >>>>>> Sent: Sunday, February 22, 2015 4:11 PM >>>>>> To: MailScanner discussion >>>>>> Subject: Re: Filename Restrictions Not working >>>>>> >>>>>> Its not beta anymore. (The RPM package.) >>>>>> >>>>>> - >>>>>> Jerry Benton >>>>>> www.mailborder.com >>>>>> >>>>>> >>>>>> >>>>>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>>>>> wrote: >>>>>>> >>>>>>> I will try that tomorrow...i'm about out of other ideas. >>>>>>> >>>>>>> I suppose I could also try the new MS beta, just to throw >>>>>>> something >>>>>> else at the wall... >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner- >>>>>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>>>>> Sent: Saturday, February 21, 2015 5:54 AM >>>>>>> To: MailScanner discussion >>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>> >>>>>>> I?m not pimping my product, but I would suggest you install a >>>>>> Mailborder server for a comparison test. Check to see if it is >>>>>> working correctly (the Mailborder server) and compare the configs >>>>>> on the Mailborder server to yours. This will at least eliminate >>>>>> the Mailscanner configuration variable from the equation. >>>>>>> >>>>>>> - >>>>>>> Jerry Benton >>>>>>> www.mailborder.com >>>>>>> >>>>>>> >>>>>>> >>>>>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>>>>>>> >>>>>> wrote: >>>>>>>> >>>>>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>>>>> again, >>>>>> everything works except filename checking. The only thing I >>>>>> changed was to disallow zip files(just changed allow to deny in >>>>>> filenames.rules.conf) and it still lets it all through. >>>>>>>> >>>>>>>> It just doesn't seem to want to work, with no errors to shed >>>>>>>> any >>>>>> light. >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> >> >> >> >> -- >> -- Glenn >> email: glenn < dot > steen < at > gmail < dot > com >> work: glenn < dot > steen < at > ap1 < dot > se >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Tue Feb 24 18:45:17 2015 From: James.Nelson at vgt.net (James Nelson) Date: Tue, 24 Feb 2015 18:45:17 +0000 Subject: Filename Restrictions Not working In-Reply-To: <7E27E743-68DC-4378-8187-C22D3B89AC81@mailborder.com> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> <2cdd76b5e7bf48fe8cb4440d89b7191b@VGTMAIL2.vgt.net> <7E27E743-68DC-4378-8187-C22D3B89AC81@mailborder.com> Message-ID: Webmin is installed on MailScanner server...which doesn't work. It's not installed on the MailBorder server, however, which DOES work. ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Tuesday, February 24, 2015 12:21 PM To: MailScanner discussion Subject: Re: Filename Restrictions Not working Webmin is not recommended in the event that it changes file permissions or modifies the firewall, which the Mailborder scripts handle. It will work, until webmin breaks it. So you are saying the Mailborder install does not work for filename checking and blocking? If so, you are doing something wrong somewhere on both the vanilla MailScanner and Mailborder controlled MailScanner. The Mailborder controlled version should work on a default install. - Jerry Benton www.mailborder.com > On Feb 24, 2015, at 12:44 PM, James Nelson wrote: > > It did, and I've tried copying over the filename\type rules (modifying > the names and paths of course) and it doesn't work > > Now...in the MailBorder configuration, it stated not to install WebMin...which I do have running on the original MailScanner server...could that be causing a problem? I didn't think it was since virus scanning, spam scoring, etc-- all work. Basically everything except attachment checking\blocking seems to be in good shape. > > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info > [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry > Benton > Sent: Tuesday, February 24, 2015 11:14 AM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Crazy question: Did the Mailborder server you setup work? If so, use it to create your configs and copy them? > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 24, 2015, at 11:28 AM, James Nelson wrote: >> >> Hi Glenn, >> >> I ran that test and got the exact result you did, which is either >> good or very bad, because it's still not working :) >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >> Glenn Steen >> Sent: Tuesday, February 24, 2015 9:55 AM >> To: MailScanner discussion >> Subject: Re: Filename Restrictions Not working >> >> Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? >> Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. >> >> You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: >> -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" >> With sender = someone at example.net >> recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" >> -bash-4.2$ >> >> >> Check the syntax with "MailScanner --help". >> >> Seems to me that the ruleset is borked, the actual filenames aren't >> read, or there still resida a postfix instance that don't have the >> correct HOLD thingy on your system... In decreasing order of >> probability;-) >> >> Cheers >> -- >> -- Glenn >> >> On 24 February 2015 at 14:22, James Nelson wrote: >>> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a >>> blocked filetype, it just doesn't do anything about it during mail >>> scanning. I had the thought that my rules files had permissions >>> problems, but I made them readable for everyone just to be sure. >>> >>> I have the group as Apache as part of the configuration for MailWatch. >>> >>> >>> >>> On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: >>> >>> I see you have run as user/group set to postfix/apache... When >>> you've done your lint and debug runs, did you do them as postfix user or root? >>> My guess is that the rule file for filenames might not be readable >>> to the postfix user. >>> >>> Cheers! >>> -- >>> -- Glenn >>> >>> Den 23 feb 2015 22:09 skrev "James Nelson" : >>>> >>>> >>>> Sorry about that, I thought I set it to public. Try again :). >>>> >>>> Jerry, I'm building a Mailborder server now to test. >>>> >>>> >>>> ?a rockpile ceases to be a rockpile the moment a single man >>>> contemplates it, bearing within him the image of a cathedral.? >>>> >>>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>> Kevin Miller >>>> Sent: Monday, February 23, 2015 2:20 PM >>>> To: 'MailScanner discussion' >>>> Subject: RE: Filename Restrictions Not working >>>> >>>> It said this "This is a private paste. If you created this paste, >>>> please login to view it." I couldn't see it. >>>> >>>> If there's anything that needs to be munged (like your watermark), >>>> just edit that before posting and make it a public post. >>>> >>>> ...Kevin >>>> -- >>>> Kevin Miller >>>> Network/email Administrator, CBJ MIS Dept. >>>> 155 South Seward Street >>>> Juneau, Alaska 99801 >>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>> 307357 >>>> >>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>> James Nelson >>>>> Sent: Monday, February 23, 2015 10:52 AM >>>>> To: MailScanner discussion >>>>> Subject: RE: Filename Restrictions Not working >>>>> >>>>> Kevin, >>>>> >>>>> Here's my complete MailScanner.conf: >>>>> >>>>> http://pastebin.com/ci9dz8iL >>>>> >>>>> Jerry: >>>>> >>>>> I changed default to *@* this morning in the course of my, "did >>>>> that work? No, okay, how about this," but the result was the same regardless. >>>>> >>>>> I'm not applying any configuration via conf.d at the moment...if I >>>>> were to do that, would it supersede anything in MailScanner.conf? >>>>> >>>>> >>>>> >>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>> contemplates it, bearing within him the image of a cathedral.? >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>> Kevin Miller >>>>> Sent: Monday, February 23, 2015 12:50 PM >>>>> To: 'MailScanner discussion' >>>>> Subject: RE: Filename Restrictions Not working >>>>> >>>>> Maybe you could post your MailScanner.conf to pastebin. I'm >>>>> guessing something in there is wonky. >>>>> >>>>> ...Kevin >>>>> -- >>>>> Kevin Miller >>>>> Network/email Administrator, CBJ MIS Dept. >>>>> 155 South Seward Street >>>>> Juneau, Alaska 99801 >>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>> 307357 >>>>> >>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>> James Nelson >>>>>> Sent: Monday, February 23, 2015 9:26 AM >>>>>> To: MailScanner discussion >>>>>> Subject: RE: Filename Restrictions Not working >>>>>> >>>>>> Well, an interesting update... >>>>>> >>>>>> I changed up my approach, and pointed the Deny Filenames = in >>>>>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >>>>>> follows: >>>>>> >>>>>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >>>>>> \.chm$ >>>>>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>>>>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>>>>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ >>>>>> \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >>>>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>>>>> >>>>>> When running MailScanner --lint now, it DOES detect eicar.com as >>>>>> a blocked filetype. However, it's still allowing blocked >>>>>> filetypes through ? >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>> >>>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>> Jerry Benton >>>>>> Sent: Sunday, February 22, 2015 4:11 PM >>>>>> To: MailScanner discussion >>>>>> Subject: Re: Filename Restrictions Not working >>>>>> >>>>>> Its not beta anymore. (The RPM package.) >>>>>> >>>>>> - >>>>>> Jerry Benton >>>>>> www.mailborder.com >>>>>> >>>>>> >>>>>> >>>>>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>>>>> wrote: >>>>>>> >>>>>>> I will try that tomorrow...i'm about out of other ideas. >>>>>>> >>>>>>> I suppose I could also try the new MS beta, just to throw >>>>>>> something >>>>>> else at the wall... >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner- >>>>>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>>>>> Sent: Saturday, February 21, 2015 5:54 AM >>>>>>> To: MailScanner discussion >>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>> >>>>>>> I?m not pimping my product, but I would suggest you install a >>>>>> Mailborder server for a comparison test. Check to see if it is >>>>>> working correctly (the Mailborder server) and compare the configs >>>>>> on the Mailborder server to yours. This will at least eliminate >>>>>> the Mailscanner configuration variable from the equation. >>>>>>> >>>>>>> - >>>>>>> Jerry Benton >>>>>>> www.mailborder.com >>>>>>> >>>>>>> >>>>>>> >>>>>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>>>>>>> >>>>>> wrote: >>>>>>>> >>>>>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>>>>> again, >>>>>> everything works except filename checking. The only thing I >>>>>> changed was to disallow zip files(just changed allow to deny in >>>>>> filenames.rules.conf) and it still lets it all through. >>>>>>>> >>>>>>>> It just doesn't seem to want to work, with no errors to shed >>>>>>>> any >>>>>> light. >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> >> >> >> >> -- >> -- Glenn >> email: glenn < dot > steen < at > gmail < dot > com >> work: glenn < dot > steen < at > ap1 < dot > se >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Tue Feb 24 19:24:47 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 24 Feb 2015 14:24:47 -0500 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> <2cdd76b5e7bf48fe8cb4440d89b7191b@VGTMAIL2.vgt.net> <7E27E743-68DC-4378-8187-C22D3B89AC81@mailborder.com> Message-ID: That doesn?t necessarily mean webmin is causing the problem on you vanilla MailScanner server. I would compare the configs between the two servers. Or just use the Mailborder server. Hell of a lot easier to manage. - Jerry Benton www.mailborder.com > On Feb 24, 2015, at 1:45 PM, James Nelson wrote: > > Webmin is installed on MailScanner server...which doesn't work. It's not installed on the MailBorder server, however, which DOES work. > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Tuesday, February 24, 2015 12:21 PM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Webmin is not recommended in the event that it changes file permissions or modifies the firewall, which the Mailborder scripts handle. It will work, until webmin breaks it. > > So you are saying the Mailborder install does not work for filename checking and blocking? If so, you are doing something wrong somewhere on both the vanilla MailScanner and Mailborder controlled MailScanner. The Mailborder controlled version should work on a default install. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 24, 2015, at 12:44 PM, James Nelson wrote: >> >> It did, and I've tried copying over the filename\type rules (modifying >> the names and paths of course) and it doesn't work >> >> Now...in the MailBorder configuration, it stated not to install WebMin...which I do have running on the original MailScanner server...could that be causing a problem? I didn't think it was since virus scanning, spam scoring, etc-- all work. Basically everything except attachment checking\blocking seems to be in good shape. >> >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry >> Benton >> Sent: Tuesday, February 24, 2015 11:14 AM >> To: MailScanner discussion >> Subject: Re: Filename Restrictions Not working >> >> Crazy question: Did the Mailborder server you setup work? If so, use it to create your configs and copy them? >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 24, 2015, at 11:28 AM, James Nelson wrote: >>> >>> Hi Glenn, >>> >>> I ran that test and got the exact result you did, which is either >>> good or very bad, because it's still not working :) >>> >>> >>> >>> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>> Glenn Steen >>> Sent: Tuesday, February 24, 2015 9:55 AM >>> To: MailScanner discussion >>> Subject: Re: Filename Restrictions Not working >>> >>> Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? >>> Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. >>> >>> You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: >>> -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" >>> With sender = someone at example.net >>> recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" >>> -bash-4.2$ >>> >>> >>> Check the syntax with "MailScanner --help". >>> >>> Seems to me that the ruleset is borked, the actual filenames aren't >>> read, or there still resida a postfix instance that don't have the >>> correct HOLD thingy on your system... In decreasing order of >>> probability;-) >>> >>> Cheers >>> -- >>> -- Glenn >>> >>> On 24 February 2015 at 14:22, James Nelson wrote: >>>> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a >>>> blocked filetype, it just doesn't do anything about it during mail >>>> scanning. I had the thought that my rules files had permissions >>>> problems, but I made them readable for everyone just to be sure. >>>> >>>> I have the group as Apache as part of the configuration for MailWatch. >>>> >>>> >>>> >>>> On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: >>>> >>>> I see you have run as user/group set to postfix/apache... When >>>> you've done your lint and debug runs, did you do them as postfix user or root? >>>> My guess is that the rule file for filenames might not be readable >>>> to the postfix user. >>>> >>>> Cheers! >>>> -- >>>> -- Glenn >>>> >>>> Den 23 feb 2015 22:09 skrev "James Nelson" : >>>>> >>>>> >>>>> Sorry about that, I thought I set it to public. Try again :). >>>>> >>>>> Jerry, I'm building a Mailborder server now to test. >>>>> >>>>> >>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>> contemplates it, bearing within him the image of a cathedral.? >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>>> Kevin Miller >>>>> Sent: Monday, February 23, 2015 2:20 PM >>>>> To: 'MailScanner discussion' >>>>> Subject: RE: Filename Restrictions Not working >>>>> >>>>> It said this "This is a private paste. If you created this paste, >>>>> please login to view it." I couldn't see it. >>>>> >>>>> If there's anything that needs to be munged (like your watermark), >>>>> just edit that before posting and make it a public post. >>>>> >>>>> ...Kevin >>>>> -- >>>>> Kevin Miller >>>>> Network/email Administrator, CBJ MIS Dept. >>>>> 155 South Seward Street >>>>> Juneau, Alaska 99801 >>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>> 307357 >>>>> >>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>> James Nelson >>>>>> Sent: Monday, February 23, 2015 10:52 AM >>>>>> To: MailScanner discussion >>>>>> Subject: RE: Filename Restrictions Not working >>>>>> >>>>>> Kevin, >>>>>> >>>>>> Here's my complete MailScanner.conf: >>>>>> >>>>>> http://pastebin.com/ci9dz8iL >>>>>> >>>>>> Jerry: >>>>>> >>>>>> I changed default to *@* this morning in the course of my, "did >>>>>> that work? No, okay, how about this," but the result was the same regardless. >>>>>> >>>>>> I'm not applying any configuration via conf.d at the moment...if I >>>>>> were to do that, would it supersede anything in MailScanner.conf? >>>>>> >>>>>> >>>>>> >>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>> >>>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>> Kevin Miller >>>>>> Sent: Monday, February 23, 2015 12:50 PM >>>>>> To: 'MailScanner discussion' >>>>>> Subject: RE: Filename Restrictions Not working >>>>>> >>>>>> Maybe you could post your MailScanner.conf to pastebin. I'm >>>>>> guessing something in there is wonky. >>>>>> >>>>>> ...Kevin >>>>>> -- >>>>>> Kevin Miller >>>>>> Network/email Administrator, CBJ MIS Dept. >>>>>> 155 South Seward Street >>>>>> Juneau, Alaska 99801 >>>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>>> 307357 >>>>>> >>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>>> James Nelson >>>>>>> Sent: Monday, February 23, 2015 9:26 AM >>>>>>> To: MailScanner discussion >>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>> >>>>>>> Well, an interesting update... >>>>>>> >>>>>>> I changed up my approach, and pointed the Deny Filenames = in >>>>>>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is as >>>>>>> follows: >>>>>>> >>>>>>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >>>>>>> \.chm$ >>>>>>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>>>>>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>>>>>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ >>>>>>> \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ \.s{10,} >>>>>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>>>>>> >>>>>>> When running MailScanner --lint now, it DOES detect eicar.com as >>>>>>> a blocked filetype. However, it's still allowing blocked >>>>>>> filetypes through ? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>>> Jerry Benton >>>>>>> Sent: Sunday, February 22, 2015 4:11 PM >>>>>>> To: MailScanner discussion >>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>> >>>>>>> Its not beta anymore. (The RPM package.) >>>>>>> >>>>>>> - >>>>>>> Jerry Benton >>>>>>> www.mailborder.com >>>>>>> >>>>>>> >>>>>>> >>>>>>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>>>>>> wrote: >>>>>>>> >>>>>>>> I will try that tomorrow...i'm about out of other ideas. >>>>>>>> >>>>>>>> I suppose I could also try the new MS beta, just to throw >>>>>>>> something >>>>>>> else at the wall... >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>>> >>>>>>>> >>>>>>>> -----Original Message----- >>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>> [mailto:mailscanner- >>>>>>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>>>>>> Sent: Saturday, February 21, 2015 5:54 AM >>>>>>>> To: MailScanner discussion >>>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>>> >>>>>>>> I?m not pimping my product, but I would suggest you install a >>>>>>> Mailborder server for a comparison test. Check to see if it is >>>>>>> working correctly (the Mailborder server) and compare the configs >>>>>>> on the Mailborder server to yours. This will at least eliminate >>>>>>> the Mailscanner configuration variable from the equation. >>>>>>>> >>>>>>>> - >>>>>>>> Jerry Benton >>>>>>>> www.mailborder.com >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>>>>>>>> >>>>>>> wrote: >>>>>>>>> >>>>>>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>>>>>> again, >>>>>>> everything works except filename checking. The only thing I >>>>>>> changed was to disallow zip files(just changed allow to deny in >>>>>>> filenames.rules.conf) and it still lets it all through. >>>>>>>>> >>>>>>>>> It just doesn't seem to want to work, with no errors to shed >>>>>>>>> any >>>>>>> light. >>>>>>>>> -- >>>>>>>>> MailScanner mailing list >>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>> >>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>> >>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>> >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> >>>> >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> >>> >>> >>> >>> -- >>> -- Glenn >>> email: glenn < dot > steen < at > gmail < dot > com >>> work: glenn < dot > steen < at > ap1 < dot > se >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From James.Nelson at vgt.net Tue Feb 24 21:32:22 2015 From: James.Nelson at vgt.net (James Nelson) Date: Tue, 24 Feb 2015 21:32:22 +0000 Subject: Filename Restrictions Not working In-Reply-To: References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> <2cdd76b5e7bf48fe8cb4440d89b7191b@VGTMAIL2.vgt.net> <7E27E743-68DC-4378-8187-C22D3B89AC81@mailborder.com> Message-ID: <0cc46cf5f86c47fbb09bc3974bc9cd13@BNAMAIL1.vgt.net> That's what we are now doing...I've put enough time into it, I have to admit defeat. If anyone thinks of anything else, I can give it a shot...but for now it is MailBorder. Jerry, I noticed that when I signed up for the "community" license, it had a 6 month limit...is that a "trial" period? ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? -----Original Message----- From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Tuesday, February 24, 2015 1:25 PM To: MailScanner discussion Subject: Re: Filename Restrictions Not working That doesn?t necessarily mean webmin is causing the problem on you vanilla MailScanner server. I would compare the configs between the two servers. Or just use the Mailborder server. Hell of a lot easier to manage. - Jerry Benton www.mailborder.com > On Feb 24, 2015, at 1:45 PM, James Nelson wrote: > > Webmin is installed on MailScanner server...which doesn't work. It's not installed on the MailBorder server, however, which DOES work. > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info > [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry > Benton > Sent: Tuesday, February 24, 2015 12:21 PM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > Webmin is not recommended in the event that it changes file permissions or modifies the firewall, which the Mailborder scripts handle. It will work, until webmin breaks it. > > So you are saying the Mailborder install does not work for filename checking and blocking? If so, you are doing something wrong somewhere on both the vanilla MailScanner and Mailborder controlled MailScanner. The Mailborder controlled version should work on a default install. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 24, 2015, at 12:44 PM, James Nelson wrote: >> >> It did, and I've tried copying over the filename\type rules >> (modifying the names and paths of course) and it doesn't work >> >> Now...in the MailBorder configuration, it stated not to install WebMin...which I do have running on the original MailScanner server...could that be causing a problem? I didn't think it was since virus scanning, spam scoring, etc-- all work. Basically everything except attachment checking\blocking seems to be in good shape. >> >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >> Jerry Benton >> Sent: Tuesday, February 24, 2015 11:14 AM >> To: MailScanner discussion >> Subject: Re: Filename Restrictions Not working >> >> Crazy question: Did the Mailborder server you setup work? If so, use it to create your configs and copy them? >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 24, 2015, at 11:28 AM, James Nelson wrote: >>> >>> Hi Glenn, >>> >>> I ran that test and got the exact result you did, which is either >>> good or very bad, because it's still not working :) >>> >>> >>> >>> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>> Glenn Steen >>> Sent: Tuesday, February 24, 2015 9:55 AM >>> To: MailScanner discussion >>> Subject: Re: Filename Restrictions Not working >>> >>> Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? >>> Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. >>> >>> You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: >>> -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" >>> With sender = someone at example.net >>> recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" >>> -bash-4.2$ >>> >>> >>> Check the syntax with "MailScanner --help". >>> >>> Seems to me that the ruleset is borked, the actual filenames aren't >>> read, or there still resida a postfix instance that don't have the >>> correct HOLD thingy on your system... In decreasing order of >>> probability;-) >>> >>> Cheers >>> -- >>> -- Glenn >>> >>> On 24 February 2015 at 14:22, James Nelson wrote: >>>> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a >>>> blocked filetype, it just doesn't do anything about it during mail >>>> scanning. I had the thought that my rules files had permissions >>>> problems, but I made them readable for everyone just to be sure. >>>> >>>> I have the group as Apache as part of the configuration for MailWatch. >>>> >>>> >>>> >>>> On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: >>>> >>>> I see you have run as user/group set to postfix/apache... When >>>> you've done your lint and debug runs, did you do them as postfix user or root? >>>> My guess is that the rule file for filenames might not be readable >>>> to the postfix user. >>>> >>>> Cheers! >>>> -- >>>> -- Glenn >>>> >>>> Den 23 feb 2015 22:09 skrev "James Nelson" : >>>>> >>>>> >>>>> Sorry about that, I thought I set it to public. Try again :). >>>>> >>>>> Jerry, I'm building a Mailborder server now to test. >>>>> >>>>> >>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>> contemplates it, bearing within him the image of a cathedral.? >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>>> Kevin Miller >>>>> Sent: Monday, February 23, 2015 2:20 PM >>>>> To: 'MailScanner discussion' >>>>> Subject: RE: Filename Restrictions Not working >>>>> >>>>> It said this "This is a private paste. If you created this paste, >>>>> please login to view it." I couldn't see it. >>>>> >>>>> If there's anything that needs to be munged (like your watermark), >>>>> just edit that before posting and make it a public post. >>>>> >>>>> ...Kevin >>>>> -- >>>>> Kevin Miller >>>>> Network/email Administrator, CBJ MIS Dept. >>>>> 155 South Seward Street >>>>> Juneau, Alaska 99801 >>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>> 307357 >>>>> >>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>> James Nelson >>>>>> Sent: Monday, February 23, 2015 10:52 AM >>>>>> To: MailScanner discussion >>>>>> Subject: RE: Filename Restrictions Not working >>>>>> >>>>>> Kevin, >>>>>> >>>>>> Here's my complete MailScanner.conf: >>>>>> >>>>>> http://pastebin.com/ci9dz8iL >>>>>> >>>>>> Jerry: >>>>>> >>>>>> I changed default to *@* this morning in the course of my, "did >>>>>> that work? No, okay, how about this," but the result was the same regardless. >>>>>> >>>>>> I'm not applying any configuration via conf.d at the moment...if >>>>>> I were to do that, would it supersede anything in MailScanner.conf? >>>>>> >>>>>> >>>>>> >>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>> >>>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>> Kevin Miller >>>>>> Sent: Monday, February 23, 2015 12:50 PM >>>>>> To: 'MailScanner discussion' >>>>>> Subject: RE: Filename Restrictions Not working >>>>>> >>>>>> Maybe you could post your MailScanner.conf to pastebin. I'm >>>>>> guessing something in there is wonky. >>>>>> >>>>>> ...Kevin >>>>>> -- >>>>>> Kevin Miller >>>>>> Network/email Administrator, CBJ MIS Dept. >>>>>> 155 South Seward Street >>>>>> Juneau, Alaska 99801 >>>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>>> 307357 >>>>>> >>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf >>>>>>> Of James Nelson >>>>>>> Sent: Monday, February 23, 2015 9:26 AM >>>>>>> To: MailScanner discussion >>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>> >>>>>>> Well, an interesting update... >>>>>>> >>>>>>> I changed up my approach, and pointed the Deny Filenames = in >>>>>>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is >>>>>>> as >>>>>>> follows: >>>>>>> >>>>>>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >>>>>>> \.chm$ >>>>>>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>>>>>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>>>>>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ >>>>>>> \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ >>>>>>> \.s{10,} >>>>>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>>>>>> >>>>>>> When running MailScanner --lint now, it DOES detect eicar.com as >>>>>>> a blocked filetype. However, it's still allowing blocked >>>>>>> filetypes through ? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf >>>>>>> Of Jerry Benton >>>>>>> Sent: Sunday, February 22, 2015 4:11 PM >>>>>>> To: MailScanner discussion >>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>> >>>>>>> Its not beta anymore. (The RPM package.) >>>>>>> >>>>>>> - >>>>>>> Jerry Benton >>>>>>> www.mailborder.com >>>>>>> >>>>>>> >>>>>>> >>>>>>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>>>>>>> >>>>>>> wrote: >>>>>>>> >>>>>>>> I will try that tomorrow...i'm about out of other ideas. >>>>>>>> >>>>>>>> I suppose I could also try the new MS beta, just to throw >>>>>>>> something >>>>>>> else at the wall... >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>>> >>>>>>>> >>>>>>>> -----Original Message----- >>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>> [mailto:mailscanner- >>>>>>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>>>>>> Sent: Saturday, February 21, 2015 5:54 AM >>>>>>>> To: MailScanner discussion >>>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>>> >>>>>>>> I?m not pimping my product, but I would suggest you install a >>>>>>> Mailborder server for a comparison test. Check to see if it is >>>>>>> working correctly (the Mailborder server) and compare the >>>>>>> configs on the Mailborder server to yours. This will at least >>>>>>> eliminate the Mailscanner configuration variable from the equation. >>>>>>>> >>>>>>>> - >>>>>>>> Jerry Benton >>>>>>>> www.mailborder.com >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>>>>>>>> >>>>>>> wrote: >>>>>>>>> >>>>>>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>>>>>> again, >>>>>>> everything works except filename checking. The only thing I >>>>>>> changed was to disallow zip files(just changed allow to deny in >>>>>>> filenames.rules.conf) and it still lets it all through. >>>>>>>>> >>>>>>>>> It just doesn't seem to want to work, with no errors to shed >>>>>>>>> any >>>>>>> light. >>>>>>>>> -- >>>>>>>>> MailScanner mailing list >>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>> >>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>> >>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>> >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> >>>> >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> >>> >>> >>> >>> -- >>> -- Glenn >>> email: glenn < dot > steen < at > gmail < dot > com >>> work: glenn < dot > steen < at > ap1 < dot > se >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner Before posting, read http://wiki.mailscanner.info/posting Support MailScanner development - buy the book off the website! From jerry.benton at mailborder.com Tue Feb 24 22:21:55 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 24 Feb 2015 17:21:55 -0500 Subject: Filename Restrictions Not working In-Reply-To: <0cc46cf5f86c47fbb09bc3974bc9cd13@BNAMAIL1.vgt.net> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> <2cdd76b5e7bf48fe8cb4440d89b7191b@VGTMAIL2.vgt.net> <7E27E743-68DC-4378-8187-C22D3B89AC81@mailborder.com> <0cc46cf5f86c47fbb09bc3974bc9cd13@BNAMAIL1.vgt.net> Message-ID: <80F7CD25-5360-49E9-9B22-68859064B3F7@mailborder.com> No. When v5 comes out in a month or so you won't need a license for the community edition. if it does expire before I get v5 out, you can renew it for free. - Jerry Benton www.mailborder.com Sent from my iPhone > On Feb 24, 2015, at 16:32, James Nelson wrote: > > That's what we are now doing...I've put enough time into it, I have to admit defeat. If anyone thinks of anything else, I can give it a shot...but for now it is MailBorder. > > Jerry, I noticed that when I signed up for the "community" license, it had a 6 month limit...is that a "trial" period? > > > > ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? > > > -----Original Message----- > From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Tuesday, February 24, 2015 1:25 PM > To: MailScanner discussion > Subject: Re: Filename Restrictions Not working > > That doesn?t necessarily mean webmin is causing the problem on you vanilla MailScanner server. I would compare the configs between the two servers. Or just use the Mailborder server. Hell of a lot easier to manage. > > - > Jerry Benton > www.mailborder.com > > > >> On Feb 24, 2015, at 1:45 PM, James Nelson wrote: >> >> Webmin is installed on MailScanner server...which doesn't work. It's not installed on the MailBorder server, however, which DOES work. >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry >> Benton >> Sent: Tuesday, February 24, 2015 12:21 PM >> To: MailScanner discussion >> Subject: Re: Filename Restrictions Not working >> >> Webmin is not recommended in the event that it changes file permissions or modifies the firewall, which the Mailborder scripts handle. It will work, until webmin breaks it. >> >> So you are saying the Mailborder install does not work for filename checking and blocking? If so, you are doing something wrong somewhere on both the vanilla MailScanner and Mailborder controlled MailScanner. The Mailborder controlled version should work on a default install. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 24, 2015, at 12:44 PM, James Nelson wrote: >>> >>> It did, and I've tried copying over the filename\type rules >>> (modifying the names and paths of course) and it doesn't work >>> >>> Now...in the MailBorder configuration, it stated not to install WebMin...which I do have running on the original MailScanner server...could that be causing a problem? I didn't think it was since virus scanning, spam scoring, etc-- all work. Basically everything except attachment checking\blocking seems to be in good shape. >>> >>> >>> >>> >>> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>> Jerry Benton >>> Sent: Tuesday, February 24, 2015 11:14 AM >>> To: MailScanner discussion >>> Subject: Re: Filename Restrictions Not working >>> >>> Crazy question: Did the Mailborder server you setup work? If so, use it to create your configs and copy them? >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 24, 2015, at 11:28 AM, James Nelson wrote: >>>> >>>> Hi Glenn, >>>> >>>> I ran that test and got the exact result you did, which is either >>>> good or very bad, because it's still not working :) >>>> >>>> >>>> >>>> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >>>> >>>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>> Glenn Steen >>>> Sent: Tuesday, February 24, 2015 9:55 AM >>>> To: MailScanner discussion >>>> Subject: Re: Filename Restrictions Not working >>>> >>>> Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? >>>> Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. >>>> >>>> You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: >>>> -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" >>>> With sender = someone at example.net >>>> recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" >>>> -bash-4.2$ >>>> >>>> >>>> Check the syntax with "MailScanner --help". >>>> >>>> Seems to me that the ruleset is borked, the actual filenames aren't >>>> read, or there still resida a postfix instance that don't have the >>>> correct HOLD thingy on your system... In decreasing order of >>>> probability;-) >>>> >>>> Cheers >>>> -- >>>> -- Glenn >>>> >>>>> On 24 February 2015 at 14:22, James Nelson wrote: >>>>> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a >>>>> blocked filetype, it just doesn't do anything about it during mail >>>>> scanning. I had the thought that my rules files had permissions >>>>> problems, but I made them readable for everyone just to be sure. >>>>> >>>>> I have the group as Apache as part of the configuration for MailWatch. >>>>> >>>>> >>>>> >>>>> On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: >>>>> >>>>> I see you have run as user/group set to postfix/apache... When >>>>> you've done your lint and debug runs, did you do them as postfix user or root? >>>>> My guess is that the rule file for filenames might not be readable >>>>> to the postfix user. >>>>> >>>>> Cheers! >>>>> -- >>>>> -- Glenn >>>>> >>>>> Den 23 feb 2015 22:09 skrev "James Nelson" : >>>>>> >>>>>> >>>>>> Sorry about that, I thought I set it to public. Try again :). >>>>>> >>>>>> Jerry, I'm building a Mailborder server now to test. >>>>>> >>>>>> >>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>> >>>>>> >>>>>> -----Original Message----- >>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>>>> Kevin Miller >>>>>> Sent: Monday, February 23, 2015 2:20 PM >>>>>> To: 'MailScanner discussion' >>>>>> Subject: RE: Filename Restrictions Not working >>>>>> >>>>>> It said this "This is a private paste. If you created this paste, >>>>>> please login to view it." I couldn't see it. >>>>>> >>>>>> If there's anything that needs to be munged (like your watermark), >>>>>> just edit that before posting and make it a public post. >>>>>> >>>>>> ...Kevin >>>>>> -- >>>>>> Kevin Miller >>>>>> Network/email Administrator, CBJ MIS Dept. >>>>>> 155 South Seward Street >>>>>> Juneau, Alaska 99801 >>>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>>> 307357 >>>>>> >>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>>> James Nelson >>>>>>> Sent: Monday, February 23, 2015 10:52 AM >>>>>>> To: MailScanner discussion >>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>> >>>>>>> Kevin, >>>>>>> >>>>>>> Here's my complete MailScanner.conf: >>>>>>> >>>>>>> http://pastebin.com/ci9dz8iL >>>>>>> >>>>>>> Jerry: >>>>>>> >>>>>>> I changed default to *@* this morning in the course of my, "did >>>>>>> that work? No, okay, how about this," but the result was the same regardless. >>>>>>> >>>>>>> I'm not applying any configuration via conf.d at the moment...if >>>>>>> I were to do that, would it supersede anything in MailScanner.conf? >>>>>>> >>>>>>> >>>>>>> >>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>>> Kevin Miller >>>>>>> Sent: Monday, February 23, 2015 12:50 PM >>>>>>> To: 'MailScanner discussion' >>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>> >>>>>>> Maybe you could post your MailScanner.conf to pastebin. I'm >>>>>>> guessing something in there is wonky. >>>>>>> >>>>>>> ...Kevin >>>>>>> -- >>>>>>> Kevin Miller >>>>>>> Network/email Administrator, CBJ MIS Dept. >>>>>>> 155 South Seward Street >>>>>>> Juneau, Alaska 99801 >>>>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>>>> 307357 >>>>>>> >>>>>>> >>>>>>>> -----Original Message----- >>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf >>>>>>>> Of James Nelson >>>>>>>> Sent: Monday, February 23, 2015 9:26 AM >>>>>>>> To: MailScanner discussion >>>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>>> >>>>>>>> Well, an interesting update... >>>>>>>> >>>>>>>> I changed up my approach, and pointed the Deny Filenames = in >>>>>>>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is >>>>>>>> as >>>>>>>> follows: >>>>>>>> >>>>>>>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >>>>>>>> \.chm$ >>>>>>>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>>>>>>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>>>>>>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ >>>>>>>> \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ >>>>>>>> \.s{10,} >>>>>>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>>>>>>> >>>>>>>> When running MailScanner --lint now, it DOES detect eicar.com as >>>>>>>> a blocked filetype. However, it's still allowing blocked >>>>>>>> filetypes through ? >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>>> >>>>>>>> >>>>>>>> -----Original Message----- >>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf >>>>>>>> Of Jerry Benton >>>>>>>> Sent: Sunday, February 22, 2015 4:11 PM >>>>>>>> To: MailScanner discussion >>>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>>> >>>>>>>> Its not beta anymore. (The RPM package.) >>>>>>>> >>>>>>>> - >>>>>>>> Jerry Benton >>>>>>>> www.mailborder.com >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>>>>>>>> >>>>>>>> wrote: >>>>>>>>> >>>>>>>>> I will try that tomorrow...i'm about out of other ideas. >>>>>>>>> >>>>>>>>> I suppose I could also try the new MS beta, just to throw >>>>>>>>> something >>>>>>>> else at the wall... >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>>>> >>>>>>>>> >>>>>>>>> -----Original Message----- >>>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>>> [mailto:mailscanner- >>>>>>>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>>>>>>> Sent: Saturday, February 21, 2015 5:54 AM >>>>>>>>> To: MailScanner discussion >>>>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>>>> >>>>>>>>> I?m not pimping my product, but I would suggest you install a >>>>>>>> Mailborder server for a comparison test. Check to see if it is >>>>>>>> working correctly (the Mailborder server) and compare the >>>>>>>> configs on the Mailborder server to yours. This will at least >>>>>>>> eliminate the Mailscanner configuration variable from the equation. >>>>>>>>> >>>>>>>>> - >>>>>>>>> Jerry Benton >>>>>>>>> www.mailborder.com >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>>>>>>>>> >>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>>>>>>> again, >>>>>>>> everything works except filename checking. The only thing I >>>>>>>> changed was to disallow zip files(just changed allow to deny in >>>>>>>> filenames.rules.conf) and it still lets it all through. >>>>>>>>>> >>>>>>>>>> It just doesn't seem to want to work, with no errors to shed >>>>>>>>>> any >>>>>>>> light. >>>>>>>>>> -- >>>>>>>>>> MailScanner mailing list >>>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>>> >>>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>>> >>>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>>> >>>>>>>>> -- >>>>>>>>> MailScanner mailing list >>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>> >>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>> >>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>>> -- >>>>>>>>> MailScanner mailing list >>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>> >>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>> >>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>> >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>>> >>>>> >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> >>>> >>>> >>>> -- >>>> -- Glenn >>>> email: glenn < dot > steen < at > gmail < dot > com >>>> work: glenn < dot > steen < at > ap1 < dot > se >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From glenn.steen at gmail.com Wed Feb 25 08:45:21 2015 From: glenn.steen at gmail.com (Glenn Steen) Date: Wed, 25 Feb 2015 09:45:21 +0100 Subject: Filename Restrictions Not working In-Reply-To: <80F7CD25-5360-49E9-9B22-68859064B3F7@mailborder.com> References: <0de78d3aabdf41ff8a786407c74f165a@City-Exch-DB1.cbj.local> <476412cd480a4ab88cc43a68a842f7b8@VGTMAIL1.vgt.net> <5F05268E-105A-4A59-816C-C3FD0A690398@mailborder.com> <1e32b1449db542c387f5e2e0b2b1c78c@VGTMAIL2.vgt.net> <003ABCDA-7791-4B0C-B0FC-DB740AAA3B01@mailborder.com> <4f5eddaffc0642fea98d5eb598c432a6@VGTMAIL2.vgt.net> <028b68635a0d49f090fb532b90fc7133@City-Exch-DB1.cbj.local> <6660ecb02be8416f907d0cb99b89a87c@VGTMAIL2.vgt.net> <2cf19d9960cf4bceaa27ce55c15cbe54@City-Exch-DB1.cbj.local> <3B397A07-1429-424D-9B40-4559E56B8E93@vgt.net> <8b658058250d4623b4be7c6984499643@VGTMAIL2.vgt.net> <11235F51-4199-43EF-B975-C9D3A0BBEDE6@mailborder.com> <2cdd76b5e7bf48fe8cb4440d89b7191b@VGTMAIL2.vgt.net> <7E27E743-68DC-4378-8187-C22D3B89AC81@mailborder.com> <0cc46cf5f86c47fbb09bc3974bc9cd13@BNAMAIL1.vgt.net> <80F7CD25-5360-49E9-9B22-68859064B3F7@mailborder.com> Message-ID: just a quick question about WebMin... Did you install the MailScanner webmin thing? That is, to my knowledge, hideously out of date and shouldn't be used. Webmin as such, as long as it doesn't futz with postfix or MailScanner should be ok... If you like, and trust us enough, we could have a look at the actual machine (via SSH or somesuch). I've done that a few times, and I know Jules did so rather more frequently... I'd understand if you'd find that approach less than interresting:-) Cheers! On 24 February 2015 at 23:21, Jerry Benton wrote: > No. When v5 comes out in a month or so you won't need a license for the community edition. if it does expire before I get v5 out, you can renew it for free. > > - > Jerry Benton > www.mailborder.com > Sent from my iPhone > >> On Feb 24, 2015, at 16:32, James Nelson wrote: >> >> That's what we are now doing...I've put enough time into it, I have to admit defeat. If anyone thinks of anything else, I can give it a shot...but for now it is MailBorder. >> >> Jerry, I noticed that when I signed up for the "community" license, it had a 6 month limit...is that a "trial" period? >> >> >> >> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >> >> >> -----Original Message----- >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >> Sent: Tuesday, February 24, 2015 1:25 PM >> To: MailScanner discussion >> Subject: Re: Filename Restrictions Not working >> >> That doesn?t necessarily mean webmin is causing the problem on you vanilla MailScanner server. I would compare the configs between the two servers. Or just use the Mailborder server. Hell of a lot easier to manage. >> >> - >> Jerry Benton >> www.mailborder.com >> >> >> >>> On Feb 24, 2015, at 1:45 PM, James Nelson wrote: >>> >>> Webmin is installed on MailScanner server...which doesn't work. It's not installed on the MailBorder server, however, which DOES work. >>> >>> >>> >>> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >>> >>> >>> -----Original Message----- >>> From: mailscanner-bounces at lists.mailscanner.info >>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jerry >>> Benton >>> Sent: Tuesday, February 24, 2015 12:21 PM >>> To: MailScanner discussion >>> Subject: Re: Filename Restrictions Not working >>> >>> Webmin is not recommended in the event that it changes file permissions or modifies the firewall, which the Mailborder scripts handle. It will work, until webmin breaks it. >>> >>> So you are saying the Mailborder install does not work for filename checking and blocking? If so, you are doing something wrong somewhere on both the vanilla MailScanner and Mailborder controlled MailScanner. The Mailborder controlled version should work on a default install. >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> >>> >>> >>>> On Feb 24, 2015, at 12:44 PM, James Nelson wrote: >>>> >>>> It did, and I've tried copying over the filename\type rules >>>> (modifying the names and paths of course) and it doesn't work >>>> >>>> Now...in the MailBorder configuration, it stated not to install WebMin...which I do have running on the original MailScanner server...could that be causing a problem? I didn't think it was since virus scanning, spam scoring, etc-- all work. Basically everything except attachment checking\blocking seems to be in good shape. >>>> >>>> >>>> >>>> >>>> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >>>> >>>> >>>> -----Original Message----- >>>> From: mailscanner-bounces at lists.mailscanner.info >>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>> Jerry Benton >>>> Sent: Tuesday, February 24, 2015 11:14 AM >>>> To: MailScanner discussion >>>> Subject: Re: Filename Restrictions Not working >>>> >>>> Crazy question: Did the Mailborder server you setup work? If so, use it to create your configs and copy them? >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> >>>> >>>> >>>>> On Feb 24, 2015, at 11:28 AM, James Nelson wrote: >>>>> >>>>> Hi Glenn, >>>>> >>>>> I ran that test and got the exact result you did, which is either >>>>> good or very bad, because it's still not working :) >>>>> >>>>> >>>>> >>>>> ?a rockpile ceases to be a rockpile the moment a single man contemplates it, bearing within him the image of a cathedral.? >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>>> Glenn Steen >>>>> Sent: Tuesday, February 24, 2015 9:55 AM >>>>> To: MailScanner discussion >>>>> Subject: Re: Filename Restrictions Not working >>>>> >>>>> Right, so at the postfix user, can you actually read the two files (/etc/MailScanner/filename.rules.conf and /etc/MailScanner/rules/filename.rules)? >>>>> Also, the default line (at least) for the /etc/MailScanner/rules/filename.rules file should mention the %etc-dir%/filename.rules.conf file, at least if you have Filename Rules = %rules-dir%/filename.rules in the /etc/mailScanner/MailScanner.conf file. >>>>> >>>>> You can actually check the value with MailScanner itself (as the Postfix user) by doing something like: >>>>> -bash-4.2$ MailScanner --value=filenamerules --from=someone at example.net --to=someoneelse at yourdomain.com Looked up internal option name "filenamerules" >>>>> With sender = someone at example.net >>>>> recipient = someoneelse at yourdomain.com Client IP = Virus = Result is "/etc/MailScanner/filename.rules.conf" >>>>> -bash-4.2$ >>>>> >>>>> >>>>> Check the syntax with "MailScanner --help". >>>>> >>>>> Seems to me that the ruleset is borked, the actual filenames aren't >>>>> read, or there still resida a postfix instance that don't have the >>>>> correct HOLD thingy on your system... In decreasing order of >>>>> probability;-) >>>>> >>>>> Cheers >>>>> -- >>>>> -- Glenn >>>>> >>>>>> On 24 February 2015 at 14:22, James Nelson wrote: >>>>>> Hi Glenn, I ran --lint as postfix and it does detect eicar.com as a >>>>>> blocked filetype, it just doesn't do anything about it during mail >>>>>> scanning. I had the thought that my rules files had permissions >>>>>> problems, but I made them readable for everyone just to be sure. >>>>>> >>>>>> I have the group as Apache as part of the configuration for MailWatch. >>>>>> >>>>>> >>>>>> >>>>>> On Feb 24, 2015, at 3:37 AM, Glenn Steen wrote: >>>>>> >>>>>> I see you have run as user/group set to postfix/apache... When >>>>>> you've done your lint and debug runs, did you do them as postfix user or root? >>>>>> My guess is that the rule file for filenames might not be readable >>>>>> to the postfix user. >>>>>> >>>>>> Cheers! >>>>>> -- >>>>>> -- Glenn >>>>>> >>>>>> Den 23 feb 2015 22:09 skrev "James Nelson" : >>>>>>> >>>>>>> >>>>>>> Sorry about that, I thought I set it to public. Try again :). >>>>>>> >>>>>>> Jerry, I'm building a Mailborder server now to test. >>>>>>> >>>>>>> >>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>> >>>>>>> >>>>>>> -----Original Message----- >>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of >>>>>>> Kevin Miller >>>>>>> Sent: Monday, February 23, 2015 2:20 PM >>>>>>> To: 'MailScanner discussion' >>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>> >>>>>>> It said this "This is a private paste. If you created this paste, >>>>>>> please login to view it." I couldn't see it. >>>>>>> >>>>>>> If there's anything that needs to be munged (like your watermark), >>>>>>> just edit that before posting and make it a public post. >>>>>>> >>>>>>> ...Kevin >>>>>>> -- >>>>>>> Kevin Miller >>>>>>> Network/email Administrator, CBJ MIS Dept. >>>>>>> 155 South Seward Street >>>>>>> Juneau, Alaska 99801 >>>>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>>>> 307357 >>>>>>> >>>>>>> >>>>>>>> -----Original Message----- >>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>>>> James Nelson >>>>>>>> Sent: Monday, February 23, 2015 10:52 AM >>>>>>>> To: MailScanner discussion >>>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>>> >>>>>>>> Kevin, >>>>>>>> >>>>>>>> Here's my complete MailScanner.conf: >>>>>>>> >>>>>>>> http://pastebin.com/ci9dz8iL >>>>>>>> >>>>>>>> Jerry: >>>>>>>> >>>>>>>> I changed default to *@* this morning in the course of my, "did >>>>>>>> that work? No, okay, how about this," but the result was the same regardless. >>>>>>>> >>>>>>>> I'm not applying any configuration via conf.d at the moment...if >>>>>>>> I were to do that, would it supersede anything in MailScanner.conf? >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>>> >>>>>>>> >>>>>>>> -----Original Message----- >>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf Of >>>>>>>> Kevin Miller >>>>>>>> Sent: Monday, February 23, 2015 12:50 PM >>>>>>>> To: 'MailScanner discussion' >>>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>>> >>>>>>>> Maybe you could post your MailScanner.conf to pastebin. I'm >>>>>>>> guessing something in there is wonky. >>>>>>>> >>>>>>>> ...Kevin >>>>>>>> -- >>>>>>>> Kevin Miller >>>>>>>> Network/email Administrator, CBJ MIS Dept. >>>>>>>> 155 South Seward Street >>>>>>>> Juneau, Alaska 99801 >>>>>>>> Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: >>>>>>>> 307357 >>>>>>>> >>>>>>>> >>>>>>>>> -----Original Message----- >>>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf >>>>>>>>> Of James Nelson >>>>>>>>> Sent: Monday, February 23, 2015 9:26 AM >>>>>>>>> To: MailScanner discussion >>>>>>>>> Subject: RE: Filename Restrictions Not working >>>>>>>>> >>>>>>>>> Well, an interesting update... >>>>>>>>> >>>>>>>>> I changed up my approach, and pointed the Deny Filenames = in >>>>>>>>> MailScanner.conf to %rules-dir%/filename_deny.rules , which is >>>>>>>>> as >>>>>>>>> follows: >>>>>>>>> >>>>>>>>> To: *@* \.ico$ \.ani \.cur$ \.hlp$ \.zip$ \.ceo$ \.cab$ \.reg$ >>>>>>>>> \.chm$ >>>>>>>>> \.cnf$ \.hta$ \.ins$ \.jse?$ \.job$ \.lnk$ \.mat$ \.pif$ \.scf$ >>>>>>>>> \.sct$ \.shs$ \.shb$ \.vb[es]$ \.ws[cfh]$ \.xnk$ \.cer$ \.its$ >>>>>>>>> \.mau$ \.md[az]$ \.prf$ \.pst$ \.tmp$ \.vsmacros$ \.vs[stw]$ >>>>>>>>> \.ws$ \.com$ \.exe$ \.scr$ \.bat$ \.cmd$ \.cpl$ \.mhtml$ >>>>>>>>> \.s{10,} >>>>>>>>> \.[a-z][a-z0-9]{2,3}\s*\.[a-z0- 9]{3}$ >>>>>>>>> >>>>>>>>> When running MailScanner --lint now, it DOES detect eicar.com as >>>>>>>>> a blocked filetype. However, it's still allowing blocked >>>>>>>>> filetypes through ? >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>>>> >>>>>>>>> >>>>>>>>> -----Original Message----- >>>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>>> [mailto:mailscanner- bounces at lists.mailscanner.info] On Behalf >>>>>>>>> Of Jerry Benton >>>>>>>>> Sent: Sunday, February 22, 2015 4:11 PM >>>>>>>>> To: MailScanner discussion >>>>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>>>> >>>>>>>>> Its not beta anymore. (The RPM package.) >>>>>>>>> >>>>>>>>> - >>>>>>>>> Jerry Benton >>>>>>>>> www.mailborder.com >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> On Feb 22, 2015, at 4:33 PM, James Nelson >>>>>>>>>> >>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>> I will try that tomorrow...i'm about out of other ideas. >>>>>>>>>> >>>>>>>>>> I suppose I could also try the new MS beta, just to throw >>>>>>>>>> something >>>>>>>>> else at the wall... >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> ?a rockpile ceases to be a rockpile the moment a single man >>>>>>>>> contemplates it, bearing within him the image of a cathedral.? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -----Original Message----- >>>>>>>>>> From: mailscanner-bounces at lists.mailscanner.info >>>>>>>>>> [mailto:mailscanner- >>>>>>>>> bounces at lists.mailscanner.info] On Behalf Of Jerry Benton >>>>>>>>>> Sent: Saturday, February 21, 2015 5:54 AM >>>>>>>>>> To: MailScanner discussion >>>>>>>>>> Subject: Re: Filename Restrictions Not working >>>>>>>>>> >>>>>>>>>> I?m not pimping my product, but I would suggest you install a >>>>>>>>> Mailborder server for a comparison test. Check to see if it is >>>>>>>>> working correctly (the Mailborder server) and compare the >>>>>>>>> configs on the Mailborder server to yours. This will at least >>>>>>>>> eliminate the Mailscanner configuration variable from the equation. >>>>>>>>>> >>>>>>>>>> - >>>>>>>>>> Jerry Benton >>>>>>>>>> www.mailborder.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> On Feb 21, 2015, at 2:29 AM, James Nelson >>>>>>>>>>> >>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>> Sigh, built a brand new MailScanner box from scratch...once >>>>>>>>>>> again, >>>>>>>>> everything works except filename checking. The only thing I >>>>>>>>> changed was to disallow zip files(just changed allow to deny in >>>>>>>>> filenames.rules.conf) and it still lets it all through. >>>>>>>>>>> >>>>>>>>>>> It just doesn't seem to want to work, with no errors to shed >>>>>>>>>>> any >>>>>>>>> light. >>>>>>>>>>> -- >>>>>>>>>>> MailScanner mailing list >>>>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>>>> >>>>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>>>> >>>>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> MailScanner mailing list >>>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>>> >>>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>>> >>>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>>>> -- >>>>>>>>>> MailScanner mailing list >>>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>>> >>>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>>> >>>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>>> >>>>>>>>> -- >>>>>>>>> MailScanner mailing list >>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>> >>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>> >>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>>> -- >>>>>>>>> MailScanner mailing list >>>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>>> >>>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>>> >>>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>>> -- >>>>>>>> MailScanner mailing list >>>>>>>> mailscanner at lists.mailscanner.info >>>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>>> >>>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>>> >>>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>>> -- >>>>>>> MailScanner mailing list >>>>>>> mailscanner at lists.mailscanner.info >>>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>>> >>>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>>> >>>>>>> Support MailScanner development - buy the book off the website! >>>>>> >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>>> >>>>>> >>>>>> -- >>>>>> MailScanner mailing list >>>>>> mailscanner at lists.mailscanner.info >>>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>>> >>>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>>> >>>>>> Support MailScanner development - buy the book off the website! >>>>> >>>>> >>>>> >>>>> -- >>>>> -- Glenn >>>>> email: glenn < dot > steen < at > gmail < dot > com >>>>> work: glenn < dot > steen < at > ap1 < dot > se >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>>> >>>>> Before posting, read http://wiki.mailscanner.info/posting >>>>> >>>>> Support MailScanner development - buy the book off the website! >>>> >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>>> >>>> Before posting, read http://wiki.mailscanner.info/posting >>>> >>>> Support MailScanner development - buy the book off the website! >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/mailman/listinfo/mailscanner >>> >>> Before posting, read http://wiki.mailscanner.info/posting >>> >>> Support MailScanner development - buy the book off the website! >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> Before posting, read http://wiki.mailscanner.info/posting >> >> Support MailScanner development - buy the book off the website! > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -- -- Glenn email: glenn < dot > steen < at > gmail < dot > com work: glenn < dot > steen < at > ap1 < dot > se From jerry.benton at mailborder.com Wed Feb 25 12:00:15 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 25 Feb 2015 07:00:15 -0500 Subject: v4.85.1-0 tarball beta Message-ID: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> I tested this on FreeBSD. Give me some feedback if you try this out. I will move it to release 1 in about a week if all is well. Some minor things like the install guides will change, but none of the MailScanner code will change. Make sure you have bash, tar, gcc, make, perl5 installed first. Just extract and run ./install.sh https://s3.amazonaws.com/mailscanner/release/v4/tar/MailScanner-install-4.85.1-0.tar.gz - Jerry Benton www.mailborder.com From john at tradoc.fr Wed Feb 25 14:17:33 2015 From: john at tradoc.fr (John Wilcock) Date: Wed, 25 Feb 2015 15:17:33 +0100 Subject: v4.85.1-0 tarball beta In-Reply-To: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> References: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> Message-ID: <54EDD97D.20900@tradoc.fr> Le 25/02/2015 13:00, Jerry Benton a ?crit : > I tested this on FreeBSD. Give me some feedback if you try this out. > I will move it to release 1 in about a week if all is well. Some > minor things like the install guides will change, but none of the > MailScanner code will change. Make sure you have bash, tar, gcc, > make, perl5 installed first. Just extract and run ./install.sh > > https://s3.amazonaws.com/mailscanner/release/v4/tar/MailScanner-install-4.85.1-0.tar.gz FWIW, this works fine on Gentoo (using an ebuild file adapted from the last version of MailScanner that was supported on Gentoo, and thus not using or testing your install.sh file). -- John From jerry.benton at mailborder.com Wed Feb 25 17:48:25 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 25 Feb 2015 12:48:25 -0500 Subject: v4.85.1-0 tarball beta In-Reply-To: <54EDD97D.20900@tradoc.fr> References: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> <54EDD97D.20900@tradoc.fr> Message-ID: <03D008D5-69C8-4255-B282-723D9C48C700@mailborder.com> Thank you. You might want to run the check_modules.sh script to find out what perl modules you are missing. - Jerry Benton www.mailborder.com > On Feb 25, 2015, at 9:17 AM, John Wilcock wrote: > > Le 25/02/2015 13:00, Jerry Benton a ?crit : >> I tested this on FreeBSD. Give me some feedback if you try this out. >> I will move it to release 1 in about a week if all is well. Some >> minor things like the install guides will change, but none of the >> MailScanner code will change. Make sure you have bash, tar, gcc, >> make, perl5 installed first. Just extract and run ./install.sh >> >> https://s3.amazonaws.com/mailscanner/release/v4/tar/MailScanner-install-4.85.1-0.tar.gz > > FWIW, this works fine on Gentoo (using an ebuild file adapted from the > last version of MailScanner that was supported on Gentoo, and thus not > using or testing your install.sh file). > > -- > John > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From john at tradoc.fr Thu Feb 26 07:19:56 2015 From: john at tradoc.fr (John Wilcock) Date: Thu, 26 Feb 2015 08:19:56 +0100 Subject: v4.85.1-0 tarball beta In-Reply-To: <03D008D5-69C8-4255-B282-723D9C48C700@mailborder.com> References: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> <54EDD97D.20900@tradoc.fr> <03D008D5-69C8-4255-B282-723D9C48C700@mailborder.com> Message-ID: <54EEC91C.5040007@tradoc.fr> Le 25/02/2015 18:48, Jerry Benton a ?crit : > Thank you. You might want to run the check_modules.sh script to find > out what perl modules you are missing. That script doesn't get installed with the gentoo ebuild. I could go and dig it out of the tarball, of course, but is there any difference between its output and that of "MailScanner --version"? In my case the box was already running MailScanner, so all the required modules were already there anyway. Unless, of course, there are any changes to minimum required versions of perl modules? -- John From jerry.benton at mailborder.com Thu Feb 26 08:14:49 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 26 Feb 2015 03:14:49 -0500 Subject: v4.85.1-0 tarball beta In-Reply-To: <54EEC91C.5040007@tradoc.fr> References: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> <54EDD97D.20900@tradoc.fr> <03D008D5-69C8-4255-B282-723D9C48C700@mailborder.com> <54EEC91C.5040007@tradoc.fr> Message-ID: John, The script should be in the /opt/MailScanner directory. If you had MailScanner already installed, you need to update the soft link to the new directory. (MailScanner-4.85.1-0) The new version should be in /opt The old MailScanner installer may or may not have installed every single perl module used in the MailScanner code. I did review Julian?s old installer code for what he had listed, but when I compared that to the modules used in MailScanner there were some missing. Perhaps at the time those would have been included in the default perl installation. Try: find /opt|grep check_modules - Jerry Benton www.mailborder.com > On Feb 26, 2015, at 2:19 AM, John Wilcock wrote: > > Le 25/02/2015 18:48, Jerry Benton a ?crit : >> Thank you. You might want to run the check_modules.sh script to find >> out what perl modules you are missing. > > That script doesn't get installed with the gentoo ebuild. I could go and > dig it out of the tarball, of course, but is there any difference > between its output and that of "MailScanner --version"? > > In my case the box was already running MailScanner, so all the required > modules were already there anyway. Unless, of course, there are any > changes to minimum required versions of perl modules? > > -- > John > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! From joh.hendriks at gmail.com Thu Feb 26 08:42:56 2015 From: joh.hendriks at gmail.com (Johan Hendriks) Date: Thu, 26 Feb 2015 09:42:56 +0100 Subject: v4.85.1-0 tarball beta In-Reply-To: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> References: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> Message-ID: <54EEDC90.1080900@gmail.com> Op 25-02-15 om 13:00 schreef Jerry Benton: > I tested this on FreeBSD. Give me some feedback if you try this out. I will move it to release 1 in about a week if all is well. Some minor things like the install guides will change, but none of the MailScanner code will change. Make sure you have bash, tar, gcc, make, perl5 installed first. Just extract and run ./install.sh > > > https://s3.amazonaws.com/mailscanner/release/v4/tar/MailScanner-install-4.85.1-0.tar.gz > > > - > Jerry Benton > www.mailborder.com > > > I used the old port to install MailScanner and it all installs fine with some adjustments to the port files. Later today I will try if it runs. Thank you Jerry for all the hard work on this. From john at tradoc.fr Thu Feb 26 10:21:28 2015 From: john at tradoc.fr (John Wilcock) Date: Thu, 26 Feb 2015 11:21:28 +0100 Subject: v4.85.1-0 tarball beta In-Reply-To: References: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> <54EDD97D.20900@tradoc.fr> <03D008D5-69C8-4255-B282-723D9C48C700@mailborder.com> <54EEC91C.5040007@tradoc.fr> Message-ID: <54EEF3A8.1030708@tradoc.fr> Le 26/02/2015 09:14, Jerry Benton a ?crit : > The script should be in the /opt/MailScanner directory. If you had > MailScanner already installed, you need to update the soft link to > the new directory. (MailScanner-4.85.1-0) The new version should be > in /opt That's not how the gentoo ebuild works. Gentoo installs everything from source, so it needs to start from the tarball rather than an rpm-type package, but it installs things the gentoo way in /usr/lib64, /usr/sbin and so on rather than using the install scripts in the tarball and putting things under /opt. Indeed, it's nice to see that your tarball contains only the Mailscanner code, without all the perl modules that Julian used to bundle. Far more in keeping with the gentoo philosophy :-) Anyway, the check_modules.sh script warns about Inline::C and File::ShareDir::Install (and Mail::ClamAV, but that doesn't matter as I'm using clamd). MailScanner --version lists Inline as an optional module and doesn't mention File::Sharedir::Install at all. Should I care? MS runs quite happily without these modules. -- John From jerry.benton at mailborder.com Thu Feb 26 11:10:14 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 26 Feb 2015 06:10:14 -0500 Subject: v4.85.1-0 tarball beta In-Reply-To: <54EEF3A8.1030708@tradoc.fr> References: <0C1B9CE6-525A-4E44-89FF-943618408DF4@mailborder.com> <54EDD97D.20900@tradoc.fr> <03D008D5-69C8-4255-B282-723D9C48C700@mailborder.com> <54EEC91C.5040007@tradoc.fr> <54EEF3A8.1030708@tradoc.fr> Message-ID: File::ShareDir::Install was required for something that I can?t remember. Maybe Inline::C. The module Inline::C is required for Mail::ClamAV to build. Since you are not using it you obviously don?t need it. - Jerry Benton www.mailborder.com > On Feb 26, 2015, at 5:21 AM, John Wilcock wrote: > > File::ShareDir::Install From jeremy at fluxlabs.net Fri Feb 27 02:12:57 2015 From: jeremy at fluxlabs.net (Jeremy McSpadden) Date: Fri, 27 Feb 2015 02:12:57 +0000 Subject: Different SA scan results Message-ID: <5269F9C4-BB61-42C3-AC19-DF9FC3ABC394@fluxlabs.net> What would cause an cli scan (spamassassin -D < msg) to have different results than mailscanner scan ? via cli Content analysis details: (26.1 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 3.3 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS [46.105.49.218 listed in zen.spamhaus.org] 5.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist [URIs: karefon.eu] 5.0 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist [URIs: karefon.eu] -2.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 HTML_MESSAGE BODY: HTML included in message 1.5 BAYES_50 BODY: Bayes spam probability is 40 to 60% [score: 0.4995] 0.5 KAM_EU RAW: Prevalent use of .eu in spam/malware 5.0 KAM_GRABBAG2 Grabbag of Spams hitting EU domains and other indicators 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS 2.0 HTML_OFF_PAGE HTML element rendered well off the displayed page 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines 5.0 KAM_VERY_BLACK_DBL Email that hits both URIBL Black and Spamhaus DBL 0.0 T_REMOTE_IMAGE Message contains an external image via ms 1.50 BAYES_50 Bayes spam probability is 40 to 60% 0.00 HTML_MESSAGE HTML included in message 2.00 HTML_OFF_PAGE HTML element rendered well off the displayed page 0.50 KAM_EU Prevalent use of .eu in spam/malware 0.79 RDNS_NONE Delivered to internal network by a host with no rDNS -2.00 SPF_HELO_PASS SPF: HELO matches SPF record -0.00 SPF_PASS SPF: sender matches SPF record 0.01 T_REMOTE_IMAGE 0.00 UNPARSEABLE_RELAY Informational: message has unparseable relay lines -- Jeremy McSpadden Flux Labs, Inc | http://www.fluxlabs.net | Endless Solutions Office : 850-250-5590 x 501 | Cell : 850-890-2543 | Fax : 850-254-2955 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150227/b886bcb9/attachment.html From jerry.benton at mailborder.com Fri Feb 27 07:33:41 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Fri, 27 Feb 2015 02:33:41 -0500 Subject: Different SA scan results In-Reply-To: <5269F9C4-BB61-42C3-AC19-DF9FC3ABC394@fluxlabs.net> References: <5269F9C4-BB61-42C3-AC19-DF9FC3ABC394@fluxlabs.net> Message-ID: <16CE5A4E-0F53-40B5-83C9-DA2827F5B0BE@mailborder.com> You need to include your /etc/MailScanner/ spam.assassin.prefs.conf in your command to get the same results. - Jerry Benton www.mailborder.com > On Feb 26, 2015, at 9:12 PM, Jeremy McSpadden wrote: > > What would cause an cli scan (spamassassin -D < msg) to have different results than mailscanner scan ? > > via cli > > Content analysis details: (26.1 points, 5.0 required) > > pts rule name description > ---- ---------------------- -------------------------------------------------- > 3.3 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS > [46.105.49.218 listed in zen.spamhaus.org ] > 5.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist > [URIs: karefon.eu ] > 5.0 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist > [URIs: karefon.eu ] > -2.0 SPF_HELO_PASS SPF: HELO matches SPF record > -0.0 SPF_PASS SPF: sender matches SPF record > 0.0 HTML_MESSAGE BODY: HTML included in message > 1.5 BAYES_50 BODY: Bayes spam probability is 40 to 60% > [score: 0.4995] > 0.5 KAM_EU RAW: Prevalent use of .eu in spam/malware > 5.0 KAM_GRABBAG2 Grabbag of Spams hitting EU domains and other indicators > 0.8 RDNS_NONE Delivered to internal network by a host with no rDNS > 2.0 HTML_OFF_PAGE HTML element rendered well off the displayed page > 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay lines > 5.0 KAM_VERY_BLACK_DBL Email that hits both URIBL Black and Spamhaus DBL > 0.0 T_REMOTE_IMAGE Message contains an external image > > > via ms > 1.50 > BAYES_50 > Bayes spam probability is 40 to 60% > 0.00 > HTML_MESSAGE > HTML included in message > 2.00 > HTML_OFF_PAGE > HTML element rendered well off the displayed page > 0.50 > KAM_EU > Prevalent use of .eu in spam/malware > 0.79 > RDNS_NONE > Delivered to internal network by a host with no rDNS > -2.00 > SPF_HELO_PASS > SPF: HELO matches SPF record > -0.00 > SPF_PASS > SPF: sender matches SPF record > 0.01 > T_REMOTE_IMAGE > 0.00 > UNPARSEABLE_RELAY > Informational: message has unparseable relay lines > -- > Jeremy McSpadden > Flux Labs, Inc | http://www.fluxlabs.net | Endless Solutions > Office : 850-250-5590 x 501 | Cell : 850-890-2543 | Fax : 850-254-2955 > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > Before posting, read http://wiki.mailscanner.info/posting > > Support MailScanner development - buy the book off the website! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20150227/3c4e7ac9/attachment.html From mailscanner at replies.cyways.com Fri Feb 27 13:05:29 2015 From: mailscanner at replies.cyways.com (Peter Lemieux) Date: Fri, 27 Feb 2015 08:05:29 -0500 Subject: Different SA scan results In-Reply-To: <5269F9C4-BB61-42C3-AC19-DF9FC3ABC394@fluxlabs.net> References: <5269F9C4-BB61-42C3-AC19-DF9FC3ABC394@fluxlabs.net> Message-ID: <54F06B99.7050103@replies.cyways.com> Most of the differences I see are the additional blacklist entries for the message. If enough time has elapsed between the message's arrival and your testing, the message may have been reported to blacklists during the interval. I see this happen all the time. Messages that fail to trip my rules upon arrival later appear on blacklists if I run a command-line SpamAssassin check. Peter On 02/26/2015 09:12 PM, Jeremy McSpadden wrote: > What would cause an cli scan (spamassassin -D < msg) to have different > results than mailscanner scan ? > > via cli > > Content analysis details: (26.1 points, 5.0 required) > > pts rule name description > ---- ---------------------- > -------------------------------------------------- > 3.3 RCVD_IN_SBL_CSS RBL: Received via a relay in Spamhaus SBL-CSS > [46.105.49.218 listed in zen.spamhaus.org > ] > 5.0 URIBL_BLACK Contains an URL listed in the URIBL blacklist > [URIs: karefon.eu ] > 5.0 URIBL_DBL_SPAM Contains a spam URL listed in the DBL blocklist > [URIs: karefon.eu ] > -2.0 SPF_HELO_PASS SPF: HELO matches SPF record > -0.0 SPF_PASS SPF: sender matches SPF record > 0.0 HTML_MESSAGE BODY: HTML included in message > 1.5 BAYES_50 BODY: Bayes spam probability is 40 to 60% > [score: 0.4995] > 0.5 KAM_EU RAW: Prevalent use of .eu in spam/malware > 5.0 KAM_GRABBAG2 Grabbag of Spams hitting EU domains and > other indicators > 0.8 RDNS_NONE Delivered to internal network by a host > with no rDNS > 2.0 HTML_OFF_PAGE HTML element rendered well off the > displayed page > 0.0 UNPARSEABLE_RELAY Informational: message has unparseable > relay lines > 5.0 KAM_VERY_BLACK_DBL Email that hits both URIBL Black and > Spamhaus DBL > 0.0 T_REMOTE_IMAGE Message contains an external image > > > via ms > 1.50 > BAYES_50 > Bayes spam probability is 40 to 60% > 0.00 > HTML_MESSAGE > HTML included in message > 2.00 > HTML_OFF_PAGE > HTML element rendered well off the displayed page > 0.50 > KAM_EU > Prevalent use of .eu in spam/malware > 0.79 > RDNS_NONE > Delivered to internal network by a host with no rDNS > -2.00 > SPF_HELO_PASS > SPF: HELO matches SPF record > -0.00 > SPF_PASS > SPF: sender matches SPF record > 0.01 > T_REMOTE_IMAGE > 0.00 > UNPARSEABLE_RELAY > Informational: message has unparseable relay lines > -- > Jeremy McSpadden > Flux Labs, Inc | http://www.fluxlabs.net | Endless Solutions > *Office* : 850-250-5590 x 501 | *Cell* : 850-890-2543 | *Fax* : 850-254-2955 > > > From jerry.benton at mailborder.com Fri Feb 27 16:34:05 2015 From: jerry.benton at mailborder.com (Jerry Benton) Date: Fri, 27 Feb 2015 11:34:05 -0500 Subject: v4.85.1-0 beta for SuSE Message-ID: <8FCD0B01-5BDE-4A77-AA34-2FBEB53D2860@mailborder.com> Tested on openSuSE 13.2. Same deal as with the RHEL installer. It will use Zypper to install as much as possible and CPAN to remediate if you want to. Again, this is beta. https://s3.amazonaws.com/mailscanner/release/v4/suse/MailScanner-4.85.1-0.suse-rpm.tar.gz - Jerry Benton www.mailborder.com