From Eoin.Kim at rcst.com.au Mon Aug 1 01:45:22 2016 From: Eoin.Kim at rcst.com.au (Eoin Kim) Date: Mon, 1 Aug 2016 01:45:22 +0000 Subject: Message variable reference Message-ID: <2430cba980f44fad93058d58dc5de2eb@BNEEXCH01.corp.qcn> Hi there, Could someone please tell me where the value is for $spamreport variable? I am currently customising the whole report messages and can't find out where $spamreport variable points to. The message file is 'sender.spam.rbl.report.txt'. I guess the related setting is configured in MailScanner.conf file? Thanks a lot in advance. Eoin Kim Systems Administrator RCS Telecommunications Level 1, 133 Mary Street Brisbane, QLD, 4000 Office: 07 3228 0843 Mobile: 0419 726 231 Email: eoin.kim at rcst.com.au [RCST logo drop shadow] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.jpg Type: image/jpeg Size: 3384 bytes Desc: image001.jpg URL: From mark at msapiro.net Mon Aug 1 02:27:00 2016 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 31 Jul 2016 19:27:00 -0700 Subject: Message variable reference In-Reply-To: <2430cba980f44fad93058d58dc5de2eb@BNEEXCH01.corp.qcn> References: <2430cba980f44fad93058d58dc5de2eb@BNEEXCH01.corp.qcn> Message-ID: <71b87196-45b0-3492-a8a1-8f719fc82a2c@msapiro.net> On 07/31/2016 06:45 PM, Eoin Kim wrote: > > Could someone please tell me where the value is for $spamreport > variable? I am currently customising the whole report messages and can?t > find out where $spamreport variable points to. The message file is > ?sender.spam.rbl.report.txt?. I guess the related setting is configured > in MailScanner.conf file? Thanks a lot in advance. $spamreport is set by the IsSpam routine in the MailScanner/Message.pm module depending on what is found in the message. These are things like high SpamAssassin score, blacklisted, etc. It is not a fixed value or a configuration setting. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From Eoin.Kim at rcst.com.au Mon Aug 1 02:55:42 2016 From: Eoin.Kim at rcst.com.au (Eoin Kim) Date: Mon, 1 Aug 2016 02:55:42 +0000 Subject: Message variable reference In-Reply-To: <71b87196-45b0-3492-a8a1-8f719fc82a2c@msapiro.net> References: <2430cba980f44fad93058d58dc5de2eb@BNEEXCH01.corp.qcn> <71b87196-45b0-3492-a8a1-8f719fc82a2c@msapiro.net> Message-ID: <855ed58c8919406c9d487cc46515f9af@BNEEXCH01.corp.qcn> Hi, Thanks for your reply. It looks a bit more complex than I thought. I probably should not touch much then as I don't know about it really much. Thanks again. Eoin -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+eoin.kim=rcst.com.au at lists.mailscanner.info] On Behalf Of Mark Sapiro Sent: Monday, 1 August 2016 12:27 PM To: mailscanner at lists.mailscanner.info Subject: Re: Message variable reference On 07/31/2016 06:45 PM, Eoin Kim wrote: > > Could someone please tell me where the value is for $spamreport > variable? I am currently customising the whole report messages and > can't find out where $spamreport variable points to. The message file > is 'sender.spam.rbl.report.txt'. I guess the related setting is > configured in MailScanner.conf file? Thanks a lot in advance. $spamreport is set by the IsSpam routine in the MailScanner/Message.pm module depending on what is found in the message. These are things like high SpamAssassin score, blacklisted, etc. It is not a fixed value or a configuration setting. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner From mailscanner at barendse.to Tue Aug 2 10:46:21 2016 From: mailscanner at barendse.to (Remco Barendse) Date: Tue, 2 Aug 2016 12:46:21 +0200 (CEST) Subject: New server setup, best practice? Message-ID: Hi list! I would like to upgrade the servers that are running MailScanner. What is the best approach on storage? It will be virtual machines (which i guess is what a lot of people are doing now), how to approach the storage issue, what would be the best approach / design? What size for the MailScanner root partition etc. ? I have to keep verbatim copies of anything that goes in or out of the mail servers, i keep the qf/df pairs from sendmail. I read some people seeing their quarantine getting filled with 7 Gb of virii just in one day, what would be recommended storage sizes and how to deal with quarantine / archive folders? If it wise or recommended to mount an external volume at /var/spool/MailScanner/quarantine and /var/spool/MailScanner/archived or is there a better way ? If I have several MailScanner servers, is it OK to keep all spam/archived copies in one and the same mount ? Will CentOS 7 work flawlessly? Anyone using standard cloud images? Thanks for any tips / suggestions :>) From alex at vidadigital.com.pa Tue Aug 2 13:28:30 2016 From: alex at vidadigital.com.pa (Alex Neuman van der Hans) Date: Tue, 2 Aug 2016 08:28:30 -0500 Subject: New server setup, best practice? In-Reply-To: References: Message-ID: It really depends on context. Space, CPU and I/O issues can vary greatly from site to site. If you want to upgrade, look into your biggest bottlenecks first. Sometimes it?s RAM, sometimes it?s disk I/O (where SSD?s would be great), sometimes it?s CPU power. In my case I usually go for SSD?s for storing the OS, programs, and mail - and regular hard drives for things like quarantines and such, with scripts moving older stuff with various protocols (NFS, rsync, FTP) over to long-term storage to make space when needed. Oh, and it?s not ?virii?. Virus is a ?mass noun?, like ?rice?. https://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Virus Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | http://vidadigital.com.pa/ |Skype: alexneuman > On Aug 2, 2016, at 5:46 AM, Remco Barendse wrote: > > Hi list! > > I would like to upgrade the servers that are running MailScanner. > > What is the best approach on storage? It will be virtual machines (which i guess is what a lot of people are doing now), how to approach the storage issue, what would be the best approach / design? What size for the MailScanner root partition etc. ? > > I have to keep verbatim copies of anything that goes in or out of the mail servers, i keep the qf/df pairs from sendmail. > > I read some people seeing their quarantine getting filled with 7 Gb of virii just in one day, what would be recommended storage sizes and how to deal with quarantine / archive folders? If it wise or recommended to mount an external volume at /var/spool/MailScanner/quarantine and > /var/spool/MailScanner/archived or is there a better way ? > > If I have several MailScanner servers, is it OK to keep all spam/archived copies in one and the same mount ? > > Will CentOS 7 work flawlessly? Anyone using standard cloud images? > > Thanks for any tips / suggestions :>) > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bob at morsemedia.net Thu Aug 4 17:00:57 2016 From: bob at morsemedia.net (Bob Morse) Date: Thu, 4 Aug 2016 10:00:57 -0700 Subject: Tagged spam not deleted Message-ID: I have been seeing spam which is properly tagged as spam or definitely spam get delivered to an address even though that domain has both low and high scoring spam set to delete. This seems to happen when the spam is sent to a list of email addresses all in the CC field. They are all addresses in our hosting system, but many of the domains in the listed in the CC field do not have MailScanner configured to delete low and/or high scoring spam. I am assuming this is why it's being delivered to one of my addresses/domains. Is this correct? If so, is there a way to configure it so that it's deleted even though other domains in the CC field are not set that way? Or, is there another possible explanation? Thanks! From carles at unlimitedmail.org Tue Aug 9 14:32:28 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Tue, 9 Aug 2016 16:32:28 +0200 Subject: MailScanner and ESET-Nod32 antivirus. Message-ID: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> Hello, I have a MailScanner installation with MailScanner version: 4.85.2 With this version I have the ClamAV and ESET-Nod32 antivirus working. But I have seen that in the last version of the MailScanner (5.0.2) the ESET-Nod32 antivirus is not supported. Moreover, only a very small list of antivirus are support: [...] # Which Virus Scanning package(s) to use: # sophos from www.sophos.com # sophossavi (also from www.sophos.com, using the SAVI perl module) # bitdefender from www.bitdefender.com # f-secure from www.f-secure.com # clamav from www.clamav.net # clamavmodule (also from www.clamav.net using the ClamAV perl module) # clamd (also from www.clamav.net using the clamd daemon) # *Note: read the comments above the "Incoming Work Group" setting*, # avg from www.grisoft.com # generic Other virus scanner: edit the generic-wrapper and generic-autoupdate # to fit your own needs. The output spec is in generic-wrapper, or [...] Whay have the ESET-Nod32 removed from the list? Is it possible to use it with the last version of MailScanner? Thank you in advanced for your help. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From jerry.benton at mailborder.com Tue Aug 9 15:21:59 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 9 Aug 2016 11:21:59 -0400 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> Message-ID: All commercial virus scanners were removed. You can copy your old wrapper to the new MailScanner structure, edit the virus.scanner.conf, and add it to your configuration. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?[SOLTECSIS] Carles Xavier Munyoz Bald? Reply:?MailScanner Discussion Date:?August 9, 2016 at 10:32:39 AM To:?MailScanner Discussion Subject:? MailScanner and ESET-Nod32 antivirus. > ESET-Nod32 From carles at unlimitedmail.org Tue Aug 9 15:36:45 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Tue, 9 Aug 2016 17:36:45 +0200 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> Message-ID: <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> Hi, I don't understand the reason for that. It is very surprising for me. For which reason have you removed all the commercial virus scanners support from MailScanner? I believe that it is good that the system administrator can install free and commercial virus scanners. Best regards. El 09/08/16 a las 17:21, Jerry Benton escribi?: > All commercial virus scanners were removed. You can copy your old > wrapper to the new MailScanner structure, edit the virus.scanner.conf, > and add it to your configuration. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: [SOLTECSIS] Carles Xavier Munyoz Bald? > Reply: MailScanner Discussion > Date: August 9, 2016 at 10:32:39 AM > To: MailScanner Discussion > Subject: MailScanner and ESET-Nod32 antivirus. > >> ESET-Nod32 > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From jerry.benton at mailborder.com Tue Aug 9 16:11:59 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 9 Aug 2016 12:11:59 -0400 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> Message-ID: We have no way to test and evaluate all of the different virus scanners without paying for them. We cannot integrate the wrappers into the build when we have no way to test them. If you want to create a wrapper and submit it, we can add it to v5.x. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?[SOLTECSIS] Carles Xavier Munyoz Bald? Reply:?MailScanner Discussion Date:?August 9, 2016 at 11:36:54 AM To:?mailscanner at lists.mailscanner.info Subject:? Re: MailScanner and ESET-Nod32 antivirus. > Hi, > I don't understand the reason for that. > It is very surprising for me. > For which reason have you removed all the commercial virus scanners > support from MailScanner? > > I believe that it is good that the system administrator can install free > and commercial virus scanners. > > Best regards. > > > > El 09/08/16 a las 17:21, Jerry Benton escribi?: > > All commercial virus scanners were removed. You can copy your old > > wrapper to the new MailScanner structure, edit the virus.scanner.conf, > > and add it to your configuration. > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From: [SOLTECSIS] Carles Xavier Munyoz Bald? > > Reply: MailScanner Discussion > > Date: August 9, 2016 at 10:32:39 AM > > To: MailScanner Discussion > > Subject: MailScanner and ESET-Nod32 antivirus. > > > >> ESET-Nod32 > > > > > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, > siendo para uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier > utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de > esta comunicaci?n sin autorizaci?n expresa en virtud de la > legislaci?n vigente. Si ha recibido este mensaje por error, > le rogamos nos lo notifique inmediatamente por la misma v?a > y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From kevin.miller at juneau.org Tue Aug 9 16:12:46 2016 From: kevin.miller at juneau.org (Kevin Miller) Date: Tue, 9 Aug 2016 16:12:46 +0000 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> Message-ID: I agree. If one is doing an upgrade they may have easy access to the old wrapper but if it's a new installation they have to reinvent the wheel. Some of the older wrappers no longer work anymore - I had to redo the f-secure wrappers some years back so I can understand removing obsolete code that nobody is using (or at least *shouldn't* be using) but for working code, there's no real cost to leave it intact. Perhaps it would be helpful to have a download page for additional/historical wrappers if it isn't bundled with the current stable version... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner.info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? Sent: Tuesday, August 09, 2016 7:37 AM To: mailscanner at lists.mailscanner.info Subject: Re: MailScanner and ESET-Nod32 antivirus. Hi, I don't understand the reason for that. It is very surprising for me. For which reason have you removed all the commercial virus scanners support from MailScanner? I believe that it is good that the system administrator can install free and commercial virus scanners. Best regards. El 09/08/16 a las 17:21, Jerry Benton escribi?: > All commercial virus scanners were removed. You can copy your old > wrapper to the new MailScanner structure, edit the virus.scanner.conf, > and add it to your configuration. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: [SOLTECSIS] Carles Xavier Munyoz Bald? > > Reply: MailScanner Discussion > Date: August 9, 2016 at 10:32:39 AM > To: MailScanner Discussion > Subject: MailScanner and ESET-Nod32 antivirus. > >> ESET-Nod32 > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner From jerry.benton at mailborder.com Tue Aug 9 16:17:09 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 9 Aug 2016 12:17:09 -0400 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> Message-ID: Same logic applies to being able to test them. I announced what was being removed and what was staying well in advance of v5 being released. As usual, crickets from the community. So, I will reiterate: If there is a virus scanner not on the list that you would like included, please provide me with a wrapper that you have tested and confirmed is functional with MailScanner and I will add it to the current distribution. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Kevin Miller Reply:?MailScanner Discussion Date:?August 9, 2016 at 12:12:57 PM To:?mailscanner at lists.mailscanner.info Subject:? RE: MailScanner and ESET-Nod32 antivirus. > I agree. If one is doing an upgrade they may have easy access to the old wrapper but if it's > a new installation they have to reinvent the wheel. > > Some of the older wrappers no longer work anymore - I had to redo the f-secure wrappers > some years back so I can understand removing obsolete code that nobody is using (or at > least *shouldn't* be using) but for working code, there's no real cost to leave it intact. > > Perhaps it would be helpful to have a download page for additional/historical wrappers > if it isn't bundled with the current stable version... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner.info] > On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > Sent: Tuesday, August 09, 2016 7:37 AM > To: mailscanner at lists.mailscanner.info > Subject: Re: MailScanner and ESET-Nod32 antivirus. > > Hi, > I don't understand the reason for that. > It is very surprising for me. > For which reason have you removed all the commercial virus scanners support from MailScanner? > > I believe that it is good that the system administrator can install free and commercial > virus scanners. > > Best regards. > > > > El 09/08/16 a las 17:21, Jerry Benton escribi?: > > All commercial virus scanners were removed. You can copy your old > > wrapper to the new MailScanner structure, edit the virus.scanner.conf, > > and add it to your configuration. > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From: [SOLTECSIS] Carles Xavier Munyoz Bald? > > > > Reply: MailScanner Discussion > > Date: August 9, 2016 at 10:32:39 AM > > To: MailScanner Discussion > > Subject: MailScanner and ESET-Nod32 antivirus. > > > >> ESET-Nod32 > > > > > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo > del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, > distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud > de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique > inmediatamente por la misma v?a y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From carles at unlimitedmail.org Tue Aug 9 16:18:11 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Tue, 9 Aug 2016 18:18:11 +0200 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> Message-ID: I agree with you too. I'm using the old wrapper for the Esset antivirus but it doesn't go. The only thing I have to do is add the line for the virus.conf file and copy de wrapper, is it correct? Best regards. El 09/08/16 a las 18:12, Kevin Miller escribi?: > I agree. If one is doing an upgrade they may have easy access to the old wrapper but if it's a new installation they have to reinvent the wheel. > > Some of the older wrappers no longer work anymore - I had to redo the f-secure wrappers some years back so I can understand removing obsolete code that nobody is using (or at least *shouldn't* be using) but for working code, there's no real cost to leave it intact. > > Perhaps it would be helpful to have a download page for additional/historical wrappers if it isn't bundled with the current stable version... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner.info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > Sent: Tuesday, August 09, 2016 7:37 AM > To: mailscanner at lists.mailscanner.info > Subject: Re: MailScanner and ESET-Nod32 antivirus. > > Hi, > I don't understand the reason for that. > It is very surprising for me. > For which reason have you removed all the commercial virus scanners support from MailScanner? > > I believe that it is good that the system administrator can install free and commercial virus scanners. > > Best regards. > > > > El 09/08/16 a las 17:21, Jerry Benton escribi?: >> All commercial virus scanners were removed. You can copy your old >> wrapper to the new MailScanner structure, edit the virus.scanner.conf, >> and add it to your configuration. >> >> >> - >> Jerry Benton >> www.mailborder.com >> +1 - 844-436-6245 >> >> >> -----Original Message----- >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? >> >> Reply: MailScanner Discussion >> Date: August 9, 2016 at 10:32:39 AM >> To: MailScanner Discussion >> Subject: MailScanner and ESET-Nod32 antivirus. >> >>> ESET-Nod32 >> >> > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From kevin.miller at juneau.org Tue Aug 9 16:28:05 2016 From: kevin.miller at juneau.org (Kevin Miller) Date: Tue, 9 Aug 2016 16:28:05 +0000 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> Message-ID: Fair enough. I'd still advocate for a historical, "use at your own risk" page though... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Tuesday, August 09, 2016 8:17 AM To: MailScanner Discussion Subject: RE: MailScanner and ESET-Nod32 antivirus. Same logic applies to being able to test them. I announced what was being removed and what was staying well in advance of v5 being released. As usual, crickets from the community. So, I will reiterate: If there is a virus scanner not on the list that you would like included, please provide me with a wrapper that you have tested and confirmed is functional with MailScanner and I will add it to the current distribution. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Kevin Miller Reply:?MailScanner Discussion Date:?August 9, 2016 at 12:12:57 PM To:?mailscanner at lists.mailscanner.info Subject:? RE: MailScanner and ESET-Nod32 antivirus. > I agree. If one is doing an upgrade they may have easy access to the > old wrapper but if it's a new installation they have to reinvent the wheel. > > Some of the older wrappers no longer work anymore - I had to redo the > f-secure wrappers some years back so I can understand removing > obsolete code that nobody is using (or at least *shouldn't* be using) but for working code, there's no real cost to leave it intact. > > Perhaps it would be helpful to have a download page for > additional/historical wrappers if it isn't bundled with the current stable version... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: > 307357 > > -----Original Message----- > From: MailScanner > [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner. > info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > Sent: Tuesday, August 09, 2016 7:37 AM > To: mailscanner at lists.mailscanner.info > Subject: Re: MailScanner and ESET-Nod32 antivirus. > > Hi, > I don't understand the reason for that. > It is very surprising for me. > For which reason have you removed all the commercial virus scanners support from MailScanner? > > I believe that it is good that the system administrator can install > free and commercial virus scanners. > > Best regards. > > > > El 09/08/16 a las 17:21, Jerry Benton escribi?: > > All commercial virus scanners were removed. You can copy your old > > wrapper to the new MailScanner structure, edit the > > virus.scanner.conf, and add it to your configuration. > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From: [SOLTECSIS] Carles Xavier Munyoz Bald? > > > > Reply: MailScanner Discussion > > Date: August 9, 2016 at 10:32:39 AM > > To: MailScanner Discussion > > Subject: MailScanner and ESET-Nod32 antivirus. > > > >> ESET-Nod32 > > > > > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, siendo para > uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier utilizaci?n, > divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner From mailscanner at barendse.to Wed Aug 10 19:06:25 2016 From: mailscanner at barendse.to (Remco Barendse) Date: Wed, 10 Aug 2016 21:06:25 +0200 (CEST) Subject: New server setup, best practice? In-Reply-To: References: Message-ID: Thanks Alex! The choice for CPU/MEM/storage is easy when it's a virtual machine, can move around as needed. Was curious what the recommended disk size is for a MailScanner machine and what people do with archive copies of mail/spam. Mount an NFS or SMB share to store that or something else? Thanks :) On Tue, 2 Aug 2016, Alex Neuman van der Hans wrote: > It really depends on context. Space, CPU and I/O issues can vary greatly from site to site. > If you want to upgrade, look into your biggest bottlenecks first. Sometimes it?s RAM, sometimes it?s disk I/O (where SSD?s would be great), sometimes it?s CPU > power. > > In my case I usually go for SSD?s for storing the OS, programs, and mail - and regular hard drives for things like quarantines and such, with scripts moving older > stuff with various protocols (NFS, rsync, FTP) over to long-term storage to make space when needed. > > Oh, and it?s not ?virii?. Virus is a ?mass noun?, like ?rice?. ?https://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Virus > > > [alexneuman.format_png.resize_120x.png#logo] ??? > Alex Neuman van der Hans?Producer/Host, Vida Digital > +1 (440) 253-9789?|?+507 6781-9505?|?Panama?|alex at vidadigital.com.pa?|?http://vidadigital.com.pa/?|Skype:?alexneuman? > [facebook.png] ?[linkedin.png] ?[twitter.png] ?[pinterest.png] ?[youtube.png] ?[instagram.png] ?[wordpress.png] ?[amazon.png] ?[XT9yavvmRJaZZvINZFTQ_skype.png] > ?[wEM3vsigQhq5yev6iwEV_whatsapp.png] > > > > On Aug 2, 2016, at 5:46 AM, Remco Barendse wrote: > > Hi list! > > I would like to upgrade the servers that are running MailScanner. > > What is the best approach on storage? It will be virtual machines (which i guess is what a lot of people are doing now), how to approach the storage issue, > what would be the best approach / design? What size for the MailScanner root partition etc. ? > > I have to keep verbatim copies of anything that goes in or out of the mail servers, i keep the qf/df pairs from sendmail. > > I read some people seeing their quarantine getting filled with 7 Gb of virii just in one day, what would be recommended storage sizes and how to deal with > quarantine / archive folders? If it wise or recommended to mount an external volume at /var/spool/MailScanner/quarantine and > /var/spool/MailScanner/archived or is ?there a better way ? > > If I have several MailScanner servers, is it OK to keep all spam/archived copies in one and the same mount ? > > Will CentOS 7 work flawlessly? Anyone using standard cloud images? > > Thanks for any tips / suggestions :>) > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > From alex at vidadigital.com.pa Wed Aug 10 19:10:53 2016 From: alex at vidadigital.com.pa (Alex Neuman van der Hans) Date: Wed, 10 Aug 2016 14:10:53 -0500 Subject: New server setup, best practice? In-Reply-To: References: Message-ID: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> Again, depends so much on the specific circumstance? I just set up a $5/month VPS with it, with 15GB total space, storing only the past couple of days? worth of e-mail for a handful of users. I?ve also set up systems for thousands of users, with a terabyte of SSD storage for ?local, recent? stuff plus mbox-purge processes exporting stuff to a couple of dozen terabytes of local HDD storage and monthly processes moving stuff elsewhere using NFS and/or rsync. I?d rather mount NFS than SMB for performance/permissions reasons. Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | http://vidadigital.com.pa/ |Skype: alexneuman > On Aug 10, 2016, at 2:06 PM, Remco Barendse wrote: > > Thanks Alex! > > The choice for CPU/MEM/storage is easy when it's a virtual machine, can move around as needed. Was curious what the recommended disk size is for a MailScanner machine and what people do with archive copies of mail/spam. Mount an NFS or SMB share to store that or something else? > > Thanks :) > > On Tue, 2 Aug 2016, Alex Neuman van der Hans wrote: > >> It really depends on context. Space, CPU and I/O issues can vary greatly from site to site. >> If you want to upgrade, look into your biggest bottlenecks first. Sometimes it?s RAM, sometimes it?s disk I/O (where SSD?s would be great), sometimes it?s CPU >> power. >> In my case I usually go for SSD?s for storing the OS, programs, and mail - and regular hard drives for things like quarantines and such, with scripts moving older >> stuff with various protocols (NFS, rsync, FTP) over to long-term storage to make space when needed. >> Oh, and it?s not ?virii?. Virus is a ?mass noun?, like ?rice?. https://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Virus >> [alexneuman.format_png.resize_120x.png#logo] >> Alex Neuman van der Hans Producer/Host, Vida Digital >> +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | http://vidadigital.com.pa/ |Skype: alexneuman >> [facebook.png] [linkedin.png] [twitter.png] [pinterest.png] [youtube.png] [instagram.png] [wordpress.png] [amazon.png] [XT9yavvmRJaZZvINZFTQ_skype.png] >> [wEM3vsigQhq5yev6iwEV_whatsapp.png] >> >> On Aug 2, 2016, at 5:46 AM, Remco Barendse wrote: >> Hi list! >> I would like to upgrade the servers that are running MailScanner. >> What is the best approach on storage? It will be virtual machines (which i guess is what a lot of people are doing now), how to approach the storage issue, >> what would be the best approach / design? What size for the MailScanner root partition etc. ? >> I have to keep verbatim copies of anything that goes in or out of the mail servers, i keep the qf/df pairs from sendmail. >> I read some people seeing their quarantine getting filled with 7 Gb of virii just in one day, what would be recommended storage sizes and how to deal with >> quarantine / archive folders? If it wise or recommended to mount an external volume at /var/spool/MailScanner/quarantine and >> /var/spool/MailScanner/archived or is there a better way ? >> If I have several MailScanner servers, is it OK to keep all spam/archived copies in one and the same mount ? >> Will CentOS 7 work flawlessly? Anyone using standard cloud images? >> Thanks for any tips / suggestions :>) >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailscanner_list at hohestieg.net Thu Aug 11 14:30:52 2016 From: mailscanner_list at hohestieg.net (Marc) Date: Thu, 11 Aug 2016 16:30:52 +0200 Subject: spamassassin --report does not train BAYES Message-ID: Dear list, I have recently discovered some strange behavior. If I use 'spamassassin -r < {spammessage}' reporting to DCC/Razor/Pyzor *seems* to work according to debug. Bayes learning *should* also work (as I made sure that 'bayes_learn_during_report' is set to 1, which is the default anyway). However, checking with 'spamassassin -t < {spammessage}' only gives BAYES_50. If I afterwards perform 'sa-learn --dbpath $DB_DIR --forget {spammessage}' and 'sa-learn --dbpath $DB_DIR --spam {spammessage}', things work out and I get a BAYES score of 1.0000. ====== Setup: Mailscanner version 4.84.5 SpamAssassin version 3.4.1 Perl version 5.18.4 ---- DB_DIR=/volume1/MailPlus/spamassassin local.cf: bayes_path /volume1/MailPlus/spamassassin/bayes ===== Any clues? Thanks, Marc -- bait: mailbait at hohestieg.net also bait: http://www.hohestieg.net/notforhumans.html From carles at unlimitedmail.org Thu Aug 11 16:19:34 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Thu, 11 Aug 2016 18:19:34 +0200 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> Message-ID: <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> Hi, I'm trying to use the old ESET wrapper file but it doesn't go. I have placed it into: /usr/lib/MailScanner/wrapper And added this line to MailScanner virus.scanners.conf file: esets /usr/lib/MailScanner/wrapper/esets-wrapper /opt/eset/esets/sbin If I launch the wrapper script it seems to go fine, but if I run the command MailScanner --lint it only finds BitDefender and ClamAV virus scanners: Found these virus scanners installed: bitdefender, clamd What must I do for have support for ESET-Nod32 in the last version of MailScanner? Thank you very much for your help. El 09/08/16 a las 18:28, Kevin Miller escribi?: > Fair enough. > I'd still advocate for a historical, "use at your own risk" page though... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 > > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner.info] On Behalf Of Jerry Benton > Sent: Tuesday, August 09, 2016 8:17 AM > To: MailScanner Discussion > Subject: RE: MailScanner and ESET-Nod32 antivirus. > > Same logic applies to being able to test them. I announced what was being removed and what was staying well in advance of v5 being released. As usual, crickets from the community. So, I will reiterate: > > If there is a virus scanner not on the list that you would like included, please provide me with a wrapper that you have tested and confirmed is functional with MailScanner and I will add it to the current distribution. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Kevin Miller > Reply: MailScanner Discussion > Date: August 9, 2016 at 12:12:57 PM > To: mailscanner at lists.mailscanner.info > Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> I agree. If one is doing an upgrade they may have easy access to the >> old wrapper but if it's a new installation they have to reinvent the wheel. >> >> Some of the older wrappers no longer work anymore - I had to redo the >> f-secure wrappers some years back so I can understand removing >> obsolete code that nobody is using (or at least *shouldn't* be using) but for working code, there's no real cost to leave it intact. >> >> Perhaps it would be helpful to have a download page for >> additional/historical wrappers if it isn't bundled with the current stable version... >> >> ...Kevin >> -- >> Kevin Miller >> Network/email Administrator, CBJ MIS Dept. >> 155 South Seward Street >> Juneau, Alaska 99801 >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: >> 307357 >> >> -----Original Message----- >> From: MailScanner >> [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner. >> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? >> Sent: Tuesday, August 09, 2016 7:37 AM >> To: mailscanner at lists.mailscanner.info >> Subject: Re: MailScanner and ESET-Nod32 antivirus. >> >> Hi, >> I don't understand the reason for that. >> It is very surprising for me. >> For which reason have you removed all the commercial virus scanners support from MailScanner? >> >> I believe that it is good that the system administrator can install >> free and commercial virus scanners. >> >> Best regards. >> >> >> >> El 09/08/16 a las 17:21, Jerry Benton escribi?: >>> All commercial virus scanners were removed. You can copy your old >>> wrapper to the new MailScanner structure, edit the >>> virus.scanner.conf, and add it to your configuration. >>> >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> +1 - 844-436-6245 >>> >>> >>> -----Original Message----- >>> From: [SOLTECSIS] Carles Xavier Munyoz Bald? >>> >>> Reply: MailScanner Discussion >>> Date: August 9, 2016 at 10:32:39 AM >>> To: MailScanner Discussion >>> Subject: MailScanner and ESET-Nod32 antivirus. >>> >>>> ESET-Nod32 >>> >>> >> >> >> -- >> Saludos. >> ======================================== >> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >> Carles Xavier Munyoz Bald? >> Departamento de I+D+I >> Tel./Fax: 966 446 046 >> cmunyoz at soltecsis.com >> www.soltecsis.com >> ======================================== >> >> --- >> La informaci?n contenida en este e-mail es confidencial, siendo para >> uso exclusivo del destinatario arriba mencionado. >> Le informamos que est? totalmente prohibida cualquier utilizaci?n, >> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin >> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha >> recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. >> --- >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From carles at unlimitedmail.org Thu Aug 11 16:21:43 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Thu, 11 Aug 2016 18:21:43 +0200 Subject: Where are the phishing update scripts? Message-ID: Hello, I'm not able to found the phishing update scripts in the las version of MailScanner. In previous versions, these scripts where located at: /usr/sbin/update_bad_phishing_sites /usr/sbin/update_phishing_sites Where are they located now? We still need them in order to update de phising lists, isn't it? Best regards. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From jerry.benton at mailborder.com Thu Aug 11 16:21:41 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 11 Aug 2016 12:21:41 -0400 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> Message-ID: Virus scanners = In mailscanner.conf Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 11, 2016, 12:19, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" wrote: >Hi, >I'm trying to use the old ESET wrapper file but it doesn't go. > >I have placed it into: >/usr/lib/MailScanner/wrapper > > >And added this line to MailScanner virus.scanners.conf file: >esets /usr/lib/MailScanner/wrapper/esets-wrapper >/opt/eset/esets/sbin > > >If I launch the wrapper script it seems to go fine, but if I run the >command MailScanner --lint it only finds BitDefender and ClamAV virus >scanners: >Found these virus scanners installed: bitdefender, clamd > > >What must I do for have support for ESET-Nod32 in the last version of >MailScanner? > >Thank you very much for your help. > > > >El 09/08/16 a las 18:28, Kevin Miller escribi?: >> Fair enough. >> I'd still advocate for a historical, "use at your own risk" page >though... >> >> ...Kevin >> -- >> Kevin Miller >> Network/email Administrator, CBJ MIS Dept. >> 155 South Seward Street >> Juneau, Alaska 99801 >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: >307357 >> >> >> -----Original Message----- >> From: MailScanner >[mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner.info] >On Behalf Of Jerry Benton >> Sent: Tuesday, August 09, 2016 8:17 AM >> To: MailScanner Discussion >> Subject: RE: MailScanner and ESET-Nod32 antivirus. >> >> Same logic applies to being able to test them. I announced what was >being removed and what was staying well in advance of v5 being >released. As usual, crickets from the community. So, I will reiterate: >> >> If there is a virus scanner not on the list that you would like >included, please provide me with a wrapper that you have tested and >confirmed is functional with MailScanner and I will add it to the >current distribution. >> >> >> - >> Jerry Benton >> www.mailborder.com >> +1 - 844-436-6245 >> >> >> -----Original Message----- >> From: Kevin Miller >> Reply: MailScanner Discussion >> Date: August 9, 2016 at 12:12:57 PM >> To: mailscanner at lists.mailscanner.info > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. >> >>> I agree. If one is doing an upgrade they may have easy access to the > >>> old wrapper but if it's a new installation they have to reinvent the >wheel. >>> >>> Some of the older wrappers no longer work anymore - I had to redo >the >>> f-secure wrappers some years back so I can understand removing >>> obsolete code that nobody is using (or at least *shouldn't* be >using) but for working code, there's no real cost to leave it intact. >>> >>> Perhaps it would be helpful to have a download page for >>> additional/historical wrappers if it isn't bundled with the current >stable version... >>> >>> ...Kevin >>> -- >>> Kevin Miller >>> Network/email Administrator, CBJ MIS Dept. >>> 155 South Seward Street >>> Juneau, Alaska 99801 >>> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: > >>> 307357 >>> >>> -----Original Message----- >>> From: MailScanner >>> >[mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner. >>> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? >>> Sent: Tuesday, August 09, 2016 7:37 AM >>> To: mailscanner at lists.mailscanner.info >>> Subject: Re: MailScanner and ESET-Nod32 antivirus. >>> >>> Hi, >>> I don't understand the reason for that. >>> It is very surprising for me. >>> For which reason have you removed all the commercial virus scanners >support from MailScanner? >>> >>> I believe that it is good that the system administrator can install >>> free and commercial virus scanners. >>> >>> Best regards. >>> >>> >>> >>> El 09/08/16 a las 17:21, Jerry Benton escribi?: >>>> All commercial virus scanners were removed. You can copy your old >>>> wrapper to the new MailScanner structure, edit the >>>> virus.scanner.conf, and add it to your configuration. >>>> >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> +1 - 844-436-6245 >>>> >>>> >>>> -----Original Message----- >>>> From: [SOLTECSIS] Carles Xavier Munyoz Bald? >>>> >>>> Reply: MailScanner Discussion >>>> Date: August 9, 2016 at 10:32:39 AM >>>> To: MailScanner Discussion >>>> Subject: MailScanner and ESET-Nod32 antivirus. >>>> >>>>> ESET-Nod32 >>>> >>>> >>> >>> >>> -- >>> Saludos. >>> ======================================== >>> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >>> Carles Xavier Munyoz Bald? >>> Departamento de I+D+I >>> Tel./Fax: 966 446 046 >>> cmunyoz at soltecsis.com >>> www.soltecsis.com >>> ======================================== >>> >>> --- >>> La informaci?n contenida en este e-mail es confidencial, siendo para > >>> uso exclusivo del destinatario arriba mencionado. >>> Le informamos que est? totalmente prohibida cualquier utilizaci?n, >>> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin >>> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha >>> recibido este mensaje por error, le rogamos nos lo notifique >inmediatamente por la misma v?a y proceda a su eliminaci?n. >>> --- >>> >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/listinfo/mailscanner >>> >>> >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/listinfo/mailscanner >>> >>> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> > > >-- >Saludos. >======================================== >SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >Carles Xavier Munyoz Bald? >Departamento de I+D+I >Tel./Fax: 966 446 046 >cmunyoz at soltecsis.com >www.soltecsis.com >======================================== > >--- >La informaci?n contenida en este e-mail es confidencial, >siendo para uso exclusivo del destinatario arriba mencionado. >Le informamos que est? totalmente prohibida cualquier >utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de >esta comunicaci?n sin autorizaci?n expresa en virtud de la >legislaci?n vigente. Si ha recibido este mensaje por error, >le rogamos nos lo notifique inmediatamente por la misma v?a >y proceda a su eliminaci?n. >--- > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Thu Aug 11 16:23:38 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 11 Aug 2016 12:23:38 -0400 Subject: Where are the phishing update scripts? In-Reply-To: References: Message-ID: Type ms- And hit tab a couple times Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 11, 2016, 12:22, at 12:22, "[SOLTECSIS] Carles Xavier Munyoz Bald?" wrote: >Hello, >I'm not able to found the phishing update scripts in the las version of >MailScanner. > >In previous versions, these scripts where located at: >/usr/sbin/update_bad_phishing_sites >/usr/sbin/update_phishing_sites > >Where are they located now? >We still need them in order to update de phising lists, isn't it? > >Best regards. >======================================== >SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >Carles Xavier Munyoz Bald? >Departamento de I+D+I >Tel./Fax: 966 446 046 >cmunyoz at soltecsis.com >www.soltecsis.com >======================================== > >--- >La informaci?n contenida en este e-mail es confidencial, >siendo para uso exclusivo del destinatario arriba mencionado. >Le informamos que est? totalmente prohibida cualquier >utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de >esta comunicaci?n sin autorizaci?n expresa en virtud de la >legislaci?n vigente. Si ha recibido este mensaje por error, >le rogamos nos lo notifique inmediatamente por la misma v?a >y proceda a su eliminaci?n. >--- > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From carles at unlimitedmail.org Thu Aug 11 16:45:43 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Thu, 11 Aug 2016 18:45:43 +0200 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> Message-ID: It is setup this way: Virus Scanners = auto but I have tried putting: Virus Scanners = esets and doesn't go. Thanks. El 11/08/16 a las 18:21, Jerry Benton escribi?: > Virus scanners = > > In mailscanner.conf > > Jerry Benton > +1 844-436-6245 > > Sent from BlueMail > > On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > > wrote: > > Hi, > I'm trying to use the old ESET wrapper file but it doesn't go. > > I have placed it into: > /usr/lib/MailScanner/wrapper > > > And added this line to MailScanner virus.scanners.conf file: > esets /usr/lib/MailScanner/wrapper/esets-wrapper > /opt/eset/esets/sbin > > > If I launch the wrapper script it seems to go fine, but if I run the > command MailScanner --lint it only finds BitDefender and ClamAV virus > scanners: > Found these virus scanners installed: bitdefender, clamd > > > What must I do for have support for ESET-Nod32 in the last version of > MailScanner? > > Thank you very much for your help. > > > > El 09/08/16 a las 18:28, Kevin Miller escribi?: > > Fair enough. > I'd still advocate for a historical, "use at your own risk" page > though... > > ...Kevin > -- > ! Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > No: 307357 > > > -----Original Message----- > From: MailScanner > [mailto:mailscanner-bounces+kevin.miller=juneau.org > @lists.mailscanner.info] On Behalf Of Jerry > Benton > Sent: Tuesday, August 09, 2016 8:17 AM > To: MailScanner Discussion > Subject: RE: MailScanner and ESET-Nod32 antivirus. > > Same logic applies to being able to test them. I announced what > was being removed and what was staying well in advance of v5 > being released. As usual, crickets from the community. So, I > will reiterate: > > If there is a virus scanner not on the list that you would like > included, please provide me with a wrapper that you have tested > and confirmed is functional with MailScanner and I will add it > to the current distribution. > > > - > Jerry Benton > ! www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Kevin Miller > Reply: MailScanner Discussion > Date: August 9, 2016 at 12:12:57 PM > To: mailscanner at lists.mailscanner.info > > Subject: RE: MailScanner and ESET-Nod32 antivirus. > > I agree. If one is doing an upgrade they may have easy > access to the > old wrapper but if it's a new installation they have to > reinvent the wheel. > > Some of the older wrappers no longer work anymore - I had to > redo the > f-secure wrappers some years back so I can understand removing > obsolete code that nobody is using (or at least *shouldn't* > be using) but for working code, there's no real cost to > leave it intact. > > Perhaps it would be helpful to have a download page for > additional/historical wrappers if it isn't bundled with the > current stable version... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux > User No: > 307357 > > -----Original Message----- > From: MailScanner > [mailto:mailscanner-bounces+kevin.miller=juneau.org > @lists.mailscanner. > info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > Sent: Tuesday, August 09, 2016 7:37 AM > To: mailscanner at lists.mailscanner.info > Subject: Re: MailScanner and ESET-Nod32 antivirus. > > Hi, > I don't understand the reason for that. > It is very surprising for me. > For which reason have you removed all the commercial virus > scanners support from MailScanner? > > I believe that it is good that the ! system administrator > can install > free and commercial virus scanners. > > Best regards. > > > > El 09/08/16 a las 17:21, Jerry Benton escribi?: > > All commercial virus scanners were removed. You can copy > your old > wrapper to the new MailScanner structure, edit the > virus.scanner.conf, and add it to your configuration. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: [SOLTECSIS] Carles Xavier Munyoz Bald? > > Reply: MailScanner Discussion > Date: August 9, 2016 at 10:32:39 AM > To: MailScanner Discussion > Subject: MailScanner and ESET-Nod32 antivirus. > > ESET-Nod32 > > > > > -- > Saludos. > ------------------------------------------------------------------------ > > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ------------------------------------------------------------------------ > > > --- > La informaci?n contenida en este e-mail es confidencial, > siendo para > uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier > utilizaci?n, > divulgaci?n, distribuci?n y/o reproducci?n de esta > comunicaci?n sin > autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > recibido este mensaje por error, le rogamos nos lo notifique > inmediatamente por la misma v?a y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From carles at unlimitedmail.org Thu Aug 11 16:48:07 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Thu, 11 Aug 2016 18:48:07 +0200 Subject: Where are the phishing update scripts? In-Reply-To: References: Message-ID: <5d96811e-4fac-74f0-8272-ea53f284c0b2@unlimitedmail.org> I get the next result: ms-check ms-cron ms-msg-alert ms-sa-cache ms-update-sa ms-upgrade-conf ms-clean-quarantine ms-d2mbox ms-peek ms-update-bad-emails ms-update-safe-sites ms-create-locks ms-df2mbox ms-perl-check ms-update-bad-sites ms-update-vs Which is the script for updating phishing lists? Must I put this script into a crontab or it is used automatically by MailScanner? Thanks. El 11/08/16 a las 18:23, Jerry Benton escribi?: > Type > > ms- > > And hit tab a couple times > > Jerry Benton > +1 844-436-6245 > > Sent from BlueMail > > On Aug 11, 2016, at 12:22, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > > wrote: > > Hello, > I'm not able to found the phishing update scripts in the las version of > MailScanner. > > In previous versions, these scripts where located at: > /usr/sbin/update_bad_phishing_sites > /usr/sbin/update_phishing_sites > > Where are they located now? > We still need them in order to update de phising lists, isn't it? > > Best regards. > ------------------------------------------------------------------------ > > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ------------------------------------------------------------------------ > > > --- > La informaci?n contenida en este e-mail es confidencial, > siendo para uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier > utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de > esta comunicaci?n sin autorizaci?n expresa en virtud de la > legislaci?n vigente. Si ha recibido este mensaje por error,! > > le > rogamos nos lo notifique inmediatamente por la misma v?a > y proceda a su eliminaci?n. > --- > > > > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From jerry.benton at mailborder.com Thu Aug 11 16:50:03 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 11 Aug 2016 12:50:03 -0400 Subject: Where are the phishing update scripts? In-Reply-To: <5d96811e-4fac-74f0-8272-ea53f284c0b2@unlimitedmail.org> References: <5d96811e-4fac-74f0-8272-ea53f284c0b2@unlimitedmail.org> Message-ID: <17040077-901f-4ca3-a394-385edb2c9670@typeapp.com> Please read /etc/MailScanner/defaults It explains the details. Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 11, 2016, 12:48, at 12:48, "[SOLTECSIS] Carles Xavier Munyoz Bald?" wrote: >I get the next result: >ms-check ms-cron ms-msg-alert >ms-sa-cache ms-update-sa ms-upgrade-conf >ms-clean-quarantine ms-d2mbox ms-peek >ms-update-bad-emails ms-update-safe-sites >ms-create-locks ms-df2mbox ms-perl-check >ms-update-bad-sites ms-update-vs > >Which is the script for updating phishing lists? >Must I put this script into a crontab or it is used automatically by >MailScanner? > >Thanks. > > >El 11/08/16 a las 18:23, Jerry Benton escribi?: >> Type >> >> ms- >> >> And hit tab a couple times >> >> Jerry Benton >> +1 844-436-6245 >> >> Sent from BlueMail >> >> On Aug 11, 2016, at 12:22, "[SOLTECSIS] Carles Xavier Munyoz Bald?" >> > wrote: >> >> Hello, >> I'm not able to found the phishing update scripts in the las >version of >> MailScanner. >> >> In previous versions, these scripts where located at: >> /usr/sbin/update_bad_phishing_sites >> /usr/sbin/update_phishing_sites >> >> Where are they located now? >> We still need them in order to update de phising lists, isn't it? >> >> Best regards. >> >------------------------------------------------------------------------ >> >> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >> Carles Xavier Munyoz Bald? >> Departamento de I+D+I >> Tel./Fax: 966 446 046 >> cmunyoz at soltecsis.com >> www.soltecsis.com >> >------------------------------------------------------------------------ >> >> >> --- >> La informaci?n contenida en este e-mail es confidencial, >> siendo para uso exclusivo del destinatario arriba mencionado. >> Le informamos que est? totalmente prohibida cualquier >> utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de >> esta comunicaci?n sin autorizaci?n expresa en virtud de la >> legislaci?n vigente. Si ha recibido este mensaje por error,! >> >> le >> rogamos nos lo notifique inmediatamente por la misma v?a >> y proceda a su eliminaci?n. >> --- >> >> >> >> >> > > >-- >Saludos. >======================================== >SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >Carles Xavier Munyoz Bald? >Departamento de I+D+I >Tel./Fax: 966 446 046 >cmunyoz at soltecsis.com >www.soltecsis.com >======================================== > >--- >La informaci?n contenida en este e-mail es confidencial, >siendo para uso exclusivo del destinatario arriba mencionado. >Le informamos que est? totalmente prohibida cualquier >utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de >esta comunicaci?n sin autorizaci?n expresa en virtud de la >legislaci?n vigente. Si ha recibido este mensaje por error, >le rogamos nos lo notifique inmediatamente por la misma v?a >y proceda a su eliminaci?n. >--- > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From carles at unlimitedmail.org Thu Aug 11 17:02:31 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Thu, 11 Aug 2016 19:02:31 +0200 Subject: Where are the phishing update scripts? In-Reply-To: <17040077-901f-4ca3-a394-385edb2c9670@typeapp.com> References: <5d96811e-4fac-74f0-8272-ea53f284c0b2@unlimitedmail.org> <17040077-901f-4ca3-a394-385edb2c9670@typeapp.com> Message-ID: <552c2ebc-a5e7-7576-965e-418856b62eb3@unlimitedmail.org> Ok, it is all clear now, thank you very much for your answer :-D El 11/08/16 a las 18:50, Jerry Benton escribi?: > Please read /etc/MailScanner/defaults > > It explains the details. > > Jerry Benton > +1 844-436-6245 > > Sent from BlueMail > > On Aug 11, 2016, at 12:48, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > > wrote: > > I get the next result: > ms-check ms-cron ms-msg-alert > ms-sa-cache ms-update-sa ms-upgrade-conf > ms-clean-quarantine ms-d2mbox ms-peek > ms-update-bad-emails ms-update-safe-sites > ms-create-locks ms-df2mbox ms-perl-check > ms-update-bad-sites ms-update-vs > > Which is the script for updating phishing lists? > Must I put this script into a crontab or it is used automatically by > MailScanner? > > Thanks. > > > El 11/08/16 a las 18:23, Jerry Benton escribi?: > > Type > > ms- > > And hit tab a couple times > > Jerry Benton > +1 844-436-6245 > > Sent from BlueMail > > On Aug 11, 2016, at 12:22, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > > wrote: > > Hello, > I'm not able to found the phishing update scripts in the las > version of > MailScanner. > > In previous versions, these scripts where located at: > /usr/sbin/update_bad_phishing_sites > /usr/sbin/update_phishing_sites > > Where are they located now? > We still need them in order to update de phising lists, isn't it? > > Best regards. > ------------------------------------------------------------------------ > > > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > > ------------------------------------------------------------------------ > > > > --- > La informaci?n contenida en este e-mail es confidencial, > siendo para uso exclusivo del destinatario arriba mencionado. > ! Le informamos que est? totalmente prohibida cualquier > utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de > esta comunicaci?n sin autorizaci?n expresa en virtud de la > legislaci?n vigente. Si ha recibido este mensaje por error,! > > le > rogamos nos lo notifique inmediatamente por la misma v?a > y proceda a su eliminaci?n. > --- > > > > > > > > > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From carles at unlimitedmail.org Fri Aug 12 11:40:56 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Fri, 12 Aug 2016 13:40:56 +0200 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> Message-ID: <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> Hello, Please, may someone help me with this issue? ESET-Nod32 is a great antivirus and I would like to use it with MailScanner. The problem is with the last version of MailScanner, I have it going fine with a previous version of MailScanner. Thank you very much in advance. El 11/08/16 a las 18:45, [SOLTECSIS] Carles Xavier Munyoz Bald? escribi?: > It is setup this way: > Virus Scanners = auto > > but I have tried putting: > Virus Scanners = esets > and doesn't go. > > Thanks. > > > El 11/08/16 a las 18:21, Jerry Benton escribi?: >> Virus scanners = >> >> In mailscanner.conf >> >> Jerry Benton >> +1 844-436-6245 >> >> Sent from BlueMail >> >> On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" >> > wrote: >> >> Hi, >> I'm trying to use the old ESET wrapper file but it doesn't go. >> >> I have placed it into: >> /usr/lib/MailScanner/wrapper >> >> >> And added this line to MailScanner virus.scanners.conf file: >> esets /usr/lib/MailScanner/wrapper/esets-wrapper >> /opt/eset/esets/sbin >> >> >> If I launch the wrapper script it seems to go fine, but if I run the >> command MailScanner --lint it only finds BitDefender and ClamAV virus >> scanners: >> Found these virus scanners installed: bitdefender, clamd >> >> >> What must I do for have support for ESET-Nod32 in the last version of >> MailScanner? >> >> Thank you very much for your help. >> >> >> >> El 09/08/16 a las 18:28, Kevin Miller escribi?: >> >> Fair enough. >> I'd still advocate for a historical, "use at your own risk" page >> though... >> >> ...Kevin >> -- >> ! Kevin Miller >> Network/email Administrator, CBJ MIS Dept. >> 155 South Seward Street >> Juneau, Alaska 99801 >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User >> No: 307357 >> >> >> -----Original Message----- >> From: MailScanner >> [mailto:mailscanner-bounces+kevin.miller=juneau.org >> @lists.mailscanner.info] On Behalf Of Jerry >> Benton >> Sent: Tuesday, August 09, 2016 8:17 AM >> To: MailScanner Discussion >> Subject: RE: MailScanner and ESET-Nod32 antivirus. >> >> Same logic applies to being able to test them. I announced what >> was being removed and what was staying well in advance of v5 >> being released. As usual, crickets from the community. So, I >> will reiterate: >> >> If there is a virus scanner not on the list that you would like >> included, please provide me with a wrapper that you have tested >> and confirmed is functional with MailScanner and I will add it >> to the current distribution. >> >> >> - >> Jerry Benton >> ! www.mailborder.com >> +1 - 844-436-6245 >> >> >> -----Original Message----- >> From: Kevin Miller >> Reply: MailScanner Discussion >> Date: August 9, 2016 at 12:12:57 PM >> To: mailscanner at lists.mailscanner.info >> >> Subject: RE: MailScanner and ESET-Nod32 antivirus. >> >> I agree. If one is doing an upgrade they may have easy >> access to the >> old wrapper but if it's a new installation they have to >> reinvent the wheel. >> >> Some of the older wrappers no longer work anymore - I had to >> redo the >> f-secure wrappers some years back so I can understand removing >> obsolete code that nobody is using (or at least *shouldn't* >> be using) but for working code, there's no real cost to >> leave it intact. >> >> Perhaps it would be helpful to have a download page for >> additional/historical wrappers if it isn't bundled with the >> current stable version... >> >> ...Kevin >> -- >> Kevin Miller >> Network/email Administrator, CBJ MIS Dept. >> 155 South Seward Street >> Juneau, Alaska 99801 >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux >> User No: >> 307357 >> >> -----Original Message----- >> From: MailScanner >> [mailto:mailscanner-bounces+kevin.miller=juneau.org >> @lists.mailscanner. >> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? >> Sent: Tuesday, August 09, 2016 7:37 AM >> To: mailscanner at lists.mailscanner.info >> Subject: Re: MailScanner and ESET-Nod32 antivirus. >> >> Hi, >> I don't understand the reason for that. >> It is very surprising for me. >> For which reason have you removed all the commercial virus >> scanners support from MailScanner? >> >> I believe that it is good that the ! system administrator >> can install >> free and commercial virus scanners. >> >> Best regards. >> >> >> >> El 09/08/16 a las 17:21, Jerry Benton escribi?: >> >> All commercial virus scanners were removed. You can copy >> your old >> wrapper to the new MailScanner structure, edit the >> virus.scanner.conf, and add it to your configuration. >> >> >> - >> Jerry Benton >> www.mailborder.com >> +1 - 844-436-6245 >> >> >> -----Original Message----- >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? >> >> Reply: MailScanner Discussion >> Date: August 9, 2016 at 10:32:39 AM >> To: MailScanner Discussion >> Subject: MailScanner and ESET-Nod32 antivirus. >> >> ESET-Nod32 >> >> >> >> >> -- >> Saludos. >> ------------------------------------------------------------------------ >> >> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >> Carles Xavier Munyoz Bald? >> Departamento de I+D+I >> Tel./Fax: 966 446 046 >> cmunyoz at soltecsis.com >> www.soltecsis.com >> ------------------------------------------------------------------------ >> >> >> --- >> La informaci?n contenida en este e-mail es confidencial, >> siendo para >> uso exclusivo del destinatario arriba mencionado. >> Le informamos que est? totalmente prohibida cualquier >> utilizaci?n, >> divulgaci?n, distribuci?n y/o reproducci?n de esta >> comunicaci?n sin >> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha >> recibido este mensaje por error, le rogamos nos lo notifique >> inmediatamente por la misma v?a y proceda a su eliminaci?n. >> --- >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> >> >> >> >> >> > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From jerry.benton at mailborder.com Fri Aug 12 12:01:31 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Fri, 12 Aug 2016 05:01:31 -0700 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> Message-ID: I sent you a private email. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?[SOLTECSIS] Carles Xavier Munyoz Bald? Reply:?MailScanner Discussion Date:?August 12, 2016 at 7:41:14 AM To:?mailscanner at lists.mailscanner.info Subject:? Re: MailScanner and ESET-Nod32 antivirus. > Hello, > Please, may someone help me with this issue? > > ESET-Nod32 is a great antivirus and I would like to use it with MailScanner. > > The problem is with the last version of MailScanner, I have it going > fine with a previous version of MailScanner. > > Thank you very much in advance. > > > > El 11/08/16 a las 18:45, [SOLTECSIS] Carles Xavier Munyoz Bald? escribi?: > > It is setup this way: > > Virus Scanners = auto > > > > but I have tried putting: > > Virus Scanners = esets > > and doesn't go. > > > > Thanks. > > > > > > El 11/08/16 a las 18:21, Jerry Benton escribi?: > >> Virus scanners = > >> > >> In mailscanner.conf > >> > >> Jerry Benton > >> +1 844-436-6245 > >> > >> Sent from BlueMail > >> > >> On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > >> > wrote: > >> > >> Hi, > >> I'm trying to use the old ESET wrapper file but it doesn't go. > >> > >> I have placed it into: > >> /usr/lib/MailScanner/wrapper > >> > >> > >> And added this line to MailScanner virus.scanners.conf file: > >> esets /usr/lib/MailScanner/wrapper/esets-wrapper > >> /opt/eset/esets/sbin > >> > >> > >> If I launch the wrapper script it seems to go fine, but if I run the > >> command MailScanner --lint it only finds BitDefender and ClamAV virus > >> scanners: > >> Found these virus scanners installed: bitdefender, clamd > >> > >> > >> What must I do for have support for ESET-Nod32 in the last version of > >> MailScanner? > >> > >> Thank you very much for your help. > >> > >> > >> > >> El 09/08/16 a las 18:28, Kevin Miller escribi?: > >> > >> Fair enough. > >> I'd still advocate for a historical, "use at your own risk" page > >> though... > >> > >> ...Kevin > >> -- > >> ! Kevin Miller > >> Network/email Administrator, CBJ MIS Dept. > >> 155 South Seward Street > >> Juneau, Alaska 99801 > >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >> No: 307357 > >> > >> > >> -----Original Message----- > >> From: MailScanner > >> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >> @lists.mailscanner.info] On Behalf Of Jerry > >> Benton > >> Sent: Tuesday, August 09, 2016 8:17 AM > >> To: MailScanner Discussion > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> > >> Same logic applies to being able to test them. I announced what > >> was being removed and what was staying well in advance of v5 > >> being released. As usual, crickets from the community. So, I > >> will reiterate: > >> > >> If there is a virus scanner not on the list that you would like > >> included, please provide me with a wrapper that you have tested > >> and confirmed is functional with MailScanner and I will add it > >> to the current distribution. > >> > >> > >> - > >> Jerry Benton > >> ! www.mailborder.com > >> +1 - 844-436-6245 > >> > >> > >> -----Original Message----- > >> From: Kevin Miller > >> Reply: MailScanner Discussion > >> Date: August 9, 2016 at 12:12:57 PM > >> To: mailscanner at lists.mailscanner.info > >> > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> > >> I agree. If one is doing an upgrade they may have easy > >> access to the > >> old wrapper but if it's a new installation they have to > >> reinvent the wheel. > >> > >> Some of the older wrappers no longer work anymore - I had to > >> redo the > >> f-secure wrappers some years back so I can understand removing > >> obsolete code that nobody is using (or at least *shouldn't* > >> be using) but for working code, there's no real cost to > >> leave it intact. > >> > >> Perhaps it would be helpful to have a download page for > >> additional/historical wrappers if it isn't bundled with the > >> current stable version... > >> > >> ...Kevin > >> -- > >> Kevin Miller > >> Network/email Administrator, CBJ MIS Dept. > >> 155 South Seward Street > >> Juneau, Alaska 99801 > >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux > >> User No: > >> 307357 > >> > >> -----Original Message----- > >> From: MailScanner > >> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >> @lists.mailscanner. > >> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > >> Sent: Tuesday, August 09, 2016 7:37 AM > >> To: mailscanner at lists.mailscanner.info > >> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >> > >> Hi, > >> I don't understand the reason for that. > >> It is very surprising for me. > >> For which reason have you removed all the commercial virus > >> scanners support from MailScanner? > >> > >> I believe that it is good that the ! system administrator > >> can install > >> free and commercial virus scanners. > >> > >> Best regards. > >> > >> > >> > >> El 09/08/16 a las 17:21, Jerry Benton escribi?: > >> > >> All commercial virus scanners were removed. You can copy > >> your old > >> wrapper to the new MailScanner structure, edit the > >> virus.scanner.conf, and add it to your configuration. > >> > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> +1 - 844-436-6245 > >> > >> > >> -----Original Message----- > >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? > >> > >> Reply: MailScanner Discussion > >> Date: August 9, 2016 at 10:32:39 AM > >> To: MailScanner Discussion > >> Subject: MailScanner and ESET-Nod32 antivirus. > >> > >> ESET-Nod32 > >> > >> > >> > >> > >> -- > >> Saludos. > >> ------------------------------------------------------------------------ > >> > >> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > >> Carles Xavier Munyoz Bald? > >> Departamento de I+D+I > >> Tel./Fax: 966 446 046 > >> cmunyoz at soltecsis.com > >> www.soltecsis.com > >> ------------------------------------------------------------------------ > >> > >> > >> --- > >> La informaci?n contenida en este e-mail es confidencial, > >> siendo para > >> uso exclusivo del destinatario arriba mencionado. > >> Le informamos que est? totalmente prohibida cualquier > >> utilizaci?n, > >> divulgaci?n, distribuci?n y/o reproducci?n de esta > >> comunicaci?n sin > >> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > >> recibido este mensaje por error, le rogamos nos lo notifique > >> inmediatamente por la misma v?a y proceda a su eliminaci?n. > >> --- > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> > >> > >> > >> > >> > > > > > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, > siendo para uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier > utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de > esta comunicaci?n sin autorizaci?n expresa en virtud de la > legislaci?n vigente. Si ha recibido este mensaje por error, > le rogamos nos lo notifique inmediatamente por la misma v?a > y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From sbanderson at impromed.com Fri Aug 12 13:52:19 2016 From: sbanderson at impromed.com (Scott B. Anderson) Date: Fri, 12 Aug 2016 13:52:19 +0000 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <553e6bad-9179-d3f1-d83e-ea654bd8df1a@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> Message-ID: I also use ESET products commercially and would like instructions on how to set up the code to use it. Scott -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+sbanderson=impromed.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Friday, August 12, 2016 7:02 AM To: MailScanner Discussion Subject: Re: MailScanner and ESET-Nod32 antivirus. I sent you a private email. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?[SOLTECSIS] Carles Xavier Munyoz Bald? Reply:?MailScanner Discussion Date:?August 12, 2016 at 7:41:14 AM To:?mailscanner at lists.mailscanner.info Subject:? Re: MailScanner and ESET-Nod32 antivirus. > Hello, > Please, may someone help me with this issue? > > ESET-Nod32 is a great antivirus and I would like to use it with MailScanner. > > The problem is with the last version of MailScanner, I have it going > fine with a previous version of MailScanner. > > Thank you very much in advance. > > > > El 11/08/16 a las 18:45, [SOLTECSIS] Carles Xavier Munyoz Bald? escribi?: > > It is setup this way: > > Virus Scanners = auto > > > > but I have tried putting: > > Virus Scanners = esets > > and doesn't go. > > > > Thanks. > > > > > > El 11/08/16 a las 18:21, Jerry Benton escribi?: > >> Virus scanners = > >> > >> In mailscanner.conf > >> > >> Jerry Benton > >> +1 844-436-6245 > >> > >> Sent from BlueMail > >> > >> On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > >> > wrote: > >> > >> Hi, > >> I'm trying to use the old ESET wrapper file but it doesn't go. > >> > >> I have placed it into: > >> /usr/lib/MailScanner/wrapper > >> > >> > >> And added this line to MailScanner virus.scanners.conf file: > >> esets /usr/lib/MailScanner/wrapper/esets-wrapper > >> /opt/eset/esets/sbin > >> > >> > >> If I launch the wrapper script it seems to go fine, but if I run > >> the command MailScanner --lint it only finds BitDefender and ClamAV > >> virus > >> scanners: > >> Found these virus scanners installed: bitdefender, clamd > >> > >> > >> What must I do for have support for ESET-Nod32 in the last version > >> of MailScanner? > >> > >> Thank you very much for your help. > >> > >> > >> > >> El 09/08/16 a las 18:28, Kevin Miller escribi?: > >> > >> Fair enough. > >> I'd still advocate for a historical, "use at your own risk" page > >> though... > >> > >> ...Kevin > >> -- > >> ! Kevin Miller > >> Network/email Administrator, CBJ MIS Dept. > >> 155 South Seward Street > >> Juneau, Alaska 99801 > >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >> No: 307357 > >> > >> > >> -----Original Message----- > >> From: MailScanner > >> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >> @lists.mailscanner.info] On Behalf Of Jerry Benton > >> Sent: Tuesday, August 09, 2016 8:17 AM > >> To: MailScanner Discussion > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> > >> Same logic applies to being able to test them. I announced what was > >> being removed and what was staying well in advance of v5 being > >> released. As usual, crickets from the community. So, I will > >> reiterate: > >> > >> If there is a virus scanner not on the list that you would like > >> included, please provide me with a wrapper that you have tested and > >> confirmed is functional with MailScanner and I will add it to the > >> current distribution. > >> > >> > >> - > >> Jerry Benton > >> ! www.mailborder.com > >> +1 - 844-436-6245 > >> > >> > >> -----Original Message----- > >> From: Kevin Miller > >> Reply: MailScanner Discussion > >> Date: August 9, 2016 at 12:12:57 PM > >> To: mailscanner at lists.mailscanner.info > >> > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> > >> I agree. If one is doing an upgrade they may have easy access to > >> the old wrapper but if it's a new installation they have to > >> reinvent the wheel. > >> > >> Some of the older wrappers no longer work anymore - I had to redo > >> the f-secure wrappers some years back so I can understand removing > >> obsolete code that nobody is using (or at least *shouldn't* be > >> using) but for working code, there's no real cost to leave it > >> intact. > >> > >> Perhaps it would be helpful to have a download page for > >> additional/historical wrappers if it isn't bundled with the current > >> stable version... > >> > >> ...Kevin > >> -- > >> Kevin Miller > >> Network/email Administrator, CBJ MIS Dept. > >> 155 South Seward Street > >> Juneau, Alaska 99801 > >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >> No: > >> 307357 > >> > >> -----Original Message----- > >> From: MailScanner > >> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >> @lists.mailscanner. > >> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > >> Sent: Tuesday, August 09, 2016 7:37 AM > >> To: mailscanner at lists.mailscanner.info > >> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >> > >> Hi, > >> I don't understand the reason for that. > >> It is very surprising for me. > >> For which reason have you removed all the commercial virus scanners > >> support from MailScanner? > >> > >> I believe that it is good that the ! system administrator can > >> install free and commercial virus scanners. > >> > >> Best regards. > >> > >> > >> > >> El 09/08/16 a las 17:21, Jerry Benton escribi?: > >> > >> All commercial virus scanners were removed. You can copy your old > >> wrapper to the new MailScanner structure, edit the > >> virus.scanner.conf, and add it to your configuration. > >> > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> +1 - 844-436-6245 > >> > >> > >> -----Original Message----- > >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? > >> > >> Reply: MailScanner Discussion > >> Date: August 9, 2016 at 10:32:39 AM > >> To: MailScanner Discussion > >> Subject: MailScanner and ESET-Nod32 antivirus. > >> > >> ESET-Nod32 > >> > >> > >> > >> > >> -- > >> Saludos. > >> ------------------------------------------------------------------- > >> ----- > >> > >> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > >> Carles Xavier Munyoz Bald? > >> Departamento de I+D+I > >> Tel./Fax: 966 446 046 > >> cmunyoz at soltecsis.com > >> www.soltecsis.com > >> ------------------------------------------------------------------- > >> ----- > >> > >> > >> --- > >> La informaci?n contenida en este e-mail es confidencial, siendo > >> para uso exclusivo del destinatario arriba mencionado. > >> Le informamos que est? totalmente prohibida cualquier utilizaci?n, > >> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > >> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > >> recibido este mensaje por error, le rogamos nos lo notifique > >> inmediatamente por la misma v?a y proceda a su eliminaci?n. > >> --- > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> > >> > >> > >> > >> > > > > > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, siendo para > uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier utilizaci?n, > divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > recibido este mensaje por error, le rogamos nos lo notifique > inmediatamente por la misma v?a y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner -- Rely On Us. ImproMed LLC Henry Schein Animal Health -- From kimmo at hedman.fi Fri Aug 12 14:04:09 2016 From: kimmo at hedman.fi (Kimmo Hedman) Date: Fri, 12 Aug 2016 17:04:09 +0300 (EEST) Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> Message-ID: <1861348414.16203.1471010649162.JavaMail.zimbra@hedman.fi> ----- Original Message ----- From: "Scott B. Anderson" To: "MailScanner Discussion" Sent: Friday, August 12, 2016 4:52:19 PM Subject: RE: MailScanner and ESET-Nod32 antivirus. I also use ESET products commercially and would like instructions on how to set up the code to use it. Scott -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+sbanderson=impromed.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Friday, August 12, 2016 7:02 AM To: MailScanner Discussion Subject: Re: MailScanner and ESET-Nod32 antivirus. I sent you a private email. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?[SOLTECSIS] Carles Xavier Munyoz Bald? Reply:?MailScanner Discussion Date:?August 12, 2016 at 7:41:14 AM To:?mailscanner at lists.mailscanner.info Subject:? Re: MailScanner and ESET-Nod32 antivirus. > Hello, > Please, may someone help me with this issue? > > ESET-Nod32 is a great antivirus and I would like to use it with MailScanner. > > The problem is with the last version of MailScanner, I have it going > fine with a previous version of MailScanner. > > Thank you very much in advance. > > > > El 11/08/16 a las 18:45, [SOLTECSIS] Carles Xavier Munyoz Bald? escribi?: > > It is setup this way: > > Virus Scanners = auto > > > > but I have tried putting: > > Virus Scanners = esets > > and doesn't go. > > > > Thanks. > > > > > > El 11/08/16 a las 18:21, Jerry Benton escribi?: > >> Virus scanners = > >> > >> In mailscanner.conf > >> > >> Jerry Benton > >> +1 844-436-6245 > >> > >> Sent from BlueMail > >> > >> On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > >> > wrote: > >> > >> Hi, > >> I'm trying to use the old ESET wrapper file but it doesn't go. > >> > >> I have placed it into: > >> /usr/lib/MailScanner/wrapper > >> > >> > >> And added this line to MailScanner virus.scanners.conf file: > >> esets /usr/lib/MailScanner/wrapper/esets-wrapper > >> /opt/eset/esets/sbin > >> > >> > >> If I launch the wrapper script it seems to go fine, but if I run > >> the command MailScanner --lint it only finds BitDefender and ClamAV > >> virus > >> scanners: > >> Found these virus scanners installed: bitdefender, clamd > >> > >> > >> What must I do for have support for ESET-Nod32 in the last version > >> of MailScanner? > >> > >> Thank you very much for your help. > >> > >> > >> > >> El 09/08/16 a las 18:28, Kevin Miller escribi?: > >> > >> Fair enough. > >> I'd still advocate for a historical, "use at your own risk" page > >> though... > >> > >> ...Kevin > >> -- > >> ! Kevin Miller > >> Network/email Administrator, CBJ MIS Dept. > >> 155 South Seward Street > >> Juneau, Alaska 99801 > >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >> No: 307357 > >> > >> > >> -----Original Message----- > >> From: MailScanner > >> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >> @lists.mailscanner.info] On Behalf Of Jerry Benton > >> Sent: Tuesday, August 09, 2016 8:17 AM > >> To: MailScanner Discussion > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> > >> Same logic applies to being able to test them. I announced what was > >> being removed and what was staying well in advance of v5 being > >> released. As usual, crickets from the community. So, I will > >> reiterate: > >> > >> If there is a virus scanner not on the list that you would like > >> included, please provide me with a wrapper that you have tested and > >> confirmed is functional with MailScanner and I will add it to the > >> current distribution. > >> > >> > >> - > >> Jerry Benton > >> ! www.mailborder.com > >> +1 - 844-436-6245 > >> > >> > >> -----Original Message----- > >> From: Kevin Miller > >> Reply: MailScanner Discussion > >> Date: August 9, 2016 at 12:12:57 PM > >> To: mailscanner at lists.mailscanner.info > >> > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> > >> I agree. If one is doing an upgrade they may have easy access to > >> the old wrapper but if it's a new installation they have to > >> reinvent the wheel. > >> > >> Some of the older wrappers no longer work anymore - I had to redo > >> the f-secure wrappers some years back so I can understand removing > >> obsolete code that nobody is using (or at least *shouldn't* be > >> using) but for working code, there's no real cost to leave it > >> intact. > >> > >> Perhaps it would be helpful to have a download page for > >> additional/historical wrappers if it isn't bundled with the current > >> stable version... > >> > >> ...Kevin > >> -- > >> Kevin Miller > >> Network/email Administrator, CBJ MIS Dept. > >> 155 South Seward Street > >> Juneau, Alaska 99801 > >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >> No: > >> 307357 > >> > >> -----Original Message----- > >> From: MailScanner > >> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >> @lists.mailscanner. > >> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > >> Sent: Tuesday, August 09, 2016 7:37 AM > >> To: mailscanner at lists.mailscanner.info > >> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >> > >> Hi, > >> I don't understand the reason for that. > >> It is very surprising for me. > >> For which reason have you removed all the commercial virus scanners > >> support from MailScanner? > >> > >> I believe that it is good that the ! system administrator can > >> install free and commercial virus scanners. > >> > >> Best regards. > >> > >> > >> > >> El 09/08/16 a las 17:21, Jerry Benton escribi?: > >> > >> All commercial virus scanners were removed. You can copy your old > >> wrapper to the new MailScanner structure, edit the > >> virus.scanner.conf, and add it to your configuration. > >> > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> +1 - 844-436-6245 > >> > >> > >> -----Original Message----- > >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? > >> > >> Reply: MailScanner Discussion > >> Date: August 9, 2016 at 10:32:39 AM > >> To: MailScanner Discussion > >> Subject: MailScanner and ESET-Nod32 antivirus. > >> > >> ESET-Nod32 > >> > >> > >> > >> > >> -- > >> Saludos. > >> ------------------------------------------------------------------- > >> ----- > >> > >> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > >> Carles Xavier Munyoz Bald? > >> Departamento de I+D+I > >> Tel./Fax: 966 446 046 > >> cmunyoz at soltecsis.com > >> www.soltecsis.com > >> ------------------------------------------------------------------- > >> ----- > >> > >> > >> --- > >> La informaci?n contenida en este e-mail es confidencial, siendo > >> para uso exclusivo del destinatario arriba mencionado. > >> Le informamos que est? totalmente prohibida cualquier utilizaci?n, > >> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > >> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > >> recibido este mensaje por error, le rogamos nos lo notifique > >> inmediatamente por la misma v?a y proceda a su eliminaci?n. > >> --- > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> > >> > >> > >> > >> > >> > > > > > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, siendo para > uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier utilizaci?n, > divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > recibido este mensaje por error, le rogamos nos lo notifique > inmediatamente por la misma v?a y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner -- Rely On Us. ImproMed LLC Henry Schein Animal Health -- -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner From jerry.benton at mailborder.com Fri Aug 12 14:08:44 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Fri, 12 Aug 2016 10:08:44 -0400 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: <1861348414.16203.1471010649162.JavaMail.zimbra@hedman.fi> References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> <1861348414.16203.1471010649162.JavaMail.zimbra@hedman.fi> Message-ID: I am working on another wrapper today. I will take a look at it but someone has to send me a private email with the link to download the full version of the software along with a license key. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Kimmo Hedman Reply:?MailScanner Discussion Date:?August 12, 2016 at 10:05:53 AM To:?MailScanner Discussion Subject:? Re: MailScanner and ESET-Nod32 antivirus. > > > ----- Original Message ----- > From: "Scott B. Anderson" > To: "MailScanner Discussion" > Sent: Friday, August 12, 2016 4:52:19 PM > Subject: RE: MailScanner and ESET-Nod32 antivirus. > > I also use ESET products commercially and would like instructions on how to set up the > code to use it. > > Scott > > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+sbanderson=impromed.com at lists.mailscanner.info] > On Behalf Of Jerry Benton > Sent: Friday, August 12, 2016 7:02 AM > To: MailScanner Discussion > Subject: Re: MailScanner and ESET-Nod32 antivirus. > > I sent you a private email. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: [SOLTECSIS] Carles Xavier Munyoz Bald? > Reply: MailScanner Discussion > Date: August 12, 2016 at 7:41:14 AM > To: mailscanner at lists.mailscanner.info > Subject: Re: MailScanner and ESET-Nod32 antivirus. > > > Hello, > > Please, may someone help me with this issue? > > > > ESET-Nod32 is a great antivirus and I would like to use it with MailScanner. > > > > The problem is with the last version of MailScanner, I have it going > > fine with a previous version of MailScanner. > > > > Thank you very much in advance. > > > > > > > > El 11/08/16 a las 18:45, [SOLTECSIS] Carles Xavier Munyoz Bald? escribi?: > > > It is setup this way: > > > Virus Scanners = auto > > > > > > but I have tried putting: > > > Virus Scanners = esets > > > and doesn't go. > > > > > > Thanks. > > > > > > > > > El 11/08/16 a las 18:21, Jerry Benton escribi?: > > >> Virus scanners = > > >> > > >> In mailscanner.conf > > >> > > >> Jerry Benton > > >> +1 844-436-6245 > > >> > > >> Sent from BlueMail > > >> > > >> On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > > >> > wrote: > > >> > > >> Hi, > > >> I'm trying to use the old ESET wrapper file but it doesn't go. > > >> > > >> I have placed it into: > > >> /usr/lib/MailScanner/wrapper > > >> > > >> > > >> And added this line to MailScanner virus.scanners.conf file: > > >> esets /usr/lib/MailScanner/wrapper/esets-wrapper > > >> /opt/eset/esets/sbin > > >> > > >> > > >> If I launch the wrapper script it seems to go fine, but if I run > > >> the command MailScanner --lint it only finds BitDefender and ClamAV > > >> virus > > >> scanners: > > >> Found these virus scanners installed: bitdefender, clamd > > >> > > >> > > >> What must I do for have support for ESET-Nod32 in the last version > > >> of MailScanner? > > >> > > >> Thank you very much for your help. > > >> > > >> > > >> > > >> El 09/08/16 a las 18:28, Kevin Miller escribi?: > > >> > > >> Fair enough. > > >> I'd still advocate for a historical, "use at your own risk" page > > >> though... > > >> > > >> ...Kevin > > >> -- > > >> ! Kevin Miller > > >> Network/email Administrator, CBJ MIS Dept. > > >> 155 South Seward Street > > >> Juneau, Alaska 99801 > > >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > > >> No: 307357 > > >> > > >> > > >> -----Original Message----- > > >> From: MailScanner > > >> [mailto:mailscanner-bounces+kevin.miller=juneau.org > > >> @lists.mailscanner.info] On Behalf Of Jerry Benton > > >> Sent: Tuesday, August 09, 2016 8:17 AM > > >> To: MailScanner Discussion > > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > > >> > > >> Same logic applies to being able to test them. I announced what was > > >> being removed and what was staying well in advance of v5 being > > >> released. As usual, crickets from the community. So, I will > > >> reiterate: > > >> > > >> If there is a virus scanner not on the list that you would like > > >> included, please provide me with a wrapper that you have tested and > > >> confirmed is functional with MailScanner and I will add it to the > > >> current distribution. > > >> > > >> > > >> - > > >> Jerry Benton > > >> ! www.mailborder.com > > >> +1 - 844-436-6245 > > >> > > >> > > >> -----Original Message----- > > >> From: Kevin Miller > > >> Reply: MailScanner Discussion > > >> Date: August 9, 2016 at 12:12:57 PM > > >> To: mailscanner at lists.mailscanner.info > > >> > > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > > >> > > >> I agree. If one is doing an upgrade they may have easy access to > > >> the old wrapper but if it's a new installation they have to > > >> reinvent the wheel. > > >> > > >> Some of the older wrappers no longer work anymore - I had to redo > > >> the f-secure wrappers some years back so I can understand removing > > >> obsolete code that nobody is using (or at least *shouldn't* be > > >> using) but for working code, there's no real cost to leave it > > >> intact. > > >> > > >> Perhaps it would be helpful to have a download page for > > >> additional/historical wrappers if it isn't bundled with the current > > >> stable version... > > >> > > >> ...Kevin > > >> -- > > >> Kevin Miller > > >> Network/email Administrator, CBJ MIS Dept. > > >> 155 South Seward Street > > >> Juneau, Alaska 99801 > > >> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > > >> No: > > >> 307357 > > >> > > >> -----Original Message----- > > >> From: MailScanner > > >> [mailto:mailscanner-bounces+kevin.miller=juneau.org > > >> @lists.mailscanner. > > >> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > > >> Sent: Tuesday, August 09, 2016 7:37 AM > > >> To: mailscanner at lists.mailscanner.info > > >> Subject: Re: MailScanner and ESET-Nod32 antivirus. > > >> > > >> Hi, > > >> I don't understand the reason for that. > > >> It is very surprising for me. > > >> For which reason have you removed all the commercial virus scanners > > >> support from MailScanner? > > >> > > >> I believe that it is good that the ! system administrator can > > >> install free and commercial virus scanners. > > >> > > >> Best regards. > > >> > > >> > > >> > > >> El 09/08/16 a las 17:21, Jerry Benton escribi?: > > >> > > >> All commercial virus scanners were removed. You can copy your old > > >> wrapper to the new MailScanner structure, edit the > > >> virus.scanner.conf, and add it to your configuration. > > >> > > >> > > >> - > > >> Jerry Benton > > >> www.mailborder.com > > >> +1 - 844-436-6245 > > >> > > >> > > >> -----Original Message----- > > >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? > > >> > > >> Reply: MailScanner Discussion > > >> Date: August 9, 2016 at 10:32:39 AM > > >> To: MailScanner Discussion > > >> Subject: MailScanner and ESET-Nod32 antivirus. > > >> > > >> ESET-Nod32 > > >> > > >> > > >> > > >> > > >> -- > > >> Saludos. > > >> ------------------------------------------------------------------- > > >> ----- > > >> > > >> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > > >> Carles Xavier Munyoz Bald? > > >> Departamento de I+D+I > > >> Tel./Fax: 966 446 046 > > >> cmunyoz at soltecsis.com > > >> www.soltecsis.com > > >> ------------------------------------------------------------------- > > >> ----- > > >> > > >> > > >> --- > > >> La informaci?n contenida en este e-mail es confidencial, siendo > > >> para uso exclusivo del destinatario arriba mencionado. > > >> Le informamos que est? totalmente prohibida cualquier utilizaci?n, > > >> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > > >> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > > >> recibido este mensaje por error, le rogamos nos lo notifique > > >> inmediatamente por la misma v?a y proceda a su eliminaci?n. > > >> --- > > >> > > >> > > >> -- > > >> MailScanner mailing list > > >> mailscanner at lists.mailscanner.info > > >> http://lists.mailscanner.info/listinfo/mailscanner > > >> > > >> > > >> > > >> -- > > >> MailScanner mailing list > > >> mailscanner at lists.mailscanner.info > > >> http://lists.mailscanner.info/listinfo/mailscanner > > >> > > >> > > >> > > >> > > >> > > >> -- > > >> MailScanner mailing list > > >> mailscanner at lists.mailscanner.info > > >> http://lists.mailscanner.info/listinfo/mailscanner > > >> > > >> > > >> > > >> > > >> > > >> > > >> > > >> > > > > > > > > > > > > -- > > Saludos. > > ======================================== > > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > > Carles Xavier Munyoz Bald? > > Departamento de I+D+I > > Tel./Fax: 966 446 046 > > cmunyoz at soltecsis.com > > www.soltecsis.com > > ======================================== > > > > --- > > La informaci?n contenida en este e-mail es confidencial, siendo para > > uso exclusivo del destinatario arriba mencionado. > > Le informamos que est? totalmente prohibida cualquier utilizaci?n, > > divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > > autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > > recibido este mensaje por error, le rogamos nos lo notifique > > inmediatamente por la misma v?a y proceda a su eliminaci?n. > > --- > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -- > Rely On Us. > ImproMed LLC > Henry Schein Animal Health > -- > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From carles at unlimitedmail.org Fri Aug 12 14:44:10 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Fri, 12 Aug 2016 16:44:10 +0200 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> <1861348414.16203.1471010649162.JavaMail.zimbra@hedman.fi> Message-ID: Hi, I have just sent you a private e-mail with all this. Thank you very much. El 12/08/16 a las 16:08, Jerry Benton escribi?: > I am working on another wrapper today. I will take a look at it but > someone has to send me a private email with the link to download the > full version of the software along with a license key. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Kimmo Hedman > Reply: MailScanner Discussion > Date: August 12, 2016 at 10:05:53 AM > To: MailScanner Discussion > Subject: Re: MailScanner and ESET-Nod32 antivirus. > >> >> >> ----- Original Message ----- >> From: "Scott B. Anderson" >> To: "MailScanner Discussion" >> Sent: Friday, August 12, 2016 4:52:19 PM >> Subject: RE: MailScanner and ESET-Nod32 antivirus. >> >> I also use ESET products commercially and would like instructions on how to set up the >> code to use it. >> >> Scott >> >> >> -----Original Message----- >> From: MailScanner [mailto:mailscanner-bounces+sbanderson=impromed.com at lists.mailscanner.info] >> On Behalf Of Jerry Benton >> Sent: Friday, August 12, 2016 7:02 AM >> To: MailScanner Discussion >> Subject: Re: MailScanner and ESET-Nod32 antivirus. >> >> I sent you a private email. >> >> >> - >> Jerry Benton >> www.mailborder.com >> +1 - 844-436-6245 >> >> >> -----Original Message----- >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? >> Reply: MailScanner Discussion >> Date: August 12, 2016 at 7:41:14 AM >> To: mailscanner at lists.mailscanner.info >> Subject: Re: MailScanner and ESET-Nod32 antivirus. >> >>> Hello, >>> Please, may someone help me with this issue? >>> >>> ESET-Nod32 is a great antivirus and I would like to use it with MailScanner. >>> >>> The problem is with the last version of MailScanner, I have it going >>> fine with a previous version of MailScanner. >>> >>> Thank you very much in advance. >>> >>> >>> >>> El 11/08/16 a las 18:45, [SOLTECSIS] Carles Xavier Munyoz Bald? escribi?: >>>> It is setup this way: >>>> Virus Scanners = auto >>>> >>>> but I have tried putting: >>>> Virus Scanners = esets >>>> and doesn't go. >>>> >>>> Thanks. >>>> >>>> >>>> El 11/08/16 a las 18:21, Jerry Benton escribi?: >>>>> Virus scanners = >>>>> >>>>> In mailscanner.conf >>>>> >>>>> Jerry Benton >>>>> +1 844-436-6245 >>>>> >>>>> Sent from BlueMail >>>>> >>>>> On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" >>>>>> wrote: >>>>> >>>>> Hi, >>>>> I'm trying to use the old ESET wrapper file but it doesn't go. >>>>> >>>>> I have placed it into: >>>>> /usr/lib/MailScanner/wrapper >>>>> >>>>> >>>>> And added this line to MailScanner virus.scanners.conf file: >>>>> esets /usr/lib/MailScanner/wrapper/esets-wrapper >>>>> /opt/eset/esets/sbin >>>>> >>>>> >>>>> If I launch the wrapper script it seems to go fine, but if I run >>>>> the command MailScanner --lint it only finds BitDefender and ClamAV >>>>> virus >>>>> scanners: >>>>> Found these virus scanners installed: bitdefender, clamd >>>>> >>>>> >>>>> What must I do for have support for ESET-Nod32 in the last version >>>>> of MailScanner? >>>>> >>>>> Thank you very much for your help. >>>>> >>>>> >>>>> >>>>> El 09/08/16 a las 18:28, Kevin Miller escribi?: >>>>> >>>>> Fair enough. >>>>> I'd still advocate for a historical, "use at your own risk" page >>>>> though... >>>>> >>>>> ...Kevin >>>>> -- >>>>> ! Kevin Miller >>>>> Network/email Administrator, CBJ MIS Dept. >>>>> 155 South Seward Street >>>>> Juneau, Alaska 99801 >>>>> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User >>>>> No: 307357 >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: MailScanner >>>>> [mailto:mailscanner-bounces+kevin.miller=juneau.org >>>>> @lists.mailscanner.info] On Behalf Of Jerry Benton >>>>> Sent: Tuesday, August 09, 2016 8:17 AM >>>>> To: MailScanner Discussion >>>>> Subject: RE: MailScanner and ESET-Nod32 antivirus. >>>>> >>>>> Same logic applies to being able to test them. I announced what was >>>>> being removed and what was staying well in advance of v5 being >>>>> released. As usual, crickets from the community. So, I will >>>>> reiterate: >>>>> >>>>> If there is a virus scanner not on the list that you would like >>>>> included, please provide me with a wrapper that you have tested and >>>>> confirmed is functional with MailScanner and I will add it to the >>>>> current distribution. >>>>> >>>>> >>>>> - >>>>> Jerry Benton >>>>> ! www.mailborder.com >>>>> +1 - 844-436-6245 >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: Kevin Miller >>>>> Reply: MailScanner Discussion >>>>> Date: August 9, 2016 at 12:12:57 PM >>>>> To: mailscanner at lists.mailscanner.info >>>>> >>>>> Subject: RE: MailScanner and ESET-Nod32 antivirus. >>>>> >>>>> I agree. If one is doing an upgrade they may have easy access to >>>>> the old wrapper but if it's a new installation they have to >>>>> reinvent the wheel. >>>>> >>>>> Some of the older wrappers no longer work anymore - I had to redo >>>>> the f-secure wrappers some years back so I can understand removing >>>>> obsolete code that nobody is using (or at least *shouldn't* be >>>>> using) but for working code, there's no real cost to leave it >>>>> intact. >>>>> >>>>> Perhaps it would be helpful to have a download page for >>>>> additional/historical wrappers if it isn't bundled with the current >>>>> stable version... >>>>> >>>>> ...Kevin >>>>> -- >>>>> Kevin Miller >>>>> Network/email Administrator, CBJ MIS Dept. >>>>> 155 South Seward Street >>>>> Juneau, Alaska 99801 >>>>> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User >>>>> No: >>>>> 307357 >>>>> >>>>> -----Original Message----- >>>>> From: MailScanner >>>>> [mailto:mailscanner-bounces+kevin.miller=juneau.org >>>>> @lists.mailscanner. >>>>> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? >>>>> Sent: Tuesday, August 09, 2016 7:37 AM >>>>> To: mailscanner at lists.mailscanner.info >>>>> Subject: Re: MailScanner and ESET-Nod32 antivirus. >>>>> >>>>> Hi, >>>>> I don't understand the reason for that. >>>>> It is very surprising for me. >>>>> For which reason have you removed all the commercial virus scanners >>>>> support from MailScanner? >>>>> >>>>> I believe that it is good that the ! system administrator can >>>>> install free and commercial virus scanners. >>>>> >>>>> Best regards. >>>>> >>>>> >>>>> >>>>> El 09/08/16 a las 17:21, Jerry Benton escribi?: >>>>> >>>>> All commercial virus scanners were removed. You can copy your old >>>>> wrapper to the new MailScanner structure, edit the >>>>> virus.scanner.conf, and add it to your configuration. >>>>> >>>>> >>>>> - >>>>> Jerry Benton >>>>> www.mailborder.com >>>>> +1 - 844-436-6245 >>>>> >>>>> >>>>> -----Original Message----- >>>>> From: [SOLTECSIS] Carles Xavier Munyoz Bald? >>>>> >>>>> Reply: MailScanner Discussion >>>>> Date: August 9, 2016 at 10:32:39 AM >>>>> To: MailScanner Discussion >>>>> Subject: MailScanner and ESET-Nod32 antivirus. >>>>> >>>>> ESET-Nod32 >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Saludos. >>>>> ------------------------------------------------------------------- >>>>> ----- >>>>> >>>>> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >>>>> Carles Xavier Munyoz Bald? >>>>> Departamento de I+D+I >>>>> Tel./Fax: 966 446 046 >>>>> cmunyoz at soltecsis.com >>>>> www.soltecsis.com >>>>> ------------------------------------------------------------------- >>>>> ----- >>>>> >>>>> >>>>> --- >>>>> La informaci?n contenida en este e-mail es confidencial, siendo >>>>> para uso exclusivo del destinatario arriba mencionado. >>>>> Le informamos que est? totalmente prohibida cualquier utilizaci?n, >>>>> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin >>>>> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha >>>>> recibido este mensaje por error, le rogamos nos lo notifique >>>>> inmediatamente por la misma v?a y proceda a su eliminaci?n. >>>>> --- >>>>> >>>>> >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/listinfo/mailscanner >>>>> >>>>> >>>>> >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/listinfo/mailscanner >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> MailScanner mailing list >>>>> mailscanner at lists.mailscanner.info >>>>> http://lists.mailscanner.info/listinfo/mailscanner >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>> >>> >>> -- >>> Saludos. >>> ======================================== >>> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >>> Carles Xavier Munyoz Bald? >>> Departamento de I+D+I >>> Tel./Fax: 966 446 046 >>> cmunyoz at soltecsis.com >>> www.soltecsis.com >>> ======================================== >>> >>> --- >>> La informaci?n contenida en este e-mail es confidencial, siendo para >>> uso exclusivo del destinatario arriba mencionado. >>> Le informamos que est? totalmente prohibida cualquier utilizaci?n, >>> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin >>> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha >>> recibido este mensaje por error, le rogamos nos lo notifique >>> inmediatamente por la misma v?a y proceda a su eliminaci?n. >>> --- >>> >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/listinfo/mailscanner >>> >>> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> -- >> Rely On Us. >> ImproMed LLC >> Henry Schein Animal Health >> -- >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From carles at unlimitedmail.org Fri Aug 12 16:00:04 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Fri, 12 Aug 2016 18:00:04 +0200 Subject: Not existing Incoming Work Dir Message-ID: <155fc6d9-4b9c-90f0-d31c-104ef4026bff@unlimitedmail.org> Hello, I usually change the Incoming Work Dir of the MailScanner configuration using a value like this for obtain a better server performance: Incoming Work Dir = /dev/shm/MailScanner/incoming The problem is that when I reset the server, MailScanner doesn't go because this directory desapears. I have to create it manually. Would it be possible that MailScanner creates this directory automatically if it doesn't exists? Thanks. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From jerry.benton at mailborder.com Fri Aug 12 16:35:37 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Fri, 12 Aug 2016 09:35:37 -0700 Subject: Not existing Incoming Work Dir In-Reply-To: <155fc6d9-4b9c-90f0-d31c-104ef4026bff@unlimitedmail.org> References: <155fc6d9-4b9c-90f0-d31c-104ef4026bff@unlimitedmail.org> Message-ID: Is that a RAMDISK? MailScanner v5 supports RAMDISKs. Check /etc/MailScanner/defaults for the logic - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?[SOLTECSIS] Carles Xavier Munyoz Bald? Reply:?MailScanner Discussion Date:?August 12, 2016 at 12:00:22 PM To:?mailscanner at lists.mailscanner.info Subject:? Not existing Incoming Work Dir > Hello, > I usually change the Incoming Work Dir of the MailScanner configuration > using a value like this for obtain a better server performance: > Incoming Work Dir = /dev/shm/MailScanner/incoming > > The problem is that when I reset the server, MailScanner doesn't go > because this directory desapears. I have to create it manually. > > Would it be possible that MailScanner creates this directory > automatically if it doesn't exists? > > Thanks. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, > siendo para uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier > utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de > esta comunicaci?n sin autorizaci?n expresa en virtud de la > legislaci?n vigente. Si ha recibido este mensaje por error, > le rogamos nos lo notifique inmediatamente por la misma v?a > y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From jerry.benton at mailborder.com Sat Aug 13 15:49:54 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 13 Aug 2016 08:49:54 -0700 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> <1861348414.16203.1471010649162.JavaMail.zimbra@hedman.fi> Message-ID: Can someone directly email me a ESETS license file so I can get this done this weekend? Carles sent me the software, but no license file. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?[SOLTECSIS] Carles Xavier Munyoz Bald? Reply:?MailScanner Discussion Date:?August 12, 2016 at 10:44:27 AM To:?mailscanner at lists.mailscanner.info Subject:? Re: MailScanner and ESET-Nod32 antivirus. > Hi, > I have just sent you a private e-mail with all this. > > Thank you very much. > > > El 12/08/16 a las 16:08, Jerry Benton escribi?: > > I am working on another wrapper today. I will take a look at it but > > someone has to send me a private email with the link to download the > > full version of the software along with a license key. > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From: Kimmo Hedman > > Reply: MailScanner Discussion > > Date: August 12, 2016 at 10:05:53 AM > > To: MailScanner Discussion > > Subject: Re: MailScanner and ESET-Nod32 antivirus. > > > >> > >> > >> ----- Original Message ----- > >> From: "Scott B. Anderson" > >> To: "MailScanner Discussion" > >> Sent: Friday, August 12, 2016 4:52:19 PM > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> > >> I also use ESET products commercially and would like instructions on how to set up the > >> code to use it. > >> > >> Scott > >> > >> > >> -----Original Message----- > >> From: MailScanner [mailto:mailscanner-bounces+sbanderson=impromed.com at lists.mailscanner.info] > >> On Behalf Of Jerry Benton > >> Sent: Friday, August 12, 2016 7:02 AM > >> To: MailScanner Discussion > >> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >> > >> I sent you a private email. > >> > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> +1 - 844-436-6245 > >> > >> > >> -----Original Message----- > >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? > >> Reply: MailScanner Discussion > >> Date: August 12, 2016 at 7:41:14 AM > >> To: mailscanner at lists.mailscanner.info > >> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >> > >>> Hello, > >>> Please, may someone help me with this issue? > >>> > >>> ESET-Nod32 is a great antivirus and I would like to use it with MailScanner. > >>> > >>> The problem is with the last version of MailScanner, I have it going > >>> fine with a previous version of MailScanner. > >>> > >>> Thank you very much in advance. > >>> > >>> > >>> > >>> El 11/08/16 a las 18:45, [SOLTECSIS] Carles Xavier Munyoz Bald? escribi?: > >>>> It is setup this way: > >>>> Virus Scanners = auto > >>>> > >>>> but I have tried putting: > >>>> Virus Scanners = esets > >>>> and doesn't go. > >>>> > >>>> Thanks. > >>>> > >>>> > >>>> El 11/08/16 a las 18:21, Jerry Benton escribi?: > >>>>> Virus scanners = > >>>>> > >>>>> In mailscanner.conf > >>>>> > >>>>> Jerry Benton > >>>>> +1 844-436-6245 > >>>>> > >>>>> Sent from BlueMail > >>>>> > >>>>> On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > >>>>>> wrote: > >>>>> > >>>>> Hi, > >>>>> I'm trying to use the old ESET wrapper file but it doesn't go. > >>>>> > >>>>> I have placed it into: > >>>>> /usr/lib/MailScanner/wrapper > >>>>> > >>>>> > >>>>> And added this line to MailScanner virus.scanners.conf file: > >>>>> esets /usr/lib/MailScanner/wrapper/esets-wrapper > >>>>> /opt/eset/esets/sbin > >>>>> > >>>>> > >>>>> If I launch the wrapper script it seems to go fine, but if I run > >>>>> the command MailScanner --lint it only finds BitDefender and ClamAV > >>>>> virus > >>>>> scanners: > >>>>> Found these virus scanners installed: bitdefender, clamd > >>>>> > >>>>> > >>>>> What must I do for have support for ESET-Nod32 in the last version > >>>>> of MailScanner? > >>>>> > >>>>> Thank you very much for your help. > >>>>> > >>>>> > >>>>> > >>>>> El 09/08/16 a las 18:28, Kevin Miller escribi?: > >>>>> > >>>>> Fair enough. > >>>>> I'd still advocate for a historical, "use at your own risk" page > >>>>> though... > >>>>> > >>>>> ...Kevin > >>>>> -- > >>>>> ! Kevin Miller > >>>>> Network/email Administrator, CBJ MIS Dept. > >>>>> 155 South Seward Street > >>>>> Juneau, Alaska 99801 > >>>>> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >>>>> No: 307357 > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: MailScanner > >>>>> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >>>>> @lists.mailscanner.info] On Behalf Of Jerry Benton > >>>>> Sent: Tuesday, August 09, 2016 8:17 AM > >>>>> To: MailScanner Discussion > >>>>> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >>>>> > >>>>> Same logic applies to being able to test them. I announced what was > >>>>> being removed and what was staying well in advance of v5 being > >>>>> released. As usual, crickets from the community. So, I will > >>>>> reiterate: > >>>>> > >>>>> If there is a virus scanner not on the list that you would like > >>>>> included, please provide me with a wrapper that you have tested and > >>>>> confirmed is functional with MailScanner and I will add it to the > >>>>> current distribution. > >>>>> > >>>>> > >>>>> - > >>>>> Jerry Benton > >>>>> ! www.mailborder.com > >>>>> +1 - 844-436-6245 > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: Kevin Miller > >>>>> Reply: MailScanner Discussion > >>>>> Date: August 9, 2016 at 12:12:57 PM > >>>>> To: mailscanner at lists.mailscanner.info > >>>>> > >>>>> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >>>>> > >>>>> I agree. If one is doing an upgrade they may have easy access to > >>>>> the old wrapper but if it's a new installation they have to > >>>>> reinvent the wheel. > >>>>> > >>>>> Some of the older wrappers no longer work anymore - I had to redo > >>>>> the f-secure wrappers some years back so I can understand removing > >>>>> obsolete code that nobody is using (or at least *shouldn't* be > >>>>> using) but for working code, there's no real cost to leave it > >>>>> intact. > >>>>> > >>>>> Perhaps it would be helpful to have a download page for > >>>>> additional/historical wrappers if it isn't bundled with the current > >>>>> stable version... > >>>>> > >>>>> ...Kevin > >>>>> -- > >>>>> Kevin Miller > >>>>> Network/email Administrator, CBJ MIS Dept. > >>>>> 155 South Seward Street > >>>>> Juneau, Alaska 99801 > >>>>> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >>>>> No: > >>>>> 307357 > >>>>> > >>>>> -----Original Message----- > >>>>> From: MailScanner > >>>>> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >>>>> @lists.mailscanner. > >>>>> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > >>>>> Sent: Tuesday, August 09, 2016 7:37 AM > >>>>> To: mailscanner at lists.mailscanner.info > >>>>> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >>>>> > >>>>> Hi, > >>>>> I don't understand the reason for that. > >>>>> It is very surprising for me. > >>>>> For which reason have you removed all the commercial virus scanners > >>>>> support from MailScanner? > >>>>> > >>>>> I believe that it is good that the ! system administrator can > >>>>> install free and commercial virus scanners. > >>>>> > >>>>> Best regards. > >>>>> > >>>>> > >>>>> > >>>>> El 09/08/16 a las 17:21, Jerry Benton escribi?: > >>>>> > >>>>> All commercial virus scanners were removed. You can copy your old > >>>>> wrapper to the new MailScanner structure, edit the > >>>>> virus.scanner.conf, and add it to your configuration. > >>>>> > >>>>> > >>>>> - > >>>>> Jerry Benton > >>>>> www.mailborder.com > >>>>> +1 - 844-436-6245 > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: [SOLTECSIS] Carles Xavier Munyoz Bald? > >>>>> > >>>>> Reply: MailScanner Discussion > >>>>> Date: August 9, 2016 at 10:32:39 AM > >>>>> To: MailScanner Discussion > >>>>> Subject: MailScanner and ESET-Nod32 antivirus. > >>>>> > >>>>> ESET-Nod32 > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> Saludos. > >>>>> ------------------------------------------------------------------- > >>>>> ----- > >>>>> > >>>>> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > >>>>> Carles Xavier Munyoz Bald? > >>>>> Departamento de I+D+I > >>>>> Tel./Fax: 966 446 046 > >>>>> cmunyoz at soltecsis.com > >>>>> www.soltecsis.com > >>>>> ------------------------------------------------------------------- > >>>>> ----- > >>>>> > >>>>> > >>>>> --- > >>>>> La informaci?n contenida en este e-mail es confidencial, siendo > >>>>> para uso exclusivo del destinatario arriba mencionado. > >>>>> Le informamos que est? totalmente prohibida cualquier utilizaci?n, > >>>>> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > >>>>> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > >>>>> recibido este mensaje por error, le rogamos nos lo notifique > >>>>> inmediatamente por la misma v?a y proceda a su eliminaci?n. > >>>>> --- > >>>>> > >>>>> > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/listinfo/mailscanner > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/listinfo/mailscanner > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/listinfo/mailscanner > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>> > >>>> > >>> > >>> > >>> -- > >>> Saludos. > >>> ======================================== > >>> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > >>> Carles Xavier Munyoz Bald? > >>> Departamento de I+D+I > >>> Tel./Fax: 966 446 046 > >>> cmunyoz at soltecsis.com > >>> www.soltecsis.com > >>> ======================================== > >>> > >>> --- > >>> La informaci?n contenida en este e-mail es confidencial, siendo para > >>> uso exclusivo del destinatario arriba mencionado. > >>> Le informamos que est? totalmente prohibida cualquier utilizaci?n, > >>> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > >>> autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > >>> recibido este mensaje por error, le rogamos nos lo notifique > >>> inmediatamente por la misma v?a y proceda a su eliminaci?n. > >>> --- > >>> > >>> > >>> -- > >>> MailScanner mailing list > >>> mailscanner at lists.mailscanner.info > >>> http://lists.mailscanner.info/listinfo/mailscanner > >>> > >>> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> -- > >> Rely On Us. > >> ImproMed LLC > >> Henry Schein Animal Health > >> -- > >> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > > > > > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, > siendo para uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier > utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de > esta comunicaci?n sin autorizaci?n expresa en virtud de la > legislaci?n vigente. Si ha recibido este mensaje por error, > le rogamos nos lo notifique inmediatamente por la misma v?a > y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From jorgeaaq at gmail.com Sat Aug 13 15:55:45 2016 From: jorgeaaq at gmail.com (Jorge Amador Arenas Quezada) Date: Sat, 13 Aug 2016 10:55:45 -0500 Subject: MailScanner and ESET-Nod32 antivirus. In-Reply-To: References: <6835cb50-7de9-00e0-d03b-803517ee58c1@unlimitedmail.org> <370a0973-7845-10f6-ca45-e8ff037ffe9d@unlimitedmail.org> <3a129e1b-5aff-08b1-3605-d7024a94cafa@unlimitedmail.org> <1861348414.16203.1471010649162.JavaMail.zimbra@hedman.fi> Message-ID: <003001d1f57b$27c80ee0$77582ca0$@gmail.com> Jerry: I cannot find your email Jorge Arenas jorgeaaq at gmail.com -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+jorgeaaq=gmail.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Saturday, August 13, 2016 10:50 AM To: [SOLTECSIS] Carles Xavier Munyoz Bald? ; MailScanner Discussion Subject: Re: MailScanner and ESET-Nod32 antivirus. Can someone directly email me a ESETS license file so I can get this done this weekend? Carles sent me the software, but no license file. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From: [SOLTECSIS] Carles Xavier Munyoz Bald? Reply: MailScanner Discussion Date: August 12, 2016 at 10:44:27 AM To: mailscanner at lists.mailscanner.info Subject: Re: MailScanner and ESET-Nod32 antivirus. > Hi, > I have just sent you a private e-mail with all this. > > Thank you very much. > > > El 12/08/16 a las 16:08, Jerry Benton escribi?: > > I am working on another wrapper today. I will take a look at it but > > someone has to send me a private email with the link to download the > > full version of the software along with a license key. > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From: Kimmo Hedman > > Reply: MailScanner Discussion > > Date: August 12, 2016 at 10:05:53 AM > > To: MailScanner Discussion > > Subject: Re: MailScanner and ESET-Nod32 antivirus. > > > >> > >> > >> ----- Original Message ----- > >> From: "Scott B. Anderson" > >> To: "MailScanner Discussion" > >> Sent: Friday, August 12, 2016 4:52:19 PM > >> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >> > >> I also use ESET products commercially and would like instructions > >> on how to set up the code to use it. > >> > >> Scott > >> > >> > >> -----Original Message----- > >> From: MailScanner > >> [mailto:mailscanner-bounces+sbanderson=impromed.com at lists.mailscann > >> er.info] > >> On Behalf Of Jerry Benton > >> Sent: Friday, August 12, 2016 7:02 AM > >> To: MailScanner Discussion > >> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >> > >> I sent you a private email. > >> > >> > >> - > >> Jerry Benton > >> www.mailborder.com > >> +1 - 844-436-6245 > >> > >> > >> -----Original Message----- > >> From: [SOLTECSIS] Carles Xavier Munyoz Bald? > >> Reply: MailScanner Discussion > >> Date: August 12, 2016 at 7:41:14 AM > >> To: mailscanner at lists.mailscanner.info > >> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >> > >>> Hello, > >>> Please, may someone help me with this issue? > >>> > >>> ESET-Nod32 is a great antivirus and I would like to use it with MailScanner. > >>> > >>> The problem is with the last version of MailScanner, I have it > >>> going fine with a previous version of MailScanner. > >>> > >>> Thank you very much in advance. > >>> > >>> > >>> > >>> El 11/08/16 a las 18:45, [SOLTECSIS] Carles Xavier Munyoz Bald? escribi?: > >>>> It is setup this way: > >>>> Virus Scanners = auto > >>>> > >>>> but I have tried putting: > >>>> Virus Scanners = esets > >>>> and doesn't go. > >>>> > >>>> Thanks. > >>>> > >>>> > >>>> El 11/08/16 a las 18:21, Jerry Benton escribi?: > >>>>> Virus scanners = > >>>>> > >>>>> In mailscanner.conf > >>>>> > >>>>> Jerry Benton > >>>>> +1 844-436-6245 > >>>>> > >>>>> Sent from BlueMail > >>>>> > >>>>> On Aug 11, 2016, at 12:19, "[SOLTECSIS] Carles Xavier Munyoz Bald?" > >>>>>> wrote: > >>>>> > >>>>> Hi, > >>>>> I'm trying to use the old ESET wrapper file but it doesn't go. > >>>>> > >>>>> I have placed it into: > >>>>> /usr/lib/MailScanner/wrapper > >>>>> > >>>>> > >>>>> And added this line to MailScanner virus.scanners.conf file: > >>>>> esets /usr/lib/MailScanner/wrapper/esets-wrapper > >>>>> /opt/eset/esets/sbin > >>>>> > >>>>> > >>>>> If I launch the wrapper script it seems to go fine, but if I run > >>>>> the command MailScanner --lint it only finds BitDefender and > >>>>> ClamAV virus > >>>>> scanners: > >>>>> Found these virus scanners installed: bitdefender, clamd > >>>>> > >>>>> > >>>>> What must I do for have support for ESET-Nod32 in the last > >>>>> version of MailScanner? > >>>>> > >>>>> Thank you very much for your help. > >>>>> > >>>>> > >>>>> > >>>>> El 09/08/16 a las 18:28, Kevin Miller escribi?: > >>>>> > >>>>> Fair enough. > >>>>> I'd still advocate for a historical, "use at your own risk" page > >>>>> though... > >>>>> > >>>>> ...Kevin > >>>>> -- > >>>>> ! Kevin Miller > >>>>> Network/email Administrator, CBJ MIS Dept. > >>>>> 155 South Seward Street > >>>>> Juneau, Alaska 99801 > >>>>> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >>>>> No: 307357 > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: MailScanner > >>>>> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >>>>> @lists.mailscanner.info] On Behalf Of Jerry Benton > >>>>> Sent: Tuesday, August 09, 2016 8:17 AM > >>>>> To: MailScanner Discussion > >>>>> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >>>>> > >>>>> Same logic applies to being able to test them. I announced what > >>>>> was being removed and what was staying well in advance of v5 > >>>>> being released. As usual, crickets from the community. So, I > >>>>> will > >>>>> reiterate: > >>>>> > >>>>> If there is a virus scanner not on the list that you would like > >>>>> included, please provide me with a wrapper that you have tested > >>>>> and confirmed is functional with MailScanner and I will add it > >>>>> to the current distribution. > >>>>> > >>>>> > >>>>> - > >>>>> Jerry Benton > >>>>> ! www.mailborder.com > >>>>> +1 - 844-436-6245 > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: Kevin Miller > >>>>> Reply: MailScanner Discussion > >>>>> Date: August 9, 2016 at 12:12:57 PM > >>>>> To: mailscanner at lists.mailscanner.info > >>>>> > >>>>> Subject: RE: MailScanner and ESET-Nod32 antivirus. > >>>>> > >>>>> I agree. If one is doing an upgrade they may have easy access to > >>>>> the old wrapper but if it's a new installation they have to > >>>>> reinvent the wheel. > >>>>> > >>>>> Some of the older wrappers no longer work anymore - I had to > >>>>> redo the f-secure wrappers some years back so I can understand > >>>>> removing obsolete code that nobody is using (or at least > >>>>> *shouldn't* be > >>>>> using) but for working code, there's no real cost to leave it > >>>>> intact. > >>>>> > >>>>> Perhaps it would be helpful to have a download page for > >>>>> additional/historical wrappers if it isn't bundled with the > >>>>> current stable version... > >>>>> > >>>>> ...Kevin > >>>>> -- > >>>>> Kevin Miller > >>>>> Network/email Administrator, CBJ MIS Dept. > >>>>> 155 South Seward Street > >>>>> Juneau, Alaska 99801 > >>>>> Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User > >>>>> No: > >>>>> 307357 > >>>>> > >>>>> -----Original Message----- > >>>>> From: MailScanner > >>>>> [mailto:mailscanner-bounces+kevin.miller=juneau.org > >>>>> @lists.mailscanner. > >>>>> info] On Behalf Of [SOLTECSIS] Carles Xavier Munyoz Bald? > >>>>> Sent: Tuesday, August 09, 2016 7:37 AM > >>>>> To: mailscanner at lists.mailscanner.info > >>>>> Subject: Re: MailScanner and ESET-Nod32 antivirus. > >>>>> > >>>>> Hi, > >>>>> I don't understand the reason for that. > >>>>> It is very surprising for me. > >>>>> For which reason have you removed all the commercial virus > >>>>> scanners support from MailScanner? > >>>>> > >>>>> I believe that it is good that the ! system administrator can > >>>>> install free and commercial virus scanners. > >>>>> > >>>>> Best regards. > >>>>> > >>>>> > >>>>> > >>>>> El 09/08/16 a las 17:21, Jerry Benton escribi?: > >>>>> > >>>>> All commercial virus scanners were removed. You can copy your > >>>>> old wrapper to the new MailScanner structure, edit the > >>>>> virus.scanner.conf, and add it to your configuration. > >>>>> > >>>>> > >>>>> - > >>>>> Jerry Benton > >>>>> www.mailborder.com > >>>>> +1 - 844-436-6245 > >>>>> > >>>>> > >>>>> -----Original Message----- > >>>>> From: [SOLTECSIS] Carles Xavier Munyoz Bald? > >>>>> > >>>>> Reply: MailScanner Discussion > >>>>> Date: August 9, 2016 at 10:32:39 AM > >>>>> To: MailScanner Discussion > >>>>> Subject: MailScanner and ESET-Nod32 antivirus. > >>>>> > >>>>> ESET-Nod32 > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> Saludos. > >>>>> ---------------------------------------------------------------- > >>>>> --- > >>>>> ----- > >>>>> > >>>>> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > >>>>> Carles Xavier Munyoz Bald? > >>>>> Departamento de I+D+I > >>>>> Tel./Fax: 966 446 046 > >>>>> cmunyoz at soltecsis.com > >>>>> www.soltecsis.com > >>>>> ---------------------------------------------------------------- > >>>>> --- > >>>>> ----- > >>>>> > >>>>> > >>>>> --- > >>>>> La informaci?n contenida en este e-mail es confidencial, siendo > >>>>> para uso exclusivo del destinatario arriba mencionado. > >>>>> Le informamos que est? totalmente prohibida cualquier > >>>>> utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta > >>>>> comunicaci?n sin autorizaci?n expresa en virtud de la > >>>>> legislaci?n vigente. Si ha recibido este mensaje por error, le > >>>>> rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. > >>>>> --- > >>>>> > >>>>> > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/listinfo/mailscanner > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/listinfo/mailscanner > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> MailScanner mailing list > >>>>> mailscanner at lists.mailscanner.info > >>>>> http://lists.mailscanner.info/listinfo/mailscanner > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> > >>>> > >>>> > >>> > >>> > >>> -- > >>> Saludos. > >>> ======================================== > >>> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > >>> Carles Xavier Munyoz Bald? > >>> Departamento de I+D+I > >>> Tel./Fax: 966 446 046 > >>> cmunyoz at soltecsis.com > >>> www.soltecsis.com > >>> ======================================== > >>> > >>> --- > >>> La informaci?n contenida en este e-mail es confidencial, siendo > >>> para uso exclusivo del destinatario arriba mencionado. > >>> Le informamos que est? totalmente prohibida cualquier utilizaci?n, > >>> divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n > >>> sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si > >>> ha recibido este mensaje por error, le rogamos nos lo notifique > >>> inmediatamente por la misma v?a y proceda a su eliminaci?n. > >>> --- > >>> > >>> > >>> -- > >>> MailScanner mailing list > >>> mailscanner at lists.mailscanner.info > >>> http://lists.mailscanner.info/listinfo/mailscanner > >>> > >>> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> -- > >> Rely On Us. > >> ImproMed LLC > >> Henry Schein Animal Health > >> -- > >> > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > >> -- > >> MailScanner mailing list > >> mailscanner at lists.mailscanner.info > >> http://lists.mailscanner.info/listinfo/mailscanner > >> > >> > > > > > > > -- > Saludos. > ======================================== > SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. > Carles Xavier Munyoz Bald? > Departamento de I+D+I > Tel./Fax: 966 446 046 > cmunyoz at soltecsis.com > www.soltecsis.com > ======================================== > > --- > La informaci?n contenida en este e-mail es confidencial, siendo para > uso exclusivo del destinatario arriba mencionado. > Le informamos que est? totalmente prohibida cualquier utilizaci?n, > divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin > autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha > recibido este mensaje por error, le rogamos nos lo notifique > inmediatamente por la misma v?a y proceda a su eliminaci?n. > --- > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner From jerry.benton at mailborder.com Sat Aug 13 18:31:51 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 13 Aug 2016 11:31:51 -0700 Subject: Perl Help Message-ID: I am working on the ESETS wrapper now. I have to write a new function to extract certain data as it has changed since the old version that was in the MailScanner code. So ? I need to extract the items between the quotes in this. Can anyone help with the perl regex? name="./1/neicar.com? I need ./1/neicar.com - Jerry Benton www.mailborder.com +1 - 844-436-6245 From iversons at rushville.k12.in.us Sat Aug 13 18:45:13 2016 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sat, 13 Aug 2016 14:45:13 -0400 Subject: Perl Help In-Reply-To: References: Message-ID: How about... s/^name=\"(\.\/1\/neicar\.com)\"$/\1/ On Aug 13, 2016 2:31 PM, "Jerry Benton" wrote: > I am working on the ESETS wrapper now. I have to write a new function > to extract certain data as it has changed since the old version that > was in the MailScanner code. So ? > > I need to extract the items between the quotes in this. Can anyone > help with the perl regex? > > name="./1/neicar.com? > > I need > > ./1/neicar.com > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Sat Aug 13 18:47:51 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 13 Aug 2016 14:47:51 -0400 Subject: Perl Help In-Reply-To: References: Message-ID: The contents between the quotes is dynamic as that would be the virus name. Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 13, 2016, 14:45, at 14:45, Shawn Iverson wrote: >How about... > >s/^name=\"(\.\/1\/neicar\.com)\"$/\1/ > >On Aug 13, 2016 2:31 PM, "Jerry Benton" >wrote: > >> I am working on the ESETS wrapper now. I have to write a new function >> to extract certain data as it has changed since the old version that >> was in the MailScanner code. So ? >> >> I need to extract the items between the quotes in this. Can anyone >> help with the perl regex? >> >> name="./1/neicar.com? >> >> I need >> >> ./1/neicar.com >> >> >> - >> Jerry Benton >> www.mailborder.com >> +1 - 844-436-6245 >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> > > >------------------------------------------------------------------------ > > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From iversons at rushville.k12.in.us Sat Aug 13 18:50:02 2016 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sat, 13 Aug 2016 14:50:02 -0400 Subject: Perl Help In-Reply-To: References: Message-ID: Ok...then... s/^name=\"(.*)\"$/\1/ On Aug 13, 2016 2:48 PM, "Jerry Benton" wrote: > The contents between the quotes is dynamic as that would be the virus > name. > > Jerry Benton > +1 844-436-6245 > > Sent from BlueMail > > On Aug 13, 2016, at 14:45, Shawn Iverson > wrote: >> >> How about... >> >> s/^name=\"(\.\/1\/neicar\.com)\"$/\1/ >> >> On Aug 13, 2016 2:31 PM, "Jerry Benton" >> wrote: >> >>> I am working on the ESETS wrapper now. I have to write a new function >>> to extract certain data as it has changed since the old version that >>> was in the MailScanner code. So ? >>> >>> I need to extract the items between the quotes in this. Can anyone >>> help with the perl regex? >>> >>> name="./1/neicar.com? >>> >>> I need >>> >>> ./1/neicar.com >>> >>> >>> - >>> Jerry Benton >>> www.mailborder.com >>> +1 - 844-436-6245 >>> >>> >>> -- >>> MailScanner mailing list >>> mailscanner at lists.mailscanner.info >>> http://lists.mailscanner.info/listinfo/mailscanner >>> >>> >> > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Sat Aug 13 19:15:18 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 13 Aug 2016 15:15:18 -0400 Subject: Perl Help In-Reply-To: References: Message-ID: <4a39bad4-27ab-4716-9b00-559d34fb3403@typeapp.com> Thanks. I will give both suggestions a try Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 13, 2016, 14:50, at 14:50, Shawn Iverson wrote: >Ok...then... > >s/^name=\"(.*)\"$/\1/ > >On Aug 13, 2016 2:48 PM, "Jerry Benton" >wrote: > >> The contents between the quotes is dynamic as that would be the virus >> name. >> >> Jerry Benton >> +1 844-436-6245 >> >> Sent from BlueMail >> >> On Aug 13, 2016, at 14:45, Shawn Iverson > >> wrote: >>> >>> How about... >>> >>> s/^name=\"(\.\/1\/neicar\.com)\"$/\1/ >>> >>> On Aug 13, 2016 2:31 PM, "Jerry Benton" > >>> wrote: >>> >>>> I am working on the ESETS wrapper now. I have to write a new >function >>>> to extract certain data as it has changed since the old version >that >>>> was in the MailScanner code. So ? >>>> >>>> I need to extract the items between the quotes in this. Can anyone >>>> help with the perl regex? >>>> >>>> name="./1/neicar.com? >>>> >>>> I need >>>> >>>> ./1/neicar.com >>>> >>>> >>>> - >>>> Jerry Benton >>>> www.mailborder.com >>>> +1 - 844-436-6245 >>>> >>>> >>>> -- >>>> MailScanner mailing list >>>> mailscanner at lists.mailscanner.info >>>> http://lists.mailscanner.info/listinfo/mailscanner >>>> >>>> >>> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> > > >------------------------------------------------------------------------ > > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Sun Aug 14 16:39:17 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 15 Aug 2016 01:39:17 +0900 Subject: MailScanner v5.0.3-7 Message-ID: I have tested these, but I would like some verification before I post them as releases. 08/14/2016 Changes in ? ?v5.0.3-7 ================================== - updated init script to include a time-wait for pid files during ? process reloads and restarts - updated Message.pm to correctly prepend phishing notices in email ? subject - added avast virus scanner support - added esets virus scanner support - added new function InitClamdParser to SweepViruses.pm - added new function ProcessClamdOutput to SweepViruses.pm Debian:?https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.deb.tar.gz RHEL:?https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.rhel.tar.gz SuSE:?https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.suse.tar.gz NIX:?https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz - Jerry Benton www.mailborder.com +1 - 844-436-6245 From jerry.benton at mailborder.com Sun Aug 14 16:59:22 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 15 Aug 2016 01:59:22 +0900 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: P.S. Add the avast user to the mtagroup group if using Avast. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Jerry Benton Reply:?Jerry Benton Date:?August 14, 2016 at 12:39:17 PM To:?MailScanner Discussion Subject:? MailScanner v5.0.3-7 > I have tested these, but I would like some verification before I post them as releases. > > > 08/14/2016 Changes in v5.0.3-7 > ================================== > - updated init script to include a time-wait for pid files during > process reloads and restarts > - updated Message.pm to correctly prepend phishing notices in email > subject > - added avast virus scanner support > - added esets virus scanner support > - added new function InitClamdParser to SweepViruses.pm > - added new function ProcessClamdOutput to SweepViruses.pm > > > Debian: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.deb.tar.gz > RHEL: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.rhel.tar.gz > SuSE: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.suse.tar.gz > NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > From iversons at rushville.k12.in.us Sun Aug 14 21:21:47 2016 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sun, 14 Aug 2016 17:21:47 -0400 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: Running on 5.0.3-7 So far looks good. I am unable to test avast/esets since I do not have those. time-wait appears to be working I am testing the phishing...I am having some difficulty with this one. I am seeing this when I try to trigger... ... Aug 14 17:14:11 smtp MailScanner[4242]: Found phishing fraud from http://example.org/ claiming to be www.someortherwebsite.org in 258C8100083.AC563 Aug 14 17:14:11 smtp MailScanner[4104]: Content Checks: Detected and have disarmed phishing tags in HTML message in 258C8100083.AC563 ... All well and good in the log itself, except the email that is delivered is the unmodified original. The phishing fraud is not being highlighted, and the {Fraud?} prefix is not prepended :/ I have the following in MailScanner.conf: Find Phishing Fraud = yes Also Find Numeric Phishing = yes Use Stricter Phishing Net = yes Highlight Phishing Fraud = yes Phishing Modify Subject = start Phishing Subject Text = {Fraud?} Poking around system to see what is happening.... On Sun, Aug 14, 2016 at 12:39 PM, Jerry Benton wrote: > I have tested these, but I would like some verification before I post > them as releases. > > > 08/14/2016 Changes in v5.0.3-7 > ================================== > - updated init script to include a time-wait for pid files during > process reloads and restarts > - updated Message.pm to correctly prepend phishing notices in email > subject > - added avast virus scanner support > - added esets virus scanner support > - added new function InitClamdParser to SweepViruses.pm > - added new function ProcessClamdOutput to SweepViruses.pm > > > Debian: https://s3.amazonaws.com/msv5/release/MailScanner- > 5.0.3-7.deb.tar.gz > RHEL: https://s3.amazonaws.com/msv5/release/MailScanner- > 5.0.3-7.rhel.tar.gz > SuSE: https://s3.amazonaws.com/msv5/release/MailScanner- > 5.0.3-7.suse.tar.gz > NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- Shawn Iverson Director of Technology Rush County Schools 765-932-3901 x271 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From iversons at rushville.k12.in.us Sun Aug 14 21:34:34 2016 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sun, 14 Aug 2016 17:34:34 -0400 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: Ok it is working.... Helps to examine the HTML version of the email..lol In this case it is using {Disarmed} instead of {Fraud} Looks good... On Sun, Aug 14, 2016 at 5:21 PM, Shawn Iverson wrote: > Running on 5.0.3-7 > > So far looks good. I am unable to test avast/esets since I do not have > those. > > time-wait appears to be working > > I am testing the phishing...I am having some difficulty with this one. > > I am seeing this when I try to trigger... > > ... > Aug 14 17:14:11 smtp MailScanner[4242]: Found phishing fraud from > http://example.org/ claiming to be www.someortherwebsite.org in > 258C8100083.AC563 > Aug 14 17:14:11 smtp MailScanner[4104]: Content Checks: Detected and have > disarmed phishing tags in HTML message in 258C8100083.AC563 ... > > All well and good in the log itself, except the email that is delivered is > the unmodified original. The phishing fraud is not being highlighted, and > the {Fraud?} prefix is not prepended :/ > > I have the following in MailScanner.conf: > > Find Phishing Fraud = yes > Also Find Numeric Phishing = yes > Use Stricter Phishing Net = yes > Highlight Phishing Fraud = yes > Phishing Modify Subject = start > Phishing Subject Text = {Fraud?} > > Poking around system to see what is happening.... > > > > > On Sun, Aug 14, 2016 at 12:39 PM, Jerry Benton < > jerry.benton at mailborder.com> wrote: > >> I have tested these, but I would like some verification before I post >> them as releases. >> >> >> 08/14/2016 Changes in v5.0.3-7 >> ================================== >> - updated init script to include a time-wait for pid files during >> process reloads and restarts >> - updated Message.pm to correctly prepend phishing notices in email >> subject >> - added avast virus scanner support >> - added esets virus scanner support >> - added new function InitClamdParser to SweepViruses.pm >> - added new function ProcessClamdOutput to SweepViruses.pm >> >> >> Debian: https://s3.amazonaws.com/msv5/release/MailScanner-5. >> 0.3-7.deb.tar.gz >> RHEL: https://s3.amazonaws.com/msv5/release/MailScanner-5.0. >> 3-7.rhel.tar.gz >> SuSE: https://s3.amazonaws.com/msv5/release/MailScanner-5.0. >> 3-7.suse.tar.gz >> NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz >> >> >> - >> Jerry Benton >> www.mailborder.com >> +1 - 844-436-6245 >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> > > > -- > Shawn Iverson > Director of Technology > Rush County Schools > 765-932-3901 x271 > iversons at rushville.k12.in.us > > > -- Shawn Iverson Director of Technology Rush County Schools 765-932-3901 x271 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailscanner-list at okla.com Sun Aug 14 21:50:06 2016 From: mailscanner-list at okla.com (Tracy Greggs) Date: Sun, 14 Aug 2016 16:50:06 -0500 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: <017901d1f675$d5282700$7f787500$@okla.com> I want to take a moment to publicly thank Jerry for taking time to work on the Avast wrapper. Thanks Jerry! I found it only fair to make a reasonable donation for his time and effort. I don't really want to demean the list for the lack of financial contributions to the project but at the same time it has come to my attention that the sum total of ALL donations over the past few years is $110.00 US Exchange 2016 Standard with 5 CAL's is like 1000.00 and then its maybe 70.00/seat after that. It would be nice for some of us with a bit of an IT budget or those of thus that utilize the software for clients purposes to contribute some $$$ to the project. Mailborder incident support is like $399.00 and that was the donation which I gave. Jerry spend 3 freakin days working on the Avast wrapper. I know I wouldn't do client work for 3 days for 399.00 and I doubt anyone else on this list would either. Love you all, don't flame me for this post please. I just really feel bad for Jerry when 110.00 in a few years is all that was donated. This is a great project that has been ongoing since 2001. There isn't any other open source or commercial product that compares really. Why not donate a few bucks to help the cause? Best wishes for everyone, Tracy Greggs Oklahoma Network Consulting -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+mailscanner-list=okla.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Sunday, August 14, 2016 11:39 AM To: MailScanner Discussion Subject: MailScanner v5.0.3-7 I have tested these, but I would like some verification before I post them as releases. 08/14/2016 Changes in v5.0.3-7 ================================== - updated init script to include a time-wait for pid files during process reloads and restarts - updated Message.pm to correctly prepend phishing notices in email subject - added avast virus scanner support - added esets virus scanner support - added new function InitClamdParser to SweepViruses.pm - added new function ProcessClamdOutput to SweepViruses.pm Debian: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.deb.tar.gz RHEL: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.rhel.tar.gz SuSE: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.suse.tar.gz NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz - Jerry Benton www.mailborder.com +1 - 844-436-6245 -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From jerry.benton at mailborder.com Mon Aug 15 00:26:39 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sun, 14 Aug 2016 17:26:39 -0700 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: Mark, Changed that a bit. Let?s hope he chimes in. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Shawn Iverson Reply:?MailScanner Discussion Date:?August 14, 2016 at 5:22:15 PM To:?MailScanner Discussion Subject:? Re: MailScanner v5.0.3-7 > Running on 5.0.3-7 > > So far looks good. I am unable to test avast/esets since I do not have > those. > > time-wait appears to be working > > I am testing the phishing...I am having some difficulty with this one. > > I am seeing this when I try to trigger... > > ... > Aug 14 17:14:11 smtp MailScanner[4242]: Found phishing fraud from > http://example.org/ claiming to be www.someortherwebsite.org in > 258C8100083.AC563 > Aug 14 17:14:11 smtp MailScanner[4104]: Content Checks: Detected and have > disarmed phishing tags in HTML message in 258C8100083.AC563 ... > > All well and good in the log itself, except the email that is delivered is > the unmodified original. The phishing fraud is not being highlighted, and > the {Fraud?} prefix is not prepended :/ > > I have the following in MailScanner.conf: > > Find Phishing Fraud = yes > Also Find Numeric Phishing = yes > Use Stricter Phishing Net = yes > Highlight Phishing Fraud = yes > Phishing Modify Subject = start > Phishing Subject Text = {Fraud?} > > Poking around system to see what is happening.... > > > > > On Sun, Aug 14, 2016 at 12:39 PM, Jerry Benton > wrote: > > > I have tested these, but I would like some verification before I post > > them as releases. > > > > > > 08/14/2016 Changes in v5.0.3-7 > > ================================== > > - updated init script to include a time-wait for pid files during > > process reloads and restarts > > - updated Message.pm to correctly prepend phishing notices in email > > subject > > - added avast virus scanner support > > - added esets virus scanner support > > - added new function InitClamdParser to SweepViruses.pm > > - added new function ProcessClamdOutput to SweepViruses.pm > > > > > > Debian: https://s3.amazonaws.com/msv5/release/MailScanner- > > 5.0.3-7.deb.tar.gz > > RHEL: https://s3.amazonaws.com/msv5/release/MailScanner- > > 5.0.3-7.rhel.tar.gz > > SuSE: https://s3.amazonaws.com/msv5/release/MailScanner- > > 5.0.3-7.suse.tar.gz > > NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > Shawn Iverson > Director of Technology > Rush County Schools > 765-932-3901 x271 > iversons at rushville.k12.in.us > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From jerry.benton at mailborder.com Mon Aug 15 00:27:43 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sun, 14 Aug 2016 17:27:43 -0700 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: I mean to say ? Mark changed the subject tagging behavior for phishing a bit. Lets hope he chimes in. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Jerry Benton Reply:?Jerry Benton Date:?August 14, 2016 at 8:26:39 PM To:?MailScanner Discussion Subject:? Re: MailScanner v5.0.3-7 > Mark, > > Changed that a bit. Let?s hope he chimes in. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Shawn Iverson > Reply: MailScanner Discussion > Date: August 14, 2016 at 5:22:15 PM > To: MailScanner Discussion > Subject: Re: MailScanner v5.0.3-7 > > > Running on 5.0.3-7 > > > > So far looks good. I am unable to test avast/esets since I do not have > > those. > > > > time-wait appears to be working > > > > I am testing the phishing...I am having some difficulty with this one. > > > > I am seeing this when I try to trigger... > > > > ... > > Aug 14 17:14:11 smtp MailScanner[4242]: Found phishing fraud from > > http://example.org/ claiming to be www.someortherwebsite.org in > > 258C8100083.AC563 > > Aug 14 17:14:11 smtp MailScanner[4104]: Content Checks: Detected and have > > disarmed phishing tags in HTML message in 258C8100083.AC563 ... > > > > All well and good in the log itself, except the email that is delivered is > > the unmodified original. The phishing fraud is not being highlighted, and > > the {Fraud?} prefix is not prepended :/ > > > > I have the following in MailScanner.conf: > > > > Find Phishing Fraud = yes > > Also Find Numeric Phishing = yes > > Use Stricter Phishing Net = yes > > Highlight Phishing Fraud = yes > > Phishing Modify Subject = start > > Phishing Subject Text = {Fraud?} > > > > Poking around system to see what is happening.... > > > > > > > > > > On Sun, Aug 14, 2016 at 12:39 PM, Jerry Benton > > wrote: > > > > > I have tested these, but I would like some verification before I post > > > them as releases. > > > > > > > > > 08/14/2016 Changes in v5.0.3-7 > > > ================================== > > > - updated init script to include a time-wait for pid files during > > > process reloads and restarts > > > - updated Message.pm to correctly prepend phishing notices in email > > > subject > > > - added avast virus scanner support > > > - added esets virus scanner support > > > - added new function InitClamdParser to SweepViruses.pm > > > - added new function ProcessClamdOutput to SweepViruses.pm > > > > > > > > > Debian: https://s3.amazonaws.com/msv5/release/MailScanner- > > > 5.0.3-7.deb.tar.gz > > > RHEL: https://s3.amazonaws.com/msv5/release/MailScanner- > > > 5.0.3-7.rhel.tar.gz > > > SuSE: https://s3.amazonaws.com/msv5/release/MailScanner- > > > 5.0.3-7.suse.tar.gz > > > NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz > > > > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > +1 - 844-436-6245 > > > > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > > > > > -- > > Shawn Iverson > > Director of Technology > > Rush County Schools > > 765-932-3901 x271 > > iversons at rushville.k12.in.us > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > From jerry.benton at mailborder.com Mon Aug 15 00:33:08 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sun, 14 Aug 2016 17:33:08 -0700 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: Shawn, Is the site also in your phishing.safe.sites.custom? of .conf? Note this changed: https://github.com/MailScanner/v5/commit/52d9c4e27e62418251daa4deb219ba132812ce39 - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Shawn Iverson Reply:?MailScanner Discussion Date:?August 14, 2016 at 5:22:15 PM To:?MailScanner Discussion Subject:? Re: MailScanner v5.0.3-7 > Running on 5.0.3-7 > > So far looks good. I am unable to test avast/esets since I do not have > those. > > time-wait appears to be working > > I am testing the phishing...I am having some difficulty with this one. > > I am seeing this when I try to trigger... > > ... > Aug 14 17:14:11 smtp MailScanner[4242]: Found phishing fraud from > http://example.org/ claiming to be www.someortherwebsite.org in > 258C8100083.AC563 > Aug 14 17:14:11 smtp MailScanner[4104]: Content Checks: Detected and have > disarmed phishing tags in HTML message in 258C8100083.AC563 ... > > All well and good in the log itself, except the email that is delivered is > the unmodified original. The phishing fraud is not being highlighted, and > the {Fraud?} prefix is not prepended :/ > > I have the following in MailScanner.conf: > > Find Phishing Fraud = yes > Also Find Numeric Phishing = yes > Use Stricter Phishing Net = yes > Highlight Phishing Fraud = yes > Phishing Modify Subject = start > Phishing Subject Text = {Fraud?} > > Poking around system to see what is happening.... > > > > > On Sun, Aug 14, 2016 at 12:39 PM, Jerry Benton > wrote: > > > I have tested these, but I would like some verification before I post > > them as releases. > > > > > > 08/14/2016 Changes in v5.0.3-7 > > ================================== > > - updated init script to include a time-wait for pid files during > > process reloads and restarts > > - updated Message.pm to correctly prepend phishing notices in email > > subject > > - added avast virus scanner support > > - added esets virus scanner support > > - added new function InitClamdParser to SweepViruses.pm > > - added new function ProcessClamdOutput to SweepViruses.pm > > > > > > Debian: https://s3.amazonaws.com/msv5/release/MailScanner- > > 5.0.3-7.deb.tar.gz > > RHEL: https://s3.amazonaws.com/msv5/release/MailScanner- > > 5.0.3-7.rhel.tar.gz > > SuSE: https://s3.amazonaws.com/msv5/release/MailScanner- > > 5.0.3-7.suse.tar.gz > > NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > Shawn Iverson > Director of Technology > Rush County Schools > 765-932-3901 x271 > iversons at rushville.k12.in.us > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From mailscanner at barendse.to Mon Aug 15 09:19:02 2016 From: mailscanner at barendse.to (Remco Barendse) Date: Mon, 15 Aug 2016 11:19:02 +0200 (CEST) Subject: New server setup, best practice? In-Reply-To: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> References: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> Message-ID: Thanks Alex! How/where do you move the mail older than a couple of days ? What would be the best distro to use, CentOS 6 or 7 ? I read earlier that CentOS 7 broke quite a number of conventions but support wise 7 seem wise ? On Wed, 10 Aug 2016, Alex Neuman van der Hans wrote: > Again, depends so much on the specific circumstance? I just set up a $5/month VPS with it, with 15GB total space, storing only the past couple of days? worth of e-mail for a handful of users. > I?ve also set up systems for thousands of users, with a terabyte of SSD storage for ?local, recent? stuff plus mbox-purge processes exporting stuff to a couple of dozen terabytes of local HDD storage and monthly processes moving > stuff elsewhere using NFS and/or rsync. > > I?d rather mount NFS than SMB for performance/permissions reasons. > > [alexneuman.format_png.resize_120x.png#logo] ??? > Alex Neuman van der Hans?Producer/Host, Vida Digital > +1 (440) 253-9789?|?+507 6781-9505?|?Panama?|alex at vidadigital.com.pa?|?http://vidadigital.com.pa/?|Skype:?alexneuman? > [facebook.png] ?[linkedin.png] ?[twitter.png] ?[pinterest.png] ?[youtube.png] ?[instagram.png] ?[wordpress.png] ?[amazon.png] ?[XT9yavvmRJaZZvINZFTQ_skype.png] ?[wEM3vsigQhq5yev6iwEV_whatsapp.png] > > > > On Aug 10, 2016, at 2:06 PM, Remco Barendse wrote: > > Thanks Alex! > > The choice for CPU/MEM/storage is easy when it's a virtual machine, can move around as needed. Was curious what the recommended disk size is for a MailScanner machine and what people do with archive copies of mail/spam. Mount > an NFS or SMB share to store that or something else? > > Thanks :) > > On Tue, 2 Aug 2016, Alex Neuman van der Hans wrote: > > It really depends on context. Space, CPU and I/O issues can vary greatly from site to site. > If you want to upgrade, look into your biggest bottlenecks first. Sometimes it?s RAM, sometimes it?s disk I/O (where SSD?s would be great), sometimes it?s CPU > power. > In my case I usually go for SSD?s for storing the OS, programs, and mail - and regular hard drives for things like quarantines and such, with scripts moving older > stuff with various protocols (NFS, rsync, FTP) over to long-term storage to make space when needed. > Oh, and it?s not ?virii?. Virus is a ?mass noun?, like ?rice?. ?https://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Virus > [alexneuman.format_png.resize_120x.png#logo] ??? > Alex Neuman van der Hans?Producer/Host, Vida Digital > +1 (440) 253-9789?|?+507 6781-9505?|?Panama?|alex at vidadigital.com.pa?|?http://vidadigital.com.pa/?|Skype:?alexneuman? > [facebook.png] ?[linkedin.png] ?[twitter.png] ?[pinterest.png] ?[youtube.png] ?[instagram.png] ?[wordpress.png] ?[amazon.png] ?[XT9yavvmRJaZZvINZFTQ_skype.png] > ?[wEM3vsigQhq5yev6iwEV_whatsapp.png] > > ?????On Aug 2, 2016, at 5:46 AM, Remco Barendse wrote: > Hi list! > I would like to upgrade the servers that are running MailScanner. > What is the best approach on storage? It will be virtual machines (which i guess is what a lot of people are doing now), how to approach the storage issue, > what would be the best approach / design? What size for the MailScanner root partition etc. ? > I have to keep verbatim copies of anything that goes in or out of the mail servers, i keep the qf/df pairs from sendmail. > I read some people seeing their quarantine getting filled with 7 Gb of virii just in one day, what would be recommended storage sizes and how to deal with > quarantine / archive folders? If it wise or recommended to mount an external volume at /var/spool/MailScanner/quarantine and > /var/spool/MailScanner/archived or is ?there a better way ? > If I have several MailScanner servers, is it OK to keep all spam/archived copies in one and the same mount ? > Will CentOS 7 work flawlessly? Anyone using standard cloud images? > Thanks for any tips / suggestions :>) > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > From iversons at rushville.k12.in.us Mon Aug 15 11:22:20 2016 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Mon, 15 Aug 2016 07:22:20 -0400 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: Jerry, I think all is well. I was using mutt and was looking at the text version of the email. The HTML version is properly tagged and has the {Disarmed} in the subject line. On Sun, Aug 14, 2016 at 8:33 PM, Jerry Benton wrote: > Shawn, > > Is the site also in your phishing.safe.sites.custom? of .conf? > > Note this changed: > https://github.com/MailScanner/v5/commit/52d9c4e27e62418251daa4deb219ba > 132812ce39 > > > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Shawn Iverson > Reply: MailScanner Discussion > Date: August 14, 2016 at 5:22:15 PM > To: MailScanner Discussion > Subject: Re: MailScanner v5.0.3-7 > > > Running on 5.0.3-7 > > > > So far looks good. I am unable to test avast/esets since I do not have > > those. > > > > time-wait appears to be working > > > > I am testing the phishing...I am having some difficulty with this one. > > > > I am seeing this when I try to trigger... > > > > ... > > Aug 14 17:14:11 smtp MailScanner[4242]: Found phishing fraud from > > http://example.org/ claiming to be www.someortherwebsite.org in > > 258C8100083.AC563 > > Aug 14 17:14:11 smtp MailScanner[4104]: Content Checks: Detected and have > > disarmed phishing tags in HTML message in 258C8100083.AC563 ... > > > > All well and good in the log itself, except the email that is delivered > is > > the unmodified original. The phishing fraud is not being highlighted, and > > the {Fraud?} prefix is not prepended :/ > > > > I have the following in MailScanner.conf: > > > > Find Phishing Fraud = yes > > Also Find Numeric Phishing = yes > > Use Stricter Phishing Net = yes > > Highlight Phishing Fraud = yes > > Phishing Modify Subject = start > > Phishing Subject Text = {Fraud?} > > > > Poking around system to see what is happening.... > > > > > > > > > > On Sun, Aug 14, 2016 at 12:39 PM, Jerry Benton > > wrote: > > > > > I have tested these, but I would like some verification before I post > > > them as releases. > > > > > > > > > 08/14/2016 Changes in v5.0.3-7 > > > ================================== > > > - updated init script to include a time-wait for pid files during > > > process reloads and restarts > > > - updated Message.pm to correctly prepend phishing notices in email > > > subject > > > - added avast virus scanner support > > > - added esets virus scanner support > > > - added new function InitClamdParser to SweepViruses.pm > > > - added new function ProcessClamdOutput to SweepViruses.pm > > > > > > > > > Debian: https://s3.amazonaws.com/msv5/release/MailScanner- > > > 5.0.3-7.deb.tar.gz > > > RHEL: https://s3.amazonaws.com/msv5/release/MailScanner- > > > 5.0.3-7.rhel.tar.gz > > > SuSE: https://s3.amazonaws.com/msv5/release/MailScanner- > > > 5.0.3-7.suse.tar.gz > > > NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7. > nix.tar.gz > > > > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > +1 - 844-436-6245 > > > > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > > > > > -- > > Shawn Iverson > > Director of Technology > > Rush County Schools > > 765-932-3901 x271 > > iversons at rushville.k12.in.us > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- Shawn Iverson Director of Technology Rush County Schools 765-932-3901 x271 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex at vidadigital.com.pa Tue Aug 16 04:27:15 2016 From: alex at vidadigital.com.pa (Alex Neuman van der Hans) Date: Mon, 15 Aug 2016 23:27:15 -0500 Subject: New server setup, best practice? In-Reply-To: References: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> Message-ID: <70669A64-726A-496D-BD1F-A5CC7C959D9B@vidadigital.com.pa> How: find /path/to/files* -mtime +5 -exec mv {} \; /path/to/destination That would be one way. Where: Depends on the situation. Sometimes it?s from SSD to HDD, sometimes it?s from local HDD to remote NAS using NFS or CIFS. Best? I like CentOS 5 best just because it remained pretty much the same for over 10 years. That being said, CentOS 7 would be the way to go; you just need to know where to put things. Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | http://vidadigital.com.pa/ |Skype: alexneuman > On Aug 15, 2016, at 4:19 AM, Remco Barendse wrote: > > Thanks Alex! How/where do you move the mail older than a couple of days ? > > What would be the best distro to use, CentOS 6 or 7 ? I read earlier that CentOS 7 broke quite a number of conventions but support wise 7 seem > wise ? > > On Wed, 10 Aug 2016, Alex Neuman van der Hans wrote: > >> Again, depends so much on the specific circumstance? I just set up a $5/month VPS with it, with 15GB total space, storing only the past couple of days? worth of e-mail for a handful of users. >> I?ve also set up systems for thousands of users, with a terabyte of SSD storage for ?local, recent? stuff plus mbox-purge processes exporting stuff to a couple of dozen terabytes of local HDD storage and monthly processes moving >> stuff elsewhere using NFS and/or rsync. >> I?d rather mount NFS than SMB for performance/permissions reasons. >> [alexneuman.format_png.resize_120x.png#logo] >> Alex Neuman van der Hans Producer/Host, Vida Digital >> +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | http://vidadigital.com.pa/ |Skype: alexneuman >> [facebook.png] [linkedin.png] [twitter.png] [pinterest.png] [youtube.png] [instagram.png] [wordpress.png] [amazon.png] [XT9yavvmRJaZZvINZFTQ_skype.png] [wEM3vsigQhq5yev6iwEV_whatsapp.png] >> >> On Aug 10, 2016, at 2:06 PM, Remco Barendse > wrote: >> Thanks Alex! >> The choice for CPU/MEM/storage is easy when it's a virtual machine, can move around as needed. Was curious what the recommended disk size is for a MailScanner machine and what people do with archive copies of mail/spam. Mount >> an NFS or SMB share to store that or something else? >> Thanks :) >> On Tue, 2 Aug 2016, Alex Neuman van der Hans wrote: >> >> It really depends on context. Space, CPU and I/O issues can vary greatly from site to site. >> If you want to upgrade, look into your biggest bottlenecks first. Sometimes it?s RAM, sometimes it?s disk I/O (where SSD?s would be great), sometimes it?s CPU >> power. >> In my case I usually go for SSD?s for storing the OS, programs, and mail - and regular hard drives for things like quarantines and such, with scripts moving older >> stuff with various protocols (NFS, rsync, FTP) over to long-term storage to make space when needed. >> Oh, and it?s not ?virii?. Virus is a ?mass noun?, like ?rice?. https://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Virus >> [alexneuman.format_png.resize_120x.png#logo] >> Alex Neuman van der Hans Producer/Host, Vida Digital >> +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | http://vidadigital.com.pa/ |Skype: alexneuman >> [facebook.png] [linkedin.png] [twitter.png] [pinterest.png] [youtube.png] [instagram.png] [wordpress.png] [amazon.png] [XT9yavvmRJaZZvINZFTQ_skype.png] >> [wEM3vsigQhq5yev6iwEV_whatsapp.png] >> >> On Aug 2, 2016, at 5:46 AM, Remco Barendse wrote: >> Hi list! >> I would like to upgrade the servers that are running MailScanner. >> What is the best approach on storage? It will be virtual machines (which i guess is what a lot of people are doing now), how to approach the storage issue, >> what would be the best approach / design? What size for the MailScanner root partition etc. ? >> I have to keep verbatim copies of anything that goes in or out of the mail servers, i keep the qf/df pairs from sendmail. >> I read some people seeing their quarantine getting filled with 7 Gb of virii just in one day, what would be recommended storage sizes and how to deal with >> quarantine / archive folders? If it wise or recommended to mount an external volume at /var/spool/MailScanner/quarantine and >> /var/spool/MailScanner/archived or is there a better way ? >> If I have several MailScanner servers, is it OK to keep all spam/archived copies in one and the same mount ? >> Will CentOS 7 work flawlessly? Anyone using standard cloud images? >> Thanks for any tips / suggestions :>) >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailscanner-list at okla.com Tue Aug 16 18:34:06 2016 From: mailscanner-list at okla.com (Tracy Greggs) Date: Tue, 16 Aug 2016 13:34:06 -0500 Subject: {Disarmed} Re: New server setup, best practice? In-Reply-To: <70669A64-726A-496D-BD1F-A5CC7C959D9B@vidadigital.com.pa> References: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> <70669A64-726A-496D-BD1F-A5CC7C959D9B@vidadigital.com.pa> Message-ID: <00f101d1f7ec$c8f0c5a0$5ad250e0$@okla.com> If you need the xtables-addons for geoip blocking, it is a major PITA with Centos 7 or RHEL 7. You might want to stick to Centos 6.8 Just my 2 cents for whatever it is worth. Best wishes, Tracy Greggs Oklahoma Network Consulting From: MailScanner [mailto:mailscanner-bounces+mailscanner-list=okla.com at lists.mailscanner.info] On Behalf Of Alex Neuman van der Hans Sent: Monday, August 15, 2016 11:27 PM To: MailScanner discussion Subject: {Disarmed} Re: New server setup, best practice? How: find /path/to/files* -mtime +5 -exec mv {} \; /path/to/destination That would be one way. Where: Depends on the situation. Sometimes it?s from SSD to HDD, sometimes it?s from local HDD to remote NAS using NFS or CIFS. Best? I like CentOS 5 best just because it remained pretty much the same for over 10 years. That being said, CentOS 7 would be the way to go; you just need to know where to put things. logo Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama | alex at vidadigital.com.pa | MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ |Skype: alexneuman On Aug 15, 2016, at 4:19 AM, Remco Barendse wrote: Thanks Alex! How/where do you move the mail older than a couple of days ? What would be the best distro to use, CentOS 6 or 7 ? I read earlier that CentOS 7 broke quite a number of conventions but support wise 7 seem wise ? On Wed, 10 Aug 2016, Alex Neuman van der Hans wrote: Again, depends so much on the specific circumstance? I just set up a $5/month VPS with it, with 15GB total space, storing only the past couple of days? worth of e-mail for a handful of users. I?ve also set up systems for thousands of users, with a terabyte of SSD storage for ?local, recent? stuff plus mbox-purge processes exporting stuff to a couple of dozen terabytes of local HDD storage and monthly processes moving stuff elsewhere using NFS and/or rsync. I?d rather mount NFS than SMB for performance/permissions reasons. [alexneuman.format_png.resize_120x.png#logo] Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ |Skype: alexneuman [facebook.png] [linkedin.png] [twitter.png] [pinterest.png] [youtube.png] [instagram.png] [wordpress.png] [amazon.png] [XT9yavvmRJaZZvINZFTQ_skype.png] [wEM3vsigQhq5yev6iwEV_whatsapp.png] On Aug 10, 2016, at 2:06 PM, Remco Barendse wrote: Thanks Alex! The choice for CPU/MEM/storage is easy when it's a virtual machine, can move around as needed. Was curious what the recommended disk size is for a MailScanner machine and what people do with archive copies of mail/spam. Mount an NFS or SMB share to store that or something else? Thanks :) On Tue, 2 Aug 2016, Alex Neuman van der Hans wrote: It really depends on context. Space, CPU and I/O issues can vary greatly from site to site. If you want to upgrade, look into your biggest bottlenecks first. Sometimes it?s RAM, sometimes it?s disk I/O (where SSD?s would be great), sometimes it?s CPU power. In my case I usually go for SSD?s for storing the OS, programs, and mail - and regular hard drives for things like quarantines and such, with scripts moving older stuff with various protocols (NFS, rsync, FTP) over to long-term storage to make space when needed. Oh, and it?s not ?virii?. Virus is a ?mass noun?, like ?rice?. MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be https://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Virus [alexneuman.format_png.resize_120x.png#logo] Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ |Skype: alexneuman [facebook.png] [linkedin.png] [twitter.png] [pinterest.png] [youtube.png] [instagram.png] [wordpress.png] [amazon.png] [XT9yavvmRJaZZvINZFTQ_skype.png] [wEM3vsigQhq5yev6iwEV_whatsapp.png] On Aug 2, 2016, at 5:46 AM, Remco Barendse wrote: Hi list! I would like to upgrade the servers that are running MailScanner. What is the best approach on storage? It will be virtual machines (which i guess is what a lot of people are doing now), how to approach the storage issue, what would be the best approach / design? What size for the MailScanner root partition etc. ? I have to keep verbatim copies of anything that goes in or out of the mail servers, i keep the qf/df pairs from sendmail. I read some people seeing their quarantine getting filled with 7 Gb of virii just in one day, what would be recommended storage sizes and how to deal with quarantine / archive folders? If it wise or recommended to mount an external volume at /var/spool/MailScanner/quarantine and /var/spool/MailScanner/archived or is there a better way ? If I have several MailScanner servers, is it OK to keep all spam/archived copies in one and the same mount ? Will CentOS 7 work flawlessly? Anyone using standard cloud images? Thanks for any tips / suggestions :>) -- MailScanner mailing list mailscanner at lists.mailscanner.info MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://lists.mailscanner.info/listinfo/mailscanner -- MailScanner mailing list mailscanner at lists.mailscanner.info MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://lists.mailscanner.info/listinfo/mailscanner -- MailScanner mailing list mailscanner at lists.mailscanner.info MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://lists.mailscanner.info/listinfo/mailscanner Web Bug from http://t.sidekickopen62.com/e1t/o/5/f18dQhb0S7ks8dDMPbW2n0x6l2B9gXrN7sKj6v5dcLCW8qSMPl2zhrHPN4WJlXjQFLCHVLXL-m1k1H6H0?si=5887134288314368&pi=AC798462-9730-42E6-A7E2-F18959B4CE5A -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Tue Aug 16 18:41:43 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Tue, 16 Aug 2016 14:41:43 -0400 Subject: {Disarmed} Re: New server setup, best practice? In-Reply-To: <00f101d1f7ec$c8f0c5a0$5ad250e0$@okla.com> References: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> <70669A64-726A-496D-BD1F-A5CC7C959D9B@vidadigital.com.pa> <00f101d1f7ec$c8f0c5a0$5ad250e0$@okla.com> Message-ID: <1950555f-46e4-4cfd-ba72-c73830fa35cc@typeapp.com> Everything is a pain in the ass with RHEL 7. Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 16, 2016, 14:34, at 14:34, Tracy Greggs wrote: >If you need the xtables-addons for geoip blocking, it is a major PITA >with Centos 7 or RHEL 7. You might want to stick to Centos 6.8 > > > >Just my 2 cents for whatever it is worth. > > > >Best wishes, > >Tracy Greggs > >Oklahoma Network Consulting > > > > > >From: MailScanner >[mailto:mailscanner-bounces+mailscanner-list=okla.com at lists.mailscanner.info] >On Behalf Of Alex Neuman van der Hans >Sent: Monday, August 15, 2016 11:27 PM >To: MailScanner discussion >Subject: {Disarmed} Re: New server setup, best practice? > > > >How: > >find /path/to/files* -mtime +5 -exec mv {} \; /path/to/destination > >That would be one way. > >Where: Depends on the situation. Sometimes it?s from SSD to HDD, >sometimes it?s from local HDD to remote NAS using NFS or CIFS. > > > >Best? I like CentOS 5 best just because it remained pretty much the >same for over 10 years. > > > >That being said, CentOS 7 would be the way to go; you just need to know >where to put things. > > > > >logo > > > >Alex Neuman van der Hans Producer/Host, Vida Digital > >+1 (440) 253-9789 | > >+507 6781-9505 | Panama | >alex at vidadigital.com.pa | > >MailScanner has detected a possible fraud attempt from >"t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ >|Skype: > >alexneuman > > > > > > > > > > > > > > > > > > > >On Aug 15, 2016, at 4:19 AM, Remco Barendse >wrote: > > > >Thanks Alex! How/where do you move the mail older than a couple of >days ? > >What would be the best distro to use, CentOS 6 or 7 ? I read earlier >that CentOS 7 broke quite a number of conventions but support wise 7 >seem >wise ? > >On Wed, 10 Aug 2016, Alex Neuman van der Hans wrote: > > > > >Again, depends so much on the specific circumstance? I just set up a >$5/month VPS with it, with 15GB total space, storing only the past >couple of days? worth of e-mail for a handful of users. >I?ve also set up systems for thousands of users, with a terabyte of SSD >storage for ?local, recent? stuff plus mbox-purge processes exporting >stuff to a couple of dozen terabytes of local HDD storage and monthly >processes moving >stuff elsewhere using NFS and/or rsync. >I?d rather mount NFS than SMB for performance/permissions reasons. >[alexneuman.format_png.resize_120x.png#logo] >Alex Neuman van der Hans Producer/Host, Vida Digital >+1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | > >MailScanner has detected a possible fraud attempt from >"t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ >|Skype: alexneuman >[facebook.png] [linkedin.png] [twitter.png] [pinterest.png] >[youtube.png] [instagram.png] [wordpress.png] [amazon.png] >[XT9yavvmRJaZZvINZFTQ_skype.png] [wEM3vsigQhq5yev6iwEV_whatsapp.png] > >On Aug 10, 2016, at 2:06 PM, Remco Barendse >wrote: >Thanks Alex! >The choice for CPU/MEM/storage is easy when it's a virtual machine, can >move around as needed. Was curious what the recommended disk size is >for a MailScanner machine and what people do with archive copies of >mail/spam. Mount >an NFS or SMB share to store that or something else? >Thanks :) >On Tue, 2 Aug 2016, Alex Neuman van der Hans wrote: > >It really depends on context. Space, CPU and I/O issues can vary >greatly from site to site. >If you want to upgrade, look into your biggest bottlenecks first. >Sometimes it?s RAM, sometimes it?s disk I/O (where SSD?s would be >great), sometimes it?s CPU > power. >In my case I usually go for SSD?s for storing the OS, programs, and >mail - and regular hard drives for things like quarantines and such, >with scripts moving older >stuff with various protocols (NFS, rsync, FTP) over to long-term >storage to make space when needed. >Oh, and it?s not ?virii?. Virus is a ?mass noun?, like ?rice?. > >MailScanner has detected a possible fraud attempt from >"t.sidekickopen62.com" claiming to be >https://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Virus > [alexneuman.format_png.resize_120x.png#logo] > Alex Neuman van der Hans Producer/Host, Vida Digital >+1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | > >MailScanner has detected a possible fraud attempt from >"t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ >|Skype: alexneuman >[facebook.png] [linkedin.png] [twitter.png] [pinterest.png] >[youtube.png] [instagram.png] [wordpress.png] [amazon.png] >[XT9yavvmRJaZZvINZFTQ_skype.png] > [wEM3vsigQhq5yev6iwEV_whatsapp.png] > >On Aug 2, 2016, at 5:46 AM, Remco Barendse >wrote: > Hi list! > I would like to upgrade the servers that are running MailScanner. >What is the best approach on storage? It will be virtual machines >(which i guess is what a lot of people are doing now), how to approach >the storage issue, >what would be the best approach / design? What size for the MailScanner >root partition etc. ? >I have to keep verbatim copies of anything that goes in or out of the >mail servers, i keep the qf/df pairs from sendmail. >I read some people seeing their quarantine getting filled with 7 Gb of >virii just in one day, what would be recommended storage sizes and how >to deal with >quarantine / archive folders? If it wise or recommended to mount an >external volume at /var/spool/MailScanner/quarantine and > /var/spool/MailScanner/archived or is there a better way ? >If I have several MailScanner servers, is it OK to keep all >spam/archived copies in one and the same mount ? > Will CentOS 7 work flawlessly? Anyone using standard cloud images? > Thanks for any tips / suggestions :>) > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > >MailScanner has detected a possible fraud attempt from >"t.sidekickopen62.com" claiming to be >http://lists.mailscanner.info/listinfo/mailscanner >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info > >MailScanner has detected a possible fraud attempt from >"t.sidekickopen62.com" claiming to be >http://lists.mailscanner.info/listinfo/mailscanner > > > >-- >MailScanner mailing list > >mailscanner at lists.mailscanner.info > >MailScanner has detected a possible fraud attempt from >"t.sidekickopen62.com" claiming to be >http://lists.mailscanner.info/listinfo/mailscanner > > > >Web Bug from >http://t.sidekickopen62.com/e1t/o/5/f18dQhb0S7ks8dDMPbW2n0x6l2B9gXrN7sKj6v5dcLCW8qSMPl2zhrHPN4WJlXjQFLCHVLXL-m1k1H6H0?si=5887134288314368&pi=AC798462-9730-42E6-A7E2-F18959B4CE5A > >-- >This message has been scanned for viruses and >dangerous content by MailScanner, and >is >believed to be clean. > > >-- >This message has been scanned for viruses and >dangerous content by MailScanner, and is >believed to be clean. > > > >------------------------------------------------------------------------ > > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailscanner-list at okla.com Wed Aug 17 00:09:41 2016 From: mailscanner-list at okla.com (Tracy Greggs) Date: Tue, 16 Aug 2016 19:09:41 -0500 Subject: {Disarmed} Re: New server setup, best practice? In-Reply-To: <1950555f-46e4-4cfd-ba72-c73830fa35cc@typeapp.com> References: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> <70669A64-726A-496D-BD1F-A5CC7C959D9B@vidadigital.com.pa> <00f101d1f7ec$c8f0c5a0$5ad250e0$@okla.com> <1950555f-46e4-4cfd-ba72-c73830fa35cc@typeapp.com> Message-ID: <011901d1f81b$a9f2eb90$fdd8c2b0$@okla.com> Depends on who you ask J 6.8 does everything I need without any major PITA factors so for me at least, I prefer it. Tracy From: MailScanner [mailto:mailscanner-bounces+mailscanner-list=okla.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Tuesday, August 16, 2016 1:42 PM To: MailScanner discussion Cc: MailScanner discussion Subject: RE: {Disarmed} Re: New server setup, best practice? Everything is a pain in the ass with RHEL 7. Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 16, 2016, at 14:34, Tracy Greggs wrote: If you need the xtables-addons for geoip blocking, it is a major PITA with Centos 7 or RHEL 7. You might want to stick to Centos 6.8 Just my 2 cents for whatever it is worth. Best wishes, Tracy Greggs Oklahoma Network Consulting From: MailScanner [mailto:mailscanner-bounces+mailscanner-list=okla.com at lists.mailscanner.info] On Behalf Of Alex Neuman van der Hans Sent: Monday, August 15, 2016 11:27 PM To: MailScanner discussion Subject: {Disarmed} Re: New server setup, best practice? How: find /path/to/files* -mtime +5 -exec mv {} \; /path/to/destination That would be one way. Where: Depends on the situation. Sometimes it?s from SSD to HDD, sometimes it?s from local HDD to remote NAS using NFS or CIFS. Best? I like CentOS 5 best just because it remained pretty much the same for over 10 years. That being said, CentOS 7 would be the way to go; you just need to know where to put things. logo Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama | alex at vidadigital.com.pa | MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ |Skype: alexneuman On Aug 15, 2016, at 4:19 AM, Remco Barendse wrote: Thanks Alex! How/where do you move the mail older than a couple of days ? What would be the best distro to use, CentOS 6 or 7 ? I read earlier that CentOS 7 broke quite a number of conventions but support wise 7 seem wise ? On Wed, 10 Aug 2016, Alex Neuman van der Hans wrote: Again, depends so much on the specific circumstance? I just set up a $5/month VPS with it, with 15GB total space, storing only the past couple of days? worth of e-mail for a handful of users. I?ve also set up systems for thousands of users, with a terabyte of SSD storage for ?local, recent? stuff plus mbox-purge processes exporting stuff to a couple of dozen terabytes of local HDD storage and monthly processes moving stuff elsewhere using NFS and/or rsync. I?d rather mount NFS than SMB for performance/permissions reasons. [alexneuman.format_png.resize_120x.png#logo] Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ |Skype: alexneuman [facebook.png] [linkedin.png] [twitter.png] [pinterest.png] [youtube.png] [instagram.png] [wordpress.png] [amazon.png] [XT9yavvmRJaZZvINZFTQ_skype.png] [wEM3vsigQhq5yev6iwEV_whatsapp.png] On Aug 10, 2016, at 2:06 PM, Remco Barendse wrote: Thanks Alex! The choice for CPU/MEM/storage is easy when it's a virtual machine, can move around as needed. Was curious what the recommended disk size is for a MailScanner machine and what people do with archive copies of mail/spam. Mount an NFS or SMB share to store that or something else? Thanks :) On Tue, 2 Aug 2016, Alex Neuman van der Hans wrote: It really depends on context. Space, CPU and I/O issues can vary greatly from site to site. If you want to upgrade, look into your biggest bottlenecks first. Sometimes it?s RAM, sometimes it?s disk I/O (where SSD?s would be great), sometimes it?s CPU power. In my case I usually go for SSD?s for storing the OS, programs, and mail - and regular hard drives for things like quarantines and such, with scripts moving older stuff with various protocols (NFS, rsync, FTP) over to long-term storage to make space when needed. Oh, and it?s not ?virii?. Virus is a ?mass noun?, like ?rice?. MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be https://en.wikipedia.org/wiki/Plural_form_of_words_ending_in_-us#Virus [alexneuman.format_png.resize_120x.png#logo] Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://vidadigital.com.pa/ |Skype: alexneuman [facebook.png] [linkedin.png] [twitter.png] [pinterest.png] [youtube.png] [instagram.png] [wordpress.png] [amazon.png] [XT9yavvmRJaZZvINZFTQ_skype.png] [wEM3vsigQhq5yev6iwEV_whatsapp.png] On Aug 2, 2016, at 5:46 AM, Remco Barendse wrote: Hi list! I would like to upgrade the servers that are running MailScanner. What is the best approach on storage? It will be virtual machines (which i guess is what a lot of people are doing now), how to approach the storage issue, what would be the best approach / design? What size for the MailScanner root partition etc. ? I have to keep verbatim copies of anything that goes in or out of the mail servers, i keep the qf/df pairs from sendmail. I read some people seeing their quarantine getting filled with 7 Gb of virii just in one day, what would be recommended storage sizes and how to deal with quarantine / archive folders? If it wise or recommended to mount an external volume at /var/spool/MailScanner/quarantine and /var/spool/MailScanner/archived or is there a better way ? If I have several MailScanner servers, is it OK to keep all spam/archived copies in one and the same mount ? Will CentOS 7 work flawlessly? Anyone using standard cloud images? Thanks for any tips / suggestions :>) -- MailScanner mailing list mailscanner at lists.mailscanner.info MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://lists.mailscanner.info/listinfo/mailscanner -- MailScanner mailing list mailscanner at lists.mailscanner.info MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://lists.mailscanner.info/listinfo/mailscanner -- MailScanner mailing list mailscanner at lists.mailscanner.info MailScanner has detected a possible fraud attempt from "t.sidekickopen62.com" claiming to be http://lists.mailscanner.info/listinfo/mailscanner Web Bug from http://t.sidekickopen62.com/e1t/o/5/f18dQhb0S7ks8dDMPbW2n0x6l2B9gXrN7sKj6v5dcLCW8qSMPl2zhrHPN4WJlXjQFLCHVLXL-m1k1H6H0?si=5887134288314368&pi=AC798462-9730-42E6-A7E2-F18959B4CE5A -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL: From carles at unlimitedmail.org Wed Aug 17 08:23:42 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Wed, 17 Aug 2016 10:23:42 +0200 Subject: Not existing Incoming Work Dir In-Reply-To: References: <155fc6d9-4b9c-90f0-d31c-104ef4026bff@unlimitedmail.org> Message-ID: <8f3b3164-a645-3077-c816-2243c97128f3@unlimitedmail.org> Yes, it is a RAMDISK. I have modified /etc/MailScanner/defaults for it and all goes fine now. Thank you very much Jerry. El 12/08/16 a las 18:35, Jerry Benton escribi?: > Is that a RAMDISK? MailScanner v5 supports RAMDISKs. Check > /etc/MailScanner/defaults for the logic > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: [SOLTECSIS] Carles Xavier Munyoz Bald? > Reply: MailScanner Discussion > Date: August 12, 2016 at 12:00:22 PM > To: mailscanner at lists.mailscanner.info > Subject: Not existing Incoming Work Dir > >> Hello, >> I usually change the Incoming Work Dir of the MailScanner configuration >> using a value like this for obtain a better server performance: >> Incoming Work Dir = /dev/shm/MailScanner/incoming >> >> The problem is that when I reset the server, MailScanner doesn't go >> because this directory desapears. I have to create it manually. >> >> Would it be possible that MailScanner creates this directory >> automatically if it doesn't exists? >> >> Thanks. >> ======================================== >> SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. >> Carles Xavier Munyoz Bald? >> Departamento de I+D+I >> Tel./Fax: 966 446 046 >> cmunyoz at soltecsis.com >> www.soltecsis.com >> ======================================== >> >> --- >> La informaci?n contenida en este e-mail es confidencial, >> siendo para uso exclusivo del destinatario arriba mencionado. >> Le informamos que est? totalmente prohibida cualquier >> utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de >> esta comunicaci?n sin autorizaci?n expresa en virtud de la >> legislaci?n vigente. Si ha recibido este mensaje por error, >> le rogamos nos lo notifique inmediatamente por la misma v?a >> y proceda a su eliminaci?n. >> --- >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From carles at unlimitedmail.org Wed Aug 17 09:06:22 2016 From: carles at unlimitedmail.org (=?UTF-8?Q?[SOLTECSIS]_Carles_Xavier_Munyoz_Bald=c3=b3?=) Date: Wed, 17 Aug 2016 11:06:22 +0200 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: <3d0cc336-8f21-8f39-8ced-3ee5d75d02bf@unlimitedmail.org> Hello, I have tested esets virus scanner support and it is going fine now. Tahnk you very much Jerry, great job! I'm using the BitDefender virus scanner too, but for use it I must modify the next line in the virus.scanners.conf file: [...] #bitdefender /usr/lib/MailScanner/wrapper/bitdefender-wrapper /opt/BitDefender bitdefender /usr/lib/MailScanner/wrapper/bitdefender-wrapper /opt/BitDefender/var/lib/scan/base [...] With this change BitDefender goes fine too. But the problem is that when I update MailScanner I lost this change. May you include it in the default virus.scanners.conf file or avoid that the update of MailScanner causes the lost of this change? Best regards. El 14/08/16 a las 18:39, Jerry Benton escribi?: > I have tested these, but I would like some verification before I post > them as releases. > > > 08/14/2016 Changes in v5.0.3-7 > ================================== > - updated init script to include a time-wait for pid files during > process reloads and restarts > - updated Message.pm to correctly prepend phishing notices in email > subject > - added avast virus scanner support > - added esets virus scanner support > - added new function InitClamdParser to SweepViruses.pm > - added new function ProcessClamdOutput to SweepViruses.pm > > > Debian: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.deb.tar.gz > RHEL: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.rhel.tar.gz > SuSE: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.suse.tar.gz > NIX: https://s3.amazonaws.com/msv5/release/MailScanner-5.0.3-7.nix.tar.gz > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > -- Saludos. ======================================== SOLTECSIS SOLUCIONES TECNOLOGICAS, S.L. Carles Xavier Munyoz Bald? Departamento de I+D+I Tel./Fax: 966 446 046 cmunyoz at soltecsis.com www.soltecsis.com ======================================== --- La informaci?n contenida en este e-mail es confidencial, siendo para uso exclusivo del destinatario arriba mencionado. Le informamos que est? totalmente prohibida cualquier utilizaci?n, divulgaci?n, distribuci?n y/o reproducci?n de esta comunicaci?n sin autorizaci?n expresa en virtud de la legislaci?n vigente. Si ha recibido este mensaje por error, le rogamos nos lo notifique inmediatamente por la misma v?a y proceda a su eliminaci?n. --- From mailscanner_list at hohestieg.net Wed Aug 17 09:25:39 2016 From: mailscanner_list at hohestieg.net (Marc) Date: Wed, 17 Aug 2016 11:25:39 +0200 Subject: spamassassin --report does not train BAYES In-Reply-To: References: Message-ID: <89048b88.ADsAAEaJEhAAAAAAAAAAAGTaDssAAP-OMXsAAAAAAAU4HQBXtC2c@mailjet.com> Did anyone else experience such a behavior or might it be related to some 'special' configuration issues? Could it be a file ownership/permission problem? Thanks, Marc P.S.: Debug Log-Output is attached below... Am 11.08.2016 um 16:30 schrieb Marc: > Dear list, > > I have recently discovered some strange behavior. > > If I use 'spamassassin -r < {spammessage}' reporting to DCC/Razor/Pyzor > *seems* to work according to debug. Bayes learning *should* also work > (as I made sure that 'bayes_learn_during_report' is set to 1, which is > the default anyway). > However, checking with 'spamassassin -t < {spammessage}' only gives > BAYES_50. > > If I afterwards perform 'sa-learn --dbpath $DB_DIR --forget > {spammessage}' and 'sa-learn --dbpath $DB_DIR --spam {spammessage}', > things work out and I get a BAYES score of 1.0000. > > ====== > Setup: > Mailscanner version 4.84.5 > SpamAssassin version 3.4.1 > Perl version 5.18.4 > ---- > DB_DIR=/volume1/MailPlus/spamassassin > local.cf: bayes_path /volume1/MailPlus/spamassassin/bayes > > ===== > > Any clues? > > Thanks, > Marc > __ bait: mailbait at hohestieg.net also bait: http://www.hohestieg.net/notforhumans.html ____ LOG OUTPUT: Aug 17 11:13:06.878 [1328] dbg: logger: logging level is DBG Aug 17 11:13:06.879 [1328] dbg: generic: SpamAssassin version 3.4.1 Aug 17 11:13:06.879 [1328] dbg: generic: Perl 5.018004, PREFIX=/var/packages/MailPlus-Server/target, DEF_RULES_DIR=/var/packages/MailPlus-Server/target/share/spamassassin, LOCAL_RULES_DIR=/var/packages/MailPlus-Server/target/etc/spamassassin, LOCAL_STATE_DIR=/var/packages/MailPlus-Server/target/var/spamassassin Aug 17 11:13:07.794 [1328] dbg: plugin: loading Mail::SpamAssassin::Plugin::DCC from @INC Aug 17 11:13:07.808 [1328] dbg: dcc: network tests on, registering DCC Aug 17 11:13:07.808 [1328] dbg: plugin: loading Mail::SpamAssassin::Plugin::Pyzor from @INC Aug 17 11:13:07.814 [1328] dbg: pyzor: network tests on, attempting Pyzor Aug 17 11:13:07.814 [1328] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC Aug 17 11:13:07.924 [1328] dbg: razor2: razor2 is available, version 2.84 Aug 17 11:13:07.924 [1328] dbg: plugin: loading Mail::SpamAssassin::Plugin::SpamCop from @INC Aug 17 11:13:07.949 [1328] dbg: reporter: network tests on, attempting SpamCop Aug 17 11:13:13.547 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10) implements 'learner_new', priority 0 Aug 17 11:13:13.547 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::TxRep=HASH(0x43ba9c8) implements 'learner_new', priority 0 Aug 17 11:13:13.547 [1328] dbg: bayes: learner_new self=Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10), bayes_store_module=Mail::SpamAssassin::BayesStore::DBM Aug 17 11:13:13.576 [1328] dbg: bayes: learner_new: got store=Mail::SpamAssassin::BayesStore::DBM=HASH(0x44c1f18) Aug 17 11:13:13.577 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10) implements 'learner_is_scan_available', priority 0 Aug 17 11:13:13.577 [1328] dbg: bayes: tie-ing to DB file R/O /volume1/MailPlus/spamassassin/bayes_toks Aug 17 11:13:13.578 [1328] dbg: bayes: tie-ing to DB file R/O /volume1/MailPlus/spamassassin/bayes_seen Aug 17 11:13:13.580 [1328] dbg: bayes: found bayes db version 3 Aug 17 11:13:13.580 [1328] dbg: bayes: DB journal sync: last sync: 1471415411 Aug 17 11:13:13.581 [1328] dbg: config: score set 3 chosen. Aug 17 11:13:13.582 [1328] dbg: dns: EDNS, UDP payload size 4096 Aug 17 11:13:13.583 [1328] dbg: dns: servers obtained from Net::DNS : [192.168.1.10]:53, [87.118.100.175]:53 Aug 17 11:13:13.583 [1328] dbg: dns: nameservers set to 192.168.1.10, 87.118.100.175 Aug 17 11:13:13.583 [1328] dbg: dns: using socket module: IO::Socket::INET6 version 2.71 Aug 17 11:13:13.583 [1328] dbg: dns: is Net::DNS::Resolver available? yes Aug 17 11:13:13.583 [1328] dbg: dns: Net::DNS version: 0.73 Aug 17 11:13:13.584 [1328] dbg: config: time limit 300.0 s Aug 17 11:13:13.587 [1328] dbg: message: main message type: multipart/alternative Aug 17 11:13:13.588 [1328] dbg: markup: removing markup Aug 17 11:13:13.588 [1328] dbg: config: time limit 300.0 s Aug 17 11:13:13.591 [1328] dbg: message: main message type: multipart/alternative Aug 17 11:13:13.594 [1328] dbg: check: pms new, time limit in 299.995 s Aug 17 11:13:13.597 [1328] dbg: netset: trusted_networks lookup on 127.0.0.1, 26 networks, result: 1, 0.544 ms Aug 17 11:13:13.597 [1328] dbg: netset: internal_networks lookup on 127.0.0.1, 3 networks, result: 1, 0.486 ms Aug 17 11:13:13.597 [1328] dbg: received-header: relay 127.0.0.1 trusted? yes internal? yes msa? no Aug 17 11:13:13.607 [1328] dbg: received-header: found fetchmail marker, restarting parse Aug 17 11:13:13.611 [1328] dbg: netset: trusted_networks lookup on 2607:f8b0:400c:c08::244, 26 networks, result: 0, 1.655 ms Aug 17 11:13:13.611 [1328] dbg: received-header: relay 2607:f8b0:400c:c08::244 trusted? no internal? no msa? no Aug 17 11:13:13.661 [1328] dbg: markup: removing markup Aug 17 11:13:13.662 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::DCC=HASH(0x36ece38) implements 'plugin_report', priority 0 Aug 17 11:13:13.662 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::Pyzor=HASH(0x3780520) implements 'plugin_report', priority 0 Aug 17 11:13:13.662 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::Razor2=HASH(0x37b9f90) implements 'plugin_report', priority 0 Aug 17 11:13:13.662 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::SpamCop=HASH(0x3c2dd10) implements 'plugin_report', priority 0 Aug 17 11:13:13.663 [1328] dbg: util: executable for cdcc was found at /usr/local/bin/cdcc Aug 17 11:13:13.663 [1328] dbg: dcc: dcc_pgm_path, found cdcc in env.path: /usr/local/bin/cdcc Aug 17 11:13:13.677 [1328] dbg: dcc: `/usr/local/bin/cdcc -qV homedir libexecdir` reports '1.3.158 homedir=/var/dcc libexecdir=/var/dcc/libexec ' Aug 17 11:13:13.677 [1328] dbg: dcc: use 'dcc_libexec /var/dcc/libexec' from cdcc Aug 17 11:13:13.677 [1328] dbg: dcc: use 'dcc_home /var/dcc' from cdcc Aug 17 11:13:13.677 [1328] dbg: dns: entering helper-app run mode Aug 17 11:13:13.679 [1328] dbg: reporter: connecting to local socket /var/dcc/dccifd Aug 17 11:13:17.999 [1328] dbg: dns: leaving helper-app run mode Aug 17 11:13:18.000 [1328] dbg: reporter: dccifd responded with 'X-DCC--Metrics: diskstation 1481; bulk Body=many Fuz1=many Fuz2=many' Aug 17 11:13:18.000 [1328] info: reporter: spam reported to DCC Aug 17 11:13:18.000 [1328] dbg: util: executable for pyzor was found at /bin/pyzor Aug 17 11:13:18.000 [1328] dbg: pyzor: pyzor is available: /bin/pyzor Aug 17 11:13:18.001 [1328] dbg: util: secure_tmpfile created a temporary file /tmp/.spamassassin1328zg3U3itmp Aug 17 11:13:18.001 [1328] dbg: check: create_fulltext_tmpfile, written 4618 bytes to file /tmp/.spamassassin1328zg3U3itmp Aug 17 11:13:18.001 [1328] dbg: dns: entering helper-app run mode Aug 17 11:13:18.002 [1328] dbg: pyzor: opening pipe: /bin/pyzor report < /tmp/.spamassassin1328zg3U3itmp Aug 17 11:13:18.007 [1368] dbg: util: setuid: ruid=0 euid=0 Aug 17 11:13:18.319 [1328] dbg: pyzor: [1368] reporter finished successfully Aug 17 11:13:18.319 [1328] dbg: dns: leaving helper-app run mode Aug 17 11:13:18.320 [1328] info: reporter: spam reported to Pyzor Aug 17 11:13:18.320 [1328] dbg: dns: entering helper-app run mode Aug 17 11:13:21.561 [1328] dbg: dns: leaving helper-app run mode Aug 17 11:13:21.562 [1328] info: reporter: spam reported to Razor Aug 17 11:13:22.409 [1328] dbg: reporter: SpamCop sent FROM root at diskstation.hohestieg.selfhost.eu Aug 17 11:13:22.409 [1328] dbg: reporter: SpamCop received 250 sender ok Aug 17 11:13:22.593 [1328] dbg: reporter: SpamCop sent TO spamassassin-submit at spam.spamcop.net Aug 17 11:13:22.593 [1328] dbg: reporter: SpamCop received 250 recipient ok Aug 17 11:13:23.150 [1328] dbg: reporter: SpamCop sent DATA Aug 17 11:13:23.151 [1328] dbg: reporter: SpamCop received 250 go ahead Aug 17 11:13:23.151 [1328] dbg: reporter: [...] ok: Message 978152756 accepted Aug 17 11:13:23.334 [1328] dbg: reporter: SpamCop sent QUIT Aug 17 11:13:23.335 [1328] dbg: reporter: SpamCop received 221 vmx.spamcop.net Aug 17 11:13:23.335 [1328] info: reporter: spam reported to SpamCop Aug 17 11:13:23.336 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x1f7a000) implements 'finish_tests', priority 0 Aug 17 11:13:23.337 [1328] dbg: plugin: Mail::SpamAssassin::Plugin::Check=HASH(0x1f7a348) implements 'finish_tests', priority 0 Aug 17 11:13:23.338 [1328] dbg: netset: cache trusted_networks hits/attempts: 0/2, 0.0 % Aug 17 11:13:23.343 [1328] dbg: netset: cache internal_networks hits/attempts: 0/1, 0.0 % Aug 17 11:13:23.396 [1328] dbg: bayes: untie-ing 1 message(s) examined. From jerry.benton at mailborder.com Wed Aug 17 17:09:56 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 17 Aug 2016 10:09:56 -0700 Subject: spamassassin --report does not train BAYES In-Reply-To: <89048b88.ADsAAEaJEhAAAAAAAAAAAGTaDssAAP-OMXsAAAAAAAU4HQBXtC2c@mailjet.com> References: <89048b88.ADsAAEaJEhAAAAAAAAAAAGTaDssAAP-OMXsAAAAAAAU4HQBXtC2c@mailjet.com> Message-ID: You have to point spamassassin to your MailScanner spam.assassin.prefs.conf file when running a spam test from the command line. I think the option is -c - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Marc Reply:?MailScanner Discussion Date:?August 17, 2016 at 5:26:02 AM To:?mailscanner at lists.mailscanner.info Subject:? Re: spamassassin --report does not train BAYES > Did anyone else experience such a behavior or might it be related to > some 'special' configuration issues? Could it be a file > ownership/permission problem? > > Thanks, > Marc > > P.S.: Debug Log-Output is attached below... > > > Am 11.08.2016 um 16:30 schrieb Marc: > > Dear list, > > > > I have recently discovered some strange behavior. > > > > If I use 'spamassassin -r < {spammessage}' reporting to DCC/Razor/Pyzor > > *seems* to work according to debug. Bayes learning *should* also work > > (as I made sure that 'bayes_learn_during_report' is set to 1, which is > > the default anyway). > > However, checking with 'spamassassin -t < {spammessage}' only gives > > BAYES_50. > > > > If I afterwards perform 'sa-learn --dbpath $DB_DIR --forget > > {spammessage}' and 'sa-learn --dbpath $DB_DIR --spam {spammessage}', > > things work out and I get a BAYES score of 1.0000. > > > > ====== > > Setup: > > Mailscanner version 4.84.5 > > SpamAssassin version 3.4.1 > > Perl version 5.18.4 > > ---- > > DB_DIR=/volume1/MailPlus/spamassassin > > local.cf: bayes_path /volume1/MailPlus/spamassassin/bayes > > > > ===== > > > > Any clues? > > > > Thanks, > > Marc > > > __ > bait: mailbait at hohestieg.net > also bait: http://www.hohestieg.net/notforhumans.html > > ____ > LOG OUTPUT: > Aug 17 11:13:06.878 [1328] dbg: logger: logging level is DBG > Aug 17 11:13:06.879 [1328] dbg: generic: SpamAssassin version 3.4.1 > Aug 17 11:13:06.879 [1328] dbg: generic: Perl 5.018004, > PREFIX=/var/packages/MailPlus-Server/target, > DEF_RULES_DIR=/var/packages/MailPlus-Server/target/share/spamassassin, > LOCAL_RULES_DIR=/var/packages/MailPlus-Server/target/etc/spamassassin, > LOCAL_STATE_DIR=/var/packages/MailPlus-Server/target/var/spamassassin > Aug 17 11:13:07.794 [1328] dbg: plugin: loading > Mail::SpamAssassin::Plugin::DCC from @INC > Aug 17 11:13:07.808 [1328] dbg: dcc: network tests on, registering DCC > Aug 17 11:13:07.808 [1328] dbg: plugin: loading > Mail::SpamAssassin::Plugin::Pyzor from @INC > Aug 17 11:13:07.814 [1328] dbg: pyzor: network tests on, attempting Pyzor > Aug 17 11:13:07.814 [1328] dbg: plugin: loading > Mail::SpamAssassin::Plugin::Razor2 from @INC > Aug 17 11:13:07.924 [1328] dbg: razor2: razor2 is available, version 2.84 > Aug 17 11:13:07.924 [1328] dbg: plugin: loading > Mail::SpamAssassin::Plugin::SpamCop from @INC > Aug 17 11:13:07.949 [1328] dbg: reporter: network tests on, attempting > SpamCop > Aug 17 11:13:13.547 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10) implements > 'learner_new', priority 0 > Aug 17 11:13:13.547 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::TxRep=HASH(0x43ba9c8) implements > 'learner_new', priority 0 > Aug 17 11:13:13.547 [1328] dbg: bayes: learner_new > self=Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10), > bayes_store_module=Mail::SpamAssassin::BayesStore::DBM > Aug 17 11:13:13.576 [1328] dbg: bayes: learner_new: got > store=Mail::SpamAssassin::BayesStore::DBM=HASH(0x44c1f18) > Aug 17 11:13:13.577 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10) implements > 'learner_is_scan_available', priority 0 > Aug 17 11:13:13.577 [1328] dbg: bayes: tie-ing to DB file R/O > /volume1/MailPlus/spamassassin/bayes_toks > Aug 17 11:13:13.578 [1328] dbg: bayes: tie-ing to DB file R/O > /volume1/MailPlus/spamassassin/bayes_seen > Aug 17 11:13:13.580 [1328] dbg: bayes: found bayes db version 3 > Aug 17 11:13:13.580 [1328] dbg: bayes: DB journal sync: last sync: > 1471415411 > Aug 17 11:13:13.581 [1328] dbg: config: score set 3 chosen. > Aug 17 11:13:13.582 [1328] dbg: dns: EDNS, UDP payload size 4096 > Aug 17 11:13:13.583 [1328] dbg: dns: servers obtained from Net::DNS : > [192.168.1.10]:53, [87.118.100.175]:53 > Aug 17 11:13:13.583 [1328] dbg: dns: nameservers set to 192.168.1.10, > 87.118.100.175 > Aug 17 11:13:13.583 [1328] dbg: dns: using socket module: > IO::Socket::INET6 version 2.71 > Aug 17 11:13:13.583 [1328] dbg: dns: is Net::DNS::Resolver available? yes > Aug 17 11:13:13.583 [1328] dbg: dns: Net::DNS version: 0.73 > Aug 17 11:13:13.584 [1328] dbg: config: time limit 300.0 s > Aug 17 11:13:13.587 [1328] dbg: message: main message type: > multipart/alternative > Aug 17 11:13:13.588 [1328] dbg: markup: removing markup > Aug 17 11:13:13.588 [1328] dbg: config: time limit 300.0 s > Aug 17 11:13:13.591 [1328] dbg: message: main message type: > multipart/alternative > Aug 17 11:13:13.594 [1328] dbg: check: pms new, time limit in 299.995 s > Aug 17 11:13:13.597 [1328] dbg: netset: trusted_networks lookup on > 127.0.0.1, 26 networks, result: 1, 0.544 ms > Aug 17 11:13:13.597 [1328] dbg: netset: internal_networks lookup on > 127.0.0.1, 3 networks, result: 1, 0.486 ms > Aug 17 11:13:13.597 [1328] dbg: received-header: relay 127.0.0.1 > trusted? yes internal? yes msa? no > Aug 17 11:13:13.607 [1328] dbg: received-header: found fetchmail marker, > restarting parse > Aug 17 11:13:13.611 [1328] dbg: netset: trusted_networks lookup on > 2607:f8b0:400c:c08::244, 26 networks, result: 0, 1.655 ms > Aug 17 11:13:13.611 [1328] dbg: received-header: relay > 2607:f8b0:400c:c08::244 trusted? no internal? no msa? no > Aug 17 11:13:13.661 [1328] dbg: markup: removing markup > Aug 17 11:13:13.662 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::DCC=HASH(0x36ece38) implements > 'plugin_report', priority 0 > Aug 17 11:13:13.662 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::Pyzor=HASH(0x3780520) implements > 'plugin_report', priority 0 > Aug 17 11:13:13.662 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::Razor2=HASH(0x37b9f90) implements > 'plugin_report', priority 0 > Aug 17 11:13:13.662 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::SpamCop=HASH(0x3c2dd10) implements > 'plugin_report', priority 0 > Aug 17 11:13:13.663 [1328] dbg: util: executable for cdcc was found at > /usr/local/bin/cdcc > Aug 17 11:13:13.663 [1328] dbg: dcc: dcc_pgm_path, found cdcc in > env.path: /usr/local/bin/cdcc > Aug 17 11:13:13.677 [1328] dbg: dcc: `/usr/local/bin/cdcc -qV homedir > libexecdir` reports '1.3.158 homedir=/var/dcc libexecdir=/var/dcc/libexec ' > Aug 17 11:13:13.677 [1328] dbg: dcc: use 'dcc_libexec /var/dcc/libexec' > from cdcc > Aug 17 11:13:13.677 [1328] dbg: dcc: use 'dcc_home /var/dcc' from cdcc > Aug 17 11:13:13.677 [1328] dbg: dns: entering helper-app run mode > Aug 17 11:13:13.679 [1328] dbg: reporter: connecting to local socket > /var/dcc/dccifd > Aug 17 11:13:17.999 [1328] dbg: dns: leaving helper-app run mode > Aug 17 11:13:18.000 [1328] dbg: reporter: dccifd responded with > 'X-DCC--Metrics: diskstation 1481; bulk Body=many Fuz1=many Fuz2=many' > Aug 17 11:13:18.000 [1328] info: reporter: spam reported to DCC > Aug 17 11:13:18.000 [1328] dbg: util: executable for pyzor was found at > /bin/pyzor > Aug 17 11:13:18.000 [1328] dbg: pyzor: pyzor is available: /bin/pyzor > Aug 17 11:13:18.001 [1328] dbg: util: secure_tmpfile created a temporary > file /tmp/.spamassassin1328zg3U3itmp > Aug 17 11:13:18.001 [1328] dbg: check: create_fulltext_tmpfile, written > 4618 bytes to file /tmp/.spamassassin1328zg3U3itmp > Aug 17 11:13:18.001 [1328] dbg: dns: entering helper-app run mode > Aug 17 11:13:18.002 [1328] dbg: pyzor: opening pipe: /bin/pyzor report < > /tmp/.spamassassin1328zg3U3itmp > Aug 17 11:13:18.007 [1368] dbg: util: setuid: ruid=0 euid=0 > Aug 17 11:13:18.319 [1328] dbg: pyzor: [1368] reporter finished successfully > Aug 17 11:13:18.319 [1328] dbg: dns: leaving helper-app run mode > Aug 17 11:13:18.320 [1328] info: reporter: spam reported to Pyzor > Aug 17 11:13:18.320 [1328] dbg: dns: entering helper-app run mode > Aug 17 11:13:21.561 [1328] dbg: dns: leaving helper-app run mode > Aug 17 11:13:21.562 [1328] info: reporter: spam reported to Razor > Aug 17 11:13:22.409 [1328] dbg: reporter: SpamCop sent FROM > root at diskstation.hohestieg.selfhost.eu > Aug 17 11:13:22.409 [1328] dbg: reporter: SpamCop received 250 sender > ok > Aug 17 11:13:22.593 [1328] dbg: reporter: SpamCop sent TO > spamassassin-submit at spam.spamcop.net > Aug 17 11:13:22.593 [1328] dbg: reporter: SpamCop received 250 recipient > ok > Aug 17 11:13:23.150 [1328] dbg: reporter: SpamCop sent DATA > Aug 17 11:13:23.151 [1328] dbg: reporter: SpamCop received 250 go ahead > Aug 17 11:13:23.151 [1328] dbg: reporter: [...] ok: Message 978152756 > accepted > Aug 17 11:13:23.334 [1328] dbg: reporter: SpamCop sent QUIT > Aug 17 11:13:23.335 [1328] dbg: reporter: SpamCop received 221 > vmx.spamcop.net > Aug 17 11:13:23.335 [1328] info: reporter: spam reported to SpamCop > Aug 17 11:13:23.336 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x1f7a000) implements > 'finish_tests', priority 0 > Aug 17 11:13:23.337 [1328] dbg: plugin: > Mail::SpamAssassin::Plugin::Check=HASH(0x1f7a348) implements > 'finish_tests', priority 0 > Aug 17 11:13:23.338 [1328] dbg: netset: cache trusted_networks > hits/attempts: 0/2, 0.0 % > Aug 17 11:13:23.343 [1328] dbg: netset: cache internal_networks > hits/attempts: 0/1, 0.0 % > Aug 17 11:13:23.396 [1328] dbg: bayes: untie-ing > 1 message(s) examined. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From mailscanner_list at hohestieg.net Thu Aug 18 09:12:49 2016 From: mailscanner_list at hohestieg.net (Marc) Date: Thu, 18 Aug 2016 11:12:49 +0200 Subject: spamassassin --report does not train BAYES In-Reply-To: References: <89048b88.ADsAAEaJEhAAAAAAAAAAAGTaDssAAP-OMXsAAAAAAAU4HQBXtC2c@mailjet.com> Message-ID: <59bb9f52.AEEAE_itd9sAAAAAAAAAAGTaDssAAP-OMXsAAAAAAAU4HQBXtXwZ@mailjet.com> Thank you Jerry, but that didn't seem to solve the issue... I used 'spamassassin -p /volume1/\@appstore/MailPlus-Server/etc/MailScanner/spam.assassin.prefs.conf' with the '-r' flag and afterwards '-t' to check, and the bayes score didn't change. Anyway, I symlinked the spamassassin's config file to /etc/mail/spamassassin, so everything is found, according to debug output. And I checked that only one Bayes database is present (find ... bayes_toks), so this can be ruled out too, I guess. Am 17.08.2016 um 19:09 schrieb Jerry Benton: > You have to point spamassassin to your MailScanner > spam.assassin.prefs.conf file when running a spam test from the > command line. I think the option is -c > > > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Marc > Reply: MailScanner Discussion > Date: August 17, 2016 at 5:26:02 AM > To: mailscanner at lists.mailscanner.info > Subject: Re: spamassassin --report does not train BAYES > >> Did anyone else experience such a behavior or might it be related to >> some 'special' configuration issues? Could it be a file >> ownership/permission problem? >> >> Thanks, >> Marc >> >> P.S.: Debug Log-Output is attached below... >> >> >> Am 11.08.2016 um 16:30 schrieb Marc: >>> Dear list, >>> >>> I have recently discovered some strange behavior. >>> >>> If I use 'spamassassin -r < {spammessage}' reporting to DCC/Razor/Pyzor >>> *seems* to work according to debug. Bayes learning *should* also work >>> (as I made sure that 'bayes_learn_during_report' is set to 1, which is >>> the default anyway). >>> However, checking with 'spamassassin -t < {spammessage}' only gives >>> BAYES_50. >>> >>> If I afterwards perform 'sa-learn --dbpath $DB_DIR --forget >>> {spammessage}' and 'sa-learn --dbpath $DB_DIR --spam {spammessage}', >>> things work out and I get a BAYES score of 1.0000. >>> >>> ====== >>> Setup: >>> Mailscanner version 4.84.5 >>> SpamAssassin version 3.4.1 >>> Perl version 5.18.4 >>> ---- >>> DB_DIR=/volume1/MailPlus/spamassassin >>> local.cf: bayes_path /volume1/MailPlus/spamassassin/bayes >>> >>> ===== >>> >>> Any clues? >>> >>> Thanks, >>> Marc >>> >> __ >> bait: mailbait at hohestieg.net >> also bait: http://www.hohestieg.net/notforhumans.html >> >> ____ >> LOG OUTPUT: >> Aug 17 11:13:06.878 [1328] dbg: logger: logging level is DBG >> Aug 17 11:13:06.879 [1328] dbg: generic: SpamAssassin version 3.4.1 >> Aug 17 11:13:06.879 [1328] dbg: generic: Perl 5.018004, >> PREFIX=/var/packages/MailPlus-Server/target, >> DEF_RULES_DIR=/var/packages/MailPlus-Server/target/share/spamassassin, >> LOCAL_RULES_DIR=/var/packages/MailPlus-Server/target/etc/spamassassin, >> LOCAL_STATE_DIR=/var/packages/MailPlus-Server/target/var/spamassassin >> Aug 17 11:13:07.794 [1328] dbg: plugin: loading >> Mail::SpamAssassin::Plugin::DCC from @INC >> Aug 17 11:13:07.808 [1328] dbg: dcc: network tests on, registering DCC >> Aug 17 11:13:07.808 [1328] dbg: plugin: loading >> Mail::SpamAssassin::Plugin::Pyzor from @INC >> Aug 17 11:13:07.814 [1328] dbg: pyzor: network tests on, attempting Pyzor >> Aug 17 11:13:07.814 [1328] dbg: plugin: loading >> Mail::SpamAssassin::Plugin::Razor2 from @INC >> Aug 17 11:13:07.924 [1328] dbg: razor2: razor2 is available, version 2.84 >> Aug 17 11:13:07.924 [1328] dbg: plugin: loading >> Mail::SpamAssassin::Plugin::SpamCop from @INC >> Aug 17 11:13:07.949 [1328] dbg: reporter: network tests on, attempting >> SpamCop >> Aug 17 11:13:13.547 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10) implements >> 'learner_new', priority 0 >> Aug 17 11:13:13.547 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::TxRep=HASH(0x43ba9c8) implements >> 'learner_new', priority 0 >> Aug 17 11:13:13.547 [1328] dbg: bayes: learner_new >> self=Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10), >> bayes_store_module=Mail::SpamAssassin::BayesStore::DBM >> Aug 17 11:13:13.576 [1328] dbg: bayes: learner_new: got >> store=Mail::SpamAssassin::BayesStore::DBM=HASH(0x44c1f18) >> Aug 17 11:13:13.577 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::Bayes=HASH(0x4267b10) implements >> 'learner_is_scan_available', priority 0 >> Aug 17 11:13:13.577 [1328] dbg: bayes: tie-ing to DB file R/O >> /volume1/MailPlus/spamassassin/bayes_toks >> Aug 17 11:13:13.578 [1328] dbg: bayes: tie-ing to DB file R/O >> /volume1/MailPlus/spamassassin/bayes_seen >> Aug 17 11:13:13.580 [1328] dbg: bayes: found bayes db version 3 >> Aug 17 11:13:13.580 [1328] dbg: bayes: DB journal sync: last sync: >> 1471415411 >> Aug 17 11:13:13.581 [1328] dbg: config: score set 3 chosen. >> Aug 17 11:13:13.582 [1328] dbg: dns: EDNS, UDP payload size 4096 >> Aug 17 11:13:13.583 [1328] dbg: dns: servers obtained from Net::DNS : >> [192.168.1.10]:53, [87.118.100.175]:53 >> Aug 17 11:13:13.583 [1328] dbg: dns: nameservers set to 192.168.1.10, >> 87.118.100.175 >> Aug 17 11:13:13.583 [1328] dbg: dns: using socket module: >> IO::Socket::INET6 version 2.71 >> Aug 17 11:13:13.583 [1328] dbg: dns: is Net::DNS::Resolver available? yes >> Aug 17 11:13:13.583 [1328] dbg: dns: Net::DNS version: 0.73 >> Aug 17 11:13:13.584 [1328] dbg: config: time limit 300.0 s >> Aug 17 11:13:13.587 [1328] dbg: message: main message type: >> multipart/alternative >> Aug 17 11:13:13.588 [1328] dbg: markup: removing markup >> Aug 17 11:13:13.588 [1328] dbg: config: time limit 300.0 s >> Aug 17 11:13:13.591 [1328] dbg: message: main message type: >> multipart/alternative >> Aug 17 11:13:13.594 [1328] dbg: check: pms new, time limit in 299.995 s >> Aug 17 11:13:13.597 [1328] dbg: netset: trusted_networks lookup on >> 127.0.0.1, 26 networks, result: 1, 0.544 ms >> Aug 17 11:13:13.597 [1328] dbg: netset: internal_networks lookup on >> 127.0.0.1, 3 networks, result: 1, 0.486 ms >> Aug 17 11:13:13.597 [1328] dbg: received-header: relay 127.0.0.1 >> trusted? yes internal? yes msa? no >> Aug 17 11:13:13.607 [1328] dbg: received-header: found fetchmail marker, >> restarting parse >> Aug 17 11:13:13.611 [1328] dbg: netset: trusted_networks lookup on >> 2607:f8b0:400c:c08::244, 26 networks, result: 0, 1.655 ms >> Aug 17 11:13:13.611 [1328] dbg: received-header: relay >> 2607:f8b0:400c:c08::244 trusted? no internal? no msa? no >> Aug 17 11:13:13.661 [1328] dbg: markup: removing markup >> Aug 17 11:13:13.662 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::DCC=HASH(0x36ece38) implements >> 'plugin_report', priority 0 >> Aug 17 11:13:13.662 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::Pyzor=HASH(0x3780520) implements >> 'plugin_report', priority 0 >> Aug 17 11:13:13.662 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::Razor2=HASH(0x37b9f90) implements >> 'plugin_report', priority 0 >> Aug 17 11:13:13.662 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::SpamCop=HASH(0x3c2dd10) implements >> 'plugin_report', priority 0 >> Aug 17 11:13:13.663 [1328] dbg: util: executable for cdcc was found at >> /usr/local/bin/cdcc >> Aug 17 11:13:13.663 [1328] dbg: dcc: dcc_pgm_path, found cdcc in >> env.path: /usr/local/bin/cdcc >> Aug 17 11:13:13.677 [1328] dbg: dcc: `/usr/local/bin/cdcc -qV homedir >> libexecdir` reports '1.3.158 homedir=/var/dcc libexecdir=/var/dcc/libexec ' >> Aug 17 11:13:13.677 [1328] dbg: dcc: use 'dcc_libexec /var/dcc/libexec' >> from cdcc >> Aug 17 11:13:13.677 [1328] dbg: dcc: use 'dcc_home /var/dcc' from cdcc >> Aug 17 11:13:13.677 [1328] dbg: dns: entering helper-app run mode >> Aug 17 11:13:13.679 [1328] dbg: reporter: connecting to local socket >> /var/dcc/dccifd >> Aug 17 11:13:17.999 [1328] dbg: dns: leaving helper-app run mode >> Aug 17 11:13:18.000 [1328] dbg: reporter: dccifd responded with >> 'X-DCC--Metrics: diskstation 1481; bulk Body=many Fuz1=many Fuz2=many' >> Aug 17 11:13:18.000 [1328] info: reporter: spam reported to DCC >> Aug 17 11:13:18.000 [1328] dbg: util: executable for pyzor was found at >> /bin/pyzor >> Aug 17 11:13:18.000 [1328] dbg: pyzor: pyzor is available: /bin/pyzor >> Aug 17 11:13:18.001 [1328] dbg: util: secure_tmpfile created a temporary >> file /tmp/.spamassassin1328zg3U3itmp >> Aug 17 11:13:18.001 [1328] dbg: check: create_fulltext_tmpfile, written >> 4618 bytes to file /tmp/.spamassassin1328zg3U3itmp >> Aug 17 11:13:18.001 [1328] dbg: dns: entering helper-app run mode >> Aug 17 11:13:18.002 [1328] dbg: pyzor: opening pipe: /bin/pyzor report < >> /tmp/.spamassassin1328zg3U3itmp >> Aug 17 11:13:18.007 [1368] dbg: util: setuid: ruid=0 euid=0 >> Aug 17 11:13:18.319 [1328] dbg: pyzor: [1368] reporter finished successfully >> Aug 17 11:13:18.319 [1328] dbg: dns: leaving helper-app run mode >> Aug 17 11:13:18.320 [1328] info: reporter: spam reported to Pyzor >> Aug 17 11:13:18.320 [1328] dbg: dns: entering helper-app run mode >> Aug 17 11:13:21.561 [1328] dbg: dns: leaving helper-app run mode >> Aug 17 11:13:21.562 [1328] info: reporter: spam reported to Razor >> Aug 17 11:13:22.409 [1328] dbg: reporter: SpamCop sent FROM >> root at diskstation.hohestieg.selfhost.eu >> Aug 17 11:13:22.409 [1328] dbg: reporter: SpamCop received 250 sender >> ok >> Aug 17 11:13:22.593 [1328] dbg: reporter: SpamCop sent TO >> spamassassin-submit at spam.spamcop.net >> Aug 17 11:13:22.593 [1328] dbg: reporter: SpamCop received 250 recipient >> ok >> Aug 17 11:13:23.150 [1328] dbg: reporter: SpamCop sent DATA >> Aug 17 11:13:23.151 [1328] dbg: reporter: SpamCop received 250 go ahead >> Aug 17 11:13:23.151 [1328] dbg: reporter: [...] ok: Message 978152756 >> accepted >> Aug 17 11:13:23.334 [1328] dbg: reporter: SpamCop sent QUIT >> Aug 17 11:13:23.335 [1328] dbg: reporter: SpamCop received 221 >> vmx.spamcop.net >> Aug 17 11:13:23.335 [1328] info: reporter: spam reported to SpamCop >> Aug 17 11:13:23.336 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x1f7a000) implements >> 'finish_tests', priority 0 >> Aug 17 11:13:23.337 [1328] dbg: plugin: >> Mail::SpamAssassin::Plugin::Check=HASH(0x1f7a348) implements >> 'finish_tests', priority 0 >> Aug 17 11:13:23.338 [1328] dbg: netset: cache trusted_networks >> hits/attempts: 0/2, 0.0 % >> Aug 17 11:13:23.343 [1328] dbg: netset: cache internal_networks >> hits/attempts: 0/1, 0.0 % >> Aug 17 11:13:23.396 [1328] dbg: bayes: untie-ing >> 1 message(s) examined. >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> > -- Marc-Andr? Jung Hohestieg 9 (Hinterhaus) D-38118 Braunschweig Telefon: +49 531 47220145 Mobil: +49 1520 8803783 E-Mail: marc at hohestieg.net Web: www.hohestieg.net From mailscanner at barendse.to Thu Aug 18 14:22:51 2016 From: mailscanner at barendse.to (Remco Barendse) Date: Thu, 18 Aug 2016 16:22:51 +0200 (CEST) Subject: New server setup, best practice? In-Reply-To: <70669A64-726A-496D-BD1F-A5CC7C959D9B@vidadigital.com.pa> References: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> <70669A64-726A-496D-BD1F-A5CC7C959D9B@vidadigital.com.pa> Message-ID: On Mon, 15 Aug 2016, Alex Neuman van der Hans wrote: > How:find /path/to/files* -mtime +5 -exec mv {} \; /path/to/destination? > That would be one way. Tried that, it dumps all files into one destination directory whereas the archive is split up per day on the server. If i ever get hammered with several gigabyte per day, might get messy :) You don't retain the directory structure? How to do it? From mark at msapiro.net Thu Aug 18 18:59:26 2016 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 18 Aug 2016 11:59:26 -0700 Subject: MailScanner v5.0.3-7 In-Reply-To: References: Message-ID: <3601a93f-feed-3545-879f-35e40b6d7487@msapiro.net> On 08/14/2016 05:27 PM, Jerry Benton wrote: > I mean to say ? > > Mark changed the subject tagging behavior for phishing a bit. Lets > hope he chimes in. I've been on a back country hiking trip (totally off line) for almost two weeks, and am just back. Yes, I made some changes in the code for the subject tagging for phishing fraud. There were some things that were clearly wrong that have been fixed. However, as Shawn notes, when phishing is detected, the subject is tagged with Disarmed Subject Text (default {Disarmed}), and not with Phishing Subject Text (default {Fraud?}). See for some discussion of this issue. I'm not sure that the current behavior is actually wrong since when phishing is detected it's normally disarmed, but I've tried a number of things and the {Fraud?} tag is not added when I think it should be and I haven't been able to determine why. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From apursell at phre.net Thu Aug 18 15:49:48 2016 From: apursell at phre.net (Aaron Pursell) Date: Thu, 18 Aug 2016 09:49:48 -0600 Subject: Denial of Service attack Messages Constantly Message-ID: <928ab07529a2fa95fa45347c26c92797@kratos.capindy.com> Hi all, I'm sure I missed something....Usually the case, but I moved to CentOS7 with MailScanner: Running on Linux redacted 3.10.0-327.22.2.el7.x86_64 #1 SMP Thu Jun 23 17:05:11 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux This is CentOS Linux release 7.2.1511 (Core) This is Perl version 5.016003 (5.16.3) This is MailScanner version 5.0.2 The problem is, my users and I keep getting messages like this: " > MailScanner was attacked by a Denial Of Service attack, and has therefore deleted this part of the message. Please contact your e-mail providers for more information if you need it, giving them the whole of this report. Attack in: /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" The path doesn't exist when you look and the message never gets delivered. What can I turn off or adjust to make sure this doesn't happen? -- Regards, Aaron -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL: From alex at vidadigital.com.pa Thu Aug 18 21:00:08 2016 From: alex at vidadigital.com.pa (Alex Neuman van der Hans) Date: Thu, 18 Aug 2016 16:00:08 -0500 Subject: New server setup, best practice? In-Reply-To: References: <72515ED1-9C2D-4CC0-B5F9-4A25063A26D2@vidadigital.com.pa> <70669A64-726A-496D-BD1F-A5CC7C959D9B@vidadigital.com.pa> Message-ID: replace /path/to/files and /path/to/destination with the folder names. Use the `date` command with the proper parameters plus creative concatenation. Alex Neuman van der Hans Producer/Host, Vida Digital +1 (440) 253-9789 | +507 6781-9505 | Panama |alex at vidadigital.com.pa | http://vidadigital.com.pa/ |Skype: alexneuman > On Aug 18, 2016, at 9:22 AM, Remco Barendse wrote: > > On Mon, 15 Aug 2016, Alex Neuman van der Hans wrote: > >> How:find /path/to/files* -mtime +5 -exec mv {} \; /path/to/destination >> That would be one way. > > Tried that, it dumps all files into one destination directory whereas the archive is split up per day on the server. If i ever get hammered with several gigabyte per day, might get messy :) > > You don't retain the directory structure? How to do it? > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mark at msapiro.net Thu Aug 18 22:43:36 2016 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 18 Aug 2016 15:43:36 -0700 Subject: Denial of Service attack Messages Constantly In-Reply-To: <928ab07529a2fa95fa45347c26c92797@kratos.capindy.com> References: <928ab07529a2fa95fa45347c26c92797@kratos.capindy.com> Message-ID: <29a498ea-358c-fee3-c8f9-cd359beec8d0@msapiro.net> On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > The problem is, my users and I keep getting messages like this: > > " >> MailScanner was attacked by a Denial Of Service attack, and has >> therefore deleted this part of the message. Please contact your e-mail >> providers for more information if you need it, giving them the whole >> of this report. Attack in: >> /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" >> >> > > The path doesn't exist when you look and the message never gets > delivered. What can I turn off or adjust to make sure this doesn't happen? What's in the Mail log associated with this? There's a long thread on this with Subject: Denial Of Service Attack Messages in the archives of this list at and which may be helpful. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From steve at mjnservices.com Fri Aug 19 14:26:31 2016 From: steve at mjnservices.com (Steven Jardine) Date: Fri, 19 Aug 2016 08:26:31 -0600 Subject: Denial of Service attack Messages Constantly In-Reply-To: <29a498ea-358c-fee3-c8f9-cd359beec8d0@msapiro.net> References: <928ab07529a2fa95fa45347c26c92797@kratos.capindy.com> <29a498ea-358c-fee3-c8f9-cd359beec8d0@msapiro.net> Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1@mjnservices.com> I still haven't found a good solution to this even after trying all of the suggestions posted on the previous threads. If turn off "Dangerous Content Scanning" the error goes away but you lose that functionality. I have had to disable it until a solution can be found. Its not ideal. Good luck! Steve On 08/18/2016 04:43 PM, Mark Sapiro wrote: > On 08/18/2016 08:49 AM, Aaron Pursell wrote: >> >> The problem is, my users and I keep getting messages like this: >> >> " >>> MailScanner was attacked by a Denial Of Service attack, and has >>> therefore deleted this part of the message. Please contact your e-mail >>> providers for more information if you need it, giving them the whole >>> of this report. Attack in: >>> /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" >>> >>> >> >> The path doesn't exist when you look and the message never gets >> delivered. What can I turn off or adjust to make sure this doesn't happen? > > What's in the Mail log associated with this? > > There's a long thread on this with Subject: Denial Of Service Attack > Messages in the archives of this list at > > and > > which may be helpful. > IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer to enter into a contract. Further, this email may not be used to modify, supplement, novate, or waive any rights with respect to an existing contract or other binding commercial terms. MJN Services, Inc. conducts business under our service terms and conditions found at www.mjnservices.com unless otherwise agreed to in writing by an officer of MJN Services, Inc. From jerry.benton at mailborder.com Fri Aug 19 14:30:29 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Fri, 19 Aug 2016 09:30:29 -0500 Subject: Denial of Service attack Messages Constantly In-Reply-To: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1@mjnservices.com> References: <928ab07529a2fa95fa45347c26c92797@kratos.capindy.com> <29a498ea-358c-fee3-c8f9-cd359beec8d0@msapiro.net> <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1@mjnservices.com> Message-ID: Steve, Can you zip the raw source of a message (the file) that triggers this and email it directly to me? - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Steven Jardine Reply:?MailScanner Discussion Date:?August 19, 2016 at 10:27:05 AM To:?MailScanner Discussion Subject:? Re: Denial of Service attack Messages Constantly > I still haven't found a good solution to this even after trying all of > the suggestions posted on the previous threads. If turn off "Dangerous > Content Scanning" the error goes away but you lose that functionality. > > I have had to disable it until a solution can be found. Its not ideal. > > Good luck! > Steve > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > >> > >> The problem is, my users and I keep getting messages like this: > >> > >> " > >>> MailScanner was attacked by a Denial Of Service attack, and has > >>> therefore deleted this part of the message. Please contact your e-mail > >>> providers for more information if you need it, giving them the whole > >>> of this report. Attack in: > >>> /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > >>> > >>> > >> > >> The path doesn't exist when you look and the message never gets > >> delivered. What can I turn off or adjust to make sure this doesn't happen? > > > > What's in the Mail log associated with this? > > > > There's a long thread on this with Subject: Denial Of Service Attack > > Messages in the archives of this list at > > > > and > > > > which may be helpful. > > > > > > IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer > to enter into a contract. Further, this email may not be used to modify, supplement, novate, > or waive any rights with respect to an existing contract or other binding commercial > terms. MJN Services, Inc. conducts business under our service terms and conditions > found at www.mjnservices.com unless otherwise agreed to in writing by an officer of > MJN Services, Inc. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From lee_yiu_chung at yahoo.com Mon Aug 22 09:14:43 2016 From: lee_yiu_chung at yahoo.com (lee_yiu_chung at yahoo.com) Date: Mon, 22 Aug 2016 17:14:43 +0800 Subject: Does not scan for spam if a virus is marked as virus Message-ID: Dear all, Apparently I found that mailscanner would not scan for spam if there is a email that is marked as infected with virus. Is there any way that mailscanner would still scan for spam even it is already marked as infected with virus? From apursell at phre.net Mon Aug 22 14:01:10 2016 From: apursell at phre.net (Aaron Pursell) Date: Mon, 22 Aug 2016 08:01:10 -0600 Subject: Denial of Service attack Messages Constantly In-Reply-To: References: Message-ID: I read pretty much every message and tried everything, most of those messages are years old and it appears it was fixed and now in the new version is the first time I'm experiencing them in many, many years, the fixes worked originally back in a way older versiona. Nothing really changed except the fact there's this new version, too bad it only happens to legitimate messages and not spam.... So who knows. I'll continue to look, the log really never says anything specific. I --- Regards, Aaron Message: 1 Date: Fri, 19 Aug 2016 08:26:31 -0600 From: Steven Jardine To: MailScanner Discussion Subject: Re: Denial of Service attack Messages Constantly Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com> Content-Type: text/plain; charset=windows-1252; format=flowed I still haven't found a good solution to this even after trying all of the suggestions posted on the previous threads. If turn off "Dangerous Content Scanning" the error goes away but you lose that functionality. I have had to disable it until a solution can be found. Its not ideal. Good luck! Steve On 08/18/2016 04:43 PM, Mark Sapiro wrote: > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > The problem is, my users and I keep getting messages like this: > > " MailScanner was attacked by a Denial Of Service attack, and has > therefore deleted this part of the message. Please contact your e-mail > providers for more information if you need it, giving them the whole > of this report. Attack in: > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > The path doesn't exist when you look and the message never gets > delivered. What can I turn off or adjust to make sure this doesn't happen? What's in the Mail log associated with this? There's a long thread on this with Subject: Denial Of Service Attack Messages in the archives of this list at and which may be helpful. IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer to enter into a contract. Further, this email may not be used to modify, supplement, novate, or waive any rights with respect to an existing contract or other binding commercial terms. MJN Services, Inc. conducts business under our service terms and conditions found at www.mjnservices.com [1] unless otherwise agreed to in writing by an officer of MJN Services, Inc. ------------------------------ Message: 2 Date: Fri, 19 Aug 2016 09:30:29 -0500 From: Jerry Benton To: MailScanner Discussion Subject: Re: Denial of Service attack Messages Constantly Message-ID: Content-Type: text/plain; charset=UTF-8 Steve, Can you zip the raw source of a message (the file) that triggers this and email it directly to me? - Jerry Benton www.mailborder.com [2] +1 - 844-436-6245 -----Original Message----- From:?Steven Jardine Reply:?MailScanner Discussion Date:?August 19, 2016 at 10:27:05 AM To:?MailScanner Discussion Subject:? Re: Denial of Service attack Messages Constantly > I still haven't found a good solution to this even after trying all of > the suggestions posted on the previous threads. If turn off "Dangerous > Content Scanning" the error goes away but you lose that functionality. > > I have had to disable it until a solution can be found. Its not ideal. > > Good luck! > Steve > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: On 08/18/2016 08:49 AM, Aaron Pursell wrote: > The problem is, my users and I keep getting messages like this: > > " MailScanner was attacked by a Denial Of Service attack, and has > therefore deleted this part of the message. Please contact your e-mail > providers for more information if you need it, giving them the whole > of this report. Attack in: > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > The path doesn't exist when you look and the message never gets > delivered. What can I turn off or adjust to make sure this doesn't happen? What's in the Mail log associated with this? There's a long thread on this with Subject: Denial Of Service Attack Messages in the archives of this list at and which may be helpful. IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer to enter into a contract. Further, this email may not be used to modify, supplement, novate, or waive any rights with respect to an existing contract or other binding commercial terms. MJN Services, Inc. conducts business under our service terms and conditions found at www.mjnservices.com [1] unless otherwise agreed to in writing by an officer of MJN Services, Inc. -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner ------------------------------ Subject: Digest Footer -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner ------------------------------ End of MailScanner Digest, Vol 128, Issue 16 ******************************************** Links: ------ [1] http://www.mjnservices.com [2] http://www.mailborder.com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL: From andy at z00b.com Mon Aug 22 14:15:22 2016 From: andy at z00b.com (Andy Southgate) Date: Mon, 22 Aug 2016 15:15:22 +0100 Subject: Denial of Service attack Messages Constantly In-Reply-To: References: Message-ID: <000601d1fc7f$a64c00e0$f2e402a0$@com> It still happens for me, AFAIK all that was worked out was that for some reason there is an intermittant permission problem that occasionally causes the spawned child process to fail to run causing that error on the message, but there was never any insight as to why that should be. From: MailScanner [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] On Behalf Of Aaron Pursell Sent: 22 August 2016 15:01 To: mailscanner at lists.mailscanner.info Subject: Re: Denial of Service attack Messages Constantly I read pretty much every message and tried everything, most of those messages are years old and it appears it was fixed and now in the new version is the first time I'm experiencing them in many, many years, the fixes worked originally back in a way older versiona. Nothing really changed except the fact there's this new version, too bad it only happens to legitimate messages and not spam.... So who knows. I'll continue to look, the log really never says anything specific. I --- Regards, Aaron Message: 1 Date: Fri, 19 Aug 2016 08:26:31 -0600 From: Steven Jardine To: MailScanner Discussion Subject: Re: Denial of Service attack Messages Constantly Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com> Content-Type: text/plain; charset=windows-1252; format=flowed I still haven't found a good solution to this even after trying all of the suggestions posted on the previous threads. If turn off "Dangerous Content Scanning" the error goes away but you lose that functionality. I have had to disable it until a solution can be found. Its not ideal. Good luck! Steve On 08/18/2016 04:43 PM, Mark Sapiro wrote: On 08/18/2016 08:49 AM, Aaron Pursell wrote: The problem is, my users and I keep getting messages like this: " MailScanner was attacked by a Denial Of Service attack, and has therefore deleted this part of the message. Please contact your e-mail providers for more information if you need it, giving them the whole of this report. Attack in: /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" The path doesn't exist when you look and the message never gets delivered. What can I turn off or adjust to make sure this doesn't happen? What's in the Mail log associated with this? There's a long thread on this with Subject: Denial Of Service Attack Messages in the archives of this list at and which may be helpful. IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer to enter into a contract. Further, this email may not be used to modify, supplement, novate, or waive any rights with respect to an existing contract or other binding commercial terms. MJN Services, Inc. conducts business under our service terms and conditions found at www.mjnservices.com unless otherwise agreed to in writing by an officer of MJN Services, Inc. ------------------------------ Message: 2 Date: Fri, 19 Aug 2016 09:30:29 -0500 From: Jerry Benton To: MailScanner Discussion Subject: Re: Denial of Service attack Messages Constantly Message-ID: Content-Type: text/plain; charset=UTF-8 Steve, Can you zip the raw source of a message (the file) that triggers this and email it directly to me? - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Steven Jardine Reply:?MailScanner Discussion Date:?August 19, 2016 at 10:27:05 AM To:?MailScanner Discussion Subject:? Re: Denial of Service attack Messages Constantly I still haven't found a good solution to this even after trying all of the suggestions posted on the previous threads. If turn off "Dangerous Content Scanning" the error goes away but you lose that functionality. I have had to disable it until a solution can be found. Its not ideal. Good luck! Steve On 08/18/2016 04:43 PM, Mark Sapiro wrote: On 08/18/2016 08:49 AM, Aaron Pursell wrote: The problem is, my users and I keep getting messages like this: " MailScanner was attacked by a Denial Of Service attack, and has therefore deleted this part of the message. Please contact your e-mail providers for more information if you need it, giving them the whole of this report. Attack in: /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" The path doesn't exist when you look and the message never gets delivered. What can I turn off or adjust to make sure this doesn't happen? What's in the Mail log associated with this? There's a long thread on this with Subject: Denial Of Service Attack Messages in the archives of this list at and which may be helpful. IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer to enter into a contract. Further, this email may not be used to modify, supplement, novate, or waive any rights with respect to an existing contract or other binding commercial terms. MJN Services, Inc. conducts business under our service terms and conditions found at www.mjnservices.com unless otherwise agreed to in writing by an officer of MJN Services, Inc. -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner ------------------------------ Subject: Digest Footer -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner ------------------------------ End of MailScanner Digest, Vol 128, Issue 16 ******************************************** -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL: From steve at mjnservices.com Mon Aug 22 14:29:15 2016 From: steve at mjnservices.com (Steven Jardine) Date: Mon, 22 Aug 2016 08:29:15 -0600 Subject: Denial of Service attack Messages Constantly In-Reply-To: <000601d1fc7f$a64c00e0$f2e402a0$@com> References: <000601d1fc7f$a64c00e0$f2e402a0$@com> Message-ID: <424eb8ee-a2ae-35ad-4e86-c55f1bad4be8@mjnservices.com> I can confirm this behavior....the error code that I was getting was 13 which is a permission denied error. Unfortunately, it was happening too often on legitimate mail that I had to turn off the feature. I would really like to determine the cause.... On 08/22/2016 08:15 AM, Andy Southgate wrote: > > It still happens for me, AFAIK all that was worked out was that for > some reason there is an intermittant permission problem that > occasionally causes the spawned child process to fail to run causing > that error on the message, but there was never any insight as to why > that should be. > > *From:*MailScanner > [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] *On > Behalf Of *Aaron Pursell > *Sent:* 22 August 2016 15:01 > *To:* mailscanner at lists.mailscanner.info > *Subject:* Re: Denial of Service attack Messages Constantly > > I read pretty much every message and tried everything, most of those > messages are years old and it appears it was fixed and now in the new > version is the first time I'm experiencing them in many, many years, > the fixes worked originally back in a way older versiona. Nothing > really changed except the fact there's this new version, too bad it > only happens to legitimate messages and not spam.... So who knows. > I'll continue to look, the log really never says anything specific. I > > --- > > > > Regards, > > Aaron > > > Message: 1 > Date: Fri, 19 Aug 2016 08:26:31 -0600 > From: Steven Jardine > > To: MailScanner Discussion > > Subject: Re: Denial of Service attack Messages Constantly > Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com > > > Content-Type: text/plain; charset=windows-1252; format=flowed > > I still haven't found a good solution to this even after trying all of > the suggestions posted on the previous threads. If turn off "Dangerous > Content Scanning" the error goes away but you lose that functionality. > > I have had to disable it until a solution can be found. Its not ideal. > > Good luck! > Steve > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > The problem is, my users and I keep getting messages like this: > > " > > MailScanner was attacked by a Denial Of Service attack, and has > therefore deleted this part of the message. Please contact your e-mail > providers for more information if you need it, giving them the whole > of this report. Attack in: > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > The path doesn't exist when you look and the message never gets > delivered. What can I turn off or adjust to make sure this doesn't > happen? > > > What's in the Mail log associated with this? > > There's a long thread on this with Subject: Denial Of Service Attack > Messages in the archives of this list at > > and > > which may be helpful. > > > > > IMPORTANT: This email does not constitute a contract or an offer or > acceptance of an offer to enter into a contract. Further, this email > may not be used to modify, supplement, novate, or waive any rights > with respect to an existing contract or other binding commercial > terms. MJN Services, Inc. conducts business under our service terms > and conditions found at www.mjnservices.com > unless otherwise agreed to in writing by > an officer of MJN Services, Inc. > > > > ------------------------------ > > Message: 2 > Date: Fri, 19 Aug 2016 09:30:29 -0500 > From: Jerry Benton > > To: MailScanner Discussion > > Subject: Re: Denial of Service attack Messages Constantly > Message-ID: > > > Content-Type: text/plain; charset=UTF-8 > > Steve, > > Can you zip the raw source of a message (the file) that triggers this > and email it directly to me? > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From:?Steven Jardine > > Reply:?MailScanner Discussion > > Date:?August 19, 2016 at 10:27:05 AM > To:?MailScanner Discussion > > Subject:? Re: Denial of Service attack Messages Constantly > > I still haven't found a good solution to this even after trying all of > the suggestions posted on the previous threads. If turn off "Dangerous > Content Scanning" the error goes away but you lose that functionality. > > I have had to disable it until a solution can be found. Its not ideal. > > Good luck! > Steve > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > The problem is, my users and I keep getting messages like this: > > " > > MailScanner was attacked by a Denial Of Service attack, and has > therefore deleted this part of the message. Please contact your e-mail > providers for more information if you need it, giving them the whole > of this report. Attack in: > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > The path doesn't exist when you look and the message never gets > delivered. What can I turn off or adjust to make sure this doesn't > happen? > > > What's in the Mail log associated with this? > > There's a long thread on this with Subject: Denial Of Service Attack > Messages in the archives of this list at > > and > > which may be helpful. > > > > > IMPORTANT: This email does not constitute a contract or an offer > or acceptance of an offer > to enter into a contract. Further, this email may not be used to > modify, supplement, novate, > or waive any rights with respect to an existing contract or other > binding commercial > terms. MJN Services, Inc. conducts business under our service > terms and conditions > found at www.mjnservices.com unless > otherwise agreed to in writing by an officer of > MJN Services, Inc. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > ------------------------------ > > Subject: Digest Footer > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > ------------------------------ > > End of MailScanner Digest, Vol 128, Issue 16 > ******************************************** > > > -- > This message has been scanned for viruses and > dangerous content by *MailScanner* , and is > believed to be clean. > > > > IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer to enter into a contract. Further, this email may not be used to modify, supplement, novate, or waive any rights with respect to an existing contract or other binding commercial terms. MJN Services, Inc. conducts business under our service terms and conditions found at www.mjnservices.com unless otherwise agreed to in writing by an officer of MJN Services, Inc. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Mon Aug 22 16:51:01 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 22 Aug 2016 09:51:01 -0700 Subject: Denial of Service attack Messages Constantly In-Reply-To: <424eb8ee-a2ae-35ad-4e86-c55f1bad4be8@mjnservices.com> References: <000601d1fc7f$a64c00e0$f2e402a0$@com> <424eb8ee-a2ae-35ad-4e86-c55f1bad4be8@mjnservices.com> Message-ID: When I see this happen it is usually related to /etc/security/limits.conf The old MailScanner code tried to silently increase the limits. This feature has been removed. Add this to /etc/security/limits.conf to try and resolve the issue: * ? ? ? ? hard ? ?nofile ? ? ?65535 * ? ? ? ? soft ? ?nofile ? ? ?65535 root ? ? ?hard ? ?nofile ? ? ?65535 root ? ? ?soft ? ?nofile ? ? ?65535 - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Steven Jardine Reply:?MailScanner Discussion Date:?August 22, 2016 at 10:29:54 AM To:?MailScanner Discussion Subject:? Re: Denial of Service attack Messages Constantly > I can confirm this behavior....the error code that I was getting was 13 > which is a permission denied error. Unfortunately, it was happening too > often on legitimate mail that I had to turn off the feature. > > I would really like to determine the cause.... > > On 08/22/2016 08:15 AM, Andy Southgate wrote: > > > > It still happens for me, AFAIK all that was worked out was that for > > some reason there is an intermittant permission problem that > > occasionally causes the spawned child process to fail to run causing > > that error on the message, but there was never any insight as to why > > that should be. > > > > *From:*MailScanner > > [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] *On > > Behalf Of *Aaron Pursell > > *Sent:* 22 August 2016 15:01 > > *To:* mailscanner at lists.mailscanner.info > > *Subject:* Re: Denial of Service attack Messages Constantly > > > > I read pretty much every message and tried everything, most of those > > messages are years old and it appears it was fixed and now in the new > > version is the first time I'm experiencing them in many, many years, > > the fixes worked originally back in a way older versiona. Nothing > > really changed except the fact there's this new version, too bad it > > only happens to legitimate messages and not spam.... So who knows. > > I'll continue to look, the log really never says anything specific. I > > > > --- > > > > > > > > Regards, > > > > Aaron > > > > > > Message: 1 > > Date: Fri, 19 Aug 2016 08:26:31 -0600 > > From: Steven Jardine > > > > > To: MailScanner Discussion > > > > > Subject: Re: Denial of Service attack Messages Constantly > > Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com > > > > > Content-Type: text/plain; charset=windows-1252; format=flowed > > > > I still haven't found a good solution to this even after trying all of > > the suggestions posted on the previous threads. If turn off "Dangerous > > Content Scanning" the error goes away but you lose that functionality. > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > Good luck! > > Steve > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > The problem is, my users and I keep getting messages like this: > > > > " > > > > MailScanner was attacked by a Denial Of Service attack, and has > > therefore deleted this part of the message. Please contact your e-mail > > providers for more information if you need it, giving them the whole > > of this report. Attack in: > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > The path doesn't exist when you look and the message never gets > > delivered. What can I turn off or adjust to make sure this doesn't > > happen? > > > > > > What's in the Mail log associated with this? > > > > There's a long thread on this with Subject: Denial Of Service Attack > > Messages in the archives of this list at > > > > and > > > > which may be helpful. > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > acceptance of an offer to enter into a contract. Further, this email > > may not be used to modify, supplement, novate, or waive any rights > > with respect to an existing contract or other binding commercial > > terms. MJN Services, Inc. conducts business under our service terms > > and conditions found at www.mjnservices.com > > unless otherwise agreed to in writing by > > an officer of MJN Services, Inc. > > > > > > > > ------------------------------ > > > > Message: 2 > > Date: Fri, 19 Aug 2016 09:30:29 -0500 > > From: Jerry Benton > > > > > To: MailScanner Discussion > > > > > Subject: Re: Denial of Service attack Messages Constantly > > Message-ID: > > > > > > > Content-Type: text/plain; charset=UTF-8 > > > > Steve, > > > > Can you zip the raw source of a message (the file) that triggers this > > and email it directly to me? > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From:?Steven Jardine > > > > > Reply:?MailScanner Discussion > > > > > Date:?August 19, 2016 at 10:27:05 AM > > To:?MailScanner Discussion > > > > > Subject:? Re: Denial of Service attack Messages Constantly > > > > I still haven't found a good solution to this even after trying all of > > the suggestions posted on the previous threads. If turn off "Dangerous > > Content Scanning" the error goes away but you lose that functionality. > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > Good luck! > > Steve > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > The problem is, my users and I keep getting messages like this: > > > > " > > > > MailScanner was attacked by a Denial Of Service attack, and has > > therefore deleted this part of the message. Please contact your e-mail > > providers for more information if you need it, giving them the whole > > of this report. Attack in: > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > The path doesn't exist when you look and the message never gets > > delivered. What can I turn off or adjust to make sure this doesn't > > happen? > > > > > > What's in the Mail log associated with this? > > > > There's a long thread on this with Subject: Denial Of Service Attack > > Messages in the archives of this list at > > > > and > > > > which may be helpful. > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer > > or acceptance of an offer > > to enter into a contract. Further, this email may not be used to > > modify, supplement, novate, > > or waive any rights with respect to an existing contract or other > > binding commercial > > terms. MJN Services, Inc. conducts business under our service > > terms and conditions > > found at www.mjnservices.com unless > > otherwise agreed to in writing by an officer of > > MJN Services, Inc. > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > ------------------------------ > > > > Subject: Digest Footer > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > ------------------------------ > > > > End of MailScanner Digest, Vol 128, Issue 16 > > ******************************************** > > > > > > -- > > This message has been scanned for viruses and > > dangerous content by *MailScanner* , and is > > believed to be clean. > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer > to enter into a contract. Further, this email may not be used to modify, supplement, novate, > or waive any rights with respect to an existing contract or other binding commercial > terms. MJN Services, Inc. conducts business under our service terms and conditions > found at www.mjnservices.com unless otherwise agreed to in writing by an officer of > MJN Services, Inc. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From Azir.Guleroglu at turknet.net.tr Tue Aug 23 11:07:19 2016 From: Azir.Guleroglu at turknet.net.tr (=?utf-8?B?QXppciBHw7xsZXJvxJ9sdQ==?=) Date: Tue, 23 Aug 2016 11:07:19 +0000 Subject: Denial of Service attack Messages Constantly In-Reply-To: References: <000601d1fc7f$a64c00e0$f2e402a0$@com> <424eb8ee-a2ae-35ad-4e86-c55f1bad4be8@mjnservices.com> Message-ID: I added this block to limits.conf but still our customers get same errors. Azir Guleroglu -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+azir.guleroglu=turknet.net.tr at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Monday, August 22, 2016 7:51 PM To: MailScanner Discussion Subject: Re: Denial of Service attack Messages Constantly When I see this happen it is usually related to /etc/security/limits.conf The old MailScanner code tried to silently increase the limits. This feature has been removed. Add this to /etc/security/limits.conf to try and resolve the issue: * hard nofile 65535 * soft nofile 65535 root hard nofile 65535 root soft nofile 65535 - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From: Steven Jardine Reply: MailScanner Discussion Date: August 22, 2016 at 10:29:54 AM To: MailScanner Discussion Subject: Re: Denial of Service attack Messages Constantly > I can confirm this behavior....the error code that I was getting was > 13 which is a permission denied error. Unfortunately, it was happening > too often on legitimate mail that I had to turn off the feature. > > I would really like to determine the cause.... > > On 08/22/2016 08:15 AM, Andy Southgate wrote: > > > > It still happens for me, AFAIK all that was worked out was that for > > some reason there is an intermittant permission problem that > > occasionally causes the spawned child process to fail to run causing > > that error on the message, but there was never any insight as to why > > that should be. > > > > *From:*MailScanner > > [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] > > *On Behalf Of *Aaron Pursell > > *Sent:* 22 August 2016 15:01 > > *To:* mailscanner at lists.mailscanner.info > > *Subject:* Re: Denial of Service attack Messages Constantly > > > > I read pretty much every message and tried everything, most of those > > messages are years old and it appears it was fixed and now in the > > new version is the first time I'm experiencing them in many, many > > years, the fixes worked originally back in a way older versiona. > > Nothing really changed except the fact there's this new version, too > > bad it only happens to legitimate messages and not spam.... So who knows. > > I'll continue to look, the log really never says anything specific. > > I > > > > --- > > > > > > > > Regards, > > > > Aaron > > > > > > Message: 1 > > Date: Fri, 19 Aug 2016 08:26:31 -0600 > > From: Steven Jardine > > > > > To: MailScanner Discussion > > > > > Subject: Re: Denial of Service attack Messages Constantly > > Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com > > > > > Content-Type: text/plain; charset=windows-1252; format=flowed > > > > I still haven't found a good solution to this even after trying all > > of the suggestions posted on the previous threads. If turn off > > "Dangerous Content Scanning" the error goes away but you lose that functionality. > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > Good luck! > > Steve > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > The problem is, my users and I keep getting messages like this: > > > > " > > > > MailScanner was attacked by a Denial Of Service attack, and has > > therefore deleted this part of the message. Please contact your > > e-mail providers for more information if you need it, giving them > > the whole of this report. Attack in: > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > The path doesn't exist when you look and the message never gets > > delivered. What can I turn off or adjust to make sure this doesn't > > happen? > > > > > > What's in the Mail log associated with this? > > > > There's a long thread on this with Subject: Denial Of Service Attack > > Messages in the archives of this list at > > > > and > > > > which may be helpful. > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > acceptance of an offer to enter into a contract. Further, this email > > may not be used to modify, supplement, novate, or waive any rights > > with respect to an existing contract or other binding commercial > > terms. MJN Services, Inc. conducts business under our service terms > > and conditions found at www.mjnservices.com unless otherwise agreed > > to in writing by an officer of MJN Services, Inc. > > > > > > > > ------------------------------ > > > > Message: 2 > > Date: Fri, 19 Aug 2016 09:30:29 -0500 > > From: Jerry Benton > > > > > To: MailScanner Discussion > > > > > Subject: Re: Denial of Service attack Messages Constantly > > Message-ID: > > > > > > > Content-Type: text/plain; charset=UTF-8 > > > > Steve, > > > > Can you zip the raw source of a message (the file) that triggers > > this and email it directly to me? > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From:?Steven Jardine > > > > > Reply:?MailScanner Discussion > > > > > Date:?August 19, 2016 at 10:27:05 AM To:?MailScanner Discussion > > > > > Subject:? Re: Denial of Service attack Messages Constantly > > > > I still haven't found a good solution to this even after trying all > > of the suggestions posted on the previous threads. If turn off > > "Dangerous Content Scanning" the error goes away but you lose that functionality. > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > Good luck! > > Steve > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > The problem is, my users and I keep getting messages like this: > > > > " > > > > MailScanner was attacked by a Denial Of Service attack, and has > > therefore deleted this part of the message. Please contact your > > e-mail providers for more information if you need it, giving them > > the whole of this report. Attack in: > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > The path doesn't exist when you look and the message never gets > > delivered. What can I turn off or adjust to make sure this doesn't > > happen? > > > > > > What's in the Mail log associated with this? > > > > There's a long thread on this with Subject: Denial Of Service Attack > > Messages in the archives of this list at > > > > and > > > > which may be helpful. > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > acceptance of an offer to enter into a contract. Further, this email > > may not be used to modify, supplement, novate, or waive any rights > > with respect to an existing contract or other binding commercial > > terms. MJN Services, Inc. conducts business under our service terms > > and conditions found at www.mjnservices.com unless otherwise agreed > > to in writing by an officer of MJN Services, Inc. > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > ------------------------------ > > > > Subject: Digest Footer > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > ------------------------------ > > > > End of MailScanner Digest, Vol 128, Issue 16 > > ******************************************** > > > > > > -- > > This message has been scanned for viruses and dangerous content by > > *MailScanner* , and is believed to be clean. > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > acceptance of an offer to enter into a contract. Further, this email > may not be used to modify, supplement, novate, or waive any rights > with respect to an existing contract or other binding commercial > terms. MJN Services, Inc. conducts business under our service terms > and conditions found at www.mjnservices.com unless otherwise agreed to in writing by an officer of MJN Services, Inc. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner ________________________________ Bu elektronik posta ve onunla iletilen b?t?n dosyalar sadece g?ndericisi taraf?ndan almas? ama?lanan yetkili ger?ek ya da t?zel ki?inin kullan?m? i?indir. E?er s?z konusu yetkili al?c? de?ilseniz bu elektronik postan?n i?eri?ini a??klaman?z, kopyalaman?z, y?nlendirmeniz ve kullanman?z kesinlikle yasakt?r ve bu elektronik postay? derhal silmeniz gerekmektedir. TurkNet bu mesaj?n i?erdi?i bilgilerin do?rulu?u veya eksiksiz oldu?u konusunda herhangi bir garanti vermemektedir. Bu nedenle bu bilgilerin ne ?ekilde olursa olsun i?eri?inden, iletilmesinden, al?nmas?ndan ve saklanmas?ndan sorumlu de?ildir. Bu mesajdaki g?r??ler yaln?zca g?nderen ki?iye aittir ve TurkNet'in g?r??lerini yans?tmayabilir. Bu e-posta bilinen b?t?n bilgisayar vir?slerine kar?? taranm??t?r. ________________________________________ This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient you are hereby notified that any dissemination, forwarding, copying or use of any of the information is strictly prohibited, and the e-mail should immediately be deleted. TurkNet makes no warranty as to the accuracy or completeness of any information contained in this message and hereby excludes any liability of any kind for the information contained therein or for the information transmission, reception, storage or use of such in any way whatsoever. The opinions expressed in this message belong to sender alone and may not necessarily reflect the opinions of TurkNet. This e-mail has been scanned for all known computer viruses. From wbaudler at gb.nrao.edu Wed Aug 24 13:09:15 2016 From: wbaudler at gb.nrao.edu (Wolfgang Baudler) Date: Wed, 24 Aug 2016 09:09:15 -0400 Subject: MailScanner v5.0.3-7 upgrade install Message-ID: I tested an upgrade install from Mailscanner-4.85.2-3 to the latest MailScanner-5.0.3-7 on RHEL6.8: I got the errors/warnings below at the end of the install.sh script run. Are these expected? The syntax error and rpm scriptlet failure at the end certainly don't look normal. Note that /etc/MailScanner/MailScanner.conf.rpmsave was not created, despite the install output claiming otherwise. Also, the /var/spool/mqueue.in directory was missing after the upgrade install. I had to create it manually for Mailscanner to start. And then it was complaining about the missing file mcp.spam.assassin.prefs.conf. I did manually rename mcp.spamassassin.conf to mcp.spam.assassin.prefs.conf to fix this. Wolfgang ------------------------------------------------- Installing the MailScanner RPM ... Preparing... ################################################## MailScanner ###warning: /etc/MailScanner/MailScanner.conf saved as /etc/MailScanner/MailScanner.conf.rpmsave ######warning: /etc/MailScanner/spam.lists.conf saved as /etc/MailScanner/spam.lists.conf.rpmsave ######################################### Important Note -------------- Your settings for the Sophos SAVI virus scanner are probably broken. They should look like this (unless your Sophos is installed somewhere else) Sophos IDE Dir = /opt/sophos-av/lib/sav Sophos Lib Dir = /opt/sophos-av/lib Monitors for Sophos Updates = /opt/sophos-av/lib/sav/*.ide Added new: Web Bug Replacement = https://s3.amazonaws.com/msv5/images/spacer.gif Added new: Lockfile Dir = /var/spool/MailScanner/incoming/Locks Added new: include /etc/MailScanner/conf.d/* Summary ------- Read 361 settings from old /etc/MailScanner/MailScanner.conf.original Used 359 settings from old /etc/MailScanner/MailScanner.conf.original Used 4 default settings from new /etc/MailScanner/MailScanner.conf.dist To configure MailScanner, edit the following files: /etc/MailScanner/defaults /etc/MailScanner/MailScanner.conf To activate MailScanner run the following commands: chkconfig mailscanner on service mailscanner start error reading information on service MailScanner: No such file or directory error reading information on service MailScanner: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/ZMailer.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/ZMDiskStore.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/WorkArea.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Unzip.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/TNEF.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/SystemDefs.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/SweepViruses.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/SweepOther.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/SweepContent.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Sendmail.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/SMDiskStore.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/SA.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/RBLs.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Queue.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Quarantine.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Qmail.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/QMDiskStore.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Postfix.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/PFDiskStore.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/MessageBatch.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Message.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Mail.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/MCPMessage.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/MCP.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Log.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Lock.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/GenericSpam.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/FileInto.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/EximDiskStore.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Exim.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/CustomFunctions/ZMRouterDirHash.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/CustomFunctions/Ruleset-from-Function.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/CustomFunctions/MyExample.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/CustomFunctions/GenericSpamScanner.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/CustomFunctions/CustomAction.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/CustomConfig.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/ConfigSQL.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/ConfigDefs.pl failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Config.pm failed: No such file or directory warning: erase unlink of /usr/share/MailScanner/MailScanner/Antiword.pm failed: No such file or directory warning: erase unlink of /etc/rc.d/init.d/MailScanner failed: No such file or directory warning: /etc/cron.daily/update_spamassassin saved as /etc/cron.daily/update_spamassassin.rpmsave /var/tmp/rpm-tmp.SVoALC: line 16: syntax error near unexpected token `fi' /var/tmp/rpm-tmp.SVoALC: line 16: `fi' warning: %postun(mailscanner-4.85.2-3.noarch) scriptlet failed, exit status 2 ---------------------------------------------------------- Installation Complete From andy at z00b.com Wed Aug 24 13:35:04 2016 From: andy at z00b.com (Andy Southgate) Date: Wed, 24 Aug 2016 14:35:04 +0100 Subject: Denial of Service attack Messages Constantly In-Reply-To: References: <000601d1fc7f$a64c00e0$f2e402a0$@com> <424eb8ee-a2ae-35ad-4e86-c55f1bad4be8@mjnservices.com> Message-ID: <00b101d1fe0c$59bb8820$0d329860$@com> can confirm, added that, restarted MailScanner service and still get errors -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] On Behalf Of Azir G?leroglu Sent: 23 August 2016 12:07 To: MailScanner Discussion Subject: RE: Denial of Service attack Messages Constantly I added this block to limits.conf but still our customers get same errors. Azir Guleroglu -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+azir.guleroglu=turknet.net.tr at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Monday, August 22, 2016 7:51 PM To: MailScanner Discussion Subject: Re: Denial of Service attack Messages Constantly When I see this happen it is usually related to /etc/security/limits.conf The old MailScanner code tried to silently increase the limits. This feature has been removed. Add this to /etc/security/limits.conf to try and resolve the issue: * hard nofile 65535 * soft nofile 65535 root hard nofile 65535 root soft nofile 65535 - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From: Steven Jardine Reply: MailScanner Discussion Date: August 22, 2016 at 10:29:54 AM To: MailScanner Discussion Subject: Re: Denial of Service attack Messages Constantly > I can confirm this behavior....the error code that I was getting was > 13 which is a permission denied error. Unfortunately, it was happening > too often on legitimate mail that I had to turn off the feature. > > I would really like to determine the cause.... > > On 08/22/2016 08:15 AM, Andy Southgate wrote: > > > > It still happens for me, AFAIK all that was worked out was that for > > some reason there is an intermittant permission problem that > > occasionally causes the spawned child process to fail to run causing > > that error on the message, but there was never any insight as to why > > that should be. > > > > *From:*MailScanner > > [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] > > *On Behalf Of *Aaron Pursell > > *Sent:* 22 August 2016 15:01 > > *To:* mailscanner at lists.mailscanner.info > > *Subject:* Re: Denial of Service attack Messages Constantly > > > > I read pretty much every message and tried everything, most of those > > messages are years old and it appears it was fixed and now in the > > new version is the first time I'm experiencing them in many, many > > years, the fixes worked originally back in a way older versiona. > > Nothing really changed except the fact there's this new version, too > > bad it only happens to legitimate messages and not spam.... So who knows. > > I'll continue to look, the log really never says anything specific. > > I > > > > --- > > > > > > > > Regards, > > > > Aaron > > > > > > Message: 1 > > Date: Fri, 19 Aug 2016 08:26:31 -0600 > > From: Steven Jardine > > > > > To: MailScanner Discussion > > > > > Subject: Re: Denial of Service attack Messages Constantly > > Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com > > > > > Content-Type: text/plain; charset=windows-1252; format=flowed > > > > I still haven't found a good solution to this even after trying all > > of the suggestions posted on the previous threads. If turn off > > "Dangerous Content Scanning" the error goes away but you lose that functionality. > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > Good luck! > > Steve > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > The problem is, my users and I keep getting messages like this: > > > > " > > > > MailScanner was attacked by a Denial Of Service attack, and has > > therefore deleted this part of the message. Please contact your > > e-mail providers for more information if you need it, giving them > > the whole of this report. Attack in: > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > The path doesn't exist when you look and the message never gets > > delivered. What can I turn off or adjust to make sure this doesn't > > happen? > > > > > > What's in the Mail log associated with this? > > > > There's a long thread on this with Subject: Denial Of Service Attack > > Messages in the archives of this list at > > > > and > > > > which may be helpful. > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > acceptance of an offer to enter into a contract. Further, this email > > may not be used to modify, supplement, novate, or waive any rights > > with respect to an existing contract or other binding commercial > > terms. MJN Services, Inc. conducts business under our service terms > > and conditions found at www.mjnservices.com unless otherwise agreed > > to in writing by an officer of MJN Services, Inc. > > > > > > > > ------------------------------ > > > > Message: 2 > > Date: Fri, 19 Aug 2016 09:30:29 -0500 > > From: Jerry Benton > > > > > To: MailScanner Discussion > > > > > Subject: Re: Denial of Service attack Messages Constantly > > Message-ID: > > > > > > > Content-Type: text/plain; charset=UTF-8 > > > > Steve, > > > > Can you zip the raw source of a message (the file) that triggers > > this and email it directly to me? > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From:?Steven Jardine > > > > > Reply:?MailScanner Discussion > > > > > Date:?August 19, 2016 at 10:27:05 AM To:?MailScanner Discussion > > > > > Subject:? Re: Denial of Service attack Messages Constantly > > > > I still haven't found a good solution to this even after trying all > > of the suggestions posted on the previous threads. If turn off > > "Dangerous Content Scanning" the error goes away but you lose that functionality. > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > Good luck! > > Steve > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > The problem is, my users and I keep getting messages like this: > > > > " > > > > MailScanner was attacked by a Denial Of Service attack, and has > > therefore deleted this part of the message. Please contact your > > e-mail providers for more information if you need it, giving them > > the whole of this report. Attack in: > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > The path doesn't exist when you look and the message never gets > > delivered. What can I turn off or adjust to make sure this doesn't > > happen? > > > > > > What's in the Mail log associated with this? > > > > There's a long thread on this with Subject: Denial Of Service Attack > > Messages in the archives of this list at > > > > and > > > > which may be helpful. > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > acceptance of an offer to enter into a contract. Further, this email > > may not be used to modify, supplement, novate, or waive any rights > > with respect to an existing contract or other binding commercial > > terms. MJN Services, Inc. conducts business under our service terms > > and conditions found at www.mjnservices.com unless otherwise agreed > > to in writing by an officer of MJN Services, Inc. > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > ------------------------------ > > > > Subject: Digest Footer > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > ------------------------------ > > > > End of MailScanner Digest, Vol 128, Issue 16 > > ******************************************** > > > > > > -- > > This message has been scanned for viruses and dangerous content by > > *MailScanner* , and is believed to be clean. > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > acceptance of an offer to enter into a contract. Further, this email > may not be used to modify, supplement, novate, or waive any rights > with respect to an existing contract or other binding commercial > terms. MJN Services, Inc. conducts business under our service terms > and conditions found at www.mjnservices.com unless otherwise agreed to in writing by an officer of MJN Services, Inc. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner ________________________________ Bu elektronik posta ve onunla iletilen b?t?n dosyalar sadece g?ndericisi taraf?ndan almas? ama?lanan yetkili ger?ek ya da t?zel ki?inin kullan?m? i?indir. E?er s?z konusu yetkili al?c? de?ilseniz bu elektronik postan?n i?eri?ini a??klaman?z, kopyalaman?z, y?nlendirmeniz ve kullanman?z kesinlikle yasakt?r ve bu elektronik postay? derhal silmeniz gerekmektedir. TurkNet bu mesaj?n i?erdi?i bilgilerin do?rulu?u veya eksiksiz oldu?u konusunda herhangi bir garanti vermemektedir. Bu nedenle bu bilgilerin ne ?ekilde olursa olsun i?eri?inden, iletilmesinden, al?nmas?ndan ve saklanmas?ndan sorumlu de?ildir. Bu mesajdaki g?r??ler yaln?zca g?nderen ki?iye aittir ve TurkNet'in g?r??lerini yans?tmayabilir. Bu e-posta bilinen b?t?n bilgisayar vir?slerine kar?? taranm??t?r. ________________________________________ This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient you are hereby notified that any dissemination, forwarding, copying or use of any of the information is strictly prohibited, and the e-mail should immediately be deleted. TurkNet makes no warranty as to the accuracy or completeness of any information contained in this message and hereby excludes any liability of any kind for the information contained therein or for the information transmission, reception, storage or use of such in any way whatsoever. The opinions expressed in this message belong to sender alone and may not necessarily reflect the opinions of TurkNet. This e-mail has been scanned for all known computer viruses. -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner From jerry.benton at mailborder.com Wed Aug 24 14:01:20 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 24 Aug 2016 10:01:20 -0400 Subject: Denial of Service attack Messages Constantly In-Reply-To: <00b101d1fe0c$59bb8820$0d329860$@com> References: <000601d1fc7f$a64c00e0$f2e402a0$@com> <424eb8ee-a2ae-35ad-4e86-c55f1bad4be8@mjnservices.com> <00b101d1fe0c$59bb8820$0d329860$@com> Message-ID: Ok, as far as permissions go ? I addressed this issue in v5. The installer creates a group called mtagroup. You MTA, virus scanners, etc should be added to this group automatically. However, you should confirm those accounts are members of that group. IF you add extra virus scanners, add those system users to the mtagroup. Next, the ?Run As User? is dependent on what MTA and virus scanners you are using, but this is not as important as the next item. What is very important is that the ?Run As Group? should be mtagroup and the permissions should be 0660 in your config. By default this is what ships with v5. If you changed it or used your old config, well ? that is on you. By using mtagroup and 0660 nothing will have any permissions issues. If you need a reference to the defaults, it is here: https://github.com/MailScanner/v5/blob/master/common/etc/MailScanner/MailScanner.conf - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Andy Southgate Reply:?MailScanner Discussion Date:?August 24, 2016 at 9:36:01 AM To:?MailScanner Discussion Subject:? RE: Denial of Service attack Messages Constantly > can confirm, added that, restarted MailScanner service and still get errors > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] > On Behalf Of Azir G?leroglu > Sent: 23 August 2016 12:07 > To: MailScanner Discussion > Subject: RE: Denial of Service attack Messages Constantly > > I added this block to limits.conf but still our customers get same errors. > > Azir Guleroglu > > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+azir.guleroglu=turknet.net.tr at lists.mailscanner.info] > On Behalf Of Jerry Benton > Sent: Monday, August 22, 2016 7:51 PM > To: MailScanner Discussion > Subject: Re: Denial of Service attack Messages Constantly > > When I see this happen it is usually related to /etc/security/limits.conf > > The old MailScanner code tried to silently increase the limits. This feature has been > removed. Add this to /etc/security/limits.conf to try and resolve the issue: > > > * hard nofile 65535 > * soft nofile 65535 > root hard nofile 65535 > root soft nofile 65535 > > > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Steven Jardine > Reply: MailScanner Discussion > Date: August 22, 2016 at 10:29:54 AM > To: MailScanner Discussion > Subject: Re: Denial of Service attack Messages Constantly > > > I can confirm this behavior....the error code that I was getting was > > 13 which is a permission denied error. Unfortunately, it was happening > > too often on legitimate mail that I had to turn off the feature. > > > > I would really like to determine the cause.... > > > > On 08/22/2016 08:15 AM, Andy Southgate wrote: > > > > > > It still happens for me, AFAIK all that was worked out was that for > > > some reason there is an intermittant permission problem that > > > occasionally causes the spawned child process to fail to run causing > > > that error on the message, but there was never any insight as to why > > > that should be. > > > > > > *From:*MailScanner > > > [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] > > > *On Behalf Of *Aaron Pursell > > > *Sent:* 22 August 2016 15:01 > > > *To:* mailscanner at lists.mailscanner.info > > > *Subject:* Re: Denial of Service attack Messages Constantly > > > > > > I read pretty much every message and tried everything, most of those > > > messages are years old and it appears it was fixed and now in the > > > new version is the first time I'm experiencing them in many, many > > > years, the fixes worked originally back in a way older versiona. > > > Nothing really changed except the fact there's this new version, too > > > bad it only happens to legitimate messages and not spam.... So who knows. > > > I'll continue to look, the log really never says anything specific. > > > I > > > > > > --- > > > > > > > > > > > > Regards, > > > > > > Aaron > > > > > > > > > Message: 1 > > > Date: Fri, 19 Aug 2016 08:26:31 -0600 > > > From: Steven Jardine > > > > > > To: MailScanner Discussion > > > > > > Subject: Re: Denial of Service attack Messages Constantly > > > Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com > > > > > > > Content-Type: text/plain; charset=windows-1252; format=flowed > > > > > > I still haven't found a good solution to this even after trying all > > > of the suggestions posted on the previous threads. If turn off > > > "Dangerous Content Scanning" the error goes away but you lose that functionality. > > > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > > > Good luck! > > > Steve > > > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > > > > The problem is, my users and I keep getting messages like this: > > > > > > " > > > > > > MailScanner was attacked by a Denial Of Service attack, and has > > > therefore deleted this part of the message. Please contact your > > > e-mail providers for more information if you need it, giving them > > > the whole of this report. Attack in: > > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > > > > The path doesn't exist when you look and the message never gets > > > delivered. What can I turn off or adjust to make sure this doesn't > > > happen? > > > > > > > > > What's in the Mail log associated with this? > > > > > > There's a long thread on this with Subject: Denial Of Service Attack > > > Messages in the archives of this list at > > > > > > and > > > > > > which may be helpful. > > > > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > > acceptance of an offer to enter into a contract. Further, this email > > > may not be used to modify, supplement, novate, or waive any rights > > > with respect to an existing contract or other binding commercial > > > terms. MJN Services, Inc. conducts business under our service terms > > > and conditions found at www.mjnservices.com unless otherwise agreed > > > to in writing by an officer of MJN Services, Inc. > > > > > > > > > > > > ------------------------------ > > > > > > Message: 2 > > > Date: Fri, 19 Aug 2016 09:30:29 -0500 > > > From: Jerry Benton > > > > > > To: MailScanner Discussion > > > > > > Subject: Re: Denial of Service attack Messages Constantly > > > Message-ID: > > > > > > > > > Content-Type: text/plain; charset=UTF-8 > > > > > > Steve, > > > > > > Can you zip the raw source of a message (the file) that triggers > > > this and email it directly to me? > > > > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > +1 - 844-436-6245 > > > > > > > > > -----Original Message----- > > > From:?Steven Jardine > > > > > > Reply:?MailScanner Discussion > > > > > > Date:?August 19, 2016 at 10:27:05 AM To:?MailScanner Discussion > > > > > > Subject:? Re: Denial of Service attack Messages Constantly > > > > > > I still haven't found a good solution to this even after trying all > > > of the suggestions posted on the previous threads. If turn off > > > "Dangerous Content Scanning" the error goes away but you lose that functionality. > > > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > > > Good luck! > > > Steve > > > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > > > > The problem is, my users and I keep getting messages like this: > > > > > > " > > > > > > MailScanner was attacked by a Denial Of Service attack, and has > > > therefore deleted this part of the message. Please contact your > > > e-mail providers for more information if you need it, giving them > > > the whole of this report. Attack in: > > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > > > > The path doesn't exist when you look and the message never gets > > > delivered. What can I turn off or adjust to make sure this doesn't > > > happen? > > > > > > > > > What's in the Mail log associated with this? > > > > > > There's a long thread on this with Subject: Denial Of Service Attack > > > Messages in the archives of this list at > > > > > > and > > > > > > which may be helpful. > > > > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > > acceptance of an offer to enter into a contract. Further, this email > > > may not be used to modify, supplement, novate, or waive any rights > > > with respect to an existing contract or other binding commercial > > > terms. MJN Services, Inc. conducts business under our service terms > > > and conditions found at www.mjnservices.com unless otherwise agreed > > > to in writing by an officer of MJN Services, Inc. > > > > > > > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > > > > > ------------------------------ > > > > > > Subject: Digest Footer > > > > > > > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > > ------------------------------ > > > > > > End of MailScanner Digest, Vol 128, Issue 16 > > > ******************************************** > > > > > > > > > -- > > > This message has been scanned for viruses and dangerous content by > > > *MailScanner* , and is believed to be clean. > > > > > > > > > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > acceptance of an offer to enter into a contract. Further, this email > > may not be used to modify, supplement, novate, or waive any rights > > with respect to an existing contract or other binding commercial > > terms. MJN Services, Inc. conducts business under our service terms > > and conditions found at www.mjnservices.com unless otherwise agreed to in writing > by an officer of MJN Services, Inc. > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > ________________________________ > > Bu elektronik posta ve onunla iletilen b?t?n dosyalar sadece g?ndericisi taraf?ndan > almas? ama?lanan yetkili ger?ek ya da t?zel ki?inin kullan?m? i?indir. E?er s?z konusu > yetkili al?c? de?ilseniz bu elektronik postan?n i?eri?ini a??klaman?z, kopyalaman?z, > y?nlendirmeniz ve kullanman?z kesinlikle yasakt?r ve bu elektronik postay? derhal > silmeniz gerekmektedir. TurkNet bu mesaj?n i?erdi?i bilgilerin do?rulu?u veya eksiksiz > oldu?u konusunda herhangi bir garanti vermemektedir. Bu nedenle bu bilgilerin ne ?ekilde > olursa olsun i?eri?inden, iletilmesinden, al?nmas?ndan ve saklanmas?ndan sorumlu > de?ildir. Bu mesajdaki g?r??ler yaln?zca g?nderen ki?iye aittir ve TurkNet'in g?r??lerini > yans?tmayabilir. Bu e-posta bilinen b?t?n bilgisayar vir?slerine kar?? taranm??t?r. > ________________________________________ > This e-mail and any files transmitted with it are confidential and intended solely for > the use of the individual or entity to whom they are addressed. If you are not the intended > recipient you are hereby notified that any dissemination, forwarding, copying or use > of any of the information is strictly prohibited, and the e-mail should immediately > be deleted. TurkNet makes no warranty as to the accuracy or completeness of any information > contained in this message and hereby excludes any liability of any kind for the information > contained therein or for the information transmission, reception, storage or use of > such in any way whatsoever. The opinions expressed in this message belong to sender alone > and may not necessarily reflect the opinions of TurkNet. This e-mail has been scanned > for all known computer viruses. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From jerry.benton at mailborder.com Wed Aug 24 14:13:08 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 24 Aug 2016 10:13:08 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: Message-ID: Wolfgang, Save your custom configs by copying them somewhere. Totally remove MailScanner and reinstall it. Copy your configs back. Note that: - spam.assassin.prefs.conf is now called spamassassin.conf - the directory structure is different. this is why you are getting the errors. However, when I upgraded old versions of MailScanner I did not see this issue. - a built in permissions schema has been added to solve common permissions problems. One question, did you use the install.sh or did you just install the RPM? The install.sh fixes a lot of the upgrade issues. From the README file: # Install: # tar -xvzf MailScanner-5.x.x-x.distro.tar.gz # cd MailScanner-5.x.x-x # ./install.sh - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Wolfgang Baudler Reply:?MailScanner Discussion Date:?August 24, 2016 at 9:09:33 AM To:?MailScanner Discussion Subject:? MailScanner v5.0.3-7 upgrade install > I tested an upgrade install from Mailscanner-4.85.2-3 to the latest > MailScanner-5.0.3-7 on RHEL6.8: > > I got the errors/warnings below at the end of the install.sh script run. > Are these expected? The syntax error and rpm scriptlet failure at the end > certainly don't look normal. > > Note that /etc/MailScanner/MailScanner.conf.rpmsave was not created, > despite the install output claiming otherwise. > > Also, the /var/spool/mqueue.in directory was missing after the upgrade > install. I had to create it manually for Mailscanner to start. > > And then it was complaining about the missing file > mcp.spam.assassin.prefs.conf. I did manually rename mcp.spamassassin.conf > to mcp.spam.assassin.prefs.conf to fix this. > > Wolfgang > > ------------------------------------------------- > > Installing the MailScanner RPM ... > Preparing... > ################################################## > MailScanner ###warning: /etc/MailScanner/MailScanner.conf > saved as /etc/MailScanner/MailScanner.conf.rpmsave > > > ######warning: /etc/MailScanner/spam.lists.conf saved as > /etc/MailScanner/spam.lists.conf.rpmsave > ######################################### > > > Important Note > -------------- > Your settings for the Sophos SAVI virus scanner are probably > broken. They should look like this (unless your Sophos is > installed somewhere else) > Sophos IDE Dir = /opt/sophos-av/lib/sav > Sophos Lib Dir = /opt/sophos-av/lib > Monitors for Sophos Updates = /opt/sophos-av/lib/sav/*.ide > > Added new: Web Bug Replacement = > https://s3.amazonaws.com/msv5/images/spacer.gif > Added new: Lockfile Dir = /var/spool/MailScanner/incoming/Locks > > Added new: include /etc/MailScanner/conf.d/* > > Summary > ------- > Read 361 settings from old /etc/MailScanner/MailScanner.conf.original > Used 359 settings from old /etc/MailScanner/MailScanner.conf.original > Used 4 default settings from new /etc/MailScanner/MailScanner.conf.dist > > > > To configure MailScanner, edit the following files: > > /etc/MailScanner/defaults > /etc/MailScanner/MailScanner.conf > > > To activate MailScanner run the following commands: > > chkconfig mailscanner on > service mailscanner start > > > error reading information on service MailScanner: No such file or directory > error reading information on service MailScanner: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/ZMailer.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/ZMDiskStore.pm failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/WorkArea.pm > failed: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Unzip.pm > failed: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/TNEF.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/SystemDefs.pm failed: No such file or > directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/SweepViruses.pm failed: No such file or > directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/SweepOther.pm failed: No such file or > directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/SweepContent.pm failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Sendmail.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/SMDiskStore.pm failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/SA.pm > failed: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/RBLs.pm > failed: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Queue.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/Quarantine.pm failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Qmail.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/QMDiskStore.pm failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Postfix.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/PFDiskStore.pm failed: No such file or > directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/MessageBatch.pm failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Message.pm > failed: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Mail.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/MCPMessage.pm failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/MCP.pm > failed: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Log.pm > failed: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Lock.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/GenericSpam.pm failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/FileInto.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/EximDiskStore.pm failed: No such file > or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Exim.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/CustomFunctions/ZMRouterDirHash.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/CustomFunctions/Ruleset-from-Function.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/CustomFunctions/MyExample.pm failed: No > such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/CustomFunctions/GenericSpamScanner.pm > failed: No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/CustomFunctions/CustomAction.pm failed: > No such file or directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/CustomConfig.pm failed: No such file or > directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/ConfigSQL.pm failed: No such file or > directory > warning: erase unlink of > /usr/share/MailScanner/MailScanner/ConfigDefs.pl failed: No such file or > directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Config.pm > failed: No such file or directory > warning: erase unlink of /usr/share/MailScanner/MailScanner/Antiword.pm > failed: No such file or directory > warning: erase unlink of /etc/rc.d/init.d/MailScanner failed: No such > file or directory > warning: /etc/cron.daily/update_spamassassin saved as > /etc/cron.daily/update_spamassassin.rpmsave > /var/tmp/rpm-tmp.SVoALC: line 16: syntax error near unexpected token `fi' > /var/tmp/rpm-tmp.SVoALC: line 16: `fi' > warning: %postun(mailscanner-4.85.2-3.noarch) scriptlet failed, exit status 2 > > ---------------------------------------------------------- > Installation Complete > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From andy at z00b.com Wed Aug 24 14:14:28 2016 From: andy at z00b.com (Andy Southgate) Date: Wed, 24 Aug 2016 15:14:28 +0100 Subject: Denial of Service attack Messages Constantly In-Reply-To: References: <000601d1fc7f$a64c00e0$f2e402a0$@com> <424eb8ee-a2ae-35ad-4e86-c55f1bad4be8@mjnservices.com> <00b101d1fe0c$59bb8820$0d329860$@com> Message-ID: <00c701d1fe11$db0ff410$912fdc30$@com> Would getting that wrong cause *intermittant* permissions errors though? The fact that 99% of the time everything works leads me to assume that the basic permission is correct, is that assumption wrong? Part of the problem I'm having is my mail server is very low throughput, I can go weeks without any error coming up and then get 10 errors in a row, it makes it extremely difficult to iterate changes. -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: 24 August 2016 15:01 To: MailScanner Discussion Subject: RE: Denial of Service attack Messages Constantly Ok, as far as permissions go ? I addressed this issue in v5. The installer creates a group called mtagroup. You MTA, virus scanners, etc should be added to this group automatically. However, you should confirm those accounts are members of that group. IF you add extra virus scanners, add those system users to the mtagroup. Next, the ?Run As User? is dependent on what MTA and virus scanners you are using, but this is not as important as the next item. What is very important is that the ?Run As Group? should be mtagroup and the permissions should be 0660 in your config. By default this is what ships with v5. If you changed it or used your old config, well ? that is on you. By using mtagroup and 0660 nothing will have any permissions issues. If you need a reference to the defaults, it is here: https://github.com/MailScanner/v5/blob/master/common/etc/MailScanner/MailScanner.conf - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From: Andy Southgate Reply: MailScanner Discussion Date: August 24, 2016 at 9:36:01 AM To: MailScanner Discussion Subject: RE: Denial of Service attack Messages Constantly > can confirm, added that, restarted MailScanner service and still get > errors > > -----Original Message----- > From: MailScanner > [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] > On Behalf Of Azir G?leroglu > Sent: 23 August 2016 12:07 > To: MailScanner Discussion > Subject: RE: Denial of Service attack Messages Constantly > > I added this block to limits.conf but still our customers get same errors. > > Azir Guleroglu > > > -----Original Message----- > From: MailScanner > [mailto:mailscanner-bounces+azir.guleroglu=turknet.net.tr at lists.mailsc > anner.info] > On Behalf Of Jerry Benton > Sent: Monday, August 22, 2016 7:51 PM > To: MailScanner Discussion > Subject: Re: Denial of Service attack Messages Constantly > > When I see this happen it is usually related to > /etc/security/limits.conf > > The old MailScanner code tried to silently increase the limits. This > feature has been removed. Add this to /etc/security/limits.conf to try and resolve the issue: > > > * hard nofile 65535 > * soft nofile 65535 > root hard nofile 65535 > root soft nofile 65535 > > > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Steven Jardine > Reply: MailScanner Discussion > Date: August 22, 2016 at 10:29:54 AM > To: MailScanner Discussion > Subject: Re: Denial of Service attack Messages Constantly > > > I can confirm this behavior....the error code that I was getting was > > 13 which is a permission denied error. Unfortunately, it was > > happening too often on legitimate mail that I had to turn off the feature. > > > > I would really like to determine the cause.... > > > > On 08/22/2016 08:15 AM, Andy Southgate wrote: > > > > > > It still happens for me, AFAIK all that was worked out was that > > > for some reason there is an intermittant permission problem that > > > occasionally causes the spawned child process to fail to run > > > causing that error on the message, but there was never any insight > > > as to why that should be. > > > > > > *From:*MailScanner > > > [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] > > > *On Behalf Of *Aaron Pursell > > > *Sent:* 22 August 2016 15:01 > > > *To:* mailscanner at lists.mailscanner.info > > > *Subject:* Re: Denial of Service attack Messages Constantly > > > > > > I read pretty much every message and tried everything, most of > > > those messages are years old and it appears it was fixed and now > > > in the new version is the first time I'm experiencing them in > > > many, many years, the fixes worked originally back in a way older versiona. > > > Nothing really changed except the fact there's this new version, > > > too bad it only happens to legitimate messages and not spam.... So who knows. > > > I'll continue to look, the log really never says anything specific. > > > I > > > > > > --- > > > > > > > > > > > > Regards, > > > > > > Aaron > > > > > > > > > Message: 1 > > > Date: Fri, 19 Aug 2016 08:26:31 -0600 > > > From: Steven Jardine > > > > > > To: MailScanner Discussion > > > > > > Subject: Re: Denial of Service attack Messages Constantly > > > Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com > > > > > > > Content-Type: text/plain; charset=windows-1252; format=flowed > > > > > > I still haven't found a good solution to this even after trying > > > all of the suggestions posted on the previous threads. If turn off > > > "Dangerous Content Scanning" the error goes away but you lose that functionality. > > > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > > > Good luck! > > > Steve > > > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > > > > The problem is, my users and I keep getting messages like this: > > > > > > " > > > > > > MailScanner was attacked by a Denial Of Service attack, and has > > > therefore deleted this part of the message. Please contact your > > > e-mail providers for more information if you need it, giving them > > > the whole of this report. Attack in: > > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > > > > The path doesn't exist when you look and the message never gets > > > delivered. What can I turn off or adjust to make sure this doesn't > > > happen? > > > > > > > > > What's in the Mail log associated with this? > > > > > > There's a long thread on this with Subject: Denial Of Service > > > Attack Messages in the archives of this list at > > > > > > and > > > > > > which may be helpful. > > > > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer > > > or acceptance of an offer to enter into a contract. Further, this > > > email may not be used to modify, supplement, novate, or waive any > > > rights with respect to an existing contract or other binding > > > commercial terms. MJN Services, Inc. conducts business under our > > > service terms and conditions found at www.mjnservices.com unless > > > otherwise agreed to in writing by an officer of MJN Services, Inc. > > > > > > > > > > > > ------------------------------ > > > > > > Message: 2 > > > Date: Fri, 19 Aug 2016 09:30:29 -0500 > > > From: Jerry Benton > > > > > > To: MailScanner Discussion > > > > > > Subject: Re: Denial of Service attack Messages Constantly > > > Message-ID: > > > > > > > > > Content-Type: text/plain; charset=UTF-8 > > > > > > Steve, > > > > > > Can you zip the raw source of a message (the file) that triggers > > > this and email it directly to me? > > > > > > > > > - > > > Jerry Benton > > > www.mailborder.com > > > +1 - 844-436-6245 > > > > > > > > > -----Original Message----- > > > From:?Steven Jardine > > > > > > Reply:?MailScanner Discussion > > > Date:?August 19, 2016 at > > > 10:27:05 AM To:?MailScanner Discussion > > > > > > Subject:? Re: Denial of Service attack Messages Constantly > > > > > > I still haven't found a good solution to this even after trying > > > all of the suggestions posted on the previous threads. If turn off > > > "Dangerous Content Scanning" the error goes away but you lose that functionality. > > > > > > I have had to disable it until a solution can be found. Its not ideal. > > > > > > Good luck! > > > Steve > > > > > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: > > > > > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: > > > > > > > > > The problem is, my users and I keep getting messages like this: > > > > > > " > > > > > > MailScanner was attacked by a Denial Of Service attack, and has > > > therefore deleted this part of the message. Please contact your > > > e-mail providers for more information if you need it, giving them > > > the whole of this report. Attack in: > > > /var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" > > > > > > > > > The path doesn't exist when you look and the message never gets > > > delivered. What can I turn off or adjust to make sure this doesn't > > > happen? > > > > > > > > > What's in the Mail log associated with this? > > > > > > There's a long thread on this with Subject: Denial Of Service > > > Attack Messages in the archives of this list at > > > > > > and > > > > > > which may be helpful. > > > > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer > > > or acceptance of an offer to enter into a contract. Further, this > > > email may not be used to modify, supplement, novate, or waive any > > > rights with respect to an existing contract or other binding > > > commercial terms. MJN Services, Inc. conducts business under our > > > service terms and conditions found at www.mjnservices.com unless > > > otherwise agreed to in writing by an officer of MJN Services, Inc. > > > > > > > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > > > > > ------------------------------ > > > > > > Subject: Digest Footer > > > > > > > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > > ------------------------------ > > > > > > End of MailScanner Digest, Vol 128, Issue 16 > > > ******************************************** > > > > > > > > > -- > > > This message has been scanned for viruses and dangerous content by > > > *MailScanner* , and is believed to be clean. > > > > > > > > > > > > > > > > > > > > IMPORTANT: This email does not constitute a contract or an offer or > > acceptance of an offer to enter into a contract. Further, this email > > may not be used to modify, supplement, novate, or waive any rights > > with respect to an existing contract or other binding commercial > > terms. MJN Services, Inc. conducts business under our service terms > > and conditions found at www.mjnservices.com unless otherwise agreed > > to in writing > by an officer of MJN Services, Inc. > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > ________________________________ > > Bu elektronik posta ve onunla iletilen b?t?n dosyalar sadece > g?ndericisi taraf?ndan almas? ama?lanan yetkili ger?ek ya da t?zel > ki?inin kullan?m? i?indir. E?er s?z konusu yetkili al?c? de?ilseniz bu > elektronik postan?n i?eri?ini a??klaman?z, kopyalaman?z, > y?nlendirmeniz ve kullanman?z kesinlikle yasakt?r ve bu elektronik > postay? derhal silmeniz gerekmektedir. TurkNet bu mesaj?n i?erdi?i > bilgilerin do?rulu?u veya eksiksiz oldu?u konusunda herhangi bir > garanti vermemektedir. Bu nedenle bu bilgilerin ne ?ekilde olursa > olsun i?eri?inden, iletilmesinden, al?nmas?ndan ve saklanmas?ndan sorumlu de?ildir. Bu mesajdaki g?r??ler yaln?zca g?nderen ki?iye aittir ve TurkNet'in g?r??lerini yans?tmayabilir. Bu e-posta bilinen b?t?n bilgisayar vir?slerine kar?? taranm??t?r. > ________________________________________ > This e-mail and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you are not the intended recipient you are hereby > notified that any dissemination, forwarding, copying or use of any of > the information is strictly prohibited, and the e-mail should > immediately be deleted. TurkNet makes no warranty as to the accuracy > or completeness of any information contained in this message and > hereby excludes any liability of any kind for the information > contained therein or for the information transmission, reception, > storage or use of such in any way whatsoever. The opinions expressed in this message belong to sender alone and may not necessarily reflect the opinions of TurkNet. This e-mail has been scanned for all known computer viruses. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner From wbaudler at gb.nrao.edu Wed Aug 24 14:19:05 2016 From: wbaudler at gb.nrao.edu (Wolfgang Baudler) Date: Wed, 24 Aug 2016 10:19:05 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: Message-ID: > Wolfgang, > > Save your custom configs by copying them somewhere. Totally remove > MailScanner and reinstall it. Copy your configs back. > > Note that: > > - spam.assassin.prefs.conf is now called spamassassin.conf > - the directory structure is different. this is why you are getting > the errors. However, when I upgraded old versions of MailScanner I did > not see this issue. > - a built in permissions schema has been added to solve common > permissions problems. > > > One question, did you use the install.sh or did you just install the > RPM? The install.sh fixes a lot of the upgrade issues. From the README > file: > > # Install: > # tar -xvzf MailScanner-5.x.x-x.distro.tar.gz > # cd MailScanner-5.x.x-x > # ./install.sh > > I have run the ./install.sh. Wolfgang From jerry.benton at mailborder.com Wed Aug 24 14:22:42 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 24 Aug 2016 10:22:42 -0400 Subject: Denial of Service attack Messages Constantly In-Reply-To: <00c701d1fe11$db0ff410$912fdc30$@com> References: <000601d1fc7f$a64c00e0$f2e402a0$@com> <424eb8ee-a2ae-35ad-4e86-c55f1bad4be8@mjnservices.com> <00b101d1fe0c$59bb8820$0d329860$@com> <00c701d1fe11$db0ff410$912fdc30$@com> Message-ID: Yes, it can. Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 24, 2016, 10:15, at 10:15, Andy Southgate wrote: >Would getting that wrong cause *intermittant* permissions errors >though? > >The fact that 99% of the time everything works leads me to assume that >the basic permission is correct, is that assumption wrong? > >Part of the problem I'm having is my mail server is very low >throughput, I can go weeks without any error coming up and then get 10 >errors in a row, it makes it extremely difficult to iterate changes. > >-----Original Message----- >From: MailScanner >[mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] On >Behalf Of Jerry Benton >Sent: 24 August 2016 15:01 >To: MailScanner Discussion >Subject: RE: Denial of Service attack Messages Constantly > >Ok, as far as permissions go ? I addressed this issue in v5. The >installer creates a group called mtagroup. You MTA, virus scanners, etc >should be added to this group automatically. However, you should >confirm those accounts are members of that group. IF you add extra >virus scanners, add those system users to the mtagroup. > >Next, the ?Run As User? is dependent on what MTA and virus scanners you >are using, but this is not as important as the next item. > > >What is very important is that the ?Run As Group? should be mtagroup >and the permissions should be 0660 in your config. By default this is >what ships with v5. If you changed it or used your old config, well ? >that is on you. By using mtagroup and 0660 nothing will have any >permissions issues. > >If you need a reference to the defaults, it is here: > > >https://github.com/MailScanner/v5/blob/master/common/etc/MailScanner/MailScanner.conf > > > > >- >Jerry Benton >www.mailborder.com >+1 - 844-436-6245 > > >-----Original Message----- >From: Andy Southgate >Reply: MailScanner Discussion >Date: August 24, 2016 at 9:36:01 AM >To: MailScanner Discussion >Subject: RE: Denial of Service attack Messages Constantly > >> can confirm, added that, restarted MailScanner service and still get >> errors >> >> -----Original Message----- >> From: MailScanner >> [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] >> On Behalf Of Azir G?leroglu >> Sent: 23 August 2016 12:07 >> To: MailScanner Discussion >> Subject: RE: Denial of Service attack Messages Constantly >> >> I added this block to limits.conf but still our customers get same >errors. >> >> Azir Guleroglu >> >> >> -----Original Message----- >> From: MailScanner >> >[mailto:mailscanner-bounces+azir.guleroglu=turknet.net.tr at lists.mailsc >> anner.info] >> On Behalf Of Jerry Benton >> Sent: Monday, August 22, 2016 7:51 PM >> To: MailScanner Discussion >> Subject: Re: Denial of Service attack Messages Constantly >> >> When I see this happen it is usually related to >> /etc/security/limits.conf >> >> The old MailScanner code tried to silently increase the limits. This >> feature has been removed. Add this to /etc/security/limits.conf to >try and resolve the issue: >> >> >> * hard nofile 65535 >> * soft nofile 65535 >> root hard nofile 65535 >> root soft nofile 65535 >> >> >> >> >> - >> Jerry Benton >> www.mailborder.com >> +1 - 844-436-6245 >> >> >> -----Original Message----- >> From: Steven Jardine >> Reply: MailScanner Discussion >> Date: August 22, 2016 at 10:29:54 AM >> To: MailScanner Discussion >> Subject: Re: Denial of Service attack Messages Constantly >> >> > I can confirm this behavior....the error code that I was getting >was >> > 13 which is a permission denied error. Unfortunately, it was >> > happening too often on legitimate mail that I had to turn off the >feature. >> > >> > I would really like to determine the cause.... >> > >> > On 08/22/2016 08:15 AM, Andy Southgate wrote: >> > > >> > > It still happens for me, AFAIK all that was worked out was that >> > > for some reason there is an intermittant permission problem that >> > > occasionally causes the spawned child process to fail to run >> > > causing that error on the message, but there was never any >insight >> > > as to why that should be. >> > > >> > > *From:*MailScanner >> > > [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] >> > > *On Behalf Of *Aaron Pursell >> > > *Sent:* 22 August 2016 15:01 >> > > *To:* mailscanner at lists.mailscanner.info >> > > *Subject:* Re: Denial of Service attack Messages Constantly >> > > >> > > I read pretty much every message and tried everything, most of >> > > those messages are years old and it appears it was fixed and now >> > > in the new version is the first time I'm experiencing them in >> > > many, many years, the fixes worked originally back in a way older >versiona. >> > > Nothing really changed except the fact there's this new version, >> > > too bad it only happens to legitimate messages and not spam.... >So who knows. >> > > I'll continue to look, the log really never says anything >specific. >> > > I >> > > >> > > --- >> > > >> > > >> > > >> > > Regards, >> > > >> > > Aaron >> > > >> > > >> > > Message: 1 >> > > Date: Fri, 19 Aug 2016 08:26:31 -0600 >> > > From: Steven Jardine > > > >> > > To: MailScanner Discussion > > > >> > > Subject: Re: Denial of Service attack Messages Constantly >> > > Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com >> > > > >> > > Content-Type: text/plain; charset=windows-1252; format=flowed >> > > >> > > I still haven't found a good solution to this even after trying >> > > all of the suggestions posted on the previous threads. If turn >off >> > > "Dangerous Content Scanning" the error goes away but you lose >that functionality. >> > > >> > > I have had to disable it until a solution can be found. Its not >ideal. >> > > >> > > Good luck! >> > > Steve >> > > >> > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: >> > > >> > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: >> > > >> > > >> > > The problem is, my users and I keep getting messages like this: >> > > >> > > " >> > > >> > > MailScanner was attacked by a Denial Of Service attack, and has >> > > therefore deleted this part of the message. Please contact your >> > > e-mail providers for more information if you need it, giving them > >> > > the whole of this report. Attack in: >> > > >/var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" >> > > >> > > >> > > The path doesn't exist when you look and the message never gets >> > > delivered. What can I turn off or adjust to make sure this >doesn't >> > > happen? >> > > >> > > >> > > What's in the Mail log associated with this? >> > > >> > > There's a long thread on this with Subject: Denial Of Service >> > > Attack Messages in the archives of this list at >> > > >> > > and >> > > >> > > which may be helpful. >> > > >> > > >> > > >> > > >> > > IMPORTANT: This email does not constitute a contract or an offer >> > > or acceptance of an offer to enter into a contract. Further, this > >> > > email may not be used to modify, supplement, novate, or waive any > >> > > rights with respect to an existing contract or other binding >> > > commercial terms. MJN Services, Inc. conducts business under our >> > > service terms and conditions found at www.mjnservices.com unless >> > > otherwise agreed to in writing by an officer of MJN Services, >Inc. >> > > >> > > >> > > >> > > ------------------------------ >> > > >> > > Message: 2 >> > > Date: Fri, 19 Aug 2016 09:30:29 -0500 >> > > From: Jerry Benton > > > >> > > To: MailScanner Discussion > > > >> > > Subject: Re: Denial of Service attack Messages Constantly >> > > Message-ID: >> > > > > > >> > > Content-Type: text/plain; charset=UTF-8 >> > > >> > > Steve, >> > > >> > > Can you zip the raw source of a message (the file) that triggers >> > > this and email it directly to me? >> > > >> > > >> > > - >> > > Jerry Benton >> > > www.mailborder.com >> > > +1 - 844-436-6245 >> > > >> > > >> > > -----Original Message----- >> > > From:?Steven Jardine > > > >> > > Reply:?MailScanner Discussion > > > Date:?August 19, 2016 at >> > > 10:27:05 AM To:?MailScanner Discussion > > >> > > > Subject:? Re: Denial of Service attack Messages Constantly >> > > >> > > I still haven't found a good solution to this even after trying >> > > all of the suggestions posted on the previous threads. If turn >off >> > > "Dangerous Content Scanning" the error goes away but you lose >that functionality. >> > > >> > > I have had to disable it until a solution can be found. Its not >ideal. >> > > >> > > Good luck! >> > > Steve >> > > >> > > On 08/18/2016 04:43 PM, Mark Sapiro wrote: >> > > >> > > On 08/18/2016 08:49 AM, Aaron Pursell wrote: >> > > >> > > >> > > The problem is, my users and I keep getting messages like this: >> > > >> > > " >> > > >> > > MailScanner was attacked by a Denial Of Service attack, and has >> > > therefore deleted this part of the message. Please contact your >> > > e-mail providers for more information if you need it, giving them > >> > > the whole of this report. Attack in: >> > > >/var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html" >> > > >> > > >> > > The path doesn't exist when you look and the message never gets >> > > delivered. What can I turn off or adjust to make sure this >doesn't >> > > happen? >> > > >> > > >> > > What's in the Mail log associated with this? >> > > >> > > There's a long thread on this with Subject: Denial Of Service >> > > Attack Messages in the archives of this list at >> > > >> > > and >> > > >> > > which may be helpful. >> > > >> > > >> > > >> > > >> > > IMPORTANT: This email does not constitute a contract or an offer >> > > or acceptance of an offer to enter into a contract. Further, this > >> > > email may not be used to modify, supplement, novate, or waive any > >> > > rights with respect to an existing contract or other binding >> > > commercial terms. MJN Services, Inc. conducts business under our >> > > service terms and conditions found at www.mjnservices.com unless >> > > otherwise agreed to in writing by an officer of MJN Services, >Inc. >> > > >> > > >> > > >> > > -- >> > > MailScanner mailing list >> > > mailscanner at lists.mailscanner.info >> > > >> > > http://lists.mailscanner.info/listinfo/mailscanner >> > > >> > > >> > > >> > > ------------------------------ >> > > >> > > Subject: Digest Footer >> > > >> > > >> > > >> > > -- >> > > MailScanner mailing list >> > > mailscanner at lists.mailscanner.info >> > > >> > > http://lists.mailscanner.info/listinfo/mailscanner >> > > >> > > >> > > ------------------------------ >> > > >> > > End of MailScanner Digest, Vol 128, Issue 16 >> > > ******************************************** >> > > >> > > >> > > -- >> > > This message has been scanned for viruses and dangerous content >by >> > > *MailScanner* , and is believed to be clean. >> > > >> > > >> > > >> > > >> > >> > >> > >> > IMPORTANT: This email does not constitute a contract or an offer or > >> > acceptance of an offer to enter into a contract. Further, this >email >> > may not be used to modify, supplement, novate, or waive any rights >> > with respect to an existing contract or other binding commercial >> > terms. MJN Services, Inc. conducts business under our service terms > >> > and conditions found at www.mjnservices.com unless otherwise agreed > >> > to in writing >> by an officer of MJN Services, Inc. >> > >> > >> > >> > -- >> > MailScanner mailing list >> > mailscanner at lists.mailscanner.info >> > http://lists.mailscanner.info/listinfo/mailscanner >> > >> > >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> ________________________________ >> >> Bu elektronik posta ve onunla iletilen b?t?n dosyalar sadece >> g?ndericisi taraf?ndan almas? ama?lanan yetkili ger?ek ya da t?zel >> ki?inin kullan?m? i?indir. E?er s?z konusu yetkili al?c? de?ilseniz >bu >> elektronik postan?n i?eri?ini a??klaman?z, kopyalaman?z, >> y?nlendirmeniz ve kullanman?z kesinlikle yasakt?r ve bu elektronik >> postay? derhal silmeniz gerekmektedir. TurkNet bu mesaj?n i?erdi?i >> bilgilerin do?rulu?u veya eksiksiz oldu?u konusunda herhangi bir >> garanti vermemektedir. Bu nedenle bu bilgilerin ne ?ekilde olursa >> olsun i?eri?inden, iletilmesinden, al?nmas?ndan ve saklanmas?ndan >sorumlu de?ildir. Bu mesajdaki g?r??ler yaln?zca g?nderen ki?iye aittir >ve TurkNet'in g?r??lerini yans?tmayabilir. Bu e-posta bilinen b?t?n >bilgisayar vir?slerine kar?? taranm??t?r. >> ________________________________________ >> This e-mail and any files transmitted with it are confidential and >> intended solely for the use of the individual or entity to whom they >> are addressed. If you are not the intended recipient you are hereby >> notified that any dissemination, forwarding, copying or use of any of > >> the information is strictly prohibited, and the e-mail should >> immediately be deleted. TurkNet makes no warranty as to the accuracy >> or completeness of any information contained in this message and >> hereby excludes any liability of any kind for the information >> contained therein or for the information transmission, reception, >> storage or use of such in any way whatsoever. The opinions expressed >in this message belong to sender alone and may not necessarily reflect >the opinions of TurkNet. This e-mail has been scanned for all known >computer viruses. >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner > > > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From iversons at rushville.k12.in.us Wed Aug 24 14:23:02 2016 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Wed, 24 Aug 2016 10:23:02 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: Message-ID: Confirmed seeing same here vrom v4x --> v5.0.3-7, although errors/warnings appear to be benign. MailScanner on my run has most everything in the right places, although it seems that somethings are now being dropped into the old /usr/lib/MailScanner directory. I could've swore in earlier v5 they were all in /usr/share/MailScanner... On Wed, Aug 24, 2016 at 10:19 AM, Wolfgang Baudler wrote: > > Wolfgang, > > > > Save your custom configs by copying them somewhere. Totally remove > > MailScanner and reinstall it. Copy your configs back. > > > > Note that: > > > > - spam.assassin.prefs.conf is now called spamassassin.conf > > - the directory structure is different. this is why you are getting > > the errors. However, when I upgraded old versions of MailScanner I did > > not see this issue. > > - a built in permissions schema has been added to solve common > > permissions problems. > > > > > > One question, did you use the install.sh or did you just install the > > RPM? The install.sh fixes a lot of the upgrade issues. From the README > > file: > > > > # Install: > > # tar -xvzf MailScanner-5.x.x-x.distro.tar.gz > > # cd MailScanner-5.x.x-x > > # ./install.sh > > > > > > I have run the ./install.sh. > > Wolfgang > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- Shawn Iverson Director of Technology Rush County Schools 765-932-3901 x271 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Wed Aug 24 14:38:19 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 24 Aug 2016 10:38:19 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: Message-ID: <61bbc194-aae4-4c08-bc7f-34dcba662fb6@typeapp.com> They were moved to /usr/lib in the v4 to v5 change to make MS conform to Linux FHS Jerry Benton +1 844-436-6245 Sent from BlueMail On Aug 24, 2016, 10:23, at 10:23, Shawn Iverson wrote: >Confirmed seeing same here vrom v4x --> v5.0.3-7, although >errors/warnings >appear to be benign. MailScanner on my run has most everything in the >right places, although it seems that somethings are now being dropped >into >the old /usr/lib/MailScanner directory. I could've swore in earlier v5 >they were all in /usr/share/MailScanner... > >On Wed, Aug 24, 2016 at 10:19 AM, Wolfgang Baudler > >wrote: > >> > Wolfgang, >> > >> > Save your custom configs by copying them somewhere. Totally remove >> > MailScanner and reinstall it. Copy your configs back. >> > >> > Note that: >> > >> > - spam.assassin.prefs.conf is now called spamassassin.conf >> > - the directory structure is different. this is why you are getting >> > the errors. However, when I upgraded old versions of MailScanner I >did >> > not see this issue. >> > - a built in permissions schema has been added to solve common >> > permissions problems. >> > >> > >> > One question, did you use the install.sh or did you just install >the >> > RPM? The install.sh fixes a lot of the upgrade issues. From the >README >> > file: >> > >> > # Install: >> > # tar -xvzf MailScanner-5.x.x-x.distro.tar.gz >> > # cd MailScanner-5.x.x-x >> > # ./install.sh >> > >> > >> >> I have run the ./install.sh. >> >> Wolfgang >> >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/listinfo/mailscanner >> >> > > >-- >Shawn Iverson >Director of Technology >Rush County Schools >765-932-3901 x271 >iversons at rushville.k12.in.us > > >------------------------------------------------------------------------ > > > >-- >MailScanner mailing list >mailscanner at lists.mailscanner.info >http://lists.mailscanner.info/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From wbaudler at gb.nrao.edu Wed Aug 24 14:55:29 2016 From: wbaudler at gb.nrao.edu (Wolfgang Baudler) Date: Wed, 24 Aug 2016 10:55:29 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: Message-ID: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> > Confirmed seeing same here vrom v4x --> v5.0.3-7, although errors/warnings > appear to be benign. MailScanner on my run has most everything in the > right places, although it seems that somethings are now being dropped into > the old /usr/lib/MailScanner directory. I could've swore in earlier v5 > they were all in /usr/share/MailScanner... > I also noticed that the /etc/init.d/mailscanner startups script no longer start the sendmail queues needed to run MailScanner. The old v4 /etc/init.d/MailScanner startup script had quite an amount of logic in it to deal with these stopping and starting these MTA processes. How is this supposed to work with v5? Are there separate startup scripts for the various MTAs? I could not find any. Wolfgang From jerry.benton at mailborder.com Wed Aug 24 15:25:21 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 24 Aug 2016 11:25:21 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> References: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> Message-ID: Yes, the code to start and stop MTA?s have been removed in v5. MailScanner changes do not equate to MTA changes so it makes no sense to start/stop/restart the MTA. They are different services. It makes about as much sense as it would for MailScanner to restart your virus scanner services. Each MTA comes with it own service management scripts. i.e.. service sendmail restart service postfix restart service exim restart - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Wolfgang Baudler Reply:?MailScanner Discussion Date:?August 24, 2016 at 10:56:15 AM To:?MailScanner Discussion Subject:? Re: MailScanner v5.0.3-7 upgrade install > > Confirmed seeing same here vrom v4x --> v5.0.3-7, although errors/warnings > > appear to be benign. MailScanner on my run has most everything in the > > right places, although it seems that somethings are now being dropped into > > the old /usr/lib/MailScanner directory. I could've swore in earlier v5 > > they were all in /usr/share/MailScanner... > > > > I also noticed that the /etc/init.d/mailscanner startups script no longer > start the sendmail queues needed to run MailScanner. > > The old v4 /etc/init.d/MailScanner startup script had quite an amount of > logic in it to deal with these stopping and starting these MTA processes. > > How is this supposed to work with v5? Are there separate startup scripts > for the various MTAs? I could not find any. > > Wolfgang > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From phil.randal at hoopleltd.co.uk Wed Aug 24 15:27:34 2016 From: phil.randal at hoopleltd.co.uk (Randal, Phil) Date: Wed, 24 Aug 2016 15:27:34 +0000 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> Message-ID: <7CA580B59C1ABD45B4614ED90D4C7B858F77EB55@HC-EXMBX04.herefordshire.gov.uk> Except MailScanner had two sendmail instances, one receiving emails from outside world, the outher processing MailScanner's output, if I recall correctly. Phil -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+phil.randal=hoopleltd.co.uk at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: 24 August 2016 16:25 To: MailScanner Discussion Subject: Re: MailScanner v5.0.3-7 upgrade install Yes, the code to start and stop MTA?s have been removed in v5. MailScanner changes do not equate to MTA changes so it makes no sense to start/stop/restart the MTA. They are different services. It makes about as much sense as it would for MailScanner to restart your virus scanner services. Each MTA comes with it own service management scripts. i.e.. service sendmail restart service postfix restart service exim restart - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From: Wolfgang Baudler Reply: MailScanner Discussion Date: August 24, 2016 at 10:56:15 AM To: MailScanner Discussion Subject: Re: MailScanner v5.0.3-7 upgrade install > > Confirmed seeing same here vrom v4x --> v5.0.3-7, although > > errors/warnings appear to be benign. MailScanner on my run has most > > everything in the right places, although it seems that somethings > > are now being dropped into the old /usr/lib/MailScanner directory. I > > could've swore in earlier v5 they were all in /usr/share/MailScanner... > > > > I also noticed that the /etc/init.d/mailscanner startups script no > longer start the sendmail queues needed to run MailScanner. > > The old v4 /etc/init.d/MailScanner startup script had quite an amount > of logic in it to deal with these stopping and starting these MTA processes. > > How is this supposed to work with v5? Are there separate startup > scripts for the various MTAs? I could not find any. > > Wolfgang > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner Hoople Ltd, Registered in England and Wales No. 7556595 Registered office: Plough Lane, Hereford, HR4 0LE "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it." From wbaudler at gb.nrao.edu Wed Aug 24 15:34:41 2016 From: wbaudler at gb.nrao.edu (Wolfgang Baudler) Date: Wed, 24 Aug 2016 11:34:41 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> Message-ID: <1b8528453f18d751689c31f691f458b8.squirrel@webmail.gb.nrao.edu> > Yes, the code to start and stop MTA?s have been removed in v5. > MailScanner changes do not equate to MTA changes so it makes no sense > to start/stop/restart the MTA. They are different services. It makes > about as much sense as it would for MailScanner to restart your virus > scanner services. > > Each MTA comes with it own service management scripts. i.e.. > > service sendmail restart It makes sense to separate them, but MailScanner with sendmail requires separate sendmail processes for the incoming and outgoing queues. The standard OS service scripts know nothing about this (at least on RHEL), so a customized startup script is needed for MailScanner. > service postfix restart > service exim restart > Can't speak to the situation with these MTAs Wolfgang From jerry.benton at mailborder.com Wed Aug 24 16:22:29 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 24 Aug 2016 12:22:29 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: <1b8528453f18d751689c31f691f458b8.squirrel@webmail.gb.nrao.edu> References: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> <1b8528453f18d751689c31f691f458b8.squirrel@webmail.gb.nrao.edu> Message-ID: Does this not setup the sendmail process correctly? https://www.mailscanner.info/sendmail/ - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Wolfgang Baudler Reply:?MailScanner Discussion Date:?August 24, 2016 at 11:34:56 AM To:?MailScanner Discussion Subject:? Re: MailScanner v5.0.3-7 upgrade install > > Yes, the code to start and stop MTA?s have been removed in v5. > > MailScanner changes do not equate to MTA changes so it makes no sense > > to start/stop/restart the MTA. They are different services. It makes > > about as much sense as it would for MailScanner to restart your virus > > scanner services. > > > > Each MTA comes with it own service management scripts. i.e.. > > > > service sendmail restart > > It makes sense to separate them, but MailScanner with sendmail requires > separate sendmail processes for the incoming and outgoing queues. The > standard OS service scripts know nothing about this (at least on RHEL), so > a customized startup script is needed for MailScanner. > > > service postfix restart > > service exim restart > > > > Can't speak to the situation with these MTAs > > Wolfgang > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From wbaudler at gb.nrao.edu Wed Aug 24 17:15:40 2016 From: wbaudler at gb.nrao.edu (Wolfgang Baudler) Date: Wed, 24 Aug 2016 13:15:40 -0400 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> <1b8528453f18d751689c31f691f458b8.squirrel@webmail.gb.nrao.edu> Message-ID: <0851f84ea3e1a030073e4b0d0f8453bd.squirrel@webmail.gb.nrao.edu> > Does this not setup the sendmail process correctly? > > https://www.mailscanner.info/sendmail/ > > This starts the daemons manually, but it takes a bit more then those 2 lines to have a robust startup/shutdown script. I removed the MailScanner parts from the v4 startup script and now have a separate mailscanner-sendmail startup script (attached). Maybe this can be included with the MailScanner package. Wolfgang -------------- next part -------------- A non-text attachment was scrubbed... Name: mailscanner-sendmail Type: application/octet-stream Size: 4738 bytes Desc: not available URL: From jason.desai at saabusa.com Thu Aug 25 02:15:48 2016 From: jason.desai at saabusa.com (Desai, Jason) Date: Thu, 25 Aug 2016 02:15:48 +0000 Subject: Exim 4.87 emails not being delivered right away Message-ID: I tried sending this earlier, but I do not see that it made it to the list - resending again .... I ran into an issue where emails would go through the mail scanner, but they would not be delivered with exim right away. It would not be until the queue runner process would get to the emails in the out queue that they would finally get delivered. Running MailScanner in debug mode would show "exim: can't get the current working directory". Looking at the source code for Exim I saw that it tries to get its current working directory, and fails if there is an error. (This code was added in version 4.87.) That made me think that perhaps MailScanner changed to a temporary folder, started Exim to deliver the messages (with sendmail2), and then removed that temporary folder before Exim had a chance to initialize or deliver the emails. I changed MailScanner to not try to deliver in the background, and the issue went away. So then I put that back, and updated the Exim.pm code to change to a specific folder before attempting the Exim delivery, and that seemed to fix the issue. I don't know if MailScanner depends on the working directory not getting changed anywhere - if it does, hopefully someone will let me know. I am running MailScanner 4.85.2-3. I did not see any similar change since that version. Here is the change I made: =============================================== --- Exim.pm.old 2015-02-28 12:18:33.000000000 -0500 +++ Exim.pm 2016-08-17 16:39:58.000000000 -0400 @@ -1119,6 +1119,7 @@ my $idlist = join(' ', @ThisBatch); $idlist .= ' &' if MailScanner::Config::Value('deliverinbackground'); #print STDERR "About to do \"Sendmail2 -Mc $idlist\"\n"; + chdir MailScanner::Config::Value("incomingworkdir"); system(MailScanner::Config::Value('sendmail2') . ' -Mc ' . $idlist); #JJH # JJH's version =============================================== If it is useful, can you please include it in the source? Thanks. Jason This message is intended only for the addressee and may contain information that is company confidential or privileged. Any technical data in this message may be exported only in accordance with the U.S. International Traffic in Arms Regulations (22 CFR Parts 120-130) or the Export Administration Regulations (15 CFR Parts 730-774). Unauthorized use is strictly prohibited and may be unlawful. If you are not the intended recipient, or the person responsible for delivering to the intended recipient, you should not read, copy, disclose or otherwise use this message. If you have received this email in error, please delete it, and advise the sender immediately. -------------- next part -------------- An HTML attachment was scrubbed... URL: From J.Ede at birchenallhowden.co.uk Thu Aug 25 07:43:20 2016 From: J.Ede at birchenallhowden.co.uk (Jason Ede) Date: Thu, 25 Aug 2016 07:43:20 +0000 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: <0851f84ea3e1a030073e4b0d0f8453bd.squirrel@webmail.gb.nrao.edu> References: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> <1b8528453f18d751689c31f691f458b8.squirrel@webmail.gb.nrao.edu> <0851f84ea3e1a030073e4b0d0f8453bd.squirrel@webmail.gb.nrao.edu> Message-ID: I'm struggling with this upgrade too on an up to date CentOS 6 system. After the upgrade from 4.85.2 it doesn't seem to work. I've attached upgrade logs. I've renamed all the reports to remove the .rpmsave and that's tidied things up a bit. However, all of my original config files have been removed. There was no MailScanner.conf.rpmsave or equivalent left after the upgrade and all of my original reports have been deleted. The new init file doesn't exist anywhere on my system and the path mentioned doesn't even exist. ls -la /etc/init.d/mailscanner lrwxrwxrwx 1 root root 33 Aug 24 15:58 /etc/init.d/mailscanner -> /usr/lib/MailScanner/init/ms-init At this point I'm going to have to just revert the system to the snapshot prior to the upgrade. I'll happily test a fixed upgrade but for the moment it appears completely broken for me. The original MailScanner was installed using the install.sh so I know it was all good and files were in proper locations. Jason -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+j.ede=birchenallhowden.co.uk at lists.mailscanner.info] On Behalf Of Wolfgang Baudler Sent: 24 August 2016 18:16 To: MailScanner Discussion Subject: Re: MailScanner v5.0.3-7 upgrade install > Does this not setup the sendmail process correctly? > > https://www.mailscanner.info/sendmail/ > > This starts the daemons manually, but it takes a bit more then those 2 lines to have a robust startup/shutdown script. I removed the MailScanner parts from the v4 startup script and now have a separate mailscanner-sendmail startup script (attached). Maybe this can be included with the MailScanner package. Wolfgang -------------- next part -------------- A non-text attachment was scrubbed... Name: mailscanner-install.log Type: application/octet-stream Size: 95924 bytes Desc: mailscanner-install.log URL: -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: msdebug.txt URL: From jerry.benton at mailborder.com Thu Aug 25 08:12:48 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 25 Aug 2016 01:12:48 -0700 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> <1b8528453f18d751689c31f691f458b8.squirrel@webmail.gb.nrao.edu> <0851f84ea3e1a030073e4b0d0f8453bd.squirrel@webmail.gb.nrao.edu> Message-ID: - It seems the uninstall script in 4.85.2 is what is broken. warning: %postun(mailscanner-4.85.2-1.noarch) scriptlet failed, exit status 2 - There should be saved files in the /root directory from your upgrade. Here is the logic that creates it from the spec file: # back up their stuff SAVEDIR="$HOME/ms_upgrade/saved.$$?; Your /etc/MailScanner/conf.d files are not touched. - If you roll back a snapshot, I suggest making a copy of your configs, totally remove 4.85.2 first, and then install v5. Note that you should be using /etc/MailScanner/conf.d for your config changes instead of editing /etc/MailScanner/MailScanner.conf directly. - If you want to manually fix this: confirm a copy of your configs is in the /root directory copy your /etc/MailScanner/conf.d files somewhere rpm -e mailscanner rm -rf /etc/MailScanner rm -rf /usr/lib/MailScanner rm -rf /usr/share/MailScanner rm -rf /var/lib/MailScanner Leave the /var/spool/MailScanner in place. It is ok if you get does not exist errors from the above rm commands. Now run the v5 installer. copy your configs to /etc/MailScanner/conf.d - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Jason Ede Reply:?MailScanner Discussion Date:?August 25, 2016 at 3:43:30 AM To:?MailScanner Discussion Subject:? RE: MailScanner v5.0.3-7 upgrade install > I'm struggling with this upgrade too on an up to date CentOS 6 system. > > After the upgrade from 4.85.2 it doesn't seem to work. I've attached upgrade logs. I've > renamed all the reports to remove the .rpmsave and that's tidied things up a bit. > > However, all of my original config files have been removed. There was no MailScanner.conf.rpmsave > or equivalent left after the upgrade and all of my original reports have been deleted. > The new init file doesn't exist anywhere on my system and the path mentioned doesn't even > exist. > > ls -la /etc/init.d/mailscanner > lrwxrwxrwx 1 root root 33 Aug 24 15:58 /etc/init.d/mailscanner -> /usr/lib/MailScanner/init/ms-init > > At this point I'm going to have to just revert the system to the snapshot prior to the upgrade. > I'll happily test a fixed upgrade but for the moment it appears completely broken for > me. > > The original MailScanner was installed using the install.sh so I know it was all good > and files were in proper locations. > > Jason > > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+j.ede=birchenallhowden.co.uk at lists.mailscanner.info] > On Behalf Of Wolfgang Baudler > Sent: 24 August 2016 18:16 > To: MailScanner Discussion > Subject: Re: MailScanner v5.0.3-7 upgrade install > > > Does this not setup the sendmail process correctly? > > > > https://www.mailscanner.info/sendmail/ > > > > > > This starts the daemons manually, but it takes a bit more then those 2 lines to have a robust > startup/shutdown script. > > I removed the MailScanner parts from the v4 startup script and now have a separate mailscanner-sendmail > startup script (attached). Maybe this can be included with the MailScanner package. > > Wolfgang > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From jerry.benton at mailborder.com Thu Aug 25 08:15:12 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 25 Aug 2016 01:15:12 -0700 Subject: Exim 4.87 emails not being delivered right away In-Reply-To: References: Message-ID: Jason, Thank you for the submission. Can anyone else running Exim confirm this solution? - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Desai, Jason Reply:?MailScanner Discussion Date:?August 24, 2016 at 10:16:04 PM To:?MailScanner Discussion Subject:? RE: Exim 4.87 emails not being delivered right away > I tried sending this earlier, but I do not see that it made it to the list - resending again > .... > > I ran into an issue where emails would go through the mail scanner, but they would not be > delivered with exim right away. It would not be until the queue runner process would get > to the emails in the out queue that they would finally get delivered. Running MailScanner > in debug mode would show "exim: can't get the current working directory". Looking at > the source code for Exim I saw that it tries to get its current working directory, and fails > if there is an error. (This code was added in version 4.87.) That made me think that perhaps > MailScanner changed to a temporary folder, started Exim to deliver the messages (with > sendmail2), and then removed that temporary folder before Exim had a chance to initialize > or deliver the emails. > > I changed MailScanner to not try to deliver in the background, and the issue went away. > So then I put that back, and updated the Exim.pm code to change to a specific folder before > attempting the Exim delivery, and that seemed to fix the issue. I don't know if MailScanner > depends on the working directory not getting changed anywhere - if it does, hopefully > someone will let me know. I am running MailScanner 4.85.2-3. I did not see any similar > change since that version. Here is the change I made: > > =============================================== > --- Exim.pm.old 2015-02-28 12:18:33.000000000 -0500 > +++ Exim.pm 2016-08-17 16:39:58.000000000 -0400 > @@ -1119,6 +1119,7 @@ > my $idlist = join(' ', @ThisBatch); > $idlist .= ' &' if MailScanner::Config::Value('deliverinbackground'); > #print STDERR "About to do \"Sendmail2 -Mc $idlist\"\n"; > + chdir MailScanner::Config::Value("incomingworkdir"); > system(MailScanner::Config::Value('sendmail2') . ' -Mc ' . $idlist); > > #JJH # JJH's version > =============================================== > > If it is useful, can you please include it in the source? Thanks. > > Jason > > > > > This message is intended only for the addressee and may contain information that is company > confidential or privileged. Any technical data in this message may be exported only > in accordance with the U.S. International Traffic in Arms Regulations (22 CFR Parts > 120-130) or the Export Administration Regulations (15 CFR Parts 730-774). Unauthorized > use is strictly prohibited and may be unlawful. If you are not the intended recipient, > or the person responsible for delivering to the intended recipient, you should not read, > copy, disclose or otherwise use this message. If you have received this email in error, > please delete it, and advise the sender immediately. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From jerry.benton at mailborder.com Thu Aug 25 08:16:09 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Thu, 25 Aug 2016 01:16:09 -0700 Subject: Exim 4.87 emails not being delivered right away In-Reply-To: References: Message-ID: I forgot to ask, did you setup Exim with this guide? https://www.mailscanner.info/exim/ - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Desai, Jason Reply:?MailScanner Discussion Date:?August 24, 2016 at 10:16:04 PM To:?MailScanner Discussion Subject:? RE: Exim 4.87 emails not being delivered right away > I tried sending this earlier, but I do not see that it made it to the list - resending again > .... > > I ran into an issue where emails would go through the mail scanner, but they would not be > delivered with exim right away. It would not be until the queue runner process would get > to the emails in the out queue that they would finally get delivered. Running MailScanner > in debug mode would show "exim: can't get the current working directory". Looking at > the source code for Exim I saw that it tries to get its current working directory, and fails > if there is an error. (This code was added in version 4.87.) That made me think that perhaps > MailScanner changed to a temporary folder, started Exim to deliver the messages (with > sendmail2), and then removed that temporary folder before Exim had a chance to initialize > or deliver the emails. > > I changed MailScanner to not try to deliver in the background, and the issue went away. > So then I put that back, and updated the Exim.pm code to change to a specific folder before > attempting the Exim delivery, and that seemed to fix the issue. I don't know if MailScanner > depends on the working directory not getting changed anywhere - if it does, hopefully > someone will let me know. I am running MailScanner 4.85.2-3. I did not see any similar > change since that version. Here is the change I made: > > =============================================== > --- Exim.pm.old 2015-02-28 12:18:33.000000000 -0500 > +++ Exim.pm 2016-08-17 16:39:58.000000000 -0400 > @@ -1119,6 +1119,7 @@ > my $idlist = join(' ', @ThisBatch); > $idlist .= ' &' if MailScanner::Config::Value('deliverinbackground'); > #print STDERR "About to do \"Sendmail2 -Mc $idlist\"\n"; > + chdir MailScanner::Config::Value("incomingworkdir"); > system(MailScanner::Config::Value('sendmail2') . ' -Mc ' . $idlist); > > #JJH # JJH's version > =============================================== > > If it is useful, can you please include it in the source? Thanks. > > Jason > > > > > This message is intended only for the addressee and may contain information that is company > confidential or privileged. Any technical data in this message may be exported only > in accordance with the U.S. International Traffic in Arms Regulations (22 CFR Parts > 120-130) or the Export Administration Regulations (15 CFR Parts 730-774). Unauthorized > use is strictly prohibited and may be unlawful. If you are not the intended recipient, > or the person responsible for delivering to the intended recipient, you should not read, > copy, disclose or otherwise use this message. If you have received this email in error, > please delete it, and advise the sender immediately. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From J.Ede at birchenallhowden.co.uk Thu Aug 25 09:20:49 2016 From: J.Ede at birchenallhowden.co.uk (Jason Ede) Date: Thu, 25 Aug 2016 09:20:49 +0000 Subject: MailScanner v5.0.3-7 upgrade install In-Reply-To: References: <39cd17e88b85ac6d18ef32faff509154.squirrel@webmail.gb.nrao.edu> <1b8528453f18d751689c31f691f458b8.squirrel@webmail.gb.nrao.edu> <0851f84ea3e1a030073e4b0d0f8453bd.squirrel@webmail.gb.nrao.edu> Message-ID: Hi, I'll try this, but I probably won't have time till next week. I'll get back with what I find. Jason -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+j.ede=birchenallhowden.co.uk at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: 25 August 2016 09:13 To: MailScanner Discussion Subject: RE: MailScanner v5.0.3-7 upgrade install - It seems the uninstall script in 4.85.2 is what is broken. warning: %postun(mailscanner-4.85.2-1.noarch) scriptlet failed, exit status 2 - There should be saved files in the /root directory from your upgrade. Here is the logic that creates it from the spec file: # back up their stuff SAVEDIR="$HOME/ms_upgrade/saved.$$?; Your /etc/MailScanner/conf.d files are not touched. - If you roll back a snapshot, I suggest making a copy of your configs, totally remove 4.85.2 first, and then install v5. Note that you should be using /etc/MailScanner/conf.d for your config changes instead of editing /etc/MailScanner/MailScanner.conf directly. - If you want to manually fix this: confirm a copy of your configs is in the /root directory copy your /etc/MailScanner/conf.d files somewhere rpm -e mailscanner rm -rf /etc/MailScanner rm -rf /usr/lib/MailScanner rm -rf /usr/share/MailScanner rm -rf /var/lib/MailScanner Leave the /var/spool/MailScanner in place. It is ok if you get does not exist errors from the above rm commands. Now run the v5 installer. copy your configs to /etc/MailScanner/conf.d - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Jason Ede Reply:?MailScanner Discussion Date:?August 25, 2016 at 3:43:30 AM To:?MailScanner Discussion Subject:? RE: MailScanner v5.0.3-7 upgrade install > I'm struggling with this upgrade too on an up to date CentOS 6 system. > > After the upgrade from 4.85.2 it doesn't seem to work. I've attached > upgrade logs. I've renamed all the reports to remove the .rpmsave and that's tidied things up a bit. > > However, all of my original config files have been removed. There was > no MailScanner.conf.rpmsave or equivalent left after the upgrade and all of my original reports have been deleted. > The new init file doesn't exist anywhere on my system and the path > mentioned doesn't even exist. > > ls -la /etc/init.d/mailscanner > lrwxrwxrwx 1 root root 33 Aug 24 15:58 /etc/init.d/mailscanner -> > /usr/lib/MailScanner/init/ms-init > > At this point I'm going to have to just revert the system to the snapshot prior to the upgrade. > I'll happily test a fixed upgrade but for the moment it appears > completely broken for me. > > The original MailScanner was installed using the install.sh so I know > it was all good and files were in proper locations. > > Jason > > > -----Original Message----- > From: MailScanner > [mailto:mailscanner-bounces+j.ede=birchenallhowden.co.uk at lists.mailsca > nner.info] > On Behalf Of Wolfgang Baudler > Sent: 24 August 2016 18:16 > To: MailScanner Discussion > Subject: Re: MailScanner v5.0.3-7 upgrade install > > > Does this not setup the sendmail process correctly? > > > > https://www.mailscanner.info/sendmail/ > > > > > > This starts the daemons manually, but it takes a bit more then those 2 > lines to have a robust startup/shutdown script. > > I removed the MailScanner parts from the v4 startup script and now > have a separate mailscanner-sendmail startup script (attached). Maybe this can be included with the MailScanner package. > > Wolfgang > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner From jason.desai at saabusa.com Thu Aug 25 13:11:33 2016 From: jason.desai at saabusa.com (Desai, Jason) Date: Thu, 25 Aug 2016 13:11:33 +0000 Subject: Exim 4.87 emails not being delivered right away In-Reply-To: References: Message-ID: <5acb2a2348454333a8cb9fdb88c5c511@ssa-iad-mail01.saabusa.com> I didn't follow that guide exactly, no. But it is setup very similarly to that guide. I've been running MailScanner with Exim since at least 2003. You can see from the site below that Exim has changed in version 4.87 to where it now tries to get the current working directory, and exits with a failure if it cannot get it. This is the error that I was seeing when running MailScanner in debug mode. And the issue showed up when I upgraded my Debian server to Jessie, which included upgrading Exim to 4.87. Search the web page below for "can't get the current working directory": https://fossies.org/diffs/exim/4.86.2_vs_4.87/src/exim.c-diff.html Jason -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+jase=saabusa.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: Thursday, August 25, 2016 4:16 AM To: MailScanner Discussion Subject: RE: Exim 4.87 emails not being delivered right away I forgot to ask, did you setup Exim with this guide? https://www.mailscanner.info/exim/ - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From: Desai, Jason Reply: MailScanner Discussion Date: August 24, 2016 at 10:16:04 PM To: MailScanner Discussion Subject: RE: Exim 4.87 emails not being delivered right away > I tried sending this earlier, but I do not see that it made it to the list - resending again > .... > > I ran into an issue where emails would go through the mail scanner, but they would not be > delivered with exim right away. It would not be until the queue runner process would get > to the emails in the out queue that they would finally get delivered. Running MailScanner > in debug mode would show "exim: can't get the current working directory". Looking at > the source code for Exim I saw that it tries to get its current working directory, and fails > if there is an error. (This code was added in version 4.87.) That made me think that perhaps > MailScanner changed to a temporary folder, started Exim to deliver the messages (with > sendmail2), and then removed that temporary folder before Exim had a chance to initialize > or deliver the emails. > > I changed MailScanner to not try to deliver in the background, and the issue went away. > So then I put that back, and updated the Exim.pm code to change to a specific folder before > attempting the Exim delivery, and that seemed to fix the issue. I don't know if MailScanner > depends on the working directory not getting changed anywhere - if it does, hopefully > someone will let me know. I am running MailScanner 4.85.2-3. I did not see any similar > change since that version. Here is the change I made: > > =============================================== > --- Exim.pm.old 2015-02-28 12:18:33.000000000 -0500 > +++ Exim.pm 2016-08-17 16:39:58.000000000 -0400 > @@ -1119,6 +1119,7 @@ > my $idlist = join(' ', @ThisBatch); > $idlist .= ' &' if MailScanner::Config::Value('deliverinbackground'); > #print STDERR "About to do \"Sendmail2 -Mc $idlist\"\n"; > + chdir MailScanner::Config::Value("incomingworkdir"); > system(MailScanner::Config::Value('sendmail2') . ' -Mc ' . $idlist); > > #JJH # JJH's version > =============================================== > > If it is useful, can you please include it in the source? Thanks. > > Jason > > > > > This message is intended only for the addressee and may contain information that is company > confidential or privileged. Any technical data in this message may be exported only > in accordance with the U.S. International Traffic in Arms Regulations (22 CFR Parts > 120-130) or the Export Administration Regulations (15 CFR Parts 730-774). Unauthorized > use is strictly prohibited and may be unlawful. If you are not the intended recipient, > or the person responsible for delivering to the intended recipient, you should not read, > copy, disclose or otherwise use this message. If you have received this email in error, > please delete it, and advise the sender immediately. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner This message is intended only for the addressee and may contain information that is company confidential or privileged. Any technical data in this message may be exported only in accordance with the U.S. International Traffic in Arms Regulations (22 CFR Parts 120-130) or the Export Administration Regulations (15 CFR Parts 730-774). Unauthorized use is strictly prohibited and may be unlawful. If you are not the intended recipient, or the person responsible for delivering to the intended recipient, you should not read, copy, disclose or otherwise use this message. If you have received this email in error, please delete it, and advise the sender immediately. From pparsons at techeez.com Fri Aug 26 17:25:21 2016 From: pparsons at techeez.com (Philip Parsons) Date: Fri, 26 Aug 2016 17:25:21 +0000 Subject: Messages killing Mailscanner Message-ID: <11D8E491D9562549A61FD3186F3634200284FD4FD1@exchange.techeez.com> All of a sudden Mailscanner is dropping messages saying they are killing mailscanner I am running 4.85.2. I think it might be starting with a bad message but then it does it to all messages even ones I send that just has test as the txt.. Anyone seen this or has a pointer on what to look for, ? Thank you. Philip Parsons -------------- next part -------------- An HTML attachment was scrubbed... URL: From Denis.Beauchemin at usherbrooke.ca Fri Aug 26 18:53:31 2016 From: Denis.Beauchemin at usherbrooke.ca (Denis Beauchemin) Date: Fri, 26 Aug 2016 18:53:31 +0000 Subject: Script to reboot in case of too many MailScanner crashes Message-ID: Hello, Some time ago I wrote this script to reboot one server if there were more than 3 MailScanner crashes since the last reboot. I did this because I had MailScanner flag all emails as causing a crash. Rebooting the server solved the problem (but not restarting the service). I run this script in root?s crontab every 5 minutes: NB_ERRS=$(egrep "it has been attempted too many times|clamd daemon|clamd.*: Self checking every 600 seconds|aliases rebuilt by root|dccifd for ASCII protocol" /var/log/maillog|awk 'BEGIN{nb=0}/Warning: skipping message/{nb++;next}{nb=0;next}END{print nb}') #!/bin/bash if [[ "$NB_ERRS" -gt 3 ]]; then echo "Rebooting $(hostname -s): $NB_ERRS errors found since last reboot!" /sbin/reboot else echo "OK: $NB_ERRS errors found since last reboot" fi The script will reset its count of MS crashes if it finds the server rebooted after the crashes. It worked fine on my RHEL 6 servers. Denis -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Sat Aug 27 01:41:55 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sat, 27 Aug 2016 08:41:55 +0700 Subject: Denial of Service attack Messages Constantly Message-ID: <63a38402b44f0c64244f56d06229f612@my.mimosacloud.com>

Yes, it can.

Jerry Benton
+1 844-436-6245

Sent from BlueMail

On Aug 24, 2016, at 10:15, Andy Southgate <andy at z00b.com> wrote:
Would getting that wrong cause *intermittant* permissions
errors though?

The fact that 99% of the time everything works leads me to assume that the basic permission is correct, is that assumption wrong?

Part of the problem I'm having is my mail server is very low throughput, I can go weeks without any error coming up and then get 10 errors in a row, it makes it extremely difficult to iterate changes.

-----Original Message-----
From: MailScanner [mailto:mailscanner-bounces+andy=z00b.com@lists.mailscanner.info] On Behalf Of Jerry Benton
Sent: 24 August 2016 15:01
To: MailScanner Discussion
Subject: RE: Denial of Service attack Messages Constantly

Ok, as far as permissions go ??? I addressed this issue in v5. The installer creates a group called mtagroup. You MTA, virus scanners, etc should be added to this group automatically. However, you should confirm those accounts are members of that group. IF you add extra virus scanners, add those system users to the mtagroup.

Next, the ???Run As User??? is dependent on what MTA and virus scanners you are using, but this is not as important as the next item.


What is very important is that the ???Run As Group??? should be mtagroup and the permissions should be 0660 in your config. By default this is what ships with v5. If you changed it or used your old config, well ??? that is on you. By using mtagroup and 0660 nothing will have any permissions issues.

If you need a reference to the defaults, it is here:


https://github.com/MailScanner/v5/blob/master/common/etc/MailScanner/MailScanner.conf




-
Jerry Benton
www.mailborder.com
+1 - 844-436-6245


-----Original Message-----
From: Andy Southgate <andy at z00b.com>
Reply: MailScanner Discussion <mailscanner at lists.mailscanner.info>
Date: August 24, 2016 at 9:36:01 AM
To: MailScanner Discussion <mailscanner at lists.mailscanner.info>
Subject: RE: Denial of Service attack Messages Constantly

can confirm, added that, restarted MailScanner service and still get
errors

-----Original Message-----
From: MailScanner
[mailto:mailscanner-bounces+andy=z00b.com@lists.mailscanner.info]
On Behalf Of Azir G??leroglu
Sent: 23 August 2016 12:07
To: MailScanner Discussion
Subject: RE: Denial of Service attack Messages Constantly

I added this block to limits.conf but still our customers get same errors.

Azir Guleroglu


-----Original Message-----
From: MailScanner
[mailto:mailscanner-bounces+azir.guleroglu=turknet.net.tr@lists.mailsc
anner.info]
On Behalf Of Jerry Benton
Sent: Monday, August 22, 2016 7:51 PM
To: MailScanner Discussion
Subject: Re: Denial of Service attack Messages Constantly

When I see this happen it is usually related to
/etc/security/limits.conf

The old MailScanner code tried to silently increase the limits. This
feature has been removed. Add this to /etc/security/limits.conf to try and resolve the issue:


* hard nofile 65535
* soft nofile 65535
root hard nofile 65535
root soft nofile 65535




-
Jerry Benton
www.mailborder.com
+1 - 844-436-6245


-----Original Message-----
From: Steven Jardine
Reply: MailScanner Discussion
Date: August 22, 2016 at 10:29:54 AM
To: MailScanner Discussion
Subject: Re: Denial of Service attack Messages Constantly

I can confirm this behavior....the error code that I was getting was
13 which is a permission denied error. Unfortunately, it was
happening too often on legitimate mail that I had to turn off the feature.

I would really like to determine the cause....

On 08/22/2016 08:15 AM, Andy Southgate wrote:

It still happens for me, AFAIK all that was worked out was that
for some reason there is an intermittant permission problem that
occasionally causes the spawned child process to fail to run
causing that error on the message, but there was never any insight
as to why that should be.

*From:*MailScanner
[mailto:mailscanner-bounces+andy=z00b.com@lists.mailscanner.info]
*On Behalf Of *Aaron Pursell
*Sent:* 22 August 2016 15:01
*To:* mailscanner at lists.mailscanner.info
*Subject:* Re: Denial of Service attack Messages Constantly

I read pretty much every message and tried everything, most of
those messages are years old and it appears it was fixed and now
in the new version is the first time I'm experiencing them in
many, many years, the fixes worked originally back in a way older versiona.
Nothing really changed except the fact there's this new version,
too bad it only happens to legitimate messages and not spam.... So who knows.
I'll continue to look, the log really never says anything specific.
I

---



Regards,

Aaron


Message: 1
Date: Fri, 19 Aug 2016 08:26:31 -0600
From: Steven Jardine > > >
To: MailScanner Discussion > > >
Subject: Re: Denial of Service attack Messages Constantly
Message-ID: <9dbfad5c-651a-3a7f-e9c8-2c623adf51c1 at mjnservices.com

Content-Type: text/plain; charset=windows-1252; format=flowed

I still haven't found a good solution to this even after trying
all of the suggestions posted on the previous threads. If turn off
"Dangerous Content Scanning" the error goes away but you lose that functionality.

I have had to disable it until a solution can be found. Its not ideal.

Good luck!
Steve

On 08/18/2016 04:43 PM, Mark Sapiro wrote:

On 08/18/2016 08:49 AM, Aaron Pursell wrote:


The problem is, my users and I keep getting messages like this:

"

MailScanner was attacked by a Denial Of Service attack, and has
therefore deleted this part of the message. Please contact your
e-mail providers for more information if you need it, giving them
the whole of this report. Attack in:
/var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html"


The path doesn't exist when you look and the message never gets
delivered. What can I turn off or adjust to make sure this doesn't
happen?


What's in the Mail log associated with this?

There's a long thread on this with Subject: Denial Of Service
Attack Messages in the archives of this list at

and

which may be helpful.




IMPORTANT: This email does not constitute a contract or an offer
or acceptance of an offer to enter into a contract. Further, this
email may not be used to modify, supplement, novate, or waive any
rights with respect to an existing contract or other binding
commercial terms. MJN Services, Inc. conducts business under our
service terms and conditions found at www.mjnservices.com unless
otherwise agreed to in writing by an officer of MJN Services, Inc.






Message: 2
Date: Fri, 19 Aug 2016 09:30:29 -0500
From: Jerry Benton > > >
To: MailScanner Discussion > > >
Subject: Re: Denial of Service attack Messages Constantly
Message-ID:

Content-Type: text/plain; charset=UTF-8

Steve,

Can you zip the raw source of a message (the file) that triggers
this and email it directly to me?


-
Jerry Benton
www.mailborder.com
+1 - 844-436-6245


-----Original Message-----
From:?Steven Jardine > > >
Reply:?MailScanner Discussion > > > Date:?August 19, 2016 at
10:27:05 AM To:?MailScanner Discussion > >
Subject:? Re: Denial of Service attack Messages Constantly

I still haven't found a good solution to this even after trying
all of the suggestions posted on the previous threads. If turn off
"Dangerous Content Scanning" the error goes away but you lose that functionality.

I have had to disable it until a solution can be found. Its not ideal.

Good luck!
Steve

On 08/18/2016 04:43 PM, Mark Sapiro wrote:

On 08/18/2016 08:49 AM, Aaron Pursell wrote:


The problem is, my users and I keep getting messages like this:

"

MailScanner was attacked by a Denial Of Service attack, and has
therefore deleted this part of the message. Please contact your
e-mail providers for more information if you need it, giving them
the whole of this report. Attack in:
/var/spool/MailScanner/incoming/12835/78C9F481B0DA.ACDF4/nmsg-12835-2.html"


The path doesn't exist when you look and the message never gets
delivered. What can I turn off or adjust to make sure this doesn't
happen?


What's in the Mail log associated with this?

There's a long thread on this with Subject: Denial Of Service
Attack Messages in the archives of this list at

and

which may be helpful.




IMPORTANT: This email does not constitute a contract or an offer
or acceptance of an offer to enter into a contract. Further, this
email may not be used to modify, supplement, novate, or waive any
rights with respect to an existing contract or other binding
commercial terms. MJN Services, Inc. conducts business under our
service terms and conditions found at www.mjnservices.com unless
otherwise agreed to in writing by an officer of MJN Services, Inc.



--
MailScanner mailing list
mailscanner at lists.mailscanner.info

http://lists.mailscanner.info/listinfo/mailscanner






Subject: Digest Footer



--
MailScanner mailing list
mailscanner at lists.mailscanner.info

http://lists.mailscanner.info/listinfo/mailscanner





End of MailScanner Digest, Vol 128, Issue 16
********************************************


--
This message has been scanned for viruses and dangerous content by
*MailScanner* , and is believed to be clean.







IMPORTANT: This email does not constitute a contract or an offer or
acceptance of an offer to enter into a contract. Further, this email
may not be used to modify, supplement, novate, or waive any rights
with respect to an existing contract or other binding commercial
terms. MJN Services, Inc. conducts business under our service terms
and conditions found at www.mjnservices.com unless otherwise agreed
to in writing
by an officer of MJN Services, Inc.



--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner




--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner





Bu elektronik posta ve onunla iletilen b??t??n dosyalar sadece
g??ndericisi taraf??ndan almas?? ama??lanan yetkili ger??ek ya da t??zel
ki??inin kullan??m?? i??indir. E??er s??z konusu yetkili al??c?? de??ilseniz bu
elektronik postan??n i??eri??ini a????klaman??z, kopyalaman??z,
y??nlendirmeniz ve kullanman??z kesinlikle yasakt??r ve bu elektronik
postay?? derhal silmeniz gerekmektedir. TurkNet bu mesaj??n i??erdi??i
bilgilerin do??rulu??u veya eksiksiz oldu??u konusunda herhangi bir
garanti vermemektedir. Bu nedenle bu bilgilerin ne ??ekilde olursa
olsun i??eri??inden, iletilmesinden, al??nmas??ndan ve saklanmas??ndan sorumlu de??ildir. Bu mesajdaki g??r????ler yaln??zca g??nderen ki??iye aittir ve TurkNet'in g??r????lerini yans??tmayabilir. Bu e-posta bilinen b??t??n bilgisayar vir??slerine kar???? taranm????t??r.


This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you are not the intended recipient you are hereby
notified that any dissemination, forwarding, copying or use of any of
the information is strictly prohibited, and the e-mail should
immediately be deleted. TurkNet makes no warranty as to the accuracy
or completeness of any information contained in this message and
hereby excludes any liability of any kind for the information
contained therein or for the information transmission, reception,
storage or use of such in any way whatsoever. The opinions expressed in this message belong to sender alone and may not necessarily reflect the opinions of TurkNet. This e-mail has been scanned for all known computer viruses.


--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner




--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner




--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner



-------------- next part -------------- An HTML attachment was scrubbed... URL: From jasggomes at gmail.com Mon Aug 29 09:26:28 2016 From: jasggomes at gmail.com (Jorge G. Gomes) Date: Mon, 29 Aug 2016 10:26:28 +0100 Subject: Configuration questions Message-ID: <25542939-34CA-43EB-9F42-DE311756B1E2@gmail.com> Hi to all, I?ve finally managed to setup a MailScanner+MailWatch to work with a Zimbra server that is under heavy load of SPAM from one of the domains. I?ve a few problems/concerns, and I hope you can help me solving them. 1 - How can I change the ?postmaster? from address to correct one? Its using ?postmaster at server.domain .com? and I need it using ?postmaster at domain.com?. 2 - How can I prevent messages released from quarantine being blocked again? 3 - During the setup of the system, I keep seeing instructions to STOP the postfix engine, but if I do that I don?t receive any email and MailScanner complains about it too. For some reason, I understood the MailScanner should star the postfix? 4 - ClamAV seams not be running as a service, but it is running under MailScanner, and also the tests are functioning ? Any thoughts about this? just for my understanding. Thanks in advance for all the help on this matters. Regards Jorge Gomes IT Architect - Systems Engineer Email: jasggomes at gmail.com? <> Skype: jogomes007 T: (+351) 218 262 781 M: (+351) 912 381 259 http://www.techwiredbrains.com Esta mensagem ? confidencial e ? propriedade do remetente. Destina-se unicamente ao conhecimento do destinat?rio nela identificado. Caso n?o seja o destinat?rio, n?o est? autorizado a ler, reter, imprimir, copiar, divulgar, distribuir ou utiliza-la, parcial ou totalmente. Caso tenha recebido esta mensagem indevidamente, queira informar de imediato o remetente e proceder ? destrui??o de todas as c?pias da mesma. Esta mensagem e ficheiros anexos foram tratados para estarem livres de v?rus ou de qualquer outro defeito. MIPE - Tecnologias de Informa??o Lda n?o ? respons?vel por perdas e danos resultantes do uso desta mensagem. O correio electr?nico via Internet n?o permite assegurar a confidencialidade ou a correcta recep??o das mensagens. P Antes de imprimir este e-mail pense bem se tem mesmo que o fazer. H? cada vez menos ?rvores! / Before printing this e-mail, assess if it is really needed -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 496 bytes Desc: Message signed with OpenPGP using GPGMail URL: From alvaro at hostalia.com Mon Aug 29 13:57:32 2016 From: alvaro at hostalia.com (=?UTF-8?Q?Alvaro_Mar=c3=adn?=) Date: Mon, 29 Aug 2016 15:57:32 +0200 Subject: Long queue IDs in Postfix Message-ID: <0de4adbe-c191-84fc-8f2e-50a81855cff2@hostalia.com> Hi, I've this issue opened in github: https://github.com/MailScanner/v5/issues/15 I've enabled long_queue_ids in Postfix (with hash_queue_depth disabled) and MailScanner works fine, but when it requeues the message, it creates one message with a short queue ID format: MailScanner[14209]: Requeue: 3sK7N64rr3zJX5T.A6FFB to D74D7218040 The HDOutFileName function generates it in Postfix.pm: $file = sprintf("%05X%lX", int(rand 1000000)+1, (stat($file))[1]); that should be in a long format. Reading Postfix's code, I see: /* The long non-repeating queue ID is encoded in an alphabet of 10 digits, 21 upper-case characters, and 21 or fewer lower-case characters. The alphabet is made "safe" by removing all the vowels (AEIOUaeiou). The ID is the concatenation of: - the time in seconds (base 52 encoded, six or more chars), - the time in microseconds (base 52 encoded, exactly four chars), - the 'z' character to separate the time and inode information, - the inode number (base 51 encoded so that it contains no 'z'). */ So I've created a patch that implements this functionality (if long queue ids format is enabled, if not, it will be generated as usual). I'm running MailScanner-4.84.5-3 (with the patch to manage long queue IDs from 4.85.1-1 version) and it runs fine (the patch attached is done against last stable release code of MailScanner); I'll be watching it for some days. Regards, -- Alvaro Mar?n Illera Hostalia Internet www.hostalia.com -------------- next part -------------- --- Postfix.pm.orig 2016-08-29 15:27:32.364989625 +0200 +++ Postfix.pm 2016-08-29 15:30:59.896981402 +0200 @@ -246,9 +246,83 @@ # Bad hash key $file = sprintf("%05X%lX", time % 1000000, (stat($file))[1]); # Add 1 so the number is never zero (defensive programming) - $file = sprintf("%05X%lX", int(rand 1000000)+1, (stat($file))[1]); + #$file = sprintf("%05X%lX", int(rand 1000000)+1, (stat($file))[1]); #print STDERR "New Filename is $file\n"; + # + # Alvaro Marin alvaro at hostalia.com - 2016/08/25 + # + # Support for Postfix's long queue IDs format (enable_long_queue_ids). + # The name of the file created in the outgoing queue will be the queue ID. + # We'll generate it like Postfix does. From src/global/mail_queue.h : + # + # The long non-repeating queue ID is encoded in an alphabet of 10 digits, + # 21 upper-case characters, and 21 or fewer lower-case characters. The + # alphabet is made "safe" by removing all the vowels (AEIOUaeiou). The ID + # is the concatenation of: + # + # - the time in seconds (base 52 encoded, six or more chars), + # + # - the time in microseconds (base 52 encoded, exactly four chars), + # + # - the 'z' character to separate the time and inode information, + # + # - the inode number (base 51 encoded so that it contains no 'z'). + # + # + # We don't know if Postfix has long queue IDs enabled so we must check it + # using the temporaly filename: + # Short queue IDs: /var/spool/postfix/incoming/temp-14793-6773D15E4E9.A3F46 + # Long queue IDs: /var/spool/postfix/incoming/temp-17735-3sK9pc0mftzJX5P.A38B9 + # + if ($file =~ /\-[A-Za-z0-9]{15}\.[A-Za-z0-9]{5}$/) { + # Long queue IDs + use Time::HiRes qw( gettimeofday ); + my ($seconds, $microseconds) = gettimeofday; + my @BASE52_CHARACTERS = ("0","1","2","3","4","5","6","7","8","9", + "B","C","D","F","G","H","J","K","L","M", + "N","P","Q","R","S","T","V","W","X","Y", + "Z","b","c","d","f","g","h","j","k","l", + "m","n","p","q","r","s","t","v","w","x","y","z"); + my $encoded; + my $file_out; + my $count=0; + while ( ($seconds > 0) && ($count < 6)) { + $encoded.=$BASE52_CHARACTERS[$seconds%52]; + $seconds/=52; + $count++; + } + $file_out=reverse substr($encoded,0,6); + $encoded=''; + $count=0; + while ( ($microseconds > 0) && ($count < 4)) { + $encoded.=$BASE52_CHARACTERS[$microseconds%52]; + $microseconds/=52; + $count++; + } + $file_out.=reverse substr($encoded,0,4); + + $file_out.="z"; + + my $inode=(stat("$file"))[1]; + $encoded=''; + $count=0; + while ( ($inode > 0) && ($count < 4)) { + $encoded.=$BASE52_CHARACTERS[$inode%51]; + $inode/=51; + $count++; + } + $file=$file_out.reverse substr($encoded,0,4); + #print STDERR "long_queue_id: New Filename is $file\n"; + } + else { + # Short queue IDs + # Bad hash key $file = sprintf("%05X%lX", time % 1000000, (stat($file))[1]); + # Add 1 so the number is never zero (defensive programming) + $file = sprintf("%05X%lX", int(rand 1000000)+1, (stat($file))[1]); + #print STDERR "New Filename is $file\n"; + } + if ($MailScanner::SMDiskStore::HashDirDepth == 2) { $file =~ /^(.)(.)/; return ($dir,$1,$2,$file); From jerry.benton at mailborder.com Mon Aug 29 14:00:06 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Mon, 29 Aug 2016 10:00:06 -0400 Subject: Long queue IDs in Postfix In-Reply-To: <0de4adbe-c191-84fc-8f2e-50a81855cff2@hostalia.com> References: <0de4adbe-c191-84fc-8f2e-50a81855cff2@hostalia.com> Message-ID: Alvaro, Thank you. If you get a chance to test it on 5.0.3, which is the latest stable version, let me know. I will try to take a look at it. Mark may as well as he also uses Postfix. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Alvaro Mar?n Reply:?MailScanner Discussion Date:?August 29, 2016 at 9:57:44 AM To:?mailscanner at lists.mailscanner.info Subject:? Long queue IDs in Postfix > Hi, > > I've this issue opened in github: > > https://github.com/MailScanner/v5/issues/15 > > I've enabled long_queue_ids in Postfix (with hash_queue_depth disabled) > and MailScanner works fine, but when it requeues the message, it creates > one message with a short queue ID format: > > MailScanner[14209]: Requeue: 3sK7N64rr3zJX5T.A6FFB to D74D7218040 > > The HDOutFileName function generates it in Postfix.pm: > > $file = sprintf("%05X%lX", int(rand 1000000)+1, (stat($file))[1]); > > that should be in a long format. > Reading Postfix's code, I see: > > /* > > The long non-repeating queue ID is encoded in an alphabet of 10 digits, > 21 upper-case characters, and 21 or fewer lower-case characters. The > alphabet is made "safe" by removing all the vowels (AEIOUaeiou). The ID > is the concatenation of: > - the time in seconds (base 52 encoded, six or more chars), > - the time in microseconds (base 52 encoded, exactly four chars), > - the 'z' character to separate the time and inode information, > - the inode number (base 51 encoded so that it contains no 'z'). */ > > So I've created a patch that implements this functionality (if long > queue ids format is enabled, if not, it will be generated as usual). > > I'm running MailScanner-4.84.5-3 (with the patch to manage long queue > IDs from 4.85.1-1 version) and it runs fine (the patch attached is done > against last stable release code of MailScanner); I'll be watching it > for some days. > > Regards, > -- > Alvaro Mar?n Illera > Hostalia Internet > www.hostalia.com > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From endelwar at aregar.it Mon Aug 29 14:25:56 2016 From: endelwar at aregar.it (Manuel Dalla Lana) Date: Mon, 29 Aug 2016 16:25:56 +0200 Subject: Configuration questions In-Reply-To: <25542939-34CA-43EB-9F42-DE311756B1E2@gmail.com> References: <25542939-34CA-43EB-9F42-DE311756B1E2@gmail.com> Message-ID: <0bbf2aa7-f724-e20d-bc5d-80cb54d71279@aregar.it> Il 29/08/16 11:26, Jorge G. Gomes ha scritto: > 2 - How can I prevent messages released from quarantine being blocked > again? please look at MailWatch faq regarding this issue: http://docs.mailwatch.org/using/faq.html Manuel From pparsons at techeez.com Wed Aug 31 19:16:41 2016 From: pparsons at techeez.com (Philip Parsons) Date: Wed, 31 Aug 2016 19:16:41 +0000 Subject: Is it possible to Message-ID: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> Do the filetype check first and if it is bad to just store the message and continue on. ? if so what settings in the config file need to be changed. Trying to deal with a attack that is killing mailscanner and it is all bad file types. Thank you. Philip Parsons -------------- next part -------------- An HTML attachment was scrubbed... URL: From pparsons at techeez.com Wed Aug 31 21:15:49 2016 From: pparsons at techeez.com (Philip Parsons) Date: Wed, 31 Aug 2016 21:15:49 +0000 Subject: Is it possible to In-Reply-To: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> References: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> Message-ID: <11D8E491D9562549A61FD3186F3634200284FE3007@exchange.techeez.com> Anyone else seeing zip files that are taking down Mailscanner and clamAV I have had to disable Virus scanning.. From: MailScanner [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.info] On Behalf Of Philip Parsons Sent: August 31, 2016 12:17 PM To: MailScanner Discussion Subject: Is it possible to Do the filetype check first and if it is bad to just store the message and continue on. ? if so what settings in the config file need to be changed. Trying to deal with a attack that is killing mailscanner and it is all bad file types. Thank you. Philip Parsons -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerry.benton at mailborder.com Wed Aug 31 21:29:56 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 31 Aug 2016 17:29:56 -0400 Subject: Is it possible to In-Reply-To: <11D8E491D9562549A61FD3186F3634200284FE3007@exchange.techeez.com> References: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3007@exchange.techeez.com> Message-ID: Try disabling Dangerous Content Scanning instead. Turn the AV back on. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Philip Parsons Reply:?MailScanner Discussion Date:?August 31, 2016 at 5:16:00 PM To:?MailScanner Discussion Subject:? RE: Is it possible to > Anyone else seeing zip files that are taking down Mailscanner and clamAV I have had to > disable Virus scanning.. > > From: MailScanner [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.info] > On Behalf Of Philip Parsons > Sent: August 31, 2016 12:17 PM > To: MailScanner Discussion > Subject: Is it possible to > > Do the filetype check first and if it is bad to just store the message and continue on. ? > if so what settings in the config file need to be changed. Trying to deal with a attack that > is killing mailscanner and it is all bad file types. > > > Thank you. > Philip Parsons > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From pparsons at techeez.com Wed Aug 31 21:42:56 2016 From: pparsons at techeez.com (Philip Parsons) Date: Wed, 31 Aug 2016 21:42:56 +0000 Subject: Is it possible to In-Reply-To: References: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3007@exchange.techeez.com> Message-ID: <11D8E491D9562549A61FD3186F3634200284FE3191@exchange.techeez.com> I have just done that and will see what happens.. The content scanning is pretty important now days with all the zepto stuff going around... -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: August 31, 2016 2:30 PM To: MailScanner Discussion Subject: RE: Is it possible to Try disabling Dangerous Content Scanning instead. Turn the AV back on. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Philip Parsons Reply:?MailScanner Discussion Date:?August 31, 2016 at 5:16:00 PM To:?MailScanner Discussion Subject:? RE: Is it possible to > Anyone else seeing zip files that are taking down Mailscanner and > clamAV I have had to disable Virus scanning.. > > From: MailScanner > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.inf > o] > On Behalf Of Philip Parsons > Sent: August 31, 2016 12:17 PM > To: MailScanner Discussion > Subject: Is it possible to > > Do the filetype check first and if it is bad to just store the message and continue on. ? > if so what settings in the config file need to be changed. Trying to > deal with a attack that is killing mailscanner and it is all bad file types. > > > Thank you. > Philip Parsons > > > -- > This message has been scanned for viruses and dangerous content by > MailScanner, and is believed to be clean. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From jerry.benton at mailborder.com Wed Aug 31 21:45:00 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 31 Aug 2016 17:45:00 -0400 Subject: Is it possible to In-Reply-To: <11D8E491D9562549A61FD3186F3634200284FE3191@exchange.techeez.com> References: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3007@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3191@exchange.techeez.com> Message-ID: The Sane Security sigs in Clam AV pretty much do the same thing as the DCS in MailScanner. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Philip Parsons Reply:?MailScanner Discussion Date:?August 31, 2016 at 5:43:05 PM To:?MailScanner Discussion Subject:? RE: Is it possible to > I have just done that and will see what happens.. The content scanning is pretty important > now days with all the zepto stuff going around... > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.info] > On Behalf Of Jerry Benton > Sent: August 31, 2016 2:30 PM > To: MailScanner Discussion > Subject: RE: Is it possible to > > Try disabling Dangerous Content Scanning instead. Turn the AV back on. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Philip Parsons > Reply: MailScanner Discussion > Date: August 31, 2016 at 5:16:00 PM > To: MailScanner Discussion > Subject: RE: Is it possible to > > > Anyone else seeing zip files that are taking down Mailscanner and > > clamAV I have had to disable Virus scanning.. > > > > From: MailScanner > > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.inf > > o] > > On Behalf Of Philip Parsons > > Sent: August 31, 2016 12:17 PM > > To: MailScanner Discussion > > Subject: Is it possible to > > > > Do the filetype check first and if it is bad to just store the message and continue on. > ? > > if so what settings in the config file need to be changed. Trying to > > deal with a attack that is killing mailscanner and it is all bad file types. > > > > > > Thank you. > > Philip Parsons > > > > > > -- > > This message has been scanned for viruses and dangerous content by > > MailScanner, and is believed to be clean. > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From pparsons at techeez.com Wed Aug 31 22:52:20 2016 From: pparsons at techeez.com (Philip Parsons) Date: Wed, 31 Aug 2016 22:52:20 +0000 Subject: Is it possible to In-Reply-To: References: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3007@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3191@exchange.techeez.com> Message-ID: <11D8E491D9562549A61FD3186F3634200284FE3330@exchange.techeez.com> Well that did not work.. soon after I made the switch the mail stopped being processed again..any other suggestions -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: August 31, 2016 2:45 PM To: MailScanner Discussion Subject: RE: Is it possible to The Sane Security sigs in Clam AV pretty much do the same thing as the DCS in MailScanner. - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Philip Parsons Reply:?MailScanner Discussion Date:?August 31, 2016 at 5:43:05 PM To:?MailScanner Discussion Subject:? RE: Is it possible to > I have just done that and will see what happens.. The content scanning > is pretty important now days with all the zepto stuff going around... > > -----Original Message----- > From: MailScanner > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.inf > o] > On Behalf Of Jerry Benton > Sent: August 31, 2016 2:30 PM > To: MailScanner Discussion > Subject: RE: Is it possible to > > Try disabling Dangerous Content Scanning instead. Turn the AV back on. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Philip Parsons > Reply: MailScanner Discussion > Date: August 31, 2016 at 5:16:00 PM > To: MailScanner Discussion > Subject: RE: Is it possible to > > > Anyone else seeing zip files that are taking down Mailscanner and > > clamAV I have had to disable Virus scanning.. > > > > From: MailScanner > > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.i > > nf > > o] > > On Behalf Of Philip Parsons > > Sent: August 31, 2016 12:17 PM > > To: MailScanner Discussion > > Subject: Is it possible to > > > > Do the filetype check first and if it is bad to just store the message and continue on. > ? > > if so what settings in the config file need to be changed. Trying to > > deal with a attack that is killing mailscanner and it is all bad file types. > > > > > > Thank you. > > Philip Parsons > > > > > > -- > > This message has been scanned for viruses and dangerous content by > > MailScanner, and is believed to be clean. > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -- > This message has been scanned for viruses and dangerous content by > MailScanner, and is believed to be clean. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. From jerry.benton at mailborder.com Wed Aug 31 22:53:44 2016 From: jerry.benton at mailborder.com (Jerry Benton) Date: Wed, 31 Aug 2016 18:53:44 -0400 Subject: Is it possible to In-Reply-To: <11D8E491D9562549A61FD3186F3634200284FE3330@exchange.techeez.com> References: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3007@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3191@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3330@exchange.techeez.com> Message-ID: Enable logging in clamd.conf so you can see what is going on. Permissions are correct, right? - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Philip Parsons Reply:?MailScanner Discussion Date:?August 31, 2016 at 6:52:29 PM To:?MailScanner Discussion Subject:? RE: Is it possible to > Well that did not work.. soon after I made the switch the mail stopped being processed > again..any other suggestions > > -----Original Message----- > From: MailScanner [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.info] > On Behalf Of Jerry Benton > Sent: August 31, 2016 2:45 PM > To: MailScanner Discussion > Subject: RE: Is it possible to > > The Sane Security sigs in Clam AV pretty much do the same thing as the DCS in MailScanner. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Philip Parsons > Reply: MailScanner Discussion > Date: August 31, 2016 at 5:43:05 PM > To: MailScanner Discussion > Subject: RE: Is it possible to > > > I have just done that and will see what happens.. The content scanning > > is pretty important now days with all the zepto stuff going around... > > > > -----Original Message----- > > From: MailScanner > > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.inf > > o] > > On Behalf Of Jerry Benton > > Sent: August 31, 2016 2:30 PM > > To: MailScanner Discussion > > Subject: RE: Is it possible to > > > > Try disabling Dangerous Content Scanning instead. Turn the AV back on. > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From: Philip Parsons > > Reply: MailScanner Discussion > > Date: August 31, 2016 at 5:16:00 PM > > To: MailScanner Discussion > > Subject: RE: Is it possible to > > > > > Anyone else seeing zip files that are taking down Mailscanner and > > > clamAV I have had to disable Virus scanning.. > > > > > > From: MailScanner > > > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.i > > > nf > > > o] > > > On Behalf Of Philip Parsons > > > Sent: August 31, 2016 12:17 PM > > > To: MailScanner Discussion > > > Subject: Is it possible to > > > > > > Do the filetype check first and if it is bad to just store the message and continue on. > > ? > > > if so what settings in the config file need to be changed. Trying to > > > deal with a attack that is killing mailscanner and it is all bad file types. > > > > > > > > > Thank you. > > > Philip Parsons > > > > > > > > > -- > > > This message has been scanned for viruses and dangerous content by > > > MailScanner, and is believed to be clean. > > > > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > -- > > This message has been scanned for viruses and dangerous content by > > MailScanner, and is believed to be clean. > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > From pparsons at techeez.com Wed Aug 31 23:17:37 2016 From: pparsons at techeez.com (Philip Parsons) Date: Wed, 31 Aug 2016 23:17:37 +0000 Subject: Is it possible to In-Reply-To: References: <11D8E491D9562549A61FD3186F3634200284FE2E5F@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3007@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3191@exchange.techeez.com> <11D8E491D9562549A61FD3186F3634200284FE3330@exchange.techeez.com> Message-ID: <11D8E491D9562549A61FD3186F3634200284FE33E4@exchange.techeez.com> This box has been up and working for a year and just 3 days ago it is being hammered with these .zip files which is taking Mailscanner down. I assume the permissions are correct as it has been working but at this point I will check anything you would like me to. Which permissions should I look for. AN I am going to enable the logging now. -----Original Message----- From: MailScanner [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.info] On Behalf Of Jerry Benton Sent: August 31, 2016 3:54 PM To: MailScanner Discussion Subject: RE: Is it possible to Enable logging in clamd.conf so you can see what is going on. Permissions are correct, right? - Jerry Benton www.mailborder.com +1 - 844-436-6245 -----Original Message----- From:?Philip Parsons Reply:?MailScanner Discussion Date:?August 31, 2016 at 6:52:29 PM To:?MailScanner Discussion Subject:? RE: Is it possible to > Well that did not work.. soon after I made the switch the mail stopped > being processed again..any other suggestions > > -----Original Message----- > From: MailScanner > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.inf > o] > On Behalf Of Jerry Benton > Sent: August 31, 2016 2:45 PM > To: MailScanner Discussion > Subject: RE: Is it possible to > > The Sane Security sigs in Clam AV pretty much do the same thing as the DCS in MailScanner. > > > - > Jerry Benton > www.mailborder.com > +1 - 844-436-6245 > > > -----Original Message----- > From: Philip Parsons > Reply: MailScanner Discussion > Date: August 31, 2016 at 5:43:05 PM > To: MailScanner Discussion > Subject: RE: Is it possible to > > > I have just done that and will see what happens.. The content > > scanning is pretty important now days with all the zepto stuff going around... > > > > -----Original Message----- > > From: MailScanner > > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner.i > > nf > > o] > > On Behalf Of Jerry Benton > > Sent: August 31, 2016 2:30 PM > > To: MailScanner Discussion > > Subject: RE: Is it possible to > > > > Try disabling Dangerous Content Scanning instead. Turn the AV back on. > > > > > > - > > Jerry Benton > > www.mailborder.com > > +1 - 844-436-6245 > > > > > > -----Original Message----- > > From: Philip Parsons > > Reply: MailScanner Discussion > > Date: August 31, 2016 at 5:16:00 PM > > To: MailScanner Discussion > > Subject: RE: Is it possible to > > > > > Anyone else seeing zip files that are taking down Mailscanner and > > > clamAV I have had to disable Virus scanning.. > > > > > > From: MailScanner > > > [mailto:mailscanner-bounces+pparsons=techeez.com at lists.mailscanner > > > .i > > > nf > > > o] > > > On Behalf Of Philip Parsons > > > Sent: August 31, 2016 12:17 PM > > > To: MailScanner Discussion > > > Subject: Is it possible to > > > > > > Do the filetype check first and if it is bad to just store the message and continue on. > > ? > > > if so what settings in the config file need to be changed. Trying > > > to deal with a attack that is killing mailscanner and it is all bad file types. > > > > > > > > > Thank you. > > > Philip Parsons > > > > > > > > > -- > > > This message has been scanned for viruses and dangerous content by > > > MailScanner, and is believed to be clean. > > > > > > > > > -- > > > MailScanner mailing list > > > mailscanner at lists.mailscanner.info > > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > -- > > This message has been scanned for viruses and dangerous content by > > MailScanner, and is believed to be clean. > > > > > > > > -- > > MailScanner mailing list > > mailscanner at lists.mailscanner.info > > http://lists.mailscanner.info/listinfo/mailscanner > > > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > > -- > This message has been scanned for viruses and dangerous content by > MailScanner, and is believed to be clean. > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/listinfo/mailscanner > > -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/listinfo/mailscanner -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.