Denial Of Service Attack Messages

Jerry Benton jerry.benton at mailborder.com
Tue Mar 8 12:18:57 UTC 2016


Thanks Andrew.

Could those people seeing this error please check your Perl modules using this script:

https://github.com/MailScanner/v4/blob/master/check_modules.sh <https://github.com/MailScanner/v4/blob/master/check_modules.sh>


Also make sure your timeout settings in MailScanner.conf are not too short. I cannot remember if I reduced the defaults in MailScanner.conf. I will have to review the changes. 

Also please check your logs for as much information as possible and send it to the list. Please try to filter out the important parts and send only that information. 



-
Jerry Benton
www.mailborder.com



> On Mar 8, 2016, at 6:54 AM, Andrew Southgate <andy at z00b.com> wrote:
> 
> I'm getting it on 4.85.2-3
>  
> From: MailScanner [mailto:mailscanner-bounces+andy=z00b.com at lists.mailscanner.info] On Behalf Of Jerry Benton
> Sent: 08 March 2016 11:50
> To: MailScanner Discussion
> Subject: Re: Denial Of Service Attack Messages
>  
> Just so everyone knows, 4.86.1 is not released. It is beta. It looks like I need to go back through the changes made between the two versions unless someone is seeing this in 4.85.2-3.
> 
> -
> Jerry Benton
> www.mailborder.com <http://www.mailborder.com/>
>  
>  
>  
>> On Mar 7, 2016, at 12:21 PM, Steven Jardine <steve at mjnservices.com <mailto:steve at mjnservices.com>> wrote:
>>  
>> Yes.  I recently upgraded to 4.86.1-1 and the install log shows:
>> 
>> HTML::Parser => OK
>> 
>> 
>> On 03/07/2016 10:19 AM, Jerry Benton wrote:
>>> is the HTML parser installed?
>>> 
>>> -
>>> Jerry Benton
>>> www.mailborder.com <http://www.mailborder.com/>
>>> Sent from my iPhone
>>> 
>>> On Mar 7, 2016, at 11:25, Steven Jardine <steve at mjnservices.com <mailto:steve at mjnservices.com>> wrote:
>>> 
>>>> I upgraded MailScanner several months ago to v4.85.2-3 and now v4.86.1-1. Often I am getting the error message:
>>>> 
>>>>> MailScanner was attacked by a Denial Of Service attack, and has therefore deleted this part of the message. Please contact your e-mail providers for more information if you need it, giving them the whole of this report. Attack in: /var/spool/MailScanner/incoming/20499/u27Em5eK000564/nmsg-20499-47.html
>>>> The file reported in the attack is not there so I am unable to to any troubleshooting.
>>>> 
>>>> I am using a OpenVZ container with Ubuntu 14.04 - 6 CPUs and 12GB RAM. The messages are causing problems with valid mail messages both incoming and outgoing.
>>>> 
>>>> Is there a way to disable this feature?  Any ideas on how to suppress these messages?
>>>> 
>>>> Thanks!
>>>> Steve
>>>> IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer to enter into a contract. Further, this email may not be used to modify, supplement, novate, or waive any rights with respect to an existing contract or other binding commercial terms.
>>>> 
>>>> 
>>>> -- 
>>>> MailScanner mailing list
>>>> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
>>>> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>>> 
>>> 
>>>  
>>  
>> IMPORTANT: This email does not constitute a contract or an offer or acceptance of an offer to enter into a contract. Further, this email may not be used to modify, supplement, novate, or waive any rights with respect to an existing contract or other binding commercial terms.
>> 
>> 
>> -- 
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
>> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
>  
> 
> 
> -- 
> MailScanner mailing list
> mailscanner at lists.mailscanner.info <mailto:mailscanner at lists.mailscanner.info>
> http://lists.mailscanner.info/listinfo/mailscanner <http://lists.mailscanner.info/listinfo/mailscanner>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20160308/f26903fb/attachment.html>


More information about the MailScanner mailing list