From mmmm82 at gmail.com Sat Sep 1 09:47:10 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Sat, 1 Sep 2018 12:47:10 +0300 Subject: MUA signatures Message-ID: Greetings, Is there a way in Mailscanner to remove user created signatures, we are applying a company signature to all outgoing mails, it works fine and as expected, however if a user creates his own signature in outlook, we end up with two signatures, the one created by the user first and followed by the one injected by MailScanner. We have tried the Allow Multiple HTML Signature = no and added an tag with alt="MailScanner Signature %org-name%". Still no effect. Kindly your help -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From Antony.Stone at mailscanner.open.source.it Sat Sep 1 15:10:02 2018 From: Antony.Stone at mailscanner.open.source.it (Antony Stone) Date: Sat, 1 Sep 2018 17:10:02 +0200 Subject: MUA signatures In-Reply-To: References: Message-ID: <201809011710.02889.Antony.Stone@mailscanner.open.source.it> On Saturday 01 September 2018 at 11:47:10, Monis Monther wrote: > Greetings, > > Is there a way in Mailscanner to remove user created signatures, we are > applying a company signature to all outgoing mails, it works fine and as > expected, however if a user creates his own signature in outlook, we end up > with two signatures, the one created by the user first and followed by the > one injected by MailScanner. MailScanner isn't really designed to modify content which already exists in an email (other than disarming dangerous HTML tags). It can decide what to do with the email (deliver, quarantine, bounce, drop, forward) based on various tests regarding the content, so my suggestion would be to write a test which matches "start of line-dash-dash-space-end of line" and if that's found in an outbound email, bounce it back to the sender with the message "please delete the signature from your email client". > We have tried the Allow Multiple HTML Signature = no and added an tag > with alt="MailScanner Signature %org-name%". Still no effect. > > Kindly your help Depending on which MTA you are using, you may be able to write (or find) a milter to remove the signatures, but I don't think MailScanner is quite the right tool for this job. Regards, Antony. -- You can tell that the day just isn't going right when you find yourself using the telephone before the toilet. Please reply to the list; please *don't* CC me. From mmmm82 at gmail.com Sun Sep 2 08:53:34 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Sun, 2 Sep 2018 11:53:34 +0300 Subject: MUA signatures In-Reply-To: <201809011710.02889.Antony.Stone@mailscanner.open.source.it> References: <201809011710.02889.Antony.Stone@mailscanner.open.source.it> Message-ID: Thanks Antony On Sat, Sep 1, 2018 at 6:10 PM Antony Stone < Antony.Stone at mailscanner.open.source.it> wrote: > On Saturday 01 September 2018 at 11:47:10, Monis Monther wrote: > > > Greetings, > > > > Is there a way in Mailscanner to remove user created signatures, we are > > applying a company signature to all outgoing mails, it works fine and as > > expected, however if a user creates his own signature in outlook, we end > up > > with two signatures, the one created by the user first and followed by > the > > one injected by MailScanner. > > MailScanner isn't really designed to modify content which already exists > in an > email (other than disarming dangerous HTML tags). > > It can decide what to do with the email (deliver, quarantine, bounce, > drop, > forward) based on various tests regarding the content, so my suggestion > would > be to write a test which matches "start of line-dash-dash-space-end of > line" > and if that's found in an outbound email, bounce it back to the sender > with > the message "please delete the signature from your email client". > > > We have tried the Allow Multiple HTML Signature = no and added an > tag > > with alt="MailScanner Signature %org-name%". Still no effect. > > > > Kindly your help > > Depending on which MTA you are using, you may be able to write (or find) a > milter to remove the signatures, but I don't think MailScanner is quite > the > right tool for this job. > > Regards, > > > Antony. > > -- > You can tell that the day just isn't going right when you find yourself > using > the telephone before the toilet. > > Please reply to the > list; > please *don't* CC > me. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmmm82 at gmail.com Sun Sep 2 09:08:57 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Sun, 2 Sep 2018 12:08:57 +0300 Subject: Prevent header forgery Message-ID: Hi, Is there a way to prevent users from changing the header. We do not want the envelope to be different than the header. (i.e: header from must match return-path). I am able to achieve all kinds of restrictions in postfix restrictions and restriction classes, but they all apply to the envelope, however when it comes to the header From field, then that is part of the message and the only place to write rules for it is header_checks. I could not find a way in header_checks that can achieve this. It cannot match two different fields and compare them. Am I missing something, Does MailScanner have a way to force this. I am using postfix 2.10.1 and MailScanner 5.0.07 and dovecot 2.2.10 -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From Antony.Stone at mailscanner.open.source.it Sun Sep 2 09:15:55 2018 From: Antony.Stone at mailscanner.open.source.it (Antony Stone) Date: Sun, 2 Sep 2018 11:15:55 +0200 Subject: Prevent header forgery In-Reply-To: References: Message-ID: <201809021115.55544.Antony.Stone@mailscanner.open.source.it> On Sunday 02 September 2018 at 11:08:57, Monis Monther wrote: > Hi, > > Is there a way to prevent users from changing the header. We do not want > the envelope to be different than the header. (i.e: header from must match > return-path). Have you looked at the headers of emails on this list? For example, the message you just sent arrived with me showing, amongst others: Return-Path: From: Monis Monther Reply-To: MailScanner Discussion It's perfectly common for From to be different from Return-Path. Regards, Antony. -- I conclude that there are two ways of constructing a software design: One way is to make it so simple that there are _obviously_ no deficiencies, and the other way is to make it so complicated that there are no _obvious_ deficiencies. - C A R Hoare Please reply to the list; please *don't* CC me. From jerry.benton at mailborder.com Sun Sep 2 09:17:58 2018 From: jerry.benton at mailborder.com (Jerry Benton) Date: Sun, 2 Sep 2018 05:17:58 -0400 Subject: Prevent header forgery In-Reply-To: <201809021115.55544.Antony.Stone@mailscanner.open.source.it> References: <201809021115.55544.Antony.Stone@mailscanner.open.source.it> Message-ID: <004a01d4429d$d763af00$862b0d00$@mailborder.com> https://wiki.apache.org/spamassassin/FromNotReplyTo -- Jerry Benton www.mailborder.com +1 (843) 800-8605 +44 (020) 3883-8605 -----Original Message----- From: MailScanner On Behalf Of Antony Stone Sent: Sunday, September 2, 2018 05:16 To: MailScanner Discussion Subject: Re: Prevent header forgery On Sunday 02 September 2018 at 11:08:57, Monis Monther wrote: > Hi, > > Is there a way to prevent users from changing the header. We do not want > the envelope to be different than the header. (i.e: header from must match > return-path). Have you looked at the headers of emails on this list? For example, the message you just sent arrived with me showing, amongst others: Return-Path: From: Monis Monther Reply-To: MailScanner Discussion It's perfectly common for From to be different from Return-Path. Regards, Antony. -- I conclude that there are two ways of constructing a software design: One way is to make it so simple that there are _obviously_ no deficiencies, and the other way is to make it so complicated that there are no _obvious_ deficiencies. - C A R Hoare Please reply to the list; please *don't* CC me. -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5530 bytes Desc: not available URL: From thom at vdb.nl Sun Sep 2 09:21:34 2018 From: thom at vdb.nl (Thom van der Boon) Date: Sun, 2 Sep 2018 11:21:34 +0200 (CEST) Subject: Prevent header forgery In-Reply-To: References: Message-ID: <614541427.4641.1535880094592.JavaMail.zimbra@vdb.nl> Hi, First you have to upgrade your system to the current versions: Mailscanner 5.1.1-1 Spamassassin 3.4.1 (This is the latest (2015), I heard progress is being made on a new version) After that Spamassassin has a HEADER_FROM_DIFFERENT_DOMAINS Met vriendelijke groet, Best regards, Thom van der Boon E-Mail: thom at vdb.nl ===== Thom.H. van der Boon b.v. Transito 4 6909 DA Babberich Tel.: [ tel:+31884272727 | +31 (0)88 4272727 ] Fax: +31 (0)88 4272789 Home Page: http://www.vdb.nl/ Van: "Monis Monther" Aan: "MailScanner Discussion" Verzonden: Zondag 2 september 2018 11:08:57 Onderwerp: Prevent header forgery Hi, Is there a way to prevent users from changing the header. We do not want the envelope to be different than the header. (i.e: header from must match return-path). I am able to achieve all kinds of restrictions in postfix restrictions and restriction classes, but they all apply to the envelope, however when it comes to the header From field, then that is part of the message and the only place to write rules for it is header_checks. I could not find a way in header_checks that can achieve this. It cannot match two different fields and compare them. Am I missing something, Does MailScanner have a way to force this. I am using postfix 2.10.1 and MailScanner 5.0.07 and dovecot 2.2.10 -- Best Regards Monis -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmmm82 at gmail.com Sun Sep 2 09:26:17 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Sun, 2 Sep 2018 12:26:17 +0300 Subject: Prevent header forgery In-Reply-To: <201809021115.55544.Antony.Stone@mailscanner.open.source.it> References: <201809021115.55544.Antony.Stone@mailscanner.open.source.it> Message-ID: Hi Antony, I understand it is legit , especially it is a use case for mailing lists. However, we do not have a mailing list and it is unacceptable in an enterprise to have some one fake his address to be someone else and send some emails to external customers who would probably not check envelope headers, they will only see what they get in outlook main view. On Sun, Sep 2, 2018 at 12:16 PM Antony Stone < Antony.Stone at mailscanner.open.source.it> wrote: > On Sunday 02 September 2018 at 11:08:57, Monis Monther wrote: > > > Hi, > > > > Is there a way to prevent users from changing the header. We do not want > > the envelope to be different than the header. (i.e: header from must > match > > return-path). > > Have you looked at the headers of emails on this list? > > For example, the message you just sent arrived with me showing, amongst > others: > > Return-Path: bounces+antony.stone=mailscanner.open.source.it at lists.mailscanner.info> > > From: Monis Monther > > Reply-To: MailScanner Discussion > > > It's perfectly common for From to be different from Return-Path. > > > Regards, > > > Antony. > > -- > I conclude that there are two ways of constructing a software design: One > way > is to make it so simple that there are _obviously_ no deficiencies, and > the > other way is to make it so complicated that there are no _obvious_ > deficiencies. > > - C A R Hoare > > Please reply to the > list; > please *don't* CC > me. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmmm82 at gmail.com Sun Sep 2 09:27:50 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Sun, 2 Sep 2018 12:27:50 +0300 Subject: Prevent header forgery In-Reply-To: <614541427.4641.1535880094592.JavaMail.zimbra@vdb.nl> References: <614541427.4641.1535880094592.JavaMail.zimbra@vdb.nl> Message-ID: Hi Thom, Is this a spamassassin config or a RULE, if a rule do you have a link to download it. Thanks On Sun, Sep 2, 2018 at 12:21 PM Thom van der Boon wrote: > Hi, > > First you have to upgrade your system to the current versions: > > Mailscanner 5.1.1-1 > Spamassassin 3.4.1 (This is the latest (2015), I heard progress is being > made on a new version) > > After that Spamassassin has a HEADER_FROM_DIFFERENT_DOMAINS > > Met vriendelijke groet, Best regards, > > > Thom van der Boon > E-Mail: thom at vdb.nl > > > > ===== > > > > Thom.H. van der Boon b.v. > Transito 4 > 6909 DA Babberich > Tel.: +31 (0)88 4272727 <+31884272727> > Fax: +31 (0)88 4272789 > Home Page: http://www.vdb.nl/ > > ------------------------------ > *Van: *"Monis Monther" > *Aan: *"MailScanner Discussion" > *Verzonden: *Zondag 2 september 2018 11:08:57 > *Onderwerp: *Prevent header forgery > > Hi, > Is there a way to prevent users from changing the header. We do not want > the envelope to be different than the header. (i.e: header from must match > return-path). > > I am able to achieve all kinds of restrictions in postfix restrictions and > restriction classes, but they all apply to the envelope, however when it > comes to the header From field, then that is part of the message and the > only place to write rules for it is header_checks. I could not find a way > in header_checks that can achieve this. It cannot match two different > fields and compare them. > > Am I missing something, Does MailScanner have a way to force this. > > I am using postfix 2.10.1 and MailScanner 5.0.07 and dovecot 2.2.10 > > > > -- > Best Regards > Monis > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From thom at vdb.nl Sun Sep 2 09:31:48 2018 From: thom at vdb.nl (Thom van der Boon) Date: Sun, 2 Sep 2018 11:31:48 +0200 (CEST) Subject: Prevent header forgery In-Reply-To: References: <614541427.4641.1535880094592.JavaMail.zimbra@vdb.nl> Message-ID: <993663145.4847.1535880708643.JavaMail.zimbra@vdb.nl> Montis, Out of the "spamassassin 3.4.1" Box it scores a 0.25 You need to write a one line rule to give it a higher score.See the spamassassin docs how to do that Met vriendelijke groet, Best regards, Thom van der Boon E-Mail: thom at vdb.nl ===== Thom.H. van der Boon b.v. Transito 4 6909 DA Babberich Tel.: [ tel:+31884272727 | +31 (0)88 4272727 ] Fax: +31 (0)88 4272789 Home Page: http://www.vdb.nl/ Van: "Monis Monther" Aan: "MailScanner Discussion" Verzonden: Zondag 2 september 2018 11:27:50 Onderwerp: Re: Prevent header forgery Hi Thom, Is this a spamassassin config or a RULE, if a rule do you have a link to download it. Thanks On Sun, Sep 2, 2018 at 12:21 PM Thom van der Boon < [ mailto:thom at vdb.nl | thom at vdb.nl ] > wrote: Hi, First you have to upgrade your system to the current versions: Mailscanner 5.1.1-1 Spamassassin 3.4.1 (This is the latest (2015), I heard progress is being made on a new version) After that Spamassassin has a HEADER_FROM_DIFFERENT_DOMAINS Met vriendelijke groet, Best regards, Thom van der Boon E-Mail: [ mailto:thom at vdb.nl | thom at vdb.nl ] ===== Thom.H. van der Boon b.v. Transito 4 6909 DA Babberich Tel.: [ tel:+31884272727 | +31 (0)88 4272727 ] Fax: +31 (0)88 4272789 Home Page: [ http://www.vdb.nl/ | http://www.vdb.nl/ ] Van: "Monis Monther" < [ mailto:mmmm82 at gmail.com | mmmm82 at gmail.com ] > Aan: "MailScanner Discussion" < [ mailto:mailscanner at lists.mailscanner.info | mailscanner at lists.mailscanner.info ] > Verzonden: Zondag 2 september 2018 11:08:57 Onderwerp: Prevent header forgery Hi, Is there a way to prevent users from changing the header. We do not want the envelope to be different than the header. (i.e: header from must match return-path). I am able to achieve all kinds of restrictions in postfix restrictions and restriction classes, but they all apply to the envelope, however when it comes to the header From field, then that is part of the message and the only place to write rules for it is header_checks. I could not find a way in header_checks that can achieve this. It cannot match two different fields and compare them. Am I missing something, Does MailScanner have a way to force this. I am using postfix 2.10.1 and MailScanner 5.0.07 and dovecot 2.2.10 -- Best Regards Monis -- MailScanner mailing list [ mailto:mailscanner at lists.mailscanner.info | mailscanner at lists.mailscanner.info ] [ http://lists.mailscanner.info/mailman/listinfo/mailscanner | http://lists.mailscanner.info/mailman/listinfo/mailscanner ] -- MailScanner mailing list [ mailto:mailscanner at lists.mailscanner.info | mailscanner at lists.mailscanner.info ] [ http://lists.mailscanner.info/mailman/listinfo/mailscanner | http://lists.mailscanner.info/mailman/listinfo/mailscanner ] -- Best Regards Monis -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmmm82 at gmail.com Sun Sep 2 09:57:22 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Sun, 2 Sep 2018 12:57:22 +0300 Subject: Prevent header forgery In-Reply-To: <993663145.4847.1535880708643.JavaMail.zimbra@vdb.nl> References: <614541427.4641.1535880094592.JavaMail.zimbra@vdb.nl> <993663145.4847.1535880708643.JavaMail.zimbra@vdb.nl> Message-ID: Hi Thom, Found the rule, it seems I already have it, checked its score 0.25, bumped it up, I can have it any score as to be SPAM or High Score SPAM , we usually have a policy of deliver spam to user and dovecot sieve stores it in JUNK. Can I reject messages based on this RULE, can this be achieved. Thanks for the great help Thom On Sun, Sep 2, 2018 at 12:32 PM Thom van der Boon wrote: > Montis, > > Out of the "spamassassin 3.4.1" Box it scores a 0.25 > > You need to write a one line rule to give it a higher score.See the > spamassassin docs how to do that > > > > Met vriendelijke groet, Best regards, > > > Thom van der Boon > E-Mail: thom at vdb.nl > > > > ===== > > > > Thom.H. van der Boon b.v. > Transito 4 > 6909 DA Babberich > Tel.: +31 (0)88 4272727 <+31884272727> > Fax: +31 (0)88 4272789 > Home Page: http://www.vdb.nl/ > > ------------------------------ > *Van: *"Monis Monther" > *Aan: *"MailScanner Discussion" > *Verzonden: *Zondag 2 september 2018 11:27:50 > *Onderwerp: *Re: Prevent header forgery > > Hi Thom, > Is this a spamassassin config or a RULE, if a rule do you have a link to > download it. > > Thanks > > On Sun, Sep 2, 2018 at 12:21 PM Thom van der Boon wrote: > >> Hi, >> >> First you have to upgrade your system to the current versions: >> >> Mailscanner 5.1.1-1 >> Spamassassin 3.4.1 (This is the latest (2015), I heard progress is being >> made on a new version) >> >> After that Spamassassin has a HEADER_FROM_DIFFERENT_DOMAINS >> >> Met vriendelijke groet, Best regards, >> >> >> Thom van der Boon >> E-Mail: thom at vdb.nl >> >> >> >> ===== >> >> >> >> Thom.H. van der Boon b.v. >> Transito 4 >> 6909 DA Babberich >> Tel.: +31 (0)88 4272727 <+31884272727> >> Fax: +31 (0)88 4272789 >> Home Page: http://www.vdb.nl/ >> >> ------------------------------ >> *Van: *"Monis Monther" >> *Aan: *"MailScanner Discussion" >> *Verzonden: *Zondag 2 september 2018 11:08:57 >> *Onderwerp: *Prevent header forgery >> >> Hi, >> Is there a way to prevent users from changing the header. We do not want >> the envelope to be different than the header. (i.e: header from must match >> return-path). >> >> I am able to achieve all kinds of restrictions in postfix restrictions >> and restriction classes, but they all apply to the envelope, however when >> it comes to the header From field, then that is part of the message and the >> only place to write rules for it is header_checks. I could not find a way >> in header_checks that can achieve this. It cannot match two different >> fields and compare them. >> >> Am I missing something, Does MailScanner have a way to force this. >> >> I am using postfix 2.10.1 and MailScanner 5.0.07 and dovecot 2.2.10 >> >> >> >> -- >> Best Regards >> Monis >> >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> > > -- > Best Regards > Monis > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From iversons at rushville.k12.in.us Sun Sep 2 12:38:09 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sun, 2 Sep 2018 08:38:09 -0400 Subject: MailScanner 5.1.1-1 Released Message-ID: Package is available on the website, along with some website updates (Thanks Jerry!) https://www.mailscanner.info/ https://www.mailscanner.info/downloads/ https://github.com/MailScanner/v5/blob/master/changelog 5.1.1-1 now has an optional milter available for use with postfix. Note that the HOLD method can still be used, and there are no plans to remove that functionality. All existing MTAs are supported. https://github.com/MailScanner/v5/blob/master/doc/MailScanner%20Milter%20Guide.pdf -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From mailinglists at feedmebits.nl Sun Sep 2 12:47:14 2018 From: mailinglists at feedmebits.nl (Maarten) Date: Sun, 2 Sep 2018 14:47:14 +0200 Subject: MailScanner 5.1.1-1 Released In-Reply-To: References: Message-ID: <3fa8ba53-44be-79ff-0155-a2e84d7b97ed@feedmebits.nl> Thanks Shawn! Looks interesting! :) On 02-09-18 14:38, Shawn Iverson wrote: > Package is available on the website, along with some website updates > (Thanks Jerry!) > > https://www.mailscanner.info/ > https://www.mailscanner.info/downloads/ > https://github.com/MailScanner/v5/blob/master/changelog > > 5.1.1-1 now has an optional milter available for use with postfix.? > Note that the HOLD method can still be used, and there are no plans to > remove that functionality.? All existing MTAs are supported. > > https://github.com/MailScanner/v5/blob/master/doc/MailScanner%20Milter%20Guide.pdf > > -- > Shawn Iverson, CETL > Director of Technology > Rush County Schools > 765-932-3901 x1171 > iversons at rushville.k12.in.us > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mark at msapiro.net Sun Sep 2 14:18:04 2018 From: mark at msapiro.net (Mark Sapiro) Date: Sun, 2 Sep 2018 07:18:04 -0700 Subject: Prevent header forgery In-Reply-To: References: <614541427.4641.1535880094592.JavaMail.zimbra@vdb.nl> <993663145.4847.1535880708643.JavaMail.zimbra@vdb.nl> Message-ID: On 09/02/2018 02:57 AM, Monis Monther wrote: > > Found the rule, it seems I already have it, checked its score 0.25, > bumped it up, I can have it any score as to be SPAM or High Score SPAM , > we usually have a policy of deliver spam to user and dovecot sieve > stores it in JUNK. > > Can I reject messages based on this RULE, can this be achieved. Not at SMTP time, at least net without a spamassassin milter, but in MailScanner see . -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mmmm82 at gmail.com Mon Sep 3 05:59:05 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Mon, 3 Sep 2018 08:59:05 +0300 Subject: Prevent header forgery In-Reply-To: References: <614541427.4641.1535880094592.JavaMail.zimbra@vdb.nl> <993663145.4847.1535880708643.JavaMail.zimbra@vdb.nl>

Message-ID: Hi Mark, This seems interesting, I will give it a try, Thanks Thanks everyone for the help. You have all been of great benefit. On Sun, Sep 2, 2018 at 5:18 PM Mark Sapiro wrote: > On 09/02/2018 02:57 AM, Monis Monther wrote: > > > > Found the rule, it seems I already have it, checked its score 0.25, > > bumped it up, I can have it any score as to be SPAM or High Score SPAM , > > we usually have a policy of deliver spam to user and dovecot sieve > > stores it in JUNK. > > > > Can I reject messages based on this RULE, can this be achieved. > > > Not at SMTP time, at least net without a spamassassin milter, but in > MailScanner see > < > https://www.mailscanner.info/MailScanner.conf.index.html#SpamAssassin%20Rule%20Actions > >. > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmmm82 at gmail.com Mon Sep 3 06:26:01 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Mon, 3 Sep 2018 09:26:01 +0300 Subject: Prevent header forgery In-Reply-To: References: <614541427.4641.1535880094592.JavaMail.zimbra@vdb.nl> <993663145.4847.1535880708643.JavaMail.zimbra@vdb.nl>

Message-ID: Aside from all our discussion, what other ways are there to stop having email with headers different than the return-path (force matching envelope and header address). On Mon, Sep 3, 2018 at 8:59 AM Monis Monther wrote: > Hi Mark, > > This seems interesting, I will give it a try, Thanks > > Thanks everyone for the help. You have all been of great benefit. > > On Sun, Sep 2, 2018 at 5:18 PM Mark Sapiro wrote: > >> On 09/02/2018 02:57 AM, Monis Monther wrote: >> > >> > Found the rule, it seems I already have it, checked its score 0.25, >> > bumped it up, I can have it any score as to be SPAM or High Score SPAM , >> > we usually have a policy of deliver spam to user and dovecot sieve >> > stores it in JUNK. >> > >> > Can I reject messages based on this RULE, can this be achieved. >> >> >> Not at SMTP time, at least net without a spamassassin milter, but in >> MailScanner see >> < >> https://www.mailscanner.info/MailScanner.conf.index.html#SpamAssassin%20Rule%20Actions >> >. >> >> -- >> Mark Sapiro The highway is for gamblers, >> San Francisco Bay Area, California better use your sense - B. Dylan >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> > > -- > Best Regards > Monis > -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmmm82 at gmail.com Mon Sep 3 06:28:29 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Mon, 3 Sep 2018 09:28:29 +0300 Subject: Prevent header forgery In-Reply-To: <004a01d4429d$d763af00$862b0d00$@mailborder.com> References: <201809021115.55544.Antony.Stone@mailscanner.open.source.it> <004a01d4429d$d763af00$862b0d00$@mailborder.com> Message-ID: Hi Jerry, I just read this, this plugin is great, and seems easy to use, similar to Thom answer, thanks On Sun, Sep 2, 2018 at 12:18 PM Jerry Benton wrote: > https://wiki.apache.org/spamassassin/FromNotReplyTo > > > > -- > Jerry Benton > www.mailborder.com > +1 (843) 800-8605 > +44 (020) 3883-8605 > > > -----Original Message----- > From: MailScanner > > On > Behalf Of Antony Stone > Sent: Sunday, September 2, 2018 05:16 > To: MailScanner Discussion > Subject: Re: Prevent header forgery > > On Sunday 02 September 2018 at 11:08:57, Monis Monther wrote: > > > Hi, > > > > Is there a way to prevent users from changing the header. We do not want > > the envelope to be different than the header. (i.e: header from must > match > > return-path). > > Have you looked at the headers of emails on this list? > > For example, the message you just sent arrived with me showing, amongst > others: > > Return-Path: bounces+antony.stone=mailscanner.open.source.it at lists.mailscanner.info> > > From: Monis Monther > > Reply-To: MailScanner Discussion > > > It's perfectly common for From to be different from Return-Path. > > > Regards, > > > Antony. > > -- > I conclude that there are two ways of constructing a software design: One > way > is to make it so simple that there are _obviously_ no deficiencies, and > the > other way is to make it so complicated that there are no _obvious_ > deficiencies. > > - C A R Hoare > > Please reply to the > list; > please *don't* CC > me. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From mark at msapiro.net Mon Sep 3 14:44:56 2018 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 3 Sep 2018 07:44:56 -0700 Subject: Prevent header forgery In-Reply-To: References: <201809021115.55544.Antony.Stone@mailscanner.open.source.it> <004a01d4429d$d763af00$862b0d00$@mailborder.com> Message-ID: <44353fd5-557c-8858-9833-e43ba026b426@msapiro.net> On 09/02/2018 11:28 PM, Monis Monther wrote: > Hi Jerry, > > I just read this, this plugin is great, and seems easy to use, similar > to Thom answer, thanks > > On Sun, Sep 2, 2018 at 12:18 PM Jerry Benton > > wrote: > > https://wiki.apache.org/spamassassin/FromNotReplyTo However that checks that the From: address is not equal to the Reply-To: address when both exist. You would have to modify it to check Return-Path: or the envelope from. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From mmmm82 at gmail.com Mon Sep 3 19:06:09 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Mon, 3 Sep 2018 22:06:09 +0300 Subject: Prevent header forgery In-Reply-To: <44353fd5-557c-8858-9833-e43ba026b426@msapiro.net> References: <201809021115.55544.Antony.Stone@mailscanner.open.source.it> <004a01d4429d$d763af00$862b0d00$@mailborder.com> <44353fd5-557c-8858-9833-e43ba026b426@msapiro.net> Message-ID: Thanks Mark, noticed On Mon, Sep 3, 2018 at 5:45 PM Mark Sapiro wrote: > On 09/02/2018 11:28 PM, Monis Monther wrote: > > Hi Jerry, > > > > I just read this, this plugin is great, and seems easy to use, similar > > to Thom answer, thanks > > > > On Sun, Sep 2, 2018 at 12:18 PM Jerry Benton > > > > wrote: > > > > https://wiki.apache.org/spamassassin/FromNotReplyTo > > > However that checks that the From: address is not equal to the Reply-To: > address when both exist. You would have to modify it to check > Return-Path: or the envelope from. > > -- > Mark Sapiro The highway is for gamblers, > San Francisco Bay Area, California better use your sense - B. Dylan > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmmm82 at gmail.com Wed Sep 12 13:35:22 2018 From: mmmm82 at gmail.com (Monis Monther) Date: Wed, 12 Sep 2018 16:35:22 +0300 Subject: Multiple Images in Signature Message-ID: Greetings, Is there a way to add multiple images in the HTML signature, I have the signature working fine with a single HTML image and text. but failed to configure multiple images. postfix + MailScanner 5.0.7 -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From belle at bazuin.nl Wed Sep 12 14:10:40 2018 From: belle at bazuin.nl (=?windows-1252?Q?L.P.H._van_Belle?=) Date: Wed, 12 Sep 2018 16:10:40 +0200 Subject: Multiple Images in Signature In-Reply-To: References: Message-ID: Im guessing your using a setup with altermime? ? Embed you image in your html as base64 encode image. That works for me. ? setup. https://blog.edmdesigner.com/content-images-in-modern-html-emails/? ? convert your image. http://base64image.org/? ? Good luck! ? Greetz, Louis ? ? Van: MailScanner [mailto:mailscanner-bounces+belle=bazuin.nl at lists.mailscanner.info] Namens Monis Monther Verzonden: woensdag 12 september 2018 15:35 Aan: MailScanner discussion Onderwerp: Multiple Images in Signature Greetings, Is there a way to add multiple images in the HTML signature, I have the signature working fine with a single HTML image and text. but failed to configure multiple images. postfix?+ MailScanner 5.0.7 -- Best Regards Monis -------------- next part -------------- An HTML attachment was scrubbed... URL: From martintoy at gmail.com Sat Sep 22 13:38:28 2018 From: martintoy at gmail.com (=?UTF-8?B?TWFydMOtbiBHYXJjw61h?=) Date: Sat, 22 Sep 2018 08:38:28 -0500 Subject: mktemp: illegal option -- - On FreeBSD11 Message-ID: Helllo, Ive installed clamav on my FreeBSD 11. But seems like clamav-wrapper is not using properly mktemp. Doing a little research seems like mktemp on BSD does not use -- Please help, Martin Virus and Content Scanning: Starting mktemp: illegal option -- - usage: mktemp [-d] [-q] [-t prefix] [-u] template ... mktemp [-d] [-q] [-u] -t prefix ERROR: Option --tempdir requires a non-empty string argument ERROR: Can't parse command line options =========================================================================== If any of your virus scanners (clamav) -------------- next part -------------- An HTML attachment was scrubbed... URL: From iversons at rushville.k12.in.us Sat Sep 22 15:58:48 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sat, 22 Sep 2018 11:58:48 -0400 Subject: mktemp: illegal option -- - On FreeBSD11 In-Reply-To: References: Message-ID: https://github.com/MailScanner/v5/issues/226 On Sat, Sep 22, 2018 at 11:09 AM Mart?n Garc?a wrote: > Helllo, > Ive installed clamav on my FreeBSD 11. > But seems like clamav-wrapper is not using properly mktemp. > Doing a little research seems like mktemp on BSD does not use -- > > Please help, > > Martin > Virus and Content Scanning: Starting > mktemp: illegal option -- - > usage: mktemp [-d] [-q] [-t prefix] [-u] template ... > mktemp [-d] [-q] [-u] -t prefix > ERROR: Option --tempdir requires a non-empty string argument > ERROR: Can't parse command line options > =========================================================================== > > If any of your virus scanners (clamav) > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From sales at edenusa.com Sat Sep 22 18:19:57 2018 From: sales at edenusa.com (Paul Scott) Date: Sat, 22 Sep 2018 18:19:57 +0000 Subject: mktemp: illegal option -- - On FreeBSD11 In-Reply-To: References:

Message-ID: I finally have a new machine up and running a fresh install of the latest version of CENT OS. I was wondering what the best method of propagation from the old server to the new one would be, and if anybody on the list here have idea or experience doing this. Thank you very much! Sincerely, Paul Scott, Engineer Eden USA, Incorporated Event Production Services Since 1995 Los Angeles-Las Vegas-New York sales at edenusa.com OR edenusasales at gmail.com Telephone(s): 866.501.3336 OR 951.505.6967 Fax: 866.502.3336 Please review us on Google, Yelp, or Facebook, at the following links: Google: https://search.google.com/local/writereview?placeid=ChIJm4J-vUTI3IARijguiVdQJTs Yelp: https://www.yelp.com/writeareview/search?war_desc=Eden+USA&war_loc=Corona%2C+CA Facebook: https://www.facebook.com/pg/EdenUSAInc/reviews/ Please visit us on our website or on our Facebook Business page: WEBSITE: https://www.edenusa.com FACEBOOK: http://www.facebook.com/edenusainc From: MailScanner On Behalf Of Shawn Iverson via MailScanner Sent: Saturday, September 22, 2018 8:59 AM To: mailscanner at lists.mailscanner.info Cc: Shawn Iverson Subject: Re: mktemp: illegal option -- - On FreeBSD11 https://github.com/MailScanner/v5/issues/226 On Sat, Sep 22, 2018 at 11:09 AM Mart?n Garc?a > wrote: Helllo, Ive installed clamav on my FreeBSD 11. But seems like clamav-wrapper is not using properly mktemp. Doing a little research seems like mktemp on BSD does not use -- Please help, Martin Virus and Content Scanning: Starting mktemp: illegal option -- - usage: mktemp [-d] [-q] [-t prefix] [-u] template ... mktemp [-d] [-q] [-u] -t prefix ERROR: Option --tempdir requires a non-empty string argument ERROR: Can't parse command line options =========================================================================== If any of your virus scanners (clamav) -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us [https://docs.google.com/uc?export=download&id=0Bw5iD0ToYvs_cy1OZFNIZ0drYVU&revid=0Bw5iD0ToYvs_UitIcHVIWkJVVTl2VGpxVUE0d0FQcHBIRXk4PQ][https://docs.google.com/uc?export=download&id=0Bw5iD0ToYvs_Zkh4eEs3R01yWXc&revid=0Bw5iD0ToYvs_QWpBK2Y2ajJtYjhOMDRFekZwK2xOamk5Q3Y0PQ] [https://docs.google.com/uc?export=download&id=1aBrlQou4gjB04FY-twHN_0Dn3GHVNxqa&revid=0Bw5iD0ToYvs_RnQ0eDhHcm95WHBFdkNRbXhQRXpoYkR6SEEwPQ] -------------- next part -------------- An HTML attachment was scrubbed... URL: From kenneth at khansen-it.dk Sun Sep 23 11:43:34 2018 From: kenneth at khansen-it.dk (Kenneth Hansen) Date: Sun, 23 Sep 2018 11:43:34 +0000 Subject: Release quarantined message using postfix Message-ID: <8D5BA37D-311C-465D-948F-638AE3E9DE5A@khansen-it.dk> Hi I am building a custom solution with MailScanner v5 and Postfix as the MTA. I followed the MTA guide on mailscanner.info for setting it up using postfix. However, I have an issue when it comes to releasing a message marked as high-spam and therefore it is stored and not delivered to the recipient. The server running MailScanner + Postfix is not the same as the server where the recipient email account is located. If I just use the sendmail command with -i and -f options, postfix does try to deliver the quarantined email, but MailScanner will process it again and therefore it is once again stopped as high-spam. Is there a way to make postfix deliver the email, without having MailScanner process it again or at least just skip spam scanning? I am not using the new Milter option, which means I still use the ?current? Hold queue option. -------------- next part -------------- An HTML attachment was scrubbed... URL: From iversons at rushville.k12.in.us Sun Sep 23 13:59:32 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sun, 23 Sep 2018 09:59:32 -0400 Subject: Release quarantined message using postfix In-Reply-To: <8D5BA37D-311C-465D-948F-638AE3E9DE5A@khansen-it.dk> References: <8D5BA37D-311C-465D-948F-638AE3E9DE5A@khansen-it.dk> Message-ID: Check this out. It is a MailWatch FAQ, but it is relevant to your scenario. https://docs.mailwatch.org/using/faq.html On Sun, Sep 23, 2018 at 9:42 AM Kenneth Hansen wrote: > Hi > I am building a custom solution with MailScanner v5 and Postfix as the MTA. > I followed the MTA guide on mailscanner.info for setting it up using > postfix. > > However, I have an issue when it comes to releasing a message marked as > high-spam and therefore it is stored and not delivered to the recipient. > The server running MailScanner + Postfix is not the same as the server > where the recipient email account is located. > > If I just use the sendmail command with -i and -f options, postfix does > try to deliver the quarantined email, but MailScanner will process it again > and therefore it is once again stopped as high-spam. > Is there a way to make postfix deliver the email, without having > MailScanner process it again or at least just skip spam scanning? > > I am not using the new Milter option, which means I still use the > ?current? Hold queue option. > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From iversons at rushville.k12.in.us Sun Sep 23 14:01:07 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Sun, 23 Sep 2018 10:01:07 -0400 Subject: Release quarantined message using postfix In-Reply-To: References: <8D5BA37D-311C-465D-948F-638AE3E9DE5A@khansen-it.dk> Message-ID: Also, whitelist your localhost to bypass general MailScanner scanning on release. On Sun, Sep 23, 2018 at 9:59 AM Shawn Iverson wrote: > Check this out. It is a MailWatch FAQ, but it is relevant to your > scenario. > > https://docs.mailwatch.org/using/faq.html > > On Sun, Sep 23, 2018 at 9:42 AM Kenneth Hansen > wrote: > >> Hi >> I am building a custom solution with MailScanner v5 and Postfix as the >> MTA. >> I followed the MTA guide on mailscanner.info for setting it up using >> postfix. >> >> However, I have an issue when it comes to releasing a message marked as >> high-spam and therefore it is stored and not delivered to the recipient. >> The server running MailScanner + Postfix is not the same as the server >> where the recipient email account is located. >> >> If I just use the sendmail command with -i and -f options, postfix does >> try to deliver the quarantined email, but MailScanner will process it again >> and therefore it is once again stopped as high-spam. >> Is there a way to make postfix deliver the email, without having >> MailScanner process it again or at least just skip spam scanning? >> >> I am not using the new Milter option, which means I still use the >> ?current? Hold queue option. >> >> >> -- >> MailScanner mailing list >> mailscanner at lists.mailscanner.info >> http://lists.mailscanner.info/mailman/listinfo/mailscanner >> >> > > -- > Shawn Iverson, CETL > Director of Technology > Rush County Schools > 765-932-3901 x1171 > iversons at rushville.k12.in.us > > > -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From martintoy at gmail.com Tue Sep 25 19:51:26 2018 From: martintoy at gmail.com (=?UTF-8?B?TWFydMOtbiBHYXJjw61h?=) Date: Tue, 25 Sep 2018 14:51:26 -0500 Subject: TNEF decoder failed with real error / FreeBSD11 Message-ID: Hello, Im having this issue with MailScanner over FreeBSD Sep 25 14:44:31 SINCHI01 MailScanner[37683]: TNEF decoder failed with real error: Can't run tnef decoder: No such file or directory at /usr/local/share/MailScanner/perl/MailScanner/TNEF.pm line 272. My MailScanner setup seems correct. #### MailScanner --lint Trying to setlogsock(unix) Reading configuration file /usr/local/etc/MailScanner/MailScanner.conf Reading configuration file /usr/local/etc/MailScanner/conf.d/README Read 1500 hostnames from the phishing whitelist Read 16275 hostnames from the phishing blacklists Checking version numbers... Version number in MailScanner.conf (5.0.3) is correct. ERROR: The "envelope_sender_header" in your spamassassin.conf ERROR: is not correct, it should match X-Nettix-MailScanner-From MailScanner setting GID to (125) MailScanner setting UID to (125) Checking for SpamAssassin errors (if you use it)... Using SpamAssassin results cache Connected to SpamAssassin cache database SpamAssassin reported no errors. Connected to Processing Attempts Database Created Processing Attempts Database successfully There are 29 messages in the Processing Attempts Database Using locktype = posix MailScanner.conf says "Virus Scanners = clamd" mktemp: illegal option -- - usage: mktemp [-d] [-q] [-t prefix] [-u] template ... mktemp [-d] [-q] [-u] -t prefix Found these virus scanners installed: clamd =========================================================================== Filename Checks: Windows/DOS Executable (1 eicar.com) Other Checks: Found 1 problems Virus and Content Scanning: Starting Clamd::INFECTED:: Eicar-Test-Signature :: ./1/eicar.com Virus Scanning: Clamd found 1 infections Infected message 1 came from 10.1.1.1 Virus Scanning: Found 1 viruses =========================================================================== Virus Scanner test reports: Clamd said "eicar.com was infected: Eicar-Test-Signature" If any of your virus scanners (clamd) are not listed there, you should check that they are installed correctly and that MailScanner is finding them correctly via its virus.scanners.conf. -- Saludos / Best regards MARTIN GARCIA -------------- next part -------------- An HTML attachment was scrubbed... URL: From iversons at rushville.k12.in.us Tue Sep 25 21:47:46 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Tue, 25 Sep 2018 17:47:46 -0400 Subject: TNEF decoder failed with real error / FreeBSD11 In-Reply-To: References: Message-ID: Your FreeBSD install is missing a TNEF decoder. https://www.freshports.org/converters/tnef/ On Tue, Sep 25, 2018 at 3:51 PM Mart?n Garc?a wrote: > Hello, > Im having this issue with MailScanner over FreeBSD > > Sep 25 14:44:31 SINCHI01 MailScanner[37683]: TNEF decoder failed with real > error: Can't run tnef decoder: No such file or directory at > /usr/local/share/MailScanner/perl/MailScanner/TNEF.pm line 272. > > My MailScanner setup seems correct. > > #### > > MailScanner --lint > Trying to setlogsock(unix) > > Reading configuration file /usr/local/etc/MailScanner/MailScanner.conf > Reading configuration file /usr/local/etc/MailScanner/conf.d/README > Read 1500 hostnames from the phishing whitelist > Read 16275 hostnames from the phishing blacklists > > Checking version numbers... > Version number in MailScanner.conf (5.0.3) is correct. > > ERROR: The "envelope_sender_header" in your spamassassin.conf > ERROR: is not correct, it should match X-Nettix-MailScanner-From > > MailScanner setting GID to (125) > MailScanner setting UID to (125) > > Checking for SpamAssassin errors (if you use it)... > Using SpamAssassin results cache > Connected to SpamAssassin cache database > SpamAssassin reported no errors. > Connected to Processing Attempts Database > Created Processing Attempts Database successfully > There are 29 messages in the Processing Attempts Database > Using locktype = posix > MailScanner.conf says "Virus Scanners = clamd" > mktemp: illegal option -- - > usage: mktemp [-d] [-q] [-t prefix] [-u] template ... > mktemp [-d] [-q] [-u] -t prefix > Found these virus scanners installed: clamd > =========================================================================== > Filename Checks: Windows/DOS Executable (1 eicar.com) > Other Checks: Found 1 problems > Virus and Content Scanning: Starting > Clamd::INFECTED:: Eicar-Test-Signature :: ./1/eicar.com > Virus Scanning: Clamd found 1 infections > Infected message 1 came from 10.1.1.1 > Virus Scanning: Found 1 viruses > =========================================================================== > Virus Scanner test reports: > Clamd said "eicar.com was infected: Eicar-Test-Signature" > > If any of your virus scanners (clamd) > are not listed there, you should check that they are installed correctly > and that MailScanner is finding them correctly via its virus.scanners.conf. > > > -- > Saludos / Best regards > > MARTIN GARCIA > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From kevin.miller at juneau.org Tue Sep 25 23:38:39 2018 From: kevin.miller at juneau.org (Kevin Miller) Date: Tue, 25 Sep 2018 23:38:39 +0000 Subject: Sophos and TNEF Message-ID: <4806d36d35134ff0b934e3a6395e47a3@City-Exch-DB2.cbj.local> I just installed the Sophos Antivirus for Linux and was wading through MailScanner.conf. I noticed this section: "Expand TNEF attachments using an external program (or a Perl module)? This should be "yes" unless the scanner you are using (Sophos, McAfee) has the facility built-in. However, if you set it to "no", then the filenames within the TNEF attachment will not be checked against the filename rules." I set it to Expand TNEF = no However I'm also using clamav which, AFAIK, doesn't have a built in TNEF expander. So I'm wondering if I should set it to Yes instead so that clamAV can also scan the message. I presume that Sophos will be able to scan it regardless of whether it's pre-expanded or not. Is that a correct assumption? TIA... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 From iversons at rushville.k12.in.us Wed Sep 26 00:07:15 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Tue, 25 Sep 2018 20:07:15 -0400 Subject: Sophos and TNEF In-Reply-To: <4806d36d35134ff0b934e3a6395e47a3@City-Exch-DB2.cbj.local> References: <4806d36d35134ff0b934e3a6395e47a3@City-Exch-DB2.cbj.local> Message-ID: I'm not entirely certain the answer to this, but TNEF expansion will work in either scenario when enabled. A/V scanners will still scan the files nonetheless after they are expanded, even if they have the support built-in. On Tue, Sep 25, 2018 at 7:38 PM Kevin Miller wrote: > I just installed the Sophos Antivirus for Linux and was wading through > MailScanner.conf. I noticed this section: > "Expand TNEF attachments using an external program (or a Perl module)? > This should be "yes" unless the scanner you are using (Sophos, McAfee) has > the facility built-in. However, if you set it to "no", then the filenames > within the TNEF attachment will not be checked against the filename > rules." > > I set it to > Expand TNEF = no > > However I'm also using clamav which, AFAIK, doesn't have a built in TNEF > expander. So I'm wondering if I should set it to Yes instead so that > clamAV can also scan the message. I presume that Sophos will be able to > scan it regardless of whether it's pre-expanded or not. Is that a correct > assumption? > > TIA... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From kevin.miller at juneau.org Wed Sep 26 19:01:49 2018 From: kevin.miller at juneau.org (Kevin Miller) Date: Wed, 26 Sep 2018 19:01:49 +0000 Subject: Feature request Message-ID: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> Don't know if I should do a bug report (it's not really a bug) or just a feature request here, but would it be much trouble to create an en-uk report directory alongside the en report directory? The current English reports contain verbiage similar to: " Due to limitations placed on us by the Regulation of Investigatory Powers Act 2000, we were unable to keep a copy of the infected attachment. Please ask the sender of the message to disinfect their original version and send you a clean copy." Being in the US, the " Regulation of Investigatory Powers Act 2000" is pretty much irrelevant to my users. It would be nice, if/when doing an installation or upgrade, if the process asked whether to use reports with a "British accent" or a more generic non-UK specific English report. Not sure if AU, NZ, CA, etc. are subject to the aforementioned act but us yanks would be appreciative. Best... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 From maxsec at gmail.com Wed Sep 26 19:35:53 2018 From: maxsec at gmail.com (Martin Hepworth) Date: Wed, 26 Sep 2018 20:35:53 +0100 Subject: Feature request In-Reply-To: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> References: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> Message-ID: Purely UK law, but that's been replaced this year anyway Just in an edible file isn't it anyway isn't it? On Wed, 26 Sep 2018 at 20:02, Kevin Miller wrote: > Don't know if I should do a bug report (it's not really a bug) or just a > feature request here, but would it be much trouble to create an en-uk > report directory alongside the en report directory? The current English > reports contain verbiage similar to: > " Due to limitations placed on us by the Regulation of Investigatory > Powers Act 2000, we were unable to keep a copy of the infected attachment. > Please ask the sender of the message to disinfect their original version > and send you a clean copy." > > Being in the US, the " Regulation of Investigatory Powers Act 2000" is > pretty much irrelevant to my users. It would be nice, if/when doing an > installation or upgrade, if the process asked whether to use reports with a > "British accent" or a more generic non-UK specific English report. Not > sure if AU, NZ, CA, etc. are subject to the aforementioned act but us yanks > would be appreciative. > > Best... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- -- Martin Hepworth, CISSP Oxford, UK -------------- next part -------------- An HTML attachment was scrubbed... URL: From kevin.miller at juneau.org Wed Sep 26 20:06:06 2018 From: kevin.miller at juneau.org (Kevin Miller) Date: Wed, 26 Sep 2018 20:06:06 +0000 Subject: Feature request In-Reply-To: References: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> Message-ID: <29916ba240da40998a0773a8d2811f21@City-Exch-DB2.cbj.local> It is editable. I?ve already gone in and deleted the unwanted text. Hopefully the next upgrade won?t overwrite the files. It?s easy enough to clean up, but better to ?treat the disease rather than the symptom?. It?s a pretty low level request but if the devs have 15 minutes to spare before the next release it would make it moot. If it isn?t done, no biggie. It would just be nice? ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 From: MailScanner [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner.info] On Behalf Of Martin Hepworth Sent: Wednesday, September 26, 2018 11:36 AM To: MailScanner Discussion Subject: Re: Feature request Purely UK law, but that's been replaced this year anyway Just in an edible file isn't it anyway isn't it? On Wed, 26 Sep 2018 at 20:02, Kevin Miller > wrote: Don't know if I should do a bug report (it's not really a bug) or just a feature request here, but would it be much trouble to create an en-uk report directory alongside the en report directory? The current English reports contain verbiage similar to: " Due to limitations placed on us by the Regulation of Investigatory Powers Act 2000, we were unable to keep a copy of the infected attachment. Please ask the sender of the message to disinfect their original version and send you a clean copy." Being in the US, the " Regulation of Investigatory Powers Act 2000" is pretty much irrelevant to my users. It would be nice, if/when doing an installation or upgrade, if the process asked whether to use reports with a "British accent" or a more generic non-UK specific English report. Not sure if AU, NZ, CA, etc. are subject to the aforementioned act but us yanks would be appreciative. Best... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner -- -- Martin Hepworth, CISSP Oxford, UK -------------- next part -------------- An HTML attachment was scrubbed... URL: From mark at msapiro.net Wed Sep 26 21:58:15 2018 From: mark at msapiro.net (Mark Sapiro) Date: Wed, 26 Sep 2018 14:58:15 -0700 Subject: Feature request In-Reply-To: <29916ba240da40998a0773a8d2811f21@City-Exch-DB2.cbj.local> References: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> <29916ba240da40998a0773a8d2811f21@City-Exch-DB2.cbj.local> Message-ID: <02adfdca-b512-17a8-a37d-b53647417aa4@msapiro.net> On 9/26/18 1:06 PM, Kevin Miller wrote: > It is editable.? I?ve already gone in and deleted the unwanted text.? > Hopefully the next upgrade won?t overwrite the files.? It?s easy enough > to clean up, but better to ?treat the disease rather than the symptom?.? > It?s? a pretty low level request but if the devs have 15 minutes to > spare before the next release it would make it moot.?? If it isn?t done, > no biggie.? It would just be nice? Set %report-dir% in your MailScanner.conf to some directory (I use /usr/share/MailScanner/reports/local), copy all the 'en' reports there and edit them as you like. You must set %report-dir% in your MailScanner.conf, not in a conf.d/ file because it is used in MailScanner.conf before the conf.d files are included. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From iversons at rushville.k12.in.us Thu Sep 27 07:51:34 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Thu, 27 Sep 2018 03:51:34 -0400 Subject: Feature request In-Reply-To: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> References: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> Message-ID: Hi Kevin, No trouble at all. How should we word the template? On Wed, Sep 26, 2018 at 3:02 PM Kevin Miller wrote: > Don't know if I should do a bug report (it's not really a bug) or just a > feature request here, but would it be much trouble to create an en-uk > report directory alongside the en report directory? The current English > reports contain verbiage similar to: > " Due to limitations placed on us by the Regulation of Investigatory > Powers Act 2000, we were unable to keep a copy of the infected attachment. > Please ask the sender of the message to disinfect their original version > and send you a clean copy." > > Being in the US, the " Regulation of Investigatory Powers Act 2000" is > pretty much irrelevant to my users. It would be nice, if/when doing an > installation or upgrade, if the process asked whether to use reports with a > "British accent" or a more generic non-UK specific English report. Not > sure if AU, NZ, CA, etc. are subject to the aforementioned act but us yanks > would be appreciative. > > Best... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From kevin.miller at juneau.org Thu Sep 27 16:40:50 2018 From: kevin.miller at juneau.org (Kevin Miller) Date: Thu, 27 Sep 2018 16:40:50 +0000 Subject: Feature request In-Reply-To: References: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> Message-ID: <0d7f036251e9497fb973461630fa0eb0@City-Exch-DB2.cbj.local> I guess the easiest thing to do would be to just remove the ?Due to limitations placed on us by the Regulation of Investigatory Powers Act 2000, we were unable to keep a copy of the infected attachment.? part. Since different users will have varying policies regarding keeping or discarding infected/cleaned documents keeping it generic is probably the best bet. Martin mentioned that it's " Purely UK law, but that's been replaced this year anyway"; it may be a good idea to find out what it's been replaced with and substitute that in the en-uk directory. Or maybe just remove it altogether and just leave a single en directory. Maybe it's being replaced by an EU directive? Of course, with Brexit, that would be moot next year anyway, presumably. I don't know if the different language translations also have that same phrase or something similar; I guess it would be up those contributors as to what edits are appropriate. Such a simple technical problem and a morass of confusion politically! :-) ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 From: MailScanner [mailto:mailscanner-bounces+kevin.miller=juneau.org at lists.mailscanner.info] On Behalf Of Shawn Iverson via MailScanner Sent: Wednesday, September 26, 2018 11:52 PM To: mailscanner at lists.mailscanner.info Cc: Shawn Iverson Subject: Re: Feature request Hi Kevin, No trouble at all. How should we word the template? On Wed, Sep 26, 2018 at 3:02 PM Kevin Miller wrote: Don't know if I should do a bug report (it's not really a bug) or just a feature request here, but would it be much trouble to create an en-uk report directory alongside the en report directory?? The current English reports contain verbiage similar to: " Due to limitations placed on us by the Regulation of Investigatory Powers Act 2000, we were unable to keep a copy of the infected attachment. Please ask the sender of the message to disinfect their original version and send you a clean copy."? Being in the US, the " Regulation of Investigatory Powers Act 2000" is pretty much irrelevant to my users.? It would be nice, if/when doing an installation or upgrade, if the process asked whether to use reports with a "British accent" or a more generic non-UK specific English report.? Not sure if AU, NZ, CA, etc. are subject to the aforementioned act but us yanks would be appreciative. Best... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us From kevin.miller at juneau.org Thu Sep 27 19:55:42 2018 From: kevin.miller at juneau.org (Kevin Miller) Date: Thu, 27 Sep 2018 19:55:42 +0000 Subject: sanesecurity Message-ID: <38719bf92fee4c02b636864ae99bf35f@City-Exch-DB2.cbj.local> I'm looking at adding the sanesecurity clam-av signatures to my MailScanner hosts. It wants to do things with the clam permissions and such - probably all that is fine (looks like default settings at a quick glance) but with the newer versions of MailScanner making use of the mta-group group, I was wondering if anybody else is using sanesecurity and if there are any specific modifications to make. Thanks... ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 From iversons at rushville.k12.in.us Thu Sep 27 19:56:37 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Thu, 27 Sep 2018 15:56:37 -0400 Subject: sanesecurity In-Reply-To: <38719bf92fee4c02b636864ae99bf35f@City-Exch-DB2.cbj.local> References: <38719bf92fee4c02b636864ae99bf35f@City-Exch-DB2.cbj.local> Message-ID: Using them, seem to be fine. I didn't have to do anything special. On Thu, Sep 27, 2018 at 3:55 PM Kevin Miller wrote: > I'm looking at adding the sanesecurity clam-av signatures to my > MailScanner hosts. It wants to do things with the clam permissions and > such - probably all that is fine (looks like default settings at a quick > glance) but with the newer versions of MailScanner making use of the > mta-group group, I was wondering if anybody else is using sanesecurity and > if there are any specific modifications to make. > > Thanks... > > ...Kevin > -- > Kevin Miller > Network/email Administrator, CBJ MIS Dept. > 155 South Seward Street > Juneau, Alaska 99801 > Phone: (907) 586-0242, Fax: (907) 586-4588 Registered Linux User No: 307357 > > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: From martintoy at gmail.com Thu Sep 27 22:34:16 2018 From: martintoy at gmail.com (=?UTF-8?B?TWFydMOtbiBHYXJjw61h?=) Date: Thu, 27 Sep 2018 17:34:16 -0500 Subject: Fwd: TNEF decoder failed with real error / FreeBSD11 In-Reply-To: References: Message-ID: Hello, Just for the record, I found the issue If you want to invoke tnef, you should change the path for TNEF in FreeBSD11 as below. # This can also be the filename of a ruleset. #TNEF Expander = internal #TNEF Expander = /usr/bin/tnef --maxsize=100000000 TNEF Expander = /usr/local/bin/tnef --maxsize=100000000 ---------- Forwarded message --------- From: Mart?n Garc?a Date: mar., 25 de sep. de 2018 a la(s) 14:51 Subject: TNEF decoder failed with real error / FreeBSD11 To: Hello, Im having this issue with MailScanner over FreeBSD Sep 25 14:44:31 SINCHI01 MailScanner[37683]: TNEF decoder failed with real error: Can't run tnef decoder: No such file or directory at /usr/local/share/MailScanner/perl/MailScanner/TNEF.pm line 272. My MailScanner setup seems correct. #### MailScanner --lint Trying to setlogsock(unix) Reading configuration file /usr/local/etc/MailScanner/MailScanner.conf Reading configuration file /usr/local/etc/MailScanner/conf.d/README Read 1500 hostnames from the phishing whitelist Read 16275 hostnames from the phishing blacklists Checking version numbers... Version number in MailScanner.conf (5.0.3) is correct. ERROR: The "envelope_sender_header" in your spamassassin.conf ERROR: is not correct, it should match X-Nettix-MailScanner-From MailScanner setting GID to (125) MailScanner setting UID to (125) Checking for SpamAssassin errors (if you use it)... Using SpamAssassin results cache Connected to SpamAssassin cache database SpamAssassin reported no errors. Connected to Processing Attempts Database Created Processing Attempts Database successfully There are 29 messages in the Processing Attempts Database Using locktype = posix MailScanner.conf says "Virus Scanners = clamd" mktemp: illegal option -- - usage: mktemp [-d] [-q] [-t prefix] [-u] template ... mktemp [-d] [-q] [-u] -t prefix Found these virus scanners installed: clamd =========================================================================== Filename Checks: Windows/DOS Executable (1 eicar.com) Other Checks: Found 1 problems Virus and Content Scanning: Starting Clamd::INFECTED:: Eicar-Test-Signature :: ./1/eicar.com Virus Scanning: Clamd found 1 infections Infected message 1 came from 10.1.1.1 Virus Scanning: Found 1 viruses =========================================================================== Virus Scanner test reports: Clamd said "eicar.com was infected: Eicar-Test-Signature" If any of your virus scanners (clamd) are not listed there, you should check that they are installed correctly and that MailScanner is finding them correctly via its virus.scanners.conf. -- Saludos / Best regards MARTIN GARCIA -- Saludos / Best regards MARTIN GARCIA http://martintoy.4t.com mailto:martintoy at gmail.com ----- Please, take a look at my pics, and give me your opinion http://www.flickr.com/martix -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at fonant.com Fri Sep 28 11:12:21 2018 From: lists at fonant.com (Anthony Cartmell) Date: Fri, 28 Sep 2018 12:12:21 +0100 Subject: Feature request In-Reply-To: <0d7f036251e9497fb973461630fa0eb0@City-Exch-DB2.cbj.local> References: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> <0d7f036251e9497fb973461630fa0eb0@City-Exch-DB2.cbj.local> Message-ID: <74207397-c299-08d9-c9ca-adf5b7bc7c23@fonant.com> > Martin mentioned that it's " Purely UK law, but that's been replaced this year anyway"; it may be a good idea to find out what it's been replaced with and substitute that in the en-uk directory. The Data Protection Act 2018, I think. This Act is UK law that makes local additions/modifications to the General Data Protection Regulation (GDPR) which is an EU-wide Regulation that applies automatically to all EU states. https://ico.org.uk/for-organisations/data-protection-act-2018/ > Of course, with Brexit, that would be moot next year anyway, presumably. Unless Brexit is cancelled, which seems extremely unlikely, the UK would certainly no longer be controlled by the GDPR, as we won't be an EU state any more. But the Data Protection Act would still be in force, as it's UK law. But the DPA refers to the GDPR, and the information Commissioner's Office says: "It is therefore important the GDPR and the DPA 2018 are read side by side." For Service Providers: It's likely that UK service providers will still need to take the GDPR into account, even though it won't be UK law any more. Service providers that only provide services to non-EU customers, which will include UK customers after Brexit, will no longer need to comply with the GDPR. UK service providers will still need to comply with the Data Protection Act, which is based on the GDPR, which no longer applies, so.... who knows? For Consumers: Looking at it from the consumers' point of view, the GDPR is all about EU Citizens, but us British lose our EU citizenship at the end of March next year. So British people will no longer be able to use the GDPR to protect their privacy. It's all a bl**dy mess! Anthony -- www.fonant.com - Quality web sites Tel. 01903 867 810 Fonant Ltd is registered in England and Wales, company No. 7006596 Registered office: Amelia House, Crescent Road, Worthing, West Sussex, BN11 1QR From kevin.miller at juneau.org Fri Sep 28 16:23:11 2018 From: kevin.miller at juneau.org (Kevin Miller) Date: Fri, 28 Sep 2018 16:23:11 +0000 Subject: Feature request In-Reply-To: <74207397-c299-08d9-c9ca-adf5b7bc7c23@fonant.com> References: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> <0d7f036251e9497fb973461630fa0eb0@City-Exch-DB2.cbj.local> <74207397-c299-08d9-c9ca-adf5b7bc7c23@fonant.com> Message-ID: <6a3420735c2b42578d60725c8e96dea8@City-Exch-DB2.cbj.local> > It's all a bl**dy mess! Which explains the popularity of a good pint of stout! :-) ...Kevin -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner From iversons at rushville.k12.in.us Sat Sep 29 01:24:33 2018 From: iversons at rushville.k12.in.us (Shawn Iverson) Date: Fri, 28 Sep 2018 21:24:33 -0400 Subject: Feature request In-Reply-To: <6a3420735c2b42578d60725c8e96dea8@City-Exch-DB2.cbj.local> References: <0c775f0bd0ff49cd8e4aae181aae8a5b@City-Exch-DB2.cbj.local> <0d7f036251e9497fb973461630fa0eb0@City-Exch-DB2.cbj.local> <74207397-c299-08d9-c9ca-adf5b7bc7c23@fonant.com> <6a3420735c2b42578d60725c8e96dea8@City-Exch-DB2.cbj.local> Message-ID: Can I add that to the en-uk template? :D On Fri, Sep 28, 2018 at 12:23 PM Kevin Miller wrote: > > It's all a bl**dy mess! > > Which explains the popularity of a good pint of stout! :-) > > ...Kevin > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > > > -- > MailScanner mailing list > mailscanner at lists.mailscanner.info > http://lists.mailscanner.info/mailman/listinfo/mailscanner > > -- Shawn Iverson, CETL Director of Technology Rush County Schools 765-932-3901 x1171 iversons at rushville.k12.in.us -------------- next part -------------- An HTML attachment was scrubbed... URL: