From tony at canetoad.co.uk Tue Jan 7 12:50:41 2020 From: tony at canetoad.co.uk (Tony Yates) Date: Tue, 7 Jan 2020 12:50:41 +0000 Subject: MailScanner Breaks with Exim 4.93 Header file Change Message-ID: <037b5405-d820-a047-0011-f12612501ba3@canetoad.co.uk> Hi, There is a behaviour change in the Header file in Exim 4.93 that breaks MailScanner. Described on page 493 of the Exim Spec: Relating to the 'H' spool file 'Hyphen variables' - "Any of the above may have an extra hyphen prepended, to indicate the the corresponding data is untrusted." Have contacted the Exim developers and they do not regard the spool file as "an exported, stable interface" and therefore regard this as a MailScanner problem to fix. Could this be looked at please? Thanks. Regards, Tony.. From w.halsall at farn-ct.ac.uk Thu Jan 9 16:52:16 2020 From: w.halsall at farn-ct.ac.uk (Will Halsall) Date: Thu, 9 Jan 2020 16:52:16 +0000 Subject: unsubscribe Message-ID: Unsubscribe [http://fcot5.farn-ct.ac.uk/Email_Signature_Open_Events.jpg] This message is intended only for the use of the person(s) to whom it is addressed, and may contain privileged and confidential information. If it has come to you in error, please contact the sender as soon as possible, and note that you must take no action based on the content, nor must you copy, distribute, or show the content to any other person. In accordance with its legal obligations, Farnborough College of Technology reserves the right to monitor the content of e-mails sent and received, but will not do so routinely. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Antony.Stone at mailscanner.open.source.it Thu Jan 9 16:56:13 2020 From: Antony.Stone at mailscanner.open.source.it (Antony Stone) Date: Thu, 9 Jan 2020 17:56:13 +0100 Subject: unsubscribe In-Reply-To: References: Message-ID: <202001091756.13712.Antony.Stone@mailscanner.open.source.it> On Thursday 09 January 2020 at 17:52:16, Will Halsall wrote: > Unsubscribe Close, but not quite - you need to ask mailscanner-request, not the list itself: List-Id: MailScanner Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: MailScanner Discussion Antony. -- Schr?dinger's rule of data integrity: the condition of any backup is unknown until a restore is attempted. Please reply to the list; please *don't* CC me. From hs at schlittermann.de Tue Jan 14 16:15:52 2020 From: hs at schlittermann.de (Heiko Schlittermann) Date: Tue, 14 Jan 2020 17:15:52 +0100 Subject: Exim 4.93 Breaks MailScanner - Header File Change? Message-ID: <20200114161552.GG26163@jumper.schlittermann.de> Hi, I'm writing you as one of the Exim developers. Our mailinglist received the following message from a user: ----- Forwarded message from Tony Y via Exim-users ----- Date: Tue, 7 Jan 2020 12:14:53 +0000 From: Tony Y via Exim-users To: Exim-users at exim.org Subject: [exim] 4.93 Breaks MailScanner - Header File Change? Sender: Exim-users Return-Path: Authentication-Results: mx10.schlittermann.de; iprev=pass (hummus.csx.cam.ac.uk) smtp.remote-ip=131.111.8.88; spf=pass smtp.mailfrom=exim.org; dkim=pass header.d=exim.org header.s=d201911 header.a=rsa-sha256; dmarc=none header.from=exim.org Authentication-Results: exim.org; iprev=pass (mail.canetoad.co.uk) smtp.remote-ip=2001:8b0:13d7::2; spf=pass smtp.mailfrom=canetoad.co.uk; dkim=pass header.d=canetoad.co.uk header.s=20180413 header.a=rsa-sha256; dmarc=none header.from=canetoad.co.uk; arc=none X-Spam-Score: 0.0 (/) Reply-To: Tony Y Hi, Per page 493 of the current spec: "Any of the above may have an extra hyphen prepended, to indicate the the corresponding data is untrusted." The addition of extra hyphens on variables in the '-H' file breaks MailScanner.? If the new behaviour is seen as important can it not at least be made optional with a new configuration flag? ---------------------------------------------------------------------------- As, per definition, the -H file content is not part of the public Exim interface, you shouldn't rely on its content. But as I understand that you're doing a good job interacting with Exim, I'm forwarding you this message. Maybe you can extend the -H file processing logic. BTW, the current Exims are able to handle multiple queues, I've created an Exim/Mailscanner using this feature. The advantage is, that we do not need several spool/log hierarchies. We get all into one. If you're interested in this setup, I can forward you my local documentation. Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: From mark at msapiro.net Tue Jan 14 17:24:46 2020 From: mark at msapiro.net (Mark Sapiro) Date: Tue, 14 Jan 2020 09:24:46 -0800 Subject: Exim 4.93 Breaks MailScanner - Header File Change? In-Reply-To: <20200114161552.GG26163@jumper.schlittermann.de> References: <20200114161552.GG26163@jumper.schlittermann.de> Message-ID: <4a19d7f3-66fc-e30f-460d-a97b0a72ff9a@msapiro.net> On 1/14/20 8:15 AM, Heiko Schlittermann via MailScanner wrote: ... > > As, per definition, the -H file content is not part of the public Exim interface, > you shouldn't rely on its content. But as I understand that you're > doing a good job interacting with Exim, I'm forwarding you this message. > > Maybe you can extend the -H file processing logic. See -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 181 bytes Desc: OpenPGP digital signature URL: From sales at edenusa.com Sun Jan 19 21:25:18 2020 From: sales at edenusa.com (Paul Scott) Date: Sun, 19 Jan 2020 21:25:18 +0000 Subject: clamdscan In-Reply-To: <34c1a407-c0ba-0c7d-f104-5ca128d8bdb4@msapiro.net> References: <663d6e095667e4607ab76d72913d95e0.squirrel@mail.jen.bz> <34c1a407-c0ba-0c7d-f104-5ca128d8bdb4@msapiro.net> Message-ID: I am trying to bring up MailScanner on a CentOS 6 machine with Sendmail, and the instructions on the mailscanner website are confusing, as this is what is written: Change Commands That Start Sendmail Currently, your copy of sendmail will be started by a script such as /etc/init.d/mail or /etc/rc.d/init.d/sendmail. Somewhere in this script will be the command to start sendmail itself. This should look like this: sendmail -bd -q15m You should change this to the following two lines: sendmail -bd -OPrivacyOptions=noetrn -ODeliveryMode=queueonly -OQueueDirectory=/var/spool/mqueue.in sendmail -q15m This first starts the copy of sendmail that provides SMTP service, building the work queue for MailScanner. It then starts the copy of sendmail that delivers the output from MailScanner. You also might need to change the commands used to shut down sendmail as it now needs to find 2 copies and kill them both. However, this is not critical and the system will work without it. However, the contents of the /etc/init.d/sendmail file are MUCH more complex, as follows: start() { # Start daemons. ret=0 updateconf echo -n $"Starting $prog: " daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) \ $([ -n "$QUEUE" ] && echo -q$QUEUE) $SENDMAIL_OPTARG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sendmail let ret+=$RETVAL if [ ! -f /var/run/sm-client.pid ]; then echo -n $"Starting sm-client: " touch /var/run/sm-client.pid chown smmsp:smmsp /var/run/sm-client.pid if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then /sbin/restorecon /var/run/sm-client.pid fi daemon --check sm-client /usr/sbin/sendmail -L sm-msp-queue -Ac \ -q$SMQUEUE $SENDMAIL_OPTARG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sm-client let ret+=$RETVAL fi [ $ret -eq 0 ] && return 0 || return 1 } So my question is, how do I modify this startup script so that the mqueue.in is used, along with the other required parameters as described on the website? Please let me know. Thank you very much! Paul Scott Engineer, Eden USA, Incorporated 866.501.3336 | 951.505.6967 | sales at edenusa.com https://www.edenusa.com -----Original Message----- From: MailScanner On Behalf Of Mark Sapiro Sent: Tuesday, December 24, 2019 12:42 PM To: mailscanner at lists.mailscanner.info Subject: Re: clamdscan On 12/24/19 10:42 AM, gmarr at jen.bz wrote: > > But when I lint somehow MS does not use the batch file?! That's because it talks directly to clamd via the socket and doesn't use clamdscan at all. You need to set everything up so it can work. In I said > I use > > Incoming Work User = postfix > Incoming Work Group = clamav > chmod 2770 /var/spool/MailScanner/ > chown postfix:clamav /var/spool/MailScanner/ Actually that was a mistake. It should have said chmod 2770 /var/spool/MailScanner/incoming chown postfix:clamav /var/spool/MailScanner/incoming if in fact you did the original chmod and chown above, you should reverse that with chmod 755 /var/spool/MailScanner/ chown postfix:postfix /var/spool/MailScanner/ in addition, I also have the default Incoming Work Permissions = 0660 and in /etc/clamav/clamd.conf I have User clamav which I think is default. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner From mark at msapiro.net Tue Jan 21 04:13:35 2020 From: mark at msapiro.net (Mark Sapiro) Date: Mon, 20 Jan 2020 20:13:35 -0800 Subject: sendmail - was: clamdscan In-Reply-To: References: <663d6e095667e4607ab76d72913d95e0.squirrel@mail.jen.bz> <34c1a407-c0ba-0c7d-f104-5ca128d8bdb4@msapiro.net> Message-ID: Please don't hijack threads. I.e., start a new topic by creating a new message rather than a reply to an unrelated message. On 1/19/20 1:25 PM, Paul Scott wrote: > I am trying to bring up MailScanner on a CentOS 6 machine with Sendmail, and the instructions on the mailscanner website are confusing, as this is what is written: > > > Change Commands That Start Sendmail > > Currently, your copy of sendmail will be started by a script such as /etc/init.d/mail or /etc/rc.d/init.d/sendmail. Somewhere in this script will be the command to start sendmail itself. This should look like this: > > sendmail -bd -q15m > > You should change this to the following two lines: > > sendmail -bd -OPrivacyOptions=noetrn -ODeliveryMode=queueonly -OQueueDirectory=/var/spool/mqueue.in > sendmail -q15m > > This first starts the copy of sendmail that provides SMTP service, building the work queue for MailScanner. It then starts the copy of sendmail that delivers the output from MailScanner. > > You also might need to change the commands used to shut down sendmail as it now needs to find 2 copies and kill them both. However, this is not critical and the system will work without it. > > > However, the contents of the /etc/init.d/sendmail file are MUCH more complex, as follows: It's basically a shell script. Somewhere in this file and/or in an included file there are things like DAEMON="yes" QUEUE="15m" and maybe SENDMAIL_OPTARG="additional args" > start() { > # Start daemons. > ret=0 > updateconf > echo -n $"Starting $prog: " > daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) \ > $([ -n "$QUEUE" ] && echo -q$QUEUE) $SENDMAIL_OPTARG Settings like those above make this become daemon /usr/sbin/sendmail -bd -q15m additional args > RETVAL=$? > echo > [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sendmail > let ret+=$RETVAL Then the above says if the return from `daemon /usr/sbin/sendmail -bd -q15m` is 0, create the lock file /var/lock/subsys/sendmail, otherwise increment 'ret' for testing later. > if [ ! -f /var/run/sm-client.pid ]; then > echo -n $"Starting sm-client: " > touch /var/run/sm-client.pid > chown smmsp:smmsp /var/run/sm-client.pid > if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then > /sbin/restorecon /var/run/sm-client.pid > fi > daemon --check sm-client /usr/sbin/sendmail -L sm-msp-queue -Ac \ > -q$SMQUEUE $SENDMAIL_OPTARG > RETVAL=$? > echo > [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sm-client > let ret+=$RETVAL > fi The stuff immediately above starts sm-client which is a separate process that MailScanner is not concerned with. > [ $ret -eq 0 ] && return 0 || return 1 > } And finally the above decides whether to return success or failure > So my question is, how do I modify this startup script so that the mqueue.in is used, along with the other required parameters as described on the website? I do not use sendmail and am not familiar with all the nuances here, but I would say replace these lines: daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) \ $([ -n "$QUEUE" ] && echo -q$QUEUE) $SENDMAIL_OPTARG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sendmail let ret+=$RETVAL with daemon /usr/sbin/sendmail -bd -OPrivacyOptions=noetrn \ -ODeliveryMode=queueonly -OQueueDirectory=/var/spool/mqueue.in RETVAL=$? echo let ret+=$RETVAL daemon /usr/sbin/sendmail -q15m RETVAL=$? let ret+=$RETVAL [ $ret -eq 0 ] && touch /var/lock/subsys/sendmail This will start both daemons and create the lock if they both succeed. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan From sales at edenusa.com Thu Jan 23 22:39:42 2020 From: sales at edenusa.com (Paul Scott) Date: Thu, 23 Jan 2020 22:39:42 +0000 Subject: sendmail - was: clamdscan In-Reply-To: References: <663d6e095667e4607ab76d72913d95e0.squirrel@mail.jen.bz> <34c1a407-c0ba-0c7d-f104-5ca128d8bdb4@msapiro.net>

Message-ID: Hello Mark, I don't know what you mean by "Hijack Threads", but okay, no problem. I just don't know what the email address is to start a new discussion. Would that be "mailscanner at lists.mailscanner.info?" I rarely use this mailing list to ask a question, and only when I am asbolutely against the wall, or I have some (what I think to be anyway) useful information for you guys, especially when the documentation on the website is incorrect. I spend dozens of hours doing my own research first. I did manage to finally find a script that a gentleman online wrote, but can only use it from the command line. There were Instructions with it that explained how to make it a service that can be started/stopped, etc. from anywhere, but the instructions did not work. My primary gig is doing live sound and lighting engineering for events, so pardon my not being the brightest bulb when it comes to this stuff that you guys do often. Appreciate your pointing out that I did not post correctly. Thank you very much! Paul Scott Engineer, Eden USA, Incorporated 866.501.3336 | 951.505.6967 | sales at edenusa.com https://www.edenusa.com -----Original Message----- From: MailScanner On Behalf Of Mark Sapiro Sent: Monday, January 20, 2020 8:14 PM To: mailscanner at lists.mailscanner.info Subject: Re: sendmail - was: clamdscan Please don't hijack threads. I.e., start a new topic by creating a new message rather than a reply to an unrelated message. On 1/19/20 1:25 PM, Paul Scott wrote: > I am trying to bring up MailScanner on a CentOS 6 machine with Sendmail, and the instructions on the mailscanner website are confusing, as this is what is written: > > > Change Commands That Start Sendmail > > Currently, your copy of sendmail will be started by a script such as /etc/init.d/mail or /etc/rc.d/init.d/sendmail. Somewhere in this script will be the command to start sendmail itself. This should look like this: > > sendmail -bd -q15m > > You should change this to the following two lines: > > sendmail -bd -OPrivacyOptions=noetrn -ODeliveryMode=queueonly -OQueueDirectory=/var/spool/mqueue.in > sendmail -q15m > > This first starts the copy of sendmail that provides SMTP service, building the work queue for MailScanner. It then starts the copy of sendmail that delivers the output from MailScanner. > > You also might need to change the commands used to shut down sendmail as it now needs to find 2 copies and kill them both. However, this is not critical and the system will work without it. > > > However, the contents of the /etc/init.d/sendmail file are MUCH more complex, as follows: It's basically a shell script. Somewhere in this file and/or in an included file there are things like DAEMON="yes" QUEUE="15m" and maybe SENDMAIL_OPTARG="additional args" > start() { > # Start daemons. > ret=0 > updateconf > echo -n $"Starting $prog: " > daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) \ > $([ -n "$QUEUE" ] && echo -q$QUEUE) $SENDMAIL_OPTARG Settings like those above make this become daemon /usr/sbin/sendmail -bd -q15m additional args > RETVAL=$? > echo > [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sendmail > let ret+=$RETVAL Then the above says if the return from `daemon /usr/sbin/sendmail -bd -q15m` is 0, create the lock file /var/lock/subsys/sendmail, otherwise increment 'ret' for testing later. > if [ ! -f /var/run/sm-client.pid ]; then > echo -n $"Starting sm-client: " > touch /var/run/sm-client.pid > chown smmsp:smmsp /var/run/sm-client.pid > if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then > /sbin/restorecon /var/run/sm-client.pid > fi > daemon --check sm-client /usr/sbin/sendmail -L sm-msp-queue -Ac \ > -q$SMQUEUE $SENDMAIL_OPTARG > RETVAL=$? > echo > [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sm-client > let ret+=$RETVAL > fi The stuff immediately above starts sm-client which is a separate process that MailScanner is not concerned with. > [ $ret -eq 0 ] && return 0 || return 1 > } And finally the above decides whether to return success or failure > So my question is, how do I modify this startup script so that the mqueue.in is used, along with the other required parameters as described on the website? I do not use sendmail and am not familiar with all the nuances here, but I would say replace these lines: daemon /usr/sbin/sendmail $([ "x$DAEMON" = xyes ] && echo -bd) \ $([ -n "$QUEUE" ] && echo -q$QUEUE) $SENDMAIL_OPTARG RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sendmail let ret+=$RETVAL with daemon /usr/sbin/sendmail -bd -OPrivacyOptions=noetrn \ -ODeliveryMode=queueonly -OQueueDirectory=/var/spool/mqueue.in RETVAL=$? echo let ret+=$RETVAL daemon /usr/sbin/sendmail -q15m RETVAL=$? let ret+=$RETVAL [ $ret -eq 0 ] && touch /var/lock/subsys/sendmail This will start both daemons and create the lock if they both succeed. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan -- MailScanner mailing list mailscanner at lists.mailscanner.info http://lists.mailscanner.info/mailman/listinfo/mailscanner From mark at msapiro.net Thu Jan 23 23:45:47 2020 From: mark at msapiro.net (Mark Sapiro) Date: Thu, 23 Jan 2020 15:45:47 -0800 Subject: sendmail - was: clamdscan In-Reply-To: References: <663d6e095667e4607ab76d72913d95e0.squirrel@mail.jen.bz> <34c1a407-c0ba-0c7d-f104-5ca128d8bdb4@msapiro.net>

Message-ID: <8dc5c446-d5d3-f92c-12c1-9880e428e989@msapiro.net> On 1/23/20 2:39 PM, Paul Scott wrote: > Hello Mark, > > I don't know what you mean by "Hijack Threads", but okay, no problem. > > I just don't know what the email address is to start a new discussion. > > Would that be "mailscanner at lists.mailscanner.info?" Yes, that is the address. By "Hijack Threads" I mean the following. If you start a new topic by replying to a prior post, even if you change the Subject: your post gets threaded with the prior post in the archives and in mail readers that thread emails. This is a problem for you, because your post is threaded in my mail reader with the prior post whose subject I may have already decided is uninteresting. Thus, I may miss your post all together. -- Mark Sapiro The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan