Jerry Benton | 3 May 21:26 2016
Gravatar

MailScanner v5 Beta Available

200 hours later … 

Per the subject, this is beta. If you have a moment, please test your preferred distro and report your
results. Unless there are any code issues, this will be the v5 release. 

Development note: anything you want to commit on the v4 branch needs to also be done on the v5 branch. As of
this moment, I am not even looking at v4 anymore.

Debian
https://s3.amazonaws.com/msv5/beta/MailScanner-5.0.0-1.deb.tar.gz

RHEL
https://s3.amazonaws.com/msv5/beta/MailScanner-5.0.0-1.rhel.tar.gz

SUSE
https://s3.amazonaws.com/msv5/beta/MailScanner-5.0.0-1.suse.tar.gz

NIX*
https://s3.amazonaws.com/msv5/beta/MailScanner-5.0.0-1.nix.tar.gz

Some items to note:

- /etc/MailScanner/defaults replaced /etc/sysconfig/mailscanner and /etc/default/mailscanner
across all platforms including NIX*
- NIX: the startup script is /var/lib/MailScanner/init/ms-int (also across all platforms)
- NIX: no more /opt directory
- “service mailscanner start” is now lower case across all platforms
- ls /usr/sbin/ms-* to see all of the executables
- /usr/sbin/MailScanner is still the main program

(Continue reading)

Emre Keleş | 3 May 17:41 2016
Picon

Centos7 MailScanner Postfix

After installation has errors .

CentOS 6.7 are not any problems as well. CentOS 7 pm so that there is an error .

Can you help me ?

May  3 18:38:40 myantispam MailScanner[17097]: MailScanner E-Mail Virus Scanner version 4.85.2 starting...
May  3 18:38:40 myantispam MailScanner[17097]: Reading configuration file /etc/MailScanner/MailScanner.conf
May  3 18:38:40 myantispam MailScanner[17097]: Reading configuration file /etc/MailScanner/conf.d/README
May  3 18:38:40 myantispam MailScanner[17097]: Could not read directory /var/spool/postfix/incoming
May  3 18:38:40 myantispam MailScanner[17097]: Error in configuration file line 170, directory /var/spool/postfix/incoming for outqueuedir does not exist (or is not readable)
May  3 18:38:40 myantispam MailScanner[17097]: File containing list of incoming queue dirs (/var/spool/postfix/hold) does not exist

May  3 18:38:40 myantispam MailScanner[17097]: Read 868 hostnames from the phishing whitelist
May  3 18:38:40 myantispam MailScanner[17097]: Read 5807 hostnames from the phishing blacklists


May  3 18:38:40 myantispam MailScanner[17097]: Using SpamAssassin results cache
May  3 18:38:40 myantispam MailScanner[17097]: Connected to SpamAssassin cache database
May  3 18:38:40 myantispam MailScanner[17097]: Enabling SpamAssassin auto-whitelist functionality...




[root <at> myantispam postfix]# ls -al
total 12
drwxr-xr-x. 16 root    root     4096 May  3 17:37 .
drwxr-xr-x. 11 root    root     4096 May  3 18:18 ..
drwx------.  2 postfix root        6 Jun 10  2014 active
drwx------.  2 postfix root        6 Jun 10  2014 bounce
drwx------.  2 postfix root        6 Jun 10  2014 corrupt
drwx------.  2 postfix root        6 Jun 10  2014 defer
drwx------.  2 postfix root        6 Jun 10  2014 deferred
drwx------.  2 postfix root        6 Jun 10  2014 flush
drwx------.  2 postfix root        6 Jun 10  2014 hold
drwx------.  2 postfix root        6 Jun 10  2014 incoming
drwx-wx---.  2 postfix postdrop    6 Jun 10  2014 maildrop
drwxr-xr-x.  2 root    root       22 May  3 18:36 pid
drwx------.  2 postfix root     4096 May  3 18:34 private
drwx--x---.  2 postfix postdrop   68 May  3 18:34 public
drwx------.  2 postfix root        6 Jun 10  2014 saved
drwx------.  2 postfix root        6 Jun 10  2014 trace
[root <at> myantispam postfix]# pwd
/var/spool/postfix




--

Emre

--

-- 
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner

Emre Keleş | 2 May 19:23 2016
Picon

MailScanner postfix


There is an error in the following way . I could never find



May  2 20:19:25 antispam postfix/smtpd[2317]: connect from unknown[ip adress]
May  2 20:19:25 antispam postfix/smtpd[2317]: lost connection after CONNECT from unknown[ip adress]
May  2 20:19:25 antispam postfix/smtpd[2317]: disconnect from unknown[ip adress]
May  2 20:19:28 antispam MailScanner[2366]: Connected to Processing Attempts Database
May  2 20:19:28 antispam MailScanner[2366]: Found 0 messages in the Processing Attempts Database
May  2 20:19:28 antispam MailScanner[2366]: Using locktype = flock
May  2 20:19:28 antispam MailScanner[2413]: I have found clamavmodule scanners installed, and will use them all by default.
May  2 20:19:30 antispam MailScanner[2460]: MailScanner E-Mail Virus Scanner version 4.85.2 starting...
May  2 20:19:30 antispam MailScanner[2460]: Reading configuration file /etc/MailScanner/MailScanner.conf
May  2 20:19:30 antispam MailScanner[2460]: Reading configuration file /etc/MailScanner/conf.d/README
May  2 20:19:30 antispam MailScanner[2460]: Read 501 hostnames from the phishing whitelist
May  2 20:19:30 antispam MailScanner[2460]: Read 11128 hostnames from the phishing blacklists
May  2 20:19:30 antispam MailScanner[2460]: Using SpamAssassin results cache
May  2 20:19:30 antispam MailScanner[2460]: Connected to SpamAssassin cache database
May  2 20:19:30 antispam MailScanner[2460]: Enabling SpamAssassin auto-whitelist functionality...
May  2 20:19:30 antispam postfix/smtpd[2317]: warning: ip adress: address not listed for hostname antispam.domain.com
May  2 20:19:30 antispam postfix/smtpd[2317]: connect from unknown[ip adress]
May  2 20:19:30 antispam postfix/smtpd[2317]: lost connection after CONNECT from unknown[ip adress]
May  2 20:19:30 antispam postfix/smtpd[2317]: disconnect from unknown[ip adress]
--

Emre

--

-- 
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner

Trond M. Markussen | 2 May 12:28 2016
Picon

SV: Spoofed email and SPF

Thanks for the input.

Any suggestions as to the format of such a meta rule? Would this possibly
create false positives if sent from that domain to other domains (using the
same spam filtering)?

Regards,

Trond M.

-----Opprinnelig melding-----
Fra:
MailScanner
[mailto:mailscanner-bounces+markussen=media24.no@...] På
vegne av Mark Sapiro
Sendt: 29. april 2016 17:25
Til: mailscanner@...
Emne: Re: Spoofed email and SPF

On 04/29/2016 05:05 AM, Trond M. Markussen wrote:
> 
> What is the best way to block spoofed email for one particular domain?
> We have a relatively high score setting for SPF_FAIL already, but need 
> to block all fails for one client/domain..

You could probably make a meta rule for SA that would give a really high
score if SPF_FAIL and from the particular domain.

You could also investigate DMARC. See
<https://www.google.com/?q=spamassassin+dmarc>, and it's first hit at
<https://blog.laussat.de/2014/05/19/using-dmarc-in-spamassassin/>.

-- 
Mark Sapiro <mark@...>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

--
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner

--

-- 
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner

Jerry Benton | 28 Apr 10:15 2016
Gravatar

Technical Writer

Would anyone like to volunteer to write a brief manual for MailScanner v5? Off the top of my head, it would
need to cover:

- What MS is
- Overview of how it works
- installation
- configuration
- operation
- writing rules
- structure (where stuff is)
- best practices (MS, server, OS, updates, etc.)

Some of this stuff is already documented. It just need to be updated and incorporated into a single source. 

We also need to be able to Skype so I can brain dump and answer questions as required. 

-
Jerry Benton
www.mailborder.com

--

-- 
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner

Jerry Benton | 28 Apr 08:40 2016
Gravatar

MailScanner reload

I have the new cross-platform init script completed. It works great. However, when doing a “service
mailscanner reload” the master process retains the status of “starting children” after it has
completed starting the children. Normally it would say something like “master sleeping”. This is
nothing more than a display thing. I know it sets this status in the main executable
/usr/sbin/MailScanner. (You can see where it does in several areas.)

Can someone help track down where the sleeping notice needs to be inserted during a reload? 

-
Jerry Benton
www.mailborder.com

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner

Emre Keleş | 28 Apr 08:23 2016
Picon

mailscanner cluster

Hello to everyone

Many thanks to everyone develops .

8 thousand domains you want to make a protection.

I want to use as a proxy . 8 thousand in a single domain 's mail server.

MailScanner all the mail will go to a single mail server.

I want to use postfix as the MTA.

8 How many servers or a single server of this process for the domain Can you ride .

I k 10 is MailScanner to 8 thousand domains and NetScaler can run over 10 MailScanner server routing form .

How do you create a structure .

--

Emre

--

-- 
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner

Patrick Goupell | 27 Apr 16:48 2016
Picon

mailscanner 4.85.2 on ubuntu server 16.04 lts

I am trying to setup mailscanner on ubuntu 16.04 lts using the install 
package at
https://s3.amazonaws.com/mailscanner/release/v4/deb/MailScanner-4.85.2-3.deb.tar.gz

During install I get the folow messages

Preparing to unpack .../mailscanner-4.85.2-3-noarch.deb ...
Unpacking mailscanner (4.85.2-3) ...
dpkg: dependency problems prevent configuration of mailscanner:
  mailscanner depends on perl-modules (>= 5.8.7); however:
   Package perl-modules is not installed.
   Version of perl-modules on system, provided by perl-modules-5.22:all, 
is <none>.

dpkg: error processing package mailscanner (--install):
  dependency problems - leaving unconfigured
Processing triggers for man-db (2.7.5-1) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for systemd (229-4ubuntu4) ...
Errors were encountered while processing:
  mailscanner

----------------------------------------------------------
Installation Error

The MailScanner package failed to install. Address the required
dependencies and run the installer again.

Note that Perl modules need to be available system-wide. A
common issue is that missing modules were installed in a
user specific configuration.

If I do an apt-cache search perl-modules I get the following

libperl5.22 - shared Perl library
perl-base - minimal Perl system
perl-modules-5.22 - Core Perl modules
kamailio-perl-modules - Perl extensions and database driver for Kamailio
libnet-smtpauth-perl - Perl module that provides SMTP authentication 
(Net::SMTP_auth)

What do I do now?

-- 
Patrick Goupell

Are you free?  Find out at http://www.sedm.org/
Income taxes?  Find out at http://www.whatistaxed.com

--

-- 
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner

Jerry Benton | 26 Apr 01:39 2016
Gravatar

MailScanner - RHEL 7 Systemd

If someone has worked out (RHEL7) systemd init scripts, please share. Please include all of the steps you
took to get it running. 

-
Jerry Benton
www.mailborder.com

--

-- 
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner

Jerry Benton | 25 Apr 08:31 2016
Gravatar

MailScanner v5 standardization

So I am working v5 now. I am trying to standardize everything across all NIX platforms. Apparently, we all
can’t get along.

-- FHS layout

That /opt bullshit will be gone. This is the directory structure for every NIX:

/etc/MailScanner
/usr/share/MailScanner
/var/lib/MailScanner
/var/spool/MailScanner

Symlinks will be provided in /etc/MailScanner for the following items:

Custom perl modules:
/etc/MailScanner/custom -> /usr/share/MailScanner/perl/custom

Reports:
/etc/MailScanner/reports ->/usr/share/MailScanner/reports

Same place. Every OS. Celebrate. 

-- Basic config file

I have a dilemma regarding the /etc/defaults/mailscanner or /etc/sysconfig/mailscanner or on FreeBSD
... I have no idea. 

The point being they are in different places on each OS. So, I am more than likely going to do this unless
someone has a VERY compelling reason not to do this:

/etc/MailScanner/defaults

Same place. Every OS. Celebrate. 

-- init scripts

I am also coming across standardization issues on init scripts. Like everything else, no one can agree on
anything. Debian uses "start-stop-daemon” and RHEL uses “daemon”. FreeBSD? No idea. The
check_mailscanner script that checks to see if MailScanner is running and then starts it if it is not
running uses MailScanner’s internal method of starting a daemon that is portable across all
platforms. This is already in use on all packages on every OS. Very basic and very effective:

/usr/sbin/MailScanner /etc/MailScanner/MailScanner.conf

This starts the daemon using all of the settings from MailScanner.conf like “Run As User” and “PID
File”. Life is easy and, more importantly, consistent. 

So unless someone has a VERY compelling reason for me to continue to try and Frankenstein a single init
script to work on all platforms using the native methods, I am going to use the native MailScanner methods
which will be a hell of a lot more predictable and consistent across all platforms.

-- who’s on first?

Name every MailScanner executable. You probably can’t, because I can’t. So all of the executables
(except the primary /usr/sbin/mailscanner) will now be like this:

ms-check
ms-create-locks
ms-peek
ms-sa-cache

and so on …

If you want to know all of the MailScanner commands, type “ms-“ and hit tab and they all magically
appear. Imagine that. Note that I do not care how compelling a reason you have not to do this. I am doing it.
Deal. 

-- cron jobs

There are a bunch of different cron jobs depending on what package you are using. Again, I am calling
bullshit. One cron job in /etc/cron.hourly and one in /etc/cron.daily that each point to a single file in
/usr/sbin. The file will read your cron options from /etc/MailScanner/defaults and will be called like this:

/usr/sbin/ms-cron hourly
/usr/sbin/ms-cron daily

“hourly” runs your hourly cron jobs and “daily” runs your daily cron jobs. NIXs that have
/etc/cron.hourly/ and /etc/cron.daily/ will have the appropriate scripts to fire the cron jobs placed
in those directories. NIXs that don’t simply add the ms-cron commands to your crontab. 

Feel free to comment, but keep in mind MailScanner needs to be standardized. This will make development,
bug tracking, packaging, and just about everything else a hell of a lot more manageable and
cross-platform friendly. 

-
Jerry Benton
www.mailborder.com

--

-- 
MailScanner mailing list
mailscanner <at> lists.mailscanner.info
http://lists.mailscanner.info/listinfo/mailscanner

Jerry Benton | 19 Apr 05:25 2016
Gravatar

Issue #62

Instead of emailing developers directly, I am posting to the discussion list.

Has anyone taken a look at this:

https://github.com/MailScanner/v4/issues/62

I am going to work on the new packaging this week. I had to step away from it for a while .

-
Jerry Benton
www.mailborder.com

--

-- 
MailScanner mailing list
mailscanner@...
http://lists.mailscanner.info/listinfo/mailscanner


Gmane