Scalix & Amavisd-New HOWTO - Wiki updated

btisdall · Postby **btisdall** » Mon Aug 28, 2006 7:14 am

quacka wrote:Ok i got apt-get to install it since up2date dont haev it on the redhat network.

What I can do is to add these two line into amavisd.conf
$virusadmin='virusalert\@$mydomain #NDR recipient if virus found
$virusadmin='virusalert\@$mydomain #The sender address for NDRs
it looks identical and seems to be missing the '. what shoudl I do here?

It's not incorrect for both the addresses to be the same, but as far as the quoting is concerned, another error seems to have slipped through I'm afraid - revisit the section in question for the corrected version. Note that you can use single quotes & skip escaping the '@' if you're not using a variable such as '$mydomain', or use double quotes as in the howto.

Also I download the Init script and rename then copy it to the specified location, ls -la has it as a normal file. how do i make it green like the otehr scripts?

Code: Select all

chmod +x /etc/init.d/amavisd-milter

quacka · Postby **quacka** » Mon Aug 28, 2006 7:31 am

Thanks for that.
Using the changes you put I got:
Starting Mail Virus Scanner (amavisd): Error in config file "/etc/amavisd.conf": Global symbol "$virusadmin" requires explicit package name at /etc/amavisd.conf line 28.
Global symbol "$virusadmin" requires explicit package name at /etc/amavisd.conf line 29.

btisdall · Postby **btisdall** » Mon Aug 28, 2006 10:42 am

Oh dear, not a very good day for the Amavisd-new howto!

I've updated the section again (and re-tested for good measure).

quacka · Postby **quacka** » Mon Aug 28, 2006 11:13 am

Thought this was used a fair bit already

Ok I got everything running but I get this error in my mail log:

Code: Select all

Aug 29 01:08:20 scalix sendmail[6068]: k7SF8KhK006068: Milter (milter-amavis): l
ocal socket name /var/amavis/amavisd-milter.sock unsafe
Aug 29 01:08:20 scalix sendmail[6068]: k7SF8KhK006068: Milter (milter-amavis): t
o error state
Aug 29 01:08:20 scalix sendmail[6068]: k7SF8KhK006068: Milter: initialization fa
iled, temp failing commands
Aug 29 01:08:20 scalix sendmail[6067]: k7SF8KSN006067: to=test@testdomain.com.au,
ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30109, re
lay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.2 Please try agai
n later

btisdall · Postby **btisdall** » Mon Aug 28, 2006 11:30 am

quacka wrote:Ok I got everything running but I get this error in my mail log:
Code: Select all
Aug 29 01:08:20 scalix sendmail[6068]: k7SF8KhK006068: Milter (milter-amavis): l ocal socket name /var/amavis/amavisd-milter.sock unsafe Aug 29 01:08:20 scalix sendmail[6068]: k7SF8KhK006068: Milter (milter-amavis): t o error state Aug 29 01:08:20 scalix sendmail[6068]: k7SF8KhK006068: Milter: initialization fa iled, temp failing commands Aug 29 01:08:20 scalix sendmail[6067]: k7SF8KSN006067: to=test@testdomain.com.au, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30109, re lay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.2 Please try agai n later

Is the milter running? Try

Code: Select all

ps aux | grep milter

quacka · Postby **quacka** » Mon Aug 28, 2006 11:37 am

It's not running weird

Ok what I did was downloaded http://www.redcircleit.com/public/scrip ... nit-rh.txt

rename it to amavisd-milter and then place it into /etc/init.d/

then I did chmod +x /etc/init.d/amavisd-milter
then sudo chkconfig --add amavisd-milter

sudo service amavisd-milter start
this doesn't do anything

btisdall · Postby **btisdall** » Mon Aug 28, 2006 11:47 am

Hmmm... no error messages when you try to start the service?

Did you install /etc/sysconfig/amavisd-milter too?

Stay with it, you're close I'm sure.

quacka · Postby **quacka** » Mon Aug 28, 2006 7:21 pm

Ahh that's what i was missing.

My mistake, I thought you only need one script not the other :p
it's starting fine now

quacka · Postby **quacka** » Fri Sep 01, 2006 3:44 am

OK I think everything is running ok now with Pyzor + DCC + Razor + Rules du Jour all installed.

My question is relating to these.

I have a email from a friend of mine requesting for a password from a yahoo account. He has password as a subject and it seem to pass as a spam mail is this something wrong with the rule?

I still seem to get the spam emails with the word ***SPAM*** in teh subject. Anyway to block these?

If i change the QUEUE=15m in /etc/sysconfig/sendmail. Do I need to restart something for it to be affective?

Thanks for all your help

btisdall · Postby **btisdall** » Fri Sep 01, 2006 5:33 am

quacka wrote:OK I think everything is running ok now with Pyzor + DCC + Razor + Rules du Jour all installed.

I have a email from a friend of mine requesting for a password from a yahoo account. He has password as a subject and it seem to pass as a spam mail is this something wrong with the rule?

Unilkely. Messages need to trip a number of rules in order to exceed the 'is spam' threshold (unless you have it set extremely low). You need to examine the message headers to see why the mail was tagged.

I still seem to get the spam emails with the word ***SPAM*** in teh subject. Anyway to block these?

You or your users need to make rules that file or delete messages based on the 'X-Spam' headers, this can be done using the rules wizard (users) or sxaa (admins) - search the forum for more details.

Amavisd can also do site-wide deletion/quarantining of spam by itself but I would recommend setting this up later and then only for mail that scores very highly.

If i change the QUEUE=15m in /etc/sysconfig/sendmail. Do I need to restart something for it to be affective?

Yes. I leave you to work out what :)

IanCoubrough · Postby **IanCoubrough** » Wed Sep 06, 2006 6:53 am

After successfully implementing the amavis-new wiki, I moved on to trying to integrate Maia Mailguard into the system. This requires installing the forked/patched version of amavis supplied with Maia and I encountered no problems there....

Everything works as expected .....except:

When trying to release quarantined spam as ham Maia reports
550 Failed to connect to SMTP server: Failed to connect socket: Connection refused

This is because Maia is attempting to re-inject mail on port 10025 which is not listened to by Scalix or Sendmail. I am assuming that Amavis uses the pipe method of resubmitting mail which is why non-spam continues to be delivered.

Is there a method of configuring Scalix or Sendmail to accept mail re-injected on port 10025, (or can Maia be configured to use the same mechanism as Amavis)?

btisdall · Postby **btisdall** » Wed Sep 06, 2006 7:16 am

Excellent you're having a go at this Ian!

The problem is that sendmail can't do TCP re-injection, so the Maia recommendation is to use a dual MTA setup which is of course a bit of a PITA.

The way it could *theoretically* work is that you could define $forward_method much as $notify_method (contrary to the advice in the conffile) but telling sendmail to use an alternate config that doesn't inlcude the milter.

Now, I have tried this a while back to no avail, but that said, ISTR I didn't really take a good run at it so I'd be interested to see how you get on.

Best,

quacka · Postby **quacka** » Wed Sep 06, 2006 8:23 am

btisdall wrote:Unilkely. Messages need to trip a number of rules in order to exceed the 'is spam' threshold (unless you have it set extremely low). You need to examine the message headers to see why the mail was tagged.

I don't know hwo to do is their a tutorial for this?

All that is tag for spam wrong for my server so far are emails that comes from Yahoo. I follow this guide word for word, anyone else get this problem?

Also where do I setup so emails with certain score level will get deleted instead of delivered?

My server also blocking rar archives with exe in them. How do I stop this from happening?

IanCoubrough · Postby **IanCoubrough** » Wed Sep 06, 2006 8:54 am

Ben:

I wondered if it might be possible to define a rule in Sendmail or Amavisd along the lines of
"If mail contains Maia Header X-Virus-Scanned: Maia Mailguard* then don't scan"? (Header could be altered to be site specific)

Then deliver mail back to port 25

Ian

btisdall · Postby **btisdall** » Wed Sep 06, 2006 11:46 am

IanCoubrough wrote:Ben:

I wondered if it might be possible to define a rule in Sendmail or Amavisd along the lines of
"If mail contains Maia Header X-Virus-Scanned: Maia Mailguard* then don't scan"? (Header could be altered to be site specific)

Then deliver mail back to port 25

Ian

I'm not sure how this would work in practice - sendmail has some header detection inbuilt but whether it's possible for it to do anything other than process as normal/reject/discard based on these I don't know. AFAIK Amavisd can only be bypassed based on sender/recipient addresses - if the released message had it's sender rewritten to something like 'mailguard@site' then that would work, but be pretty useless from a user perspective. I wonder whether the arg to sendmail could be something like:

$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -odd -f ${sender}-idtext -- ${recipient}';

Amavisd could then pattern match that to bypass checking & users would simply have to remove the '-idtext' portion of the address to reply. Trouble is, this is pretty dodgy from a security standpoint since the bypass method could be rather easily deduced by users.

I'll have another play around with the forward method on a test system tonight & see what I can come up with.

Scalix Forums

Scalix & Amavisd-New HOWTO - Wiki updated

Maia Mailguard

Maia

Re: Maia

Who is online