Re: adding AV scanning to working Postfix/SA system
> Am 23.11.20 um 17:37 schrieb Joe Acquisto-j4: >> So, beyond "experiences" any leads on generic "how to" guides that actually > work in >> practice? I've found a few, rather than chase geese, I'm sure some here > have done >> similar things, even if with other AV scanners > > http://www.postfix.org/MILTER_README.html > https://sanesecurity.com/ > . . . I decided to pursue CLAMAV as it seems to be well maintained and lots of "links for dummies" turned up. After installing CLAMAV, as supplied in the openSuse distribution, updating virus sigs I attempted to begin configuring per some of the how to's. Most are years old, have links that lead nowhere, call out config files that do not exist (as installed above), or refer to "clamd sockets" that cannot be found. I feel sure this is old hat to more experienced souls, but, for me, this has been far more frustrating than I anticipated. At this point, not even sure what I actually need as, as noted, there seem to be myriad ways to approach a solution. Obviously prefer the simplest method. Subscribed just now to CLAMAV users list and should probably pursue this over there. But any tutoring and or "there there" pats on the head would not be snarled at.
Re: Mailchimp support for spamassassin-esp
On Mon, Nov 30, 2020 at 05:40:39PM -0500, Alex wrote: > Hi, > > I happened to notice today that the sendgrid spam work being done by > Invaluement (https://www.invaluement.com/serviceproviderdnsbl/) and SA > developers now apparently supports compromised Mailchimp domains. > https://github.com/bigio/spamassassin-esp > Hi, spamassassin-esp plugin has been committed to trunk and I will keep in sync with my Github repo. > Is there an ongoing list of compromised mailchimp domains available to > be used with this? That info is not included with the man page for > this plugin. > for the moment you should use your own data, Rob replied more extensively to this question. Giovanni signature.asc Description: PGP signature
Re: Mailchimp support for spamassassin-esp
On 11/30/2020 5:40 PM, Alex wrote: I happened to notice today that the sendgrid spam work being done by Invaluement (https://www.invaluement.com/serviceproviderdnsbl/) and SA developers now apparently supports compromised Mailchimp domains. https://github.com/bigio/spamassassin-esp Is there an ongoing list of compromised mailchimp domains available to be used with this? That info is not included with the man page for this plugin. I also know there's another plugin developed by Paul Stead for this, but has one yet become the defacto version yet? Alex, So yes - this one *is* the official/defacto version for SpamAssassin. This one was developed in coordination with the Apache Foundation and its development was partially funded by invaluement. The problem here is that the main developer (to his credit - this is a GOOD problem!) got ahead of us with the implementations. But we're in the process of catching up on the data-generation side, and hope to have those new types of data released in the next few weeks (for those ones mentioned in those rules, and for other ESPs that will get into those rules eventually). The entire process of developing the engine that produces that SendGrid data - was the equivalent of our entire invaluement staff taking at least a full month of paid leave away from our regular duties. So that got us horribly behind on other things - including getting this data into our regular paid datafeeds with instructions sent to our customers for that - so we're still catching up on all of that - but we hope to get past that soon and to also have those /*other*/ related datafeeds for our "service provider DNSBL" released soon. (it won't be as much work for the other ones, now that the sendgrid anti-spam data engine is already completed - it "blazed the trail") So that explains why a few months have passed since the sendgrid data was released without any additional data being released yet, and how/why the developer of the rules was able to get ahead of us. (again, to his credit!) Thanks for your patience and understanding. -- Rob McEwen https://www.invaluement.com
Re: adding AV scanning to working Postfix/SA system
Il 19/11/20 00:43, Joe Acquisto-j4 ha scritto: SOHO system, on virtual machines. Fairly recent versions. Running openSUSE Leap 15.1. Due to some recent malware (obvious stuff) wanted to add AV scanning. I gather "Amavis-new" is the hot ticket these days, I deal with Sophos products and would like to use their linux product to do the scanning. Seems to be precious little on how to do that. Any experiences? You can try with MessageSniffer: https://www.armresearch.com/ Is an antispam/antivirus engine that can run on Linux and have a plugin for Spamassassin. I'm using it, works quite well at the right price. -- Alessio Cecchi Postmaster @ http://www.qboxmail.it https://www.linkedin.com/in/alessice