RE: Amavis and OpenDMARC

>the domain you're using now has quarantine policy :) It sure does, but I don’t have a problem with outgoing e-mail. Only incoming unless I’m not understanding what you are saying. >That's correct, if you're using only opendmarc just the inet:127.0.0.1:54321 >is needed, thats all you need,

RE: Amavis and OpenDMARC

>to be more precise: OpenDMARC running as milter only sees output from milters applied before it. >Milter is run pre-queue and content_filter is run after queue, so opendmarc does not see that amavis produced, because it was added later. >If you used amavisd-milter at SMTP port, opendmarc

RE: Amavis and OpenDMARC

On 11/11/2023 18:07, Damian wrote: Also, since they allude to "some passing", I guess they did remember to set enable_dkim_verification=1 ? "Some passing OpenDMARC" might mean that they pass SPF-based only. >true if using fo=1 To be clear, Amavis is setup like below:

RE: Amavis and OpenDMARC

>most DMARC's I find still use quarantine, what responses are you seeing for >them? I don’t have any p=quarantine examples right now. >You also dont need to setup amavisd as a milter if its working fine already. Well, I can see Damien’s point here. Originally with OpenDKIM the Postfix

RE: Amavis and OpenDMARC

> You can't do that. OpenDMARC needs to see Authentication-Results for DKIM. It looks like you might be on to something. The e-mails that pass have a p=none and the e-mails that fail have a p=reject. So, I need to setup amavis as a milter in Postfix instead of a content_filter that I have

RE: Amavis and OpenDMARC

> I've seen no problems with mail from MS, so how about you elaborate on your > problems and what version of OD are you using? Here’s the exact issue that I just ran into with o365 mail and note this issue was reported 3 years ago. No fix yet.

RE: Amavis and OpenDMARC

> So Amavis is setup as an smtpd_milter as well? No, Amavis is setup as a content_filter (content_filter = amavis:[127.0.0.1]:10021) > Do you see DKIM-related Authentication-Results headers in incoming mails? Yes, please see below at an example e-mail from gmail: Authentication-Results:

Amavis and OpenDMARC

Hello, In the past I used OpenDKIM to sign and verify DKIM signatures. However considering the fact that it hasn't been updated in a very long time and constant issues with e-mails from O365 senders, I decided to give Amavis DKIM a try. I have it configured and it looks like it works verifying

RE: Excluding blocking macro/xlsx/docx files to specific recipients?

That seems to be the holy grail. I would be interested in that too. I've looked into it before and the only thing I came up with was a all or nothing approach. -Original Message- From: amavis-users On Behalf Of Alex Sent: Thursday, February 24, 2022 2:37 PM To: amavis-users@amavis.org

RE: Per User Bayes

> how is your dbi config in spamassassin ? I don't have dbi config in spamassassin. I'm using file based bayes if you force specifik username, then comment that line, not configured spamd/spamc ? > all is simply if using fuglu, bah Sorry what's fuglu?

Per User Bayes

I was trying to setup Per User Bayes with SA and Amavis but I couldn't get it to work. Then I read somewhere that even though SA's default behavior is Per User Bayes, using Amavis forces you with Global Bayes. Is that still the case? If so, are there plans to add that functionality? Thanks

RE: Issue with mails in sql quarantine

Try the following query: SELECT msgrcpt.mail_id, msgrcpt.ds, msgs.sid, msgs.spam_level, msgs.mail_id, msgs.secret_id, msgs.time_iso, msgs.subject, msgs.from_addr, msgs.content, msgs.client_addr FROM msgs INNER JOIN msgrcpt ON msgs.mail_id = msgrcpt.mail_id where msgs.time_iso between

Re: Amavis stats

> I am not aware of a script, which extracts all that data, > > but amavis is > able > to push such events to SNMP and IIRC it can send such > data to an ELK stack. Grafana might be a simpler option. This article should be a good start:

Re: clamav (under amavis) not filtering out viruses!

I have never heard of that. Do you have any info to substantiate your claim? From: Michael Orlitzky Sent: Thursday, October 15, 2020 9:35 AM To: amavis-users@amavis.org Subject: Re: clamav (under amavis) not filtering out viruses! On 2020-10-15 08:48, Dino

RE: clamav (under amavis) not filtering out viruses!

AM To: amavis-users@amavis.org Subject: Re: clamav (under amavis) not filtering out viruses! On 15/10/2020 3:48 μ.μ., Dino Edwards wrote: > https://github.com/extremeshok/clamav-unofficial-sigs > > This has worked wonderfully for us. Sounds great. Should I first remove the stale

RE: clamav (under amavis) not filtering out viruses!

Hi Niko, Try this: https://github.com/extremeshok/clamav-unofficial-sigs This has worked wonderfully for us. -Original Message- From: amavis-users On Behalf Of Nikolaos Milas Sent: Thursday, October 15, 2020 8:41 AM To: amavis-users@amavis.org Subject: Re: clamav (under amavis)

Re: Is my Bayes working?

The bayes_auto_learn is probably working against you. You should never turn that on until you have made absolutely sure your bayes filter is trained just right which usually happens after 200 spam and ham messages. I personally never turn that on even after I train my spam filter. What

RE: web i/f ?

Actually there is a project that I have been working on for a few years and is actively maintained that has a Web UI that supports Amavisd-new, Postfix, Apache SpamAssassin, ClamAV etc. It's based on Ubuntu 18.04. It also supports SPF, OpenDKIM, opendmarc and ciphermail if you want to use

RE: Conversion to 7BIT required but not supported

I’m looking into enabling 8BITMIME on James. In the meantime a policy like this should suffice? #This policy serves to persuade Postfix to convert mail to 7-bit before submitting to Amavis $interface_policy{'10021'} = 'DISABLE8BITMIME'; $policy_bank{'DISABLE8BITMIME'} = {

RE: Conversion to 7BIT required but not supported

HI Damian, > $interface_policy{'10021'} = 'FIRST'; > $interface_policy{'10025'} = 'SECOND'; $policy_bank{'FIRST'} = { > forward_method => 'smtp:[127.0.0.1]:10025', }; > $policy_bank{'SECOND'} = { > forward_method => 'smtp:[127.0.0.1]:10026', > smtpd_discard_ehlo_keywords =>

RE: Conversion to 7BIT required but not supported

As requested: main.cf starts here queue_directory = /var/spool/postfix command_directory = /usr/sbin bounce_queue_lifetime = 5d maximal_queue_lifetime = 14d data_directory = /var/lib/postfix mail_owner = postfix unknown_local_recipient_reject_code = 550 debug_peer_level = 2

RE: Conversion to 7BIT required but not supported

Hi Damian, I'm using Postfix as the MTA. I don't have smtpd_discard_ehlo_keywords_address_maps set in my main.cf at all. -Original Message- From: amavis-users On Behalf Of Damian Sent: Saturday, January 4, 2020 3:35 PM To: amavis-users@amavis.org Subject: Re: Conversion to 7BIT

Conversion to 7BIT required but not supported

Hi, I've got an odd issue on a brand new Amavis install on Ubuntu 18.04. I'm getting rejections on certain incoming e-mails. I'm hoping someone can shed some light into this: dsn: . 550 MtaRejected -> : on_succ=0, on_dly=1, on_fail=1, never=0, warn_sender=, DSN_passed_on=0, destiny=-3,

RE: whitelist

>P.S. >Any pre-queue process will introduce a noticable delay. This is imposed by the >scan process itself. It is the same delay you have in post-queue – its just >that now you get to "see" in SMTP sessions. Clients won't bother. The typical >client timeout is 600 second. That's ten minutes a

RE: whitelist

message that amavis simply didn’t like (Russian language emails) Any particular reason why you use it that way? From: Gregory Sloop [mailto:gr...@sloop.net] Sent: Friday, July 12, 2019 1:48 PM To: Dino Edwards ; Curtis Vaughan ; amavis-users@amavis.org Subject: Re: whitelist Dino... IIRC

RE: whitelist

Here's how to do it with BONUS blacklist: In postfix /etc/postfix/main.cf set the following for whitelist senders: smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/amavis_senderbypass In the /etc/postfix/amavis_senderbypass file enter email addresses and/or domains you wish

RE: Recommended web UI for Amavisd quarantine?

Maybe not be exactly what you need since this is relay appliance (not a full blown mail server) but maybe take a look at open source Hermes SEG: https://www.deeztek.com/products/hermes-secure-email-gateway/ The functionality you desire plus much more is described in the docs:

RE: mysql error in amavis

Anyone have any insight on this? From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of Dino Edwards Sent: Tuesday, April 9, 2019 2:44 PM To: amavis-users@amavis.org Subject: mysql error in amavis I've noticed the following errors on certain

RE: amavis minimal db config for whitelist/blacklist

This is what I have for the wblist lookup: $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr,users' . ' WHERE (users.id=?)' . ' AND (wblist.rid=users.id)' . ' AND (wblist.sid=mailaddr.id)' . ' AND (mailaddr.email IN (%k))'; # . ' ORDER BY mailaddr.priority DESC'; This is

mysql error in amavis

I've noticed the following errors on certain messages in mail.log: amavis[4270]: (04270-02) (!)WARN save_info_final: sql exec: err=1366, HY000, DBD::mysql::st execute failed: Incorrect string value: '\\xF0\\x9F\\x8E\\x89' for column 'subject' at row 1 at (eval 100) line 172 After looking in

RE: Send recipient notification of quarantined spam

We have been able to accomplish what you are asking for with our appliance. We have a job that runs on a scheduled basis (2, 4, 8 hours or daily depending on recipient preferences) that goes through the msgs table and selects any messages that were quarantined during that time period (viruses,

RE: Example for amavisd-signer as separate systemd service?

If you want it as a separate service, wouldn't be better to use opendkim instead? -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of ge...@ssl-mail.com Sent: Thursday, November 1, 2018 8:00 PM To:

RE: originating flag not working - critical bug - RelayedOpenRelay / DKIM signing not working

Wouldn't this be avoided by simply using opendkim for DKIM signing instead of relying on amavis for that? Or are there other use scenarios for the originating flag where this would come into play? -Original Message- From: amavis-users

RE: Open relay? Nonlocal recips but not originating: in my maillog

Subject: Re: Open relay? Nonlocal recips but not originating: in my maillog On 2018-02-10 0:44, Dino Edwards wrote: > This has been a well publicized issue. As far as I can tell there is no fix, > it seems to be a perl issue. Are you using Fedora? I couldn't find anything about it. I am

RE: Open relay? Nonlocal recips but not originating: in my maillog

Subject: Re: Open relay? Nonlocal recips but not originating: in my maillog On 2018-02-10 0:44, Dino Edwards wrote: > This has been a well publicized issue. As far as I can tell there is no fix, > it seems to be a perl issue. Are you using Fedora? I couldn't find anything about it. I am

Re: Open relay? Nonlocal recips but not originating: in my maillog

This has been a well publicized issue. As far as I can tell there is no fix, it seems to be a perl issue. Are you using Fedora? From: Karol Augustin Sent: Friday, February 9, 2018 7:32 PM To: amavis-users@amavis.org Subject: Re: Open relay?

RE: "Split config" into multiple files

I’m not sure if amavis will allow you to do an include as you are suggesting. Someone else can maybe chime in on that. Have you considered using opendkim instead of amavis to accomplish this? This will give you the separate file functionality you are looking for. From: amavis-users

RE: Scoring questions

I haven’t had the chance to look at it. Is the debug log you sent from the new 16.04 install or the 14.04 install? From: Computer Bob [mailto:b...@inter-control.com] Sent: Tuesday, January 30, 2018 1:10 PM To: Dino Edwards <dino.edwa...@mydirectmail.net>; amavis-users@amavis.org Subje

RE: Scoring questions

Did you? Initialize pyzor: /usr/bin/pyzor ping Initialize Razor: /bin/rm /etc/razor/identity* /bin/rm /etc/razor/razor-agent.conf /usr/bin/razor-admin -home=/etc/razor -create /usr/bin/razor-admin -home=/etc/razor -register -Original Message- From: amavis-users

RE: Scoring questions

Did you send all the headers of the emails that do not get handled correctly? From: Computer Bob [mailto:b...@inter-control.com] Sent: Monday, January 29, 2018 5:25 PM To: Dino Edwards <dino.edwa...@mydirectmail.net>; amavis-users@amavis.org Subject: Re: Scoring questions Interestingly

RE: Scoring questions

t M1-2.myorganization.org On 1/29/18 2:15 PM, Dino Edwards wrote: Please try $sa_tag_level_deflt = undef; In /etc/amavis/conf.d/50-user Do you see the X-Virus-Scanned header in the emails that amavisd processes? From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydire

RE: Scoring questions

the intricacies of the amavis procedural steps, or were to start, it is not possible for me to troubleshoot. On 1/29/18 1:20 PM, Dino Edwards wrote: I disagree it's bad advice considering it's autolearn that seems to be creating at least some of the problems he's experiencing. However, I do

RE: Scoring questions

Comments like this is why people dislike "Linux" people. This comment was not helpful in any way, didn't add to the conversation and it merely demonstrated that your email client can't handle HTML or you are just so annoyed by someone using HTML in their email that you can't function until

RE: perl-DBD-MySQL (Fedora 24)

18:15, Dino Edwards wrote: > Not sure, what's happening there. I can tell you on my end that those fields > are float type also. What does your sql_select_policy look like? Mine looks > like this: > > $sql_select_policy = 'SELECT *, users.id FROM users,policy'. > ' WHERE (users.p

RE: perl-DBD-MySQL (Fedora 24)

@amavis.org Subject: Re: perl-DBD-MySQL (Fedora 24) On 03/01/18 18:15, Dino Edwards wrote: > Not sure, what's happening there. I can tell you on my end that those fields > are float type also. What does your sql_select_policy look like? Mine looks > like this: > > $sql_select_p

RE: perl-DBD-MySQL (Fedora 24)

, 2018 1:22 PM To: amavis-users@amavis.org Subject: Re: perl-DBD-MySQL (Fedora 24) On 03/01/18 18:15, Dino Edwards wrote: > Not sure, what's happening there. I can tell you on my end that those fields > are float type also. What does your sql_select_policy look like? Mine looks

RE: Amavis doesn't mark mail as spam, and doesn't set spam headers

I suggest that all your customization be done on /etc/amavis/conf.d/50-user for simplicity sake instead of jumping around all those config files. Up to you. On your particular issue, try this: $mydomain = "mydomain.tld"; @local_domains_acl = ( "mydomain.tld", "localhost" ); The way you had

RE: Amavisd missing spam headers

Try this instead: $sa_tag_level_deflt = undef; -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of Filip Bartmann Sent: Wednesday, November 22, 2017 2:22 PM To: amavis-users@amavis.org Subject: Amavisd missing

RE: submission, not originating ... for roaming, authenticated users?

20, 2017 3:19 AM To: amavis-users@amavis.org Subject: Re: submission, not originating ... for roaming, authenticated users? HI Dino! Am 20.11.2017 um 01:19 schrieb Dino Edwards: > What's in your /etc/postfix/all_local_domains_map file? This file incudes all local Domains, whee Postfix is fi

RE: submission, not originating ... for roaming, authenticated users?

What's in your /etc/postfix/all_local_domains_map file? This line below says that amavis can't match that email address: Nov 19 21:33:09 mailslut amavis[26104]: (26104-01) lookup => false, "dja...@nausch.org" matches, result="0", matching_key="(constant:0)" Is the nausch.org domain in that

RE: WMF file concerns

There have been WMF vulnerabilities in the past. Here's an example: https://technet.microsoft.com/library/security/ms11-038 I know it's pretty old and but even if the systems are patched, it's probably best not to allow them. There could be some 0-day malware taking advantage of WMF

RE: clearing just ham data

amount of data starts with a 't', then the second amount starts with an 's' and have a second column with 's' or 'h'. Do you think I can remove all the 'h' entries from the file and restore from it? What are the 't' rows? Da: Dino Edwards <dino.edwa...@mydirec

RE: RE: RE: RE: RE: different spamassassin behaviours

I don't know of a why of just cleaning the ham. Unless someone knows of a way. I always have just cleared the whole database and started feeding it ham and spam. From: Gabriele Bulfon [mailto:gabriele.bul...@sonicle.com] Sent: Thursday, June 29, 2017 9:22 AM To: Dino Edwards <dino.e

RE: RE: RE: different spamassassin behaviours

bayes_auto_learn 0 Dino Edwards [hermes_logo3] Hermes Secure Email Gateway Hermes Secure Email Gateway is a Free Open Source (Hermes SEG Community Only) Email Gateway that provides Spam, Virus and Malware protection, full in-transit and at-rest email encryption

RE: [SUSPECTED SPAM]RE: different spamassassin behaviours

...@sonicle.com] Sent: Tuesday, June 27, 2017 9:03 AM To: Dino Edwards <dino.edwa...@mydirectmail.net>; amavis-users@amavis.org Subject: [SUSPECTED SPAM]RE: different spamassassin behaviours The x-spam-status headers on that cases are not present, because the score is too low, and is considered no

RE: different spamassassin behaviours

Do you know for a fact that the bayes database is making those scores get higher when you run it in debug? If so, where is your bayes database stored and who is the owner of that path? Do you know for a fact that Amavis calls Spamassassin to scan emails? [hermes_logo3]

RE: How many antivirus are recommended?

How about Eset? -Original Message- From: Alex [mysqlstud...@gmail.com] Received: Tuesday, 20 Jun 2017, 9:56AM To: Hugo Manuel Ojendiz Lemus [ojendi...@halmex.com.mx]; amavis-users@amavis.org [amavis-users@amavis.org] Subject: Re: How many antivirus are recommended? Hi, On Tue, Jun 20,

RE: Client host rejected: Access denied

Technically, this question belongs to the postfix mailing list since this is not an amavis related. They will be able to assist you better. -Original Message- From: Scappatura Rocco [rocco.scappat...@infracom.it] Received: Wednesday, 14 Jun 2017, 6:09AM To: 'amavis-users@amavis.org'

RE: block exe in pdf-files? [SOLVED]

for me, thanks a lot! Cheers Daniel 2017-05-30 16:17 GMT+02:00 Dino Edwards <dino.edwa...@mydirectmail.net>: > I think you are right. Probably not. If you are using clamav, I wonder if > setting the following in clamav would give you the desired result? > > ScanOLE2 true >

RE: Tag spam only for recipients from a domain

First of all, for spam the following directive applies: $final_spam_destiny = D_DISCARD; Not $final_banned_destiny = D_DISCARD; $final_banned_destiny is for banned files not spam. In order to accomplish what you want, you should probably set up $final_spam_destiny = D_DISCARD; That

RE: How many antivirus are recommended?

Short answer is: As many as you can have where it won't impact email delivery or performance. -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of Hugo Manuel Ojendiz Lemus Sent: Thursday, June 1, 2017 8:30 AM To:

RE: block exe in pdf-files?

in a pdf. JC Am 30.05.2017 um 15:38 schrieb Dino Edwards: > Have you tried the following in your file rule? > > [qr'.\.(docm)$'ix => 1], > [qr'.\.(dotm)$'ix => 1], > [qr'.\.(xlsm)$'ix => 1], > [qr'.\.(xltm)$'ix => 1] > > The above SHOULD Block macro enab

RE: block exe in pdf-files?

Have you tried the following in your file rule? [qr'.\.(docm)$'ix => 1], [qr'.\.(dotm)$'ix => 1], [qr'.\.(xlsm)$'ix => 1], [qr'.\.(xltm)$'ix => 1] The above SHOULD Block macro enabled office docs. -Original Message- From: amavis-users

RE: Suppress delivery-notification/Read-receipt for spam?

How about an SA meta rule like this? header __DISPOSITION_NOTIFICATION_TO exists:Disposition-Notification-To header __SUBJECT_CONTAINS_SPAM Subject =~ /\bSPAM\b/i meta SPAM_WITH_READ_RECEIPT (__DISPOSITION_NOTIFICATION_TO && __SUBJECT_CONTAINS_SPAM) score SPAM_WITH_READ_RECEIPT 15 Assuming

RE: Open relay from localhost and other questions

In the @lookup_sql_dsn I have the following which works with no problem: @lookup_sql_dsn = ( ['DBI:mysql:database=dbase;host=127.0.0.1;port=3306', 'sqluser', 'somepassword']); I’m not exactly sure what you are attempting to do with the $sql_select_policy statement, maybe you can

RE: Virus scanners with amavis and fedora

Of Alex Sent: Friday, April 14, 2017 3:03 PM To: amavis-users@amavis.org Subject: Re: Virus scanners with amavis and fedora Hi, On Fri, Apr 14, 2017 at 11:00 AM, Dino Edwards <dino.edwa...@mydirectmail.net> wrote: > I mean what specific issues are you having? Do you have Macro enabled > en

RE: Virus scanners with amavis and fedora

@amavis.org Subject: Re: Virus scanners with amavis and fedora On Fri, 2017-04-14 at 09:00 -0400, Alex wrote: > Hi, > > On Fri, Apr 14, 2017 at 8:53 AM, Dino Edwards > <dino.edwa...@mydirectmail.net> wrote: > > What problem are you having with Macro Viruses and PDF spam? >

RE: Virus scanners with amavis and fedora

...@gmail.com] Sent: Friday, April 14, 2017 9:01 AM To: Dino Edwards <dino.edwa...@mydirectmail.net>; amavis-users@amavis.org Subject: Re: Virus scanners with amavis and fedora Hi, On Fri, Apr 14, 2017 at 8:53 AM, Dino Edwards <dino.edwa...@mydirectmail.net> wrote: > What problem

RE: Virus scanners with amavis and fedora

What problem are you having with Macro Viruses and PDF spam? -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of Alex Sent: Thursday, April 13, 2017 8:32 PM To: amavis-users@amavis.org Subject: Virus scanners with

RE: "No SMTP response to data-dot"-message and delivered the message like 10 times

Absolutely correct. I've been looking at the log file and the problem starts here when amavis connects to your local MTA to deliver the email. This happens at Apr 10 15:32:29, see below: Apr 10 15:32:29.077 rmm.li /usr/sbin/amavisd-new[17487]: (17487-01) smtp cmd> EHLO localhost Apr 10

RE: "No SMTP response to data-dot"-message and delivered the message like 10 times

must be related to the " No SMTP response to data-dot " error. On 07.04.2017 14:43, Dino Edwards wrote: > Maybe it's not related to the specific issue, but an Open Relay is a HUGE > problem and I HIGHLY suggest before you look into any other problem, you > should look into why

RE: "No SMTP response to data-dot"-message and delivered the message like 10 times

said, the really annoying part was, that the message got delivered more than 10 times (each time I deleted it, it reappeared a few hours later again, first I thought I'm becoming crazy ;-))) Am 7.4.2017 14:15, schrieb Dino Edwards: > Could this be part of the problem? It says MTA-BLOCKED because it

RE: "No SMTP response to data-dot"-message and delivered the message like 10 times

d) Apr 6 13:56:56 rmm dovecot: lmtp(8284): Disconnect from local: Successful quit I guess amavis got some problem with the big attachment? Could there be some kind of missconfiguration? So far I never had problems with amavis. Well, it was the first time, that I accidentally send an e-mail to

RE: Handling spam, which is not yet on blacklists

You mean like graylisting? -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of Frank de Bot (lists) Sent: Wednesday, March 15, 2017 3:36 PM To: amavis-users@amavis.org Subject: Handling spam, which is not yet on

RE: spamtrap and dynamic blacklisting

- From: Patrick Proniewski [mailto:patrick.proniew...@univ-lyon2.fr] Sent: Tuesday, March 14, 2017 7:29 AM To: amavis-users@amavis.org Cc: Dino Edwards <dino.edwa...@mydirectmail.net> Subject: Re: spamtrap and dynamic blacklisting Hi Dino, I'm not so sure. Of course sender is potentially forged,

RE: spamtrap and dynamic blacklisting

be accomplished without writing any code, just some SQL queries. Dino Edwards Hermes Secure Email Gateway Hermes Secure Email Gateway combines Open Source technologies such as Postfix, Apache SpamAssassin, ClamAV, Amavisd-new, MySQL and CipherMail under one unified web

RE: spamtrap and dynamic blacklisting

in a Postfix senders table with reject action. Sender addresses are almost always forged so blocking the IP is probably better. Dino Edwards Hermes Secure Email Gateway Hermes Secure Email Gateway combines Open Source technologies such as Postfix, Apache

RE: spamtrap and dynamic blacklisting

This maybe a bit complicated but here's how I would approach this: 1. Setup SQL tables for Amavis. This will allow amavis to log all messages coming through along with the recipient and the sender (specific tables are msgrcpt, msgs, maddr, mailaddr) 2. Schedule queries to run against those

RE: Quarantine doc Files only with Macros?

do you have amavis policy setup that may specify virus_lover set to Y set on the server that accepts the macro enabled document by any chance? -Original Message- From: postmas...@wf-partner.com [mailto:postmas...@wf-partner.com] Sent: Monday, February 27, 2017 4:09 AM To: Dino Edwards

RE: Quarantine doc Files only with Macros?

To: Dino Edwards <dino.edwa...@mydirectmail.net> Cc: amavis-users@amavis.org; amavis-users <amavis-users-bounces+postmaster=wf-partner@amavis.org> Subject: Re: Quarantine doc Files only with Macros? You are right, we have two different linux servers with mailservers and they

RE: Quarantine doc Files only with Macros?

I believe both of these have to be set to true in order for that to work ScanOLE2 true OLE2BlockMacros true -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of postmas...@wf-partner.com Sent: Friday, February

RE: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")

l instead > of local to quarantine? No there is no particular reason to use sql quarantine. But we have not so many quarantined mails in a week, so we can live with it. Thomas -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org] O

RE: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")

ubject: Re: amavisd-release does not work with SQL quarantine (missing quar_type = "Q") On 2017-02-20 (06:16 MST), Dino Edwards <dino.edwa...@mydirectmail.net> wrote: > > $QUARANTINEDIR = "/some/mountpoint/with/plenty/of/space"; > $virus_quarantine_metho

RE: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")

-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of @lbutlr Sent: Monday, February 20, 2017 2:37 PM To: amavis-users@amavis.org Subject: Re: amavisd-release does not work with SQL quarantine (missing quar_type = "Q") On 2017-02-20 (06:16 MST), Dino Edwards

RE: amavisd-release does not work with SQL quarantine (missing quar_type = "Q")

al:spam/%m'; $banned_files_quarantine_method = 'local:banned/%m'; $bad_header_quarantine_method = 'local:bad_header/%m'; $clean_quarantine_method = 'local:clean/%m'; ---- Dino Edwards Hermes Secure Email Gateway Hermes Secure Email Gateway combines Open Source technologies such

RE: Amavis DNS query timeout

when queried independently, so its looking like amavis is not correctly moving through to alternative resolvers ? On 13 February 2017 at 13:21, Dominic Raferd <domi...@timedicer.co.uk> wrote: > Ah yes you may be right, I have: $enable_dkim_verification = 0; > > On 13 February 2017

RE: Amavis DNS query timeout

I don't think you are correct. That header is usually generated when $enable_dkim_verification = 1; is set in the amavis config file. -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of Dominic Raferd Sent: Sunday,

RE: Amavis DNS query timeout

So what happens when you run this command: dig @192.168.xxx.xxx -t txt 20161025._domainkey.google.com txt where 192.168.xxx.xxx is the IP of your DNS server set in the resolv.conf file of your amavis server? -Original Message- From: amavis-users

RE: Amavis to ClamAV TCP with DNS lookup

Try fqdn -Original Message- From: Cyril [cy...@moncoindunet.fr] Received: Sunday, 29 Jan 2017, 6:11PM To: amavis-users@amavis.org [amavis-users@amavis.org] Subject: Re: Amavis to ClamAV TCP with DNS lookup Hum it was a good idea but I have the same issue: /usr/sbin/amavisd-new[17]:

RE: Logging IP address in error logs

:31, Dino Edwards wrote: > I still don't understand how email comes in. Is amavis listening on port 25? > > -Original Message- > From: Martin Schmid [mailto:s...@aps-systems.ch] > Sent: Wednesday, January 18, 2017 11:15 AM > To: Dino Edwards <dino.edwa...@mydirectmail.net>

RE: Logging IP address in error logs

I still don't understand how email comes in. Is amavis listening on port 25? -Original Message- From: Martin Schmid [mailto:s...@aps-systems.ch] Sent: Wednesday, January 18, 2017 11:15 AM To: Dino Edwards <dino.edwa...@mydirectmail.net> Subject: Re: Logging IP address in erro

RE: Logging IP address in error logs

This is an unusual setup. May I ask why? The reason I'm asking is because an SMTP server in front would cut down on that traffic. -Original Message- From: Martin Schmid [mailto:s...@aps-systems.ch] Sent: Wednesday, January 18, 2017 10:38 AM To: Dino Edwards <dino.e

RE: Logging IP address in error logs

Are you seeing this in postfix or amavis? -Original Message- From: amavis-users [mailto:amavis-users-bounces+dino.edwards=mydirectmail@amavis.org] On Behalf Of Martin Schmid Sent: Wednesday, January 18, 2017 9:56 AM To: amavis-users@amavis.org Subject: Logging IP address in error

RE: Flashlight spam (and others)

12:42 AM To: amavis-users@amavis.org Subject: Re: Flashlight spam (and others) > On Dec 17, 2016, at 10:40 AM, Dino Edwards <dino.edwa...@mydirectmail.net> > wrote: > > Am I looking at this right? Does BAYES_00 assign a score of -4 on these > messages? Yes. BAYES_00

RE: Amavisd and Bayes (again...)

Why don't you do the following.: Edit your SA local.cf file and make sure the following lines are in it. NOTE the bayes_path, set that to a directory of your choice. Please also note that the last bayes of that path is NOT a directory but it's simply the prefix of that files in that

RE: Increase spamassassin bayes99 score

> > reject_unknown_client_hostname (with Postfix < 2.3: > reject_unknown_client)Reject the request when 1) the client IP > address->name mapping fails, 2) the name->address mapping fails, or 3) > the name->address mapping does not match the client IP address. > This is a stronger restriction than

RE: Increase spamassassin bayes99 score

Yasou NiKo, There are a few things that might be going on here. What is the average score of the ham e-mails that you are getting through. The reason I’m asking is can you possibly bring down your required=5.5 score? Every installation is different but our required= score is set to 3.6 and

RE: Question about old Amavis thread

Not sure if you meant to e-mail me or Thomas but here’s my answer: In order to assign file rules to users, you need to first have policies. Then you assign file rules to those policies and then you assign the policies to users. In order for all that to work, you need to have a users and policy

RE: Password protected Word/phishing emails

I'm not sure how the scanner will open up a password protected document to scan it if it doesn't have the password. I would be the same thing with password protected zips. The best approach with MS docs in my opinion is to block all the old office formats (.xls, .doc ) since back then MS

RE: Mailinglist should be working again

I'll say. My inbox just got flooded with all the missing emails. Glad it's resolved. Thank you!! -- Hermes Secure Email Gateway Hermes Secure Email Gateway combines Open Source technologies such as Postfix, Apache SpamAssassin, ClamAV, Amavisd-new, MySQL and CipherMail under one unified web

  1   2   >