VMware Virtual Appliances Community
andy_mac
Enthusiast
Enthusiast

ESVA 1.6

This is the forum to discuss ESVA 1.6 matters.

VMTN Appliance listing: http://www.vmware.com/vmtn/appliances/directory/542

Website: http://www.global-domination.org/ESVA/16

-Andy

Reply
0 Kudos
118 Replies
LogIQ
Contributor
Contributor

Lee

Find the software called WinSCP on Google, and download it. With that software you get an easy explorer like interface to the ESVA's files.

Use the IP of the ESVA and root+password to log on.

The rest should be quite easy, just copy it to you your windows machine, and then back to the new ESVA

\- Ulrich

Reply
0 Kudos
robert_perry
Contributor
Contributor

Andy,

Quick question. Is there a way to use Active Directory from an existing domain, to authenticate the users for their own quarantined emails?

Great work. Keep it up.

bob

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

Guys - The easiest way is to configure your first ESVA server just the way you like it, Shut it down and make copies!

-You just need to set the IP address when the copy comes up (disconnect the virtual NIC before you boot it or point it to a different vswitch) and change the hostname in webmin once IP is configured & connected.

\- Just like the setup procedure when you first downloaded ESVA but even quicker & easier (and there is no chance of missing anything!

-Andy

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

Not natively due to the user details for MailWatch being kept in the MySql database - however there are instructions for importing users from AD to that database. Not sure how it handles passwords though...

http://mailwatch.sourceforge.net/doku.php?id=mailwatch:tipandtricks:ldapcryptauthsync

-Andy

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

\- or right-click > Edit to edit files in place. Not a bad editor either... (It's no Wordpad, but it does the trick)

-Andy

Reply
0 Kudos
LogIQ
Contributor
Contributor

Andy

Yes that I am aware of, but what if I downloaded the first 1.6 version, and added let us say 100 domains and multiple users.

If I then want to use the new fully functional version how do I get my configuration from the first virtual machine to the new?

That is what I want to accomplish...

Thx!

Ulrich

Reply
0 Kudos
LogIQ
Contributor
Contributor

Could I not export the tables from mysql on one installation, and then import them on another?

What is the username and password for the MailWatch database?

\- Ulrich

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

OK - That's what I get for not reading the question correctly....

You are correct for the Postfix & MailScanner settings, for the MailWatch stuff it's a matter of dumping the database to a flat-file then importing it on your other server. I'll do a quick how-to this evening (with some screenshots too!)

-tip for those that can't wait: use the mysql applet in webmin and dump to /tmp, use winscp to copy the file from /tmp to your pc, then import on the target machine using the handy upload feature on the webmin restore/import applet.

-Andy

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

Use the sql-dump process outlined above - it really is quick & easy!

If you need the username/password, they are in conf.php

-Andy

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

I have documented this now - http://www.global-domination.org/ESVA/how-to/howto-migrate16-16.pdf

Any problems, let me know.

-Andy

Reply
0 Kudos
Catrinisin
Contributor
Contributor

Hello, I am new to ESVA and quite impressed I must say!

All of my users get an email each time a spam message is blocked. How can I change this behavior?

I know that this answer may be located in some documentation, but the only documentation I can find on the global-domination site is for setup guides, migration, etc.

Can someone help?

Thanks!

Chris

Reply
0 Kudos
Shamrock
Contributor
Contributor

Hi Andy,

Hi Shamrock,

Does the user have a similar problem when using the spam-release url in the > notification?

The user has the same problem when releasing quarantined mail. The message says that it was released but nothing arrives on my exchange.

I've also noticed that using "reports > Message operations" has no result either. When I tag a message as spam and press the learn button, again nothing happens.

I would blacklist the email address or domain rather than the ip of

where it's coming from. It seems that IMSS is doing strange things

to headers so that all mail appears to originate from it... Weird.

Yes, I know, so would I. But unfortunately it automatically adds the IP-adres of the webserver as the senders address. You can overwrite it of course but I can't trust my users to do so (if they forget it once, they block out all their mail). In the "received from"-field is my webservers IP and in the "received via"-field is my webservers IP on the first line and the original senders IP on the second. Is there a way of letting ESVA know to ignore my webservers IP (I've allready added it to the trusted_recipients list)

e.g. to block all messages from spam.com to all your domains:

from: (@)spam.com

to: (@)default

blacklist

Thanks for the tip. I'll use that!

Reply
0 Kudos
Shamrock
Contributor
Contributor

Hi Catrinisin

Go to: Servers > MailScanner > What to do with spam.

In the" Spam Action"-field you'll find: "store notify".

Remove "notify" so it only says "store" and that's it.

Reply
0 Kudos
jonet
Contributor
Contributor

Try chmod 771 /var/spool/postfix, and enjoy this Great Product

Reply
0 Kudos
cpope
VMware Employee
VMware Employee

Seems to be working great with the new download. I now have one other issue. I am using the appliance as my main mail server. When an email message gets bounced, I get a message to "Postmaster" saying undeliverable. It seems that the "Check Valid User" settings aren't working. If a user is not found in my PAM database, I want it to reject it as a recipient. I get a lot of spam that comes into my mail server to someuser@mydomain.com that don't really exist. What is the best way to do this?

It seems that what is happening is that maybe the spam filter is checking the message first and sending a quarentine message to the user. Well that user doesn't exist in the system, so it can't deliver the quarentine message so postmaster gets a bounce back. Is there a way to check whether a user exists in a specific database before a message is quarentined?

Message was edited by:

cpope

Reply
0 Kudos
LogIQ
Contributor
Contributor

Andy

Can you tell me what happens when the receiving mailserver is offline?

If messages are kept in outgoing queue, for how long?

Could ESVA then also serve as a security for downed mailservers?

Also could it be used to store customers mails for potential restore option?

\- Ulrich

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

Hi Ulrich,

Can you tell me what happens when the receiving

mailserver is offline?

Postfix will keep retrying. Deferred messages can be found in the deferred directory.

If messages are kept in outgoing queue, for how

long?

They are moved to deferred - Not sure how long for though. I'll have to check.

Could ESVA then also serve as a security for downed

mailservers?

Yes - It does this very well, but for how long depends on how long it will keep messages for in the deferred queue.

Also could it be used to store customers mails for

potential restore option?

Absolutely - You will need to turn archiving on in MailScanner.conf (maybe via the webmin applet...). I'm not sure if this can be configured per domain etc. as I haven't tried this feature out.

Be aware that this will eat disk - It might be prudent to create a new vmdk and attach it to your ESVA if you want this functionality - that way you can keep this same archive through ESVA versions.

-Andy

Reply
0 Kudos
andy_mac
Enthusiast
Enthusiast

postfix can check a file for valid recipients - you just need to configure this functionality.

Can you dump a list of valid recipients to a text file?

-Andy

Reply
0 Kudos
LogIQ
Contributor
Contributor

Hi Andy,

That is perfect!

That make ESVA a 3-in-one product Smiley Happy

E-mail security, Backup MX functionality, and e-mail storage

Looking forward to your reply on how long it holds the deferred mails...

I will try the mail archiving function. Off course it will need more storage, but that is up to the potential customers to pay.

Keep up the good work!

\- Ulrich

Reply
0 Kudos
julian_o_brien
Enthusiast
Enthusiast

If anybody is interested, I migrated my postgrey berkeley db from ESVA 1.5 to 1.6 by simply copying the contents of the /var/spool/postfix/postgrey from the old version to the new one. I had to reset the permissions on that folder, also.

This was important as I didn't want postgrey to have to re-learn everything.

One other thing I did was change the delay to 1 in the options for postgrey. I added --delay=1 to the OPTIONS line in /etc/init.d/postgrey. It seems that spam never really retries so a delay longer just annoys my users. I'll update here if this lets through a lot of spam or not.

Reply
0 Kudos