http://www.vmware.com/vmtn/appliances/directory/255
A mail proxy based on FreeBSD with spam (SpamAssassin) and virus (ClamAV) scanning. Can be used with any existing mail system.
netmavrik
Did you recived Telackey's answer for this issue ? because I don't find it.
Regards,
Telackey
I am running SV for one of my clients. They have
been informing me that it isn't blocking much. That
was suprising to me, since their configuration and
mine are the same, and mine is blocking almost
everything. After more research, I think that I
figured it out.
For myself, I adjusted my MX record to point to my
SV. Spammers talk directly to my SV appliance, so
DNS blacklist lookups are working correctly. My
client however, didn't want to set theirs up that
way, and their mail goes through and isp who forwards
the mail to SV, and then SV forwards the mail to the
clients Exchange server. After looking through the
quarantine, I discovered that SpamAssassin is only
using Bayes_ and URI_ to block messages (mostly).
There aren't any DNS_BL scores hitting, like I see
in my quarantine.
How do I configure Postfix/SA to ignore the ip of the
ISPs mail server, and correctly submit the spammers
ip to the blacklist lookups?
Hope this is understandable.
netmavrik
Did you recived Telackey's answer for this issue ? because I don't find it.
Regards,
He never replied, and I was never able to figure out why DNS blacklists don't work in that configuration.
This scenario doesn't allow for me to put SV in front of the SMTP server. I setup another SV VM without my usual tweaks and updates, and it still doesn't work properly. I did verify that the SMTP server was including the ip address of the spammers server in the message header. The information that SpamAssassin needs to perform the DNS lookup is available.
A few mages back there is a clamav update instruction by myself, do that and the access rights correction a few posts later ad you will be allright.
Biggest obstacle is that SV is not setup for updates itself.
As SV is FreeBSD 6.1 you cen read up on the requirements at the freebds manual.
ALWAYS MAKE A OFFLINE VMWARE SNAPSHOT, AND YOU WILL ALWAYS BE FINE.[/b]
(I installed webmin as well later , but that broke some stuff I havent figured out yet)
Telackey,
Its a really great appliance and this forum has really been helpful in my implementation of this appliance. I was wondering if you were going to implement the daily/weekly digest feature on a per user basis.
Has anyone got this working? How would i go about implementing it if it is not on you list.
Any Help would be appreciated!
On the web interface when you release a spam item it doesnt disappear from the list. Is it possible for it to disappear from the list when you release it.
Also a good feature to have on the web interface would be that you can select multiple messages by checkin the box and than release all that are checked.
When I start amavis in debug mode I see the following error:
bayes: cannot write to /var/amavis/.spamassassin/bayes_journal, bayes db update ignored: Permission denied
What are the correct permissions for this file and the .spamassassin folder?
Netmavrik
\* I got it, thanks.
Message was edited by:
netmavrik
Hi, I have one question, is there a way to limit the number of email ending up in the viewer database? Right now I have around 18,000 emails in it and my users are complaining that its slow as hell to go into the viewer and check there emails there. Any suggestions?
Thanks.
Another one, are you planning on releasing a new version or do we have to update the software ourself? And if so do you have some doc on how to upgrade the different soft (clam,amavis,spamassassin etc)
Thanks and keep the good work.
I can help with this one. In amavisd.conf you can set the limit of the items that are retained in the quarantine. Look for $sa_quarantine_cutoff_level. You need to experiment to find the right value for you. It needs to be low enough to drop the obvious spam, but high enough to quarantine a false positive.
Good luck.
Is there a setting to limit the number of days a email stay in quarentine, ex. I would like to keep only 2 weeks in the quarentine and delete everything that are older than that. Even if its a script that I can run in cron I dont mind.
Thanks.
Hi, I have one question, is there a way to limit the
number of email ending up in the viewer database?
Right now I have around 18,000 emails in it and my
users are complaining that its slow as hell to go
into the viewer and check there emails there. Any
suggestions?
Thanks.
Yep. A couple of things will help. One, as netmavrik suggested, you can adjust the level at which the quarantine isn't used. That is, something that is ridiculously spammy isn't even kept for quarantine. That will help cut down the inflow.
The other is how much spam to keep. It is a question during setup, but defaults a large size that is probably too high most situations. To change it, edit /usr/local/sbin/clean-spam.sh and change the value of SIZE to something much smaller. It starts by deleting messages older than thirty days, and continues to delete messages counting down to more recent messages until the total size of the messages is below the SIZE limit.
Is there a setting to limit the number of days a
email stay in quarentine, ex. I would like to keep
only 2 weeks in the quarentine and delete everything
that are older than that. Even if its a script that
I can run in cron I dont mind.
Thanks.
Not directly, but you could edit that clean-spam.sh script to care less (or not at all) about size, and only age. (Note, I did not test this command.)
#!/bin/sh
MAILPATH="/var/virusmails/"
cd $MAILPATH
if \[ $? -ne 0 ]; then
echo "Unable to enter directory"
exit 1
fi
DAYS=14
find . \( -name "spam" -or -name "virus" -or -name "banned" -or -name "bad" \) -and -ctime +$DAYS | xargs -n1 rm
Another one, are you planning on releasing a new
version or do we have to update the software ourself?
And if so do you have some doc on how to upgrade the
different soft (clam,amavis,spamassassin etc)
Thanks and keep the good work.
Yes, I am currently working on a new release. It will have changes and enhancements as well the latest versions of all the relevant software.
I can do certain work without needing the OS installed, but I am hoping to use FreeBSD 6.2-Release as the base for the real release, if it won't be too long.
He never replied, and I was never able to figure out
why DNS blacklists don't work in that configuration.
Yes, sorry about that. I haven't had time to reply to every question, though I try to reply to most.
However, on this one, I don't know the answer, so I will/would need to look it up. Someone else may be just as successful looking it up on their own, however.
On the web interface when you release a spam item it
doesnt disappear from the list. Is it possible for it
to disappear from the list when you release it.
Also a good feature to have on the web interface
would be that you can select multiple messages by
checkin the box and than release all that are checked.
Yep, both good features. Both should be in the next release, which is what I am working on now, the first as an option and the second just an enhancement. There is a chance I may switch quarantine interfaces to an OSS project rather than the viewer I wrote. It would also make these available, I believe. I haven't finalized my decision on the switch, as the functionality of the interfaces is similar, and it would be easier for me to make changes and enhancements to my viewer.
telackey,
I wonder if you could give a more detailed
enumeration than you did earlier about what
permissions (and anything else for that matter) that
need to be reset after such an update. I have not
encountered any functional problems yet but I don't
use the www tools.
My plans include a reset permissions script, that will handle all this in case things get out of whack. When I have written it, I can probably give you a complete list of files and their necessary permissions. I can say that what I was particularly concerned about were the permissions of the ClamAV DB (/var/db/clamav) and logs (/var/log/clamav). These should be 644 for vscan:vscan the DB and 640 for vscan:vscan for the logs. The key thing there is that the user is vscan, not clamav.
I am also configuring sa-update to download the SARE
recommended rules from RulesEmporium (as outlined
here:
http://daryl.dostech.ca/sa-update/sare/sare-sa-update-
howto.txt). As such I no longer need the RulesDuJour
updates or the cron job. Could you tell me how to
delete this cron job, or at least which user it runs
under. I can't seem to find it.
Just remove the symlink at:
/etc/periodic/daily/477.rules_du_jour
Since updating amavisd (I think) there is a little
changed behaviour. On boot, directly after the
amavisd service starts I now get the message:
"Configuring syscons: blanktime". Also, if stopping
amavisd the process won't stop by itself and has to
be killed (I forget the name of what does that - but
it is reported to the screen). I don't think any of
these happened before the update, so is this OK?
I don't know for sure, but while it sounds less than ideal, it doesn't sound like a big deal.
Last questions are more general.
I have done quite a bit of reconfiguring and
customizing now. Will all this be wiped out with new
updates?? and/or if I run the initial config again?
Updates generally haven't and won't change your config files. Running setup however, it depends on the file. Certain files could be wiped out, specifically SA's local.conf, amavisd.conf, the viewer's config file, and the postfix conf files.
There are two options. One is to merge your changes into the templates at /usr/local/etc/conftemplates/ before re-running. The other is always good, which is to make sure to backup your conf before doing a setup, so you could always copy your file back if needed. The best way to do that is by running: backup_conf.
Will a newer release of SpamAssassin be included soon
to make the upgrade to (at least) v3.0104 for the
FuzzyOcr install unnecesary?
I plan to use the latest SA available from ports at the time of the next release.
There was talk of getting a proper forum for VA a few
pages ago ... is this still on the cards? (this
thread is impossible to search)
I don't know.
Lastly thanks for a great VA ... you've succeeded in
helping me onto *nix, and introduced me to
SpamAssassin, Postfix, and FreeBSD, all in one shot.
I'm very grateful.
I am glad it has been of help and use!
Telackey -
I finally got it to work. I had to edit amavisd.conf and modify the @mynetworks parameter to include any of the ISP's smtp servers that could possibly forward the message to this VM. It turns out that the networks value in the local.cf file isn't used with Amavisd-new. I like to have never figured that out.
This particular setup isn't my favorite, but the client was a adamant about making sure that e-mails related to orders, invoicing and tech support are in no way filtered. They don't even want them passing through another mail server. The only way for me to accomplish that was to put SV behind their front-end server, and forward from SV to their Exchange Server.
It is different, but I finally got it to work.
Any ETA on new release? Are you talking days or weeks?
Thanks and I cant wait to see the new release, keep the good work.
Any ETA on new release? Are you talking days or
weeks?
Thanks and I cant wait to see the new release, keep
the good work.
Weeks. I have some more work to do on my end and I am hoping to use FreeBSD 6.2-Release, which is currently at RC2.