Re: antivir-milter question
Today Martin Welk had this to say: Good morning, on Wed, Aug 03, 2005 at 08:41:53PM -0500, Denny White wrote: I had read where I needed to edit sendmail.mc but couldn't find it. Then read the equivalent mc file for freebsd I needed to edit was /etc/mail/freebsd.mc to which I added: INPUT_MAIL_FILTER( `antivir-milter', `S=unix:/var/spool/avmilter/avmilter.sock, F=T, T=S:10m;R:10m;E:10m' )dnl Then I did a `make install' to rebuild, what I thought, was sendmail.cf, but it's looking like I was way off beam. Here's what's in /var/mail/maillog: (...) I looks like your avmilter never gets used. Please have a look at your /etc/make.conf. This might include a line stating what sendmail mc file to use for generating your individual sendmail.cf: SENDMAIL_MC=/etc/mail/theatre.sax.de.mc Than, the corresponding line in /etc/mail/theatre.sax.de.mc is: INPUT_MAIL_FILTER(`avmilter',`S=inet:[EMAIL PROTECTED],F=R,T=S:10m;R:10m;E:10m') This is exactly from the antivir-milter documentation, and the only thing I did afterwards was make make install make restart Since than, it's just working. Of course, I've set up a start script in /usr/local/etc/rc.d that enables avmilter at system startup. Do you probably have some older version? Mine is using sockets, not a pipe. Does your avmilter listen on some port? (Mine is using default, .) Regards, Martin -- ,,Oh, there's a lot of opportunities, if you're knowing to take them, you know, there's a lot of opportunities, if there aren't you can make them, make or break them!'' (Tennant/Lowe) Okay, maybe the script avmilter.sh in /usr/local/etc/rc.d is the problem. If you issue the command in the MANUAL to use port [EMAIL PROTECTED], it looks like this: avmilter -p inet:[EMAIL PROTECTED] But, here's the relevant portion from the script: case "$1" in start) if [ -x /usr/local/sbin/avmilter ]; then umask 0077 /bin/rm -f /var/spool/avmilter/avmilter.sock /usr/sbin/daemon -f /usr/local/sbin/avmilter \ -P /usr/local/etc/avmilter \ -p local:/var/spool/avmilter/avmilter.sock & umask 0022 echo -n " avmilter" fi ;; stop) So, theres no mention of it there. This has really got me stumped! I checked /etc/make.conf & there's nothing there except some stuff I put for when I'm updating src & rebuilding. Nothing about sendmail. GnuPG key : 0x1644E79A | http://wwwkeys.nl.pgp.net Fingerprint: D0A9 AD44 1F10 E09E 0E67 EC25 CB44 F2E5 1644 E79A ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: antivir-milter question
Good morning, on Wed, Aug 03, 2005 at 08:41:53PM -0500, Denny White wrote: > I had read where I needed to edit sendmail.mc but couldn't find > it. Then read the equivalent mc file for freebsd I needed to edit > was /etc/mail/freebsd.mc to which I added: > > INPUT_MAIL_FILTER( > `antivir-milter', > `S=unix:/var/spool/avmilter/avmilter.sock, F=T, T=S:10m;R:10m;E:10m' > )dnl > > Then I did a `make install' to rebuild, what I thought, was > sendmail.cf, but it's looking like I was way off beam. Here's > what's in /var/mail/maillog: (...) I looks like your avmilter never gets used. Please have a look at your /etc/make.conf. This might include a line stating what sendmail mc file to use for generating your individual sendmail.cf: SENDMAIL_MC=/etc/mail/theatre.sax.de.mc Than, the corresponding line in /etc/mail/theatre.sax.de.mc is: INPUT_MAIL_FILTER(`avmilter',`S=inet:[EMAIL PROTECTED],F=R,T=S:10m;R:10m;E:10m') This is exactly from the antivir-milter documentation, and the only thing I did afterwards was make make install make restart Since than, it's just working. Of course, I've set up a start script in /usr/local/etc/rc.d that enables avmilter at system startup. Do you probably have some older version? Mine is using sockets, not a pipe. Does your avmilter listen on some port? (Mine is using default, .) Regards, Martin -- ,,Oh, there's a lot of opportunities, if you're knowing to take them, you know, there's a lot of opportunities, if there aren't you can make them, make or break them!'' (Tennant/Lowe) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: antivir-milter question
Today Martin Welk had this to say: On Wed, Aug 03, 2005 at 09:01:51AM -0500, Denny White wrote: I've read the docs on antivir-milter, installed it, set it up to verify downloaded updates with gpg, tested it to see if it's checking mail with eicar, & everything's working fine. Only thing is, I'd like it to show in my messages that they've been checked for viruses & I can't seem to get it do that. I know that the AddXHeader setting only works in commercial version, but it says if you set the ModifySubject to YES that it'll show up, as I understand it, appended to the subject. I did that & restarted it but still no notice. Any ideas/help appreciated. Denny White Hm, I'm using the personal version of antivir-milter, installed it just a few days ago - and for every checked mail, it puts a header like this in: X-AntiVirus: checked by AntiVir Milter (version: 1.1.0-7; AVE: 6.31.1.0; VDF: 6.31.1.54; host: theatre.sax.de) I suspect that something else is wrong. Does your sendmail delegate the mail to antivir-milter? Is it running? It should write some message into your /var/log/mailog, here's an example. Startup: ug 3 17:20:05 theatre avmilter[16541]: listening on: inet:[EMAIL PROTECTED] Aug 3 17:20:06 theatre avmilter[16541]: engine version: 6.31.1.0 Aug 3 17:20:06 theatre avmilter[16541]: vdf version: 6.31.1.54 Aug 3 17:20:06 theatre avmilter[16541]: addressfilter not active Aug 3 17:20:06 theatre avmilter[16541]: extension blocking is disabled Aug 3 17:20:06 theatre avmilter[16541]: running in private mode Aug 3 17:20:40 theatre sendmail[16570]: j73FKeek016570: Later: Aug 3 17:20:41 theatre sm-mta[16579]: j73FKfm7016579: Milter add: header: X-AntiVirus: checked by AntiVir Milter (version: 1.1.0-7; AVE: 6.31 .1.0; VDF: 6.31.1.54; host: theatre.sax.de) I didn't do anything except following the installation instructions, that means, I've put the required m4 macro string into my mc file and rebuilt the sendmail.cf. From that on, it was working instantly like a charm Oh yes, and with the EICAR test signature it generates an alert mail to the postmaster and puts the file into the rejected files directory (for my installation, /var/spool/avmilter/rejected). The only thing I had to change was the path to sendmail, in /etc/avmilter.conf it isn't set and the default points to /usr/lib/sendmail - on FreeBSD that's /usr/sbin/sendmail. Regards, Martin -- ,,Oh, there's a lot of opportunities, if you're knowing to take them, you know, there's a lot of opportunities, if there aren't you can make them, make or break them!'' (Tennant/Lowe) I had read where I needed to edit sendmail.mc but couldn't find it. Then read the equivalent mc file for freebsd I needed to edit was /etc/mail/freebsd.mc to which I added: INPUT_MAIL_FILTER( `antivir-milter', `S=unix:/var/spool/avmilter/avmilter.sock, F=T, T=S:10m;R:10m;E:10m' )dnl Then I did a `make install' to rebuild, what I thought, was sendmail.cf, but it's looking like I was way off beam. Here's what's in /var/mail/maillog: Aug 3 01:54:15 dualman avmilter[80193]: listening on: local:/var/spool/avmilter/avmilter.sock Aug 3 01:54:19 dualman avmilter[80193]: engine version: 6.31.1.0 Aug 3 01:54:19 dualman avmilter[80193]: vdf version: 6.31.1.46 Aug 3 01:54:19 dualman avmilter[80193]: addressfilter not active Aug 3 01:54:19 dualman avmilter[80193]: extension blocking is disabled Aug 3 01:54:19 dualman avmilter[80193]: running in private mode Aug 3 19:44:45 dualman avmilter[497]: listening on: local:/var/spool/avmilter/avmilter.sock Aug 3 19:44:50 dualman avmilter[497]: engine version: 6.31.1.0 Aug 3 19:44:50 dualman avmilter[497]: vdf version: 6.31.1.50 Aug 3 19:44:50 dualman avmilter[497]: addressfilter not active Aug 3 19:44:50 dualman avmilter[497]: extension blocking is disabled Aug 3 19:44:50 dualman avmilter[497]: running in private mode It's listening on local:/var/spool/avmilter/avmilter.sock, so apparently I've botched things up. Can you clear up for me about the sendmail.cf? I googled around & read in the fbsd mailing list. The best I could come up with was what I stated earlier, that the file I needed to edit was freebsd.mc Denny White GnuPG key : 0x1644E79A | http://wwwkeys.nl.pgp.net Fingerprint: D0A9 AD44 1F10 E09E 0E67 EC25 CB44 F2E5 1644 E79A ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: antivir-milter question
On Wed, Aug 03, 2005 at 09:01:51AM -0500, Denny White wrote: > I've read the docs on antivir-milter, installed it, > set it up to verify downloaded updates with gpg, > tested it to see if it's checking mail with eicar, > & everything's working fine. Only thing is, I'd > like it to show in my messages that they've been > checked for viruses & I can't seem to get it do > that. I know that the AddXHeader setting only works > in commercial version, but it says if you set the > ModifySubject to YES that it'll show up, as I > understand it, appended to the subject. I did that > & restarted it but still no notice. Any ideas/help > appreciated. > Denny White Hm, I'm using the personal version of antivir-milter, installed it just a few days ago - and for every checked mail, it puts a header like this in: X-AntiVirus: checked by AntiVir Milter (version: 1.1.0-7; AVE: 6.31.1.0; VDF: 6.31.1.54; host: theatre.sax.de) I suspect that something else is wrong. Does your sendmail delegate the mail to antivir-milter? Is it running? It should write some message into your /var/log/mailog, here's an example. Startup: ug 3 17:20:05 theatre avmilter[16541]: listening on: inet:[EMAIL PROTECTED] Aug 3 17:20:06 theatre avmilter[16541]: engine version: 6.31.1.0 Aug 3 17:20:06 theatre avmilter[16541]: vdf version: 6.31.1.54 Aug 3 17:20:06 theatre avmilter[16541]: addressfilter not active Aug 3 17:20:06 theatre avmilter[16541]: extension blocking is disabled Aug 3 17:20:06 theatre avmilter[16541]: running in private mode Aug 3 17:20:40 theatre sendmail[16570]: j73FKeek016570: Later: Aug 3 17:20:41 theatre sm-mta[16579]: j73FKfm7016579: Milter add: header: X-AntiVirus: checked by AntiVir Milter (version: 1.1.0-7; AVE: 6.31 .1.0; VDF: 6.31.1.54; host: theatre.sax.de) I didn't do anything except following the installation instructions, that means, I've put the required m4 macro string into my mc file and rebuilt the sendmail.cf. From that on, it was working instantly like a charm Oh yes, and with the EICAR test signature it generates an alert mail to the postmaster and puts the file into the rejected files directory (for my installation, /var/spool/avmilter/rejected). The only thing I had to change was the path to sendmail, in /etc/avmilter.conf it isn't set and the default points to /usr/lib/sendmail - on FreeBSD that's /usr/sbin/sendmail. Regards, Martin -- ,,Oh, there's a lot of opportunities, if you're knowing to take them, you know, there's a lot of opportunities, if there aren't you can make them, make or break them!'' (Tennant/Lowe) pgpLxbwVfQpju.pgp Description: PGP signature
RE: antivir-milter question
> I've read the docs on antivir-milter, installed it, > set it up to verify downloaded updates with gpg, > tested it to see if it's checking mail with eicar, > & everything's working fine. Only thing is, I'd > like it to show in my messages that they've been > checked for viruses & I can't seem to get it do > that. I know that the AddXHeader setting only works > in commercial version, but it says if you set the > ModifySubject to YES that it'll show up, as I > understand it, appended to the subject. I did that > & restarted it but still no notice. Any ideas/help > appreciated. > Denny White Just an idea: run antivir through amavis-milter, as amavis is possibly a bit more configurable. The port is security/amavisd-new. Norbert ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
antivir-milter question
I've read the docs on antivir-milter, installed it, set it up to verify downloaded updates with gpg, tested it to see if it's checking mail with eicar, & everything's working fine. Only thing is, I'd like it to show in my messages that they've been checked for viruses & I can't seem to get it do that. I know that the AddXHeader setting only works in commercial version, but it says if you set the ModifySubject to YES that it'll show up, as I understand it, appended to the subject. I did that & restarted it but still no notice. Any ideas/help appreciated. Denny White GnuPG key : 0x1644E79A | http://wwwkeys.nl.pgp.net Fingerprint: D0A9 AD44 1F10 E09E 0E67 EC25 CB44 F2E5 1644 E79A ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: milter question... .
Hallo Gary Kline, > I've just installed the mail/antivirus-milter; it looks > promising--to get rid of those annoying *zip, *pif, &c > spams. But this port also installs its own version of > sendmail. I just upgraded to the latest 4.8 and assume > that my sendmail is valid. you can use the libmiter from baseby setting in /etc/make.conf: SENDMAIL_MILTER_IN_BASE=yes > And I safe in modfying the > scripts in /usr/local/etc/rc.d to point to /usr/sbin/sendmail? yes ... set sendmail_enable="NONE" in /etc/rc.conf and use the modified "sendmail.sh" to start it. Beacause all milter must start before sendamil. kind regards Dirk - Dirk Meyer, Im Grund 4, 34317 Habichtswald, Germany - [EMAIL PROTECTED],[EMAIL PROTECTED],[EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
milter question... .
A day or so ago I asked someone for some clues on setting up the sendmail mail-filter, milter. As usual, less than ten minutes later google found what I was looking for on the web. ( ... ) I've just installed the mail/antivirus-milter; it looks promising--to get rid of those annoying *zip, *pif, &c spams. But this port also installs its own version of sendmail. I just upgraded to the latest 4.8 and assume that my sendmail is valid. And I safe in modfying the scripts in /usr/local/etc/rc.d to point to /usr/sbin/sendmail? thanks for any clues here, people, gary -- Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"