y, so no data loss should occur, correct?)
Josh Kelley
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIM
On 11/3/06, David F. Skoll <[EMAIL PROTECTED]> wrote:
Josh Kelley wrote:
> Any other ideas on how to track this problem down?
Not really..
Try turning of embedded Perl. If that fixes things, I'd leave
it off. Embedded Perl isn't actually all that much of a win.
Thanks
hold a file descriptor open
(fixed in MIMEDefang 2.42). I'm starting to wonder if it would be
better if mimedefang-multiplexor not close file descriptors on a fork,
to avoid problems like this, since I don't see any good way for it to
know what FDs SpamAssassin, nss libraries, and so o
ate SpamAssassin configurations for each
recipient.
MIMEDefang also loads its own sa-mimedefang.cf file by default; that
may affect its configuration.
Josh Kelley
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NUL
setting of LOCAL_STATE_DIR and
eval'ing it?
my $LOCAL_STATE_DIR;
my $setlocalstatedir = `grep '^my \$LOCAL_STATE_DIR' /usr/bin/sa-update`;
$setlocalstatedir =~ s/^my //; # Remove leading "my" so that
$LOCAL_STATE_DIR isn't scoped locally to eval block
eval $setlocalstatedir
your submission port,
> or else coming from your internal networks... Or on messages that
> have no Received: lines...
Just what our users are using. I was already planning on doing
something like what you suggested (although I really hadn't figured
any details yet -
Defang can track this by grabbing the X-Mailer: header of
messages as they go through, and I thought that I'd ask the list to
see if anyone's already done this before I go write some code.
Alternatively, would there be a better way of doin
On 12/28/05, David F. Skoll <[EMAIL PROTECTED]> wrote:
> In the RPM case, you need to explicitly set the appropriate %Features member
> in your filter.
>
> I should document this better in the man page (and on the Wiki.)
I'd also suggest documenting it in the samp
you don't want ISPs reading your mail, encrypt the
messages, don't rely on TLS.
This is at least my understanding. If I'm missing something, please let
me know.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
virus scanners like ClamAV and (I
think) uvscan can catch some phishing scams.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/m
and have been quite happy.
He also provides a Mimedefang RPM; it's out of date at the moment, but
generally all it takes to get an update is an email and a one or two day
wait...
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.ca
over
top of the perl package, but that approach has obvious disadvantages.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman
return ('TEMPFAIL',
"$recipient... User mailbox is full, cannot deliver",
'452', '4.2.2');
}
}
return ('CONTINUE', 'ok');
}
Hope this helps.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
eople who have exceeded their quota and exceeded their grace
period.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
FWIW, our sales rep gave the same answer - one server or username (don't
remember which) running MIMEDefang, so one license.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang@lists.ro
clue if the Unix
version catches them.
I checked; the Unix version does catch phishing. We also used to use it
to catch phishing before ClamAV updated.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
sks with the noatime option, you can
check the access time on the uvscan binary to see if it's being called:
ls -l --time=access /path/to/uvscan
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
MIMEDefang
Mike Carlson wrote:
I didnt get a URIBL score at all.
Check that you've installed a recent enough version of Net::DNS. For
example, version 0.31, which ships with RHEL 3, is too old. SURBL
checks will silently fail if Net::DNS is out of date.
Josh K
st noticed messages similar to this after adding the bugfix listed
above, so I'm pretty sure they're related. The warnings should be
harmless, so I've just ignored them.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.ca
adecimal string identifying the file
type) in curly brackets and use that as a file extension. At least one
virus has used this technique to hide its extension.
See http://www.geocities.com/uzipaz/eng/safe.html, item 8, for more details.
Josh Kelley
___
MILTER support from the RPM.
Also note that the most recent updates to RHEL 3 include a
sendmail-devel RPM, so if that's all that you're lacking, you don't even
need to rebuild the source RPM.
Josh Kelley
___
Visit http://www.mimedefa
hile, so you can test out ClamAV and make sure that it isn't letting
anything through to Sophie.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
#x27;ve seen ClamAV (very rarely) miss a virus that NAI uvscan
catches, and I've seen uvscan may miss a virus that McAfee VirusScan for
Windows (also an NAI product) catches. I would guess that this is
what's causing you to see a few viruses slip through.
Josh Kelley
__
server is not functioning?
I haven't used it, but it sounds like nullmailer should do what you're
asking:
http://untroubled.org/nullmailer/
We've had good results using sendpage to page us via modem if email goes
down:
http://sendpage.cpoint.ne
tion: Add a closelog() call to mimedefang-multiplexor.c's
activateSlave function, just before "Close unneeded file descriptors" loop.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing li
Notice the -E.
Verify that it had embedded support when it was compiled.
I've verified that the -E is listed in the ps auxwww listing, and I've
verified that embedded support was compiled in. Any other suggestions?
Josh Kelley
___
ot;, which should mean that embedded Perl
is enabled.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
this? Any suggestions on how I could
track down the problem?
Thanks.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
cket::INET, and without seeing your code or the
exact warnings, I'm just guessing.
Hope this helps.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Stephen Smoogen wrote:
On Fri, 2004-03-05 at 12:37, Josh Kelley wrote:
1. Most mass-mailing viruses are sent directly by the virus, in which
case no one will see any bounces generated.
Right and Wrong. Most mass mailing viruses are sent by the virus, but
with a spoofed email address
David F. Skoll wrote:
On Fri, 5 Mar 2004, Josh Kelley wrote:
he mimedefang-filter manpage still recommends using action_bounce
rather than action_discard. Is action_bounce no longer recommended?
Right. I should fix the man page.
I'm sure that this topic has come up many times on the
David F. Skoll wrote:
* Default action for viruses (in the sample filter) is now discard.
The mimedefang-filter manpage still recommends using action_bounce
rather than action_discard. Is action_bounce no longer recommended?
Josh Kelley
___
Visit
ations added inline, when that's not at all what I would expect.
Josh Kelley
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
on blocking via the SBL? Or should I just accept that
if I'm going to block mail, I'm going to block a few legitimate ones by
mistake? I know that others on this list use the SBL - have you had any
similar problems?
Thanks.
Josh Kelley
___
David F. Skoll wrote:
However, sending INT to the multiplexor to reread the filter is
deprecated. Instead, you should use:
md-mx-ctrl reread
The Red Hat init script in redhat/mimedefang-init still uses kill -INT
and so should probably be updated.
Josh Kelley
35 matches
Mail list logo