System: RedHat 9, ClamAv 0.67, MailScanner 4.28, Exim 4.24


*********************************
Install Spamassasin
*********************************
# cd /usr/local/directadmin/scripts
# ./spam.sh

You can also tweak spam.sh so that it picks up the latest version.

!Do not modify exim.conf to use spamassassin!
!Do not load spamd

I'm still trying to figure out if spamd is needed by somebody...


*********************************
Install ClamAV
*********************************
# wget http://crash.fce.vutbr.cz/crash-hat/1/clamav/clamav-0.72-1.i386.rpm

# rpm -Uvh clamav*.rpm

!Do not setup a cron for updates


*********************************
Install MailScanner
*********************************
# wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.28.6-1.rpm.tar.gz
# tar -zxvf MailScanner-4.28.6-1.rpm.tar.gz
# cd MailScanner-4.28.6-1
# ./Update-MakeMaker.sh
# ./install.sh
# chown -R mail:mail /var/spool/MailScanner

Note : Install missing modules when asked

# chown -R mail:mail /var/spool/MailScanner


*********************************
Configure Exim
*********************************
We need to run two Exim daemons: one to listen for SMTP connections, and one to do queue runs on the outgoing spool directory.

Thus, we need two .conf files. One for each exim process. The one created by directadmin will be used for incoming emails, we will tweak that one.

Backup
# cp /etc/exim.conf /etc/exim.back
Duplicate
#cp /etc/exim.conf /etc/exim_outgoing.conf

Configure
# pico -w /etc/exim.conf

and add the following lines in the main part of the configuration:

spool_directory = /var/spool/exim.in
queue_only = true
queue_only_override = false
log_file_path = /var/spool/exim/msglog/%slog


# pico -w /etc/init.d/exim

Original:
QUEUE=
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"

Change this to:
QUEUE="15m"
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -C /etc/exim_outgoing.conf"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"


Create the following directories: /var/spool/exim.in,
/var/spool/exim.in/input,
/var/spool/exim.in/data,
/var/spool/exim.in/db

# mkdir /var/spool/exim.in
etc.

and assign them to mail.

# chown mail:mail /var/spool/exim.in


*********************************
Configure MailScanner
*********************************
#pico -w /etc/MailScanner/MailScanner.conf

and change theses settings:

Use you language for reports
%report-dir% = /etc/MailScanner/reports/fr

%org-name% = (Your org. name)
Run As User = mail
Run As Group = mail
Incoming Queue Dir = /var/spool/exim.in/input
Outgoing Queue Dir = /var/spool/exim/input
MTA = exim
Sendmail = /usr/sbin/exim -C /etc/exim.conf
Sendmail2 = /usr/sbin/exim -C /etc/exim_outgoing.conf
Virus Scanners = clamav
Use SpamAssassin = yes
Always Include SpamAssassin Report = yes

# pico -w /etc/sysconfig/MailScanner

MTA=exim
EXIM=/usr/sbin/exim
EXIMINCF=/etc/exim.conf # Incoming configuration file
EXIMSENDCF=/etc/exim_outgoing.conf # Outgoing configuration file


*********************************
Antivirus Auto-update
*********************************
Modify ClamAV scanner
# pico -w /usr/lib/MailScanner/clamav-autoupdate
Change this:
$PackageDir = "/usr";
$LogFile = "/var/log/clam-update.log";
$LockFile = "/var/log/ClamAVBusy.lock";


*********************************
Test MTA
*********************************
Stop the MailScanner process if it's running and restart the exim processes

# service MailScanner stop
# service exim restart

Try to send an email to an account that the exim is handling. When the email arrives it should be placed in the /var/spool/exim.in/input
directory. If it doesn't then the exim incoming process isn't working properly.

Now start the MailScanner.

# service MailScanner start

The email should now be moved from the directory and moved to /var/spool/exim/input where

it will be processed by the outgoing exim process.

You can view /var/log/maillog to see if the MailScanner scanned the file.

If the last two steps aren't working check the /var/log/maillog, /var/log/exim/exim_*,

/var/spool/exim/msglog/* for errors.


*********************************
Officially launch MailScanner
*********************************
Now that we've checked that everything is working, we can officially launch Mailscanner on the server.

# service exim stop
# service MailScanner stop
# killall exim
# service MailScanner start

If properly configured, Mailscanner will launch exim and scan your emails.


*********************************
Test virus scanner
*********************************
Try to send an email with a virus included and see if MailScanner detects it.

Just type this in a virus.txt file :

$CEliacmaTrESTuScikgsn$FREE-TEST-SIGNATURE$EEEEE$

and attach it in a test email.

------------------------------------------------------------------------

Original Howto made by :
Kaare Christensen, Mermaid Consulting ApS
kaare[at]mermaidconsulting[dot]com
http://www.mermaidconsulting.com

i have the follow error with creating exim.in/input dir


[root@internetplaza /]# mkdir /var/spool/exim.in/input
mkdir: cannot create directory `/var/spool/exim.in/input': No such file or directory

OK, one step was missing.

We have to create exim.in first

Originally posted by interfasys
OK, one step was missing.

We have to create exim.in first

Oke i have now a error with
/var/spool/MailScanner/incoming permission's are not correct

what's the owner etc for this dir


EDIT okee i have the problem /var/spool/MailScanner/incoming owner was root changed to mail

i have still a problem with the virusscanner.

if i look in de follow dir
/var/spool/exim/input there a plenty files that's not good there must going to the user mailboxes

i'm i right?

Originally posted by interfasys
# chmod -R mail:mail /var/spool/MailScanner

should that be chown?

Originally posted by ProWebUK
should that be chown?

Yes it's chown -R mail:mail /var/spool/MailScanner

Ooops! =)

Ive installed mail scanner, but it dont detect the viruse you supplied, i get the e-mails but with the viruses attached still.

I used a fake virus site called http://sidebit.com/ProjectVirusTest.php and i dont seem to get that mail.

When i type service MailScanner restart i get the following:

[root@diradmin MailScanner-4.24-5]# service MailScanner restart
Shutting down MailScanner daemons:
MailScanner: [ OK ]
incoming sendmail: head: /var/run/sendmail.in.pid: No such file or dire
ctory
[ OK ]
outgoing sendmail: head: /var/run/sendmail.out.pid: No such file or dir
ectory
[ OK ]
Starting MailScanner daemons:
incoming sendmail: [ OK ]
outgoing sendmail: [ OK ]
MailScanner: [ OK ]

Ive checked my mail log and it has this in:

Nov 24 13:26:46 diradmin MailScanner[15080]: MailScanner E-Mail Virus Scanner v$
Nov 24 13:26:46 diradmin MailScanner[15080]: Using locktype = posix
Nov 24 13:26:46 diradmin MailScanner[15080]: Creating hardcoded struct_flock su$
Nov 24 13:26:56 diradmin MailScanner[15095]: MailScanner E-Mail Virus Scanner v$
Nov 24 13:26:56 diradmin MailScanner[15095]: Using locktype = posix
Nov 24 13:26:56 diradmin MailScanner[15095]: Creating hardcoded struct_flock su$
N

Originally posted by WilcoOnline
Yes it's chown -R mail:mail /var/spool/MailScanner

:p i realised that, was trying to bring it to interfasys' attention

Chris

Originally posted by jasonyates
Ive installed mail scanner, but it dont detect the viruse you supplied, i get the e-mails but with the viruses attached still.

I used a fake virus site called http://sidebit.com/ProjectVirusTest.php and i dont seem to get that mail.

When i type service MailScanner restart i get the following:

[root@diradmin MailScanner-4.24-5]# service MailScanner restart
Shutting down MailScanner daemons:
MailScanner: [ OK ]
incoming sendmail: head: /var/run/sendmail.in.pid: No such file or dire
ctory
[ OK ]
outgoing sendmail: head: /var/run/sendmail.out.pid: No such file or dir
ectory
[ OK ]
Starting MailScanner daemons:
incoming sendmail: [ OK ]
outgoing sendmail: [ OK ]
MailScanner: [ OK ]

Hi i have the same problem and i have no soluction 4 this, anybody maybe?

/

I used to have that problem too, but then I redid the following steps and it worked.

Turn off mailscanner
Restart exim
Turn on mailscanner

Originally posted by interfasys
I used to have that problem too, but then I redid the following steps and it worked.

Turn off mailscanner
Restart exim
Turn on mailscanner


This is not the soluction.. i have after 1 minut the same problem

I get no output from either command, the first one took ages to do then i got no output from the second.

I tried to shutdown mail scanner, and i got the same message.

Also now i cannot use the e-mail address support@corehost.co.uk, i can recieve no mail sent to that address.

try the following

*Stop* mailscanner

# pico -w /etc/rc.d/init.d/MailScanner

you need to replace the lines:

INPID=/var/run/sendmail.in.pid
OUTPID=/var/run/sendmail.out.pid

with your exim pid files

*start* mailscanner

This may work, it may not.

Chris

I still get the same message:

[root@diradmin root]# service MailScanner restart
Shutting down MailScanner daemons:
MailScanner: [ OK ]
incoming sendmail: head: /var/run/sendmail.in.pid: No such file or dire
ctory
[ OK ]
outgoing sendmail: head: /var/run/sendmail.out.pid: No such file or dir
ectory
[ OK ]

Did you stop mailscanner, follow that and start it (not restart)?

./install.sh


Good. You have the patch command.

Your /usr/src/redhat, /usr/src/RPM or /usr/src/packages
tree is missing.
If you have access to an RPM called rpm-build
install it first and come back and try again.

i did have the same on RH9:

Good. You have the patch command.

Your /usr/src/redhat, /usr/src/RPM or /usr/src/packages
tree is missing.
If you have access to an RPM called rpm-build
install it first and come back and try again.

You have to do the following
wget http://ftp.redhat.com/pub/redhat/linux/9/en/os/i386/RedHat/RPMS/rpm-build-4.2-0.69.i386.rpm

rpm -Uvh rpm-build-4.2-0.69.i386.rpm

A simple 'fix in the error' type problem there :)

Originally posted by ProWebUK
try the following

Stop mailscanner

# pico -w /etc/init.d/MailScanner

ctrl & w

enter 'sendmail.in.pid'

replace sendmail.in.pid with sendmail.pid

*start* mailscanner

This may work, it may not.

Chris

Just wondering, exim calls it's pid file exim.pid, so why not use that one instead of sendmail ?
We aren't really using the sendmail service while using exim, so why use it's pid file for MailScanner ?

Have no idea where or why I thought of that... in another thread which is basically the same problem i gave the soloution:

in /etc/rc.d/init.d/MailScanner you need to replace the lines:

INPID=/var/run/sendmail.in.pid
OUTPID=/var/run/sendmail.out.pid

Will modify my post to match that in a moment

I did a
locate sendmail | grep -v webmin | grep -v php
On two servers, but didn't find anything relevant.
I must admit, on one of the servers the Exim installation isn't perfect, but shouldn't those pid files be there when Exim is running ?
Or is there indeed something wrong with the names ?

Sendmail should not be installed.... which is why the sendmail.*.pid files should *not* exist....

why i said to replace sendmail.*.pid files with sendmail.pid, I honestly have no idea!

In my system, I only get the errors when shutting down MailScanner.

When I launch it I got no error and I can see sendmail.out.pid in # ps aux | grep sendmail

check /var/run for any other sendmail PID files..... should be there if you have sendmail, although if you read the DirectAdmin installation page it suggests you remove it if you have it before the installation and it is not on the installation list.

Chris

I have no sendmail.pid in /var/run
but I have this :

/usr/lib/sendmail
/usr/sbin/sendmail

even though I have not install any sendmail rpm.

ps aux gives me this:
mail 20492 0.0 0.0 6232 380 ? S Dec22 0:00 /usr/sbin/sendmail -q15m -OPidFile=/var/run/sendmail.out.pid
mail 15647 0.0 0.0 6228 376 ? S Dec22 0:00 /usr/sbin/sendmail -q15m -OPidFile=/var/run/sendmail.out.pid
mail 25219 0.0 0.2 6236 1240 ? S 00:42 0:00 /usr/sbin/sendmail -q15m -OPidFile=/var/run/sendmail.out.pid

Would that mean that I have to change my /etc/rc.d/init.d/MailScanner ?

My problem is that emails are being scanned, so I'm a bit puzzled....

I had the same problem with the pid files, even after editing /etc/rc.d/init.d/MailScanner

After looking further into it i found that there is another file in /etc/sysconfig.

What i have done is:

# service MailScanner stop
# vi /etc/sysconfig/MailScanner

Edited the folowing lines:

#
# Sendmail Settings
#
#INPID=/var/run/exim.pid
#OUTPID=/var/run/exim.pid

Saved the file.

# service MailScanner start

And that was the end of the errors.

It now scans incoming mail, and places the X-orgname-MailScanner tags in the headers.

I've modified the howto to use exim exclusively.

This requires more changes to be made.

I've also found out that we shouldn't start exim manually. Mailscanner is starting the two deamons for us. In order to avoid conflicts at boot time, we should type:
#chkconfig exim off

To start mailscanner after the latest changes, use this:
#service MailScanner stop
#service exim stop
#killall exim
#killall sendmail
#service MailScanner start

Now...
The main problem seems to come from DA. If we restart exim from the cp, we won't restart Mailscanner. If someone knows where to change this, let me know.

Originally posted by interfasys
I've modified the howto to use exim exclusively.

This requires more changes to be made.

I've also found out that we shouldn't start exim manually. Mailscanner is starting the two deamons for us. In order to avoid conflicts at boot time, we should type:
#chkconfig exim off

To start mailscanner after the latest changes, use this:
#service MailScanner stop
#service exim stop
#killall exim
#killall sendmail
#service MailScanner start

Now...
The main problem seems to come from DA. If we restart exim from the cp, we won't restart Mailscanner. If someone knows where to change this, let me know.

You may also want to remove sendmail from boot if you have it

chkconfig --del sendmail

and if you want you may also add mailscanner to replace that :)

chkconfig --level 2345 MailScanner on

followed then by your start command after installing:

service MailScanner start

Chris

From what I've seen,
chkconfig --del sendmail
shouldn't be necessary since we don't have sendmail installed (DA removes it at install time).
Sendmail only appears in the list of deamons when using the old MailScanner.conf

chkconfig --level 2345 MailScanner on
shouldn't be necessary since this is already done by the installation script ;)

As always...I could be wrong ;)

To check if sendmail is there just run

chkconfig --list

If it is, remove it else your ok :)

you can also check if mailscanner is there and if not add it using the command above.

Chris

Hello there, I have followed the how to, everything seems to be running properly but I still get mails with attached viruses.
In the header, I have :

X-Priority: 3
X-MSMail-Priority: Normal
Message-Id: <E1AlXHc-00074d-U4@share2.behostings.net>
X-behostings.be-MailScanner: Found to be infected, Found to be clean
X-Mail-Format-Warning: Bad RFC2822 header formatting in This is a multi-part message in MIME format.
X-Spam-Status: No, hits=1.8 required=5.0
tests=MISSING_MIMEOLE,NO_REAL_NAME,PRIORITY_NO_NAME
version=2.55
X-Spam-Level: *
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
X-behostings.be-MailScanner-Information: Please contact the ISP for more information
Subject: {Filename?}



What do I have to do to have this kind of email directly deleted by MailScanner ?

Can anyone confirm that this is 100% working? I need to get ClamAV running w/ Exim ASAP.

Thanks!

Ill probably test it within the next day or two if you have that time to wait.

Chris

Could the mailscanner version in the howto be updated please ?
Current command would be :
wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.26.6-1.rpm.tar.gz

[quote]# pico -w /etc/sysconfig/MailScanner

MTA=exim
EXIM=/usr/sbin/exim
EXIMINCF=/etc/exim.conf # Incoming configuration file
EXIMSENDCF=/etc/exim_outgoing.conf # Outgoing configuration file[quote]
What is this on a FreeBSD system? There is no /etc/sysconfig/MailScanner on FreeBSD.

Originally posted by netswitch
What do I have to do to have this kind of email directly deleted by MailScanner ?

Option should be in mailscanner.conf

Chris

I just tried to mail from one user to root on server but the mail just remains in exim.in. It never moves anywhere. What might be wrong then?

exim.in/msglog/.. says

2004-02-02 21:21:09 Received from gein@server.kontrollpanelen.se U=gein P=local S=492 id=20040202202109.GA81469@server.kontrollpanel
en.se

/var/log/exim/exim_mainlog says nothing.

r/ MailScanner dies after I while did i notice now.

Tried restarting mailscanner?

Chris

Yes, but after a few minutes it disappears. ps aux|grep MailScanner doesnt show any result after a few minutes that is.

Exim seems to be running though:
# ps aux|grep exim
mail 82186 0.0 0.2 3568 2144 ?? Is 10:01PM 0:00.00 /usr/sbin/exim -C /etc/exim.conf -oP /var/run/exim_in.pid -bd
mail 82488 0.0 0.2 3568 2136 ?? Is 10:01PM 0:00.00 /usr/sbin/exim -C /etc/exim_outgoing.conf -oP /var/run/exim_out.pid -q15m

ive tried restarting mailscanner several times.

Hello to all ,

I tried all the configs , i prety sure i installed it ok . its atrting stopping ok , no errors but the scanner itself simply dont scan .

I playd with all the configs and took every suggestunes posted here . simply nada .

Any idea will be great .

Are the additional headers being shown?

(check message source)

Chris

Nop .

no aditional headers in the emails source .

Another day like that and and the server simply overload with all this junk and viruses .

LOL

Originally posted by pilpelet
Hello to all ,

I tried all the configs , i prety sure i installed it ok . its atrting stopping ok , no errors but the scanner itself simply dont scan .

I playd with all the configs and took every suggestunes posted here . simply nada .

Any idea will be great .

Had this too for a while, it appeared ClamAV doesn't do anything before it's updated with freshclam (it doesn't have any virus definitions to begin with), after that it worked over here :d

Thanks ,

make sance , but come to think of it , its not the virus defention ,
the mailscanner dont scan (it doesnt add aditional header to the
email message source) asi understood it should .

No clues regarding my problem? How do I change logging mailscanner to an own log file. Doesnt find any logs from mailscanner.

Have a guide for FreeBSD?

hi,
this config is the same and for freebsd boxs?
Thanks for the answer.
Christos

The strangest thing is: MailScanner scans and block virus mails perfect, but all spam messages are still comming trough.

It seems like SpamAssassin is not beeing used by MailScanner.

Any one a solution to this ?

Oh and the second thing is that MailScanner does not scan every mail. I just send an email with a virus in it, and it still came trough MailScanner and there is also no reference in /var/log/maillog.
also no Header in the email message.

But when i look into /var/log/maillog I see that MailScanner did scan some mail, but not all email messages.

Anyone a solution to this 2 ? :)

Cedric

Hi,
so finaly have any right install of this in freebsd box?

Hello,

When a mail is sent by webmail it adds the header that the email is scanned by mailscanner, but when a mail is sent from another server to an mailbox on our server it doesn't scan the email (also doesn't add the header lines).

Anybody knows where to find our prob ?

Originally posted by Watje6
Hello,

When a mail is sent by webmail it adds the header that the email is scanned by mailscanner, but when a mail is sent from another server to an mailbox on our server it doesn't scan the email (also doesn't add the header lines).

Anybody knows where to find our prob ?
i have the same problem;
Mails sended by webforms or admin information mails from DirectAdmin get the headers (and the {Scanned} tag) but the mails i send from within MS Outlook don't get the headers. Anyone knows a for this solution?

Originally posted by YouCMe
i have the same problem;
Mails sended by webforms or admin information mails from DirectAdmin get the headers (and the {Scanned} tag) but the mails i send from within MS Outlook don't get the headers. Anyone knows a for this solution?

Stupid question: are you using the servers (that's in question) smtp server or own ISP ? :D

Further questions :
Can you post/attach your mailscanner config ?

Are both the exim's running good ?
(Didn't you reverse them or something, strange things happen when you reverse them)

Originally posted by blueice
Hi,
so finaly have any right install of this in freebsd box?

No

Originally posted by Icheb
Stupid question: are you using the servers (that's in question) smtp server or own ISP ? :D

Further questions :
Can you post/attach your mailscanner config ?

Are both the exim's running good ?
(Didn't you reverse them or something, strange things happen when you reverse them)
Config attached*
i'm using everything of the server, not from ISP and exim's are running fine as far as i know..

Originally posted by Icheb
Stupid question: are you using the servers (that's in question) smtp server or own ISP ? :D

Further questions :
Can you post/attach your mailscanner config ?

Are both the exim's running good ?
(Didn't you reverse them or something, strange things happen when you reverse them)
--------------------------------------------------------------------------------
first: all incomming mail is not scanned by MailScanner

second: My config: MailScanner.conf.txt (http://www.doebe.nl/pub/MailScanner.conf.txt)

third: They are running fine, but after a few minutes(like 30) the second exim proccess suddenly stops. And there are no errors.

Anyone has an idea .

I play with all the configes 2 night in a row .
The services works . start stop etc .
The server is working but dont show the mail scanner header also he doesnt scan .

The log shows :

MailScanner[3859]: MailScanner child caught a SIGHUP
MailScanner[3197]: MailScanner child caught a SIGHUP
MailScanner[3840]: MailScanner child caught a SIGHUP
MailScanner[3883]: MailScanner child caught a SIGHUP
MailScanner[3871]: MailScanner child caught a SIGHUP
MailScanner[7512]: MailScanner E-Mail Virus Scanner version 4.26.8 starting...
MailScanner[7512]: Using locktype = posix
MailScanner[7512]: Creating hardcoded struct_flock subroutine for linux (Linux-type)
MailScanner[8308]: MailScanner E-Mail Virus Scanner version 4.26.8 starting...
MailScanner[8308]: Using locktype = posix
MailScanner[8308]: Creating hardcoded struct_flock subroutine for linux (Linux-type)
MailScanner[8813]: MailScanner E-Mail Virus Scanner version 4.26.8 starting...
MailScanner[8813]: Using locktype = posix
MailScanner[8813]: Creating hardcoded struct_flock subroutine for linux (Linux-type)
MailScanner[8828]: MailScanner E-Mail Virus Scanner version 4.26.8 starting...
MailScanner[8828]: Using locktype = posix
MailScanner[8828]: Creating hardcoded struct_flock subroutine for linux (Linux-type)
MailScanner[8832]: MailScanner E-Mail Virus Scanner version 4.26.8 starting...
MailScanner[8832]: Using locktype = posix
MailScanner[8832]: Creating hardcoded struct_flock subroutine for linux (Linux-type)



after restarting mail scanner .

Thanks for any help .

Regards ,
:D

Originally posted by Watje6
Hello,

When a mail is sent by webmail it adds the header that the email is scanned by mailscanner, but when a mail is sent from another server to an mailbox on our server it doesn't scan the email (also doesn't add the header lines).

Anybody knows where to find our prob ?
Same problem here :(

Do not use service exim restart and it works perfect!

what do you mean ? :)

Cedric

service exim stop
service mailscanner stop
service mailscanner start

mailscanner should start the exim daemons itself.

Chris

I still have the problem that only mail that is send from the DA panel itself is scanned and nothing else.

Cedric

Hi ,

I second you on that , when i do :

service exim stop
service MailScanner stop
service MailScanner start

Exim doesnt get any messages at all , in other words the MTA doesnt work .

Also befor it seems that it all working exim , mailscanner but the emails that get to mailboxes doesnt include the mail scaner header like mentioed here .

:eek:

try adding service exim start after those 3, not enirely sure - not used mailscanner for some time now.

Chris

I've modified the Howto since I had a similar problem after a reboot. I reread the procedure and saw that the last steps were not clear.

The "test the MTA" procedure is there to check that emails are placed in the right folders, but after checking this, we should launch MailScanner with the proper commands.

*********************************
Officially launch MailScanner
*********************************
Now that we've checked that everything is working, we can officially launch Mailscanner on the server.

# service exim stop
# service MailScanner stop
# service MailScanner start

If properly configured, Mailscanner will launch exim and scan your emails.


---
It worked fine for me, let's hope it's OK for you too. Thank you to all the repliers of this thread.

Hi I get after setting all settings the follow:

[root@resellers2 root]# service MailScanner stop
Shutting down MailScanner daemons:
MailScanner: [FAILED]
incoming exim: [ OK ]
outgoing exim: [ OK ]
[root@resellers2 root]# service exim restart
Shutting down exim:
Starting exim: exim: bad time value -q15mTS=: abandoned
[FAILED]
[root@resellers2 root]# service MailScanner start
Starting MailScanner daemons:
incoming exim: [ OK ]
outgoing exim: [ OK ]
MailScanner: Can't locate Archive/Zip.pm in @INC (@INC contains: /usr/lib/MailScanner /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 . /usr/lib/MailScanner) at /usr/lib/MailScanner/MailScanner/Message.pm line 46.
BEGIN failed--compilation aborted at /usr/lib/MailScanner/MailScanner/Message.pm line 46.
Compilation failed in require at /usr/sbin/MailScanner line 52.
BEGIN failed--compilation aborted at /usr/sbin/MailScanner line 52.
[ OK ]

Any Tips?

I'm no expert, but I see two problems,

Your queue settings are wrong (typo or corrupt)

It seems MailScanner was not properly installed since it now complains about missing modules.

Originally posted by interfasys
I'm no expert, but I see two problems,

Your queue settings are wrong (typo or corrupt)

I do in putty - SSH the follow command: mkdir

Originally posted by interfasys

It seems MailScanner was not properly installed since it now complains about missing modules.

It is installed, I reinstall the mailscanner version: MailScanner-4.28.6-1

Worked like a champ for me... thanks for the great instructions.

You might want to update the urls for the latest files though:

ClamAV: wget http://crash.fce.vutbr.cz/crash-hat/1/clamav/clamav-0.67-5.i386.rpm

MailScanner: wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.28.6-1.rpm.tar.gz

OK, since it worked for you, I've replaced the URL ;)

But it still does not work for me :)

only the mail that i send from DA directly to a user is scanned. all other mail not.

Cedric

I do all the steps again but at the Test MTA it goes wrong (same problem)

Will somebody do the instal for my for a payment?

Since I am still figuring out Exim, MailScanner, ClamAV..etal I am a bit lost as to where ClamAV is logging any found viruses.

I installed this reporting script for ClamAV http://pandaemail.sourceforge.net/av-tools/ but am not showing any hits.... which is a good thing... and understand that there is not alot of email traffic on this particular server, so I am kinda feeling around in the dark a bit.

I see a /var/log/clamav dir but it is empty... some logging to /var/log/messages such as clamav updates..etc

How about a breakdown on where MailScanner, SpamAssassin, Exim and ClamAV are logging information to using the setup described in this thread?

UPDATE: Seems like everything is getting logged to /var/log/maillog which is what I used when setting up this script but the reporting script works on a weekly basis and March 14 was the last day of the last week so since I just installed all of these scripts and submitted a virus test email last night it won't show up....patience grasshopper.

It logs all mailscanner/clamav activities to /var/log/maillog.

If no virusses show up after installing, run 'freshclam' to install the virus information files (or to update them), this should be done after install since they aren't installed or downloaded when you install clamav.

Perhaps you could use the mailscanner-mrtg howto (it's somewhere on the site :D)

Ok... so I have killed spamd.. which is SpamAssassin and re-edited the exim.conf to put it back the way it should be for this install.

Did some reading about MailScanner and found this:

# Do you want to find spam using the "SpamAssassin" package?
# This can also be the filename of a ruleset.
Use SpamAssassin = yes

was set to =no but I changed to =yes then restarted MailScanner successfully.

but I am still not seeing any headers in the email with any type of scoring.. just that it's clean.. no viruses.

Ever since I killed SpamAssassin there are no emails with SA headers....

You sure about the installation instructions in this thread or am I missing something?

You won't get SA headers, but Mailscanner headers.

Here are mine :
X-interfaSys-MailScanner-Information: Scanned by interfaSys
X-interfaSys-MailScanner: Found to be clean
X-interfaSys-MailScanner-SpamCheck: n'est pas un polluriel,
SpamAssassin (score=0, requis 5)

That's my point.. I'm not getting:

X-interfaSys-MailScanner-SpamCheck: n'est pas un polluriel,
SpamAssassin (score=0, requis 5)

in any language :D

In fact.. here are the last three header lines from the email I received from this site regarding your post above:

X-American-MailScanner-Information: Please contact the ISP for more information
X-American-MailScanner: Found to be clean
X-MailScanner-From: apache@jbmc-software.com3

You might also want to take a look at my other thread I created to keep things clear:

http://www.directadmin.com/forum/showthread.php?s=&threadid=2493

interfasys:

I just found out that the mail is not going to /var/spool/exim.in/input/

Do you have an idea what can be wrong ?
Wrong setting or something like that ?

Cedric

To all:
I've added this in the MailScanner config section :
Use SpamAssassin = yes
Always Include SpamAssassin Report = yes

This should help people get started with SA.

ircman,
I'm sorry, I have no idea =/

Not sure ClamAV is updating, you say in your instructions to:

*********************************
Antivirus Auto-update
*********************************
Modify ClamAV scanner
# pico -w /usr/lib/MailScanner/clamav-autoupdate
Change this:
$PackageDir = "/usr";
$LogFile = "/var/log/clam-update.log";
$LockFile = "/var/log/ClamAVBusy.lock";

but that log doesn't exist in /var/log/

and the clamav-autoupdate has this line:

Sys::Syslog::openlog("ClamAV-autoupdate", 'pid, nowait', 'mail');

Should the log be renamed to ClamAV-autoupdate or ???? Or am I not looking at the right thing.

I've written this with an older clamav, so maybe the log has been renamed? IF that's the case, let me know.

I am still investigating but here is something else that needs to be added as it doesn't exist:

# cd /var/log
# touch clam-update.log
# chmod 644 clam-update.log
# chown clamav:clamav clam-update.log

OR

# chown mail:mail clam-update.log

just not sure which user as MailScanner basically takes over running CA from what I can tell... look at the file

/usr/lib/MailScanner/clamav-wrapper

/usr/lib/MailScanner/clamav-autoupdate refers to this log but the log didn't exist.

Well I'm trying to follow this rather complex thread and have followed page 1 instructions to the letter!

Some email gets scanned but I don't see anything in the headers of clean email even though the parameter is 'yes' in the config file.

If I ps aux|grep exim I get

mail 22876 0.0 0.1 6240 1808 ? S 15:08 0:00 /usr/sbin/exim -bd -C /etc/exim_outgoing.conf -q15m -oP /var/run/exim.pid

root 22898 0.0 0.1 6236 1796 ? S 15:08 0:00 /usr/sbin/exim -C /etc/exim.conf -bd

mail 22901 0.0 0.1 6232 1780 ? S 15:08 0:00 /usr/sbin/exim -C /etc/exim_outgoing.conf -q15m

root 22937 0.0 0.0 3576 636 pts/0 S 15:08 0:00 grep exim

Is that correct? I started with

service exim stop
service MailScanner stop
killall exim
service MailScanner start

but do I have too many exim processes or not?

I also noticed when running exim as a standalone process (the test step 1 in the start of this thread) that emails never appear in
/var/spool/exim.in/input as they are meant to.

<QUOTE>Try to send an email to an account that the exim is handling. When the email arrives it should be placed in the /var/spool/exim.in/input
directory. If it doesn't then the exim incoming process isn't working properly.</QUOTE>

Any ideas?

I am getting a little confused - can someone help me understand what is happening here

According to Olivers first post with the setup instructions we have to run two exim Daemons - one to receive normal SMTP traffic and the other to move messages for MailScanner - that's fine.

However the instructions tell us to edit /etc/exim.conf and set

spool_directory = /var/spool/exim.in

However we then edit /etc/MailScanner/MailScanner.conf and tell MailScanner that the messages can be found at

Incoming Queue Dir = /var/spool/exim.in/input

I keep sending messages to the server and yet they never appear in /var/spool/exim.in/input

Have I misunderstood something here?

Thanks

Steve

MailScanner[14368]:
Cannot create temporary Work Dir /var/spool/MailScanner/incoming/14368.
Are the permissions and ownership of /var/spool/MailScanner/incoming
correct?


Any idea? Found it in maillog

There are several clamav builds at : http://dag.wieers.com/packages/clamav/

just FYI :)

hi,

how can i make sure my mailscanner + Clamav is working and scanning emails? It seems like the error is still on-going...

thanks

Exim delivers messages to /var/spool/exim.in/input correctly.

But when MailScanner started ... nothing happens !! ... and MailScanner process dissapear in few minutes.

Where can I find the MailScanner logs? the /var/log/maillog isn't exist, and /var/spool/exim/msglog/* don't write anything about MailScanner ... only the "arrival" of the e-mail.

Thanks in advance !!

How can i delete MailScanner + ClamAV + SpamAssassin? And get everything back to normal? My outgoing email isnt working etc...somehow.

rpm -e clamav

edit the exim init script to the normal
and move back your exim backup then restart exim

Did that,

but seems like MailScanner still there
did rm -rf /etc/MailScanner and some other MailScanner folders

how do i remove it completely? Cause service MailScanner start etc.. still works

Also, remove SpamAssassin? Thanks

Try to remove the mailscanner init script

rm -f /etc/init.d/MailScanner

As for SpamAssassin, comment the spamassasin transport and director section in exim.conf

Just FYI, the clamav link on the first page of this howto is broken. need to host that file elsewhere, find another provider, or update the howto for clamav-0.70rc-1.i386.rpm which is the only version available on that site now.

Hello,

Remember that Syslog service must be started.

The MailScanner process dies everytime until I started Syslog service !!!

Xavi

Fixed clamav link

Im not seeing anything telling me that is being scanned in the headers.

This HOWTO looks great, but I'm wondering if it works on FreeBSD too. My servers are running FreeBSD not RedHat, but I want to install a mailscanner and spamfilter for my emails.

Can anyone tell me what the main differences are when using this howto while installing on FreeBSD.

Thanks in advance! :)

Hello,

The big difference is the rpm packages. Since they are compiled for redhat, you won't be able to use them. You will need to compile your own package from the source.

Originally posted by nebukazar
Hello,

The big difference is the rpm packages. Since they are compiled for redhat, you won't be able to use them. You will need to compile your own package from the source.

That's a quick reply :D

So you meen I need to install the software in the way the manual provide for FreeBSD? That would not be a problem!

Any other differences? I was thinking that maybe some paths are different...

well,

I think DA paths are the same for redhat and freebsd. So you won't have any problems with paths (I'm not 100% sure tho)

As for the software, you will need to install them but using either, a FreeBSD package-port or compile it from the source.

Thanks for the help, I will give it a try!

you can PM if you need help :)

At this moment, I'm trying to follow the howto. The installation of the software is done, but when I want to edit the mentioned files, I can't find them.

For example: # pico -w /etc/init.d/exim

In FreeBSD the startup works with /etc/rc files, I don't know in which file I must edit it. I can't even find it in de rc files.

Maybe some FreeBSD freak can help me out here :(

Originally posted by Flydesign.nl
At this moment, I'm trying to follow the howto. The installation of the software is done, but when I want to edit the mentioned files, I can't find them.

For example: # pico -w /etc/init.d/exim

In FreeBSD the startup works with /etc/rc files, I don't know in which file I must edit it. I can't even find it in de rc files.

Maybe some FreeBSD freak can help me out here :(

Is there no locate of find in FreeBSD ?

locate exim | grep etc or something should output the location of the config files, i guess... (Never worked with FreeBSD before, assuming that part works the same as RH)

Yes, the locate works with FreeBSD. I found the directory /usr/local/etc in which the directory rc.d is placed, with exim in it. But I can't find the string I need to replace.


#!/bin/sh
#
# exim This shell script takes care of starting and stopping exim
#
# chkconfig: 2345 80 30
# description: Exim is a Mail Transport Agent, which is the program \
# that moves mail from one machine to another.
# processname: exim
# config: /etc/exim.conf
# pidfile: /var/run/exim.pid

# Source function library.
. /usr/local/etc/rc.d/functions

# Source exim configureation.
if [ -f /etc/sysconfig/exim ] ; then
. /etc/sysconfig/exim
else
DAEMON=yes
QUEUE=1h
fi

[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"

[ -f /usr/sbin/exim ] || exit 0

start() {
# Start daemons.
echo -n "Starting exim: "
daemon /usr/sbin/exim $EXIM_OPTS -oP /var/run/exim.pid
RETVAL=$?
if [ $RETVAL = 0 ] && touch /var/spool/lock/exim
then
echo -e "\t\t[ OK ]";
else
echo -e "\t\t[ FAILED ]";
fi
}

stop() {
# Stop daemons.
echo -n "Shutting down exim: "
killall exim 2> /dev/null
RETVAL=$?
if [ $RETVAL = 0 ] && rm -f /var/spool/lock/exim
then
echo -e "\t[ OK ]";
else
echo -e "\t[ FAILED ]";
fi
}

restart() {
stop
start
}

# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
condrestart)
[ -f /var/lock/subsys/exim ] && restart || :
;;
status)
status exim
;;
*)
echo "Usage: exim {start|stop|restart|status|condrestart}"
exit 1
esac

exit $RETVAL


The file looks like this, maybe someon knows were to place the string mentioned in the howto.

Will this work with RH8 ?

Originally posted by joh2900
Will this work with RH8 ?

Think so :D
Well, it worked here :)

I did change
Use SpamAssassin = yes
it looks ok

but a have a another thing:::

[root@seleen init.d]# ./MailScanner start
Starting MailScanner daemons:
incoming sendmail: [ OK ]
outgoing sendmail: [ OK ]
MailScanner: perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = "en_US.WINDOWS-1251"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").

does anyone knows how to resolve this problem??

many thanks

when i run:

# service exim stop
# service MailScanner stop
# service MailScanner start

my exim keep failed?

[root@kaka input]# service exim stop
Shutting down exim:
[root@kaka input]# service MailScanner stop
Shutting down MailScanner daemons:
MailScanner: [ OK ]
[ OK ] incoming exim: [ OK ]
outgoing exim: [ OK ]
[root@apple input]# service MailScanner start
Starting MailScanner daemons:
incoming exim: [FAILED]
Could not find Exim installation, see /etc/sysconfig/MailScanner
outgoing exim: [FAILED]
Could not find Exim installation, see /etc/sysconfig/MailScanner
MailScanner: [ OK ]

Can you possible to re-write this updated HOWTO please?

I can see alot of users here having problem to follow this howto and fail to work at the end?.

Cheers! :)

Can anybody give me a new working url for clamav-0.70rc-1.i386.rpm (http://crash.fce.vutbr.cz/crash-hat/1/clamav/clamav-0.70rc-1.i386.rpm)?

rpmfind.net probably can :)

Chris

DennisCitus:
If you look at:
http://crash.fce.vutbr.cz/crash-hat/1/clamav/

You'll find : http://crash.fce.vutbr.cz/crash-hat/1/clamav/clamav-0.70-1.i386.rpm

Just a question, do I know you from webhostingtalk.nl ?

is this considered to be a default install by DA in a next update?

Originally posted by koos
i did have the same on RH9:

Good. You have the patch command.

Your /usr/src/redhat, /usr/src/RPM or /usr/src/packages
tree is missing.
If you have access to an RPM called rpm-build
install it first and come back and try again. This is fixed by RH9 just following the instructions by other members.

But you must use the Fedora-rpm and Fedora-rpmbuild if you want this rpm to work on Fedora as well.

Thanks Icheb :)

Hi, I have Redhat9.0 with DA. I installed Spamdassassin, MailScanner, and Clamav following this instruction. I checked all again and again going one by one.

1) Issues - with MailScanner running, I can not send and receive emails. When I check processors. it shows.

mail 21950 0.0 0.1 6216 1792 ? S 08:34 0:00 [exim]
mail 21953 0.0 0.1 6216 1764 ? S 08:34 0:00 [exim]
mail 21983 0.0 1.6 21080 16836 ? S 08:34 0:00 [MailScanner]
root 22196 0.0 0.0 1636 172 ? S 08:34 0:00 [vm-pop3d]
root 22206 0.0 0.0 1636 172 ? S 08:35 0:00 [vm-pop3d]
root 22208 0.0 0.0 1636 172 ? S 08:35 0:00 [vm-pop3d]
mail 22210 5.1 0.0 0 0 ? Z 08:36 0:02 [MailScanner <defunct>]
mail 22214 5.9 0.0 0 0 ? Z 08:36 0:02 [MailScanner <defunct>]
mail 22215 9.1 0.0 0 0 ? Z 08:36 0:02 [MailScanner <defunct>]
mail 22216 16.1 0.0 0 0 ? Z 08:36 0:02 [MailScanner <defunct>]
mail 22217 35.5 0.0 0 0 ? Z 08:36 0:02 [MailScanner <defunct>]

2) However, if I kill all MailScanner and just keep exim, then all work just fine.

Any idea what could go wrong or what I have done not right ?? MailScanner zombie consumes big CPU timeas shown above.

Thanks

Sun Joo

Originally posted by interfasys

*********************************
Officially launch MailScanner
*********************************
Now that we've checked that everything is working, we can officially launch Mailscanner on the server.

# service exim stop
# service MailScanner stop
# service MailScanner start

If properly configured, Mailscanner will launch exim and scan your emails.


This works for me as far as i can tell however I should point out that you cannot kill all the exim processses from the DA control panel.

It may be that the process is being run as mail and not root:

[root@sp1 cron.hourly]# ps auxw | grep exim
mail 21892 0.0 0.0 6496 1824 ? S May26 0:00 /usr/sbin/exim -q15m -OPidFile=/var/run/exim.pid

I find I have to manually enter shell and do a ps aux | grep exim and then kill the process.

Mailscanner stops as normal:

service MailScanner stop

I've also noticed that I have zombie MailScanner process (about 5 at the moment). Not too happy about that and would like to fix this.

Jon

All installed and working. ;)

only thing is that after a reboot i have to do these steps:

# service exim stop
# service MailScanner stop
# service MailScanner start

Because otherwise MailScanner isn't working.

How to fix this that it will work after a reboot?

How to start Mailscanner at boot:
On an rpm-based system such as redhat simply type this as root:
chkconfig --level 2345 MailScanner on

Regarding Clamav - grab the latest stable build from the clamav version. The one mentioned in this "how to" is an old build and is not considered stable.

If you would rather a different AV you can try Bit Defender which is free for linux systems, including servers.

FreeBSD : There is a MailScanner version in the ports tree - use that

Non-rpm based *nix: The default install paths for MS are completely different to those for rpm based systems, but a semi-automatic installer was released recently

Spam Assassin: Make sure that spamd and spamc are NOT running. Mailscanner does NOT use them.

Originally posted by jjma

I've also noticed that I have zombie MailScanner process (about 5 at the moment). Not too happy about that and would like to fix this.

Jon [/B]

Found that the maximum numbert of child processes by default is 5 with mailscanner so therefore five zombie processes are created.

Jon

You shouldn't be getting any zombie processes unless something is wrong with your installation. By default mailscanner restarts every couple of hours to avoid memory leaks and any processes would normally be killed.

I'verechecked and there are no zombie processes but mailscanner is still working.

Jon

Jon

Sorry, but you aren't making too much sense.

If you type "top" you will get an output of processes running including the number of "zombies" if any.

MailScanner will create 5 children by default. These are not zombies.

Originally posted by blacknight
Jon

Sorry, but you aren't making too much sense.

If you type "top" you will get an output of processes running including the number of "zombies" if any.

MailScanner will create 5 children by default. These are not zombies.

When I initially ran the program which was friday i did a top and found that there were 5 processes that were zombies. On doing a ps auxw | grep mail I saw that all five processes were MailScanners and as you rightly pointed out, MailScanner creates 5 child processes by default. Therefore all five had turned zombie.

However on a check this morning the zombie processes had all disappeared so I guess that MailScanner restarting every two hours must have resolved the problem.

Jon

Ah ok :)
I've never seen it produce zombies on any system I've ever installed it on....

Originally posted by blacknight
Ah ok :)
I've never seen it produce zombies on any system I've ever installed it on....

Neither had I ...... but maybe it was just a misdenomer

Jon

The stp by step worked great, I have one problem.


Nobody can send or recieve any attachments anymore.

Can somebody send me the details of what file I need to change to allow zip files and etc to be emailed.

Have a look in MailScanner.conf and also check your maillogs. If ALL attachments are being blocked you haven't installed / configured it correctly.

I have checked my MailScanner.conf file I read threw it and checked the two files that it points to for bad file types and other than that I have no clue were to look.

Mail when sent with attachments just dissappear.

Mail works fine when somebody sends you a message with a file attachment you get this ;

This is a message from the MailScanner E-Mail Virus Protection Service
----------------------------------------------------------------------
The original e-mail attachment "Design log 1.doc"
is on the list of unacceptable attachments for this site and has been
replaced by this warning message.

If you wish to receive a copy of the original attachment, please
e-mail helpdesk and include the whole of this message
in your request. Alternatively, you can call them, with
the contents of this message to hand when you call.

At Mon May 31 22:49:11 2004 the virus scanner said:
MailScanner: A long gap in a name is often used to hide part of it (Design log 1.doc)

Note to Help Desk: Look on the wehostthemost.com MailScanner in /var/spool/MailScanner/quarantine/20040531 (message 1BUzKr-0007GC-IH).
--
Postmaster
MailScanner thanks transtec Computers for their support.

Are you saying that ALL emails with attachments seem to vanish? The message you posted includes the MailScanner warning message about an invalid filename which it did block.

So, what emails with attachments are blocked? All or only some?

all files are being blocked. that was a .doc file that i sent you the message about.

Read the message it sent you carefully. It explains why it blocked the email attachment.
The configuration options for file names and types are located in :

filename.rules.conf
filetype.rules.conf

Try a simple sanity check. Send yourself an email with a plain text attachment (.txt) and see if it arrives.

I can send a text file ok, just no zip files, no gifs or jpgs.

Check your MailScanner.conf very carefully (it is very clearly commented)
Check the file rulesets I already mentioned.

Try to send an email to an account that the exim is handling. When the email arrives it should be placed in the /var/spool/exim.in/input

i just wanted to know how do i check if i got a mail in that dir?

go to that directory and run "ls"?? it doesn't show anything anyway...


and add the following lines in the main part of the configuration:

are you referring this part in exim configure file?

######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################

I stopped mailscanner, and restarted exim to test MTA but mail is still being delivered so its not going into /var/spool/exim.in/input.

About Bitdefender. It seems they don't have a very good record :
http://www.virusbtn.com/vb100/archives/products.xml?bitdefender.xml

Originally posted by interfasys
About Bitdefender. It seems they don't have a very good record :
http://www.virusbtn.com/vb100/archives/products.xml?bitdefender.xml
Acording to that site nearly every one fails!

Also you should compare like with like. You posted a link to a review of the windows AV engine, which is not the same as the one used on *nix systems.

Every antivirus software fails once in a while, but some fail more often than others. Bitdefender is one of them.

And you should look at that page carefully:

April 2004: Red Hat Linux 9

Status: FAIL

Anyone managed to get MailScanner+ClamAV work with FreeBSD?

I am currently playing around with this at the moment...

Originally posted by Shahid
Anyone managed to get MailScanner+ClamAV work with FreeBSD?

I am currently playing around with this at the moment...
You should have a look at the MailScanner list.

Originally posted by blacknight
You should have a look at the MailScanner list.

MailScanner list?

You mean http://www.sng.ecs.soton.ac.uk/mailscanner/ ? Yes I am doing..

The list archive is at: http://www.jiscmail.ac.uk/lists/mailscanner.html

The FAQ is at:
http://www.sng.ecs.soton.ac.uk/cgi-bin/faq

The MAQ is at:
http://www.mailscanner.biz/maq/

I am kinda nearly there, but need to do some fix..

here what I got in maillog:

Jun 6 14:19:31 matrix MailScanner[89081]: MailScanner E-Mail Virus Scanner version 4.31.6 starting...
Jun 6 14:19:31 matrix MailScanner[89081]: User's home directory /var/mail/mail does not exist
Jun 6 14:19:31 matrix MailScanner[89081]: /var/spool/exim.in/input is not owned by user 12 !


is var/mail/mail correct default path or it should be changed?
also I am not to sure how to fix "/var/spool/exim.in/input is not owned by user 12 !"

I got it kinda working now for FreeBSD :)
just a little fix and cleaning to do.


Edit: If I manged to get this working, I will try to write HOWTO for FreeBSD.

whats required for a redhat 9 system to install this?
certain perl modules? certain versions of exim or whatever?

is this howto now fully working and ok as posted in the first msg?

cause i am a bit frightend to install it on my production server :)

Originally posted by sander815
is this howto now fully working and ok as posted in the first msg?

cause i am a bit frightend to install it on my production server :)

Unless you're read through the entire thread and are familiar with MS - no :)

More recent versions of MS automatically recognise the MTA, so, to avoid breakage, you would need to create a few symlinks

Not all that hard though

thats why i ask, cause i read most of it, and there some people seem to keep problems

creating the symlinks is the 'hardest' part?

If you read the first part of the howto and also look at the documentation on the mailscanner site you should be fine.
Make sure you make backups of any files that you are editing so you can go back to a previous state.

*********************************
Install MailScanner
*********************************
# wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.28.6-1.rpm.tar.gz
# tar -zxvf MailScanner-4.24-14.rpm.tar.gz
# cd MailScanner-4.24-14
# ./install.sh

Note : Install missing modules when asked

# chown -R mail:mail /var/spool/MailScanner


How can I update these?

I get:

>>>
[root@am-alia MailScanner-4.28.6-1]# ./install.sh


Good. You have the patch command.

Your /usr/src/redhat, /usr/src/RPM or /usr/src/packages
tree is missing.
If you have access to an RPM called rpm-build
install it first and come back and try again.
>>>

search rpmfind.net for rpm-build, and install.

Use apt-get or yum for package management. Installing separate packages from rpm sites can lead to dependency problems

apt-get or yum does nog do anything... no MAN entry

It depends on your OS. Most sane installations would include them, but you can easily grap an rpm for your distro.

Originally posted by blacknight
It depends on your OS. Most sane installations would include them, but you can easily grap an rpm for your distro.

Wich way do you advice?

Grab a copy of apt for your distro.
Install it
run update and then install the missing files you need.

Could sound verry noobisch, but where to grab?

... hmm... Allready got APT :)
Did not know RH9 was that easy :)

I'll get:

[root@server1 run]# service MailScanner start
Starting MailScanner daemons:
incoming exim: [ OK ]
outgoing exim: [ OK ]
MailScanner: Can't locate Archive/Zip.pm in @INC (@INC contains: /usr/lib/MailScanner /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 . /usr/lib/MailScanner) at /usr/lib/MailScanner/MailScanner/Message.pm line 46.
BEGIN failed--compilation aborted at /usr/lib/MailScanner/MailScanner/Message.pm line 46.
Compilation failed in require at /usr/sbin/MailScanner line 52.
BEGIN failed--compilation aborted at /usr/sbin/MailScanner line 52.
[ OK ]
*update
I think I miss a perl module?
*update
I'm not that good with linux. could anybody PLEASE help me :rolleyes: ?
And yes, I know what module I need and yes I know what it does and why it is needed.

*update
I'm still bussy with it... I found the thing I need and I tried to install it, but I get:
++++++++++++++++++++++
[root@am-alia Archive-Zip-1.10]# perl Makefile.PL

Warning: I could not locate your pod2man program. Please make sure,
your pod2man program is in your PATH before you execute 'make'

Writing Makefile for Archive::Zip

++++++++++++++++++++++

What would be the solution?

why do i need mailscanner and spamassassin and clamav?
don't they both do spam filtering? SA and MS?

and MS does virus filtering, and so does Clamav?

After installation of Clamav and MailScanner following the instructions on this post... When I run it, I get below. I do killall exim and killall MailScanner and restart it, but the same comes up.

20452 ? S 0:00 [httpd]
21700 ? S 0:00 [exim]
21701 ? S 0:00 [exim]
21745 ? S 0:00 [exim]
21757 ? S 0:00 [exim]
21761 ? S 0:00 [exim]
21830 ? S 0:00 [MailScanner]
21831 ? Z 0:00 [MailScanner <defunct>]
21843 ? S 0:00 [exim]
21844 ? S 0:00 [exim]
21846 ? Z 0:00 [MailScanner <defunct>]
21862 ? S 0:00 [exim]
21863 ? S 0:00 [exim]
21865 ? Z 0:00 [MailScanner <defunct>]
21868 pts/0 R 0:00 ps axw

Any idea why ??

Also, in exim.conf, when I add below
spool_directory = /var/spool/exim.in
queue_only = true
queue_only_override = false
log_file_path = /var/spool/exim/msglog/%slog

All emails sent and received disappeared - not delivered or received.

Thanks for the great how-to....installed w/out a hitch on my Fedora Core 2 box.

One tip I would add - mailscanner installs a file in cron.daily called clean.quarantine, which will automatically delete files from the quarantine at an interval you define. Very helpful. Otherwise, you could have thousands of mails pile up o a busy server.

To activate:
#Pico /etc/cron.daily/clean.quarantine

Change "$disable = 1;" to "$disable = 0;"

Change the number of days to keep the messages if you wish, default is 30.

ctrl-x, Y and your good to go.

Originally posted by ret
why do i need mailscanner and spamassassin and clamav?
don't they both do spam filtering? SA and MS?

and MS does virus filtering, and so does Clamav?
NO no no no no

If you don't know what they do then go and read the manual.

Originally posted by itman21
After installation of Clamav and MailScanner following the instructions on this post... When I run it, I get below. I do killall exim and killall MailScanner and restart it, but the same comes up.


21830 ? S 0:00 [MailScanner]
21831 ? Z 0:00 [MailScanner <defunct>]
21843 ? S 0:00 [exim]
21844 ? S 0:00 [exim]
21846 ? Z 0:00 [MailScanner <defunct>]
21862 ? S 0:00 [exim]
21863 ? S 0:00 [exim]
21865 ? Z 0:00 [MailScanner <defunct>]
21868 pts/0 R 0:00 ps axw

Any idea why ??

That's normal, so I wouldn't worry about it.

someone might want to update the clam-av package download to http://crash.fce.vutbr.cz/crash-hat/1/clamav/clamav-0.72-1.i386.rpm

Updated mail scanner instructions:

# tar -zxvf MailScanner-4.28.6-1.rpm.tar.gz
# cd MailScanner-4.28.6-1
# ./Update-MakeMaker.sh
# ./install.sh
# chown -R mail:mail /var/spool/MailScanner

Originally posted by FarCry
someone might want to update the clam-av package download to http://crash.fce.vutbr.cz/crash-hat/1/clamav/clamav-0.72-1.i386.rpm

The best solution is to get the version suitable for your OS:
http://www.clamav.net/binary.html#pagestart

well, we are mostly redhat users here :) that rpm is for RH9/Fedora/RHE

Originally posted by FarCry
well, we are mostly redhat users here :) that rpm is for RH9/Fedora/RHE
Maybe, but it's a direct link to an rpm, which may be the latest today, but won't be in the future.

true, they need a "latest" file which just redirects to the newest file like mrtg does

how the mailscanner and exim work.

when server received mail, which folder i will goto to store the mail (/var/spool/exim.in/input) and after it process by mailscanner then when it will store the mail. after that when server need to sent out the mail, where it will store before sending out to other server.

try to figure out. :confused:

Hello,

I'm installing MailScanner, ClamAV... And now i'm not receiving and posting any mail... My /var/spool/exim/msglog/mainlog file :

2004-07-14 14:48:05 exim 4.24 daemon started: pid=4969, no queue runs, listening for SMTP on port 25 (IPv4)
2004-07-14 14:48:05 exim 4.24 daemon started: pid=4972, -q15m, not listening for SMTP
2004-07-14 14:48:05 Start queue run: pid=4973
2004-07-14 14:48:05 End queue run: pid=4973

What is a problem ?

When i'm starting a MailScanner service it's ok for all. Please help. Thanks.

Has anyone installed this on a Fedora Core 1 BOX and does it work without any problems? Thx..

Originally posted by extor
Has anyone installed this on a Fedora Core 1 BOX and does it work without any problems? Thx..
Yes.
FC1 is RH, so there is no reason why it would cause issues.

i have successfully install but i need to upgrade to v2.63 of SpamAssassin to get rid of "FORGED_MUA_OUTLOOK" that score 3.48 in SpamAssassin, so almost all the email that sent almost reach as spam.

did anybody know how to do this. looking for very clear instruction to do this.

I had the same problem as: WebrulerHosting

and I installed the perl module Archive-Zip and the errors were gone :)

Does ClamAV updates automaticly?

My files are:
-rw-r--r-- 1 clamav clamav 1034725 Jun 3 23:41 main.cvd
-rw-r--r-- 1 clamav clamav 64428 Jun 3 23:41 daily.cvd

So I wanted to update them myself using freshclam:

But an error came up:
ClamAV update process started at Mon Jul 19 12:34:02 2004
Reading CVD header (main.cvd): OK
Downloading main.cvd
main.cvd updated (version: 24, sigs: 21793, f-level: 2, builder: tomek)
Reading CVD header (daily.cvd): OK
Downloading daily.cvd
daily.cvd updated (version: 412, sigs: 1005, f-level: 2, builder: ccordes)
Database updated (22798 signatures) from database.clamav.net (212.162.12.159).
ERROR: Clamd was NOT notified: Can't connect to clamd on 127.0.0.1:3310
connect(): Connection refused

with netstat isn't showing port 3310 opened.

Did I forget something or do something wrong?

I've install mailscanner, everything works.
But when i reply a email that using piping, they get a "@" (from, no email adress. So when i send by using smtp.domain.com(ext. mail server) its works good, when i send by using mail.domain.com (isp) it's not work good, they get a "@" only when i reply the email.

Whats wrong???
Please help!

Originally posted by redeye
Does ClamAV updates automaticly?

My files are:
-rw-r--r-- 1 clamav clamav 1034725 Jun 3 23:41 main.cvd
-rw-r--r-- 1 clamav clamav 64428 Jun 3 23:41 daily.cvd

So I wanted to update them myself using freshclam:

But an error came up:
ClamAV update process started at Mon Jul 19 12:34:02 2004
Reading CVD header (main.cvd): OK
Downloading main.cvd
main.cvd updated (version: 24, sigs: 21793, f-level: 2, builder: tomek)
Reading CVD header (daily.cvd): OK
Downloading daily.cvd
daily.cvd updated (version: 412, sigs: 1005, f-level: 2, builder: ccordes)
Database updated (22798 signatures) from database.clamav.net (212.162.12.159).
ERROR: Clamd was NOT notified: Can't connect to clamd on 127.0.0.1:3310
connect(): Connection refused

with netstat isn't showing port 3310 opened.

Did I forget something or do something wrong?

i also have this problem. clamav never get updated from the day i installed. i try to update manually it also show the same error.

Originally posted by dannygoh
i also have this problem. clamav never get updated from the day i installed. i try to update manually it also show the same error.

i try to start the clamd service and run fleshclam. after update the signature is stop the clamd service, IT WORKS!

The spam report is being placed in the body of emails sent, and a score is place on emails receiced in the subject. How can I keep everything in the header... Looked at MailScanner.conf, and everything looks in order.

If the report is appearing in the body you are doing something wrong. It sounds like you may have spamd running as well as MailScanner.
Make sure that you do not have any spamassassin processes running and doublecheck your mailscanner.conf

I get to the following steps...

--------------------
*********************************
Test MTA
*********************************
Stop the MailScanner process if it's running and restart the exim processes

# service MailScanner stop
# service exim restart

Try to send an email to an account that the exim is handling. When the email arrives it should be placed in the /var/spool/exim.in/input
directory. If it doesn't then the exim incoming process isn't working properly.

Now start the MailScanner.

# service MailScanner start
-------------------

The results of the commands are as follows:

[root@server input]# service MailScanner stop
Shutting down MailScanner daemons:
MailScanner: [FAILED]
incoming exim: [ OK ]
outgoing exim: [ OK ]

[root@server input]# service exim restart
Shutting down exim:
Starting exim: [ OK ]
Could not create INET socket: Address already in use IO::Socket::INET: Address already in use

[root@server input]# service MailScanner start
Starting MailScanner daemons:
incoming exim: [FAILED]
Could not find Exim installation, see /etc/sysconfig/MailScanner
outgoing exim: [FAILED]
Could not find Exim installation, see /etc/sysconfig/MailScanner
MailScanner: Can't locate Archive/Zip.pm in @INC (@INC contains: /usr/lib/MailScanner /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 /usr/lib/perl5/site_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.0/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.0/i386-linux-thread-multi /usr/lib/perl5/5.8.0 . /usr/lib/MailScanner) at /usr/lib/MailScanner/MailScanner/Message.pm line 46.
BEGIN failed--compilation aborted at /usr/lib/MailScanner/MailScanner/Message.pm line 46.
Compilation failed in require at /usr/sbin/MailScanner line 52.
BEGIN failed--compilation aborted at /usr/sbin/MailScanner line 52.
[ OK ]

--------
I have read every message in this thread and there is no clear answer for the problems I am having.

Questions:
- How can I get and install the missing PERL Module?
- Why is the INET socket in use and how do I fix this (a reboot does not help)
- Why do I get "Could not find Exim installation, see /etc/sysconfig/MailScanner" and how do I fix this? Mailscanner config is attached
- What to do next?

Is there someone who would be willing to install this for me on 3 RH9 servers (paid of course)?

Kind Regards,
Onno Vrijburg

This is what I found in /var/log/maillog

---------------
Aug 13 14:58:29 server spamd[4458]: connection from hostserv2 [127.0.0.1] at port 32824
Aug 13 14:58:29 server spamd[15766]: info: setuid to mail succeeded
Aug 13 14:58:29 server spamd[15766]: processing message <E1BviGh-00017J-Q1@pluto.hostserv1.com> for mail:8.
Aug 13 14:58:29 server spamd[15766]: clean message (4.7/5.0) for mail:8 in 0.0 seconds, 1574 bytes.
Aug 13 15:01:00 server update.virus.scanners: Delaying cron job up to 600 seconds
Aug 13 15:03:06 server update.virus.scanners: Found clamav installed
Aug 13 15:03:06 server update.virus.scanners: Running autoupdate for clamav
Aug 13 15:03:06 server ClamAV-autoupdate[15811]: ClamAV did not need updating

---------------------

It seems that spamd and clamav are scanning the incomming messages but I cannot get exim or MailScanner to work.

Kind Regards,
Onno Vrijburg

After spending the whole day searching I managed to solve the problems and get the install working.

The problem "Could not create INET socket: Address already in use IO::Socket::INET: Address already in use" for some reason fixed itself after 3 hours

The problem "Starting MailScanner daemons:
incoming exim: [FAILED]
Could not find Exim installation, see /etc/sysconfig/MailScanner
outgoing exim: [FAILED]" was solved by checking the path to exim in the /etc/sysconfig/MailScanner file. There was a typo in the path.

The Zip.pm file was located in the RedHat src directories /usr/src/redhat/BUILD/Archive-Zip-1.09/lib/Archive/Zip.pm, you need to create the directory /usr/lib/MailScanner/Archive and copy the Zip.pm file to it.

I hope this helps someone else who might be having problems.

Kind Regards,
Onno Vrijburg

Originally posted by Icheb
Had this too for a while, it appeared ClamAV doesn't do anything before it's updated with freshclam (it doesn't have any virus definitions to begin with), after that it worked over here :d

Here is the result of running freshclam on my RH9 box:

-------------
ClamAV update process started at Sun Aug 15 01:53:12 2004
Reading CVD header (main.cvd): OK
Downloading main.cvd
main.cvd updated (version: 24, sigs: 21793, f-level: 2, builder: tomek)
Reading CVD header (daily.cvd): OK
Downloading daily.cvd
daily.cvd updated (version: 452, sigs: 1618, f-level: 2, builder: tomek)
Database updated (23411 signatures) from database.clamav.net (65.77.42.207).
ERROR: Clamd was NOT notified: Can't connect to clamd on 127.0.0.1:3310
connect(): Connection refused

-----------

can anyone tell my how to fix this?

Kind Regards,
Onno Vrijburg

resolveit
I had same problem... It is bug RH9
Run :
'export LANG=C' before running 'perl Makefile.PL'

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=87682

Starting exim: 2004-08-26 11:41:13 Exim configuration error in line 213:
main option "rbl_domains" unknown

this is what i get upon service exim restart

rbl_domains is not an option; it's the name of a database used by exim, and the name of a file that comprises the database.

It seems you have an error in your exim.conf file; you might want to check the SpamBlocker section of your exim.conf file with the master, stored here (http://www.nobaloney.net/downloads/spamblocker/DirectAdmin/).

But note that if you're using MailScanner, then you're not using the same exim.conf file, so expect to find a lot of differences.

Jeff

[root@stage2 root]# exim -C /etc/exim.conf -bV
Exim version 4.24 #1 built 29-Feb-2004 05:20:37
Copyright (c) University of Cambridge 2003
Berkeley DB: Sleepycat Software: Berkeley DB 4.1.25: (October 24, 2003)
Support for: iconv() Perl OpenSSL
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
2004-08-27 20:33:59 Exim configuration error in line 161:
main option "to" unknown


[root@stage2 root]# service exim restart
Shutting down exim:
Starting exim: 2004-08-27 20:35:05 Exim configuration error in line 213:
main option "rbl_domains" unknown
[FAILED]

Originally posted by interfasys
System: RedHat 9, ClamAv 0.67, MailScanner 4.28, Exim 4.24


*********************************
Install Spamassasin
*********************************
# cd /usr/local/directadmin/scripts
# ./spam.sh

You can also tweak spam.sh so that it picks up the latest version.

!Do not modify exim.conf to use spamassassin!
!Do not load spamd

I'm still trying to figure out if spamd is needed by somebody...


*********************************
Install ClamAV
*********************************
# wget http://crash.fce.vutbr.cz/crash-hat/1/clamav/clamav-0.72-1.i386.rpm

# rpm -Uvh clamav*.rpm

!Do not setup a cron for updates


*********************************
Install MailScanner
*********************************
# wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.28.6-1.rpm.tar.gz
# tar -zxvf MailScanner-4.28.6-1.rpm.tar.gz
# cd MailScanner-4.28.6-1
# ./Update-MakeMaker.sh
# ./install.sh
# chown -R mail:mail /var/spool/MailScanner

Note : Install missing modules when asked

# chown -R mail:mail /var/spool/MailScanner


*********************************
Configure Exim
*********************************
We need to run two Exim daemons: one to listen for SMTP connections, and one to do queue runs on the outgoing spool directory.

Thus, we need two .conf files. One for each exim process. The one created by directadmin will be used for incoming emails, we will tweak that one.

Backup
# cp /etc/exim.conf /etc/exim.back
Duplicate
#cp /etc/exim.conf /etc/exim_outgoing.conf

Configure
# pico -w /etc/exim.conf

and add the following lines in the main part of the configuration:

spool_directory = /var/spool/exim.in
queue_only = true
queue_only_override = false
log_file_path = /var/spool/exim/msglog/%slog


# pico -w /etc/init.d/exim

Original:
QUEUE=
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"

Change this to:
QUEUE="15m"
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -bd"
[ -f /etc/sysconfig/exim ] && . /etc/sysconfig/exim
[ "$DAEMON" = yes ] && EXIM_OPTS="$EXIM_OPTS -C /etc/exim_outgoing.conf"
[ -n "$QUEUE" ] && EXIM_OPTS="$EXIM_OPTS -q$QUEUE"


Create the following directories: /var/spool/exim.in,
/var/spool/exim.in/input,
/var/spool/exim.in/data,
/var/spool/exim.in/db

# mkdir /var/spool/exim.in
etc.

and assign them to mail.

# chown mail:mail /var/spool/exim.in


*********************************
Configure MailScanner
*********************************
#pico -w /etc/MailScanner/MailScanner.conf

and change theses settings:

Use you language for reports
%report-dir% = /etc/MailScanner/reports/fr

%org-name% = (Your org. name)
Run As User = mail
Run As Group = mail
Incoming Queue Dir = /var/spool/exim.in/input
Outgoing Queue Dir = /var/spool/exim/input
MTA = exim
Sendmail = /usr/sbin/exim -C /etc/exim.conf
Sendmail2 = /usr/sbin/exim -C /etc/exim_outgoing.conf
Virus Scanners = clamav
Use SpamAssassin = yes
Always Include SpamAssassin Report = yes

# pico -w /etc/sysconfig/MailScanner

MTA=exim
EXIM=/usr/sbin/exim
EXIMINCF=/etc/exim.conf # Incoming configuration file
EXIMSENDCF=/etc/exim_outgoing.conf # Outgoing configuration file


*********************************
Antivirus Auto-update
*********************************
Modify ClamAV scanner
# pico -w /usr/lib/MailScanner/clamav-autoupdate
Change this:
$PackageDir = "/usr";
$LogFile = "/var/log/clam-update.log";
$LockFile = "/var/log/ClamAVBusy.lock";


*********************************
Test MTA
*********************************
Stop the MailScanner process if it's running and restart the exim processes

# service MailScanner stop
# service exim restart

Try to send an email to an account that the exim is handling. When the email arrives it should be placed in the /var/spool/exim.in/input
directory. If it doesn't then the exim incoming process isn't working properly.

Now start the MailScanner.

# service MailScanner start

The email should now be moved from the directory and moved to /var/spool/exim/input where

it will be processed by the outgoing exim process.

You can view /var/log/maillog to see if the MailScanner scanned the file.

If the last two steps aren't working check the /var/log/maillog, /var/log/exim/exim_*,

/var/spool/exim/msglog/* for errors.


*********************************
Officially launch MailScanner
*********************************
Now that we've checked that everything is working, we can officially launch Mailscanner on the server.

# service exim stop
# service MailScanner stop
# killall exim
# service MailScanner start

If properly configured, Mailscanner will launch exim and scan your emails.


*********************************
Test virus scanner
*********************************
Try to send an email with a virus included and see if MailScanner detects it.

Just type this in a virus.txt file :

$CEliacmaTrESTuScikgsn$FREE-TEST-SIGNATURE$EEEEE$

and attach it in a test email.

------------------------------------------------------------------------

Original Howto made by :
Kaare Christensen, Mermaid Consulting ApS
kaare[at]mermaidconsulting[dot]com
http://www.mermaidconsulting.com



Hello

On all the wget links we are getting 404 errors.
Any new sites to get this from?

--- Richard

Originally posted by serverguy
Hello

On all the wget links we are getting 404 errors.
Any new sites to get this from?

--- Richard
Of course there are. Just check the sites mentioned.

Hello blacknight

I checked every post and tried ALL links and you get 404 error.

I will locate some that work.

Thanks

Richard

Maybe you are a fan of MailScanner, but we switched to exim-exiscan. It's very easy to setup and it saves a lot of resources.

Hello is ther a how to on it at all?

Richard

You need to :
1)install and run spamd, it comes from DA.
2)install clamav.
3)upgrade spamassassin to the latest version (required with any filtering system)
4)modify exim.conf to enable spamscanning.
5)modify exim.conf to enable clamav.

There are howtos for each step in this forum.

As a last step, you can add domains to the rbl file (blocks spams at data time).

Hello and tahnks for all the info.
I will take a look at it in a bit I am now working on a billing issue.

Thanks

--- Richard

Is there also a HOWTO remove Mailscanner and implement the new (Exim) way of doing things?

Kind Regards,
Onno Vrijburg

Originally posted by serverguy
Hello blacknight