diff options
-rw-r--r-- | config/mailscanner/mailscanner.inc | 320 | ||||
-rw-r--r-- | config/mailscanner/mailscanner.xml | 2 | ||||
-rwxr-xr-x | config/mailscanner/mailscanner_about.php | 13 | ||||
-rw-r--r-- | config/mailscanner/mailscanner_alerts.xml | 2 | ||||
-rw-r--r-- | config/mailscanner/mailscanner_antispam.xml | 35 | ||||
-rw-r--r-- | config/mailscanner/mailscanner_antivirus.xml | 3 | ||||
-rw-r--r-- | config/mailscanner/mailscanner_attachments.xml | 2 | ||||
-rw-r--r-- | config/mailscanner/mailscanner_content.xml | 2 | ||||
-rw-r--r-- | config/mailscanner/mailscanner_report.xml | 2 | ||||
-rw-r--r-- | config/mailscanner/mailscanner_sync.xml | 4 | ||||
-rw-r--r-- | config/postfix/postfix.inc | 9 | ||||
-rw-r--r-- | config/postfix/postfix_acl.xml | 17 | ||||
-rw-r--r-- | pkg_config.8.xml | 10 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 9 |
14 files changed, 394 insertions, 36 deletions
diff --git a/config/mailscanner/mailscanner.inc b/config/mailscanner/mailscanner.inc index fd7b6d16..82ce84e7 100644 --- a/config/mailscanner/mailscanner.inc +++ b/config/mailscanner/mailscanner.inc @@ -181,7 +181,7 @@ function sync_package_mailscanner() { $mcp_action=($antispam['mcp_action']?preg_replace("/,/"," ",$antispam['mcp_action']):"deliver"); $mcp_hi_action=($antispam['mcp_hi_action']?preg_replace("/,/"," ",$antispam['mcp_hi_action']):"delete"); $mcp_max=($antispam['mcp_max']?$antispam['mcp_max']:"200k"); - + /* Language Strings = %report-dir%/languages.conf */ @@ -328,6 +328,7 @@ Run As Group = postfix Queue Scan Interval = 6 Incoming Queue Dir = /var/spool/postfix/hold Outgoing Queue Dir = /var/spool/postfix/incoming +Incoming Work Dir = /var/spool/MailScanner/incoming Quarantine Dir = /var/spool/MailScanner/quarantine PID file = /var/run/MailScanner.pid Restart Every = 14400 @@ -361,7 +362,7 @@ Max Unsafe Messages Per Scan = 30 Max Normal Queue Size = 800 Scan Messages = {$scan_messages} Reject Message = {$reject_message} -Maximum Processing Attempts = 6 +Maximum Processing Attempts = 10 Processing Attempts Database = /var/spool/MailScanner/incoming/Processing.db Maximum Attachments Per Message = 200 Expand TNEF = {$expand_tnef} @@ -411,6 +412,21 @@ Block Encrypted Messages = {$block_encrypted} Block Unencrypted Messages = {$block_unencrypted} Allow Password-Protected Archives = {$allow_password} Check Filenames In Password-Protected Archives = {$check_filenames} +Monitors for ClamAV Updates = /var/db/clamav/*.cvd +ClamAVmodule Maximum Recursion Level = 8 +ClamAVmodule Maximum Files = 1000 +ClamAVmodule Maximum File Size = 10000000 # (10 Mbytes) +ClamAVmodule Maximum Compression Ratio = 25 +Allowed Sophos Error Messages = +Sophos IDE Dir = /opt/sophos-av/lib/sav +Sophos Lib Dir = /opt/sophos-av/lib +Monitors For Sophos Updates = /opt/sophos-av/lib/sav/*.ide +Clamd Port = 3310 +Clamd Socket = /var/run/clamav/clamd.sock +Clamd Lock File = # /var/lock/subsys/clamd +Clamd Use Threads = no +ClamAV Full Message Scan = yes +Fpscand Port = 10200 {$custom_antivirus_options} # @@ -459,6 +475,7 @@ Archives: Allow File MIME Types = Archives: Deny Filetypes = Archives: Deny File MIME Types = Archives: Filetype Rules = %etc-dir%/archives.filetype.rules.conf +Default Rename Pattern = __FILENAME__.disarmed # # Reports and Responses @@ -555,6 +572,7 @@ Virus Subject Text = [Virus?] Filename Modify Subject = start Filename Subject Text = [Filename?] Content Modify Subject = start +Content Subject Text = [Dangerous Content?] Size Modify Subject = start Size Subject Text = [Size] Disarmed Modify Subject = start @@ -678,7 +696,7 @@ Sender SpamAssassin Report = %report-dir%/sender.spam.sa.report.txt Inline Spam Warning = %report-dir%/inline.spam.warning.txt Recipient Spam Report = %report-dir%/recipient.spam.report.txt Enable Spam Bounce = %rules-dir%/bounce.rules - +Bounce Spam As Attachment = no # # Logging # ------- @@ -754,7 +772,7 @@ Sender MCP Report = %report-dir%/sender.mcp.report.txt Use Default Rules With Multiple Recipients = {$default_rule_multiple} Read IP Address From Received Header = {$read_ipaddress} Spam Score Number Format = {$spam_score_format} -MailScanner Version Number = 4.79.11 +MailScanner Version Number = 4.83.5 SpamAssassin Cache Timings = {$cache_timings} Debug = {$debug} Debug SpamAssassin = {$debug_spam} @@ -777,14 +795,6 @@ include /usr/local/etc/MailScanner/conf.d/* EOF; #write files conf_mount_rw(); - $mlang=strtolower($report['language']); - $mfiles[]="/usr/local/etc/MailScanner/virus.scanners.conf"; - $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/inline.spam.warning.txt"; - $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/languages.conf"; - - foreach ($mfiles as $mfile) - if (! file_exists ($mfile)) - copy($mfile.".sample",$mfile); if (!is_dir("/var/spool/MailScanner/incoming")){ mkdir("/var/spool/MailScanner/incoming", 0755,true); chown ('/var/spool/MailScanner/incoming','postfix'); @@ -794,7 +804,96 @@ EOF; chown ('/var/spool/MailScanner/quarantine','postfix'); } chown ('/var/spool/postfix','postfix'); + + $mlang=strtolower($report['language']); + $mfiles[]="/usr/local/etc/MailScanner/virus.scanners.conf"; + $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/inline.spam.warning.txt"; + $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/languages.conf"; + + foreach ($mfiles as $mfile) + if (! file_exists ($mfile)) + copy($mfile.".sample",$mfile); + + #update spam.assassin.prefs.conf + $sa_temp=ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['sa_pref_file']); + $pattern[0]='/#ifplugin/'; + $pattern[1]='/#pyzor_path/'; + $pattern[2]='/usr.bin.pyzor/'; + $pattern[3]='/#dcc_path/'; + $pattern[4]='/#endif/'; + $replacement[0]="ifplugin"; + $replacement[1]="pyzor_path"; + $replacement[2]="usr/local/bin/pyzor"; + $replacement[3]="dcc_path"; + $replacement[4]="endif"; + if (preg_match('/use_razor/',$antispam['safeatures'])){ + $pattern[5]='/\nuse_razor2\s+0/'; + $replacement[5]="\n".'# use_razor2 0'; + } + else{ + $pattern[5]='/\n#\s+use_razor2\s+0/'; + $replacement[5]="\n".'use_razor2 0'; + } + if (preg_match('/use_dcc/',$antispam['safeatures'])){ + $pattern[6]='/\nuse_dcc\s+0/'; + $replacement[6]="\n".'# use_dcc 0'; + } + else{ + $pattern[6]='/\n#\s+use_dcc\s+0/'; + $replacement[6]="\n".'use_dcc 0'; + } + if (preg_match('/use_pyzor/',$antispam['safeatures'])){ + $pattern[7]='/\nuse_pyzor\s+0/'; + $replacement[7]="\n".'# use_pyzor 0'; + } + else{ + $pattern[7]='/\n#\s+use_pyzor\s+0/'; + $replacement[7]="\n".'# use_pyzor 0'; + } + if (preg_match('/use_auto_learn_bayes/',$antispam['safeatures'])){ + $pattern[8]='/\nbayes_auto_learn\s+0/'; + $replacement[8]="\n".'# bayes_auto_learn 0'; + } + else{ + $pattern[8]='/\n#\s+bayes_auto_learn\s+0/'; + $replacement[8]="\n".'bayes_auto_learn 0'; + } + if (preg_match('/use_bayes/',$antispam['safeatures'])){ + $pattern[9]='/\nuse_bayes\s+0/'; + $replacement[9]="\n".'# use_bayes 0'; + } + else{ + $pattern[9]='/\n#\s+use_bayes\s+0/'; + $replacement[9]="\n".'use_bayes 0'; + } + if (preg_match('/sa_auto_whitelist/',$antispam['safeatures'])){ + $pattern[10]='/\nuse_auto_whitelist\s+0/'; + $replacement[10]="\n".'# use_auto_whitelist 0'; + } + else{ + $pattern[10]='/\n#\s*use_auto_whitelist 0/'; + $replacement[10]="\n".'use_auto_whitelist 0'; + } + if ($antispam['rblchecks']){ + $pattern[11]='/\nskip_rbl_checks\s+1/'; + $replacement[11]="\n".'# skip_rbl_checks 1'; + } + else{ + $pattern[11]='/\n#\s+skip_rbl_checks\s+\d/'; + $replacement[11]="\n".'skip_rbl_checks 1'; + } + $pattern[12]='/bayes_ignore_header ([a-zA-Z0-9_.-]+)MailScanner/'; + $replacement[12]="bayes_ignore_header ".($mailscanner['orgname']!=""?$mailscanner['orgname']:"pfsense")."-MailScanner"; + $pattern[13]='/envelope_sender_header X([a-zA-Z0-9_.-]+)MailScanner-From/'; + $replacement[13]="envelope_sender_header X-".($mailscanner['orgname']!=""?$mailscanner['orgname']:"pfsense")."-MailScanner-From"; + + + $sa_temp=preg_replace($pattern,$replacement,$sa_temp); + #rint "pre".$sa_temp;exit; + $config['installedpackages']['msantispam']['config'][0]['sa_pref_file']=base64_encode($sa_temp); + write_config(); + file_put_contents($mailscanner_dir."/MailScanner.conf", $mc, LOCK_EX); file_put_contents($mailscanner_dir."/filename.rules.conf",ms_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filename_rules']),LOCK_EX); file_put_contents($mailscanner_dir."/filetype.rules.conf",ms_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filetype_rules']),LOCK_EX); @@ -803,7 +902,7 @@ EOF; file_put_contents($mailscanner_dir."/phishing.safe.sites.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['phishing_safe']),LOCK_EX); file_put_contents($mailscanner_dir."/phishing.bad.sites.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['phishing_bad']),LOCK_EX); file_put_contents($mailscanner_dir."/country.domains.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['country_domains']),LOCK_EX); - file_put_contents($mailscanner_dir.'/spam.assassin.prefs.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['sa_pref_file']),LOCK_EX); + file_put_contents($mailscanner_dir.'/spam.assassin.prefs.conf',$sa_temp,LOCK_EX); file_put_contents($mailscanner_dir.'/spam.lists.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['rbl_file']),LOCK_EX); file_put_contents($mailscanner_dir.'/mcp/mcp.spam.assassin.prefs.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['mcp_pref_file']),LOCK_EX); file_put_contents($mailscanner_dir.'/rules/bounce.rules',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['bounce']),LOCK_EX); @@ -839,6 +938,22 @@ EOF; unlink_if_exists($libexec_dir.'clamav-wrapper'); } else{ + chown('/var/run/clamav/', 'postfix'); + chown('/var/log/clamav/', 'postfix'); + chown('/var/db/clamav/', 'postfix'); + if (file_exists('/var/db/clamav/bytecode.cld')) + chown('/var/db/clamav/bytecode.cld', 'postfix'); + if (file_exists('/var/db/clamav/daily.cld')) + chown('/var/db/clamav/daily.cld', 'postfix'); + if (file_exists('/var/db/clamav/main.cvd')) + chown('/var/db/clamav/main.cvd', 'postfix'); + if (file_exists('/var/db/clamav/mirrors.dat')) + chown('/var/db/clamav/mirrors.dat', 'postfix'); + if (file_exists('/var/log/clamav/clamd.log')) + chown('/var/log/clamav/clamd.log', 'postfix'); + if (file_exists('/var/log/clamav/freshclam.log')) + chown('/var/log/clamav/freshclam.log', 'postfix'); + copy($libexec_dir.'clamav-autoupdate.sample',$libexec_dir.'clamav-autoupdate'); chmod ($libexec_dir.'clamav-autoupdate',0755); copy($libexec_dir.'clamav-wrapper.sample',$libexec_dir.'clamav-wrapper'); @@ -847,6 +962,39 @@ EOF; log_error('No clamav database found, running freshclam in background.'); mwexec_bg('/usr/local/bin/freshclam'); } + #clamav-wrapper file + $cconf=$libexec_dir."clamav-wrapper"; + $cconf_file=file_get_contents($cconf); + if (preg_match('/"clamav"/',$cconf_file)){ + $cconf_file=preg_replace('/"clamav"/','"postfix"',$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } + + #freshclam conf file + $cconf="/usr/local/etc/freshclam.conf"; + $cconf_file=file_get_contents($cconf); + if (preg_match('/DatabaseOwner clamav/',$cconf_file)){ + $cconf_file=preg_replace("/DatabaseOwner clamav/","DatabaseOwner postfix",$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } + + #clamd conf file + $cconf="/usr/local/etc/clamd.conf"; + $cconf_file=file_get_contents($cconf); + if (preg_match('/User clamav/',$cconf_file)){ + $cconf_file=preg_replace("/User clamav/","User postfix",$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } + #clamd script file + $script='/usr/local/etc/rc.d/clamav-clamd'; + $script_file=file_get_contents($script); + if (preg_match('/NO/',$script_file)){ + $script_file=preg_replace("/NO/","YES",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + chmod ($script,0755); + } + mwexec_bg("$script fastrestart"); + } } else{ @@ -854,7 +1002,39 @@ EOF; unlink_if_exists($libexec_dir.'clamav-wrapper'); } + #check dcc startup script + $script='/usr/local/etc/rc.d/dccifd'; + $script_file=file_get_contents($script); + if (preg_match('/NO/',$script_file)){ + $script_file=preg_replace("/NO/","YES",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + chmod ($script,0755); + } + mwexec_bg("$script fastrestart"); + #check dcc config file + $script='/usr/local/dcc/dcc_conf'; + $script_file=file_get_contents($script); + if (preg_match('/DCCIFD_ENABLE=off/',$script_file)){ + $script_file=preg_replace("/DCCIFD_ENABLE=off/","DCCIFD_ENABLE=on",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + } + $script='/usr/local/etc/rc.d/mailscanner'; + + #fix MIME::ToolUtils deprecated function and usecure dependency calls in /usr/local/sbin/mailscanner + $cconf="/usr/local/sbin/mailscanner"; + $cconf_file=file_get_contents($cconf); + $pattern2[0]='/perl\W+I/'; + $pattern2[1]='/\smy .current = config MIME::ToolUtils/'; + $replacement2[0]='perl -U -I'; + $replacement2[1]=' #my $current = config MIME::ToolUtils'; + if (preg_match('/perl\W+I/',$cconf_file)){ + $cconf_file=preg_replace($pattern2,$replacement2,$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + #force old process stop + mwexec("$script stop"); + } + $script_file=file_get_contents($script); if (preg_match('/NO/',$script_file)){ $script_file=preg_replace("/NO/","YES",$script_file); @@ -871,6 +1051,20 @@ EOF; chmod ($script,0444); } conf_mount_ro(); + $synconchanges = $config['installedpackages']['mailscannersync']['config'][0]['synconchanges']; + if(!$synconchanges && !$syncondbchanges) + return; + log_error("[mailscanner] mailscanner_xmlrpc_sync.php is starting."); + foreach ($config['installedpackages']['mailscannersync']['config'] as $rs ){ + foreach($rs['row'] as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + $sync_type = $sh['sync_type']; + if($password && $sync_to_ip) + mailscanner_do_xmlrpc_sync($sync_to_ip, $password,$sync_type); + } + } + log_error("[postfix] postfix_xmlrpc_sync.php is ending."); } @@ -902,4 +1096,104 @@ function mailscanner_php_deinstall_command() { conf_mount_ro(); } +function mailscanner_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { + global $config, $g; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $sync_xml=$config['installedpackages']['mailscannersync']['config'][0]['synconchanges']; + if ($sync_xml){ + log_error("Include mailscanner config"); + $xml['mailscanner'] = $config['installedpackages']['mailscanner']; + $xml['msreport'] = $config['installedpackages']['msreport']; + $xml['mscontent'] = $config['installedpackages']['mscontent']; + $xml['msantivirus'] = $config['installedpackages']['msantivirus']; + $xml['msantispam'] = $config['installedpackages']['msantispam']; + $xml['msalerts'] = $config['installedpackages']['msalerts']; + } + if (count($xml) > 0){ + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("Beginning mailscanner XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials('admin', $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after 250 seconds */ + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting mailscanner XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "Mailscanner Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting mailscanner XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "mailscanner Settings Sync", ""); + } else { + log_error("mailscanner XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell postfix to reload our settings on the destionation sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/mailscanner.inc');\n"; + $execcmd .= "sync_package_mailscanner();"; + + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("mailscanner XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials('admin', $password); + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting mailscanner XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "mailscanner Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting mailscanner XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "mailscanner Settings Sync", ""); + } else { + log_error("mailscanner XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } + } +} + ?>
\ No newline at end of file diff --git a/config/mailscanner/mailscanner.xml b/config/mailscanner/mailscanner.xml index 71bb06f3..95cf7f79 100644 --- a/config/mailscanner/mailscanner.xml +++ b/config/mailscanner/mailscanner.xml @@ -143,7 +143,7 @@ <url>/pkg_edit.php?xml=mailscanner_sync.xml&id=0</url> </tab> <tab> - <text>About</text> + <text>Help</text> <url>/mailscanner_about.php</url> </tab> </tabs> diff --git a/config/mailscanner/mailscanner_about.php b/config/mailscanner/mailscanner_about.php index db499a4d..bea516f9 100755 --- a/config/mailscanner/mailscanner_about.php +++ b/config/mailscanner/mailscanner_about.php @@ -60,7 +60,7 @@ include("head.inc"); $tab_array[] = array(gettext("Alerts"), false, "/pkg_edit.php?xml=mailscanner_alerts.xml&id=0"); $tab_array[] = array(gettext("Reporting"), false, "/pkg_edit.php?xml=mailscanner_report.xml&id=0"); $tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=mailscanner_sync.xml&id=0"); - $tab_array[] = array(gettext("About"), true, "/mailscanner_about.php"); + $tab_array[] = array(gettext("Help"), true, "/mailscanner_about.php"); display_top_tabs($tab_array); ?> </td></tr> @@ -71,6 +71,17 @@ include("head.inc"); <table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0"> <tr><td></td></tr> <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Help docs"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("FAQ ");?></td> + <td width="78%" class="vtable"><?=gettext("<a target=_new href='http://www.mailscanner.info/wiki/doku.php?id=maq:index'>Most Asked Questions</a><br><br>");?> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Performance ");?></td> + <td width="78%" class="vtable"><?=gettext("<a target=_new href='http://wiki.apache.org/spamassassin/FasterPerformance'>How do I get SpamAssassin to run faster?</a><br><br>");?></td> + </tr> + <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("About Mailscanner package"); ?></td> </tr> <tr> diff --git a/config/mailscanner/mailscanner_alerts.xml b/config/mailscanner/mailscanner_alerts.xml index 5704f3ff..9d80bae6 100644 --- a/config/mailscanner/mailscanner_alerts.xml +++ b/config/mailscanner/mailscanner_alerts.xml @@ -80,7 +80,7 @@ <url>/pkg_edit.php?xml=mailscanner_sync.xml&id=0</url> </tab> <tab> - <text>About</text> + <text>Help</text> <url>/mailscanner_about.php</url> </tab> diff --git a/config/mailscanner/mailscanner_antispam.xml b/config/mailscanner/mailscanner_antispam.xml index 5ce3f015..652935f5 100644 --- a/config/mailscanner/mailscanner_antispam.xml +++ b/config/mailscanner/mailscanner_antispam.xml @@ -80,7 +80,7 @@ <url>/pkg_edit.php?xml=mailscanner_sync.xml&id=0</url> </tab> <tab> - <text>About</text> + <text>Help</text> <url>/mailscanner_about.php</url> </tab> @@ -89,16 +89,16 @@ <fields> <field> - <name>RBL Checks</name> + <name>Spam Checks</name> <type>listtopic</type> </field> <field> <fielddescr>Features</fielddescr> <fieldname>rblfeatures</fieldname> <description> - <![CDATA[Select RBL features to enable. Mailscanner default options are in ( ).<br> - <strong>Note: RBL checks are recommended in postfix postscreen daemon.<br> - It's not recommended to run it twice.</strong>]]> + <![CDATA[Select spam check features to enable.<br> + If you unselect <strong>Spam Checks</strong> then *no* spam checks will be done at all.<br> + This includes both MailScanner's own checks and SpamAssassin.]]> </description> <type>select</type> <options> @@ -109,6 +109,17 @@ <size>04</size> <multiple/> </field> + <field> + <fielddescr>Rbl checks</fielddescr> + <fieldname>rblchecks</fieldname> + <description> + <![CDATA[Enable Rbl ckecks on Mailscanner.<br> + Rbl ckecks are included in postscreen daemon.<br> + For better performance, configure it in postscreen.<br> + <strong>It's not recommended to run it twice.</strong>]]> + </description> + <type>checkbox</type> + </field> <field> <fielddescr>Spam Lists do be spam</fielddescr> <fieldname>spam_lists</fieldname> @@ -142,7 +153,12 @@ <fielddescr>Features</fielddescr> <fieldname>safeatures</fieldname> <description> - <![CDATA[Select Spamassassin features to enable. Mailscanner default options are in ( ).]]> + <![CDATA[Select Spamassassin features to enable. Mailscanner default options are in ( ).<br> + <strong>Bayes</strong> needs a lot o CPU to work properly<br> + <strong>Razor2</strong> needs access to tcp ports 2703 and 7 (outgoing)<br> + <strong>Pyzor</strong> needs access to udp port 24441 (outgoing)<br> + <strong>DCC</strong> needs access to udp port 6277 (outgoing)<br> + <strong>DNS</strong> access is mandatory for all<br>]]> </description> <type>select</type> <options> @@ -153,8 +169,13 @@ <option><name>Spam Score (yes)</name><value>spam_score</value></option> <option><name>Cache SpamAssassin Results (yes)</name><value>cache_spamassassin_results</value></option> <option><name>Wait During Bayes Rebuild (no)</name><value>wait_during_bayes_rebuild</value></option> + <option><name>Use Pyzor plugin (yes)</name><value>use_pyzor</value></option> + <option><name>Use Razor plugin (yes)</name><value>use_razor</value></option> + <option><name>Use DCC plugin (yes)</name><value>use_dcc</value></option> + <option><name>Use Bayes (yes)</name><value>use_bayes</value></option> + <option><name>Use Bayes Auto Learn (yes)</name><value>use_auto_learn_bayes</value></option> </options> - <size>08</size> + <size>13</size> <multiple/> </field> <field> diff --git a/config/mailscanner/mailscanner_antivirus.xml b/config/mailscanner/mailscanner_antivirus.xml index 7d3d1d7c..a6b94c0b 100644 --- a/config/mailscanner/mailscanner_antivirus.xml +++ b/config/mailscanner/mailscanner_antivirus.xml @@ -80,7 +80,7 @@ <url>/pkg_edit.php?xml=mailscanner_sync.xml&id=0</url> </tab> <tab> - <text>About</text> + <text>Help</text> <url>/mailscanner_about.php</url> </tab> </tabs> @@ -115,6 +115,7 @@ <options> <option><name>auto</name><value>auto</value></option> <option><name>clamav</name><value>clamav</value></option> + <option><name>clamd</name><value>clamd</value></option> <option><name>none</name><value>none</value></option> </options> <description><![CDATA[Do you want to scan email for viruses?]]> diff --git a/config/mailscanner/mailscanner_attachments.xml b/config/mailscanner/mailscanner_attachments.xml index 31bf98f4..1b031466 100644 --- a/config/mailscanner/mailscanner_attachments.xml +++ b/config/mailscanner/mailscanner_attachments.xml @@ -80,7 +80,7 @@ <url>/pkg_edit.php?xml=mailscanner_sync.xml&id=0</url> </tab> <tab> - <text>About</text> + <text>Help</text> <url>/mailscanner_about.php</url> </tab> </tabs> diff --git a/config/mailscanner/mailscanner_content.xml b/config/mailscanner/mailscanner_content.xml index d36bf8b3..ca79b07f 100644 --- a/config/mailscanner/mailscanner_content.xml +++ b/config/mailscanner/mailscanner_content.xml @@ -80,7 +80,7 @@ <url>/pkg_edit.php?xml=mailscanner_sync.xml&id=0</url> </tab> <tab> - <text>About</text> + <text>Help</text> <url>/mailscanner_about.php</url> </tab> </tabs> diff --git a/config/mailscanner/mailscanner_report.xml b/config/mailscanner/mailscanner_report.xml index 65f182fc..60e7385c 100644 --- a/config/mailscanner/mailscanner_report.xml +++ b/config/mailscanner/mailscanner_report.xml @@ -80,7 +80,7 @@ <url>/pkg_edit.php?xml=mailscanner_sync.xml&id=0</url> </tab> <tab> - <text>About</text> + <text>Help</text> <url>/mailscanner_about.php</url> </tab> </tabs> diff --git a/config/mailscanner/mailscanner_sync.xml b/config/mailscanner/mailscanner_sync.xml index 8dc51e42..da31e853 100644 --- a/config/mailscanner/mailscanner_sync.xml +++ b/config/mailscanner/mailscanner_sync.xml @@ -41,7 +41,7 @@ <description>Describe your package here</description> <requirements>Describe your package requirements here</requirements> <faq>Currently there are no FAQ items provided.</faq> - <name>mailscanner_sync</name> + <name>mailscannersync</name> <version>1.0</version> <title>Services: MailScanner</title> <include_file>/usr/local/pkg/mailscanner.inc</include_file> @@ -80,7 +80,7 @@ <active/> </tab> <tab> - <text>About</text> + <text>Help</text> <url>/mailscanner_about.php</url> </tab> </tabs> diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc index 5a802054..182f9d00 100644 --- a/config/postfix/postfix.inc +++ b/config/postfix/postfix.inc @@ -351,8 +351,13 @@ EOF; #Header Maps if ($config['installedpackages']['postfixacl']['config'][0]['header_maps']){ $postfix_main .= "header_checks = pcre:/usr/local/etc/postfix/header_check\n"; + $postfix_main .= "header_size_limit = 1024000\n"; $header_check = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['header_maps']); } + #Sender access + if ($config['installedpackages']['postfixacl']['config'][0]['sender_access']){ + $sender_access = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['sender_access']); + } #MIME Maps if ($config['installedpackages']['postfixacl']['config'][0]['mime_maps']){ $postfix_main .= "mime_header_checks = pcre:/usr/local/etc/postfix/mime_check\n"; @@ -454,6 +459,7 @@ smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, reject_multi_recipient_bounce, + check_sender_access hash:/usr/local/etc/postfix/sender_access, SPFSPFSPFRBLRBLRBL EOF; @@ -637,13 +643,14 @@ MASTEREOF2; file_put_contents("/usr/local/etc/postfix/main.cf", $postfix_main, LOCK_EX); file_put_contents("/usr/local/etc/postfix/master.cf", $postfix_master, LOCK_EX); file_put_contents("/usr/local/etc/postfix/transport", $transport, LOCK_EX); + file_put_contents("/usr/local/etc/postfix/sender_access", $sender_access, LOCK_EX); file_put_contents("/usr/local/etc/postfix/cal_cidr", $cal_cidr, LOCK_EX); file_put_contents("/usr/local/etc/postfix/cal_pcre", $cal_pcre, LOCK_EX); file_put_contents("/usr/local/etc/postfix/header_check", $header_check, LOCK_EX); file_put_contents("/usr/local/etc/postfix/mime_check", $mime_check, LOCK_EX); file_put_contents("/usr/local/etc/postfix/body_check", $body_check, LOCK_EX); file_put_contents("/usr/local/etc/postfix/mynetwork_table", $mynetworks, LOCK_EX); - $FILES=array("transport"); + $FILES=array("transport","sender_access"); foreach ($FILES as $file) { mwexec("/usr/local/sbin/postmap /usr/local/etc/postfix/".$file); diff --git a/config/postfix/postfix_acl.xml b/config/postfix/postfix_acl.xml index 9837bf0a..2a2b4633 100644 --- a/config/postfix/postfix_acl.xml +++ b/config/postfix/postfix_acl.xml @@ -115,6 +115,23 @@ <encoding>base64</encoding> </field> <field> + <fielddescr>Sender</fielddescr> + <fieldname>sender_access</fieldname> + <description><![CDATA[<strong>HASH filters</strong> that implements whitelisting and blacklisting of full or partial email addresses and domains as specified in the MAIL FROM field :<br> + myfriend@example.com OK<br> + junk@spam.com REJECT<br> + marketing@ REJECT<br> + theboss@ OK<br> + deals.marketing.com REJECT<br> + somedomain.com OK<br> + See http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions for more help]]> + </description> + <type>textarea</type> + <cols>83</cols> + <rows>15</rows> + <encoding>base64</encoding> + </field> + <field> <fielddescr>MIME</fielddescr> <fieldname>mime_maps</fieldname> <description><![CDATA[<strong>PCRE filters</strong><a href=http://www.postfix.org/pcre_table.5.html> that are applied to MIME related message headers only.</a> Hint:<br> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index fd904fb0..ac42bd4b 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -367,7 +367,7 @@ <pkginfolink>http://forum.pfsense.org/index.php/topic,40622.0.html</pkginfolink> <depends_on_package_base_url>http://files.pfsense.org/packages/8/All/</depends_on_package_base_url> <depends_on_package>postfix-2.8.5,1.tbz</depends_on_package> - <version>2.8.5,1 pkg v.2.3.1</version> + <version>2.8.5,1 pkg v.2.3.2</version> <status>RC1</status> <required_version>2.0</required_version> <configurationfile>postfix.xml</configurationfile> @@ -384,8 +384,12 @@ <pkginfolink>http://forum.pfsense.org/index.php/topic,43687.0.html</pkginfolink> <depends_on_package_base_url>http://e-sac.siteseguro.ws/pfsense/8/All/</depends_on_package_base_url> <depends_on_package>MailScanner-4.83.5.tbz</depends_on_package> - <version>4.83.5 pkg v.0.1</version> - <status>alpha</status> + <depends_on_package>perl-5.12.4_3.tbz</depends_on_package> + <depends_on_package>pyzor-0.5.0_1.tbz</depends_on_package> + <depends_on_package>p5-Mail-SPF-2.007.tbz</depends_on_package> + <depends_on_package>p5-IP-Country-2.27.tbz</depends_on_package> + <version>4.83.5 pkg v.0.2</version> + <status>beta</status> <required_version>2.0</required_version> <configurationfile>mailscanner.xml</configurationfile> <build_port_path>/usr/ports/mail/mailscanner</build_port_path> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index a094215a..310ea48d 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -455,7 +455,7 @@ <depends_on_package>postfix-2.8.7,1.tbz</depends_on_package> <depends_on_package>perl-5.12.4_3.tbz</depends_on_package> <depends_on_package_pbi>postfix-2.8.5-amd64.pbi</depends_on_package_pbi> - <version>2.8.7,1 pkg v.2.3.1</version> + <version>2.8.7,1 pkg v.2.3.2</version> <status>RC1</status> <required_version>2.0</required_version> <configurationfile>postfix.xml</configurationfile> @@ -472,8 +472,11 @@ <pkginfolink>http://forum.pfsense.org/index.php/topic,43687.0.html</pkginfolink> <depends_on_package_base_url>http://e-sac.siteseguro.ws/pfsense/8/amd64/All/</depends_on_package_base_url> <depends_on_package>MailScanner-4.83.5.tbz</depends_on_package> - <version>4.83.5 pkg v.0.1</version> - <status>alpha</status> + <depends_on_package>pyzor-0.5.0_1.tbz</depends_on_package> + <depends_on_package>p5-Mail-SPF-2.007.tbz</depends_on_package> + <depends_on_package>p5-IP-Country-2.27.tbz</depends_on_package> + <version>4.83.5 pkg v.0.2</version> + <status>beta</status> <required_version>2.0</required_version> <configurationfile>mailscanner.xml</configurationfile> <build_port_path>/usr/ports/mail/mailscanner</build_port_path> |