aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/mailscanner/mailscanner.inc320
-rw-r--r--config/mailscanner/mailscanner.xml2
-rwxr-xr-xconfig/mailscanner/mailscanner_about.php13
-rw-r--r--config/mailscanner/mailscanner_alerts.xml2
-rw-r--r--config/mailscanner/mailscanner_antispam.xml35
-rw-r--r--config/mailscanner/mailscanner_antivirus.xml3
-rw-r--r--config/mailscanner/mailscanner_attachments.xml2
-rw-r--r--config/mailscanner/mailscanner_content.xml2
-rw-r--r--config/mailscanner/mailscanner_report.xml2
-rw-r--r--config/mailscanner/mailscanner_sync.xml4
-rw-r--r--config/postfix/postfix.inc9
-rw-r--r--config/postfix/postfix_acl.xml17
12 files changed, 381 insertions, 30 deletions
diff --git a/config/mailscanner/mailscanner.inc b/config/mailscanner/mailscanner.inc
index fd7b6d16..82ce84e7 100644
--- a/config/mailscanner/mailscanner.inc
+++ b/config/mailscanner/mailscanner.inc
@@ -181,7 +181,7 @@ function sync_package_mailscanner() {
$mcp_action=($antispam['mcp_action']?preg_replace("/,/"," ",$antispam['mcp_action']):"deliver");
$mcp_hi_action=($antispam['mcp_hi_action']?preg_replace("/,/"," ",$antispam['mcp_hi_action']):"delete");
$mcp_max=($antispam['mcp_max']?$antispam['mcp_max']:"200k");
-
+
/*
Language Strings = %report-dir%/languages.conf
*/
@@ -328,6 +328,7 @@ Run As Group = postfix
Queue Scan Interval = 6
Incoming Queue Dir = /var/spool/postfix/hold
Outgoing Queue Dir = /var/spool/postfix/incoming
+Incoming Work Dir = /var/spool/MailScanner/incoming
Quarantine Dir = /var/spool/MailScanner/quarantine
PID file = /var/run/MailScanner.pid
Restart Every = 14400
@@ -361,7 +362,7 @@ Max Unsafe Messages Per Scan = 30
Max Normal Queue Size = 800
Scan Messages = {$scan_messages}
Reject Message = {$reject_message}
-Maximum Processing Attempts = 6
+Maximum Processing Attempts = 10
Processing Attempts Database = /var/spool/MailScanner/incoming/Processing.db
Maximum Attachments Per Message = 200
Expand TNEF = {$expand_tnef}
@@ -411,6 +412,21 @@ Block Encrypted Messages = {$block_encrypted}
Block Unencrypted Messages = {$block_unencrypted}
Allow Password-Protected Archives = {$allow_password}
Check Filenames In Password-Protected Archives = {$check_filenames}
+Monitors for ClamAV Updates = /var/db/clamav/*.cvd
+ClamAVmodule Maximum Recursion Level = 8
+ClamAVmodule Maximum Files = 1000
+ClamAVmodule Maximum File Size = 10000000 # (10 Mbytes)
+ClamAVmodule Maximum Compression Ratio = 25
+Allowed Sophos Error Messages =
+Sophos IDE Dir = /opt/sophos-av/lib/sav
+Sophos Lib Dir = /opt/sophos-av/lib
+Monitors For Sophos Updates = /opt/sophos-av/lib/sav/*.ide
+Clamd Port = 3310
+Clamd Socket = /var/run/clamav/clamd.sock
+Clamd Lock File = # /var/lock/subsys/clamd
+Clamd Use Threads = no
+ClamAV Full Message Scan = yes
+Fpscand Port = 10200
{$custom_antivirus_options}
#
@@ -459,6 +475,7 @@ Archives: Allow File MIME Types =
Archives: Deny Filetypes =
Archives: Deny File MIME Types =
Archives: Filetype Rules = %etc-dir%/archives.filetype.rules.conf
+Default Rename Pattern = __FILENAME__.disarmed
#
# Reports and Responses
@@ -555,6 +572,7 @@ Virus Subject Text = [Virus?]
Filename Modify Subject = start
Filename Subject Text = [Filename?]
Content Modify Subject = start
+Content Subject Text = [Dangerous Content?]
Size Modify Subject = start
Size Subject Text = [Size]
Disarmed Modify Subject = start
@@ -678,7 +696,7 @@ Sender SpamAssassin Report = %report-dir%/sender.spam.sa.report.txt
Inline Spam Warning = %report-dir%/inline.spam.warning.txt
Recipient Spam Report = %report-dir%/recipient.spam.report.txt
Enable Spam Bounce = %rules-dir%/bounce.rules
-
+Bounce Spam As Attachment = no
#
# Logging
# -------
@@ -754,7 +772,7 @@ Sender MCP Report = %report-dir%/sender.mcp.report.txt
Use Default Rules With Multiple Recipients = {$default_rule_multiple}
Read IP Address From Received Header = {$read_ipaddress}
Spam Score Number Format = {$spam_score_format}
-MailScanner Version Number = 4.79.11
+MailScanner Version Number = 4.83.5
SpamAssassin Cache Timings = {$cache_timings}
Debug = {$debug}
Debug SpamAssassin = {$debug_spam}
@@ -777,14 +795,6 @@ include /usr/local/etc/MailScanner/conf.d/*
EOF;
#write files
conf_mount_rw();
- $mlang=strtolower($report['language']);
- $mfiles[]="/usr/local/etc/MailScanner/virus.scanners.conf";
- $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/inline.spam.warning.txt";
- $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/languages.conf";
-
- foreach ($mfiles as $mfile)
- if (! file_exists ($mfile))
- copy($mfile.".sample",$mfile);
if (!is_dir("/var/spool/MailScanner/incoming")){
mkdir("/var/spool/MailScanner/incoming", 0755,true);
chown ('/var/spool/MailScanner/incoming','postfix');
@@ -794,7 +804,96 @@ EOF;
chown ('/var/spool/MailScanner/quarantine','postfix');
}
chown ('/var/spool/postfix','postfix');
+
+ $mlang=strtolower($report['language']);
+ $mfiles[]="/usr/local/etc/MailScanner/virus.scanners.conf";
+ $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/inline.spam.warning.txt";
+ $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/languages.conf";
+
+ foreach ($mfiles as $mfile)
+ if (! file_exists ($mfile))
+ copy($mfile.".sample",$mfile);
+
+ #update spam.assassin.prefs.conf
+ $sa_temp=ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['sa_pref_file']);
+ $pattern[0]='/#ifplugin/';
+ $pattern[1]='/#pyzor_path/';
+ $pattern[2]='/usr.bin.pyzor/';
+ $pattern[3]='/#dcc_path/';
+ $pattern[4]='/#endif/';
+ $replacement[0]="ifplugin";
+ $replacement[1]="pyzor_path";
+ $replacement[2]="usr/local/bin/pyzor";
+ $replacement[3]="dcc_path";
+ $replacement[4]="endif";
+ if (preg_match('/use_razor/',$antispam['safeatures'])){
+ $pattern[5]='/\nuse_razor2\s+0/';
+ $replacement[5]="\n".'# use_razor2 0';
+ }
+ else{
+ $pattern[5]='/\n#\s+use_razor2\s+0/';
+ $replacement[5]="\n".'use_razor2 0';
+ }
+ if (preg_match('/use_dcc/',$antispam['safeatures'])){
+ $pattern[6]='/\nuse_dcc\s+0/';
+ $replacement[6]="\n".'# use_dcc 0';
+ }
+ else{
+ $pattern[6]='/\n#\s+use_dcc\s+0/';
+ $replacement[6]="\n".'use_dcc 0';
+ }
+ if (preg_match('/use_pyzor/',$antispam['safeatures'])){
+ $pattern[7]='/\nuse_pyzor\s+0/';
+ $replacement[7]="\n".'# use_pyzor 0';
+ }
+ else{
+ $pattern[7]='/\n#\s+use_pyzor\s+0/';
+ $replacement[7]="\n".'# use_pyzor 0';
+ }
+ if (preg_match('/use_auto_learn_bayes/',$antispam['safeatures'])){
+ $pattern[8]='/\nbayes_auto_learn\s+0/';
+ $replacement[8]="\n".'# bayes_auto_learn 0';
+ }
+ else{
+ $pattern[8]='/\n#\s+bayes_auto_learn\s+0/';
+ $replacement[8]="\n".'bayes_auto_learn 0';
+ }
+ if (preg_match('/use_bayes/',$antispam['safeatures'])){
+ $pattern[9]='/\nuse_bayes\s+0/';
+ $replacement[9]="\n".'# use_bayes 0';
+ }
+ else{
+ $pattern[9]='/\n#\s+use_bayes\s+0/';
+ $replacement[9]="\n".'use_bayes 0';
+ }
+ if (preg_match('/sa_auto_whitelist/',$antispam['safeatures'])){
+ $pattern[10]='/\nuse_auto_whitelist\s+0/';
+ $replacement[10]="\n".'# use_auto_whitelist 0';
+ }
+ else{
+ $pattern[10]='/\n#\s*use_auto_whitelist 0/';
+ $replacement[10]="\n".'use_auto_whitelist 0';
+ }
+ if ($antispam['rblchecks']){
+ $pattern[11]='/\nskip_rbl_checks\s+1/';
+ $replacement[11]="\n".'# skip_rbl_checks 1';
+ }
+ else{
+ $pattern[11]='/\n#\s+skip_rbl_checks\s+\d/';
+ $replacement[11]="\n".'skip_rbl_checks 1';
+ }
+ $pattern[12]='/bayes_ignore_header ([a-zA-Z0-9_.-]+)MailScanner/';
+ $replacement[12]="bayes_ignore_header ".($mailscanner['orgname']!=""?$mailscanner['orgname']:"pfsense")."-MailScanner";
+ $pattern[13]='/envelope_sender_header X([a-zA-Z0-9_.-]+)MailScanner-From/';
+ $replacement[13]="envelope_sender_header X-".($mailscanner['orgname']!=""?$mailscanner['orgname']:"pfsense")."-MailScanner-From";
+
+
+ $sa_temp=preg_replace($pattern,$replacement,$sa_temp);
+ #rint "pre".$sa_temp;exit;
+ $config['installedpackages']['msantispam']['config'][0]['sa_pref_file']=base64_encode($sa_temp);
+ write_config();
+
file_put_contents($mailscanner_dir."/MailScanner.conf", $mc, LOCK_EX);
file_put_contents($mailscanner_dir."/filename.rules.conf",ms_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filename_rules']),LOCK_EX);
file_put_contents($mailscanner_dir."/filetype.rules.conf",ms_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filetype_rules']),LOCK_EX);
@@ -803,7 +902,7 @@ EOF;
file_put_contents($mailscanner_dir."/phishing.safe.sites.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['phishing_safe']),LOCK_EX);
file_put_contents($mailscanner_dir."/phishing.bad.sites.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['phishing_bad']),LOCK_EX);
file_put_contents($mailscanner_dir."/country.domains.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['country_domains']),LOCK_EX);
- file_put_contents($mailscanner_dir.'/spam.assassin.prefs.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['sa_pref_file']),LOCK_EX);
+ file_put_contents($mailscanner_dir.'/spam.assassin.prefs.conf',$sa_temp,LOCK_EX);
file_put_contents($mailscanner_dir.'/spam.lists.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['rbl_file']),LOCK_EX);
file_put_contents($mailscanner_dir.'/mcp/mcp.spam.assassin.prefs.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['mcp_pref_file']),LOCK_EX);
file_put_contents($mailscanner_dir.'/rules/bounce.rules',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['bounce']),LOCK_EX);
@@ -839,6 +938,22 @@ EOF;
unlink_if_exists($libexec_dir.'clamav-wrapper');
}
else{
+ chown('/var/run/clamav/', 'postfix');
+ chown('/var/log/clamav/', 'postfix');
+ chown('/var/db/clamav/', 'postfix');
+ if (file_exists('/var/db/clamav/bytecode.cld'))
+ chown('/var/db/clamav/bytecode.cld', 'postfix');
+ if (file_exists('/var/db/clamav/daily.cld'))
+ chown('/var/db/clamav/daily.cld', 'postfix');
+ if (file_exists('/var/db/clamav/main.cvd'))
+ chown('/var/db/clamav/main.cvd', 'postfix');
+ if (file_exists('/var/db/clamav/mirrors.dat'))
+ chown('/var/db/clamav/mirrors.dat', 'postfix');
+ if (file_exists('/var/log/clamav/clamd.log'))
+ chown('/var/log/clamav/clamd.log', 'postfix');
+ if (file_exists('/var/log/clamav/freshclam.log'))
+ chown('/var/log/clamav/freshclam.log', 'postfix');
+
copy($libexec_dir.'clamav-autoupdate.sample',$libexec_dir.'clamav-autoupdate');
chmod ($libexec_dir.'clamav-autoupdate',0755);
copy($libexec_dir.'clamav-wrapper.sample',$libexec_dir.'clamav-wrapper');
@@ -847,6 +962,39 @@ EOF;
log_error('No clamav database found, running freshclam in background.');
mwexec_bg('/usr/local/bin/freshclam');
}
+ #clamav-wrapper file
+ $cconf=$libexec_dir."clamav-wrapper";
+ $cconf_file=file_get_contents($cconf);
+ if (preg_match('/"clamav"/',$cconf_file)){
+ $cconf_file=preg_replace('/"clamav"/','"postfix"',$cconf_file);
+ file_put_contents($cconf, $cconf_file, LOCK_EX);
+ }
+
+ #freshclam conf file
+ $cconf="/usr/local/etc/freshclam.conf";
+ $cconf_file=file_get_contents($cconf);
+ if (preg_match('/DatabaseOwner clamav/',$cconf_file)){
+ $cconf_file=preg_replace("/DatabaseOwner clamav/","DatabaseOwner postfix",$cconf_file);
+ file_put_contents($cconf, $cconf_file, LOCK_EX);
+ }
+
+ #clamd conf file
+ $cconf="/usr/local/etc/clamd.conf";
+ $cconf_file=file_get_contents($cconf);
+ if (preg_match('/User clamav/',$cconf_file)){
+ $cconf_file=preg_replace("/User clamav/","User postfix",$cconf_file);
+ file_put_contents($cconf, $cconf_file, LOCK_EX);
+ }
+ #clamd script file
+ $script='/usr/local/etc/rc.d/clamav-clamd';
+ $script_file=file_get_contents($script);
+ if (preg_match('/NO/',$script_file)){
+ $script_file=preg_replace("/NO/","YES",$script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ chmod ($script,0755);
+ }
+ mwexec_bg("$script fastrestart");
+
}
}
else{
@@ -854,7 +1002,39 @@ EOF;
unlink_if_exists($libexec_dir.'clamav-wrapper');
}
+ #check dcc startup script
+ $script='/usr/local/etc/rc.d/dccifd';
+ $script_file=file_get_contents($script);
+ if (preg_match('/NO/',$script_file)){
+ $script_file=preg_replace("/NO/","YES",$script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ chmod ($script,0755);
+ }
+ mwexec_bg("$script fastrestart");
+ #check dcc config file
+ $script='/usr/local/dcc/dcc_conf';
+ $script_file=file_get_contents($script);
+ if (preg_match('/DCCIFD_ENABLE=off/',$script_file)){
+ $script_file=preg_replace("/DCCIFD_ENABLE=off/","DCCIFD_ENABLE=on",$script_file);
+ file_put_contents($script, $script_file, LOCK_EX);
+ }
+
$script='/usr/local/etc/rc.d/mailscanner';
+
+ #fix MIME::ToolUtils deprecated function and usecure dependency calls in /usr/local/sbin/mailscanner
+ $cconf="/usr/local/sbin/mailscanner";
+ $cconf_file=file_get_contents($cconf);
+ $pattern2[0]='/perl\W+I/';
+ $pattern2[1]='/\smy .current = config MIME::ToolUtils/';
+ $replacement2[0]='perl -U -I';
+ $replacement2[1]=' #my $current = config MIME::ToolUtils';
+ if (preg_match('/perl\W+I/',$cconf_file)){
+ $cconf_file=preg_replace($pattern2,$replacement2,$cconf_file);
+ file_put_contents($cconf, $cconf_file, LOCK_EX);
+ #force old process stop
+ mwexec("$script stop");
+ }
+
$script_file=file_get_contents($script);
if (preg_match('/NO/',$script_file)){
$script_file=preg_replace("/NO/","YES",$script_file);
@@ -871,6 +1051,20 @@ EOF;
chmod ($script,0444);
}
conf_mount_ro();
+ $synconchanges = $config['installedpackages']['mailscannersync']['config'][0]['synconchanges'];
+ if(!$synconchanges && !$syncondbchanges)
+ return;
+ log_error("[mailscanner] mailscanner_xmlrpc_sync.php is starting.");
+ foreach ($config['installedpackages']['mailscannersync']['config'] as $rs ){
+ foreach($rs['row'] as $sh){
+ $sync_to_ip = $sh['ipaddress'];
+ $password = $sh['password'];
+ $sync_type = $sh['sync_type'];
+ if($password && $sync_to_ip)
+ mailscanner_do_xmlrpc_sync($sync_to_ip, $password,$sync_type);
+ }
+ }
+ log_error("[postfix] postfix_xmlrpc_sync.php is ending.");
}
@@ -902,4 +1096,104 @@ function mailscanner_php_deinstall_command() {
conf_mount_ro();
}
+function mailscanner_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) {
+ global $config, $g;
+
+ if(!$password)
+ return;
+
+ if(!$sync_to_ip)
+ return;
+
+ $xmlrpc_sync_neighbor = $sync_to_ip;
+ if($config['system']['webgui']['protocol'] != "") {
+ $synchronizetoip = $config['system']['webgui']['protocol'];
+ $synchronizetoip .= "://";
+ }
+ $port = $config['system']['webgui']['port'];
+ /* if port is empty lets rely on the protocol selection */
+ if($port == "") {
+ if($config['system']['webgui']['protocol'] == "http")
+ $port = "80";
+ else
+ $port = "443";
+ }
+ $synchronizetoip .= $sync_to_ip;
+
+ /* xml will hold the sections to sync */
+ $xml = array();
+ $sync_xml=$config['installedpackages']['mailscannersync']['config'][0]['synconchanges'];
+ if ($sync_xml){
+ log_error("Include mailscanner config");
+ $xml['mailscanner'] = $config['installedpackages']['mailscanner'];
+ $xml['msreport'] = $config['installedpackages']['msreport'];
+ $xml['mscontent'] = $config['installedpackages']['mscontent'];
+ $xml['msantivirus'] = $config['installedpackages']['msantivirus'];
+ $xml['msantispam'] = $config['installedpackages']['msantispam'];
+ $xml['msalerts'] = $config['installedpackages']['msalerts'];
+ }
+ if (count($xml) > 0){
+ /* assemble xmlrpc payload */
+ $params = array(
+ XML_RPC_encode($password),
+ XML_RPC_encode($xml)
+ );
+
+ /* set a few variables needed for sync code borrowed from filter.inc */
+ $url = $synchronizetoip;
+ log_error("Beginning mailscanner XMLRPC sync to {$url}:{$port}.");
+ $method = 'pfsense.merge_installedpackages_section_xmlrpc';
+ $msg = new XML_RPC_Message($method, $params);
+ $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
+ $cli->setCredentials('admin', $password);
+ if($g['debug'])
+ $cli->setDebug(1);
+ /* send our XMLRPC message and timeout after 250 seconds */
+ $resp = $cli->send($msg, "250");
+ if(!$resp) {
+ $error = "A communications error occurred while attempting mailscanner XMLRPC sync with {$url}:{$port}.";
+ log_error($error);
+ file_notice("sync_settings", $error, "Mailscanner Settings Sync", "");
+ } elseif($resp->faultCode()) {
+ $cli->setDebug(1);
+ $resp = $cli->send($msg, "250");
+ $error = "An error code was received while attempting mailscanner XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+ log_error($error);
+ file_notice("sync_settings", $error, "mailscanner Settings Sync", "");
+ } else {
+ log_error("mailscanner XMLRPC sync successfully completed with {$url}:{$port}.");
+ }
+
+ /* tell postfix to reload our settings on the destionation sync host. */
+ $method = 'pfsense.exec_php';
+ $execcmd = "require_once('/usr/local/pkg/mailscanner.inc');\n";
+ $execcmd .= "sync_package_mailscanner();";
+
+ /* assemble xmlrpc payload */
+ $params = array(
+ XML_RPC_encode($password),
+ XML_RPC_encode($execcmd)
+ );
+
+ log_error("mailscanner XMLRPC reload data {$url}:{$port}.");
+ $msg = new XML_RPC_Message($method, $params);
+ $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port);
+ $cli->setCredentials('admin', $password);
+ $resp = $cli->send($msg, "250");
+ if(!$resp) {
+ $error = "A communications error occurred while attempting mailscanner XMLRPC sync with {$url}:{$port} (pfsense.exec_php).";
+ log_error($error);
+ file_notice("sync_settings", $error, "mailscanner Settings Sync", "");
+ } elseif($resp->faultCode()) {
+ $cli->setDebug(1);
+ $resp = $cli->send($msg, "250");
+ $error = "An error code was received while attempting mailscanner XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString();
+ log_error($error);
+ file_notice("sync_settings", $error, "mailscanner Settings Sync", "");
+ } else {
+ log_error("mailscanner XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php).");
+ }
+ }
+}
+
?> \ No newline at end of file
diff --git a/config/mailscanner/mailscanner.xml b/config/mailscanner/mailscanner.xml
index 71bb06f3..95cf7f79 100644
--- a/config/mailscanner/mailscanner.xml
+++ b/config/mailscanner/mailscanner.xml
@@ -143,7 +143,7 @@
<url>/pkg_edit.php?xml=mailscanner_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
+ <text>Help</text>
<url>/mailscanner_about.php</url>
</tab>
</tabs>
diff --git a/config/mailscanner/mailscanner_about.php b/config/mailscanner/mailscanner_about.php
index db499a4d..bea516f9 100755
--- a/config/mailscanner/mailscanner_about.php
+++ b/config/mailscanner/mailscanner_about.php
@@ -60,7 +60,7 @@ include("head.inc");
$tab_array[] = array(gettext("Alerts"), false, "/pkg_edit.php?xml=mailscanner_alerts.xml&id=0");
$tab_array[] = array(gettext("Reporting"), false, "/pkg_edit.php?xml=mailscanner_report.xml&id=0");
$tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=mailscanner_sync.xml&id=0");
- $tab_array[] = array(gettext("About"), true, "/mailscanner_about.php");
+ $tab_array[] = array(gettext("Help"), true, "/mailscanner_about.php");
display_top_tabs($tab_array);
?>
</td></tr>
@@ -71,6 +71,17 @@ include("head.inc");
<table class="tabcont" width="100%" border="0" cellpadding="8" cellspacing="0">
<tr><td></td></tr>
<tr>
+ <td colspan="2" valign="top" class="listtopic"><?=gettext("Help docs"); ?></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("FAQ ");?></td>
+ <td width="78%" class="vtable"><?=gettext("<a target=_new href='http://www.mailscanner.info/wiki/doku.php?id=maq:index'>Most Asked Questions</a><br><br>");?>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("Performance ");?></td>
+ <td width="78%" class="vtable"><?=gettext("<a target=_new href='http://wiki.apache.org/spamassassin/FasterPerformance'>How do I get SpamAssassin to run faster?</a><br><br>");?></td>
+ </tr>
+ <tr>
<td colspan="2" valign="top" class="listtopic"><?=gettext("About Mailscanner package"); ?></td>
</tr>
<tr>
diff --git a/config/mailscanner/mailscanner_alerts.xml b/config/mailscanner/mailscanner_alerts.xml
index 5704f3ff..9d80bae6 100644
--- a/config/mailscanner/mailscanner_alerts.xml
+++ b/config/mailscanner/mailscanner_alerts.xml
@@ -80,7 +80,7 @@
<url>/pkg_edit.php?xml=mailscanner_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
+ <text>Help</text>
<url>/mailscanner_about.php</url>
</tab>
diff --git a/config/mailscanner/mailscanner_antispam.xml b/config/mailscanner/mailscanner_antispam.xml
index 5ce3f015..652935f5 100644
--- a/config/mailscanner/mailscanner_antispam.xml
+++ b/config/mailscanner/mailscanner_antispam.xml
@@ -80,7 +80,7 @@
<url>/pkg_edit.php?xml=mailscanner_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
+ <text>Help</text>
<url>/mailscanner_about.php</url>
</tab>
@@ -89,16 +89,16 @@
<fields>
<field>
- <name>RBL Checks</name>
+ <name>Spam Checks</name>
<type>listtopic</type>
</field>
<field>
<fielddescr>Features</fielddescr>
<fieldname>rblfeatures</fieldname>
<description>
- <![CDATA[Select RBL features to enable. Mailscanner default options are in (&nbsp;).<br>
- <strong>Note: RBL checks are recommended in postfix postscreen daemon.<br>
- It's not recommended to run it twice.</strong>]]>
+ <![CDATA[Select spam check features to enable.<br>
+ If you unselect <strong>Spam Checks</strong> then *no* spam checks will be done at all.<br>
+ This includes both MailScanner's own checks and SpamAssassin.]]>
</description>
<type>select</type>
<options>
@@ -109,6 +109,17 @@
<size>04</size>
<multiple/>
</field>
+ <field>
+ <fielddescr>Rbl checks</fielddescr>
+ <fieldname>rblchecks</fieldname>
+ <description>
+ <![CDATA[Enable Rbl ckecks on Mailscanner.<br>
+ Rbl ckecks are included in postscreen daemon.<br>
+ For better performance, configure it in postscreen.<br>
+ <strong>It's not recommended to run it twice.</strong>]]>
+ </description>
+ <type>checkbox</type>
+ </field>
<field>
<fielddescr>Spam Lists do be spam</fielddescr>
<fieldname>spam_lists</fieldname>
@@ -142,7 +153,12 @@
<fielddescr>Features</fielddescr>
<fieldname>safeatures</fieldname>
<description>
- <![CDATA[Select Spamassassin features to enable. Mailscanner default options are in (&nbsp;).]]>
+ <![CDATA[Select Spamassassin features to enable. Mailscanner default options are in (&nbsp;).<br>
+ <strong>Bayes</strong> needs a lot o CPU to work properly<br>
+ <strong>Razor2</strong> needs access to tcp ports 2703 and 7 (outgoing)<br>
+ <strong>Pyzor</strong> needs access to udp port 24441 (outgoing)<br>
+ <strong>DCC</strong> needs access to udp port 6277 (outgoing)<br>
+ <strong>DNS</strong> access is mandatory for all<br>]]>
</description>
<type>select</type>
<options>
@@ -153,8 +169,13 @@
<option><name>Spam Score (yes)</name><value>spam_score</value></option>
<option><name>Cache SpamAssassin Results (yes)</name><value>cache_spamassassin_results</value></option>
<option><name>Wait During Bayes Rebuild (no)</name><value>wait_during_bayes_rebuild</value></option>
+ <option><name>Use Pyzor plugin (yes)</name><value>use_pyzor</value></option>
+ <option><name>Use Razor plugin (yes)</name><value>use_razor</value></option>
+ <option><name>Use DCC plugin (yes)</name><value>use_dcc</value></option>
+ <option><name>Use Bayes (yes)</name><value>use_bayes</value></option>
+ <option><name>Use Bayes Auto Learn (yes)</name><value>use_auto_learn_bayes</value></option>
</options>
- <size>08</size>
+ <size>13</size>
<multiple/>
</field>
<field>
diff --git a/config/mailscanner/mailscanner_antivirus.xml b/config/mailscanner/mailscanner_antivirus.xml
index 7d3d1d7c..a6b94c0b 100644
--- a/config/mailscanner/mailscanner_antivirus.xml
+++ b/config/mailscanner/mailscanner_antivirus.xml
@@ -80,7 +80,7 @@
<url>/pkg_edit.php?xml=mailscanner_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
+ <text>Help</text>
<url>/mailscanner_about.php</url>
</tab>
</tabs>
@@ -115,6 +115,7 @@
<options>
<option><name>auto</name><value>auto</value></option>
<option><name>clamav</name><value>clamav</value></option>
+ <option><name>clamd</name><value>clamd</value></option>
<option><name>none</name><value>none</value></option>
</options>
<description><![CDATA[Do you want to scan email for viruses?]]>
diff --git a/config/mailscanner/mailscanner_attachments.xml b/config/mailscanner/mailscanner_attachments.xml
index 31bf98f4..1b031466 100644
--- a/config/mailscanner/mailscanner_attachments.xml
+++ b/config/mailscanner/mailscanner_attachments.xml
@@ -80,7 +80,7 @@
<url>/pkg_edit.php?xml=mailscanner_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
+ <text>Help</text>
<url>/mailscanner_about.php</url>
</tab>
</tabs>
diff --git a/config/mailscanner/mailscanner_content.xml b/config/mailscanner/mailscanner_content.xml
index d36bf8b3..ca79b07f 100644
--- a/config/mailscanner/mailscanner_content.xml
+++ b/config/mailscanner/mailscanner_content.xml
@@ -80,7 +80,7 @@
<url>/pkg_edit.php?xml=mailscanner_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
+ <text>Help</text>
<url>/mailscanner_about.php</url>
</tab>
</tabs>
diff --git a/config/mailscanner/mailscanner_report.xml b/config/mailscanner/mailscanner_report.xml
index 65f182fc..60e7385c 100644
--- a/config/mailscanner/mailscanner_report.xml
+++ b/config/mailscanner/mailscanner_report.xml
@@ -80,7 +80,7 @@
<url>/pkg_edit.php?xml=mailscanner_sync.xml&amp;id=0</url>
</tab>
<tab>
- <text>About</text>
+ <text>Help</text>
<url>/mailscanner_about.php</url>
</tab>
</tabs>
diff --git a/config/mailscanner/mailscanner_sync.xml b/config/mailscanner/mailscanner_sync.xml
index 8dc51e42..da31e853 100644
--- a/config/mailscanner/mailscanner_sync.xml
+++ b/config/mailscanner/mailscanner_sync.xml
@@ -41,7 +41,7 @@
<description>Describe your package here</description>
<requirements>Describe your package requirements here</requirements>
<faq>Currently there are no FAQ items provided.</faq>
- <name>mailscanner_sync</name>
+ <name>mailscannersync</name>
<version>1.0</version>
<title>Services: MailScanner</title>
<include_file>/usr/local/pkg/mailscanner.inc</include_file>
@@ -80,7 +80,7 @@
<active/>
</tab>
<tab>
- <text>About</text>
+ <text>Help</text>
<url>/mailscanner_about.php</url>
</tab>
</tabs>
diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc
index 5a802054..182f9d00 100644
--- a/config/postfix/postfix.inc
+++ b/config/postfix/postfix.inc
@@ -351,8 +351,13 @@ EOF;
#Header Maps
if ($config['installedpackages']['postfixacl']['config'][0]['header_maps']){
$postfix_main .= "header_checks = pcre:/usr/local/etc/postfix/header_check\n";
+ $postfix_main .= "header_size_limit = 1024000\n";
$header_check = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['header_maps']);
}
+ #Sender access
+ if ($config['installedpackages']['postfixacl']['config'][0]['sender_access']){
+ $sender_access = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['sender_access']);
+ }
#MIME Maps
if ($config['installedpackages']['postfixacl']['config'][0]['mime_maps']){
$postfix_main .= "mime_header_checks = pcre:/usr/local/etc/postfix/mime_check\n";
@@ -454,6 +459,7 @@ smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination,
reject_unauth_pipelining,
reject_multi_recipient_bounce,
+ check_sender_access hash:/usr/local/etc/postfix/sender_access,
SPFSPFSPFRBLRBLRBL
EOF;
@@ -637,13 +643,14 @@ MASTEREOF2;
file_put_contents("/usr/local/etc/postfix/main.cf", $postfix_main, LOCK_EX);
file_put_contents("/usr/local/etc/postfix/master.cf", $postfix_master, LOCK_EX);
file_put_contents("/usr/local/etc/postfix/transport", $transport, LOCK_EX);
+ file_put_contents("/usr/local/etc/postfix/sender_access", $sender_access, LOCK_EX);
file_put_contents("/usr/local/etc/postfix/cal_cidr", $cal_cidr, LOCK_EX);
file_put_contents("/usr/local/etc/postfix/cal_pcre", $cal_pcre, LOCK_EX);
file_put_contents("/usr/local/etc/postfix/header_check", $header_check, LOCK_EX);
file_put_contents("/usr/local/etc/postfix/mime_check", $mime_check, LOCK_EX);
file_put_contents("/usr/local/etc/postfix/body_check", $body_check, LOCK_EX);
file_put_contents("/usr/local/etc/postfix/mynetwork_table", $mynetworks, LOCK_EX);
- $FILES=array("transport");
+ $FILES=array("transport","sender_access");
foreach ($FILES as $file)
{
mwexec("/usr/local/sbin/postmap /usr/local/etc/postfix/".$file);
diff --git a/config/postfix/postfix_acl.xml b/config/postfix/postfix_acl.xml
index 9837bf0a..2a2b4633 100644
--- a/config/postfix/postfix_acl.xml
+++ b/config/postfix/postfix_acl.xml
@@ -115,6 +115,23 @@
<encoding>base64</encoding>
</field>
<field>
+ <fielddescr>Sender</fielddescr>
+ <fieldname>sender_access</fieldname>
+ <description><![CDATA[<strong>HASH filters</strong> that implements whitelisting and blacklisting of full or partial email addresses and domains as specified in the MAIL FROM field :<br>
+ myfriend@example.com OK<br>
+ junk@spam.com REJECT<br>
+ marketing@ REJECT<br>
+ theboss@ OK<br>
+ deals.marketing.com REJECT<br>
+ somedomain.com OK<br>
+ See http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions for more help]]>
+ </description>
+ <type>textarea</type>
+ <cols>83</cols>
+ <rows>15</rows>
+ <encoding>base64</encoding>
+ </field>
+ <field>
<fielddescr>MIME</fielddescr>
<fieldname>mime_maps</fieldname>
<description><![CDATA[<strong>PCRE filters</strong><a href=http://www.postfix.org/pcre_table.5.html> that are applied to MIME related message headers only.</a> Hint:<br>