From dc7396faf3a2cfe947413959cc67c1f4fb30e8fb Mon Sep 17 00:00:00 2001 From: Marcello Coutinho Date: Fri, 16 Dec 2011 19:26:02 -0200 Subject: mailscanner - version 0.2 with many improvements and sync gui postfix - package version 2.3.2 with sender acl --- config/mailscanner/mailscanner.inc | 320 ++++++++++++++++++++++++- config/mailscanner/mailscanner.xml | 2 +- config/mailscanner/mailscanner_about.php | 13 +- config/mailscanner/mailscanner_alerts.xml | 2 +- config/mailscanner/mailscanner_antispam.xml | 35 ++- config/mailscanner/mailscanner_antivirus.xml | 3 +- config/mailscanner/mailscanner_attachments.xml | 2 +- config/mailscanner/mailscanner_content.xml | 2 +- config/mailscanner/mailscanner_report.xml | 2 +- config/mailscanner/mailscanner_sync.xml | 4 +- config/postfix/postfix.inc | 9 +- config/postfix/postfix_acl.xml | 17 ++ 12 files changed, 381 insertions(+), 30 deletions(-) (limited to 'config') diff --git a/config/mailscanner/mailscanner.inc b/config/mailscanner/mailscanner.inc index fd7b6d16..82ce84e7 100644 --- a/config/mailscanner/mailscanner.inc +++ b/config/mailscanner/mailscanner.inc @@ -181,7 +181,7 @@ function sync_package_mailscanner() { $mcp_action=($antispam['mcp_action']?preg_replace("/,/"," ",$antispam['mcp_action']):"deliver"); $mcp_hi_action=($antispam['mcp_hi_action']?preg_replace("/,/"," ",$antispam['mcp_hi_action']):"delete"); $mcp_max=($antispam['mcp_max']?$antispam['mcp_max']:"200k"); - + /* Language Strings = %report-dir%/languages.conf */ @@ -328,6 +328,7 @@ Run As Group = postfix Queue Scan Interval = 6 Incoming Queue Dir = /var/spool/postfix/hold Outgoing Queue Dir = /var/spool/postfix/incoming +Incoming Work Dir = /var/spool/MailScanner/incoming Quarantine Dir = /var/spool/MailScanner/quarantine PID file = /var/run/MailScanner.pid Restart Every = 14400 @@ -361,7 +362,7 @@ Max Unsafe Messages Per Scan = 30 Max Normal Queue Size = 800 Scan Messages = {$scan_messages} Reject Message = {$reject_message} -Maximum Processing Attempts = 6 +Maximum Processing Attempts = 10 Processing Attempts Database = /var/spool/MailScanner/incoming/Processing.db Maximum Attachments Per Message = 200 Expand TNEF = {$expand_tnef} @@ -411,6 +412,21 @@ Block Encrypted Messages = {$block_encrypted} Block Unencrypted Messages = {$block_unencrypted} Allow Password-Protected Archives = {$allow_password} Check Filenames In Password-Protected Archives = {$check_filenames} +Monitors for ClamAV Updates = /var/db/clamav/*.cvd +ClamAVmodule Maximum Recursion Level = 8 +ClamAVmodule Maximum Files = 1000 +ClamAVmodule Maximum File Size = 10000000 # (10 Mbytes) +ClamAVmodule Maximum Compression Ratio = 25 +Allowed Sophos Error Messages = +Sophos IDE Dir = /opt/sophos-av/lib/sav +Sophos Lib Dir = /opt/sophos-av/lib +Monitors For Sophos Updates = /opt/sophos-av/lib/sav/*.ide +Clamd Port = 3310 +Clamd Socket = /var/run/clamav/clamd.sock +Clamd Lock File = # /var/lock/subsys/clamd +Clamd Use Threads = no +ClamAV Full Message Scan = yes +Fpscand Port = 10200 {$custom_antivirus_options} # @@ -459,6 +475,7 @@ Archives: Allow File MIME Types = Archives: Deny Filetypes = Archives: Deny File MIME Types = Archives: Filetype Rules = %etc-dir%/archives.filetype.rules.conf +Default Rename Pattern = __FILENAME__.disarmed # # Reports and Responses @@ -555,6 +572,7 @@ Virus Subject Text = [Virus?] Filename Modify Subject = start Filename Subject Text = [Filename?] Content Modify Subject = start +Content Subject Text = [Dangerous Content?] Size Modify Subject = start Size Subject Text = [Size] Disarmed Modify Subject = start @@ -678,7 +696,7 @@ Sender SpamAssassin Report = %report-dir%/sender.spam.sa.report.txt Inline Spam Warning = %report-dir%/inline.spam.warning.txt Recipient Spam Report = %report-dir%/recipient.spam.report.txt Enable Spam Bounce = %rules-dir%/bounce.rules - +Bounce Spam As Attachment = no # # Logging # ------- @@ -754,7 +772,7 @@ Sender MCP Report = %report-dir%/sender.mcp.report.txt Use Default Rules With Multiple Recipients = {$default_rule_multiple} Read IP Address From Received Header = {$read_ipaddress} Spam Score Number Format = {$spam_score_format} -MailScanner Version Number = 4.79.11 +MailScanner Version Number = 4.83.5 SpamAssassin Cache Timings = {$cache_timings} Debug = {$debug} Debug SpamAssassin = {$debug_spam} @@ -777,14 +795,6 @@ include /usr/local/etc/MailScanner/conf.d/* EOF; #write files conf_mount_rw(); - $mlang=strtolower($report['language']); - $mfiles[]="/usr/local/etc/MailScanner/virus.scanners.conf"; - $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/inline.spam.warning.txt"; - $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/languages.conf"; - - foreach ($mfiles as $mfile) - if (! file_exists ($mfile)) - copy($mfile.".sample",$mfile); if (!is_dir("/var/spool/MailScanner/incoming")){ mkdir("/var/spool/MailScanner/incoming", 0755,true); chown ('/var/spool/MailScanner/incoming','postfix'); @@ -794,7 +804,96 @@ EOF; chown ('/var/spool/MailScanner/quarantine','postfix'); } chown ('/var/spool/postfix','postfix'); + + $mlang=strtolower($report['language']); + $mfiles[]="/usr/local/etc/MailScanner/virus.scanners.conf"; + $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/inline.spam.warning.txt"; + $mfiles[]="/usr/local/share/MailScanner/reports/{$mlang}/languages.conf"; + + foreach ($mfiles as $mfile) + if (! file_exists ($mfile)) + copy($mfile.".sample",$mfile); + + #update spam.assassin.prefs.conf + $sa_temp=ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['sa_pref_file']); + $pattern[0]='/#ifplugin/'; + $pattern[1]='/#pyzor_path/'; + $pattern[2]='/usr.bin.pyzor/'; + $pattern[3]='/#dcc_path/'; + $pattern[4]='/#endif/'; + $replacement[0]="ifplugin"; + $replacement[1]="pyzor_path"; + $replacement[2]="usr/local/bin/pyzor"; + $replacement[3]="dcc_path"; + $replacement[4]="endif"; + if (preg_match('/use_razor/',$antispam['safeatures'])){ + $pattern[5]='/\nuse_razor2\s+0/'; + $replacement[5]="\n".'# use_razor2 0'; + } + else{ + $pattern[5]='/\n#\s+use_razor2\s+0/'; + $replacement[5]="\n".'use_razor2 0'; + } + if (preg_match('/use_dcc/',$antispam['safeatures'])){ + $pattern[6]='/\nuse_dcc\s+0/'; + $replacement[6]="\n".'# use_dcc 0'; + } + else{ + $pattern[6]='/\n#\s+use_dcc\s+0/'; + $replacement[6]="\n".'use_dcc 0'; + } + if (preg_match('/use_pyzor/',$antispam['safeatures'])){ + $pattern[7]='/\nuse_pyzor\s+0/'; + $replacement[7]="\n".'# use_pyzor 0'; + } + else{ + $pattern[7]='/\n#\s+use_pyzor\s+0/'; + $replacement[7]="\n".'# use_pyzor 0'; + } + if (preg_match('/use_auto_learn_bayes/',$antispam['safeatures'])){ + $pattern[8]='/\nbayes_auto_learn\s+0/'; + $replacement[8]="\n".'# bayes_auto_learn 0'; + } + else{ + $pattern[8]='/\n#\s+bayes_auto_learn\s+0/'; + $replacement[8]="\n".'bayes_auto_learn 0'; + } + if (preg_match('/use_bayes/',$antispam['safeatures'])){ + $pattern[9]='/\nuse_bayes\s+0/'; + $replacement[9]="\n".'# use_bayes 0'; + } + else{ + $pattern[9]='/\n#\s+use_bayes\s+0/'; + $replacement[9]="\n".'use_bayes 0'; + } + if (preg_match('/sa_auto_whitelist/',$antispam['safeatures'])){ + $pattern[10]='/\nuse_auto_whitelist\s+0/'; + $replacement[10]="\n".'# use_auto_whitelist 0'; + } + else{ + $pattern[10]='/\n#\s*use_auto_whitelist 0/'; + $replacement[10]="\n".'use_auto_whitelist 0'; + } + if ($antispam['rblchecks']){ + $pattern[11]='/\nskip_rbl_checks\s+1/'; + $replacement[11]="\n".'# skip_rbl_checks 1'; + } + else{ + $pattern[11]='/\n#\s+skip_rbl_checks\s+\d/'; + $replacement[11]="\n".'skip_rbl_checks 1'; + } + $pattern[12]='/bayes_ignore_header ([a-zA-Z0-9_.-]+)MailScanner/'; + $replacement[12]="bayes_ignore_header ".($mailscanner['orgname']!=""?$mailscanner['orgname']:"pfsense")."-MailScanner"; + $pattern[13]='/envelope_sender_header X([a-zA-Z0-9_.-]+)MailScanner-From/'; + $replacement[13]="envelope_sender_header X-".($mailscanner['orgname']!=""?$mailscanner['orgname']:"pfsense")."-MailScanner-From"; + + + $sa_temp=preg_replace($pattern,$replacement,$sa_temp); + #rint "pre".$sa_temp;exit; + $config['installedpackages']['msantispam']['config'][0]['sa_pref_file']=base64_encode($sa_temp); + write_config(); + file_put_contents($mailscanner_dir."/MailScanner.conf", $mc, LOCK_EX); file_put_contents($mailscanner_dir."/filename.rules.conf",ms_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filename_rules']),LOCK_EX); file_put_contents($mailscanner_dir."/filetype.rules.conf",ms_text_area_decode($config['installedpackages']['msattachments']['config'][0]['filetype_rules']),LOCK_EX); @@ -803,7 +902,7 @@ EOF; file_put_contents($mailscanner_dir."/phishing.safe.sites.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['phishing_safe']),LOCK_EX); file_put_contents($mailscanner_dir."/phishing.bad.sites.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['phishing_bad']),LOCK_EX); file_put_contents($mailscanner_dir."/country.domains.conf",ms_text_area_decode($config['installedpackages']['mscontent']['config'][0]['country_domains']),LOCK_EX); - file_put_contents($mailscanner_dir.'/spam.assassin.prefs.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['sa_pref_file']),LOCK_EX); + file_put_contents($mailscanner_dir.'/spam.assassin.prefs.conf',$sa_temp,LOCK_EX); file_put_contents($mailscanner_dir.'/spam.lists.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['rbl_file']),LOCK_EX); file_put_contents($mailscanner_dir.'/mcp/mcp.spam.assassin.prefs.conf',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['mcp_pref_file']),LOCK_EX); file_put_contents($mailscanner_dir.'/rules/bounce.rules',ms_text_area_decode($config['installedpackages']['msantispam']['config'][0]['bounce']),LOCK_EX); @@ -839,6 +938,22 @@ EOF; unlink_if_exists($libexec_dir.'clamav-wrapper'); } else{ + chown('/var/run/clamav/', 'postfix'); + chown('/var/log/clamav/', 'postfix'); + chown('/var/db/clamav/', 'postfix'); + if (file_exists('/var/db/clamav/bytecode.cld')) + chown('/var/db/clamav/bytecode.cld', 'postfix'); + if (file_exists('/var/db/clamav/daily.cld')) + chown('/var/db/clamav/daily.cld', 'postfix'); + if (file_exists('/var/db/clamav/main.cvd')) + chown('/var/db/clamav/main.cvd', 'postfix'); + if (file_exists('/var/db/clamav/mirrors.dat')) + chown('/var/db/clamav/mirrors.dat', 'postfix'); + if (file_exists('/var/log/clamav/clamd.log')) + chown('/var/log/clamav/clamd.log', 'postfix'); + if (file_exists('/var/log/clamav/freshclam.log')) + chown('/var/log/clamav/freshclam.log', 'postfix'); + copy($libexec_dir.'clamav-autoupdate.sample',$libexec_dir.'clamav-autoupdate'); chmod ($libexec_dir.'clamav-autoupdate',0755); copy($libexec_dir.'clamav-wrapper.sample',$libexec_dir.'clamav-wrapper'); @@ -847,6 +962,39 @@ EOF; log_error('No clamav database found, running freshclam in background.'); mwexec_bg('/usr/local/bin/freshclam'); } + #clamav-wrapper file + $cconf=$libexec_dir."clamav-wrapper"; + $cconf_file=file_get_contents($cconf); + if (preg_match('/"clamav"/',$cconf_file)){ + $cconf_file=preg_replace('/"clamav"/','"postfix"',$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } + + #freshclam conf file + $cconf="/usr/local/etc/freshclam.conf"; + $cconf_file=file_get_contents($cconf); + if (preg_match('/DatabaseOwner clamav/',$cconf_file)){ + $cconf_file=preg_replace("/DatabaseOwner clamav/","DatabaseOwner postfix",$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } + + #clamd conf file + $cconf="/usr/local/etc/clamd.conf"; + $cconf_file=file_get_contents($cconf); + if (preg_match('/User clamav/',$cconf_file)){ + $cconf_file=preg_replace("/User clamav/","User postfix",$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + } + #clamd script file + $script='/usr/local/etc/rc.d/clamav-clamd'; + $script_file=file_get_contents($script); + if (preg_match('/NO/',$script_file)){ + $script_file=preg_replace("/NO/","YES",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + chmod ($script,0755); + } + mwexec_bg("$script fastrestart"); + } } else{ @@ -854,7 +1002,39 @@ EOF; unlink_if_exists($libexec_dir.'clamav-wrapper'); } + #check dcc startup script + $script='/usr/local/etc/rc.d/dccifd'; + $script_file=file_get_contents($script); + if (preg_match('/NO/',$script_file)){ + $script_file=preg_replace("/NO/","YES",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + chmod ($script,0755); + } + mwexec_bg("$script fastrestart"); + #check dcc config file + $script='/usr/local/dcc/dcc_conf'; + $script_file=file_get_contents($script); + if (preg_match('/DCCIFD_ENABLE=off/',$script_file)){ + $script_file=preg_replace("/DCCIFD_ENABLE=off/","DCCIFD_ENABLE=on",$script_file); + file_put_contents($script, $script_file, LOCK_EX); + } + $script='/usr/local/etc/rc.d/mailscanner'; + + #fix MIME::ToolUtils deprecated function and usecure dependency calls in /usr/local/sbin/mailscanner + $cconf="/usr/local/sbin/mailscanner"; + $cconf_file=file_get_contents($cconf); + $pattern2[0]='/perl\W+I/'; + $pattern2[1]='/\smy .current = config MIME::ToolUtils/'; + $replacement2[0]='perl -U -I'; + $replacement2[1]=' #my $current = config MIME::ToolUtils'; + if (preg_match('/perl\W+I/',$cconf_file)){ + $cconf_file=preg_replace($pattern2,$replacement2,$cconf_file); + file_put_contents($cconf, $cconf_file, LOCK_EX); + #force old process stop + mwexec("$script stop"); + } + $script_file=file_get_contents($script); if (preg_match('/NO/',$script_file)){ $script_file=preg_replace("/NO/","YES",$script_file); @@ -871,6 +1051,20 @@ EOF; chmod ($script,0444); } conf_mount_ro(); + $synconchanges = $config['installedpackages']['mailscannersync']['config'][0]['synconchanges']; + if(!$synconchanges && !$syncondbchanges) + return; + log_error("[mailscanner] mailscanner_xmlrpc_sync.php is starting."); + foreach ($config['installedpackages']['mailscannersync']['config'] as $rs ){ + foreach($rs['row'] as $sh){ + $sync_to_ip = $sh['ipaddress']; + $password = $sh['password']; + $sync_type = $sh['sync_type']; + if($password && $sync_to_ip) + mailscanner_do_xmlrpc_sync($sync_to_ip, $password,$sync_type); + } + } + log_error("[postfix] postfix_xmlrpc_sync.php is ending."); } @@ -902,4 +1096,104 @@ function mailscanner_php_deinstall_command() { conf_mount_ro(); } +function mailscanner_do_xmlrpc_sync($sync_to_ip, $password,$sync_type) { + global $config, $g; + + if(!$password) + return; + + if(!$sync_to_ip) + return; + + $xmlrpc_sync_neighbor = $sync_to_ip; + if($config['system']['webgui']['protocol'] != "") { + $synchronizetoip = $config['system']['webgui']['protocol']; + $synchronizetoip .= "://"; + } + $port = $config['system']['webgui']['port']; + /* if port is empty lets rely on the protocol selection */ + if($port == "") { + if($config['system']['webgui']['protocol'] == "http") + $port = "80"; + else + $port = "443"; + } + $synchronizetoip .= $sync_to_ip; + + /* xml will hold the sections to sync */ + $xml = array(); + $sync_xml=$config['installedpackages']['mailscannersync']['config'][0]['synconchanges']; + if ($sync_xml){ + log_error("Include mailscanner config"); + $xml['mailscanner'] = $config['installedpackages']['mailscanner']; + $xml['msreport'] = $config['installedpackages']['msreport']; + $xml['mscontent'] = $config['installedpackages']['mscontent']; + $xml['msantivirus'] = $config['installedpackages']['msantivirus']; + $xml['msantispam'] = $config['installedpackages']['msantispam']; + $xml['msalerts'] = $config['installedpackages']['msalerts']; + } + if (count($xml) > 0){ + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($xml) + ); + + /* set a few variables needed for sync code borrowed from filter.inc */ + $url = $synchronizetoip; + log_error("Beginning mailscanner XMLRPC sync to {$url}:{$port}."); + $method = 'pfsense.merge_installedpackages_section_xmlrpc'; + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials('admin', $password); + if($g['debug']) + $cli->setDebug(1); + /* send our XMLRPC message and timeout after 250 seconds */ + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting mailscanner XMLRPC sync with {$url}:{$port}."; + log_error($error); + file_notice("sync_settings", $error, "Mailscanner Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting mailscanner XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "mailscanner Settings Sync", ""); + } else { + log_error("mailscanner XMLRPC sync successfully completed with {$url}:{$port}."); + } + + /* tell postfix to reload our settings on the destionation sync host. */ + $method = 'pfsense.exec_php'; + $execcmd = "require_once('/usr/local/pkg/mailscanner.inc');\n"; + $execcmd .= "sync_package_mailscanner();"; + + /* assemble xmlrpc payload */ + $params = array( + XML_RPC_encode($password), + XML_RPC_encode($execcmd) + ); + + log_error("mailscanner XMLRPC reload data {$url}:{$port}."); + $msg = new XML_RPC_Message($method, $params); + $cli = new XML_RPC_Client('/xmlrpc.php', $url, $port); + $cli->setCredentials('admin', $password); + $resp = $cli->send($msg, "250"); + if(!$resp) { + $error = "A communications error occurred while attempting mailscanner XMLRPC sync with {$url}:{$port} (pfsense.exec_php)."; + log_error($error); + file_notice("sync_settings", $error, "mailscanner Settings Sync", ""); + } elseif($resp->faultCode()) { + $cli->setDebug(1); + $resp = $cli->send($msg, "250"); + $error = "An error code was received while attempting mailscanner XMLRPC sync with {$url}:{$port} - Code " . $resp->faultCode() . ": " . $resp->faultString(); + log_error($error); + file_notice("sync_settings", $error, "mailscanner Settings Sync", ""); + } else { + log_error("mailscanner XMLRPC reload data success with {$url}:{$port} (pfsense.exec_php)."); + } + } +} + ?> \ No newline at end of file diff --git a/config/mailscanner/mailscanner.xml b/config/mailscanner/mailscanner.xml index 71bb06f3..95cf7f79 100644 --- a/config/mailscanner/mailscanner.xml +++ b/config/mailscanner/mailscanner.xml @@ -143,7 +143,7 @@ /pkg_edit.php?xml=mailscanner_sync.xml&id=0 - About + Help /mailscanner_about.php diff --git a/config/mailscanner/mailscanner_about.php b/config/mailscanner/mailscanner_about.php index db499a4d..bea516f9 100755 --- a/config/mailscanner/mailscanner_about.php +++ b/config/mailscanner/mailscanner_about.php @@ -60,7 +60,7 @@ include("head.inc"); $tab_array[] = array(gettext("Alerts"), false, "/pkg_edit.php?xml=mailscanner_alerts.xml&id=0"); $tab_array[] = array(gettext("Reporting"), false, "/pkg_edit.php?xml=mailscanner_report.xml&id=0"); $tab_array[] = array(gettext("XMLRPC Sync"), false, "/pkg_edit.php?xml=mailscanner_sync.xml&id=0"); - $tab_array[] = array(gettext("About"), true, "/mailscanner_about.php"); + $tab_array[] = array(gettext("Help"), true, "/mailscanner_about.php"); display_top_tabs($tab_array); ?> @@ -71,6 +71,17 @@ include("head.inc"); + + + + + + + + + + diff --git a/config/mailscanner/mailscanner_alerts.xml b/config/mailscanner/mailscanner_alerts.xml index 5704f3ff..9d80bae6 100644 --- a/config/mailscanner/mailscanner_alerts.xml +++ b/config/mailscanner/mailscanner_alerts.xml @@ -80,7 +80,7 @@ /pkg_edit.php?xml=mailscanner_sync.xml&id=0 - About + Help /mailscanner_about.php diff --git a/config/mailscanner/mailscanner_antispam.xml b/config/mailscanner/mailscanner_antispam.xml index 5ce3f015..652935f5 100644 --- a/config/mailscanner/mailscanner_antispam.xml +++ b/config/mailscanner/mailscanner_antispam.xml @@ -80,7 +80,7 @@ /pkg_edit.php?xml=mailscanner_sync.xml&id=0 - About + Help /mailscanner_about.php @@ -89,16 +89,16 @@ - RBL Checks + Spam Checks listtopic Features rblfeatures - - Note: RBL checks are recommended in postfix postscreen daemon.
- It's not recommended to run it twice.]]> + + If you unselect Spam Checks then *no* spam checks will be done at all.
+ This includes both MailScanner's own checks and SpamAssassin.]]> select @@ -108,6 +108,17 @@ 04 + + + Rbl checks + rblchecks + + + Rbl ckecks are included in postscreen daemon.
+ For better performance, configure it in postscreen.
+ It's not recommended to run it twice.]]> + + checkbox Spam Lists do be spam @@ -142,7 +153,12 @@ Features safeatures - + + Bayes needs a lot o CPU to work properly
+ Razor2 needs access to tcp ports 2703 and 7 (outgoing)
+ Pyzor needs access to udp port 24441 (outgoing)
+ DCC needs access to udp port 6277 (outgoing)
+ DNS access is mandatory for all
]]> select @@ -153,8 +169,13 @@ + + + + + - 08 + 13 diff --git a/config/mailscanner/mailscanner_antivirus.xml b/config/mailscanner/mailscanner_antivirus.xml index 7d3d1d7c..a6b94c0b 100644 --- a/config/mailscanner/mailscanner_antivirus.xml +++ b/config/mailscanner/mailscanner_antivirus.xml @@ -80,7 +80,7 @@ /pkg_edit.php?xml=mailscanner_sync.xml&id=0 - About + Help /mailscanner_about.php @@ -115,6 +115,7 @@ + diff --git a/config/mailscanner/mailscanner_attachments.xml b/config/mailscanner/mailscanner_attachments.xml index 31bf98f4..1b031466 100644 --- a/config/mailscanner/mailscanner_attachments.xml +++ b/config/mailscanner/mailscanner_attachments.xml @@ -80,7 +80,7 @@ /pkg_edit.php?xml=mailscanner_sync.xml&id=0 - About + Help /mailscanner_about.php diff --git a/config/mailscanner/mailscanner_content.xml b/config/mailscanner/mailscanner_content.xml index d36bf8b3..ca79b07f 100644 --- a/config/mailscanner/mailscanner_content.xml +++ b/config/mailscanner/mailscanner_content.xml @@ -80,7 +80,7 @@ /pkg_edit.php?xml=mailscanner_sync.xml&id=0 - About + Help /mailscanner_about.php diff --git a/config/mailscanner/mailscanner_report.xml b/config/mailscanner/mailscanner_report.xml index 65f182fc..60e7385c 100644 --- a/config/mailscanner/mailscanner_report.xml +++ b/config/mailscanner/mailscanner_report.xml @@ -80,7 +80,7 @@ /pkg_edit.php?xml=mailscanner_sync.xml&id=0 - About + Help /mailscanner_about.php diff --git a/config/mailscanner/mailscanner_sync.xml b/config/mailscanner/mailscanner_sync.xml index 8dc51e42..da31e853 100644 --- a/config/mailscanner/mailscanner_sync.xml +++ b/config/mailscanner/mailscanner_sync.xml @@ -41,7 +41,7 @@ Describe your package here Describe your package requirements here Currently there are no FAQ items provided. - mailscanner_sync + mailscannersync 1.0 Services: MailScanner /usr/local/pkg/mailscanner.inc @@ -80,7 +80,7 @@ - About + Help /mailscanner_about.php diff --git a/config/postfix/postfix.inc b/config/postfix/postfix.inc index 5a802054..182f9d00 100644 --- a/config/postfix/postfix.inc +++ b/config/postfix/postfix.inc @@ -351,8 +351,13 @@ EOF; #Header Maps if ($config['installedpackages']['postfixacl']['config'][0]['header_maps']){ $postfix_main .= "header_checks = pcre:/usr/local/etc/postfix/header_check\n"; + $postfix_main .= "header_size_limit = 1024000\n"; $header_check = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['header_maps']); } + #Sender access + if ($config['installedpackages']['postfixacl']['config'][0]['sender_access']){ + $sender_access = px_text_area_decode($config['installedpackages']['postfixacl']['config'][0]['sender_access']); + } #MIME Maps if ($config['installedpackages']['postfixacl']['config'][0]['mime_maps']){ $postfix_main .= "mime_header_checks = pcre:/usr/local/etc/postfix/mime_check\n"; @@ -454,6 +459,7 @@ smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_unauth_pipelining, reject_multi_recipient_bounce, + check_sender_access hash:/usr/local/etc/postfix/sender_access, SPFSPFSPFRBLRBLRBL EOF; @@ -637,13 +643,14 @@ MASTEREOF2; file_put_contents("/usr/local/etc/postfix/main.cf", $postfix_main, LOCK_EX); file_put_contents("/usr/local/etc/postfix/master.cf", $postfix_master, LOCK_EX); file_put_contents("/usr/local/etc/postfix/transport", $transport, LOCK_EX); + file_put_contents("/usr/local/etc/postfix/sender_access", $sender_access, LOCK_EX); file_put_contents("/usr/local/etc/postfix/cal_cidr", $cal_cidr, LOCK_EX); file_put_contents("/usr/local/etc/postfix/cal_pcre", $cal_pcre, LOCK_EX); file_put_contents("/usr/local/etc/postfix/header_check", $header_check, LOCK_EX); file_put_contents("/usr/local/etc/postfix/mime_check", $mime_check, LOCK_EX); file_put_contents("/usr/local/etc/postfix/body_check", $body_check, LOCK_EX); file_put_contents("/usr/local/etc/postfix/mynetwork_table", $mynetworks, LOCK_EX); - $FILES=array("transport"); + $FILES=array("transport","sender_access"); foreach ($FILES as $file) { mwexec("/usr/local/sbin/postmap /usr/local/etc/postfix/".$file); diff --git a/config/postfix/postfix_acl.xml b/config/postfix/postfix_acl.xml index 9837bf0a..2a2b4633 100644 --- a/config/postfix/postfix_acl.xml +++ b/config/postfix/postfix_acl.xml @@ -114,6 +114,23 @@ 15 base64 + + Sender + sender_access + HASH filters that implements whitelisting and blacklisting of full or partial email addresses and domains as specified in the MAIL FROM field :
+ myfriend@example.com OK
+ junk@spam.com REJECT
+ marketing@ REJECT
+ theboss@ OK
+ deals.marketing.com REJECT
+ somedomain.com OK
+ See http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions for more help]]> + + textarea + 83 + 15 + base64 + MIME mime_maps -- cgit v1.2.3
Most Asked Questions

");?> +
How do I get SpamAssassin to run faster?

");?>