Has anyone managed to release non message/rfc822 messages through MailWatch? I can release spam messages but I have a couple of legit emails with attachments that have been blocked. The attachments are a .reg and .zip file. I tick the release option and click submit but they are not delivered. I have traced it down to functions.php - line 2222 - function quarantine_release() It performs a check and will only email (release) a message of type message/rfc822 where as mine are (3 for this particular email): text/x-mail; charset=us-ascii (for email) text/plain; charset=us-ascii (for .reg) application/x-zip (for .zip) I'm not sure where to go from here. I really want to use this as it is catching our spam very well and soon our other paid for (but rubbish) anti virus/spam software is running out but without being able to release mail I can't use it.
Goose, You should be able to do this as I am. If you look in the following file, /etc/MailScanner/filename.rules.conf, you'll see where you can allow/deny the file extensions. Check it out and customize it to your needs. Make sure to restart MailScanner afterwards. If you've followed the instructions thoroughly and applied the appropriate permissions and patches, you shouldn't have any problems releasing mails through MailWatch. Rocky
I'm keeping you busy aren't I. I have now modified that file to let files through and will allow Clam to stop any real viruses. I guess I was looking for a replacement to sending on/releasing the emails using something other than sendmail but a) I don't know enough about linux and available software and b) I can let the files through as you mentioned and any real viruses will get stopped by Clam (and I don't need those to be released anyway). I can always manually forward any attachments if required. Thanks Goose. (On a steep but interesting learning curve)
Goose, It's not a problem at all. Although I've been using this setup for a while, roughly 2yrs, I'm still learning it. I'm always looking to find things/ways to make it better. Allowing .reg files through the filter is really not a good idea. You can get some bad scripts sent to your endusers, who will most likely open them. I don't recommend it unless you really need it. As a matter of fact, I haven't really done any customization to the mailscanner filenames or filetypes. I haven't had any reasons to allow/deny any additonal files as yet. There was another way to release emails, which took the original email and made it an attachment to a system generated email. Personally, I don't like it because then the enduser had to open the attachment to get to the original email. Too much work! Using the sendmail method is really easy and it releases the email in it's original form. Rocky
I understand about the issues regarding .reg files but the nature of our business requires people sending us .reg files (contained in a zip). Outlook will block directly email .reg files but allows us access to the zip files. Unfortunately sendmail won't handle the mails afterwards (was ok for spam blocked mails) from functions.php: // Use sendmail to release message // We can only release message/rfc822 files in this way. As in my post above, the message parts (email and attachments) are of different types. As with any system it's a case of understanding how everything works and ties together and tweaking it to your own requirements. These problems have just helped me understand the system that much more than just following the instructions which can only help me down the line.
Goose, Section 9.24 of The SpamSnake has been updated with a fix for the quarantine release issue. First, set the .reg file to deny in your filename/filetype.rules. Then, give the changes a shot. Let me know how it turns out! Rocky
I have included the fixes in section 9.24 The problem still exists. I can release the text message without any problems. The attachments (putty.exe in my case) is not released. As far as I can tell (I am a linux newbie ) the file is not placed in quaratine again. Mail.log and the Apache error log do not show up any errors. The user and group set for the directory /var/spool/MailScanner/quarantine/20080526/D0E2817ED9.3942D are postfix:www-data. I checked and rechecked conf.php and MailScanner.conf. they seem exactly like the settings descriped in Spamsnake. Does anyone know how to solve this problem or what to check. Pieter
Hey PieterJ, Your permission is correct. If you want MailWatch to place the mail in quarantine on release you have to make sure the following settings in /var/www/mailscanner/conf.php are set: Code: define(QUARANTINE_USE_FLAG, true); define(QUARANTINE_FROM_ADDR, '[email protected]'); define(QUARANTINE_USE_SENDMAIL, false); Make sure to replace [email protected] with a valid email. The QUARANTINE_USE_SENDMAIL, false line tells MailWatch not to use sendmail emulation and will resend the original mail as an attachment to a system generated mail addressed from [email protected]. If this is set to true, then MailWatch does not send the original mail as an attachment, but also doesn't re-inject it back into the quarantine. Therefore, you won't be able to see what MailWatch has done with the mail. I find that having the original mail sent as an attachment is not user friendly, therefore, I have mine set to true. I prefer the mail in it's original form and so does my endusers. Rocky
Thanks Rocky, My appologies that I did not respond earlier. It turned out that there was no problem with spamsnake. The destination mail server also had een content filter. One which delete attachements without notifying. PieterJ
