Mail Server Setup With Exim, MySQL, Cyrus-Imapd, Horde Webmail On Centos 5.1 - works?

Now, trying to change anything at filter rules get this:

"There was an error activating the script. The driver said: Connection refused"

Checked ingo config and config files permissions, but nothing strange there...

 

Check that timsieved is running and that your configuration is pointing to the local host as well as the pam file is correct.

 

Now i am searching for timsieved service..

In the meantime i noticed this error in spamd.log : "Mon Nov 24 12:15:19 2008 [5998] warn: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile //.spamassassin/auto-whitelist.lock.mailsrv.5998 for //.spamassassin/auto-whitelist.lock: No such file or directory"

--Sorry for bothering all the time, but as you can see i have many many minor problems, and just followed the guide with necessary changes...

Also what is your opinion about cyrus user? Only after putting a password for this user imp "saw" the folders of each users... (just wondering...)

 

That is because the user nobody who spamd is running as has their home directory set to /, edit /etc/passwd and set the home directory for the user nobody to /tmp

 

ok, done.. thanks for this too..

Now for filtering matter, i have localhost.localdomain:sieve listening, also config file of ingo points on port 2000 as says in the how to... am i doing something wrong?

 

What is in /usr/share/horde/ingo/config/backends.php

 

Hm, its a copy-paste from your how to...

I also checked by typing : sieveshell -u test_user -a test_user localhost , which works ONLY if instead of localhost use mailsrv (my hostname) and using any user of the system...

backends.php:

PHP:

<?php
$backends['sieve'] = array(
    'driver' => 'timsieved',
    'preferred' => 'localhost',
    'hordeauth' => 'full',
    'params' => array(
        'hostspec' => 'localhost',
        'logintype' => 'PLAIN',
        'usetls' => true,
        'port' => 2000,
        'scriptname' => 'ingo',
    ),
    'script' => 'sieve',
    'scriptparams' => array()
);

Comparing to the default i am wondering about hordeauth value, and if i include the admin (cyrus) for updating scripts for all users.. (so i don't have anytime to fix the filters for new users for spam...am i right?)

 

If sieve shell works then that config should work. If you want to deploy system wide by default then use the default sieve script mechanism within imap.conf

 

too bad, still receiving "The driver said: connection refused" error in horde

this is what i get in logs... so what is the problem with PLAIN ?

Nov 24 13:37:47 mailsrv master[14824]: about to exec /usr/lib/cyrus-imapd/timsieved
Nov 24 13:37:47 mailsrv sieve[14824]: executed
Nov 24 13:37:47 mailsrv sieve[14824]: accepted connection
Nov 24 13:37:48 mailsrv sieve[14824]: badlogin: localhost.localdomain[::1] PLAIN authentication failure

 

Try looking at your logs it could be a missing pear module, if not then it is something to do with your configuration.

 

Maybe the errors i got in installation?

Anyway, sorry for bothering you all the time, i'll try to find something...

 

OK... ti was the configuration file.. some typo...

One FINAL(hope) question and i will be fine... spamassassin seems now to let the files come into but not mark them as spam so the filters can send them to spam folders...

May be in exim config needs something else except just commenting out this line?

thanks

 

The tagging of the spam is done by these lines

Code:

warn    add_header = X-Spam-Score: $spam_score ($spam_bar)\n\
                        X-Spam-Report: $spam_report

 

Unfortunately this setting exists and does nothing...

(testing with : XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X )

Only when i used the system filters section seemed to work...

If this is right, i leave it as it is...

 

Post the headers of an email that has gone through the system.

 

Here it is...

Code:

Content-Type:  	multipart/related; boundary="----=_NextPart_000_0030_01C9508C.601481D0"
Date:  	Thu, 27 Nov 2008 12:33:38 +0200 [12:33:38 PM EET]
From:  	G........ S......... <[email protected]>
Importance:  	Normal
MIME-Version:  	1.0
Message-ID:  	<[email protected]>
Received:  	

    * from mailsrv ([unix socket]) by TDS-IMAP/POP3 (Cyrus v2.3.11-Invoca-RPM-2.3.11-3) with LMTPA; Thu, 27 Nov 2008 12:38:08 +0200
    * from [217.148.186.10] (helo=mail.eyewideserver.com) by mailsrv with smtp (Exim 4.63) (envelope-from <[email protected]>) id 1L5eG3-0000Rt-Ca for [email protected]; Thu, 27 Nov 2008 12:38:08 +0200
    * from sync4j ([127.0.0.1]) by mail.eyewideserver.com with hMailServer ; Thu, 27 Nov 2008 11:38:15 +0100
    * from sync4j ([87.202.206.18] helo=sync4j) by ASSP.nospam; 27 Nov 2008 11:38:14 +0100

Return-Path:  	<[email protected]>
Subject:  	gokoloko
Thread-Index:  	AclQe5vBDXhQQYtKSRigj4x10JxSng==
To:  	[email protected]
X-MSMail-Priority:  	Normal
X-Mailer:  	Microsoft Outlook, Build 10.0.6838
X-MimeOLE:  	Produced By Microsoft MimeOLE V6.00.2900.3350
X-Priority:  	3 (Normal)
X-Sieve:  	CMU Sieve 2.3
X-Spam-Flag:  	YES
X-Spam-Report:  	Spam detection software, running on the system "mailsrv", has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn't spam) or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X G......... S.............. IT Department [...] Content analysis details: (1002.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 2.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see <http://www.spamcop.net/bl.shtml?87.202.206.18>] 1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email 0.0 HTML_MESSAGE BODY: HTML included in message 0.6 HTML_FONT_FACE_BAD BODY: HTML font face is not a word 0.1 RDNS_NONE Delivered to trusted network by a host with no rDNS -0.2 AWL AWL: From: address is in the auto white-list
X-Spam-Score:  	1002.7 (+++++++++++++++++++++++++++++++++++++++++++++++++++)

I wonder why in this message in spite that the score is extremely high it was not marked as spam, but came intact in inbox....

 

The mail is being tagged it is your filter rule that is not working

Code:

X-Spam-Flag:  	YES
X-Spam-Score:  	1002.7 (+++++++++++++++++++++++++++++++++++++++++++++++++++)

 

Yes but in the subject, shouldn't it add the *SPAM* notice? I have set my rules according to this thought... Where it says to 'mark' in the subject adding the word spam?

thank you

 

No that is not what the exim acl does, it just add's those headers your rule must check if X-Spam-Flag = YES

 

OK, i've got it.. my fault!!!

Many many thanks... my system is up and running and fully operational.. i also managed to sync with outlook through funambol plugin... now i want to try some blackberry and windows mobile devices and i am super...

I am just wondering about security... if i leave open 80,443,143,110,25 ports only open will i have any potential dangers from hackers with this configuration?