Once again a couple questions regarding the perfect spamsnake My cron looks like this: Code: 37 5 * * * /opt/MailScanner/bin/update_phishing_sites 07 * * * * /opt/MailScanner/bin/update_bad_phishing_sites 58 23 * * * /opt/MailScanner/bin/clean.quarantine 42 * * * * /opt/MailScanner/bin/update_virus_scanners 3,23,43 * * * * /opt/MailScanner/bin/check_mailscanner 30 01 * * * /usr/bin/sa-learn --force-expire --sync -p /opt/MailScanner/etc/spam.assassin.prefs.conf @daily manage.py cleanquarantine #Clean quarantine @daily manage.py sendquarantinereports #Send quarantine reports @monthly manage.py dbclean #Clean maillog @weekly manage.py updatesarules #Update spamassassin rules @daily manage.py sendpdfreports #Send PDF Reports @weekly /usr/sbin/fuzzy-cleanmysql #FuzzyOcr DB cleaner 00 04 * * * /usr/bin/clamav-unofficial-sigs.sh .c /etc/clamav-unofficial-sigs.conf &> /dev/null But looking in /opt/MailScanner-4.81.4-1/bin: Code: root@mailgw:/opt/MailScanner/bin# ls -la total 696 drwxr-xr-x 3 root root 4096 2011-02-25 07:37 . drwxr-xr-x 7 root root 4096 2010-09-06 13:17 .. -rwxr-xr-x 1 root root 4416 2010-09-06 13:17 analyse_SpamAssassin_cache lrwxrwxrwx 1 root root 26 2011-02-25 07:37 analyze_SpamAssassin_cache -> analyse_SpamAssassin_cache -rwxr-xr-x 1 root root 3902 2010-09-06 13:17 check_mailscanner -rwxr-xr-x 1 root root 2152 2007-05-28 19:35 check_mailscanner.tru64 -rwxr-xr-x 1 root root 1047 2007-05-28 19:35 CheckModuleVersion -rwxr-xr-x 1 root root 932 2007-05-28 19:35 clean.quarantine -rwxr-xr-x 1 root root 1118 2009-08-27 18:30 clean.SA.cache drwxr-xr-x 2 root root 4096 2010-09-06 13:17 cron -rwxr-xr-x 1 root root 1518 2007-05-28 19:35 d2mbox -rwxr-xr-x 1 root root 1560 2007-05-28 19:35 df2mbox -rwxr-xr-x 1 root root 988 2009-04-12 20:50 getPERLLIB -rwxr-xr-x 1 root root 67317 2010-09-06 13:17 MailScanner -rwxr-xr-x 1 root root 2551 2009-01-07 11:58 mailscanner_create_locks -rwxr-xr-x 1 root root 66917 2010-04-24 19:54 mailscanner.sbin.orig -rwxr-xr-x 1 root root 1609 2009-09-08 16:21 processing_messages_alert -rwxr-xr-x 1 root root 2747 2009-08-27 06:17 Quick.Peek -rwxr-xr-x 1 root root 1223 2007-05-28 19:35 RawSendmailToCompleteMessage -rw------- 1 root root 875 2011-02-20 12:43 razor-agent.log -rwxr-xr-x 1 root root 7358 2009-04-02 11:16 Sophos.install -rwxr-xr-x 1 root root 7364 2009-04-02 11:16 Sophos.install.linux -rwxr-xr-x 1 root root 6359 2009-04-02 11:16 Sophos.install.solaris -rwxr-xr-x 1 root root 188 2009-07-30 21:15 svn-commit.tmp -rwxr-xr-x 1 root root 165027 2011-02-25 07:37 tnef -rwxr-xr-x 1 root root 165027 2011-02-20 12:33 tnef.original -rwxr-xr-x 1 root root 53276 2007-05-28 19:35 tnef.solaris.x86 -rwxr-xr-x 1 root root 8364 2009-09-15 20:29 update_bad_phishing_emails -rwxr-xr-x 1 root root 8232 2009-09-15 20:29 update_bad_phishing_sites -rwxr-xr-x 1 root root 6959 2009-09-15 20:29 update_bad_phishing_sites.pl -rwxr-xr-x 1 root root 2733 2008-03-11 01:44 update_bad_phishing_sites.sh.old -rwxr-xr-x 1 root root 2428 2007-06-26 16:33 update_phishing_sites -rwxr-xr-x 1 root root 12363 2011-02-21 22:13 update_scamnailer -rwxr-xr-x 1 root root 1294 2010-01-11 14:19 update_spamassassin -rwxr-xr-x 1 root root 2454 2009-08-27 06:23 update_virus_scanners lrwxrwxrwx 1 root root 24 2011-02-25 07:37 upgrade_languages_conf -> upgrade_MailScanner_conf -rwxr-xr-x 1 root root 11809 2009-08-11 11:26 upgrade_MailScanner_conf I see a couple scripts NOT added to cron! I've checked the guide and it does not say anywhere to add them. My question is: do I need to add the missing ones to crontab? An example is: update_scamnailer Thanks for any replies
Hey, Yes, you have to import scamnailer's script into /opt/MailScanner/bin and also make it executable. If you look at the scamnailer section, you'll see a line with a link pointing to the contents of the file. The other thing I notice is with: 00 04 * * * /usr/bin/clamav-unofficial-sigs.sh .c /etc/clamav-unofficial-sigs.conf It should be; 00 04 * * * /usr/bin/clamav-unofficial-sigs.sh -c /etc/clamav-unofficial-sigs.conf &> Make sure to edit /etc/clamav-unofficial-sigs.conf and comment out the mblportal updates section, as there has been mass false positives using it lately. Sanesecurity updates/defs will catch lots of viruses/spam, so it's important that your script above is update to run properly. Rocky
Thanks Rocky, I've done as you write, but I still need to know whether or not to add the "missing" update scripts to cron?
Hey, Yes, you have to add it to cron. This is what mine looks like: I moved update_scamnailer to /usr/sbin because when I upgraded MailScanner, I had to backup the file and then replace it. That was 1 too many steps. Now, all custom scripts are kept in /usr/sbin. Rocky
Thanks a million Rocky, my cron is now up to date P.S is there anyway of actually Blacklisting senders to completely disallow mails from sender to get processed by the spamsnake? The Baruwa blacklist functionality seems to only blacklist sender as SPAM, but now disallow mails from them.
Hey, Yes, you have 2 options. First, you can set /opt/MailScanner/etc/MailScanner.conf: Definite Spam Is High Scoring = yes This will cause blacklisted mails to be treated as high spam, which our snake does not deliver but saves a copy in quarantine. The second would be to add to main.cf: smtpd_restriction_classes = spf_policy, rbl_policy, grey_policy, blacklist_policy, whitelist_policy, verify_recipient, look_ahead blacklist_policy = check_client_access mysql:/etc/postfix/mysql-global_blacklist.cf, check_sender_access mysql:/etc/postfix/mysql-global_blacklist.cf Create /etc/postfix/mysql-global_blacklist with: #mysql-global_blacklist user = baruwa password = password dbname = baruwa query = select concat('REJECT') 'action' from lists where from_address='%s' AND list_type='2'; hosts = 127.0.0.1 *Note: Make sure to update your user, dbname and password to whatever you used with your setup. This option will block mails at the MTA level, reduce traffic but will not quarantine a copy. Hope this helps. Rocky