web interface for releasing messages from quarantine

Discussion in 'Server Operation' started by lctn, May 28, 2008.

  1. Rocky

    Rocky Member

    David,

    Correct me if I'm wrong but you said that you're not getting the release tab and you don't see any mails on the quarantine tab.

    Do you see any mails on the recent messages tab?
    Are you getting any errors in your mail.log?
    Also, are mails being delivered to your exchange?
     
  2. skruven2006

    skruven2006 New Member

    Correctamente!

    I have no release tab at all.
    In the Quarantine tab, I see dates that are clickable - and when that is done the message "No rows retrieved" appears.

    My mail appears to be working (I haven't heard of any mails that has been "lost" from my friends).
    The mail.log seems fine

    example from an incoming mail in the mail.log

    Code:
    Jun 11 17:44:02 tornillo postfix/smtp[31002]: A33E4C1C: to=<[email protected]>, relay=c.mx.mail.yahoo.com[216.39.53.3]:25, delay=26, delays=23/0.03/1.1/2.2, dsn=2.0.0, status=sent (250 ok dirdel)
    Jun 11 17:44:02 tornillo postfix/qmgr[11049]: A33E4C1C: removed
    Jun 11 17:44:05 tornillo MailScanner[30344]: Logging message 90D3942D.44844 to SQL 
    Jun 11 17:44:05 tornillo MailScanner[30344]: Config: calling custom end function SQLBlacklist 
    Jun 11 17:44:05 tornillo MailScanner[31004]: 90D3942D.44844: Logged to MailWatch SQL 
    Jun 11 17:44:05 tornillo MailScanner[30344]: Closing down by-domain spam blacklist 
    Jun 11 17:44:05 tornillo MailScanner[30344]: Config: calling custom end function MailWatchLogging 
    Jun 11 17:44:06 tornillo MailScanner[30344]: Config: calling custom end function SQLWhitelist 
    Jun 11 17:44:06 tornillo MailScanner[30344]: Closing down by-domain spam whitelist 
    Jun 11 17:44:06 tornillo MailScanner[30344]: MailScanner child dying of old age 
    Jun 11 17:44:07 tornillo MailScanner[31005]: MailScanner E-Mail Virus Scanner version 4.68.8 starting... 
    Jun 11 17:44:07 tornillo MailScanner[31005]: Skipping Custom Function file MailWatch.pm~ as its name does not end in .pm or .pl 
    Jun 11 17:44:07 tornillo MailScanner[31005]: Skipping Custom Function file SQLBlackWhiteList.pm~ as its name does not end in .pm or .pl 
    Jun 11 17:44:07 tornillo MailScanner[31005]: Read 817 hostnames from the phishing whitelist 
    Jun 11 17:44:08 tornillo MailScanner[31005]: Read 5141 hostnames from the phishing blacklist 
    Jun 11 17:44:08 tornillo MailScanner[31005]: Config: calling custom init function SQLBlacklist 
    Jun 11 17:44:08 tornillo MailScanner[31005]: Starting up SQL Blacklist 
    Jun 11 17:44:09 tornillo MailScanner[31005]: Read 6 blacklist entries 
    Jun 11 17:44:09 tornillo MailScanner[31005]: Config: calling custom init function MailWatchLogging 
    Jun 11 17:44:09 tornillo MailScanner[31005]: Started SQL Logging child 
    Jun 11 17:44:09 tornillo MailScanner[31005]: Config: calling custom init function SQLWhitelist 
    Jun 11 17:44:10 tornillo MailScanner[31005]: Starting up SQL Whitelist 
    Jun 11 17:44:10 tornillo MailScanner[31005]: Read 56 whitelist entries 
    Jun 11 17:44:10 tornillo MailScanner[31005]: SpamAssassin temporary working directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp 
    Jun 11 17:44:11 tornillo MailScanner[31005]: Using SpamAssassin results cache 
    Jun 11 17:44:11 tornillo MailScanner[31005]: Connected to SpamAssassin cache database 
    Jun 11 17:44:11 tornillo MailScanner[31005]: Enabling SpamAssassin auto-whitelist functionality... 
    Jun 11 17:44:14 tornillo MailScanner[31005]: ClamAV scanner using unrar command /usr/bin/unrar 
    Jun 11 17:44:15 tornillo MailScanner[31005]: Using locktype = flock 
    
    Thanks for your patience Rocky :)


    //David
     
  3. Rocky

    Rocky Member

    Hey,

    Seems as though the following files are not named properly. Please correct the name and restart MailScanner.

    Code:
    Skipping Custom Function file [B]MailWatch.pm~[/B] as its name does not end in .pm or .pl 
    Skipping Custom Function file [B]SQLBlackWhiteList.pm~[/[/B]CODE]
     
    As for the quarantine and release issue, it's related to permission problems.
     
    Please redo the permissions as stated earlier in this thread.
     
    Rocky
     
  4. skruven2006

    skruven2006 New Member

    Rocky,

    the files that ends with the ~ sign are created as a "backup" by Jed. The original files are there also with their proper name.
    I've tried to remove these files and restarted mailscanner, but still the same.

    I've redone the permissions in this thread, this time for the 7th or 8th time.
    Could it have something to do with permissions in the mysql-db's?

    //David
     
  5. skruven2006

    skruven2006 New Member

    Addition to the last post, don't know if this has something to do with the problem but....

    Code:
     /etc/init.d/mailscanner restart
     * Restarting mail spam/virus scanner MailScanner
    commit ineffective with AutoCommit enabled at /etc/MailScanner/CustomFunctions/MailWatch.pm line 93.
    Program MailScanner, 2 process(es), refused to die.                                               [fail]
    root@tornillo:/etc/MailScanner/CustomFunctions# /etc/init.d/mailscanner restart
     * Restarting mail spam/virus scanner MailScanner                                               [ OK ]
    root@tornillo:/etc/MailScanner/CustomFunctions#
    
    Other functions that has the "No rows retrieved"-problem
    Reports - Message Operations
    Reports - Top Viruses
    Reports - Virus Report
    Reports - MCP Score Distribution
    Reports - MCP Rule Hits
    Reports - Audit Log

    Quarantine - All sublinks

    //David
     
    Last edited: Jun 12, 2008
  6. Rocky

    Rocky Member

    If you'd like me to take a look at your settings, I'd be more than happy to. However, you'll have to setup an ssh login for me. It has to be permission issues.
     
  7. casamatta

    casamatta New Member

    Something strange

    Hi, I'm new here and apologize me for my bad english!

    In the web interface I can't see the bottom bar to teach that a message it's spam or not.

    I can see only if i set right permissions with:

    Code:
    chown -R postfix:www-data /var/spool/MailScanner
    chown -R postfix:www-data /var/lib/MailScanner
    chown -R postfix:www-data /var/run/MailScanner
    chown -R postfix:www-data /var/lock/subsys/MailScanner
    chown -R postfix:www-data /var/spool/postfix/hold
    chmod -R ug+rwx /var/spool/postfix/hold
    chmod -R ug+rwx /var/spool/MailScanner
    
    but after only one modification bar disappear.

    I encounter another problem in message operation: if i try to teach that a message it's spam or ham in do_message_ops.php page i have this result:

    Spam Learn Results
    [message.id] spam Invalid argument

    If I change permission again, stop and start service i can make operation.

    I made correctly all installation steps, system works fine.

    A possible solution?!?

    Thank you for your time!

    Matteo
     
  8. Rocky

    Rocky Member

    Hey,

    Ok so let me try to understand whats going on.

    When you apply the permission changes, everything works?

    Do you reboot your pc and then lose functionality?
     
  9. casamatta

    casamatta New Member

    Hi,

    Yes! After permission changing everything works properly for only one time. After only one modification for a message I lose bar.

    Looking permissions in quarantine folder I see all messages with -rwxrwx--- permissions and touched message is -rw-------only.

    After one attmpt to solve this problem (changing in mailscanner configuration masks from 0600 to 0770) everything works fine everytime.

    Sorry for my bad and poor english! :p
     
  10. Rocky

    Rocky Member

    David,

    I think you're missing section 9.11 because you're your mailwatch queue does not show the status of incoming mails. Check it out.
     
  11. skruven2006

    skruven2006 New Member

    Hmmm... I'm not so sure about that.

    But I tried it again and:
    root@tornillo:/usr/src/postfixmail# patch /var/www/mailscanner/functions.php functions.php.diff
    patching file /var/www/mailscanner/functions.php
    Hunk #2 FAILED at 221.
    Hunk #3 FAILED at 225.
    2 out of 3 hunks FAILED -- saving rejects to file /var/www/mailscanner/functions.php.rej

    Don't know how to interpret that.

    Ha-ha.. tearing my head off soon!
    Just as the release function got working, I tested the above and now nothing, really nothing is working.
    I can't do anything else than laugh.

    Rocky? Any idea?




    //David
     
    Last edited: Jun 16, 2008
  12. Rocky

    Rocky Member

    David,

    I've attached my functions.php and postfix.inc files. Back yours up and give these a try.
     
    Last edited: Feb 12, 2010
  13. skruven2006

    skruven2006 New Member

    Thanks a lot!!
     
  14. Rocky

    Rocky Member

    No prob David.

    You just have to tweak it a bit and you'll be alright. Change your Spam Lists to spamhaus-ZEN instead of SBL-XBL. ZEN replaced that one. Also, make sure you have 'store' in all 3 of your spam actions.
     
  15. mifa

    mifa New Member

    Hi there, I have been following the SpamSnake setup and most things are running great, thanks for the tutorial!

    I have a similar problem to what David had, it appears that everything is running, mailscanner is seeing mail and it's getting scanned, but I'm not seeing any external mail in MailWatch. Here's what i've done to get here and my troubleshooting:

    I followed the tut to 9.15, rebooted and everything seemed to be running. I moved on and made it down to step 9.26, I tested Mailwatch and noticed I had not received any more mail in the previous 2 hours. Checked mail.log and everything looks fine

    Jan 24 12:21:58 mw-254 postfix/smtpd[23671]: lost connection after CONNECT from unknown[190.3.215.219]
    Jan 24 12:21:58 mw-254 postfix/smtpd[23671]: disconnect from unknown[190.3.215.219]
    Jan 24 12:21:59 mw-254 postfix/smtpd[22543]: connect from pool-71-127-234-86.nwrknj.east.verizon.net[71.127.234.86]
    Jan 24 12:21:59 mw-254 postfix/smtpd[22543]: NOQUEUE: reject: RCPT from pool-71-127-234-86.nwrknj.east.verizon.net[71.127.234.86]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<pool-71-127-234-86.nwrknj.east.verizon.net>


    Checked for mailscanner errors....and the following lines usually repeat themselves every 10 minutes <- Is that a problem?

    Jan 24 12:13:25 mw-254 MailScanner: MailScanner setting GID to www-data (33)
    Jan 24 12:13:25 mw-254 MailScanner: MailScanner setting UID to postfix (108)
    Jan 24 12:13:27 mw-254 MailScanner[23759]: MailScanner E-Mail Virus Scanner version 4.71.10 starting...
    Jan 24 12:13:28 mw-254 MailScanner[23759]: Read 830 hostnames from the phishing whitelist
    Jan 24 12:13:28 mw-254 MailScanner[23759]: Read 5298 hostnames from the phishing blacklist
    Jan 24 12:13:28 mw-254 MailScanner[23759]: Config: calling custom init function SQLBlacklist
    Jan 24 12:13:28 mw-254 MailScanner[23759]: Starting up SQL Blacklist
    Jan 24 12:13:29 mw-254 MailScanner[23759]: Read 0 blacklist entries
    Jan 24 12:13:29 mw-254 MailScanner[23759]: Config: calling custom init function MailWatchLogging
    Jan 24 12:13:29 mw-254 MailScanner[23759]: Started SQL Logging child
    Jan 24 12:13:30 mw-254 MailScanner[23759]: Config: calling custom init function SQLWhitelist
    Jan 24 12:13:30 mw-254 MailScanner[23759]: Starting up SQL Whitelist
    Jan 24 12:13:30 mw-254 MailScanner[23759]: Read 0 whitelist entries
    Jan 24 12:13:30 mw-254 MailScanner[23759]: SpamAssassin temporary working directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp
    Jan 24 12:13:31 mw-254 MailScanner[23759]: Using SpamAssassin results cache
    Jan 24 12:13:31 mw-254 MailScanner[23759]: Connected to SpamAssassin cache database
    Jan 24 12:13:31 mw-254 MailScanner[23759]: Enabling SpamAssassin auto-whitelist functionality...
    Jan 24 12:13:34 mw-254 MailScanner[23759]: Using locktype = flock


    ....everything looks good to me. So I figured I had messed something up between 9.15 and 9.26. After a while of troubleshooting I got frustrated and completely removed mailscanner from the system and started again from Step 8. Everything looked good all the way until I got to 9.15, restarted the system and have the same problem: mailscanner looks like it's doing it's job but the bayes database isn't being updated and I'm not seeing external mail flow through (I am seeing internal mail).

    I had the same HUNK error that David posted, replaced my postfix.inc and functions.php with those provided by Rocky, dropped all the tables in my db. Still no love.

    I figured this could be a permissions issue so looked at my lint test, it completes successfully, no warnings or errors. Here's the bayes part of my lint test


    [23127] dbg: bayes: using username: root
    [23127] dbg: bayes: database connection established
    [23127] dbg: bayes: found bayes db version 3
    [23127] dbg: bayes: Using userid: 2
    [23127] dbg: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
    [23127] dbg: config: score set 0 chosen.
    [23127] dbg: message: main message type: text/plain
    [23127] dbg: message: ---- MIME PARSER START ----
    [23127] dbg: message: parsing normal part
    [23127] dbg: message: ---- MIME PARSER END ----
    [23127] dbg: plugin: Mail::SpamAssassin::plugin::DNSEval=HASH(0x989729c) implements 'check_start', priority 0
    [23127] dbg: bayes: database connection established
    [23127] dbg: bayes: found bayes db version 3
    [23127] dbg: bayes: Using userid: 2
    [23127] dbg: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
    [23127] dbg: plugin: Mail::SpamAssassin::plugin::Check=HASH(0x95c7658) implements 'check_main', priority 0
    [23127] dbg: conf: trusted_networks are not configured; it is recommended that you configure trusted_networks manually
    [23127] dbg: metadata: X-Spam-Relays-Trusted:
    [23127] dbg: metadata: X-Spam-Relays-Untrusted:
    [23127] dbg: metadata: X-Spam-Relays-Internal:
    [23127] dbg: metadata: X-Spam-Relays-External:
    [23127] dbg: message: no encoding detected
    [23127] dbg: plugin: Mail::SpamAssassin::plugin::URIDNSBL=HASH(0x94bfedc) implements 'parsed_metadata', priority 0


    Any help would be greatly appreciated

    /mike
     
  16. mifa

    mifa New Member

    any help??
     
  17. Rocky

    Rocky Member

    Mike,

    Correct me if I'm wrong, basically, you're not seeing any mail log on your MailWatch interface?

    Rocky
     
  18. cjc81

    cjc81 New Member

    Hey Rocky,

    Really appreciate your patience. I am having issues releasing messages too. The issue i am facing is after i selecting the radio buttons and clicking learn, i get an error msg that ways the Message ID is not found.

    Try to release any message, it will return Message ID
    7E3CD28618F06_EE936 not found.

    The message ID should be in the format of 7E3CD28618F06.EE936.

    Somehow, the parser turn the "." to "-".

    Any ideas sir?
     
  19. mifa

    mifa New Member

    Hi Rocky,

    I'm not seeing external mail go to mailwatch, I am seeing mail generated by local user accounts (i.e. root@server1.

    I also thought the bayes db wasn't filling up but when I ls the files they look like they are being updated
     
  20. Rocky

    Rocky Member

    Mike,

    I would look back at section 9 to make sure that you didn't miss anything. Seems like it's a configuration issue to me.

    Rocky
     

Share This Page