web interface for releasing messages from quarantine

David,

Correct me if I'm wrong but you said that you're not getting the release tab and you don't see any mails on the quarantine tab.

Do you see any mails on the recent messages tab?
Are you getting any errors in your mail.log?
Also, are mails being delivered to your exchange?

 

Correctamente!

I have no release tab at all.
In the Quarantine tab, I see dates that are clickable - and when that is done the message "No rows retrieved" appears.

My mail appears to be working (I haven't heard of any mails that has been "lost" from my friends).
The mail.log seems fine

example from an incoming mail in the mail.log

Code:

Jun 11 17:44:02 tornillo postfix/smtp[31002]: A33E4C1C: to=<[email protected]>, relay=c.mx.mail.yahoo.com[216.39.53.3]:25, delay=26, delays=23/0.03/1.1/2.2, dsn=2.0.0, status=sent (250 ok dirdel)
Jun 11 17:44:02 tornillo postfix/qmgr[11049]: A33E4C1C: removed
Jun 11 17:44:05 tornillo MailScanner[30344]: Logging message 90D3942D.44844 to SQL 
Jun 11 17:44:05 tornillo MailScanner[30344]: Config: calling custom end function SQLBlacklist 
Jun 11 17:44:05 tornillo MailScanner[31004]: 90D3942D.44844: Logged to MailWatch SQL 
Jun 11 17:44:05 tornillo MailScanner[30344]: Closing down by-domain spam blacklist 
Jun 11 17:44:05 tornillo MailScanner[30344]: Config: calling custom end function MailWatchLogging 
Jun 11 17:44:06 tornillo MailScanner[30344]: Config: calling custom end function SQLWhitelist 
Jun 11 17:44:06 tornillo MailScanner[30344]: Closing down by-domain spam whitelist 
Jun 11 17:44:06 tornillo MailScanner[30344]: MailScanner child dying of old age 
Jun 11 17:44:07 tornillo MailScanner[31005]: MailScanner E-Mail Virus Scanner version 4.68.8 starting... 
Jun 11 17:44:07 tornillo MailScanner[31005]: Skipping Custom Function file MailWatch.pm~ as its name does not end in .pm or .pl 
Jun 11 17:44:07 tornillo MailScanner[31005]: Skipping Custom Function file SQLBlackWhiteList.pm~ as its name does not end in .pm or .pl 
Jun 11 17:44:07 tornillo MailScanner[31005]: Read 817 hostnames from the phishing whitelist 
Jun 11 17:44:08 tornillo MailScanner[31005]: Read 5141 hostnames from the phishing blacklist 
Jun 11 17:44:08 tornillo MailScanner[31005]: Config: calling custom init function SQLBlacklist 
Jun 11 17:44:08 tornillo MailScanner[31005]: Starting up SQL Blacklist 
Jun 11 17:44:09 tornillo MailScanner[31005]: Read 6 blacklist entries 
Jun 11 17:44:09 tornillo MailScanner[31005]: Config: calling custom init function MailWatchLogging 
Jun 11 17:44:09 tornillo MailScanner[31005]: Started SQL Logging child 
Jun 11 17:44:09 tornillo MailScanner[31005]: Config: calling custom init function SQLWhitelist 
Jun 11 17:44:10 tornillo MailScanner[31005]: Starting up SQL Whitelist 
Jun 11 17:44:10 tornillo MailScanner[31005]: Read 56 whitelist entries 
Jun 11 17:44:10 tornillo MailScanner[31005]: SpamAssassin temporary working directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp 
Jun 11 17:44:11 tornillo MailScanner[31005]: Using SpamAssassin results cache 
Jun 11 17:44:11 tornillo MailScanner[31005]: Connected to SpamAssassin cache database 
Jun 11 17:44:11 tornillo MailScanner[31005]: Enabling SpamAssassin auto-whitelist functionality... 
Jun 11 17:44:14 tornillo MailScanner[31005]: ClamAV scanner using unrar command /usr/bin/unrar 
Jun 11 17:44:15 tornillo MailScanner[31005]: Using locktype = flock 

Thanks for your patience Rocky


//David

 

Hey,

Seems as though the following files are not named properly. Please correct the name and restart MailScanner.

Code:

Skipping Custom Function file [B]MailWatch.pm~[/B] as its name does not end in .pm or .pl 
Skipping Custom Function file [B]SQLBlackWhiteList.pm~[/[/B]CODE]
 
As for the quarantine and release issue, it's related to permission problems.
 
Please redo the permissions as stated earlier in this thread.
 
Rocky

 

Rocky,

the files that ends with the ~ sign are created as a "backup" by Jed. The original files are there also with their proper name.
I've tried to remove these files and restarted mailscanner, but still the same.

I've redone the permissions in this thread, this time for the 7th or 8th time.
Could it have something to do with permissions in the mysql-db's?

//David

 

Addition to the last post, don't know if this has something to do with the problem but....

Code:

 /etc/init.d/mailscanner restart
 * Restarting mail spam/virus scanner MailScanner
commit ineffective with AutoCommit enabled at /etc/MailScanner/CustomFunctions/MailWatch.pm line 93.
Program MailScanner, 2 process(es), refused to die.                                               [fail]
root@tornillo:/etc/MailScanner/CustomFunctions# /etc/init.d/mailscanner restart
 * Restarting mail spam/virus scanner MailScanner                                               [ OK ]
root@tornillo:/etc/MailScanner/CustomFunctions#

Other functions that has the "No rows retrieved"-problem
Reports - Message Operations
Reports - Top Viruses
Reports - Virus Report
Reports - MCP Score Distribution
Reports - MCP Rule Hits
Reports - Audit Log

Quarantine - All sublinks

//David

 

If you'd like me to take a look at your settings, I'd be more than happy to. However, you'll have to setup an ssh login for me. It has to be permission issues.

 

Something strange

Hi, I'm new here and apologize me for my bad english!

In the web interface I can't see the bottom bar to teach that a message it's spam or not.

I can see only if i set right permissions with:

Code:

chown -R postfix:www-data /var/spool/MailScanner
chown -R postfix:www-data /var/lib/MailScanner
chown -R postfix:www-data /var/run/MailScanner
chown -R postfix:www-data /var/lock/subsys/MailScanner
chown -R postfix:www-data /var/spool/postfix/hold
chmod -R ug+rwx /var/spool/postfix/hold
chmod -R ug+rwx /var/spool/MailScanner

but after only one modification bar disappear.

I encounter another problem in message operation: if i try to teach that a message it's spam or ham in do_message_ops.php page i have this result:

Spam Learn Results
[message.id] spam Invalid argument

If I change permission again, stop and start service i can make operation.

I made correctly all installation steps, system works fine.

A possible solution?!?

Thank you for your time!

Matteo

 

Hey,

Ok so let me try to understand whats going on.

When you apply the permission changes, everything works?

Do you reboot your pc and then lose functionality?

 

Hi,

Yes! After permission changing everything works properly for only one time. After only one modification for a message I lose bar.

Looking permissions in quarantine folder I see all messages with -rwxrwx--- permissions and touched message is -rw-------only.

After one attmpt to solve this problem (changing in mailscanner configuration masks from 0600 to 0770) everything works fine everytime.

Sorry for my bad and poor english!

 

David,

I think you're missing section 9.11 because you're your mailwatch queue does not show the status of incoming mails. Check it out.

 

Hmmm... I'm not so sure about that.

But I tried it again and:
root@tornillo:/usr/src/postfixmail# patch /var/www/mailscanner/functions.php functions.php.diff
patching file /var/www/mailscanner/functions.php
Hunk #2 FAILED at 221.
Hunk #3 FAILED at 225.
2 out of 3 hunks FAILED -- saving rejects to file /var/www/mailscanner/functions.php.rej

Don't know how to interpret that.

Ha-ha.. tearing my head off soon!
Just as the release function got working, I tested the above and now nothing, really nothing is working.
I can't do anything else than laugh.

Rocky? Any idea?




//David

 

David,

I've attached my functions.php and postfix.inc files. Back yours up and give these a try.

 

Thanks a lot!!

 

No prob David.

You just have to tweak it a bit and you'll be alright. Change your Spam Lists to spamhaus-ZEN instead of SBL-XBL. ZEN replaced that one. Also, make sure you have 'store' in all 3 of your spam actions.

 

Hi there, I have been following the SpamSnake setup and most things are running great, thanks for the tutorial!

I have a similar problem to what David had, it appears that everything is running, mailscanner is seeing mail and it's getting scanned, but I'm not seeing any external mail in MailWatch. Here's what i've done to get here and my troubleshooting:

I followed the tut to 9.15, rebooted and everything seemed to be running. I moved on and made it down to step 9.26, I tested Mailwatch and noticed I had not received any more mail in the previous 2 hours. Checked mail.log and everything looks fine

Jan 24 12:21:58 mw-254 postfix/smtpd[23671]: lost connection after CONNECT from unknown[190.3.215.219]
Jan 24 12:21:58 mw-254 postfix/smtpd[23671]: disconnect from unknown[190.3.215.219]
Jan 24 12:21:59 mw-254 postfix/smtpd[22543]: connect from pool-71-127-234-86.nwrknj.east.verizon.net[71.127.234.86]
Jan 24 12:21:59 mw-254 postfix/smtpd[22543]: NOQUEUE: reject: RCPT from pool-71-127-234-86.nwrknj.east.verizon.net[71.127.234.86]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<pool-71-127-234-86.nwrknj.east.verizon.net>


Checked for mailscanner errors....and the following lines usually repeat themselves every 10 minutes <- Is that a problem?

Jan 24 12:13:25 mw-254 MailScanner: MailScanner setting GID to www-data (33)
Jan 24 12:13:25 mw-254 MailScanner: MailScanner setting UID to postfix (108)
Jan 24 12:13:27 mw-254 MailScanner[23759]: MailScanner E-Mail Virus Scanner version 4.71.10 starting...
Jan 24 12:13:28 mw-254 MailScanner[23759]: Read 830 hostnames from the phishing whitelist
Jan 24 12:13:28 mw-254 MailScanner[23759]: Read 5298 hostnames from the phishing blacklist
Jan 24 12:13:28 mw-254 MailScanner[23759]: Config: calling custom init function SQLBlacklist
Jan 24 12:13:28 mw-254 MailScanner[23759]: Starting up SQL Blacklist
Jan 24 12:13:29 mw-254 MailScanner[23759]: Read 0 blacklist entries
Jan 24 12:13:29 mw-254 MailScanner[23759]: Config: calling custom init function MailWatchLogging
Jan 24 12:13:29 mw-254 MailScanner[23759]: Started SQL Logging child
Jan 24 12:13:30 mw-254 MailScanner[23759]: Config: calling custom init function SQLWhitelist
Jan 24 12:13:30 mw-254 MailScanner[23759]: Starting up SQL Whitelist
Jan 24 12:13:30 mw-254 MailScanner[23759]: Read 0 whitelist entries
Jan 24 12:13:30 mw-254 MailScanner[23759]: SpamAssassin temporary working directory is /var/spool/MailScanner/incoming/SpamAssassin-Temp
Jan 24 12:13:31 mw-254 MailScanner[23759]: Using SpamAssassin results cache
Jan 24 12:13:31 mw-254 MailScanner[23759]: Connected to SpamAssassin cache database
Jan 24 12:13:31 mw-254 MailScanner[23759]: Enabling SpamAssassin auto-whitelist functionality...
Jan 24 12:13:34 mw-254 MailScanner[23759]: Using locktype = flock

....everything looks good to me. So I figured I had messed something up between 9.15 and 9.26. After a while of troubleshooting I got frustrated and completely removed mailscanner from the system and started again from Step 8. Everything looked good all the way until I got to 9.15, restarted the system and have the same problem: mailscanner looks like it's doing it's job but the bayes database isn't being updated and I'm not seeing external mail flow through (I am seeing internal mail).

I had the same HUNK error that David posted, replaced my postfix.inc and functions.php with those provided by Rocky, dropped all the tables in my db. Still no love.

I figured this could be a permissions issue so looked at my lint test, it completes successfully, no warnings or errors. Here's the bayes part of my lint test


[23127] dbg: bayes: using username: root
[23127] dbg: bayes: database connection established
[23127] dbg: bayes: found bayes db version 3
[23127] dbg: bayes: Using userid: 2
[23127] dbg: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
[23127] dbg: config: score set 0 chosen.
[23127] dbg: message: main message type: text/plain
[23127] dbg: message: ---- MIME PARSER START ----
[23127] dbg: message: parsing normal part
[23127] dbg: message: ---- MIME PARSER END ----
[23127] dbg: plugin: Mail::SpamAssassin:lugin:NSEval=HASH(0x989729c) implements 'check_start', priority 0
[23127] dbg: bayes: database connection established
[23127] dbg: bayes: found bayes db version 3
[23127] dbg: bayes: Using userid: 2
[23127] dbg: bayes: not available for scanning, only 0 spam(s) in bayes DB < 200
[23127] dbg: plugin: Mail::SpamAssassin:lugin::Check=HASH(0x95c7658) implements 'check_main', priority 0
[23127] dbg: conf: trusted_networks are not configured; it is recommended that you configure trusted_networks manually
[23127] dbg: metadata: X-Spam-Relays-Trusted:
[23127] dbg: metadata: X-Spam-Relays-Untrusted:
[23127] dbg: metadata: X-Spam-Relays-Internal:
[23127] dbg: metadata: X-Spam-Relays-External:
[23127] dbg: message: no encoding detected
[23127] dbg: plugin: Mail::SpamAssassin:lugin::URIDNSBL=HASH(0x94bfedc) implements 'parsed_metadata', priority 0


Any help would be greatly appreciated

/mike

 

any help??

 

Mike,

Correct me if I'm wrong, basically, you're not seeing any mail log on your MailWatch interface?

Rocky

 

Hey Rocky,

Really appreciate your patience. I am having issues releasing messages too. The issue i am facing is after i selecting the radio buttons and clicking learn, i get an error msg that ways the Message ID is not found.

Try to release any message, it will return Message ID
7E3CD28618F06_EE936 not found.

The message ID should be in the format of 7E3CD28618F06.EE936.

Somehow, the parser turn the "." to "-".

Any ideas sir?

 

Hi Rocky,

I'm not seeing external mail go to mailwatch, I am seeing mail generated by local user accounts (i.e. root@server1.

I also thought the bayes db wasn't filling up but when I ls the files they look like they are being updated

 

Mike,

I would look back at section 9 to make sure that you didn't miss anything. Seems like it's a configuration issue to me.

Rocky