Код: Выделить всё
/var/log/maillog
Модератор: xM
Код: Выделить всё
/var/log/maillog
Код: Выделить всё
В root /var/log # cat /var/log/maillog
чисто.
Пробую телнетом:
root /var/log # telnet 192.168.230.128 465
Trying 192.168.230.128...
Connected to 192.168.230.128.
Escape character is '^]'.
Connection closed by foreign host.
Лог:
root /home/lex # tail -f /var/qmail/supervise/qmail-smtp-ssl/log/main/current
@400000004bdfca9d0e30f904 sslserver: pid 1871 from 192.168.230.128
@400000004bdfca9d0ef70ff4 sslserver: ok 1871 link.wd:192.168.230.128:465 :192.168.230.128::50347
@400000004bdfcab716f59dec sslserver: warning: dropping connection, unable to SSL accept:protocol error
@400000004bdfcab717a6581c sslserver: end 1871 status 28416
@400000004bdfcab717a65fec sslserver: status: 0/30
root /var/log # cat /etc/tcp/smtp
127.:allow,RELAYCLIENT=""
192.168.230.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/simscan"
:allow,QMAILQUEUE="/var/qmail/bin/simscan"root /var/log #
root /var/qmail/supervise/qmail-smtp-ssl # less run
exec 2>&1
VQ="/var/qmail"
PATH="$VQ/bin:/usr/local/bin:/usr/bin:/bin"
QUSER=qmaild
LOCAL=`head -1 $VQ/control/me`
###############################################################################
#
# options for tcpserver/sslserver
IP=192.168.230.128
PORT=465
SSL=1
SSL_CERT="$VQ/control/servercert.pem"
SMTP_CDB="/etc/tcp/smtp.cdb"
MAX=30
Куда рыть не понимаю, через squirrelmai почта ходит (понятно что она идет через 127.0.0.1), а вот что подправить, что б из локалки шло :cz2:
Да, чуть не забыл, почтовик запускаю на VMware, проц intel Core2 (может это как-нить поможет)
Код: Выделить всё
Уважаемые прошу прощения, данные maillog:
May 4 17:32:09 link vpopmail[2668]: vchkpw-smtps: vpopmail user not found postmaster@192.168.230.128:192.168.230.105
May 4 17:34:21 link vpopmail[2812]: vchkpw-smtps: vpopmail user not found proba@192.168.230.128:192.168.230.105
Но если в адресе указываю доменное имя (postmaster@link.wd) а не IP, то ничего не пишет в маиллог
Код: Выделить всё
spamassassin -t < spammail > nonspam.out
Код: Выделить всё
spamc -c -d 127.0.0.1 -p 783 < spammail
Код: Выделить всё
#cat /etc/tcp/smtp
127.:allow,RELAYCLIENT=""
192.168.230.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/simscan"
192.168.0.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/simscan"
:allow,QMAILQUEUE="/var/qmail/bin/simscan"
Код: Выделить всё
# openssl
OpenSSL> s_client -host localhost -port 465
/var/spool/qscan/qmail-queue.log: (лог после получения последнего письма, не весь, но сразу после того, как просканил clamav, с ним вроде как все ок...)_Gegemon писал(а):To alex@:
логи покажите.
Код: Выделить всё
Tue, 04 May 2010 19:08:00 MSD:31804: run /usr/local/bin/clamdscan --no-summary /var/spool/qscan/tmp/test127298568057231804 2>&1
Tue, 04 May 2010 19:08:00 MSD:31804: --output of clamdscan was:
/var/spool/qscan/tmp/test127298568057231804: OK
--
Tue, 04 May 2010 19:08:00 MSD:31804: clamdscan: finished scan of dir "/var/spool/qscan/tmp/test127298568057231804" in 0.004148 secs
Tue, 04 May 2010 19:08:00 MSD:31804: scanloop: finished scan of "/var/spool/qscan/tmp/test127298568057231804"...
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: starting scan of directory "/var/spool/qscan/tmp/test127298568057231804"...
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing to: ZVDOHYIK@yahoo.com|udtzqccc@yahoo.com|DTCELACB@yahoo.com|I1MCH2TH@yahoo.com|WPADJQ12@yahoo.com|smr@eurosport.com|bgnd2@canada.com|muwripa@fairesuivre.com|eccles@ballsy.net|S_Mentis@mail-x-change.com|YJPFJTGZ@excite.com|JGQZCD@excite.com|XHZJ3@excite.com|OZUNYLRL@excite.com|tsnlqd@excite.com|cxkawog@krovatka.net|ssdn@myrealbox.com
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '211:.*duma.gov.ru' = 'Policy-MAILFROM' = 'Virus Dumaru'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing MAILFROM: .*duma.gov.ru
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '213:application/hta.*' = 'Policy-Content-Type' = 'MS03-032 exploit?'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing content-type: application/hta.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '215:.*viagra.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*viagra.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '216:.*Viagra.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*Viagra.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '217:.*VIAGRA.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*VIAGRA.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '218:.*via-gra.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*via-gra.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '219:.*v1agra.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*v1agra.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '220:.*viagara.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*viagara.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '221:.*VIAGARA.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*VIAGARA.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '222:.*v.i.a.g.r.a.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*v.i.a.g.r.a.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '223:.*V.i.a.g.r.a.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*V.i.a.g.r.a.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '224:.*V.I.A.G.R.A.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*V.I.A.G.R.A.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '225:.*V.1.@.G.R.A.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*V.1.@.G.R.A.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '226:.*VlAGRA.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*VlAGRA.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '227:.*VlAGARA.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*VlAGARA.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '228:.*ClALlS.*' = 'Policy-Subject' = 'Spam Viagra'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*ClALlS.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '229:.*Orgies.*' = 'Policy-Subject' = 'Spam Porn'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*Orgies.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: '230:.*orgies.*' = 'Policy-Subject' = 'Spam Porn'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a header!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: checking for objects containing subject: .*orgies.*
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: 'eicar.com' = 'SIZE=69' = 'EICAR Test Virus'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a size!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: 'happy99.exe' = 'SIZE=10000' = 'Happy99 Trojan virus'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a size!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: 'zipped_files.exe' = 'SIZE=120495' = 'W32/ExploreZip.worm.pak virus'
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: type is a size!
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: skipping auto-generated file 1272985680.31806-0.test
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: skipping auto-generated file orig-test127298568057231804
Tue, 04 May 2010 19:08:00 MSD:31804: p_s: finished scan of dir "/var/spool/qscan/tmp/test127298568057231804" in 0.00908 secs
Tue, 04 May 2010 19:08:00 MSD:31804: scanloop(spam): starting scan of directory "/var/spool/qscan/tmp/test127298568057231804"...
Tue, 04 May 2010 19:08:00 MSD:31804: scanloop: finished scan of "/var/spool/qscan/tmp/test127298568057231804"...
Tue, 04 May 2010 19:08:00 MSD:31804: ini_sc: scanning message took 0.013804 seconds
Tue, 04 May 2010 19:08:00 MSD:31804: q_r: fork off child into /var/qmail/bin/qmail-queue...
Tue, 04 May 2010 19:08:00 MSD:31810: q_r: xstatus=0
Tue, 04 May 2010 19:08:00 MSD:31804: qmail-scanner[31804]: Clear:RC:1(127.0.0.1): 0.019509 1846 erovms@ymail.com secretary@crazyhorse.ru п?я?я?п?п?п?пҐп?п?_п?я?п?я?я?п?п?п?! <20100504150650.A5DB52ED4@fr41.aha.ru> 1272985680.31806-0.test:758 orig-test127298568057231804:1846
Tue, 04 May 2010 19:08:00 MSD:31804: cleanup: /bin/rm -rf /var/spool/qscan/tmp/test127298568057231804/ /var/spool/qscan/working/new/test127298568057231804
Tue, 04 May 2010 19:08:00 MSD:31804: all finished. Total of 0.030352 secs
Код: Выделить всё
.......
my $sa_subject='';
my $sa_quarantine='5.0';
my $sa_delta='';
my $sa_delete='7.0';
my $sa_reject='';
my $sa_forward='';
my $sa_fwd_verbose='';
my $sa_hdr_report='';
my $smaildir='';
.......
Какая связь MTA с фри и линем?Ан0ним писал(а):Походу дела народ начал забивать на фрю и переходить на линь.
С каким параметромfantomas000 писал(а):Приветствую Вас!
Как сделать чтобы qmail-scanner помещал письма которые определяются как SPAM в карантин?
Сейчас вот что у меня в файле qmail-scanner-queue.plЭто я дописывал руками уже после установки qmail-scanner, а потом перезапустил qmail.Код: Выделить всё
....... my $sa_subject=''; my $sa_quarantine='5.0'; my $sa_delta=''; my $sa_delete='7.0'; my $sa_reject=''; my $sa_forward=''; my $sa_fwd_verbose=''; my $sa_hdr_report=''; my $smaildir=''; .......
Но в карантин /var/spool/qscan/quarantine/spam/new/ так ни чего не попадает, а вот пользователям они приходят с пометкой ***SPAM***
Как сделать так чтобы письма попадали в карантин?
Код: Выделить всё
--sa-quarantine
Код: Выделить всё
./configure --domain mydomain.ru \
--admin postmaster \
--local-domains "mydomain.ru" \
--add-dscr-hdrs yes \
--dscr-hdrs-text "X-Spam" \
--ignore-eol-check yes \
--sa-quarantine 0 \
--sa-delete 0 \
--sa-reject no \
--sa-subject "***SPAM***" \
--sa-delta 0 \
--sa-alt yes \
--sa-debug no \
--notify admin \
Код: Выделить всё
my $sa_quarantine='';
Код: Выделить всё
my $sa_quarantine='5.0';
Код: Выделить всё
--sa-quarantine 0 \
Код: Выделить всё
with qmail-scanner-2.01st
(clamdscan: 0.97.2/13874. spamassassin: 3.3.1. perlscan: 2.01st.
Clear:RC:0(78.41.65.3):SA:0(1.8/3.0):.
Processed in 1.139833 secs); 20 Dec 2011 09:29:06 -0000
X-Spam-Status: No, hits=1.8 required=3.0
Код: Выделить всё
with qmail-scanner-2.01st
(clamdscan: 0.97.2/13874. spamassassin: 3.3.1. perlscan: 2.01st.
Clear:RC:0(109.184.192.177):SA:1(17.2/3.0):.
Processed in 5.932618 secs); 20 Dec 2011 14:16:16 -0000
X-Spam-Status: Yes, hits=17.2 required=3.0
Код: Выделить всё
--sa-subject "***SPAM***" \
Код: Выделить всё
my $sa_subject='';
Код: Выделить всё
[b]my $sa_subject_site="***SPAM***";[/b] # st: if fast_spamassassin mode is selected
my $spamassassin_binary='/usr/local/bin/spamassassin ';
# st: Spam messages with a score higher than
# (required_hits + sa_quarantine) should be quarantined.
# Only relevant if SpamAssassin is used.
# Score of 0 means deliver all messages. Defaults to 0.
[b]my $sa_quarantine_site='0';[/b]
# st: Some people wants to quarantine spam in a different
# maildir folder than viruses, maybe to run sa-learn.
# The default is:
# my $smaildir_site='spam';
# You can set it per user/domain in the file 'settings_per_domain.txt'
# WARNING: if $smaildir it is not in the same 'file system' (partition)
# than $wmaildir, you have to change the routine 'sub email_quarantine_report'
# you will find the code commented in that routine.
# (in the official version 2.00 this setting has been added)
my $smaildir_site='spam';
# st: address to send a copy of the mails 'quarantined'
# as spam for admin puropose (I thought), almost unmodifyed.
# Enable $sa_fwd_verbose if you want the X-Spam headers in
# the forwarded message.
my $sa_forward_site='';
my $sa_fwd_verbose_site='0';
# st: Spam messages with a score higher than
# (required_hits + sa_delete) should be deleted (or rejected).
# Only relevant if SpamAssassin is used. Score of 0
# means deliver all messages. Defaults to 0.
# If sa-quarantine is set, sa-delete must be greater.
[b]my $sa_delete_site='0';[/b]
# st: If you enable sa-reject and sa-delete is properly set,
# messages with a score higher than (required_hits + sa_delete)
# will be rejected before the smtp session is closed.
# Otherwise they are just dropped silently. (1/0)
my $sa_reject_site='0';
Код: Выделить всё
./configure --domain mydomain.ru \
--admin postmaster \
--local-domains "mydomain.ru" \
--add-dscr-hdrs yes \
--dscr-hdrs-text "X-Spam" \
--ignore-eol-check yes \
--sa-quarantine 5.0 \
--sa-delete 7.0 \
--sa-reject no \
--sa-subject "***SPAM***" \
--sa-delta 0 \
--sa-alt yes \
--sa-debug no \
--notify admin \
Код: Выделить всё
.......
my $sa_subject='***SPAM***';
my $sa_quarantine='5.0';
my $sa_delta='';
my $sa_delete='7.0';
my $sa_reject='';
my $sa_forward='';
my $sa_fwd_verbose='';
my $sa_hdr_report='';
my $smaildir='';
.......
my $sa_subject_site="***SPAM***";# st: if fast_spamassassin mode is selected
my $spamassassin_binary='/usr/local/bin/spamassassin ';
# st: Spam messages with a score higher than
# (required_hits + sa_quarantine) should be quarantined.
# Only relevant if SpamAssassin is used.
# Score of 0 means deliver all messages. Defaults to 0.
my $sa_quarantine_site='5.0';
# st: Some people wants to quarantine spam in a different
# maildir folder than viruses, maybe to run sa-learn.
# The default is:
# my $smaildir_site='spam';
# You can set it per user/domain in the file 'settings_per_domain.txt'
# WARNING: if $smaildir it is not in the same 'file system' (partition)
# than $wmaildir, you have to change the routine 'sub email_quarantine_report'
# you will find the code commented in that routine.
# (in the official version 2.00 this setting has been added)
my $smaildir_site='spam';
# st: address to send a copy of the mails 'quarantined'
# as spam for admin puropose (I thought), almost unmodifyed.
# Enable $sa_fwd_verbose if you want the X-Spam headers in
# the forwarded message.
my $sa_forward_site='';
my $sa_fwd_verbose_site='0';
# st: Spam messages with a score higher than
# (required_hits + sa_delete) should be deleted (or rejected).
# Only relevant if SpamAssassin is used. Score of 0
# means deliver all messages. Defaults to 0.
# If sa-quarantine is set, sa-delete must be greater.
my $sa_delete_site='7.0';
.......
Код: Выделить всё
Building Qmail-Scanner 2.01st-20070204...
This script will search your system for the virus scanners it knows
about, and will ensure that all external programs
qmail-scanner-queue.pl uses are explicitly pathed for performance
reasons.
It will then generate qmail-scanner-queue.pl - it is up to you to install it
correctly.
Continue? ([Y]/N)
Y
Searching ......**FATAL ERROR ***
/usr/bin/unzip doesn't support the "-lv" option to view file details
Please upgrade to another version of unzip
Код: Выделить всё
===> Verifying install for /usr/local/lib/perl5/site_perl/5.8.9/mach/Encode/Detect.pm in /usr/ports/converters/p5-Encode-Detect
===> p5-Encode-Detect-1.01 depends on file: /usr/local/lib/perl5/site_perl/5.8.9/ExtUtils/CBuilder.pm - found
===> p5-Encode-Detect-1.01 depends on file: /usr/local/lib/perl5/site_perl/5.8.9/Module/Build.pm - not found
===> Verifying install for /usr/local/lib/perl5/site_perl/5.8.9/Module/Build.pm in /usr/ports/devel/p5-Module-Build
===> Building for p5-Module-Build-0.4000
Can't locate Perl/OSType.pm in @INC (@INC contains: t/lib t/bundled lib /usr/local/lib/perl5/5.8.9/BSDPAN /usr/local/lib/perl5/site_perl/5.8.9/mach /usr/local/lib/perl5/site_perl/5.8.9 /usr/local/lib/perl5/5.8.9/mach /usr/local/lib/perl5/5.8.9 .) at lib/Module/Build.pm line 13.
BEGIN failed--compilation aborted at lib/Module/Build.pm line 13.
Compilation failed in require at Build line 42.
BEGIN failed--compilation aborted at Build line 42.
*** Error code 2
Stop in /usr/ports/devel/p5-Module-Build.
*** Error code 1
Stop in /usr/ports/converters/p5-Encode-Detect.
*** Error code 1
Stop in /usr/ports/mail/p5-Mail-SpamAssassin.
*** Error code 1
Stop in /usr/ports/mail/p5-Mail-SpamAssassin.