MailScanner

New MailScanner Front-End (MSFE) v4.0

Changes:

  • Installation no longer attempts to recreate mailscanner database or update the MailScanner configuration settings if the mailscanner MySQL database already exists
  • Added whitelisting to virus.scanning.rules for mails released from quarantine (i.e. sent locally and from the postmaster@hostname address)
  • Moved to a simpler installer script using the license server
  • Timeout version checks incase version server is unavailable
  • Added check for incorrect ClamAV (or clamavconnector) installation which causes MailScanner to be disabled
  • Improved support for remote MySQL database servers

New MSFE v3.9

Changes:

  • Fixed problem with installer where Msfe.pm wasn’t being copied on installation
  • Added new IP licensing scheme. You will need to email your order details and servers main IP address to sales@waytotheweb.com to be able to upgrade MSFE in future releases
  • Updated post-upgrade message to reflect the new route to the MSFE WHM UI
  • Added link to MSFE changelog if an upgrade is available

For this version, you can download the update from http://download.webumake.com – if you don’t have a download account, please email sales@waytotheweb.com and request one, and be sure to include the name under which you originally ordered and your servers IP address for future updates. Future versions will then be available for upgrade from within WHM.

MailScanner: Problems for Liquidweb clients

We have found that some clients hosted by Liquidweb are seeing the message “MailScanner Status: Disabled” at the top of their MailScanner front-end after a cPanel upgrade.The problem has been caused by Liquidweb’s installation of clamav rpms that modify the exim configuration each time cPanel is upgraded, thus breaking MailScanner. We have been uninstalling these rpms as part of our mailscanner install for several months now but it appears that Liquidweb has re-installed those rpms and the problem has arisen again since a recent cPanel upgrade.Fix instructions follow.If you would like us to perform the fix for you, then please log a ticket on our helpdesk with access details. There will be a $30 (half hour) charge for performing this service.Here is how to fix it:1. Remove /etc/exim.conf.local to start with a clean copy.

/bin/mv -fv /etc/exim.conf.local /etc/exim.conf.local.old/scripts/buildeximconf

2. Remove all installs and rpms of clamav and reinstall clamav.

killall clamdrpm -e clamav-db clamd clamav clamav-devel/bin/rm -Rfv /usr/bin/clam*/bin/rm -Rfv /usr/sbin/clam*/bin/rm -Rfv /usr/lib/libclam*/bin/rm -Rfv /usr/share/clam*/bin/rm -Rfv /usr/include/clam*/bin/rm -Rfv /usr/bin/freshclam*/bin/rm -Rfv /usr/etc/clamav*/bin/rm -Rfv /usr/local/bin/clam*/bin/rm -Rfv /usr/local/sbin/clam*/bin/rm -Rfv /usr/local/lib/libclam*/bin/rm -Rfv /usr/local/share/clam*/bin/rm -Rfv /usr/local/include/clam*/bin/rm -Rfv /usr/local/bin/freshclam*/bin/rm -Rfv /usr/local/etc/clamav*useradd clamavgroupadd clamavcd /root/rpmswget http://prdownloads.sourceforge.net/clamav/clamav-0.88.7.tar.gztar -xzf clamav-*cd clamav-*./configure –disable-zlib-vcheckmakemake installreplace “Example” “#Example” — /usr/local/etc/freshclam.confreplace “Example” “#Example” — /usr/local/etc/clamd.conffreshclamcd ../bin/rm -Rf clamav-*cd /root/rpms/touch /var/log/clam-update.logchown clamav:clamav /var/log/clam-update.log/scripts/perlinstaller –force Mail::ClamAV

3. Upgrade MailScanner (per instructions on website – http://www.configserver.com/cp/upgrade.html) to add correct configuration to exim.conf.local. Should be able to select option 2 (quick perl module check). You will need to do ths at the command line since you are probably already running the latest version of MailScanner.4. Re-add the dictionary attack ACL, log_selector, etc. to exim.conf.local via WHM exim configuration editor, if desired.

New MSFE v3.8

Changes:

  • Added new feature allowing you to set cPanel user MailScanner settings from within the WHM UI
  • Moved a selection of settings from the MSFE Advanced settings to the main settings display
  • Added option to MailScanner Performance to allow disabling of Message Scanning. This can help to process a backlog of email very quickly as no spam or virus scanning is done at all and the queued email is simply handed to exim for delivery
  • Changed option to Edit rules to View rules instead for stability reasons since the MSFE jobs wiil overwrite any changes

You can download the update from http://download.webumake.com – if you don’t have a download account, please email sales@waytotheweb.com and request one, and be sure to include the name under which you originally ordered.

ORDB RBL is closing down

Quote from http://www.ordb.org/news/?id=38:

We regret to inform you that ORDB.org, at the ripe age of five and a half, is shutting down. It’s been a case of a long goodbye as very little work has gone into maintaining ORDB for a while.
We encourage system owners to remove ORDB checks from their mailers immediately and start investigating alternative methods of spam filtering.

So, if you use relays.ordb.org in exim RBL ACL, or ORDB-RBL in the MailScanner “Spam List” setting, remove it asap.Note: We do not configure either exim or MailScanner to use this RBL when we perform the MailScanner Sevice package work

ClamAV Oversized.zip errors

If you’re unexpectedly seeing the following in /var/log/maillog for emails blocked with zip file attachments:ClamAVModule::INFECTED:: Oversized.Zip::Then you may have not reinstalled the Mail::ClamAV perl module after upgrading ClamAV recently. The MailScanner Front-End does upgrade the perl module for you, but if you perform the ClamAV upgrade manually, then you need to be sure to run:

/scripts/perlinstaller –force Mail::ClamAV

It’s important to use –force otherwise the perl module most likely won’t be reinstalled (i.e. if the version of the perl module hasn’t changed).Then restart MailScanner:

service MailScanner restart

New ClamAV v0.88.7

ClamAV have released a new version 0.88.7 with the following changes:

Mon Dec 11 02:47:03 CET 2006—————————-

Want to make spam detection more aggressive?

We’ve recently started including the following SpamAssassin score modifications to help boost the identification of incoming spam with MailScanner. To do it yourself, create a file called /etc/mail/spamassassin/configserver.cf and add the following lines:

score BAYES_99 5.0score URIBL_SBL 5.0score URIBL_AB_SURBL 5.0score URIBL_OB_SURBL 5.0score URIBL_PH_SURBL 5.0score URIBL_SC_SURBL 5.0score URIBL_WS_SURBL 5.0score URIBL_JP_SURBL 5.0

Then reload MailScanner:

service MailScanner reload

That’s it. This makes your Bayesian database have a greater say in what is very likely to be spam and also boosts the scores of emails that contain URI’s in known spam from various URI RBL spam lists

ConfigServer cPanel Services

We’ve decided to simplify our cPanel Server Service packages to a single package (with a MailScanner option). This has been done for a one main reason – we’ve found that many people who were purchasing the smaller packages were needing the security features of the large packages and weren’t benefitting from them, frequently purchasing additional services from us to bring their servers up to the Full Service spec.To better service our customers we’ve created a single package that tackles all of the apsects of server security and management that we deal with. We’ve reduced the price of what was the cPanel Full Service package for the new all encompassing package.We have not removed any features at all whilst doing this.We hope the change benefits our customers in making their servers more secure and managable.