Search found 15 matches

by ssanfordph
Tue Jun 21, 2016 8:56 pm
Forum: Configuration
Topic: MXtoolbox report 'Unable to Connect to SMTP Host'
Replies: 4
Views: 1750

Re: MXtoolbox report 'Unable to Connect to SMTP Host'

Are you using them for monitoring? You may want to try adding their server to "No rate limiting for these hosts"
by ssanfordph
Wed May 18, 2016 3:34 pm
Forum: Usage
Topic: strange stuff in Outgoing spool?
Replies: 3
Views: 2610

Re: strange stuff in Outgoing spool?

Possible, have you checked to make sure you're not running an open relay? Review out Outgoing MTA log and see what's going on what those. As far as preventing using mailcleaner as an outgoing smtp. I believe you just need to make sure SMTP->Connection Control->Allow external relaying for these hosts...
by ssanfordph
Wed May 18, 2016 1:26 pm
Forum: Configuration
Topic: “honor SPF”?
Replies: 1
Views: 706

Re: “honor SPF”?

Under SMTP it's "Reject wrong SPF (fail result)"
by ssanfordph
Thu May 12, 2016 3:44 pm
Forum: Configuration
Topic: Large amounts of quarantine files - Drop emails with .js files?
Replies: 5
Views: 1851

Re: Large amounts of quarantine files - Drop emails with .js files?

If you search around on here for clamav-unofficial-sigs.sh you should be able to find the instructions you need.

The scripts can also be found here http://sanesecurity.com/usage/linux-scripts/
by ssanfordph
Thu May 12, 2016 3:05 pm
Forum: Configuration
Topic: Large amounts of quarantine files - Drop emails with .js files?
Replies: 5
Views: 1851

Re: Large amounts of quarantine files - Drop emails with .js files?

Look at adding the sanesecurity foxhole_js.cdb as a clamav definition or their other foxhole defs. This should drop all most files as a "virus".
by ssanfordph
Mon Apr 25, 2016 4:17 pm
Forum: Installation
Topic: Mailcleaner and AD FS
Replies: 1
Views: 1164

Re: Mailcleaner and AD FS

I would probably look at AD LDS or a RODC. Your security guy may have a shitfit too with mailcleaner since debian squeeze is EOL.
by ssanfordph
Mon Apr 25, 2016 1:56 pm
Forum: Updates
Topic: Apache not starting after apt-get update
Replies: 30
Views: 9607

Re: Apache not starting after apt-get update

Squeeze is EOL and the repos are gone. I don't know that I would bother with a new implementation of this software unless a new version is released.
by ssanfordph
Mon Mar 28, 2016 2:51 pm
Forum: Updates
Topic: Debian Jessie
Replies: 35
Views: 12288

Re: Debian Jessie

Thanks for the update Florian. Are you planning to support security issues/updates to the current install in the meantime?
by ssanfordph
Thu Mar 17, 2016 5:34 pm
Forum: Installation
Topic: How to setup MailCleaner and mail server on same machine?
Replies: 3
Views: 1664

Re: How to setup MailCleaner and mail server on same machine

This is a virtualization issue not a mail cleaner issue, but I don't see why this can't be done.
by ssanfordph
Thu Mar 10, 2016 4:00 pm
Forum: Updates
Topic: Debian Jessie
Replies: 35
Views: 12288

Re: Debian Jessie

Is there any status update on this? I too would like to know when the target is for release, if it's quite a bit aways we need to look for an alternative.
by ssanfordph
Fri Jan 29, 2016 2:20 pm
Forum: Configuration
Topic: X-MailCleaner-SpamScore header missing
Replies: 0
Views: 9487

X-MailCleaner-SpamScore header missing

I just noticed that the X-MailCleaner-SpamScore header is missing from all of our e-mails. I would like to use this header for our customer relations tool to categorize e-mails within that system. Is there anything I should look for? I've checked /usr/mailcleaner/etc/mailscanner/MailScanner.conf_tem...
by ssanfordph
Mon Dec 14, 2015 5:17 pm
Forum: Features request
Topic: TLSv1.2
Replies: 7
Views: 6262

Re: TLSv1.2

Do you have a timeline for a patch? We're also under scrutiny from our PCI ASV for having this enabled.
by ssanfordph
Mon Jun 16, 2014 7:50 pm
Forum: Updates
Topic: CVE-2014-0224
Replies: 1
Views: 3030

CVE-2014-0224

The sources.list doesn't include the LTS repositories. So mailcleaner is vulnerable to this and failed out network scans. Updated using:

https://wiki.debian.org/LTS/Using
by ssanfordph
Fri Apr 26, 2013 1:45 pm
Forum: Updates
Topic: Vulnerability scans (cve: CVE-2012-3365CVE-2012-2688)
Replies: 2
Views: 3648

Re: Vulnerability scans (cve: CVE-2012-3365CVE-2012-2688)

Thanks for the update. It's not public facing, but is still within scope of our internal scans at the moment.
by ssanfordph
Thu Apr 25, 2013 2:18 pm
Forum: Updates
Topic: Vulnerability scans (cve: CVE-2012-3365CVE-2012-2688)
Replies: 2
Views: 3648

Vulnerability scans (cve: CVE-2012-3365CVE-2012-2688)

Mail cleaner is currently failing our PCI scans for cve: CVE-2012-3365, CVE-2012-2688. It looks like PHP is packages in the mc-httpd package. PHP reports version PHP 5.3.14 (cli) (built: Jun 20 2012 15:57:22) Copyright (c) 1997-2012 The PHP Group Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Tech...

Go to advanced search