Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
E-Mail / How to configure Spamassassin [updated]
« on: December 03, 2024, 11:04:53 PM »
Informations about configure Spamassassin appear to be outdated.
If you follow the wiki https://wiki.centos-webpanel.com/how-to-configure-spamassassin you will got an error with the daemon config and even solving this the spamd will consume a lot of load and will not work, as mentioned in https://forum.centos-webpanel.com/e-mail/spamassassin-service-failed-with-result-start-limit-hit/msg38072/#msg38072
I'll join here all steps to configure and ask for you, what is wrong? Let's make new and functional instructions to configure o spamassassin, please.
Assume that mail server built with ClamAV+SA+Amavis at MailServer Manager and working, but spamassassin is not marking *SPAM* and is not moving messages to Spam folder.
Add line " -o content_filter=spamassassin" at /etc/postfix/master.cf after " -o receive_override_options=no_address_mappings", you will get:
*do NOT forget about two spaces before -o
At end of same file /etc/postfix/master.cf add:
Check if /var/lib/spamassassin/ exist, if not create. Check if user and groutp owned by nobody.
At file /etc/sysconfig/spamassassin edit to:
** Here we have a problem, with -d option (Detach from starting process and run in background) you will have spamd consuming a lot of load, even not working. This is mentioned at
https://forum.centos-webpanel.com/e-mail/spamassassin-service-failed-with-result-start-limit-hit/msg38072/#msg38072 . So we can remove it? As for me both options did not work I don't know what can be better yet.
Edit /usr/share/spamassassin/local.cf with default options:
Maybe this file is not loading. As mentioned at https://forum.centos-webpanel.com/e-mail/spamassassin-service-failed-with-result-start-limit-hit/msg38072/#msg38072 this configuration must be set in another place, but where and how? Searching I found that can be any new file at /usr/share/spamassassin/ or /etc/mail/spamassassin, I've tried creating custom.cf, inserting default options, but didn't work. Even editing /etc/mail/spamassassin/local.cf
Here the configuration should be complete, but no. You'll get an error: spamassassin.service: Failed with result 'start-limit-hit' after reload spamd.
You need to edit /usr/lib/systemd/system/spamassassin.service, inside Service section add:
Reload deamon, restart postfix and spamassassin:
* Here we should restart Amavis too?
So with that I have spamassassin started, without error, but not marking and moving spam : (
Please, lets help to update this instructions. Spamassassin is so important and I hope soon cwp have this configuration included at MailServer Manager.
If you follow the wiki https://wiki.centos-webpanel.com/how-to-configure-spamassassin you will got an error with the daemon config and even solving this the spamd will consume a lot of load and will not work, as mentioned in https://forum.centos-webpanel.com/e-mail/spamassassin-service-failed-with-result-start-limit-hit/msg38072/#msg38072
I'll join here all steps to configure and ask for you, what is wrong? Let's make new and functional instructions to configure o spamassassin, please.
Assume that mail server built with ClamAV+SA+Amavis at MailServer Manager and working, but spamassassin is not marking *SPAM* and is not moving messages to Spam folder.
Add line " -o content_filter=spamassassin" at /etc/postfix/master.cf after " -o receive_override_options=no_address_mappings", you will get:
Code: [Select]
smtp inet n - n - - smtpd
-o content_filter=smtp-amavis:127.0.0.1:10024
-o receive_override_options=no_address_mappings
-o content_filter=spamassassin*do NOT forget about two spaces before -o
At end of same file /etc/postfix/master.cf add:
Code: [Select]
spamassassin unix - n n - - pipe
user=nobody argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}Check if /var/lib/spamassassin/ exist, if not create. Check if user and groutp owned by nobody.
At file /etc/sysconfig/spamassassin edit to:
Code: [Select]
SAHOME="/var/lib/spamassassin/"
SPAMDOPTIONS="-d -c -m5 -u nobody -s ${SAHOME}spamd.log"** Here we have a problem, with -d option (Detach from starting process and run in background) you will have spamd consuming a lot of load, even not working. This is mentioned at
https://forum.centos-webpanel.com/e-mail/spamassassin-service-failed-with-result-start-limit-hit/msg38072/#msg38072 . So we can remove it? As for me both options did not work I don't know what can be better yet.
Edit /usr/share/spamassassin/local.cf with default options:
Code: [Select]
rewrite_header Subject *SPAM*
# report_safe 1
# trusted_networks 212.17.35.
required_score 5.0
use_bayes 1
bayes_auto_learn 1
bayes_ignore_header X-Bogosity
bayes_ignore_header X-Spam-Flag
bayes_ignore_header X-Spam-Status
include /usr/share/spamassassin/Maybe this file is not loading. As mentioned at https://forum.centos-webpanel.com/e-mail/spamassassin-service-failed-with-result-start-limit-hit/msg38072/#msg38072 this configuration must be set in another place, but where and how? Searching I found that can be any new file at /usr/share/spamassassin/ or /etc/mail/spamassassin, I've tried creating custom.cf, inserting default options, but didn't work. Even editing /etc/mail/spamassassin/local.cf
Here the configuration should be complete, but no. You'll get an error: spamassassin.service: Failed with result 'start-limit-hit' after reload spamd.
You need to edit /usr/lib/systemd/system/spamassassin.service, inside Service section add:
Code: [Select]
StartLimitBurst=0Reload deamon, restart postfix and spamassassin:
Code: [Select]
systemctl daemon-reload
sa-update
systemctl restart postfix spamassassin* Here we should restart Amavis too?
So with that I have spamassassin started, without error, but not marking and moving spam : (
Please, lets help to update this instructions. Spamassassin is so important and I hope soon cwp have this configuration included at MailServer Manager.
2
DNS / dns_rebuild_zone - what zone template this function use? is not the default set
« on: October 16, 2024, 09:14:14 PM »
In List of DNS Zone, when I click the button Rebuild Zone this module don't use the zone template selected in Server settings.
When I create an account ok, use the right zone template, but this useful function/module is using what zone template?
I'm doing a cpanel migrate and a lot of trash dns entries are migrate and the NSs entries are not swapped to default of the server. So rebuild zone function should be good if it worked.
The cpanel process have boring bugs arround DNS topic, other here:
https://forum.centos-webpanel.com/migration-from-other-control-panels/cpanel-cwp-migration-change-permission-of-varnamed-and-stop-bind/
When I create an account ok, use the right zone template, but this useful function/module is using what zone template?
I'm doing a cpanel migrate and a lot of trash dns entries are migrate and the NSs entries are not swapped to default of the server. So rebuild zone function should be good if it worked.
The cpanel process have boring bugs arround DNS topic, other here:
https://forum.centos-webpanel.com/migration-from-other-control-panels/cpanel-cwp-migration-change-permission-of-varnamed-and-stop-bind/
3
E-Mail / how to block user ip if tried x attempts login failed in Roundcube
« on: October 15, 2024, 11:57:09 PM »
I didn't find any specific option about Roundcube in CSF.
Is there any possibility to block user ip if more than 3 failed login attempts in Roundcube? using CSF or some other mechanism?
Roundcube login looks very vulnerable.
Is there any possibility to block user ip if more than 3 failed login attempts in Roundcube? using CSF or some other mechanism?
Roundcube login looks very vulnerable.
4
Migration from other control panels / cpanel cwp migration change permission of /var/named and stop bind
« on: October 15, 2024, 11:32:22 PM »
After used the migration_cpanel_v2 tool, migrated all packages and two users, the migration runs without error but bind stoped.
The bind/named service goes down and can't start. Seen log it was perminssion denied to access /var/named/
Checking the directory permission it was changed owner to last user migrated. And the named db created have root:root permition.
Only after changed everything to named:named owner (dir and files) the bind started.
I tried /var/named with root:named and db files with root:root (maybe it's the right permission), but bind don't work. Do you know what is the right permission do theses dir and db files?
Always I run the migration permission are changed to the last user and I need to correct.
Seen the migration log, no error or something strange, only:
2024-10-15 16:17:07 rsync -av /home/.imburana20241015201542eJTBVdSkz3Yr4S/cpmove-imburana/dnszones /home/imburana/
2024-10-15 16:17:07 sed -i 's|xxx|xxx|g' /home/imburana/dnszones/*.db
2024-10-15 16:17:07 WebServers_AutoSSLmanual ssl
2024-10-15 16:17:07 WebServers_Rebuild ssl
2024-10-15 16:17:07 Copy files
2024-10-15 16:18:17 All files were copied
2024-10-15 16:18:17 grep 'imburana=' /home/.CPANELCWP_20241015201542/accounts.ini
2024-10-15 16:18:17 Adjusting user permissions
-------
Almalinux 8.10, CWP last version.
The bind/named service goes down and can't start. Seen log it was perminssion denied to access /var/named/
Checking the directory permission it was changed owner to last user migrated. And the named db created have root:root permition.
Only after changed everything to named:named owner (dir and files) the bind started.
I tried /var/named with root:named and db files with root:root (maybe it's the right permission), but bind don't work. Do you know what is the right permission do theses dir and db files?
Always I run the migration permission are changed to the last user and I need to correct.
Seen the migration log, no error or something strange, only:
2024-10-15 16:17:07 rsync -av /home/.imburana20241015201542eJTBVdSkz3Yr4S/cpmove-imburana/dnszones /home/imburana/
2024-10-15 16:17:07 sed -i 's|xxx|xxx|g' /home/imburana/dnszones/*.db
2024-10-15 16:17:07 WebServers_AutoSSLmanual ssl
2024-10-15 16:17:07 WebServers_Rebuild ssl
2024-10-15 16:17:07 Copy files
2024-10-15 16:18:17 All files were copied
2024-10-15 16:18:17 grep 'imburana=' /home/.CPANELCWP_20241015201542/accounts.ini
2024-10-15 16:18:17 Adjusting user permissions
-------
Almalinux 8.10, CWP last version.
Pages: [1]
