I have a requirement to bring web-filtering inhouse on our own hardware.
This is to support up to 50 remote sites - I've looked at iron port / barracuda but Im not sure if it can do what is required.
I need each remote site to effectively have a seperate 'account' with the ability for each sites manager to see the traffic just for their site, create users for that site, specify site specific blocks / allows and also monitor which users are browsing which sites.
Does anyone know of a product or application that allows this sort of segmentation? I'm not a big fan of Surf Control (I don't believe it's able to deal with this sort of setup)
The other option is 1 appliance per remote site - but the costs associated with this are probably out of our budget for this project.
This one's an itnerestign one thats been bugging me for a while!
We want to configure our PPA mail node to send all outbound mail through our spam filtering appliance but don't know where to start.
Reading standard Postfix docs give basic instructions on how to direct a handful of domains through a mail relay but we want to direct every outbound email from all domains through our spam filter.
We also want to ensure that any regular updates to the mail node won't break or undo this config.
I have an old computer that I want to setup as a server, for some small projects that I would like to publish online. I don't want to install any GUI's if I don't have to. What I would like to do is install linux (not sure which one), apache, php, and a webhost manager to handle the domains on that box. Can someone point me to a tutorial or in the right direction here? I would like to practice installing these things on my home box for now so I can get used to. I was going to install ubuntu, but thought that was to excessive for what I want.
We have a immediate need for a fileserver with some sort of CDP/snapshot backup offered on their own internal *lan*
It will be primarily used as a file server with multiple developers worldwide .
Can anyone recommend a hoster with this. Reliability and Quality. Not necessarily a requirement, but the person managing this *would prefer a Plesk CP*.
Looked at softlayers offerings and while it's fair for what it is....at their pricepoint, we would just setup one in a DC. It's moreso a immediate need that does not allow this.
We recently moved all our hosting accounts from our servers to new servers with a new host. In the process of this move, after moving all the domains and setting the nameserver ips to the new ips, none of the sites are pulling up. I changed the ip for all nameservers to the ones provided to me by the new host but we cannot figure out why the sites are not pulling up, he says everything on his end is fine? Talking about 100+ clients who have been down for over a day now after changing the nameservers and cannot figure out whats going on. All we did was set the ips on my current nameservers to the new ips below.
Now they are claiming they can bring the sites up, but none of the clients I have talked to can bring them up. Also I cannot bring up any domains or ping them from my home or work.
Example domains that are not working that were moved: bluetongueskinks.net pokemongamesnow.com
The 204.16.247.150/~username works fine. See 204.16.247.150/~pokemon
The accounts transferred over fine in WHM. We were using a dns redirect in WHM on the old server before changing nameservers to make sure it pulled them all up fine.
ips for the nameservers 204.16.247.150 and 204.16.244.150.
whenever one of my customers tries to install an application from the application installer, they get an error that looks like this.
Error: Installation of WordPress at http://*******.com/wordpress failed. Non-zero exit status returned by script. Output stream: 'PHP Warning: mysql_connect(): Access denied for user 'ndari_wordpres_7'@'aeris.jdrepo.com' (using password: YES) in /opt/psa/var/apspackages/apscatalogSTqEEM.zip7b3ca133-9714-5d/cache/scripts/db-util.php on line 66 '.
Error stream: 'PHP Warning: mysql_connect(): Access denied for user 'ndari_wordpres_7'@'aeris.jdrepo.com' (using password: YES) in /opt/psa/var/apspackages/apscatalogSTqEEM.zip7b3ca133-9714-5d/cache/scripts/db-util.php on line 66 '.Click to expand...
Looking for a firewall appliance to stick before two dell servers that are going into a co-location data center.
Do you guys have any favorite FIREWALL appliances? I am looking at the CISCO PIX 501, because it seems to be the standard, but there are others that do virusscan, and malware scans at the hardware level before it enters the servers which caught my interest.
Can anyone recommend an affordable antivirus hardware appliance that can be put in-line between a physical machine acting as a mail server and the switch? I need it only to filter on ONE machine so it would not have to be extremely fast. Spam filtering would be a plus as well. Any recommendations? I am looking for something plug and play.
512 MB RAM 2.0 GHz Celeron 40 GB HD 6 Ethernet Ports LCD Front Display
and it's an appliance like the Cobalts but for security, however I was wondering if anyone knew of a way to just use it as a regular either windows headless server or linux server. Also does anyone know if it's possible to upgrade the processor? Maybe even a Xeon as I know all the other models come with Xeon Processors or do they actually use a seperate motherboard?
Does anyone have any experience to share concerning these devices?
I'm having some serious spam issues and would like to look into a better approach to preventing this than the typical SpamAssasin solution bundled with cPanel, Plesk and so on. SA seems rather inefficient, needs a lot of training, can get a lot of false positives, tends to break now and then, and so on.
Have any of you used either the Barracuda or the MailFoundry applicances, or even better - compared them first hand? Are there any similar solutions out there, perhaps cheaper/more cost effective in the long run?
$2000-3000+ for the hardware and around $500 a year for an anti-spam solution is a little steep in my opinion. Especially considering the old and cheap hardware for an example MailFoundry uses. How accurate they actually are in terms of false positives is also seemingly debated. MailFoundry promises a near 0 false positive rate, while some user-experiences suggest somewhere between 6-10% - which could represent an issue just as problematic as spam itself. Nobody wants to lose out on important email. To spend such an amount on a device and updates, it certainly needs to be worth it. Is it?
Are there any equally good or better software based solutions out there, that one could for an example use to set up a custom anti-spam server using existing hardware at the DC?
We are planing to implement a spam appliance like the mailfoundry for our 60 cpanel servers.
What is the best and easiest way to replace the standard cpanel mx entry in the dns zonefiles with our two new MX entries?
Additionaly we need to enable the option "Always accept mail locally even if the primary mx does not point to this server." for all the dnszonefiles where we use the new MX entries.
The problem is, that some customers are using already own mx entries, therefore we can not change all of them, but only the entries which point to the cpanel server.
Does someone have a script for this, or how would you change this?
hardware wise, it's just an out-dated supermicro's mini 1U setup (P8SCT in SC512L chassis, prescott 3G, 2G DDR2, 1x WD 250G) which can be easily upgraded to newer, greener configuration such as PDSMI+ or PDSBL-LN2 board with Conroe/Kentsfield CPU, 4G~8G RAM, even raptor 10k drive.
what do you guys think the market out there for this type of appliance? will updated hardware boots the performance by much?
I used to have a reseller account and have shifted everything to a dedicated server. I now find that a couple of clients are getting lots of spam when they didn't before.
It seems that the servers used by the reseller account had some level of basic spam filtering installed; my provider suggested I look for a filtering program to install on my server.
There are, of course, dozens of them, so I wondered if anyone has any experience - enough, perhaps, to make a recommendation.
Even though I have temporarily installed Exchange Server on my dedicated server, I still am thinking about using POP3 instead, simply because of multiple email accounts and my outlook client can use multiple email accounts, and setup rules/filters to direct incoming emails to specific recepients to folders, which is what I want.
Sure, in Windows I know how to set up POP3 BUT what security can I setup for POP3 email accounts?
In addition, what about spam/filtering? How would I set that up to stop spam coming in?
I took over some sites that have a Windows hosting package. They're not high-traffic sites and the content is just typical corporate stuff; it's not sensitive information or anything.
Any they are insisting that they filter the IP addresses allowed to use the FTP account. So I have to give them my IP and it adds it to a safe list. this is causing me problems for urgent updates as sometimes I am working at home or somewhere away and my ISP gives me my IP dynamically, although it doesn't change that often.
Is this normal or necessary? I've never come across it before. I think it's overkill personally. What would you do? If they're worried about security should I ask them to set up SFTP and remove the IP filter?
I am having an issue with SPAM and baunced emails.
Spammers are sending out emails to thousands of addresses and putting my email in reply back field so i am getting all complaints/baunced emails etc.
I have DirectAdmin installed which lacks advanced email filtering features and wanted to know how can i setup Exim or what third party software to add to filter all incoming emails based on their subject?
I have Squirrelmail installed and it has these filters but the problem is that it applys its filters only on login and if i am checking email thru POP3 filters dont get applied.
I would like to filter some special mails of mine through an external PHP script. Is this possible? I would like to call the php file everytime a mail arrives, and the php file will make changes to that mail text and save in inbox.
My PHP file is ready but i need to make this work in Exim.
decent spam filtering service that allows you to do multiple domains and charges on a per user basis (with most you have to have the same domain or you have to buy another license pack). Anyway I'm looking to spend around $1-3 per user
Does anybody know if GD filters email BEFORE it reaches my domain? It surely seems so. I recently moved to GD. I turned off spam filtering and don't receive any spam on accounts that used to receive a lot of spam. The only possible explanation is that they kill it before it reaches my domain.
if anyone may know of a server spam filtering product which has these features....
1. stops identified spam at the server and keeps it for a period of time eg 7 days before dumping it
2. forwards clean mail to end user
3. end user gets daily report via email of mail tagged and kept
4. clickable link in daily email report to 'release' mail and send it
5. auto whitelists released mail (ie adds it to bayesian database / whitelist addresses)
6. configurable to work with either individual end user, or with eg domain sysadmin (who can view / help see mail for all domain users)
7. can be either a hosted service, or server software product; although linux opensource server product would be good.....
8. not hugely expensive :-)
I have been using ASSP for quite some time; and like it's accuracy. So I suppose what ideally I'm looking for is ASSP with Bells and Whistles. On Cpanel I'm using grscripts ASSP deluxe, and this already has some great bells, but lacks a couple of the whistles I'd like (as above).
If anyone has ideas - or can point me to other threads (I did a search here already, but couldn't refine my search enough to find anything relevant)
My provider is using mailfoundry for spam filtering.. but I used IMAP (stored on server) for email.. my problem is that I'm also using a catch-all address and I make up random email names for sites I go to, to check for spam on the incoming side..
I setup filters in Cpanel to remove the selected spam or emails I don't wish to recieve.. but they don't seem to remove themselves.. it could just be a setup problem or it could be the mailfoundry.. not sure..
Here's the settings I have in cpanel (I just altered the name) is this the right setting.. or does it go elsewhere?
## Exim system filter to refuse potentially harmful payloads in ## mail messages ## (c) 2000-2001 Nigel Metheringham <nigel@exim.org> ## ## This program is free software; you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by ## the Free Software Foundation; either version 2 of the License, or ## (at your option) any later version. ## ## This program is distributed in the hope that it will be useful, ## but WITHOUT ANY WARRANTY; without even the implied warranty of ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ## GNU General Public License for more details. ## ## You should have received a copy of the GNU General Public License ## along with this program; if not, write to the Free Software ## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ## -A copy of the GNU General Public License is distributed with exim itself
## -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ## If you haven't worked with exim filters before, read ## the install notes at the end of this file. ## The install notes are not a replacement for the exim documentation ## -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
## ----------------------------------------------------------------------- # Only run any of this stuff on the first pass through the # filter - this is an optomisation for messages that get # queued and have several delivery attempts # # we express this in reverse so we can just bail out # on inappropriate messages # if not first_delivery then finish endif
## ----------------------------------------------------------------------- # Check for MS buffer overruns as per BUGTRAQ. # [url] # This could happen in error messages, hence its placing # here... # We substract the first n characters of the date header # and test if its the same as the date header... which # is a lousy way of checking if the date is longer than # n chars long if ${length_80:$header_date:} is not $header_date: then fail text "This message has been rejected because it has
an overlength date field which can be used
to subvert Microsoft mail programs
The following URL has further information [url] seen finish endif
## ----------------------------------------------------------------------- # These messages are now being sent with a <> envelope sender, but # blocking all error messages that pattern match prevents # bounces getting back.... so we fudge it somewhat and check for known # header signatures. Other bounces are allowed through. if $header_from: contains "@sexyfun.net" then fail text "This message has been rejected since it has
the signature of a known virus in the header." seen finish endif if error_message and $header_from: contains "Mailer-Daemon@" then # looks like a real error message - just ignore it finish endif
## ----------------------------------------------------------------------- # Look for single part MIME messages with suspicious name extensions # Check Content-Type header using quoted filename [content_type_quoted_fn_match] if $header_content-type: matches "(?:file)?name=("[^"]+\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])")" then fail text "This message has been rejected because it has
potentially executable content $1
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it." seen finish endif # same again using unquoted filename [content_type_unquoted_fn_match] if $header_content-type: matches "(?:file)?name=(\S+\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))" then fail text "This message has been rejected because it has
potentially executable content $1
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it." seen finish endif
## ----------------------------------------------------------------------- # Attempt to catch embedded VBS attachments # in emails. These were used as the basis for # the ILOVEYOU virus and its variants - many many varients # Quoted filename - [body_quoted_fn_match] if $message_body matches "(?:Content-(?:Type:(?>\s*)[\w-]+/[\w-]+|Disposition:(?>\s*)attachment);(?>\s*)(?:file)?name=|begin(?>\s+)[0-7]{3,4}(?>\s+))("[^"]+\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])")[\s;]" then fail text "This message has been rejected because it has
a potentially executable attachment $1
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it." seen finish endif # same again using unquoted filename [body_unquoted_fn_match] if $message_body matches "(?:Content-(?:Type:(?>\s*)[\w-]+/[\w-]+|Disposition:(?>\s*)attachment);(?>\s*)(?:file)?name=|begin(?>\s+)[0-7]{3,4}(?>\s+))(\S+\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))[\s;]" then fail text "This message has been rejected because it has
a potentially executable attachment $1
This form of attachment has been used by
recent viruses or other malware.
If you meant to send this file then please
package it up as a zip file and resend it." seen finish endif ## -----------------------------------------------------------------------
#### Version history # # 0.01 5 May 2000 #Initial release # 0.02 8 May 2000 #Widened list of content-types accepted, added WSF extension # 0.03 8 May 2000 #Embedded the install notes in for those that don't do manuals # 0.04 9 May 2000 #Check global content-type header. Efficiency mods to REs # 0.05 9 May 2000 #More minor efficiency mods, doc changes # 0.06 20 June 2000 #Added extension handling - thx to Douglas Gray Stephens & Jeff Carnahan # 0.07 19 July 2000 #Latest MS Outhouse bug catching # 0.08 19 July 2000 #Changed trigger length to 80 chars, fixed some spelling # 0.09 29 September 2000 #More extensions... its getting so we should just allow 2 or 3 through # 0.10 18 January 2001 #Removed exclusion for error messages - this is a little nasty #since it has other side effects, hence we do still exclude #on unix like error messages # 0.11 20 March, 2001 #Added CMD extension, tidied docs slightly, added RCS tag #** Missed changing version number at top of file :-( # 0.12 10 May, 2001 #Added HTA extension # 0.13 22 May, 2001 #Reformatted regexps and code to build them so that they are #shorter than the limits on pre exim 3.20 filters. This will #make them significantly less efficient, but I am getting so #many queries about this that requiring 3.2x appears unsupportable. # 0.14 15 August,2001 #Added .lnk extension - most requested item :-) #Reformatted everything so its now built from a set of short #library files, cutting down on manual duplication. #Changed w in filename detection to . - dodges locale problems #Explicit application of GPL after queries on license status # 0.15 17 August, 2001 #Changed the . in filename detect to S (stops it going mad) # 0.16 19 September, 2001 #Pile of new extensions including the eml in current use # 0.17 19 September, 2001 #Syntax fix
More out of curiosity than anything, I've been wondering if there are options for filtering outgoing SMTP. Not necessarily every single message, but a firewall-level tool to watch for a sudden burst in SMTP from one host, run some of the messages through SpamAssassin or the like, and trigger an alert if they rank highly for spam.
It seems like it's technologically possible, but I've never heard of anyone doing it, nor seen an actual implementation of it. Has anyone heard of this type of thing?
I have SpamAssassin on my server, and I use email piping to forward incoming emails to a PHP script. I'd like to know if emails go through SpamAssassin before being piped, or if they don't go through SpamAssasin. Where exactly is SpamAssassin requested to scan emails?
