Frozen Emails Dissapearing Too [Exim On Cpanel]
Jun 13, 2008
I have noticed on my two dedicated servers logs that some emails just dissapear after being frozen for days in queue and there is no notice or warning sent to the sender.
Please check your logs and tell me if I am wrong, just check for non-zero on your exim_mainlog
grep non-zero /var/log/exim_mainlog
and then grep your messageId
grep 1K17WW-0002so-Sn /var/log/exim_mainlog
2008-05-24 17:34:23 1K17WW-0002so-Sn == vicoello@xxxxx.com R=lookuphost T=remote_smtp defer (-1): smtp transport process returned non-zero status 0x000e: terminated by signal 14
2008-05-24 17:34:23 1K17WW-0002so-Sn Frozen
2008-05-25 18:02:27 1K17WW-0002so-Sn Message is frozen
...
2008-05-26 22:08:47 1K17WW-0002so-Sn Message is frozen
....
2008-05-27 15:00:31 1K17WW-0002so-Sn Message is frozen
? Dissapeared
View 6 Replies
ADVERTISEMENT
Jan 29, 2007
This message was created automatically by mail delivery software.
A message that you sent has not yet been delivered to one or more of its recipients after more than 72 hours on the queue on server.blablablabla.com
Im recieving this kind of errors from some domains of this server...
Im using cPanel + RHEL 3.
Looking at the logs I found this:
23.red-88-22-154.staticip.rima-tde.net (lista@domain.info) [88.22.xxx.xx] is currently not permitted to relay through this server. Perhaps you have not logged into the pop/imap server in the last 30 minutes or do not have SMTP Authentication turned on in your email client.
And SMTP authentication is enabled at the mail client.
View 4 Replies
View Related
Dec 12, 2008
Delivery attempt for Message ID 1LAXsU-0003SE-0T
Code:
Message 1LAXsU-0003SE-0T is not frozen
LOG: MAIN
cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1LAXsU-0003SE-0T
delivering 1LAXsU-0003SE-0T
LOG: MAIN
== *@yahooo.co.uk R=lookuphost defer (-1): host lookup did not complete
I'm not sure what would be causing that...
I edited /etc/resolv.conf so it contained my name servers:
Code:
nameserver *.*.*.229
nameserver *.*.*.230
basically, emails are not getting sent out.
View 1 Replies
View Related
May 28, 2007
I am creating a web application, nothing spectacular just something to display content.
After completing a long night of coding, I uploaded my files to my server and checked to make sure everything was functioning correctly. Everything seemed fine so I went to bed.
The next morning, to my surprise, all my images had dissapeared! Well not all of them, just the ones being displayed through the PHP script. (coincidentally, these images where all in the same directory...)
Of course the first thought that went through my mind was "scripting error". Which surprised me, since everything worked perfectly the night before. I checked and double checked everything, and I couldn't find anything wrong. I checked the permissions on the directory holding the images and they appeared correct (755). So, to locate the problem I decided to strip out all the variables and create a test page that had only the SQL query, and a print to output the <img> code. Still nothing! So I decided to just go the HTML route and create a test file that held only the <img> code, no PHP involved... nothing.
The images are on the server. I double checked... if you right click > view image, it shows up. Then if you go back to the "test" page and refresh the image is there... however, it does not appear when you first load the page, or it appears and then immediately dissapears.
I contacted my host about the issue, and their first response said:
Quote:
Dear customer,
The images are there if you login through plesk control panel and go to
File Manager under your domain you can find the pictures and see
them.But some of them are not opening under your website.
Best Regards
Honestly... are you kidding me? Reiterating my question doesn't constitute as an answer. And they call themselves "engineers"...
Seeing as it appears to only be affecting one directory (and possibly only JPG images...? Have a look at the test pages above), I believe it might be a permissions issue.
View 0 Replies
View Related
May 1, 2007
am running CentOS 4.4 i686 and WHM 10.8.0 and we are having trouble receiving email from certain domains.
Undere whm tweak settings we do not have the "SpamAssassin Spam Filter" enabled.
Mails sent from two domains (that we know of) do not reach us at all and no error message is deliver to the sending address.
Emails sent from us to them DO reach they destination so we are thinking some spam filfer or configuration in exim must be the culprit.
View 6 Replies
View Related
May 16, 2009
I've looked through my exim logs a number of times and I see emails being sent out with "from:" fields with email addresses of other domains. Usually they are spam related and fraudulent.
How can exim be setup to only send out emails that have localdomains in their from fields?
E.g. if I have account bob.com on my server then the owner of bob.com can only send out emails "xxxx@bob.com" no matter what else he tries to do that's all exim will send out.
How can you get exim to do this? I have been using filtering to block commonly spammed domains like aol.com hotmail.com etc - any emails sent out with these in their from fields are filtered and blocked - but rather building up a larger and larger filter of commonly abused domains - why not just block everything except domains on your server.
View 11 Replies
View Related
Feb 7, 2008
running WHM at Fedora 6... WHM 11.11.0 cPanel 11.16.0-R18546
I have a problem with spoofing spammers.. my queue is plenty of non-delivered emails from externals SMTP, sended to NON-existents address on my server...
The question is the destination domain (mydomain.com b.example) has already its ":fail: No Such User Here" alias.
SMF records applied, but not the most external SMTP servers checks them nowadays...
Using :fail: the email is never accepted into the server. During the initial SMTP negotiation when the senders SMTP server connects to your SMTP server, the sending SMTP server issues a RCPT command notifying your server which email address the email to follow is intended for. Your server then checks whether the recipient email actually exists on your server (a POP3 account, an alias or a catchall alias) and if it does not, it issues an SMTP DENY which terminates the attempt to deliver the email.
Well, in my case it justs receives message and then frozen it!
Some more data:
IN MY QUEUE:
1JMoh4-0004UG-Pz-H
mailnull 47 12
<>
1202321302 0
-helo_name luatvietnam.vn
-host_address 203.162.168.16.1839
-interface_address 85.x.x.x.25
-received_protocol smtp
-body_linecount 50
-max_received_linelength 93
-frozen 1202407547
-host_lookup_failed
-manual_thaw
XX
1
dlsex-ireddols@abrasivoshermes.com
210P Received: from [203.162.168.16] (port=1839 helo=luatvietnam.vn)
by myserver.mine.com with smtp (Exim 4.68)
id 1JMoh4-0004UG-Pz
for dlsex-ireddols@mydomain.com; Wed, 06 Feb 2008 19:08:23 +0100
069P Received: (qmail 6913 invoked for bounce); 5 Feb 2008 09:04:11 -0500
032 Date: 5 Feb 2008 09:04:11 -0500
032F From: postmaster@luatvietnam.vn
039T To: dlsex-ireddols@mydomain.com
024 Subject: failure notice
WHEN TRYING TO DELIVER FROM QUEUE:
Message 1JMoh4-0004UG-Pz is no longer frozen
LOG: MAIN
cwd=/usr/local/cpanel/whostmgr/docroot 4 args: /usr/sbin/exim -v -M 1JMoh4-0004UG-Pz
delivering 1JMoh4-0004UG-Pz
LOG: MAIN
** dlsex-ireddols@mydomain.com F=<> R=virtual_aliases: No Such User Here
LOG: MAIN
Frozen (delivery error message)
AT LOGS (first time):
2008-02-06 19:08:17 SMTP connection from [203.162.168.16]:1839 I=[85.112.9.44]:25 (TCP/IP connection count = 9)
2008-02-06 19:08:20 no host name found for IP address 203.162.168.16
2008-02-06 19:08:22 H=(luatvietnam.vn) [203.162.168.16]:1839 I=[85.x.x.x]:25 Warning: Sender rate 0.0 / 1h
2008-02-06 19:08:23 1JMoh4-0004UG-Pz <= <> H=(luatvietnam.vn) [203.162.168.16]:1839 I=[85.x.x.x]:25 P=smtp S=2405 T="failure notice" from <> for dlsex-ireddols@mydomain.com
2008-02-06 19:08:23 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1JMoh4-0004UG-Pz
2008-02-06 19:08:23 1JMoh4-0004UG-Pz ** dlsex-ireddols@mydomain.com F=<> R=virtual_aliases: No Such User Here
2008-02-06 19:08:23 1JMoh4-0004UG-Pz Frozen (delivery error message)
2008-02-06 19:08:24 SMTP connection from (luatvietnam.vn) [203.162.168.16]:1839 I=[85.x.x.x]:25 closed by QUIT
View 1 Replies
View Related
Jan 17, 2008
1) What would you guys say is average in terms of the # of emails in the Mail Queue?
2) What steps can be taken to tighten it up? If I start with a clean slate, it only takes about a week or less for my mail queue to reach 1000 or more. Most of it seems like junk mail.
View 0 Replies
View Related
Mar 26, 2008
im trying to delete emails sent to dbmaster@example.com. there are about 2000 emails like that in exim email queue
here's what i did:
SSH to my server
type: exiqgrep -ir dbmaster@example.com | xargs exim -Mrm
but it says: bash: exiqgrep: command not found
View 4 Replies
View Related
Apr 17, 2007
Whenever I send mail, it never gets sent and I get the following error under "View Mail Statistics" in WHM:
1 xxx@aol.com R=fail_remote_domains: unrouteable
mail domain "aol.com"
I have only recently noticed these errors, as my mail was working before.
View 2 Replies
View Related
Jul 16, 2007
I'm trying to figure out a method to stop some of the email spam that we get, and I have something figured out, but I need help on implementing it.
Basically, we get a lot of spam emails from addresses claiming to be from our domain (EX: From: someguy@mysite.com). The email is actually not from our domain, nor does the address actually exist, but the From address is being forged to look like it is our domain.
Basically to fix this, i want to block all email where the From address is claiming to be from our domain, with a nonexistent email address. I'm pretty sure that this is configurable in Exim, but I haven't found any tutorial on it, and I'm not familiar enough with Exim to do it very easily. Anyway if anyone knows of a tutorial or how this could be accomplished, please let me know.
Just to Add:
The reason that these emails are a problem is that the spam software we are running recognizes these emails as being from our domain which it trusts, so they pass most spam filters.
View 0 Replies
View Related
Nov 19, 2007
my Exim mail outgoing queue is getting stuck and i cannot receive emails. Under WHM i have 50 odd emails, some 7 days old.
A small dump from /var/log/exim-mainlog is below:
2007-11-19 04:40:45 H=(H®) [202.57.142.156] sender verify defer for <jqyuehutmqluz@epilot.com>: could not connect to mail02.interchangeusa.com [63.251.210.81]: Connection timed out
2007-11-19 04:40:45 H=(H®) [202.57.142.156] F=<jqyuehutmqluz@epilot.com> temporarily rejected RCPT <morleyc@myemail.net>: Could not complete sender verify callout
2007-11-19 04:40:45 unexpected disconnection while reading SMTP command from (H®) [202.57.142.156]
2007-11-19 04:40:51 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:40:57 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:01 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:04 no IP address found for host 202.57.142.156.sta.isp-thailand.com (during SMTP connection from [202.57.142.156])
2007-11-19 04:41:43 no host name found for IP address 77.94.106.13
2007-11-19 04:41:49 1ItxNu-0007E6-4s mail.global.frontbridge.com [207.46.51.86] Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == hmt@someaddress.com <HMT@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == jog@someaddress.com <JOG@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:41:49 1ItxNu-0007E6-4s == mrl@someaddress.com <MRL@someaddress.com> R=lookuphost T=remote_smtp defer (110): Connection timed out
2007-11-19 04:42:29 H=(client-200.121.46.74.speedy.net.pe) [200.121.46.74] sender verify defer for <tecat@yahoo.de>: Could not complete sender verify callout
2007-11-19 04:42:29 H=(client-200.121.46.74.speedy.net.pe) [200.121.46.74] F=<tecat@yahoo.de> temporarily rejected RCPT <morleyc@myemail.net>: Could not complete sender verify callout
2007-11-19 04:42:29 unexpected disconnection while reading SMTP command from (client-200.121.46.74.speedy.net.pe) [200.121.46.74]
Everything was fine until about 7 days ago, i dont know why the config didnt change but since then its been dropping received emails and queueing on sends.
View 10 Replies
View Related
Apr 2, 2007
I have Exim install on my server, I have a few filters setup.
I have several domains on the same server.
What I want to be able to do is blind copy all emails SENT and RECEIVED from *@domain1.com delivered to backup@backup.com
Here is my filter that copies all incoming mail, (THIS WORKS 100%)
PHP Code:
if error_message then finish endif
if $header_to: contains "@domain1.com"
then unseen deliver "backup@backup.com" endif
Now this filter does NOT work, I want it to blind copy all emails sent from *@domain1.com
PHP Code:
if $sender_address contains "@domain1.com"
then unseen deliver "backup@backup.com" endif
I have 1 outgoing mail filer working, however it is for a specific email address, here it is....
PHP Code:
if $sender_address is "user1@domain1.com"
then unseen deliver "backup@backup.com" endif
View 2 Replies
View Related
Nov 15, 2007
My hosting company is telling me that I have getting frozen processes on my VPS that is causing apache to stop responding.
My VPS is CentOS, with 512 megs of memory and my website is a Vbulletin forum. I have several add-ons installed on vbulletin, and if one of those are causing the problem, how do I figure it out?
When http stops responding, I can access the server with putty on ssh. Running the "top" command, it shows that I still have 100+ megs of memory free and the processor is barely being used.
This has happened twice in just 2 - 3 days. This morning, I asked my hosting company what can be causing this, but no answer so far.
View 1 Replies
View Related
May 29, 2008
I have a client who could not send email to another domain, it didn't bounce just disappeared.
When I look in the exim_mainlog, the message in question wind up frozen after getting this error:
smtp transport process returned non-zero status 0x000e: terminated by signal 14
2008-05-24 17:34:23 1K17WW-0002so-Sn == vicoello@xxxxx.com R=lookuphost T=remote_smtp defer (-1): smtp transport process returned non-zero status 0x000e: terminated by signal 14
2008-05-24 17:34:23 1K17WW-0002so-Sn Frozen
2008-05-25 18:02:27 1K17WW-0002so-Sn Message is frozen
...
2008-05-26 22:08:47 1K17WW-0002so-Sn Message is frozen
....
2008-05-27 15:00:31 1K17WW-0002so-Sn Message is frozen
??? Dissapeared
It never warned the user as said it dissapeared, I have checked exim_mainlog and have found other cases to different domains that maybe the users have not reported but they were lost too.
I tried /scripts/eximup --force and that didn't fix it.
View 4 Replies
View Related
Mar 7, 2007
my host recently moved me over to hspcomplete billing. during this there must have been some change to teh configuration of my server, which has made it a little unhappy.
what happens is that processes get "stuck" and after some time start using up 20-30% cpu, and bring the server loads incredibly high.
my host is having issues trying to figure out whats wrong... was hopign someone here could help.
examples, as of right now (before the load goes insanely high):
30010 mysql 15 0 42288 29m 3096 S 0 0.2 35:49.91 mysqld
3773 nobody 15 0 41520 28m 4032 S 0 0.2 0:21.99 httpd
3774 nobody 16 0 40476 28m 3956 S 0 0.2 0:21.06 httpd
3775 nobody 16 0 40332 27m 3572 S 0 0.2 0:17.05 httpd
3777 nobody 15 0 40004 27m 3696 S 0 0.2 0:16.46 httpd
3778 nobody 16 0 43392 31m 3760 S 0 0.3 0:26.57 httpd
thats right NOW. if i check again in an hour or so, those httpd's will have been running for the full 1.5 hours, and start using 30% cpu, and my load will be sky high.
View 3 Replies
View Related
May 18, 2015
I have attempted to update our plesk panel 10.4.4 to 12.0.18. I left it running overnight and in the morning it is still saying "Waiting . . ." with the progress as follows - has it finished, will it ever finish . . . should I switch off and start again?
Installation started in background
Determining the packages that need to be installed.
File downloading PANEL-WIN_12.0.18/dist-msi-Microsoft-2003-i386/panel.msi:
[Code].....
View 1 Replies
View Related
Aug 12, 2008
I get an alert that The exim delivery queue size currently has 3000 emails in it waiting to be processed.
View 5 Replies
View Related
Jun 26, 2008
How do you get Exim to rewrite/remove
Received: from ip.isp.com ([123.123.123.123])
by mx.myhost.net with esmtpa (Exim 4.69)
I'm trying to avoid the error
Received-SPF: softfail (google.com: domain of transitioning me@myhost.net does not designate 123.123.123.123 as permitted sender) client-ip=123.123.123.123;
Basically, any email thats sent through myhost.net should look like it was sent directly.
View 2 Replies
View Related
May 2, 2007
I am having issues in receieving emails. For some reason, the rbl lists I had setup are causing the server to reject emails (retry - timeout). So, I need to take this rbl list completely. How can I do that? exim.conf is locked and using the advanced editor is no fun even though I tried it putting the dnslists without the rbl causing the problem.
View 3 Replies
View Related
Mar 28, 2009
What are some good and reliable RBL for use in Exim on Cpanel? Please provide full urls.
View 5 Replies
View Related
Jun 25, 2008
I'm having an issue with email generated from a website contact form. The email is being sent from the website via php. The issue is that the email address that it is being sent to is a domain/website that is also on cpanel. It is trying to deliver it to a local account, but the email is acutally on a third party system outside of cpanel. Does anyone know anyway for exim to not try and deliver locally?
View 4 Replies
View Related
Jun 2, 2008
I seem to be experiencing some difficulty adding SPF records via "Edit DNS Zone". When adding these records and checking them with several SPF record checkers, it always reports a record such as the following:
“v=spf1
Which turns out to be invalid, and definitely not the record I had specified. The record I specified looks like the following:
"v=spf1 a mx ip4:XXX.XXX.XXX.XXX ~all"
XXX.XXX.XXX.XXX being a valid IP, of course.
Is there known issues when adding these types of records via WHM?
And to make it clear, I have added these records as TXT type, with and without the quotes.
View 8 Replies
View Related
Feb 21, 2007
Wondered if anyone out there would like to share their experience, if any, of setting up cpanel to work with domainkeys via exim.
Hopefully anyone reading this thread will know by now what domainkeys are and how it affects the delivering of email to most major email providers inboxes rather than spam/bulk folders.
antispam.yahoo.com/domainkeys
The domainkeys support for exim is now in the 'experimental' phase:
duncanthrax.net/exim-experimental/
(page allegedly updated on 30th Oct, 06)
However cpanel themselves seem to be dragging their feet a little with implementing it:
bugzilla.cpanel.net/show_bug.cgi?id=4099
This is understandable considering support for domainkeys is not yet part of the main exim core code, and thus is likely to change. From what I've been reading elsewhere, re-compiling and upgrading exim is not advisable with cpanel.
My knowledge of exim (and cpanel TBH) is limited however, and I was wondering what might be the implications of *ahem* hacking it a little in order to enable domainkeys.
SPF records alone just don't seem to cut it anymore.
View 0 Replies
View Related
Aug 6, 2007
change some variables in exim.conf so that they will not be modified next time cPanel will update exim.
Basically I need to modify this:
smtp_banner and rfc1413_query_timeout.
View 4 Replies
View Related
Sep 11, 2008
more specific filtering options in cpanel exactly:
if header from contains 'example' and also header from contains 'example2' then discard
in cpanel it just has one word or phrase i need the filter to check for 2 words in any order in the from field
View 1 Replies
View Related
Mar 21, 2007
I found a handful of howto's for dspam, but none of them catered for exim with virtual users. After hunting around, I eventually have it working on a cPanel server, with user authentication for mail users.
My setup:
dspam version 3.6.8, using mysql driver.
exim version 4.
mysql 4.1
CentOS (2.6.9-023stab033.9-enterprise)
cPanel / WHM - latest RELEASE version.
Download the source, configure and compile:
Code:
# cd /usr/local/src
# wget http://dspam.nuclearelephant.com/sou...m-3.6.8.tar.gz
# tar -zxf dspam-3.6.8.tar.gz
# cd dspam-3.6.8
Configure, replacing user/groups with your web-server user (web / apache / nobody), and use your mysql-include / library paths (will need mysql-devel on rh based systems).
Code:
# ./configure --prefix=/opt/dspam-3.6.8 --with-local-delivery-agent=/usr/sbin/exim --with-storage-driver=mysql_drv --with-userdir=/var/spool/mail/dspam --with-userdir-owner=nobody --with-userdir-group=nobody --with-dspam-mode=none --with-dspam-owner=nobody --with-dspam-group=nobody --enable-whitelist --enable-spam-delivery --enable-alternative-bayesian --disable-dependency-tracking --enable-virtual-users --with-mysql-includes=/usr/include/mysql --with-mysql-libraries=/usr/lib/mysql/ --with-dspam-home=/opt/dspam-3.6.8/var/dspam
# make && make install
Set up mysql
Code:
# mysqladmin -p create dspamdb
# mysql -p
>grant all privileges on dspamdb.* to dspamuser@localhost identified by dspampass;
>flush privileges;
>exit;
Create tables:
Code:
mysql -p dspamdb < /usr/local/src/dspam-3.6.8/src/tools.mysql_drv/mysql_objects_speed.sql
mysql -p dspamdb < /usr/local/src/dspam-3.6.8/src/tools.mysql_drv/virtual_users.sql
Link dspam in opt for easy versioning:
Code:
ln -s dspam-3.6.8 /opt/dspam
Copy the web interface files to a web directory:
Code:
# cp webui/cgi-bin /opt/dspam -r
# cp webui/htdocs /opt/dspam/
This next step is required for pop3 authentication.
Install perl module Apache::AuthPOP3 - which does apache pop3 authorisation:
Code:
perl -MCPAN -e shell
install Apache::AuthPOP3
Next, apache will need mod_perl installed - WHM -> Apache Update will allow you to enable the perl module (I am running it alongside php with no issues).
Then in /usr/local/apache/conf/httpd.conf:
Code:
ScriptAlias /dspam/ /opt/dspam/cgi-bin/
Alias /dspam_files/ /opt/dspam/htdocs/
<Directory /opt/dspam/cgi-bin>
Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
Create .htaccess in /opt/dspam/cgi-bin as follows:
Code:
AuthName "Dspam"
AuthType Basic
PerlAuthenHandler Apache::AuthPOP3
PerlSetVar MailHost localhost
Require valid-user
#PerlSetVar UserMap pop3user1=>realname1,pop3user2=>realname2
#Require user pop3user1 pop3user2 pop3user3 pop3user4
there are 2 commented parameters you can set when using POP3 auth - sure its pretty self-explanatory.
Set up admin user (the admin_user must be able to authenticate as a pop user):
Code:
#echo "admin_user" >> /opt/dspam/cgi-bin/admins
Create a queuesize script for web user - so dspam can determine how many messages in the queue.
Code:
vi /usr/local/bin/eximqsize
#!/bin/sh
/usr/bin/find /var/spool/exim/input/ -type f | wc -l | cut -d" " -f1-
##EOF
# chmod 4755 /usr/local/bin/eximqsize
# chown nobody /usr/local/bin/eximqsize
Configure web ui, edit /opt/dspam/cgi-bin/configure.pl:
Code:
$CONFIG{'MAIL_QUEUE'} = "/usr/local/bin/eximqsize";
$CONFIG{'WEB_ROOT'} = "/dspam_files";
$CONFIG{'LOCAL_DOMAIN'} = "FQDN"; #your servers fully qualified domain name - e.g. host.yourdomain.com
Next, set the default preferences for the system (you need /opt/dspam/bin in your path if you copy and paste this...):
Code:
dspam_admin ch pref default trainingMode TEFT
dspam_admin ch pref default spamAction quarantine
dspam_admin ch pref default spamSubject "[SPAM]"
dspam_admin ch pref default enableWhitelist on
dspam_admin ch pref default showFactors off
Permissions:
I would suggest reading the README over dspam to get a full understanding of the permissions required for running of dspam. My permissions were:
Code:
# chown nobody:mail /opt/dspam/var/dspam -R
# chown nobody:mail /opt/dspam/etc/ -R
Edit dspam.conf (in /opt/dspam/etc/. I have only listed the parameters I changed here...):
Code:
TrustedDeliveryAgent "/usr/sbin/exim -oMr spam-scanned"
Trust: root
Trust: mail
Trust: nobody / httpd #choose 1 - what ever your webserver runs as - `ps axu | grep httpd` to find out
#Use the same details as you did for the "grant all privileges on...." statement in mysql.
MySQLServer /var/lib/mysql/mysql.sock
MySQLPort
MySQLUser dspamuser
MySQLPass dspampass
MySQLDb dspamdb
MySQLCompress true
MySQLVirtualTable dspam_virtual_uids
MySQLVirtualUIDField uid
MySQLVirtualUsernameField username
Almost there....
Confirm that mysql is configure to listen on a socket in /etc/my.cnf (or whereever your config file is):
Code:
# cat /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
Now the final step - exim configuration. This is the part that took the longest, hopefully it works for you. Just as I read in the howto's I used for this, please please please dont just copy and paste - you stand a good chance of breaking your mail server if you make changes without understanding. Be warned.
My config file is /etc/exim.conf. This should be edited using the WHM -> Exim Configuration Editor -> Advanced.
Code:
#Routers - Add these in the box before virtual_user delivery / user delivery router).
dspam_router:
no_verify
#uncomment the next line to disable dspam for virtual users.
# check_local_user
condition = "${if and {
{!def:h_X-Spam-Flag:}
{!def:h_X-FILTER-DSPAM:}
{!eq {$sender_address_domain}{$domain}}
{!eq {$received_protocol}{local}}
{!eq {$received_protocol}{spam-scanned}}
} }"
headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
driver = accept
transport = dspam_spamcheck
## The next 2 routers allow you to forward spam / non-spam to dspam for training (e.g. spam-yourmail@yourdomain.net).
# spam-username
dspam_addspam_router:
driver = accept
local_part_prefix = spam-
transport = dspam_addspam
# nospam-username
dspam_falsepositive_router:
driver = accept
local_part_prefix = notspam-
transport = dspam_falsepositive
##Transports - can be added anywhere:
#this adds the spam-scanned protocol header, so when it is passed back to exim after being processed by dspam, it doesnt get stuck in a loop.
dspam_spamcheck:
driver = pipe
command = "/usr/sbin/exim -oMr spam-scanned -bS"
transport_filter = "/opt/dspam/bin/dspam --stdout --deliver=innocent,spam --user $local_part@$domain"
use_bsmtp = true
home_directory = "/tmp"
current_directory = "/tmp"
user = nobody
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
dspam_addspam:
driver = pipe
command = "/opt/dspam/bin/dspam --user $local_part@$domain --class=spam --source=error"
home_directory = "/tmp"
current_directory = "/tmp"
user = nobody
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
dspam_falsepositive:
driver = pipe
command = "/opt/dspam/bin/dspam --user $local_part@$domain --class=innocent --source=error"
home_directory = "/tmp"
current_directory = "/tmp"
user = nobody
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
If you have set up authentication correctly as well, then you should be able to open [url] and log in - if you add your login details to the "admins" file, you can configure defaults, etc. It also allows ALL users (with 1 user being an email account) to log in, using www.yourclientsdomain.com/dspam/dspam.cgi
This will not work with suexec enabled!! This is because dspam needs specific permissions, and it is expecting user nobody to access it. If suexec is enabled, you will need to use the default host, and NOT virtual hosts (and even this may not work - testing still required).
Watch exim_mainlog after this - you should pick up what transports and routers are being used.
Dspam can really hammer a system - mysql, cpu and memory usage will go up a bit, especially on busy production servers. Monitor your servers performance.
Other settings: add /opt/dspam/man to MANPATH in /etc/man.config or move dspam man directory to an existing man directory.
[ADDED]
This dspam.cgi hack will do a lookup in the cpanel config file to find the domain for any username without a domain, and append it on match (or leave just the username part if nothing is found). This requires unsecuring your system a bit - your http user will need to be able to read /etc/trueuserdomains (either chmod 644 or chown nobody):
Code:
#add this just after $CURRENT_USER is set.
if ($CURRENT_USER !~ /@.+./) {
open(TUD, "</etc/trueuserdomains");
while(<TUD>) {
my ($domain, $user) = split(/:/,$_);
chomp($user);
$user =~ s/^s*//g;
if ($user eq $CURRENT_USER) {
$CURRENT_USER = $CURRENT_USER . "@$domain";
}
}
close(TUD);
}
That should do it
dspam will allow all messages through by default, and will require some training. With this config, users can train using email commands - all they need to do is forward any spam that hits their mailbox to spam-emailaddress@domain.com (their own email address with spam- prepended). Unfortunately this does not allow handling of false positives if you are using a "quarantine" policy instead of subject. the web interface comes in handy for this.
I am busy testing a combination of dspam with assp, which seems to be working well - I especially like the greylisting feature of assp and ProtectionBox... Will add to this howto when testing is finish.
View 5 Replies
View Related
