Hello, Check the "SMTP_BLOCK" settings which block the outgoing SMTP ports (defined by SMTP_PORTS settings) for users (then only the local SMTP server like postfix or exim is allowed to connect to external SMTP). If you are using cPanel, check also if external SMTP is correctly allowed on ...
Hello, I see one IP address blocked on CSF: # csf -g xxx.xxx.xxx.xxx (...) IPSET: Set:bl_CXS_LF_HTACCESS Match:xxx.xxx.xxx.xxx Setting:CXS_LF_HTACCESS file:/etc/csf/csf.blocklists (....) As I see on LFD log, the IP was blocked by LFD for htpasswd fail. However, I'm unable to unblock it from SSH by &...
As title said, an regex / full text signature exclusion on cxs.ignore would be very nice.
Sample use case: you are on cPanel, you only have one ClamAV, you want to scan emails with specifics commercial signatures to detect spams, but these signatures trigger false positives on files.
Hello, Currently, I get a ton of emails like this: lfd on [hostname]: Suspicious File Alert Time: Mon Nov 27 10:17:20 2023 +0100 File: /tmp/xxxxxxxx.o Reason: Linux Binary Owner: varnish:varnish (xxx:xxx) Action: No action taken These files are created by Varnish when it compiles the VCL for reloadi...
Good morning, We currently have a custom blocklist and we managed to implement a webui for asking an unblock. But as the blocklist can only be reloaded each 3600s, the user have to wait a maximum time of 3600s to get unblocked. Is there a way to trigger a blocklist reload within CSF/LFD from SSH? In...
I put limits on systemd to limit ClamAV usage with CXS. For that, I created the file /etc/systemd/system/clamd.service.d/limits.conf with following content:
Good morning, I've set weekly scan on my cPanel server with CXS. At this time, the log is stored at "/var/log/cxsreports/cxs.scan". As I see, this file is erased after each new scan. Is there a way to set a new logfile per scan (such as "/var/log/cxsresports/cxs-20210517.scan") ?...