Search found 12 matches

by schmerold
16 Sep 2019, 23:16
Forum: MailScanner Front-End
Topic: Quarantine NonSpam
Replies: 0
Views: 1418

Quarantine NonSpam

/var/spool/MailScanner/quarantine/20190916/nonspam has 1,984 messages in the folder.

Anyone know how I can find out why they weren't delivered and what needs to be done to get them delivered?

I am running Mailscanner Front-End 8.27 on cpanel v82.0.15
by schmerold
21 Mar 2019, 13:27
Forum: MailScanner
Topic: cpanel v78.0.18
Replies: 2
Views: 532

Re: cpanel v78.0.18

Our mail was down again this morning. Something is up. This time, I found I had to rename /var/spool/MailScanner/quarantine as it was filled with 84,162 files. Anyone know the best way to inject these into MailScanner a few at a time so we can get these messages delivered? I suspect 90% of these mes...
by schmerold
19 Mar 2019, 03:30
Forum: MailScanner
Topic: cpanel v78.0.18
Replies: 2
Views: 532

Re: cpanel v78.0.18

I realized that by disabling Exim & MailScanner the server would stop spewing emails long enough for me to delete everything in the mail queues using ConfigServer Mail Queues - cmq, Exim & MailScanner are back on-line, things appear back to normal -- but I'll need to keep a vigilant eye on things fo...
by schmerold
19 Mar 2019, 01:27
Forum: MailScanner
Topic: cpanel v78.0.18
Replies: 2
Views: 532

cpanel v78.0.18

Anyone else seeing MailScanner / Exim going into an endless loop upon upgrading cPanel to v78.0.18 ?
by schmerold
10 May 2018, 19:37
Forum: MailScanner
Topic: Mailscanner Quarantine
Replies: 1
Views: 1104

Mailscanner Quarantine

When a message is quarantined, the sender and recipients aren't notified. How can we change things so the recipient gets a note with the original email (minus the attachment) saying if you really really trust the sender you can download your message from http://server/mailscanner/...... ? When spam ...
by schmerold
26 Jun 2017, 20:36
Forum: General Discussion (csf)
Topic: Automated submission to SORBS / ALTTOR / CIARMY / SPAMDROP / etc
Replies: 0
Views: 629

Automated submission to SORBS / ALTTOR / CIARMY / SPAMDROP / etc

My lfd.log is filled with entries like this:
Failed SMTP AUTH login from 166.62.81.144 (US/United States/ip-166-62-81-144.ip.secureserver.net)

How do I automatically report these incidents to blocklists?
by schmerold
26 Jun 2017, 18:19
Forum: General Discussion (csf)
Topic: distributed FTP Logins on account
Replies: 1
Views: 603

distributed FTP Logins on account

I manage a few hundred endpoints, I want the endpoints to upload their back up log to a dedicated cpanel account. When the computers log in, they upload their logs and get blocked by csf "distributed FTP Logins on account" Is there a way to not monitor distributed attacks on a particular account? If...
by schmerold
19 Sep 2015, 13:52
Forum: MailScanner
Topic: Allow Local unacceptable attachments
Replies: 0
Views: 1954

Allow Local unacceptable attachments

Our paperless office solution allows us to email a file link, for example \\fs1\vol1\documents\ci150831.pdf If we use the Email File as a Link function, MailScanner does its job, reporting: One or more of the attachments (ci150831.pdf.lnk) are on the list of unacceptable attachments for this site an...
by schmerold
02 Jan 2015, 09:36
Forum: MailScanner
Topic: Disable disarm for one incoming domain
Replies: 1
Views: 1551

Disable disarm for one incoming domain

When Mailscanner disarms incoming Amazon messages, the email is unintelligible. Is it possible to disable disarming for one particular sender email domain?
by schmerold
03 Sep 2014, 18:31
Forum: General Discussion (cxs)
Topic: Regular expression match = [Mail Bomber]
Replies: 0
Views: 1059

Regular expression match = [Mail Bomber]

I am trying to determine if this is a false positive, if so, how to prevent it from recurring, if a legitimate issue, what is best way to clean the server? ----------- SCAN REPORT ----------- TimeStamp: Sun Aug 31 03:52:08 2014 (/usr/sbin/cxs --allusers --nobayes --clamdsock /tmp/clamd --defapache n...