1
21.1 Legacy Series / Re: Antiphishing Maps?
« on: February 28, 2021, 10:13:42 pm »
Thank you!
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
2
21.1 Legacy Series / Antiphishing Maps?
« on: February 27, 2021, 11:13:50 am »
Hello everyone,
In Services -> rspamd -> Spam Protection -> Phishing, is the following (bold) correct?
Openphish map: https://openphish.com/feed.txt
Phishtank Map Url: http://data.phishtank.com/data/online-valid.xml
I am not sure I am pointing it to the correct map urls.
Thank you all!
In Services -> rspamd -> Spam Protection -> Phishing, is the following (bold) correct?
Openphish map: https://openphish.com/feed.txt
Phishtank Map Url: http://data.phishtank.com/data/online-valid.xml
I am not sure I am pointing it to the correct map urls.
Thank you all!
3
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 13, 2021, 04:06:30 pm »See Page 29, the whole manual is a good read.Thank you!
https://www.heinlein-support.de/sites/default/files/SLAC_2019_Rspamd-neue-Konzepte-im-AntiSpam.pdf
4
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 13, 2021, 03:19:01 pm »
Thanks.
I have just adjusted the reject score down to 35.
Just playing around with this and slowly making it more restrictive. I just want to be sure I minimize the chances of rejecting something I do need.
Looking at the log, it does seems that virtually all above 15 is most definitely spam. But, I've been observing rspamd in action for only few hours.
I have just adjusted the reject score down to 35.
Just playing around with this and slowly making it more restrictive. I just want to be sure I minimize the chances of rejecting something I do need.
Looking at the log, it does seems that virtually all above 15 is most definitely spam. But, I've been observing rspamd in action for only few hours.
5
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 13, 2021, 01:24:07 pm »
Reject Score 150
Header Score 9
Subject Score 10
Greylist Score 8
I already adjusted as above. Several legit messages were being graylisted with 7.x score, including notifications from this very forum.
Good thing is that a lot of spam is being detected.
Header Score 9
Subject Score 10
Greylist Score 8
I already adjusted as above. Several legit messages were being graylisted with 7.x score, including notifications from this very forum.
Good thing is that a lot of spam is being detected.
6
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 13, 2021, 01:14:59 pm »
I'll adjust once I understand how scores work. I don't even know what a meaningful range is.
What do you have as reject score?
What do you have as reject score?
7
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 13, 2021, 12:11:17 pm »
Thank you all guys for pointing me in the right direction. I had never even considered to change the Milter IP Version to "IPv6" as I interpreted it as referring to whether I was using or not IPv6 in my network. I completely overlooked at it and misunderstood the meaning of the that setting.
So, all is good now! Rspamd is scanning incoming Mail, and it even looks like score values I set are more ore less OK.
What score values are you guys using? Here are mine:
Reject Score 150
Header Score 6
Subject Score 10
Greylist Score 4
I really do not know how to set them, and I found the above values somewhere in the examples of opnSense documentation. By looking at rspamd webGUI, it looks like they are pretty good, but, I wonder, is there anything I should know about those?
So, all is good now! Rspamd is scanning incoming Mail, and it even looks like score values I set are more ore less OK.
What score values are you guys using? Here are mine:
Reject Score 150
Header Score 6
Subject Score 10
Greylist Score 4
I really do not know how to set them, and I found the above values somewhere in the examples of opnSense documentation. By looking at rspamd webGUI, it looks like they are pretty good, but, I wonder, is there anything I should know about those?
8
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 13, 2021, 11:43:47 am »
Ok, I switched the Milter IP Version to "IPv6" and it appears to be working!
I am confused as to what it is meant in by "IPv6" but... it is working!
I am confused as to what it is meant in by "IPv6" but... it is working!
9
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 13, 2021, 11:37:13 am »
I believe they are the latest version you can get from within opnSense itself (Firmware -> Plugin / Packages / Updates).
In particular
Postfix 1.17
rspamd 1.10
Redis 1.1
In Postfix plugin:
Services -> Postfix -> General
Antispam tab
I have only two items
- Enable Rspamd integration: CHECKED
- Milter IP version: IPv4 (only other option being IPv6).
In particular
Postfix 1.17
rspamd 1.10
Redis 1.1
In Postfix plugin:
Services -> Postfix -> General
Antispam tab
I have only two items
- Enable Rspamd integration: CHECKED
- Milter IP version: IPv4 (only other option being IPv6).
10
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 13, 2021, 12:56:30 am »Code: [Select]
2021-02-13 00:55:15 #45692(rspamd_proxy) <6a4283>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:11396, error: invalid protocol version: 4
2021-02-13 00:55:18 #45692(rspamd_proxy) <144587>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 63305
2021-02-13 00:55:18 #45692(rspamd_proxy) <144587>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
2021-02-13 00:55:18 #45692(rspamd_proxy) <144587>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:63305, error: invalid protocol version: 4
One more check to the log, in case it helps.
11
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 12, 2021, 10:41:48 pm »Have you enabled "shared forwarding" under your Firewall -> settings -> advanced?Yes. "Shared forwarding" is enabled. And, as far as I remember it has always been, as I never changed that.
12
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 12, 2021, 08:28:25 pm »tail -f /var/log/rspamd/rspamd.log
Thank you so much. Here it is:
Code: [Select]
root@Argonath:/ # 2021-02-12 20:25:14 #45692(rspamd_proxy) <71cab1>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:11784, error: invalid protocol version: 4
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:21 #45692(rspamd_proxy) <e0475b>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 25664
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:21 #45692(rspamd_proxy) <e0475b>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:21 #45692(rspamd_proxy) <e0475b>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:25664, error: invalid protocol version: 4
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <153dec>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 40959
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <153dec>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <153dec>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:40959, error: invalid protocol version: 4
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <f9594e>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 2579
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <f9594e>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <f9594e>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:2579, error: invalid protocol version: 4
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:35 #45692(rspamd_proxy) <21bb20>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 13861
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:35 #45692(rspamd_proxy) <21bb20>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:35 #45692(rspamd_proxy) <21bb20>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:13861, error: invalid protocol version: 4
Missing name for redirect.
13
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 12, 2021, 08:08:31 pm »Just tick that
Thanks. Issue is somewhere else then.
14
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 10, 2021, 04:44:39 pm »
Bump. 
To focus my question a bit more: where do you tell Postfix to use rspamd, precisely?
I simply checked the "Enable rspamd inegration" box in the Antispam tab. Not sure this is enough.
To focus my question a bit more: where do you tell Postfix to use rspamd, precisely?
I simply checked the "Enable rspamd inegration" box in the Antispam tab. Not sure this is enough.
15
21.1 Legacy Series / Re: Postfix <-> rspamd integration
« on: February 09, 2021, 10:58:14 pm »
Thank you for replying.
Where do I find the log? There's no log that I can find in the openSense GUI.
Where do I find the log? There's no log that I can find in the openSense GUI.
Pages: [1] 2