"
Thank you!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#2
21.1 Legacy Series / Antiphishing Maps?
February 27, 2021, 11:13:50 AM
Hello everyone,
In Services -> rspamd -> Spam Protection -> Phishing, is the following (bold) correct?
Openphish map: https://openphish.com/feed.txt
Phishtank Map Url: http://data.phishtank.com/data/online-valid.xml
I am not sure I am pointing it to the correct map urls.
Thank you all!
In Services -> rspamd -> Spam Protection -> Phishing, is the following (bold) correct?
Openphish map: https://openphish.com/feed.txt
Phishtank Map Url: http://data.phishtank.com/data/online-valid.xml
I am not sure I am pointing it to the correct map urls.
Thank you all!
#3
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 13, 2021, 04:06:30 PMQuote from: Bismarck on February 13, 2021, 04:00:25 PMThank you!
See Page 29, the whole manual is a good read.
https://www.heinlein-support.de/sites/default/files/SLAC_2019_Rspamd-neue-Konzepte-im-AntiSpam.pdf
#4
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 13, 2021, 03:19:01 PM
Thanks.
I have just adjusted the reject score down to 35.
Just playing around with this and slowly making it more restrictive. I just want to be sure I minimize the chances of rejecting something I do need.
Looking at the log, it does seems that virtually all above 15 is most definitely spam. But, I've been observing rspamd in action for only few hours.
I have just adjusted the reject score down to 35.
Just playing around with this and slowly making it more restrictive. I just want to be sure I minimize the chances of rejecting something I do need.
Looking at the log, it does seems that virtually all above 15 is most definitely spam. But, I've been observing rspamd in action for only few hours.
#5
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 13, 2021, 01:24:07 PM
Reject Score 150
Header Score 9
Subject Score 10
Greylist Score 8
I already adjusted as above. Several legit messages were being graylisted with 7.x score, including notifications from this very forum.
Good thing is that a lot of spam is being detected.
Header Score 9
Subject Score 10
Greylist Score 8
I already adjusted as above. Several legit messages were being graylisted with 7.x score, including notifications from this very forum.
Good thing is that a lot of spam is being detected.
#6
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 13, 2021, 01:14:59 PM
I'll adjust once I understand how scores work. I don't even know what a meaningful range is.
What do you have as reject score?
What do you have as reject score?
#7
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 13, 2021, 12:11:17 PM
Thank you all guys for pointing me in the right direction. I had never even considered to change the Milter IP Version to "IPv6" as I interpreted it as referring to whether I was using or not IPv6 in my network. I completely overlooked at it and misunderstood the meaning of the that setting.
So, all is good now! Rspamd is scanning incoming Mail, and it even looks like score values I set are more ore less OK.
What score values are you guys using? Here are mine:
Reject Score 150
Header Score 6
Subject Score 10
Greylist Score 4
I really do not know how to set them, and I found the above values somewhere in the examples of opnSense documentation. By looking at rspamd webGUI, it looks like they are pretty good, but, I wonder, is there anything I should know about those?
So, all is good now! Rspamd is scanning incoming Mail, and it even looks like score values I set are more ore less OK.
What score values are you guys using? Here are mine:
Reject Score 150
Header Score 6
Subject Score 10
Greylist Score 4
I really do not know how to set them, and I found the above values somewhere in the examples of opnSense documentation. By looking at rspamd webGUI, it looks like they are pretty good, but, I wonder, is there anything I should know about those?
#8
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 13, 2021, 11:43:47 AM
Ok, I switched the Milter IP Version to "IPv6" and it appears to be working!
I am confused as to what it is meant in by "IPv6" but... it is working!
I am confused as to what it is meant in by "IPv6" but... it is working!
#9
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 13, 2021, 11:37:13 AM
I believe they are the latest version you can get from within opnSense itself (Firmware -> Plugin / Packages / Updates).
In particular
Postfix 1.17
rspamd 1.10
Redis 1.1
In Postfix plugin:
Services -> Postfix -> General
Antispam tab
I have only two items
- Enable Rspamd integration: CHECKED
- Milter IP version: IPv4 (only other option being IPv6).
In particular
Postfix 1.17
rspamd 1.10
Redis 1.1
In Postfix plugin:
Services -> Postfix -> General
Antispam tab
I have only two items
- Enable Rspamd integration: CHECKED
- Milter IP version: IPv4 (only other option being IPv6).
#10
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 13, 2021, 12:56:30 AMCode Select
2021-02-13 00:55:15 #45692(rspamd_proxy) <6a4283>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:11396, error: invalid protocol version: 4
2021-02-13 00:55:18 #45692(rspamd_proxy) <144587>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 63305
2021-02-13 00:55:18 #45692(rspamd_proxy) <144587>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
2021-02-13 00:55:18 #45692(rspamd_proxy) <144587>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:63305, error: invalid protocol version: 4
One more check to the log, in case it helps.
#11
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 12, 2021, 10:41:48 PMQuote from: lfirewall1243 on February 12, 2021, 08:39:00 PMYes. "Shared forwarding" is enabled. And, as far as I remember it has always been, as I never changed that.
Have you enabled "shared forwarding" under your Firewall -> settings -> advanced?
#12
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 12, 2021, 08:28:25 PMQuote from: mimugmail on February 11, 2021, 09:24:40 PM
tail -f /var/log/rspamd/rspamd.log
Thank you so much. Here it is:
Code Select
root@Argonath:/ # 2021-02-12 20:25:14 #45692(rspamd_proxy) <71cab1>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:11784, error: invalid protocol version: 4
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:21 #45692(rspamd_proxy) <e0475b>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 25664
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:21 #45692(rspamd_proxy) <e0475b>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:21 #45692(rspamd_proxy) <e0475b>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:25664, error: invalid protocol version: 4
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <153dec>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 40959
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <153dec>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <153dec>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:40959, error: invalid protocol version: 4
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <f9594e>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 2579
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <f9594e>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:22 #45692(rspamd_proxy) <f9594e>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:2579, error: invalid protocol version: 4
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:35 #45692(rspamd_proxy) <21bb20>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 13861
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:35 #45692(rspamd_proxy) <21bb20>; milter; rspamd_milter_process_command: MTA specifies too old protocol: 4, aborting connection
Missing name for redirect.
root@Argonath:/ # 2021-02-12 20:25:35 #45692(rspamd_proxy) <21bb20>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 127.0.0.1:13861, error: invalid protocol version: 4
Missing name for redirect.
#13
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 12, 2021, 08:08:31 PMQuote from: lfirewall1243 on February 11, 2021, 07:20:38 PM
Just tick that
Thanks. Issue is somewhere else then.
#14
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 10, 2021, 04:44:39 PM
Bump. :)
To focus my question a bit more: where do you tell Postfix to use rspamd, precisely?
I simply checked the "Enable rspamd inegration" box in the Antispam tab. Not sure this is enough.
To focus my question a bit more: where do you tell Postfix to use rspamd, precisely?
I simply checked the "Enable rspamd inegration" box in the Antispam tab. Not sure this is enough.
#15
21.1 Legacy Series / Re: Postfix <-> rspamd integration
February 09, 2021, 10:58:14 PM
Thank you for replying.
Where do I find the log? There's no log that I can find in the openSense GUI.
Where do I find the log? There's no log that I can find in the openSense GUI.
