Blue Flower

Monday, 06 July 2015 00:01

Forwarding emails as attachments in MS Outlook

Written by

In order for complete email and headers to be send to someone you must forward the email as an attachment rather than just inline text. Outlook Express and previous versions of Outlook allow you to "Forward As Attachment" by either right clicking on the message or opening the message and choosing that option from one of the menu's at the top. However in their infinite wisdom, Microsoft decided no one needed that option any more, so you now have to either save the file and then attach it to the email OR you can use this method which seems to work in all versions of Outlook (NOT OUTLOOK EXPRESS - it has "Forward As Attachment"):

1 - Create a new email message and type the email address to send it to
2 - minimize your new message window or move it out of the way
3 - click on the spam message and drag it to the new message window
4 - drop the spam message onto the Attachments Icon (normally a paper clip)

You should see the email message in the attachments list and can attach more spam or just send the email.

Special thanks to Cavin Greer

Sunday, 05 July 2015 23:59

How to Setup Courier POP3D-SSL

Written by

There are some people out there that want added security for POP users. This document will walk you through configuring POP3DSSL. This will make a nice addition for your freebsdrocks.net site as you already have smtp using TLS or SSL for your users sending mail. The only requirement here is to make sure Courier-Imap 4.x is installed.

First, We create the POP3DSSL Directory and log folders.

# cd /var/qmail/supervise
# mkdir -m 1755 courier-pop3dssl
# cd courier-pop3dssl
# fetch http://freebsdrocks.net/files/courier-pop3dssl-run
# mv courier-pop3dssl-run run
# chmod 755 run
# mkdir -m 755 log
# cd log
# fetch http://freebsdrocks.net/files/service-any-log-run
# mv service-any-log-run run
# chmod 755 run

And now to make a pop3d and a pop3d-ssl conf file and also change a few settings in the pop3d-ssl file

cd /usr/local/etc/courier-imap/

# cp pop3d.cnf.dist pop3d.cnf
# vi pop3d.cnf

make changes to reflect your server information in pop3d.cnf.
Make sure CN=mail.yourserver.com
And change the email address to your address

# cp pop3d-ssl.dist pop3d-ssl

Change the SSLADDRESS to the IP of the server you're running it on.

if you use SSLADDRESS=0, the resulting server will try to listen on that port number (usually 143 or 993) for EVERY IP ADDRESS ON THE SYSTEM. If any other program (such as another instance of the service) is listening on a specific IP with the same port, the SSLADDRESS=0 server will refuse to start... and if the SSLADDRESS=0 service is already running, the other one (with the specific IP) will refuse to start.

Change the POP3DSSLSTART=NO to

POP3DSSLSTART=YES

Now below that section we need to add

MAXDAEMONS=40

Now to make the pop3dssl cert...

# /usr/local/share/courier-imap/mkpop3dcert

Now to start the daemon

# ln -s /var/qmail/supervise/courier-pop3dssl /service/

Now to check the service run

# svstat /service/courier-pop3dssl /service/courier-pop3dssl/log

If both items have been up for more than 1 second, Courier-pop3dssl is installed!

Sunday, 05 July 2015 23:58

Setting up Ham and Spam buttons for Squirrelmail

Written by

This requires that you are running SquirrelMail 1.4.x or above and Apache 2.2 or higher.

Download the following related files into your squirrelmail plugins folder:

# cd /usr/local/www/squirrelmail/plugins << For FreeBSD (Other systems may vary)
# fetch http://www.goodcleanemail.com/files/tarballs/spam_buttons-2.3-1.4.0.tar.gz
# fetch http://www.goodcleanemail.com/files/tarballs/compatibility-2.0.14-1.0.tar.gz

What we want to do now is create 2 email addresses for vpopmail. We want to create one for ham and one for spam reporting. You can do this as follows:

# ~vpopmail/bin/vadduser thisisspam @ domain.com password
# ~vpopmail/bin/vadduser thisisham @ domain.com password

Make sure password in the 2 examples above are not the actual password. Just create random ones if you like.

Now lets unzip them

# tar zxvf spam_buttons-2.3-1.4.0.tar.gz
# tar zxvf compatibility-2.0.14-1.0.tar.gz

Now to configure spam buttons:

# cd spam_buttons
# cp config_example.php config.php
# vi config.php

The first section under General Options is, well, optional. When you get to the section that says // REPORT-BY-EMAIL OPTIONS, this is where you change a few things:

# $is_spam_resend_destination = ' This email address is being protected from spambots. You need JavaScript enabled to view it.';
# $is_not_spam_resend_destination = ' This email address is being protected from spambots. You need JavaScript enabled to view it.';

Verify the following is set:

//$spam_report_email_method = 'bounce';
$spam_report_email_method = 'attachment';
//$is_spam_subject_prefix = 'SPAM';
//$is_not_spam_subject_prefix = 'HAM';

If you are using my freebsdrocks.net setup, make sure to remove the .qmail files and mailfilter from the vpopmail directory like so

# rm ~vpopmail/domains/domain.com/thisisspam/.qmail
# rm ~vpopmail/domains/domain.com/thisisspam/mailfilter
# rm ~vpopmail/domains/domain.com/thisisham/.qmail
# rm ~vpopmail/domains/domain.com/thisisham/mailfilter

Also, In the config.php and you're using my freebsdrocks setup, You can change the 2 following sections in config.php

$sb_report_spam_by_move_to_folder = 'Inbox.Spam';
$sb_report_not_spam_by_move_to_folder = 'Inbox';

You should now exit and save the file. This script successfully reports and process each message.
However, It does not delete the message when it is being reported.

If you are running Squirrelmail 5.x, Skip the following patch section.

Patch SquirrelMail 1.4.x to enable button display on the message list page. The patch should be run from the spam_buttons directory.

patch -p0 < patches/spam_buttons-squirrelmail-1.4.4.diff

You will now want to enable the plugin by doing the following:

# cd /usr/local/www/squirrelmail/plugins/config
# ./conf.pl

Go to

8. Plugins

Look under Available Plugins: and look for spam_buttons which is usually the last one at the bottom. The number to the left of it is the number you want to type in to enable it. Do that and hit enter and

then you should see it under Installed Plugins. Also enable the Compatability plugin as well before you continue. Press S and hit enter to save the data and hit Q to quit and hit enter. The squirrelmail plugin is now enabled and functional.

The startup scripts I just put in my bin directory in my ~home drive.

# cd ~user
# mkdir bin
# cd bin
# fetch http://www.goodcleanemail.com/files/tarballs/autolearn2.tgz
# tar zxvf
autolearn2.tgz


Edit spamauto.sh and hamauto.sh and change the sections that say:

DOMAIN="domain.com"
SPAMUSER="thisis*am"
MAILDIR="/home/vpopmail/domains/$DOMAIN/$SPAMUSER/Maildir/new"
SA_LEARN_LOG="/var/log/spamlearn.log"

Now you can put hamauto.sh and spamauto.sh in crontab like so:

0 1,13 * * * ~user/bin/hamauto.sh > /dev/null 2>&1
0 1,13 * * * ~user/bin/spamauto.sh > /dev/null 2>&1

This will tell crontab to run both scripts at 1PM and 1AM every day. Change at your discretion.

When this is completed, Users will now be able to report ham and spam. :-)

Sunday, 05 July 2015 17:13

Troubleshooting the 451 qq Temporary Problem

Written by

The most common cause of this error is a problem with the ClamAV installation. First check to make sure it's running by running the following:

# ps -auxw | grep clam

and you should get an output similar to

user 673 0.0 4.5 25320 21628 ?? Is 13Nov06 1:50.16 /usr/local/sbin/clamd

The user above can be anything. I personally use user qscand to run clamav as well as SpamAssassin.

Check the freshclam logs and check for errors. If you see any It could be due to the ownership/permissions on /var/db/clamav.

Most of these issues can be resolved by cleaning out the entire clamav installation. I would remove the following folders/files and then doing a clean install of clamav. Please also note that if you do not have these types of paths/files on your system, they may vary from distro to distro:

Files:
/usr/local/etc/rc.d/clamav-clamd (could also be startup scripts in /etc/rc.d or /etc/init.d in other systems)
/usr/local/etc/rc.d/clamav-freshclam (could also be startup scripts in /etc/rc.d or /etc/init.d in other systems)

Folders:
/usr/local/share/doc/clamav
/var/db/clamav
/var/log/clamav
/var/mail/clamav
/var/run/clamav

References:
For FreeBSD users, remove all the clamav references from /etc/rc.conf
Take freshclam out of crontab This may not exist if you are running clamav from daemontools.

If you are running the non-setuid install, run the following commands and then run the test_install.sh -doit script:

cd /var/qmail/bin

For setuid installs:

chmod 4755 qmail-scanner-queue.pl
chown qscand:qscand qmail-scanner-queue.pl

For NON-setuid installs:

chmod 4755 qmail-scanner-queue
chown qscand:qscand qmail-scanner-queue

vi qmail-scanner-queue.pl

Please note: If you are using the NON-SETUID version of qmail-scanner, your QMAILQUEUE variable will not have a .pl at the end. So instead of having

QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"; export QMAILQUEUE

you will have

QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue"; export QMAILQUEUE

The first thing you will want to troubleshoot when getting this error is to find out if this is a qmail related problem or a qmail-scanner issue. In most cases, it's either qmail-scanner, clamav or spamassassin causing the problem.

Go to /var/qmail/supervise/qmail-smtpd/run and comment out the following line so it looks like this:

#QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"; export QMAILQUEUE

Restart qmail and then try sending a test message. If it goes through, We can proceed with the next step. Skip the next paragraph and continue with the next.

If you don't get your test message, it is a qmail delivery problem. What you will want to run is qmailctl stat and make sure ALL SERVICES are up FOR MORE than one second. If something is running around 0-1 seconds consistantly, Something is wrong with that service. Take a look at the logs for that service and troubleshoot from there. If you need more help, Join us on the IRC Freenode Server in channel #qmr, search the qmr mailing list archives , or try searching Google or the qmr forums.

Now we know that it's qmail-scanner related issue. Lets take a quick look at the QMAILQUEUE line in /var/qmail/supervise/qmail-smtpd/run:

QMAILQUEUE= "/var/qmail/bin/qmail-scanner-queue.pl"; export QMAILQUEUE

The Major hint here is to make sure you used quotation marks ( " ) and not an Apostrophe ( ' )

Now to check perl dependancies. Run the following command as a NON-ROOT USER:

/downloads/qmailrocks/scripts/util/check_perlmods.script

It is very important that the Perl versions are the same. So if one perl module is 5.8.5 and the rest are 5.8.8, It would be in your best interest to update that perl module to 5.8.8 as well. Please refer to step 14 of the guide for instructions on how to reinstall those modules.

Another thing we will check is to make sure clamav and spamd are running.

The way to check this is by running

ps -auxw | grep clamd and
ps -auxw | grep spamd

You should get an output similar to the ones below:

Please note: On some systems, You way want to run the ps aux | grep command without the - in it on the next 2 commands.

# ps -auxw | grep spamd

qscand 27003 0.0 9.6 38460 36392 ?? I 7:00AM 0:02.13 spamd child (perl)
qscand 27002 0.0 9.0 36044 34128 ?? Is 7:00AM 0:02.48
/usr/local/bin/spamd -u qscand -d -x -r /var/run/spamd/spamd.pid (perl 5.8.6)

# ps -auxw | grep clamd

qscand 191 0.0 2.7 11772 10328 ?? Ss Thu09AM 0:20.11 /usr/local/sbin/clamd

The spamd processes will vary from system to system. The default is 5 child processes.

Make sure your softlimit in /var/qmail/supervise/qmail-smtpd/run is 40MB (40000000) or more (If you are using the original qmail-rocks qmail-smtpd-run file)

One other thing that will cause this is if a file system is mounted with the
nosuid option. Take a look at /etc/fstab nosuid option. I found the entry in
/etc/fstab that was causing the problem.

Check to see if you are running perl with setuid. Click on the link below for the setuid related issues with perl and qmail-scanner.

http://freebsdrocks.net/index.php/16-useful-qmail-utilities/spamassassin/45-correcting-spamassassin-and-qmail-scanner-problems

Suse has a setuid problem. Click the following link for more information.

http://freebsdrocks.net/index.php/13-useful-qmail-utilities/43-setuid-on-suse

You can also check the log files at the following locations to look for a more descriptive error:

/var/log/maillog
/var/spool/qmailscan/qmail-queue.log
/var/log/qmail/qmail-smtpd/current

Also try chmod 4755 /var/qmail/bin/qmail-scanner-queue.pl

See Disabling SpamAssassin or Clamav from qmail-scanner below:

http://freebsdrocks.net/index.php/13-useful-qmail-utilities/44-how-to-disable-enable-sa-clam-av-or-both-in-qmail-scanner

If you use the clamav ownership, rather than qscand, the perl wrapper ends up
owned as qscand, rather than clamav.

Also check out John Simpsons post about getting qmail-scanner to work with clamav.

https://qmail.jms1.net/clamav/qmail-scanner.shtml

Make sure that /var/spool/qmailscan/quarantine-attachments.db is being owned by qscand:qscand. Running /var/qmail/bin/qmail-scanner-queue.pl -g as root (w/o setuidgid) will change the db ownership

How to disable/enable SA, Clam AV or both in qmail-scanner.

At times you may want to disable/enable ClamAV or Spamassissin for a period of time without taking
the whole mailserver offline. An example of when you might want to do this is when upgrading to a
new version of either program, but doing it during normal hours rather than the middle of the
night. Of course, with this method if you disable or enable ClamAV for an upgrade you have no
antivirus/SA for incoming mail other than the simple checks that qmail-scanner makes.

To disable/enable SA, Clam or both:

Make a backup copy of qmail-scanner since editing it can be sometimes be touchy.
cp /var/qmail/bin/qmail-scanner-queue.pl /var/qmail/bin/qmail-scanner-queue.pl.old

Open the file:
pico (or vi) /var/qmail/bin/qmail-scanner-queue.pl

Find the section that looks like the following:
my @scanners_installed=("clamdscan_scanner","spamassassin","perlscan_scanner");
The next section looks like this:
my @scanners_default=("clamdscan_scanner","spamassassin","perlscan_scanner");

Change the line to look like the follwing to run SA only:
my @scanners_installed=("spamassassin");
The next section should look like this:
my @scanners_default=("spamassassin");

Change the line to look like the follwing to run clamd only:
my @scanners_installed=("clamdscan_scanner");
The next section should look like this:
my @scanners_default=("clamdscan_scanner");

Save the file and run the following commands for your OS to update qmail-scanner.

Redhat/Fedora/RHEL:
setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g, and
setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z

Debian:
setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g, and
setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z

Slackware:
setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g, and
setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z

Test and then you should be all set.

Sunday, 05 July 2015 17:11

Setuid on Suse

Written by

Things you have to do as follow:

let /usr/bin/suidperl as it is by default
I think chmod 755 /usr/bin/suidperl may also fix this issue with setuid
change bits of perl5.8.5 instead - chmod 4511 /usr/bin/sperl5.8.5
add following line to /etc/permissions.local: /usr/bin/sperl5.8.5 root.root 4511

That should solve it.

Special thanks to Huber Ulric

Page 17 of 23