Issues with Baruwa - The Perfect Spamsnake Ubuntu 10.10

Discussion in 'HOWTO-Related Questions' started by neofire, Feb 10, 2011.

  1. neofire

    neofire New Member HowtoForge Supporter

    Hey, i am having issues with Baruwa

    i recently completed this tutorial, but i have run into a problem, doesnt seem to be working at all, its not listing e-mails reports are not working, and the System status Icon is red, so i know there is a issue but i dont even know where to start looking

    as far as i can see everything else is working, mail is flowing and being scanned etc, but i cant see any information in baruwa

    any help would be greatly apprecatied
     
  2. Rocky

    Rocky New Member

    Have you setup baruwa according to the guide? Sounds like you may have a bad baruwa install. Try purging baruwa and reinstalling it. Also make sure you have the baruwa entries in mailscanner.conf according to the guide.
     
  3. neofire

    neofire New Member HowtoForge Supporter

    I will Try that

    i did follow the guide step by step, i just cant see if i missed anything would you like me to post copies of my conf files, if so which ones do you want to see
     
  4. Rocky

    Rocky New Member

    First give the purge a shot, then we'll look at the conf files if that doesn't work.
     
  5. neofire

    neofire New Member HowtoForge Supporter

    Hey Rocky i have reinstalled Baruwa and still having issues, have you got any other ideas ??
     
  6. Rocky

    Rocky New Member

    Post a sample of your mail.log.
     
  7. neofire

    neofire New Member HowtoForge Supporter

    Here is at part of my mail.log
     

    Attached Files:

  8. Rocky

    Rocky New Member

    Ok, I can see that mails are flowing, but not inspected by Baruwa. Do you have the following settings in mailscanner.conf?

    Always Looked Up Last = &BaruwaSQL
    Is Definitely Not Spam = &BaruwaWhitelist
    Is Definitely Spam = &BaruwaBlacklist
    Required SpamAssassin Score = &BaruwaLowScore
    High SpamAssassin Score = &BaruwaHighScore
     
  9. neofire

    neofire New Member HowtoForge Supporter

    hey rocky

    i have re-added that settings in the conf file, another application must of changed the conf file during the build

    after i change the settings i rebooted the server to give it a clean startup unfortunatly still having issue with baruwa, now baruwa enteries are coming up in the mail.log,

    does baruwa have any other logs that i can look at for information ?

    and also is there anyway of using configuring spamsnake to allow Rich text to be scanned properly ?
     
  10. neofire

    neofire New Member HowtoForge Supporter

    Hey Rocky here are some screen shots of the Baruwa Page, the first screen shot shows the messages tab with no records returned and the System status icon is red

    The second one show the Baruwa Status page the the MTA has a explanation mark on it

    if you want me to post more logs or anything else please let me know
     

    Attached Files:

  11. Rocky

    Rocky New Member

    Make sure your mailscanner.conf file has:

    MTA = postfix

    Restart your system once you've set that and give me another sample of your mail.log. It seems as though you might have missed a few steps or so, but you're very close.
     
  12. neofire

    neofire New Member HowtoForge Supporter

    Hey Rocky

    I check the mailscanner.conf and MTA = postfix is there

    sorry if these are trival or stupid issues i am not used to using postfix etc, but i am trying to learn, i am a Lotus Domino administrator but would like to use this as a Spam/Virus Filter for external mail

    i have rebooted the server aswell to be safe and still no go, and now i am getting bounce backs due to rich text errors, Bounce Back E-Mail Below

    Our virus detector failed to completely analyse a message you sent:-
    To: setswei@hotmail.com
    Subject: Fw: Other Bad Content Detected
    Date: Tue Feb 15 10:50:21 2011
    Any parts of the message that could not be analysed will not have been
    delivered.

    If you are using Microsoft Outlook, we strongly recommend you change your
    outgoing message format from "Rich Text" to "HTML" or "Plain Text".

    1) Click on the "Tools" menu and choose "Options..."
    2) Go to the "Mail Format" tab
    3) For message format, select "HTML" or "Plain text"
    4) Click OK

    The virus detector said this about the message:
    Report: Report: MailScanner: Message attempted to kill MailScanner


    --
    MailScanner
    Email Virus Scanner
    cybercrysis.net.au
    www.cybercrysis.net.au

    For all your IT requirements visit: http://www.transtec.co.uk
     
  13. topdog

    topdog New Member HowtoForge Supporter

    That is a mailscanner issue, please run mailscanner in debug mode, it should be able to point you in the right direction.
     
  14. Rocky

    Rocky New Member

    You'll have to completely purge clamav and it's definitions, then reinstall it.

    Do something like:
    apt-get remove --purge clamav* libclamav6
    Delete everything from /var/lib/clamav if anything is there.

    Do:
    apt-get update
    apt-get install clamav-daemon libclamav6

    Make sure to configure clamav according to section 7 of the guide.

    Let me know how you make out.
     
  15. neofire

    neofire New Member HowtoForge Supporter

    Hey Rocky

    i have managed to get a green status light on the Baruwa Installation

    but now i am still having mail routing issues

    i have reinstalled Clamav as per the guide but still having issues, i dont understand where i have gone wrong with the tutorial
     
  16. topdog

    topdog New Member HowtoForge Supporter

    What routing issues are you having ? Please provide some detail (error messages, logs etc)
     
  17. neofire

    neofire New Member HowtoForge Supporter

    hey topdog sorry i was vague with the last post

    its the same issue i was having before, e-mails are being bounced by the spamsnake box

    Example

    Our virus detector failed to completely analyse a message you sent:-
    To:
    Subject:
    Date: Wed Feb 16 19:19:09 2011
    Any parts of the message that could not be analysed will not have been
    delivered.

    If you are using Microsoft Outlook, we strongly recommend you change your
    outgoing message format from "Rich Text" to "HTML" or "Plain Text".

    1) Click on the "Tools" menu and choose "Options..."
    2) Go to the "Mail Format" tab
    3) For message format, select "HTML" or "Plain text"
    4) Click OK

    The virus detector said this about the message:
    Report: Report: MailScanner: Message attempted to kill MailScanner


    --
    MailScanner
    Email Virus Scanner
    cybercrysis.net.au
    www.cybercrysis.net.au

    For all your IT requirements visit: http://www.transtec.co.uk



    I have reinstalled clamav and confirmed the configuration but when i send a e-mail and i monitor the mail.log this is what i get

    Feb 16 19:36:14 spamsnake postfix/cleanup[10619]: CC1D010097F: message-id=<OF558A88E2.9B5F3B6B-ON4A257839.0034C7E5-4A257839.0034C24D@cybercrysis.net.au>
    Feb 16 19:36:14 spamsnake postfix/smtpd[10616]: disconnect from cc-mailrouter.cybercrysis.net.au[192.168.0.249]
    Feb 16 19:36:17 spamsnake MailScanner[10562]: New Batch: Scanning 1 messages, 23244 bytes
    Feb 16 19:36:17 spamsnake MailScanner[10562]: Virus and Content Scanning: Starting
    Feb 16 19:36:17 spamsnake MailScanner[10623]: MailScanner E-Mail Virus Scanner version 4.81.4 starting...
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Reading configuration file /opt/MailScanner/etc/MailScanner.conf
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Reading configuration file /opt/MailScanner/etc/conf.d/README
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Read 867 hostnames from the phishing whitelist
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Read 7155 hostnames from the phishing blacklists
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Config: calling custom init function BaruwaLowScore
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Config: calling custom init function BaruwaBlacklist
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Config: calling custom init function BaruwaSQL
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Config: calling custom init function BaruwaHighScore
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Using SpamAssassin results cache
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Connected to SpamAssassin cache database
    Feb 16 19:36:17 spamsnake MailScanner[10623]: Enabling SpamAssassin auto-whitelist functionality...
    Feb 16 19:36:25 spamsnake MailScanner[10623]: Connected to Processing Attempts Database
    Feb 16 19:36:25 spamsnake MailScanner[10623]: Found 1 messages in the Processing Attempts Database
    Feb 16 19:36:25 spamsnake MailScanner[10623]: Using locktype = flock


    Spamsnake holds the message and it tries to scan it but bounces it back with the above message
     
  18. topdog

    topdog New Member HowtoForge Supporter

    Did you try what i suggested in my earlier post, running mailscanner in debug mode ?
     
  19. neofire

    neofire New Member HowtoForge Supporter

    yes i did, but i couldn't see any differences in the log files, does debug mode output files else where
     
  20. Rocky

    Rocky New Member

    Run freshclam and restart your system, check your logs and post a sample.

    What's the specs of your system?
     

Share This Page