The Perfect SpamSnake - Ubuntu Jeos 12.04 LTS Precise Pangolin

Discussion in 'HOWTO-Related Questions' started by rjhigham, Feb 27, 2013.

  1. rjhigham

    rjhigham New Member

    Hi Guys,

    Finally finished setting the above up. Most of it seems to work out of the box.

    Only issue i seem to be having is that I cannot release messages. GIves me a cannot connect to server error. If I turn off java then it does the server misconfigured page.

    Any help would be much appreciated.

    Rich
     
  2. rjhigham

    rjhigham New Member

    As a side note

    If it makes any difference iam convinced it could be permissions but cant spot anything.

    The server works but I get the same error doing a connection test in the smtp server settings.
     
  3. rjhigham

    rjhigham New Member

    Unrelated Question

    Also on an unrelated matter is it easy to stop:


    Cron <smmsp@gateway> test -x /etc/init.d/sendmail
    && /usr/share/sendmail/sendmail cron-msp

    These emails? I want the cron to run but not let me know for now.

    Rich
     
  4. rjhigham

    rjhigham New Member

    Anyone

    Anyone with any ideas for this?
     
  5. rjhigham

    rjhigham New Member

    Anyone with an idea on this?

    Anyone with an idea on this?
     
  6. Rocky

    Rocky New Member

    It has to be permission issues. Please double check your perms according to the guide.
     
  7. huey23

    huey23 New Member

    rjhigham,

    What is the output of:

    # service baruwa status
     
  8. rjhigham

    rjhigham New Member

    I seem to get

    * celeryd is not running
     
  9. huey23

    huey23 New Member

    OK...

    # service baruwa start

    Then try to open the message again
     
  10. rjhigham

    rjhigham New Member

    Still the same
     
  11. huey23

    huey23 New Member

    What does this yield:

    tail -f /var/log/baruwa/celeryd.log
     
  12. huey23

    huey23 New Member

    Also...

    Check the "DATABASES" section of /etc/baruwa/settings.py

    Run through the tut again and

    # baruwa-admin syncdb --noinput
    # for name in $(echo "accounts messages lists reports status fixups config"); do
    baruwa-admin migrate $name;
    done

    There is something else that needs done through this to initialize the DB but I cannot remember what it is. Maybe Rocky can help there...

    Also...

    Check the logs in the rabbitmq-server to make sure it is running as well:

    /var/log/rabbitmq/
     
  13. rjhigham

    rjhigham New Member

    Sorted. It was celeryd permissions added again and all fine.

    One last question in my pdf reports the logo in the top left is very unclear if I change the image it is still the same.

    Is the image compressed? Can I turn this off so the quality is better?

    Thanks for the help

    Cheers

    Richard
     
  14. rjhigham

    rjhigham New Member

    Also just noticed mail is working and messages show in list but in the top and status message totals are 0?
     
  15. Chluz

    Chluz New Member

    Code for exchange 2013 and domain controller 2012

    Hi all
    First off, thanks for your guide: at last I can get proper spamfilter for exchange 2013 without paying an arm and a leg
    Also I just wanted to say I got the LDAP scripts working for exchange 2013.
    Im using a python script instead of pearl so to be pasted in /usr/bin/getadsmtp.py : I got this script from liveraverage so all credits go to him

    as you can see i kinda hacked the beginning because ive never programed in python: just edit

    arg.connect = "host.domain.com"
    arg.user = "username"
    arg.password = "password"
    arg.ou = "cn=Users,dc=domain,dc=com"

    for your settings
    Code:
    !/usr/bin/env python
    
    #Credits: Marc Smith, http://marcitland.blogspot.com/2011/02/python-active-directory-linux.html
    #         DarkPixel, https://github.com/darkpixel/scripts/blob/master/getadsmtp.py
    #         JR, http://liveaverage.com
    
    import sys, ldap, argparse
    import ldap.modlist as modlist
    from ldap.controls import SimplePagedResultsControl
    
    parser = argparse.ArgumentParser(formatter_class=argparse.ArgumentDefaultsHelpFormatter, description="Retrieve e-m$
    parser.add_argument('-c', '--connect', required=False, action='store', help='The host to connect to (AD/Exchange S$
    parser.add_argument('-r', '--port', action='store', help='Port to use for connecting, defaults to 636')
    parser.add_argument('-u', '--user', action='store', required=False, help='Username to use (either cn=blah,dc=cust,$
    parser.add_argument('-p', '--password', action='store', required=False, help='Password')
    parser.add_argument('-o', '--ou', action='store', required=False, help='Org Unit (Base DN) to export from')
    
    arg = parser.parse_args()
    arg.connect = "host.domain.com"
    arg.user = "username"
    arg.password = "password"
    arg.ou = "cn=Users,dc=domain,dc=com"
    
    LDAP_SERVER = 'ldaps://%s:%s' %(arg.connect, arg.port or '3269')
    BIND_DN = arg.user
    BIND_PASS = arg.password
    USER_FILTER = "(& (mailnickname=*) (| (objectClass=publicFolder)(&(objectCategory=person)(objectClass=user)(!(home$
    USER_BASE = arg.ou
    PAGE_SIZE = 500
    
    # LDAP connection
    try:
      ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
      ldap_connection = ldap.initialize(LDAP_SERVER)
      ldap_connection.set_option(ldap.OPT_REFERRALS, 0)
      ldap_connection.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
      ldap_connection.set_option(ldap.OPT_X_TLS,ldap.OPT_X_TLS_DEMAND)
      ldap_connection.set_option( ldap.OPT_X_TLS_DEMAND, True )
      ldap_connection.set_option( ldap.OPT_DEBUG_LEVEL, 255 )
      ldap_connection.simple_bind_s(BIND_DN, BIND_PASS)
    except ldap.LDAPError, e:
      sys.stderr.write('Error connecting to LDAP server: ' + str(e) + '\n')
      sys.exit(1)
    
    # Lookup usernames from LDAP via paged search
    paged_results_control = SimplePagedResultsControl(
      ldap.LDAP_CONTROL_PAGE_OID, True, (PAGE_SIZE, ''))
    accounts = []
    pages = 0
    while True:
      serverctrls = [paged_results_control]
      try:
          msgid = ldap_connection.search_ext(USER_BASE,
                                             ldap.SCOPE_SUBTREE,
                                             USER_FILTER,
                                             attrlist=['proxyAddresses'],
                                             serverctrls=serverctrls)
    
    then just modify /usr/bin/update-relay-recipients.sh to read
    Code:
    #!/bin/sh
    #rm -f /etc/postfix/relay_recipients
    python /usr/bin/getadsmtp.py > /etc/postfix/relay_recipients
    postmap /etc/postfix/relay_recipients
    postfix reload
    
    and you should be good to go. I should specify this hasnt been tested in a working environent yet
     
    Last edited: Jun 27, 2013
  16. Chluz

    Chluz New Member

    /var/spool/MailScanner permissions

    Hi; I noticed that I wasn't able to delete; release etc any of my messages in baruwa and was getting this message cannot be found in your quarantine error:

    Using this thread i fixed the problem. I edited my permissions such that (I just added the execute permission to user Other for MailScanner)

    Code:
    root@gateway:/var/spool# ls -l
    total 44
    drwxr-xr-x  2 root        root        4096 Jun 23 18:04 anacron
    drwxr-xr-x  5 root        root        4096 Feb 13 23:08 cron
    drwx--x---  3 root        lp          4096 Feb 13 23:08 cups
    drwxr-x---  5 Debian-exim Debian-exim 4096 Jun 24 21:52 exim4
    drwxr-x---  2 filter      filter      4096 Jun 27 00:28 filter
    drwx------  2 root        root        4096 Jun 25 13:20 firehol
    drwxr-xr-x  3 root        root        4096 Feb 13 23:08 libreoffice
    lrwxrwxrwx  1 root        root           7 Jun 23 17:33 mail -> ../mail
    drwxr-xr-x  5 postfix     celeryd     4096 Jun 24 22:22 MailScanner
    drwxr-xr-x  2 root        root        4096 Apr 13  2012 plymouth
    drwxr-xr-x 20 root        root        4096 Jun 24 21:52 postfix
    drwxr-xr-x  2 root        root        4096 Mar 30  2012 rsyslog
    
    and made sure I had these permissions for the following folders

    Code:
    root@gateway:/var/spool/MailScanner# ls -l
    total 12
    drwxr-x--- 14 postfix celeryd 4096 Jun 27 00:31 incoming
    drwxrwx---  5 postfix celeryd 4096 Jun 27 00:00 quarantine
    drwxr-xr-x  2 postfix celeryd 4096 Jun 24 15:36 spamassassin
    
     
  17. Chluz

    Chluz New Member

    Message when starting mailscanner

    Hi; all is working mostly well; but I have two questions

    first, when starting mailscanner from the command line I get a

    Code:
     * Restarting mail spam/virus scanner MailScanner    No process in pidfile '/var/run/MailScanner/MailScanner.pid' found running; none killed.
    
    
    MailScanner Started
                                                                                                                                                        [ OK ]
    I checked my /etc/init.d/mailscanner file and redid the corresponding section in page 2 and the modifications in page 3 but it still does it

    The second problem I have is that a lot of times after a reboot, Baruwa will not let me learn or preview an email:
    The Baruwa log shows somethiong about a warm shutdown of celeryd, but doesnt say why (I tried to reboot to get the message now but of course it didint do it this time, it used to be pretty systematic though)

    EDIT : got the message this mornring
    Code:
    [2013-06-29 10:39:07,417: INFO/MainProcess] Got task from broker: preview-message[d5cdcde9-a53b-412c-9fcd-dcfcadc36b8a]
    [2013-06-29 10:39:07,463: INFO/PoolWorker-3] preview-message[d5cdcde9-a53b-412c-9fcd-dcfcadc36b8a]: Preview of message: 349F91E62E92.AED9C requested by user:
    [2013-06-29 10:39:07,582: INFO/MainProcess] Task preview-message[d5cdcde9-a53b-412c-9fcd-dcfcadc36b8a] succeeded in 0.163022994995s: {'headers': {'date': u'Sat, 29 Jun 2013...
    [2013-06-29 10:50:55,439: WARNING/MainProcess] celeryd: Warm shutdown (MainProcess)
    [2013-06-29 10:50:55,439: INFO/MainProcess] Celerybeat: Shutting down...
    [2013-06-29 10:50:56,186: INFO/PoolWorker-2] process shutting down
    [2013-06-29 10:50:56,186: INFO/PoolWorker-2] process exiting with exitcode 0
    [2013-06-29 10:50:56,187: INFO/PoolWorker-3] process shutting down
    [2013-06-29 10:50:56,188: INFO/PoolWorker-3] process exiting with exitcode 0
    [2013-06-29 10:50:56,347: INFO/MainProcess] process shutting down
    
    and i get an error in the /var/crash which reads
    Code:
    root@gateway:/home/charles-luzzato# apport-retrace -s _usr_share_pyshared_baruwa_manage.py.125.crash
    Traceback (most recent call last):
      File "/usr/bin/apport-retrace", line 267, in <module>
        crashdb = get_crashdb(options.auth)
      File "/usr/lib/python2.7/dist-packages/apport/crashdb.py", line 841, in get_crashdb
      File "/usr/lib/python2.7/dist-packages/apport/crashdb_impl/launchpad.py", line 20, in <module>
      File "/usr/lib/python2.7/dist-packages/launchpadlib/errors.py", line 20, in <module>
      File "/usr/lib/python2.7/dist-packages/lazr/restfulclient/__init__.py", line 19, in <module>
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2727, in <module>
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 700, in subscribe
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2727, in <lambda>
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2227, in activate
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2322, in insert_on
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2179, in version
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2221, in _get_metadata
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 1536, in get_metadata_lines
      File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 1529, in get_metadata
    IOError: [Errno 2] No such file or directory: '/usr/lib/python2.7/dist-packages/setuptools.egg-info'
    If i restart baruwa everything runs smoothly though; although I do get crashes without reboots every once in a while
    I have updated mailscanner to latest version to no avail
     
    Last edited: Jun 30, 2013
  18. Chluz

    Chluz New Member

    ScamNailer

    Hi, I just saw that Scamnailer isn't working properly.
    you need to download the latest version for the rules to be downloaded properly (http://www.scamnailer.info/files/2/ScamNailer-2.10.gz) and paste into /usr/sbin/update_scamnailer (replace what is there). Then restart mailscanner and no more spamassassin lint errors related to scam nailer.
     
  19. Rocky

    Rocky New Member

    Does this file exist?
    /usr/lib/python2.7/dist-packages/setuptools.egg-info
     
  20. Rocky

    Rocky New Member

    Try this mailscanner startup script. Let me know if it works and I'll update the tutorial.

    Code:
    #! /bin/sh
       ### BEGIN INIT INFO
       # Provides:          MailScanner daemon
       # Required-Start:    $local_fs $remote_fs
       # Required-Stop:     $local_fs $remote_fs
       # Default-Start:     2 3 4 5
       # Default-Stop:      0 1 6
       # Short-Description: Controls mailscanner instances
       # Description:       MailScanner is a queue-based spam/virus filter
       ### END INIT INFO
       # Author: Simon Walter <[email protected]>
       # PATH should only include /usr/* if it runs after the mountnfs.sh script
       PATH=/usr/sbin:/usr/bin:/bin:/sbin:/opt/MailScanner/bin
       DESC="mail spam/virus scanner"
       NAME=MailScanner
       PNAME=MailScanner
       DAEMON=/opt/MailScanner/bin/$NAME
       STARTAS=MailScanner
       SCRIPTNAME=/etc/init.d/$PNAME
       #PIDFILE=`${QUICKPEEK} 'PID file' ${CONFFILE}`
       CONFFILE=/opt/MailScanner/etc/MailScanner.conf
       PIDFILE=/var/run/MailScanner/MailScanner.pid
       # Exit if the package is not installed
       [ -x "$DAEMON" ] || exit 0
       run_nice=0
       stopped_lockfile=/var/lock/subsys/MailScanner.off
       # Read configuration variable file if it is present
       [ -r /etc/default/$PNAME ] && . /etc/default/$PNAME
       # Load the VERBOSE setting and other rcS variables
       . /lib/init/vars.sh
       # Define LSB log_* functions.
       # Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
       . /lib/lsb/init-functions
     # sanity check for permissions
       fail()
       {
       echo >&2 "$0: $1"
       exit 1
       }
       check_dir()
       {
       if [ ! -d $1 ]; then
       mkdir -p "$1" || \
       fail "directory $1: does not exist and cannot be created"
       fi
       actual="$(stat -c %U $1)"
       if [ "$actual" != "$2" ]; then
       chown -R "$2" "$1" || \
       fail "directory $1: wrong owner (expected $2 but is $actual)"
       fi
       actual="$(stat -c %G $1)"
       if [ "$actual" != "$3" ]; then
       chgrp -R "$3" "$1" || \
       fail "directory $1: wrong group (expected $3 but is $actual)"
       fi
       }
       user=$(echo $(awk -F= '/^Run As User/ {print $2; exit}' $CONFFILE))
       group=$(echo $(awk -F= '/^Run As Group/ {print $2; exit}' $CONFFILE))
       check_dir /var/spool/MailScanner       ${user:-postfix} ${group:-celeryd}
       check_dir /var/lib/MailScanner         ${user:-postfix} ${group:-celeryd}
       check_dir /var/run/MailScanner         ${user:-postfix} ${group:-celeryd}
       check_dir /var/lock/subsys           ${user:-root} ${group:-root} #Required to Create Folder
       check_dir /var/lock/subsys/MailScanner ${user:-postfix} ${group:-celeryd}
       #
       # Function that starts the daemon/service
       #
       do_start()
       {
       # Return
       #   0 if daemon has been started
       #   1 if daemon was already running
       #   2 if daemon could not be started
       start-stop-daemon --start --quiet --startas $STARTAS --pidfile "$PIDFILE" --test > /dev/null \
       || return 1
       start-stop-daemon --start --quiet --nicelevel $run_nice --chuid postfix:celeryd --exec $DAEMON --pidfile "$PIDFILE" -- $DAEMON_ARGS \
       || return 2
     # Add code here, if necessary, that waits for the process to be ready
       # to handle requests from services started subsequently which depend
       # on this one.  As a last resort, sleep for some time.
       # Set lockfile to inform cronjobs about the running daemon
       RETVAL="$?"
       if [ $RETVAL -eq 0 ]; then
       touch /var/lock/subsys/MailScanner
       rm -f $stopped_lockfile
       fi
       if [ $RETVAL -eq 0 ]; then
       echo "MailScanner Started"
       fi
       }
       #
       # Function that stops the daemon/service
       #
       do_stop()
       {
       # Return
       #   0 if daemon has been stopped
       #   1 if daemon was already stopped
       #   2 if daemon could not be stopped
       #   other if a failure occurred
       start-stop-daemon --stop --retry=TERM/30 --pidfile "$PIDFILE"
       RETVAL="$?"
       [ "$RETVAL" = 2 ] && return 2
       # Remove lockfile for cronjobs
       if [ $RETVAL -eq 0 ]; then
       rm -f /var/lock/subsys/MailScanner
       touch $stopped_lockfile
       fi
       if [ $RETVAL -eq 0 ]; then
       echo "MailScanner Stopped"
       fi
       }
       #
       # Function that sends a SIGHUP to the daemon/service
       #
       do_reload() {
       start-stop-daemon --stop --signal 1 --quiet --pidfile "$PIDFILE"
       return 0
       }
       case "$1" in
       start)
       [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
     do_start
       case "$?" in
       0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
       2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
       esac
       ;;
       stop)
       [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
       do_stop
       case "$?" in
       0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
       2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
       esac
       ;;
       restart|force-reload)
       #
       # If the "reload" option is implemented then remove the
       # 'force-reload' alias
       #
       log_daemon_msg "Restarting $DESC" "$NAME"
       do_stop
       case "$?" in
       0|1)
       do_start
       case "$?" in
       0) log_end_msg 0 ;;
       1) log_end_msg 1 ;; # Old process is still running
       *) log_end_msg 1 ;; # Failed to start
       esac
       ;;
       *)
       # Failed to stop
       log_end_msg 1
       ;;
       esac
       ;;
       *)
       echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
       exit 3
       ;;
       esac
     exit 0
    
     

Share This Page