The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How do you disable Mailscanner for outgoing but enable for incoming email?

Discussion in 'E-mail Discussions' started by Valetia, May 18, 2004.

  1. Valetia

    Valetia Well-Known Member

    Joined:
    Jun 20, 2002
    Messages:
    207
    Likes Received:
    1
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    How do you disable Mailscanner for outgoing but enable for incoming email?
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You need to use a rules file. If you haven't already got one, modify MailScanner.conf so that

    Spam Checks = %rules-dir%/spam.scanning.rules

    Then create a file in the rules subdirectory called spam.scanning.rules and add the domains as follows:

    To: *@mydomain.com yes
    To: *@myotherdomain.com yes
    FromOrTo: default no

    The last one is a catchall to not scan domains that are not listed.

    The key here is using To: instead of FromOrTo: to prevent outgoing email from being scanned for spam.

    Stop and restart MailScanner after making any changes.
     
  3. Creazioni1

    Creazioni1 Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6
    From when installed MAILSCANNEr server ar a big problem
    LOAD IS HIGH

    All day i've 15 SSH open to control server's LOAD
    is a bad life:)

    When some1 send a newsletter, server go down
    (before mailscanner no problems)

    I would like delete outgoing control for all mail
    i would like optimizze mailscanner

    can i find HOW-TO in some site?

    THANKS
     
  4. kris1351

    kris1351 Well-Known Member

    Joined:
    Apr 18, 2003
    Messages:
    963
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Lewisville, Tx
    You have a server problem there. While Mailscanner can create a small additional load, it won't bring down your server unless you are overselling horribly bad. We run it on ours with no issues at all with extra load, each check only takes a second or two.

    As for deleting it there is an uninstall script that came with the package you downloaded from layer1. You can re-download it if you didn't save it the first time.
     
  5. HostIt

    HostIt Well-Known Member

    Joined:
    Feb 22, 2003
    Messages:
    151
    Likes Received:
    1
    Trophy Points:
    18
    I would recommend installing Anand's Exiscan+Clam+Exim Autoinstaller, as per this thread. It uninstalls MailScanner automatically and as such, reduces load. Full details at http://www.cpanelappz.com/

    As kris1351 said however, you would seem to have more problems than just MailScanner?
     
  6. Creazioni1

    Creazioni1 Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6
    i've REDHAT 8 + stable
    therefore i wait to install

    Thanks
     
  7. Creazioni1

    Creazioni1 Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    58
    Likes Received:
    0
    Trophy Points:
    6
    are you sure i don't modify, for block control outgoing mail,

    /etc/exim.conf
    or
    /etc/exim_outgoing.conf

    ?
     
  8. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You want to block all outgoing email?

    To do that, you need to firewall off outgoing SMTP traffic on port 25 which is what the feature in WHM does with iptables rules when you use: WHM > Tweak Security > SMTP Tweak > Enable

    If you are just talking about outgoing MailScanning, then I've already outlined how to do it above.
     
  9. chrisbond

    chrisbond Well-Known Member

    Joined:
    Apr 12, 2003
    Messages:
    59
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Hereford, United Kingdom
    I'd recommend you switch to exiscan now that its part of the main cpanel exim build. I went from a mailscanner server to this running clam and just the standard exim rpms (you can grab latest via /scripts/exim4) you just then to add about 8 lines to the exim config im WHM and you're done.
     
  10. Przemek

    Przemek Active Member

    Joined:
    Jan 20, 2003
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Doesn't it only stop MailScanner from scanning the messages for spam? But how to disable antivirus scanning for specific messages?
     
  11. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Virus checking is very similar:

    You need to use a rules file. If you haven't already got one, modify MailScanner.conf so that

    Virus Scanning = %rules-dir%/virus.scanning.rules

    Then create a file in the rules subdirectory called virus.scanning.rules and add the domains as follows:

    To: *@mydomain.com yes
    To: *@myotherdomain.com yes
    FromOrTo: default no

    The last one is a catchall to not scan domains that are not listed.

    You can use FromOrTo: to virus scan outgoing and incoming email for a domain.

    Stop and restart MailScanner after making any changes.
     
  12. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    Would that cover subdomain emails? Is it possible to specify it as: *@*.mydomain.com yes
     
  13. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Yes, you can use that subdomain format too.
     
  14. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    Will I need to use both formats for each domain or will the subdomain format do both jobs?
     
  15. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You will need both because it is doing pattern matching and the subdomain match has an extra dot (.) in it compared to the top level domain.
     
  16. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    I've just found this in the EXAMPLES file:

    # Match user@domain.com as well as user@sub.domain.com:
    From: /[\@\.]domain\.com$/ yes

    I am wondering if this is what the author is referring to when he says New in Version 4.29.7: Added example rule for matching *@domain.com and *@*.domain.com in 1 rule.
     
  17. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You're quite right, that will do both on one line, I didn't realise that it accepted regular expressions :)
     
  18. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    Excellent. Saves some typing. :)

    Looking at the From rules again, I am a bit weary about them. Let's say, can spoofed email headers (that may have a local domain name on the From line) confuse MS and prompts it to scan despite a default From rule not to?
     
  19. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I haven't done testing with spoofed headers, but it could be that MailScanner looks at the SMTP routing information and takes the information from there which would prevent this type of attempt to fool the filters.
     
Loading...

Share This Page