MailScanner on layer1.cpanel.net [was:Updated Exim+Antivirus Package Available]

Where do we send an email..... can't send it via your profile.

 

I'd be very interested in the Clam + Sophie version!

 

Hey Elikster,

Do you need to do anything with exim+virusscanner-CLAM that was installed from cPanel downloads before installing yours?

It's all still there. I just disabled it in exim.conf because it locked the mail queue.

Thnx,

 

Thanks a lot for this Elikster! I hope you keep these packages updated in the future. Too bad Darkorb doesn't feel the need to keep these packages upgraded though.

btw. does f-prot also scan the messages for virusses? I can't find that anywhere...

 

how much is f-prot to buy - I went to their site but I don't know what version you have included as I only seemed to find individual user versions.

Also - is there anyway to set this up to ignore certain domains or just work on certain domains - kind of like an added service.

Also, are virussignatures kept uptodate automatically?

What will be the difference between current released version and the sophie version? and you do you custom installs and if so how much? (PM me please)

--Tone

 

Query

Hi Elikster,

Your script look great, thank you for posting, i have a question, after finish installation, i receive an email tell me about virus was found on one of sender:

Our virus checker has found potentially malicious code in a mail from
xxxx@hotmail.com addressed to you. Delivery has been stopped. For further
questions, please contact postmaster@localdomain.com.


The message has been quarantined as 3ec2640b-16fa.


CLAM Anti Virus found:
Yaha.P

------------------------------------------------------------------------
Message headers follow:
Received: from [210.186.89.116] (helo=mail.domain.net)
by first.domain.com with smtp (Exim 3.36 #1)
id 19FyOp-0001Ws-00
for admin@domain.net; Wed, 14 May 2003 23:42:36 +0800
From: username<xxxx@hotmail.com>
To: admin@domain.net
Subject: Things to note...
Date: Wed,14 May 2003 23:41:47 PM
X-Mailer: Windows Eudora Pro Version 2.1.2
MIME-Version: 1.0
Content-Type:multipart/mixed;
boundary=#PNQDF07719#
Message-Id: <E19FyOp-0001Ws-00@first.domain.com>


My question is, how could i change 'please contact postmaster@localdomain.com' to my email .

Please help and thank you so much.

 

pico /etc/amavis/amavis.conf

further down it does state who should the mail be sent from and who are the admin/s.

My problem with that is if I have resellers, I do not want to use my domain contact as it could dispair my resellers.

If you do not have any resellers you can change it to admin@yourdomain.com - if you do have resellers, does anyone know of a way around this?

--Tone

 

Hi Valuehosted,

Thanks for help, the best idea is if you can search the line of:

Our virus checker has found potentially malicious code in a mail from
xxxx@hotmail.com addressed to you. Delivery has been stopped. For further questions, please contact bla bla

 

Perl 5.8.0. Problem..

I'm running Perl 5.8.0

And after i installed exim-antivirus-CLAM, it is not working.

Is there way to fix that, or is there any where to downgrade my perl to perl 5.6.1?

I'm using Mandrake 9.0, Perl 5.8.0 is preinstalled.

I have tried to rpm -e perl and compile 5.6.1, but it didn't work, because it needs perl to make the compilation.


Any experts?

Thanks a lot.

 

Grap the source from cpanel ftp and compile it in your server.

I'm running redhat 8 with perl 5.8.0, don't not my compiled rpm can work on your system or not.

 

This is great news - looking forward to the upgrade patch.

--Tone

 

Elikster

If you did not get a RH 8.0 box yet, email me kevin@manlius.com
I will get you access.

 

Is the latest version works in perl 5.8.0?

 

WTF?

OK, WHM update night of 5/14 to 5/15:

CPAN is up to date.
Running install for module DBI
Running make for T/TI/TIMB/DBI-1.36.tar.gz
Fetching with LWP:
http://ftp.cpanel.net/pub/CPAN/authors/id/T/TI/TIMB/DBI-1.36.tar.gz
CPAN: Digest::MD5 loaded ok
Fetching with LWP:
http://ftp.cpanel.net/pub/CPAN/authors/id/T/TI/TIMB/CHECKSUMS
Checksum for /root/.cpan/sources/authors/id/T/TI/TIMB/DBI-1.36.tar.gz ok
Scanning cache /root/.cpan/build for sizes
SNIP............
.............
DBI-1.36/ToDo

CPAN.pm: Going to build T/TI/TIMB/DBI-1.36.tar.gz

Creating extra DBI::PurePerl test: t/zz_01basics_pp.t
Creating extra DBI::PurePerl test: t/zz_02dbidrv_pp.t
Creating extra DBI::PurePerl test: t/zz_03handle_pp.t
Creating extra DBI::PurePerl test: t/zz_04mods_pp.t
Creating extra DBI::PurePerl test: t/zz_05thrclone_pp.t
Creating extra DBI::PurePerl test: t/zz_06attrs_pp.t
Creating extra DBI::PurePerl test: t/zz_07kids_pp.t
Creating extra DBI::PurePerl test: t/zz_08keeperr_pp.t
Creating extra DBI::PurePerl test: t/zz_10examp_pp.t
Creating extra DBI::PurePerl test: t/zz_15array_pp.t
Creating extra DBI::PurePerl test: t/zz_20meta_pp.t
Creating extra DBI::PurePerl test: t/zz_30subclass_pp.t
Creating extra DBI::PurePerl test: t/zz_40profile_pp.t
Creating extra DBI::PurePerl test: t/zz_41prof_dump_pp.t
Creating extra DBI::PurePerl test: t/zz_42prof_data_pp.t
Creating extra DBI::PurePerl test: t/zz_60preparse_pp.t
Creating extra DBI::PurePerl test: t/zz_80proxy_pp.t
Checking if your kit is complete...
Looks good
Writing Makefile for DBI

Remember to actually *read* the README file!
Use 'make' to build the software (dmake or nmake on Windows).
Then 'make test' to execute self tests.
Then 'make install' to install the DBI and then delete this working
directory before unpacking and building any DBD::* drivers.

/usr/bin/perl -I/usr/lib/perl5/5.6.1/i686-linux -I/usr/lib/perl5/5.6.1 -MExtUtils::Command -e mkpath blib/lib/DBI
rm -f blib/lib/DBI/Changes.pm
cp Changes blib/lib/DBI/Changes.pm
/bin/sh -c true
cp Driver_xst.h blib/arch/auto/DBI/Driver_xst.h
cp lib/DBI/ProfileDumper.pm blib/lib/DBI/ProfileDumper.pm
cp DBIXS.h blib/arch/auto/DBI/DBIXS.h
cp lib/DBI/DBD/Metadata.pm blib/lib/DBI/DBD/Metadata.pm
cp lib/DBD/NullP.pm blib/lib/DBD/NullP.pm
cp dbipport.h blib/arch/auto/DBI/dbipport.h
cp lib/DBI/Const/GetInfoReturn.pm blib/lib/DBI/Const/GetInfoReturn.pm
cp dbd_xsh.h blib/arch/auto/DBI/dbd_xsh.h
cp lib/DBI/Const/GetInfo/ANSI.pm blib/lib/DBI/Const/GetInfo/ANSI.pm
cp lib/DBI/PurePerl.pm blib/lib/DBI/PurePerl.pm
cp lib/DBI/Profile.pm blib/lib/DBI/Profile.pm
cp lib/DBI/FAQ.pm blib/lib/DBI/FAQ.pm
cp DBI.pm blib/lib/DBI.pm
cp lib/Bundle/DBI.pm blib/lib/Bundle/DBI.pm
cp lib/DBD/ExampleP.pm blib/lib/DBD/ExampleP.pm
cp lib/Win32/DBIODBC.pm blib/lib/Win32/DBIODBC.pm
cp lib/DBI/W32ODBC.pm blib/lib/DBI/W32ODBC.pm
cp lib/DBI/DBD.pm blib/lib/DBI/DBD.pm
cp lib/DBI/ProfileData.pm blib/lib/DBI/ProfileData.pm
cp lib/DBD/Proxy.pm blib/lib/DBD/Proxy.pm
cp lib/DBI/Const/GetInfoType.pm blib/lib/DBI/Const/GetInfoType.pm
cp lib/DBI/ProxyServer.pm blib/lib/DBI/ProxyServer.pm
cp dbi_sql.h blib/arch/auto/DBI/dbi_sql.h
cp lib/DBI/ProfileDumper/Apache.pm blib/lib/DBI/ProfileDumper/Apache.pm
cp Driver.xst blib/arch/auto/DBI/Driver.xst
cp lib/DBD/Sponge.pm blib/lib/DBD/Sponge.pm
cp lib/DBI/Const/GetInfo/ODBC.pm blib/lib/DBI/Const/GetInfo/ODBC.pm
/bin/sh -c true
/bin/sh -c true
/usr/bin/perl -p -e "s/~DRIVER~/Perl/g" < blib/arch/auto/DBI/Driver.xst > Perl.xsi
/usr/bin/perl -I/usr/lib/perl5/5.6.1/i686-linux -I/usr/lib/perl5/5.6.1 /usr/lib/perl5/5.6.1/ExtUtils/xsubpp -typemap /usr/lib/perl5/5.6.1/ExtUtils/typemap -typemap typemap Perl.xs > Perl.xsc && mv Perl.xsc Perl.c
cc -c -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -DVERSION=\"1.36\" -DXS_VERSION=\"1.36\" -fpic -I/usr/lib/perl5/5.6.1/i686-linux/CORE -Wall -Wno-comment -DDBI_NO_THREADS Perl.c
dbipport.h:529: warning: `my_sv_2pvbyte' defined but not used
/usr/bin/perl -I/usr/lib/perl5/5.6.1/i686-linux -I/usr/lib/perl5/5.6.1 /usr/lib/perl5/5.6.1/ExtUtils/xsubpp -typemap /usr/lib/perl5/5.6.1/ExtUtils/typemap -typemap typemap DBI.xs > DBI.xsc && mv DBI.xsc DBI.c
cc -c -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -DVERSION=\"1.36\" -DXS_VERSION=\"1.36\" -fpic -I/usr/lib/perl5/5.6.1/i686-linux/CORE -Wall -Wno-comment -DDBI_NO_THREADS DBI.c
DBI.xs: In function `dbih_clearcom':
DBI.xs:1012: warning: unused variable `Perl___notused'
DBI.xs: In function `dbih_get_fbav':
DBI.xs:1151: warning: unused variable `Perl___notused'
DBI.xs: In function `dbih_set_attr_k':
DBI.xs:1318: warning: unused variable `Perl___notused'
DBI.xs:1243: warning: unused variable `Perl___notused'
DBI.xs: In function `dbih_get_attr_k':
DBI.xs:1452: warning: unused variable `Perl___notused'
DBI.xs: In function `log_where':
DBI.xs:1876: warning: unused variable `Perl___notused'
DBI.xs: In function `XS_DBI_dispatch':
DBI.xs:2638: warning: unused variable `Perl___notused'
DBI.c: At top level:
dbipport.h:529: warning: `my_sv_2pvbyte' defined but not used
Running Mkbootstrap for DBI ()
chmod 644 DBI.bs
rm -f blib/arch/auto/DBI/DBI.so
LD_RUN_PATH="" cc -shared -L/usr/local/lib DBI.o -o blib/arch/auto/DBI/DBI.so
chmod 755 blib/arch/auto/DBI/DBI.so
cp DBI.bs blib/arch/auto/DBI/DBI.bs
chmod 644 blib/arch/auto/DBI/DBI.bs
/usr/bin/perl -Iblib/arch -Iblib/lib -I/usr/lib/perl5/5.6.1/i686-linux -I/usr/lib/perl5/5.6.1 dbiproxy.PL dbiproxy
Extracted dbiproxy from dbiproxy.PL with variable substitutions.
cp dbiproxy blib/script/dbiproxy
/usr/bin/perl -I/usr/lib/perl5/5.6.1/i686-linux -I/usr/lib/perl5/5.6.1 -MExtUtils::MakeMaker -e "MY->fixin(shift)" blib/script/dbiproxy
/usr/bin/perl -Iblib/arch -Iblib/lib -I/usr/lib/perl5/5.6.1/i686-linux -I/usr/lib/perl5/5.6.1 dbiprof.PL dbiprof
Extracted dbiprof from dbiprof.PL with variable substitutions.
cp dbiprof blib/script/dbiprof
/usr/bin/perl -I/usr/lib/perl5/5.6.1/i686-linux -I/usr/lib/perl5/5.6.1 -MExtUtils::MakeMaker -e "MY->fixin(shift)" blib/script/dbiprof

Now exim shot me a million messages for automagically rested and when I do a restart in WHM I get this:

May 12 21:36:36 cpanel exim: exim shutdown failed May 12 21:36:36 cpanel exim: antirelayd shutdown failed May 12 21:36:36 cpanel exim: spamd shutdown failed May 12 21:36:36 cpanel exim: exim shutdown failed May 12 21:36:36 cpanel exim: antirelayd shutdown failed May 12 21:36:36 cpanel exim: spamd shutdown failed May 12 21:36:36 cpanel exim: exim shutdown failed May 12 21:36:36 cpanel exim: antirelayd shutdown failed May 12 21:36:36 cpanel exim: spamd shutdown failed May 12 21:36:36 cpanel exim: 2003-05-12 21:36:36 Exim configuration error May 12 21:36:36 cpanel exim: "message_filter" option set for the second time in line 96 May 12 21:36:36 cpanel exim: exim startup failed May 12 21:36:37 cpanel exim: antirelayd startup succeeded May 12 21:39:18 cpanel exim: SNIP...........
...............
cpanel exim: spamd shutdown failed May 16 02:47:42 cpanel exim: exim startup succeeded May 16 02:47:42 cpanel exim: antirelayd startup succeeded May 16 02:55:10 cpanel exim: exim shutdown failed May 16 02:55:10 cpanel exim: antirelayd shutdown failed May 16 02:55:10 cpanel exim: spamd shutdown failed May 16 02:55:10 cpanel exim: exim shutdown failed May 16 02:55:10 cpanel exim: antirelayd shutdown failed May 16 02:55:10 cpanel exim: spamd shutdown failed May 16 02:55:10 cpanel exim: exim shutdown failed May 16 02:55:10 cpanel exim: antirelayd shutdown failed May 16 02:55:10 cpanel exim: spamd shutdown failed May 16 02:55:10 cpanel exim: exim startup succeeded May 16 02:55:11 cpanel exim: antirelayd startup succeeded exim has failed, please contact the sysadmin.

But the damn thing is working!

exim.conf:
this line (cpanel exim: "message_filter" option set for the second time in line 96 May 12 21:36:36 ) does not exist in the conf file (The line message_filter is 87 and line 96 is the one just below message_body_visible):
local_domains = lsearch;/etc/localdomains

message_filter = /etc/antivirus.clam.exim

message_filter_user = mail
message_filter_group = mail

deliver_load_max = 3
deliver_queue_load_max = 5
queue_only_load = 4
message_body_visible = 5000


receiver_verify_hosts = !127.0.0.1/8:0.0.0.0/0

Any suggestions?

 

Dan,

what linux version are you running?

--Tone