Phishing?
Aric, have you tried the phishing feature in MailScanner? If so, is it reliable? Does it kill legitimate e-mail too? I'm seeing tons of these phishing e-mails in my own accounts, and I get a lot of users who ask support questions about disabling them. But I'm a little nervous turning the phishing feature on in MailScanner for fear it might kill legitimate e-mail too.Aric1 said:
I'm using Exim+Exiscan+Clamav+RBL+Spamassassin+SARE+Razor+DCC installed by rvskin and it's working GREAT!!! Load was getting up to 100 and now is always bellow 0.5, memory usage also bellow 50%. HUGE performance increase!!!
Before that the server was crashing every two days with more than 100 spamd processes.
Thanks rvskin!
Before that the server was crashing every two days with more than 100 spamd processes.
Thanks rvskin!
ldomingues, in your server spam filtering doesn't configure server-wide. Only RBL, and virus scanning is configured server-wide. However, individual spamassassin get boosted by SARE+Razor+DCC. If configure spam filtering server-wide, it will consume a lot CPU.
Last edited:
Yes, I use it. The phishing scanner doesn't delete messages, it modifies them to tell you when MailScanner notes a URI where the link is different what the text of the message says...PeteC said:
It will do something like this (wording may be slightly different because I am remembering this off the top of my head):
MailScanner has noticed the following link:
REAL LINK HERE
does not match the link displayed in the mesaage:
DISPLAYED LINK HERE
and then it is up to you to decide if it is safe to click.
It does catch phishing scams. I've got fast servers, so I can't really answer just how much extra load the phishing scans add, but it is something you might want to experiment with.
I understand rvskin, but what was happening before is that I had hundreds of spamd processes running on the server (it should be limited to 5).
That was crashing the server (which has very few traffic).
That happened since upgrade to SA 3. Never happened before. Now everything is working fine!
That was crashing the server (which has very few traffic).
That happened since upgrade to SA 3. Never happened before. Now everything is working fine!
There is a beta-level SPAMD module for WHM now that will allow you to set limits on SPAMD.ldomingues said:
Aric, Thanks for the phishing feedback.
I'm also considering implementing the SURBL filtering server-wide as discussed here:
http://forums.cpanel.net/showthread.php?t=31710
That seems to hold a lot of promise. I am reluctant to implement SpamAssassin server-wide, but it is becoming obvious I need to do more server-wide spam filtering, as more and more customers are getting burdened by the mushrooming spam...
Sorry if this is somewhat off-topic.
I'm also considering implementing the SURBL filtering server-wide as discussed here:
http://forums.cpanel.net/showthread.php?t=31710
That seems to hold a lot of promise. I am reluctant to implement SpamAssassin server-wide, but it is becoming obvious I need to do more server-wide spam filtering, as more and more customers are getting burdened by the mushrooming spam...
Sorry if this is somewhat off-topic.
Server load increased considerably post mailscanner installation
I was recently plauged by the spam attack on my server, which was until now working absolutely fine with .5 to .8 server load and 25% to 35% memory usage....
Suddenly, my server started getting spams on few domains and it was brining down my exim everytime i rebooted the server leaving me with no option other than removing 5 to 6 domains from my server so as to ease the mail traffic.
But somehow, new domains got effected soon and I then read about chirpy's mailscanner solution and got 1 installed on my server.
The best part: my mail traffic decreased considerably to almost HALF
The Bad part: my cpu and mem usage shooted up like anything 10 to 12 & 75% to 80% respectively and now I am stucked with my server going down everytime or mails getting delayed due to exim configuration of server_load; 4
Can somebody or chirpy help me find a solution to this. I have been told to increase my memory but i really donot see the reason as my server was working just fine before this spam attach and the mailscanner solution being installed....
Thanks
Sandeep
I was recently plauged by the spam attack on my server, which was until now working absolutely fine with .5 to .8 server load and 25% to 35% memory usage....
Suddenly, my server started getting spams on few domains and it was brining down my exim everytime i rebooted the server leaving me with no option other than removing 5 to 6 domains from my server so as to ease the mail traffic.
But somehow, new domains got effected soon and I then read about chirpy's mailscanner solution and got 1 installed on my server.
The best part: my mail traffic decreased considerably to almost HALF
The Bad part: my cpu and mem usage shooted up like anything 10 to 12 & 75% to 80% respectively and now I am stucked with my server going down everytime or mails getting delayed due to exim configuration of server_load; 4
Can somebody or chirpy help me find a solution to this. I have been told to increase my memory but i really donot see the reason as my server was working just fine before this spam attach and the mailscanner solution being installed....
Thanks
Sandeep
Sandeep,
I can repeat what I've already told you twice if you want. Your server was using over 500MB of swapfile space, i.e. it is memory thrashing. This has little to do with MailScanner. Yes, it can add load to a server, but as I had it configured it was only using 20MB of memory - that's all. Your problems lie elsewhere.
As I've already offered twice as well, I'd be more than happy to remove MailScanner for you if you feel that is to blame, so that you can find another solution.
Why you feel the need to post here, rather than simply ask me to remove MailScanner as I have offered, I don't know
I can repeat what I've already told you twice if you want. Your server was using over 500MB of swapfile space, i.e. it is memory thrashing. This has little to do with MailScanner. Yes, it can add load to a server, but as I had it configured it was only using 20MB of memory - that's all. Your problems lie elsewhere.
As I've already offered twice as well, I'd be more than happy to remove MailScanner for you if you feel that is to blame, so that you can find another solution.
Why you feel the need to post here, rather than simply ask me to remove MailScanner as I have offered, I don't know
The reason I posted here was simply because I am looking for help. In no way I have offended you or your service and infact I said that your solution has worked for me, but I still have problems.
If u read through my post, you will see that my server was funtioning well, before this spam attack happend.
I agree that the problem may be somewhere else and thus removing the mailscanner won't be the solution.. I trust you for what you have said.
Instead, if you could look into my server and see where exactly the problem lies, and resolve the same, that would have been really helpfull.. (ofcouse I would pay you for your services.. )
Please, suggest me a way to handle this as I'm seeing myself in a fix
Thanks
Sandeep
If u read through my post, you will see that my server was funtioning well, before this spam attack happend.
I agree that the problem may be somewhere else and thus removing the mailscanner won't be the solution.. I trust you for what you have said.
Instead, if you could look into my server and see where exactly the problem lies, and resolve the same, that would have been really helpfull.. (ofcouse I would pay you for your services.. )
Please, suggest me a way to handle this as I'm seeing myself in a fix
Thanks
Sandeep
Hello,rvskin said:
This is a great tutorial... and I have read to thread and see that people havent had any major problems installing it. But I have come across an error.
When compiling Razor-Agent 2.67 "make install" fails with this message:
Digest::SHA1 object version 2.01 does not match bootstrap parameter 2.10 at /usr/lib/perl5/5.8.0/i386-linux-thread-multi/DynaLoader.pm line 249.
Compilation failed in require at lib/Razor2/String.pm line 4.
BEGIN failed--compilation aborted at lib/Razor2/String.pm line 4.
Compilation failed in require at (eval 7) line 3.
...propagated at /usr/lib/perl5/5.8.0/base.pm line 64.
BEGIN failed--compilation aborted at lib/Razor2/Client/Core.pm line 21.
Compilation failed in require at (eval 4) line 3.
...propagated at /usr/lib/perl5/5.8.0/base.pm line 64.
BEGIN failed--compilation aborted at lib/Razor2/Client/Agent.pm line 18.
Compilation failed in require at blib/script/razor-client line 21.
BEGIN failed--compilation aborted at blib/script/razor-client line 21.
make: *** [install_razor_agents] Error 2
I have been following the instructions properly. I would like to point out that I am using the latest stable build of cPanel/WHM, and I am running Red Hat Linux Enterprise 3.0 ES.
Has anybody come across this error to date? If so, have you been able to solve it?
-- Thanks
ADDED: Figured it out, had to force the perlinstaller by using --force.
Last edited:
