The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Release mail from mailscanner quarantine?

Discussion in 'E-mail Discussions' started by knipper, Aug 4, 2004.

  1. knipper

    knipper Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    107
    Likes Received:
    0
    Trophy Points:
    16
    Hey all...

    Mailscanner install has been working great. Stopping tons of spam/viruses. However, today I got a message which was placed in quarantine by mailscanner which I need to retrieve.

    I got the mailscanner notice that your told to forward to helpdesk with the message ID, etc. But how do I actually retrieve, or forward the mail to an inbox.

    I do not want to change any setting in mailscanner as it works well, but need to figure out how to get quarantined messages to the recipient in the event it is a valid message.

    Thanks in advance. :)
     
  2. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Only way I have figured so far is to go to /var/spool/MailScanner/quarantine/”day” and release them manually. Chirpy on this forum may have some other idea.
    HTH
     
  3. knipper

    knipper Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    107
    Likes Received:
    0
    Trophy Points:
    16
    OK....

    Hopefully Chirpy will chime in soon. But how do you actually release it manually? I searched the web... the only thing I can find is about sendmail, not exim. Do I need to copy the file to a different location?

    Any assistance is appreciated!
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    It's easy to do, but depends on your MailScanner.conf settings.

    1. If you have:
    Quarantine Whole Message = yes
    Quarantine Whole Messages As Queue Files = yes

    then to requeue the email to be delivered, you need to go to the indicated directory within:
    /var/spool/MailScanner/quarantine/<date>/<message-id>/
    Then you need to:
    cp -av *-H /var/spool/exim/input/ ; cp -av *-D /var/spool/exim/input/
    one done you'll have to wait for the next exim mail queue run, or run it yourself from WHM > Manage Queue > <message-id> > Deliver Now

    2. If you have:
    Quarantine Whole Message = yes
    Quarantine Whole Messages As Queue Files = no

    then you'll need to go to:
    /var/spool/MailScanner/quarantine/<date>/<message-id>/
    Then append the message file to the users inbox:
    cat <message file> >> /home/username/mail/domain.com/user/inbox

    3. If you have:
    Quarantine Whole Message = no

    then you'll need to copy the files in:
    /var/spool/MailScanner/quarantine/<date>/<message-id>/
    to the users account and have them FTP in to retrieve them:
    cp -a * /home/username/
     
  5. knipper

    knipper Well-Known Member

    Joined:
    Sep 4, 2001
    Messages:
    107
    Likes Received:
    0
    Trophy Points:
    16
    Got it. Thanks, thats what I needed. :D
     
  6. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    So would using this option place much additional overhead on the server?
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Not significantly, I wouldn't have thought. Just make sure that you're have a link to /usr/mailscanner/bin/cron/clean.quarantine.cron in /etc/cron.daily and that you've set $diabled = 0; in the file - so that the quarantine directories get cleared down regularly.

    Personally, I just quarantine the attachments.
     
  8. coralbridge

    coralbridge Member

    Joined:
    Aug 2, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    <quote>
    2. If you have:
    Quarantine Whole Message = yes
    Quarantine Whole Messages As Queue Files = no

    then you'll need to go to:
    /var/spool/MailScanner/quarantine/<date>/<message-id>/
    Then append the message file to the users inbox:
    cat <message file> >> /home/username/mail/domain.com/user/inbox
    </quote>

    Did that. The command works. But the message doesn't end up in the users inbox. Doesn't download and doesn't appear either. The message ID is correct. No fail messages occur.
     
  9. coralbridge

    coralbridge Member

    Joined:
    Aug 2, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    The message is now appended to the inbox, but I can't download it via pop3.

    What have I done wrong?
     
  10. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You don't have your email client configured to "leave messages on server" have you? If you do (which you shuldn't) that will certainly cause problems.
     
  11. coralbridge

    coralbridge Member

    Joined:
    Aug 2, 2004
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1

    No I don't.

    Something strange happened.

    After that command was run, mail coming into the mailbox was appended as you'd expect, but couldn't be downloaded or viewed using Horde or Squirrelmail.
     
  12. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    Why do you say that? Is there a problem with it? I have a bunch of customers that do that, and it seems to cause issues, although I can't be certain. If you've got hard evidence that it does affect the integrity of the account, I'd love to hear it so I can pass it on to my customers.

    P.s. Sorry for going on to a tangent.
     
  13. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Id' be happy to follow the tangent ;)

    I've had the misfortune of having to study the POP3 RFC's. The POP3 protocol was designed as an alternative to SMTP's store and forward which isn't very practical from a non-techy stand point. So, email is sent to an SMTP server which stores it in maildir or mailbox format which the POP3 server allows access to. POP3 knows nothing about message-ids, headers, etc. All it knows about is chunks of text either in separate files or in one big file.

    Now, along comes the POP3 client that is meant to login to the POP3 account, retrieve the email, delete it and log out. The logout (QUIT) actions the delete (it isn't done interactively because POP3 is fault tolerant and only deletes after a successful session completion).So far as the POP3 server is concerned, that's it.

    Now, along comes some fancy shmancy POP3 client (most now) that has this wacky feature called "leave messages on the server and only retrieve new ones". The POP3 client keeps track of which messages it has downloaded and which it hasn't. How it does that has nothing whatsoever to do with the POP3 server which knows nothing of such advances in technology. The client could use any number of methods of keeping track of what's going on, including the message-id from email headers that it has retrieved, the number of the message from the bottom/top of the file, by date and time even - who knows? Not the POP3 server.

    Then along comes billy customer, "boo hoo, my POP email keeps coming in twice" or " boo hoo, I'm not receiving all me email, some are skipped, but if I look at my POP3 account, there they are". Whose fault is it? The POP3 client. Tell the customer not to do that - sily boy.

    If someone wants to leave email on a server use IMAP - that was written with exactly this feature in mind, i.e. leaving email on the server and keeping track of where and what it is.
     
  14. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    You're probably suffering from the hardlink disconnect between your inbox in /home/username/mail/user/inbox and /home/username/mail/domain/user/inbox, one of which is used for web-based email, the other for POP3 email. There's a script kicking around to periodically fix it. Though I wish cPanel would sort it out once and for all.
     
  15. puzz1ed1

    puzz1ed1 Active Member

    Joined:
    Jan 31, 2004
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Thurrock, UK
    Got exactly the same problem, but user using POP3 as it's supposed to be. Admitedly doesn't help that it was 5 avi files weighing in at a total of 60MB (do hope he's on broadband)!

    Anyone know where the script to fix the link error is - will try that...

    Steve
     
  16. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
  17. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
Loading...

Share This Page