Self Signed SSL (https) and Mailscanner (Too much Probs)

Anonymousx

Member
Jul 9, 2004
16
0
151
Hi there,


I wanted to Know, how to Create a Self Signed SSL Certificate from my WHM for one of my Sub Domain / Domain....with 12 months Validity....

Since I am a Beginner, can somebody give me the step-by-step command to do so....Thanks

also I have Installed MailScanner, because of this I am Daily getting 50-100 Mails...saying virus Found....whwnever My Client sends something, mailscanner rebounces and tell virus found....So, How do I fix this thing....as it is checking all files and marking it bad.

a. How do I fix finally
b. what extension file I have to Exclude / Include and where?
c. where are all Quarantined files?

Thank You
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
For MailScanner, first of all make sure that it is MailScanner and not /etc/antivirus.exim that is causing the bounced email. If it's not that file, then the files you need to look in are usually in /usr/mailscanner/etc/file*

Quarntine files are usually stored within /var/spool/MailScanner/quarantine/[date]/[message-id]/*
 

Anonymousx

Member
Jul 9, 2004
16
0
151
Thanks for the reply....

So, as You said I made a Quick Survey....and I found that the messages which I received like:

===========================================================
The following e-mail messages were found to have viruses in them:

Sender:
IP Address: xx.x.xxx.xx
Recipient: [email protected]
Subject: Returned mail: see transcript for details
MessageID: 1BxQhZ-0001zR-QE
Report: photos_arc.exe contains Worm.Mydoom.S
Executable DOS/Windows programs are dangerous in email (photos_arc.exe)
No programs allowed (photos_arc.exe)


--
MailScanner
Email Virus Scanner
www.mailscanner.info


====================================================

The above Mails, I receive them every day around 50-100...I am really worried...
The Message Subject is: Mailscanner

So, thus it shows this is the work of mail scanner.....Now How do You fix it?

Thanks
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,465
30
473
Go on, have a guess
Sorry, I don't understand. Whichever virus scanner you're using with MailScanner has clearly found a virus in the email "photos_arc.exe contains Worm.Mydoom.S". Are you saying you don't want the bounces or that you want a virus to be allowed through?
 

Anonymousx

Member
Jul 9, 2004
16
0
151
No... You got me Wrong......
Like I mentioned I would get 50-100 Mails everyday (or) even more saying, this virus file was found and that virus......I am getting tons of mails..

I only Wanted to stop those mails, Let Mailscanner and CLAMAV do the Job I only wanted NOT to Receive notification.

Thanks for your reply. I figured it out, I changed the /usr/mailscanner/etc/filename.rules.conf file, where it states notify Administrator "yes"
I changed to No
Now I am NOT Receiving any mails......


Thanks
 

Anonymousx

Member
Jul 9, 2004
16
0
151
Thanks for your help...I solved my mail probs.

Can You tell me how do I create a Self Signed SSL Certificate for one of my Domain name for 12yrs validity?

Thanks
 

blairp36

Active Member
Apr 17, 2003
40
0
156
Anonymousx said:
Thanks for your help...I solved my mail probs.

Can You tell me how do I create a Self Signed SSL Certificate for one of my Domain name for 12yrs validity?

Thanks
If you are using WHM/Cpanel to create the cert. it defaults to 1 year now (was 30 days not too long ago). There are a bunch of threads here with people trying to change the default but no one could come up with a solution.

If you want a 12 year cert. you will have to do it manually. What OS are you running? If its Linux I can point you to a very good link to explain how to do it.
 

Anonymousx

Member
Jul 9, 2004
16
0
151
I am Currently Using:

Red hat Enterprise Edition 3
Cpanel / WHM 9.4
Apache 1.3.x

Thanks for the Manual, So, In the Manual it says Install Apache, Mod SSL, OpensSSL

I think these softwares are alredy Installed in my Box, but I am NOT Sure and I don't know how to test them...

Pls tell me how to know whether the above packages are installed?
also Thank You once again for the Link
 

blairp36

Active Member
Apr 17, 2003
40
0
156
Looks like you have everything you need... Same setup I have. Just go to the page "Request, Sign and Install the Certificate". Follow the examples given. Takes about 10 Min. to complete. I just took my time. Not as hard as it looks.

The stuff before that is just good reading.

Let me know how it works out.

Blair
 

Anonymousx

Member
Jul 9, 2004
16
0
151
Thanks Blair,

But I am Stuck in that page....

If I use the Command:

/usr/local/ssl/bin/openssl genrsa \

and

-out /usr/local/apache/conf/ssl.key/server.key
It Generates:
Generating RSA private key, 512 bit long modulus
..........++++++
......................++++++
e is 65537 (0x10001)
But in the Manual it shows 1024 bit, I am Getting above 512bit....
Still I Continued....

cd /usr/local/ssl/CA

it says:

NO SUCH FILE OR DIRECTORY
Again I continued and typed:

../bin/openssl req -new \
> -key /usr/local/apache/conf/ssl.key/server.key \
> -out /usr/local/apache/conf/ssl.csr/server.csr
Now I got following message:

../bin/openssl No Such File or directory
Now Please tell me what to do....I Need your help Badly..Thanks
 

flash7

Well-Known Member
Feb 16, 2004
201
0
166
I've the same box,
my log:

[25/Aug/2004 19:33:29 13247] [info] Server: Apache/1.3.31, Interface: mod_ssl/2.8.19, Library: OpenSSL/0.9.7a
[25/Aug/2004 19:33:29 13247] [info] Init: 1st startup round (still not detached)
[25/Aug/2004 19:33:29 13247] [info] Init: Initializing OpenSSL library
[25/Aug/2004 19:33:29 13247] [info] Init: Seeding PRNG with 136 bytes of entropy
[25/Aug/2004 19:33:29 13247] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[25/Aug/2004 19:33:29 13247] [info] Init: Configuring temporary DH parameters (512/1024 bits)
[25/Aug/2004 19:33:29 13248] [info] Init: 2nd startup round (already detached)
[25/Aug/2004 19:33:29 13248] [info] Init: Reinitializing OpenSSL library
[25/Aug/2004 19:33:29 13248] [info] Init: Seeding PRNG with 136 bytes of entropy
[25/Aug/2004 19:33:29 13248] [info] Init: Configuring temporary RSA private keys (512/1024 bits)
[25/Aug/2004 19:33:29 13248] [info] Init: Configuring temporary DH parameters (512/1024 bits)
[25/Aug/2004 19:33:29 13248] [info] Init: Initializing (virtual) servers for SSL


There are some wrong?
 

blairp36

Active Member
Apr 17, 2003
40
0
156
Hmmm... I think the directory should be /usr/share/ssl/CA (on NO SUCH FILE OR DIRECTORY error).

I've got to make a self-signed cert for someone this weekend on the same spec box you are using. I'll copy the commands and post them here for you.

Blair
 

Anonymousx

Member
Jul 9, 2004
16
0
151
Thanks Blair,

but the site you gave me are in maintenance....anyway I will be frequently checking them out......

How do You create Self Signed SSL from WHM (I think this is the easy way...)
CAN YOU PLEASE EXPLAIN ME THE STEPS, from Past one week....I am trying to do.....seems I am Unable to finish it

Please help me.

Thanks
 

dalem

Well-Known Member
PartnerNOC
Oct 24, 2003
2,976
152
368
SLC
cPanel Access Level
DataCenter Provider
1. IN SSL/TLS CLICK "Generate an SSL Certificate and Signing Request" Fill in the apropriate information

2. IN SSL/TLS Click "Install an SSL Certificate and Setup the Domain"

3. enter the domain or in this case the subdomain in the the domain field. hit the TAB KEY wait a couple seconds the username will be automaticly entered as well as the cert.


4. Click the DO IT button

5. done


thats about as step by step as I can get :)
 

Anonymousx

Member
Jul 9, 2004
16
0
151
Thanks Dalem,

I Installed an SSL Cert. for one of my Domain (ex: mydomain1.com)
I installed the SSL in my Main IP (ex: 65.22.110.130)
after Installation, I opened the Domain:
https://mydomain1.com - It works fine....Cool

now, the Problem is: If I open my other Domain (ex: mydomain2.com) with https

that is:

https://mydomain2.com it opens http://mydomain1.com with Secure Lock

Now it has become a Major Problem.....all my Domains with https is Pointing www.mydomain1.com

what should I do to resolve this Issue

1. Should I Install a SSL Cert. on Separate IPs,
2. should I share the IPs before I Install an SSL Cert.
3. any Pre-Configuration is Neccessary, before Installing an SSL on an IP
4. How do I remove an SSL Certificate

Thanks
 

zwen

Member
Nov 21, 2003
9
0
151
Anonymousx said:
Thanks for your reply. I figured it out, I changed the /usr/mailscanner/etc/filename.rules.conf file, where it states notify Administrator "yes"
I changed to No
hi there,
i have not figured out mine :(
I have edited my MailScanner.conf so that it doesnt notify Administrator... or send warning emails to users ...

However, i am still getting notifications, and users are still getting lots of warning emails that are totally false.

Note: I cannot find "notify Admin" option in filename.rules.conf
Am i looking at the wrong place?

After i edited the conf, i restart EXIM, is there anything else i need to do? Changes simply don't seem to take place...

Someone please advise...
thanks so much
 

Anonymousx

Member
Jul 9, 2004
16
0
151
hi there,
i have not figured out mine
I have edited my MailScanner.conf so that it doesnt notify Administrator... or send warning emails to users ...

However, i am still getting notifications, and users are still getting lots of warning emails that are totally false.

Note: I cannot find "notify Admin" option in filename.rules.conf
Am i looking at the wrong place?

After i edited the conf, i restart EXIM, is there anything else i need to do? Changes simply don't seem to take place...

Someone please advise...
thanks so much
hi zwen,

I am Really Sorry....it is NOT notify admin, it must be notify postmaster......
but still I am NOT Sure....anyway you Open:
pico /usr/mailscanner/etc/filename.rules.conf

then Press CTRL + W

then type: notify post

then press : Enter (return)

se it to: no

Press: CTRL + X

Press : y

then finally Press: Enter

Now Restart your Exim......

but still I am NOT so sure....I will Post again in this Forum tommorrow, as It is Postmaster (or) admin - NOT 100% sure.

If it works for you, post back your reply.

Thanks